This commit is contained in:
James Andariese 2023-04-27 20:09:43 -05:00
parent 673af96617
commit 907d4ae12c
31 changed files with 17080 additions and 0 deletions

31
argo1/templates/pgo.yaml Normal file
View File

@ -0,0 +1,31 @@
# {{ if (index .Values "pgo").enabled }}
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: {{ .Release.Name }}-pgo
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: "{{ .Values.bootstrap.source.repoURL }}"
targetRevision: "{{ .Values.bootstrap.source.targetRevision }}"
path: {{ (index .Values "pgo").path | default "pgo" | quote }}
destination:
server: "https://kubernetes.default.svc"
namespace: {{ (index .Values "pgo").namespace | default "postgres-operator" | quote }}
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
retry:
limit: 10
backoff:
duration: 5s
factor: 2
maxDuration: 3m0s
# {{- end }}

View File

@ -40,6 +40,8 @@ openebs:
values: |
# values.yaml for openebs here
external-secrets: {enabled: true}
pgo: {enabled: true}
secrets: {enabled: true}
sealed-secrets: {enabled: true}
trust-manager: {enabled: true}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,3 @@
resources:
- bases/postgres-operator.crunchydata.com_postgresclusters.yaml
- bases/postgres-operator.crunchydata.com_pgupgrades.yaml

View File

@ -0,0 +1,25 @@
namespace: postgres-operator
commonLabels:
app.kubernetes.io/name: pgo
# The version below should match the version on the PostgresCluster CRD
app.kubernetes.io/version: 5.3.0
bases:
- ../crd
- ../rbac/cluster
- ../manager
images:
- name: postgres-operator
newName: registry.developers.crunchydata.com/crunchydata/postgres-operator
newTag: ubi8-5.3.0-0
- name: postgres-operator-upgrade
newName: registry.developers.crunchydata.com/crunchydata/postgres-operator-upgrade
newTag: ubi8-5.3.0-0
patchesJson6902:
- target: { group: apps, version: v1, kind: Deployment, name: pgo }
path: selectors.yaml
- target: { group: apps, version: v1, kind: Deployment, name: pgo-upgrade }
path: selectors.yaml

View File

@ -0,0 +1,8 @@
# We add the app version as a "commonLabel" and change it with each release.
# Remove it from selectors until we use "labels" of Kustomize v4.1.
# See: https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/commonlabels/
# See: https://github.com/kubernetes-sigs/kustomize/releases/tag/kustomize%2Fv4.1.0
- op: remove
path: /spec/selector/matchLabels/app.kubernetes.io~1name
- op: remove
path: /spec/selector/matchLabels/app.kubernetes.io~1version

View File

@ -0,0 +1,3 @@
resources:
- manager.yaml
- manager-upgrade.yaml

View File

@ -0,0 +1,36 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: pgo-upgrade
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade
spec:
replicas: 1
strategy: { type: Recreate }
selector:
matchLabels:
postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade
template:
metadata:
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade
spec:
containers:
- name: operator
image: postgres-operator-upgrade
env:
- name: PGO_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: CRUNCHY_DEBUG
value: "true"
- name: RELATED_IMAGE_PGUPGRADE
value: "registry.developers.crunchydata.com/crunchydata/crunchy-upgrade:ubi8-5.3.0-0"
securityContext:
allowPrivilegeEscalation: false
capabilities: { drop: [ALL] }
readOnlyRootFilesystem: true
runAsNonRoot: true
serviceAccountName: postgres-operator-upgrade

View File

@ -0,0 +1,60 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: pgo
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator
spec:
replicas: 1
strategy: { type: Recreate }
selector:
matchLabels:
postgres-operator.crunchydata.com/control-plane: postgres-operator
template:
metadata:
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator
spec:
containers:
- name: operator
image: postgres-operator
env:
- name: PGO_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: CRUNCHY_DEBUG
value: "true"
- name: RELATED_IMAGE_POSTGRES_13
value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-13.9-2"
- name: RELATED_IMAGE_POSTGRES_13_GIS_3.0
value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-13.9-3.0-2"
- name: RELATED_IMAGE_POSTGRES_13_GIS_3.1
value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-13.9-3.1-2"
- name: RELATED_IMAGE_POSTGRES_14
value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-14.6-2"
- name: RELATED_IMAGE_POSTGRES_14_GIS_3.1
value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-14.6-3.1-2"
- name: RELATED_IMAGE_POSTGRES_14_GIS_3.2
value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-14.6-3.2-2"
- name: RELATED_IMAGE_POSTGRES_14_GIS_3.3
value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-14.6-3.3-2"
- name: RELATED_IMAGE_POSTGRES_15
value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres:ubi8-15.1-0"
- name: RELATED_IMAGE_POSTGRES_15_GIS_3.3
value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-gis:ubi8-15.1-3.3-0"
- name: RELATED_IMAGE_PGADMIN
value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgadmin4:ubi8-4.30-8"
- name: RELATED_IMAGE_PGBACKREST
value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgbackrest:ubi8-2.41-2"
- name: RELATED_IMAGE_PGBOUNCER
value: "registry.developers.crunchydata.com/crunchydata/crunchy-pgbouncer:ubi8-1.17-5"
- name: RELATED_IMAGE_PGEXPORTER
value: "registry.developers.crunchydata.com/crunchydata/crunchy-postgres-exporter:ubi8-5.3.0-0"
securityContext:
allowPrivilegeEscalation: false
capabilities: { drop: [ALL] }
readOnlyRootFilesystem: true
runAsNonRoot: true
serviceAccountName: pgo

View File

@ -0,0 +1,2 @@
resources:
- namespace.yaml

View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: postgres-operator

View File

@ -0,0 +1,7 @@
resources:
- service_account.yaml
- role.yaml
- role_binding.yaml
- service_account-upgrade.yaml
- role-upgrade.yaml
- role_binding-upgrade.yaml

View File

@ -0,0 +1,71 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: postgres-operator-upgrade
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade
rules:
- apiGroups:
- ""
resources:
- endpoints
verbs:
- delete
- get
- list
- watch
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- list
- watch
- apiGroups:
- batch
resources:
- jobs
verbs:
- create
- delete
- list
- patch
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- pgupgrades
verbs:
- get
- list
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- pgupgrades/finalizers
verbs:
- patch
- update
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- pgupgrades/status
verbs:
- get
- patch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters
verbs:
- get
- list
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters/status
verbs:
- patch

View File

@ -0,0 +1,135 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: postgres-operator
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator
rules:
- apiGroups:
- ''
resources:
- configmaps
- persistentvolumeclaims
- secrets
- services
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- endpoints
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- endpoints/restricted
- pods/exec
verbs:
- create
- apiGroups:
- ''
resources:
- events
verbs:
- create
- patch
- apiGroups:
- ''
resources:
- pods
verbs:
- delete
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- serviceaccounts
verbs:
- create
- get
- list
- patch
- watch
- apiGroups:
- apps
resources:
- deployments
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- batch
resources:
- cronjobs
- jobs
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters
verbs:
- get
- list
- patch
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters/finalizers
verbs:
- update
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters/status
verbs:
- patch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
- roles
verbs:
- create
- get
- list
- patch
- watch

View File

@ -0,0 +1,14 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: postgres-operator-upgrade
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: postgres-operator-upgrade
subjects:
- kind: ServiceAccount
name: postgres-operator-upgrade

View File

@ -0,0 +1,14 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: postgres-operator
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: postgres-operator
subjects:
- kind: ServiceAccount
name: pgo

View File

@ -0,0 +1,7 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: postgres-operator-upgrade
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade

View File

@ -0,0 +1,7 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: pgo
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator

View File

@ -0,0 +1,7 @@
resources:
- service_account.yaml
- role.yaml
- role_binding.yaml
- service_account-upgrade.yaml
- role-upgrade.yaml
- role_binding-upgrade.yaml

View File

@ -0,0 +1,71 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
creationTimestamp: null
name: postgres-operator-upgrade
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade
rules:
- apiGroups:
- ""
resources:
- endpoints
verbs:
- delete
- get
- list
- watch
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- list
- watch
- apiGroups:
- batch
resources:
- jobs
verbs:
- create
- delete
- list
- patch
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- pgupgrades
verbs:
- get
- list
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- pgupgrades/finalizers
verbs:
- patch
- update
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- pgupgrades/status
verbs:
- get
- patch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters
verbs:
- get
- list
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters/status
verbs:
- patch

View File

@ -0,0 +1,135 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: postgres-operator
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator
rules:
- apiGroups:
- ''
resources:
- configmaps
- persistentvolumeclaims
- secrets
- services
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- endpoints
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- endpoints/restricted
- pods/exec
verbs:
- create
- apiGroups:
- ''
resources:
- events
verbs:
- create
- patch
- apiGroups:
- ''
resources:
- pods
verbs:
- delete
- get
- list
- patch
- watch
- apiGroups:
- ''
resources:
- serviceaccounts
verbs:
- create
- get
- list
- patch
- watch
- apiGroups:
- apps
resources:
- deployments
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- batch
resources:
- cronjobs
- jobs
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- create
- delete
- get
- list
- patch
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters
verbs:
- get
- list
- patch
- watch
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters/finalizers
verbs:
- update
- apiGroups:
- postgres-operator.crunchydata.com
resources:
- postgresclusters/status
verbs:
- patch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
- roles
verbs:
- create
- get
- list
- patch
- watch

View File

@ -0,0 +1,14 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: postgres-operator-upgrade
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: postgres-operator-upgrade
subjects:
- kind: ServiceAccount
name: postgres-operator-upgrade

View File

@ -0,0 +1,14 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: postgres-operator
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: postgres-operator
subjects:
- kind: ServiceAccount
name: pgo

View File

@ -0,0 +1,7 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: postgres-operator-upgrade
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator-upgrade

View File

@ -0,0 +1,7 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: pgo
labels:
postgres-operator.crunchydata.com/control-plane: postgres-operator

View File

@ -0,0 +1,29 @@
namespace: postgres-operator
commonLabels:
app.kubernetes.io/name: pgo
# The version below should match the version on the PostgresCluster CRD
app.kubernetes.io/version: 5.3.0
bases:
- ../crd
- ../rbac/namespace
- ../manager
images:
- name: postgres-operator
newName: registry.developers.crunchydata.com/crunchydata/postgres-operator
newTag: ubi8-5.3.0-0
- name: postgres-operator-upgrade
newName: registry.developers.crunchydata.com/crunchydata/postgres-operator-upgrade
newTag: ubi8-5.3.0-0
patchesJson6902:
- target: { group: apps, version: v1, kind: Deployment, name: pgo }
path: selectors.yaml
- target: { group: apps, version: v1, kind: Deployment, name: pgo-upgrade }
path: selectors.yaml
patchesStrategicMerge:
- manager-target.yaml
- manager-target-upgrade.yaml

View File

@ -0,0 +1,13 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: pgo-upgrade
spec:
template:
spec:
containers:
- name: operator
env:
- name: PGO_TARGET_NAMESPACE
valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } }

View File

@ -0,0 +1,13 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: pgo
spec:
template:
spec:
containers:
- name: operator
env:
- name: PGO_TARGET_NAMESPACE
valueFrom: { fieldRef: { apiVersion: v1, fieldPath: metadata.namespace } }

View File

@ -0,0 +1,8 @@
# We add the app version as a "commonLabel" and change it with each release.
# Remove it from selectors until we use "labels" of Kustomize v4.1.
# See: https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/commonlabels/
# See: https://github.com/kubernetes-sigs/kustomize/releases/tag/kustomize%2Fv4.1.0
- op: remove
path: /spec/selector/matchLabels/app.kubernetes.io~1name
- op: remove
path: /spec/selector/matchLabels/app.kubernetes.io~1version

4
pgo/kustomization.yaml Normal file
View File

@ -0,0 +1,4 @@
namespace: postgres-operator
bases:
- install/default