Skip to content

Commit aaed597

Browse files
github-actions[bot]github-actions[bot]
authored
Release 2.6.0 (#2000)
Release 2.6.0
1 parent 912d794 commit aaed597

20 files changed

+3311
-148
lines changed

bundle.Dockerfile

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
FROM scratch
22

3+
LABEL com.redhat.openshift.versions="v4.8"
4+
LABEL com.redhat.delivery.backport=true
5+
LABEL com.redhat.delivery.operator.bundle=true
6+
37
# Core bundle labels.
48
LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
59
LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
610
LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
711
LABEL operators.operatorframework.io.bundle.package.v1=mongodb-atlas-kubernetes
812
LABEL operators.operatorframework.io.bundle.channels.v1=stable
913
LABEL operators.operatorframework.io.bundle.channel.default.v1=stable
10-
LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.35.0
14+
LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.34.1
1115
LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1
1216
LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v4
1317

bundle/manifests/atlas.mongodb.com_atlascustomroles.yaml

Lines changed: 93 additions & 71 deletions
Original file line numberDiff line numberDiff line change
@@ -26,15 +26,16 @@ spec:
2626
- jsonPath: .status.conditions[?(@.type=="Ready")].status
2727
name: Ready
2828
type: string
29-
- jsonPath: .spec.name
29+
- jsonPath: .spec.role.name
3030
name: Name
3131
type: string
32-
- jsonPath: .status.project.id
32+
- jsonPath: .spec.projectIDRef.id
3333
name: Project ID
3434
type: string
3535
name: v1
3636
schema:
3737
openAPIV3Schema:
38+
description: AtlasCustomRole is the Schema for the AtlasCustomRole API
3839
properties:
3940
apiVersion:
4041
description: |-
@@ -54,43 +55,9 @@ spec:
5455
metadata:
5556
type: object
5657
spec:
57-
description: AtlasCustomRoleSpec
58+
description: AtlasCustomRoleSpec defines the desired state of CustomRole
59+
in Atlas
5860
properties:
59-
actions:
60-
description: List of the individual privilege actions that the role
61-
grants.
62-
items:
63-
properties:
64-
name:
65-
description: Human-readable label that identifies the privilege
66-
action.
67-
type: string
68-
resources:
69-
description: List of resources on which you grant the action.
70-
items:
71-
properties:
72-
cluster:
73-
description: Flag that indicates whether to grant the
74-
action on the cluster resource. If true, MongoDB Cloud
75-
ignores Database and Collection parameters.
76-
type: boolean
77-
collection:
78-
description: Human-readable label that identifies the
79-
collection on which you grant the action to one MongoDB
80-
user.
81-
type: string
82-
database:
83-
description: Human-readable label that identifies the
84-
database on which you grant the action to one MongoDB
85-
user.
86-
type: string
87-
type: object
88-
type: array
89-
required:
90-
- name
91-
- resources
92-
type: object
93-
type: array
9461
connectionSecret:
9562
description: Name of the secret containing Atlas API private and public
9663
keys
@@ -103,39 +70,103 @@ spec:
10370
required:
10471
- name
10572
type: object
106-
inheritedRoles:
107-
description: List of the built-in roles that this custom role inherits.
108-
items:
109-
properties:
110-
database:
111-
description: Human-readable label that identifies the database
112-
on which someone grants the action to one MongoDB user.
113-
type: string
114-
name:
115-
description: Human-readable label that identifies the role inherited.
116-
type: string
117-
required:
118-
- database
119-
- name
120-
type: object
121-
type: array
122-
name:
123-
description: Name of the custom role
124-
type: string
125-
projectIDRef:
126-
description: ID of the Atlas Project this role is attached to
73+
externalProjectRef:
74+
description: Optional ID of the Atlas Project this role is attached
75+
to. Mutually exclusive with "projectRef" field
12776
properties:
12877
id:
12978
description: ID is the Atlas project ID
130-
pattern: ^([a-f0-9]{24})$
13179
type: string
13280
required:
13381
- id
13482
type: object
83+
projectRef:
84+
description: Optional reference to an AtlasProject custom resource.
85+
Mutually exclusive with "externalProjectRef" field
86+
properties:
87+
name:
88+
description: Name is the name of the Kubernetes Resource
89+
type: string
90+
namespace:
91+
description: Namespace is the namespace of the Kubernetes Resource
92+
type: string
93+
required:
94+
- name
95+
type: object
96+
role:
97+
properties:
98+
actions:
99+
description: List of the individual privilege actions that the
100+
role grants.
101+
items:
102+
properties:
103+
name:
104+
description: Human-readable label that identifies the privilege
105+
action.
106+
type: string
107+
resources:
108+
description: List of resources on which you grant the action.
109+
items:
110+
properties:
111+
cluster:
112+
description: Flag that indicates whether to grant
113+
the action on the cluster resource. If true, MongoDB
114+
Cloud ignores Database and Collection parameters.
115+
type: boolean
116+
collection:
117+
description: Human-readable label that identifies
118+
the collection on which you grant the action to
119+
one MongoDB user.
120+
type: string
121+
database:
122+
description: Human-readable label that identifies
123+
the database on which you grant the action to one
124+
MongoDB user.
125+
type: string
126+
type: object
127+
type: array
128+
required:
129+
- name
130+
- resources
131+
type: object
132+
type: array
133+
inheritedRoles:
134+
description: List of the built-in roles that this custom role
135+
inherits.
136+
items:
137+
properties:
138+
database:
139+
description: Human-readable label that identifies the database
140+
on which someone grants the action to one MongoDB user.
141+
type: string
142+
name:
143+
description: Human-readable label that identifies the role
144+
inherited.
145+
type: string
146+
required:
147+
- database
148+
- name
149+
type: object
150+
type: array
151+
name:
152+
description: Human-readable label that identifies the role. This
153+
name must be unique for this custom role in this project.
154+
type: string
155+
required:
156+
- name
157+
type: object
135158
required:
136-
- name
137-
- projectIDRef
159+
- role
138160
type: object
161+
x-kubernetes-validations:
162+
- message: must define only one project reference through externalProjectRef
163+
or projectRef
164+
rule: (has(self.externalProjectRef) && !has(self.projectRef)) || (!has(self.externalProjectRef)
165+
&& has(self.projectRef))
166+
- message: must define a local connection secret when referencing an external
167+
project
168+
rule: (has(self.externalProjectRef) && has(self.connectionSecret)) ||
169+
!has(self.externalProjectRef)
139170
status:
140171
description: |-
141172
AtlasCustomRoleStatus is a status for the AtlasCustomRole Custom resource.
@@ -177,15 +208,6 @@ spec:
177208
The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource.
178209
format: int64
179210
type: integer
180-
project:
181-
properties:
182-
id:
183-
type: string
184-
ready:
185-
type: boolean
186-
type: object
187-
roleStatus:
188-
type: string
189211
required:
190212
- conditions
191213
type: object

bundle/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml

Lines changed: 12 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -71,8 +71,8 @@ spec:
7171
- ROLE
7272
type: string
7373
connectionSecret:
74-
description: LocalObjectReference is a reference to an object in the
75-
same namespace as the referent
74+
description: Name of the secret containing Atlas API private and public
75+
keys
7676
properties:
7777
name:
7878
description: |-
@@ -84,8 +84,11 @@ spec:
8484
type: object
8585
databaseName:
8686
default: admin
87-
description: DatabaseName is a Database against which Atlas authenticates
88-
the user. Default value is 'admin'.
87+
description: |-
88+
DatabaseName is a Database against which Atlas authenticates the user.
89+
If the user authenticates with AWS IAM, x.509, LDAP, or OIDC Workload this value should be '$external'.
90+
If the user authenticates with SCRAM-SHA or OIDC Workforce, this value should be 'admin'.
91+
Default value is 'admin'.
8992
type: string
9093
deleteAfterDate:
9194
description: |-
@@ -123,13 +126,13 @@ spec:
123126
oidcAuthType:
124127
default: NONE
125128
description: |-
126-
Human-readable label that indicates whether the new database Username
127-
with OIDC federated authentication.
128-
To create a federated authentication user, specify the value
129-
of IDP_GROUP for this field
129+
Human-readable label that indicates whether the new database Username with OIDC federated authentication.
130+
To create a federated authentication group (Workforce), specify the value of IDP_GROUP in this field.
131+
To create a federated authentication user (Workload), specify the value of USER in this field.
130132
enum:
131133
- NONE
132134
- IDP_GROUP
135+
- USER
133136
type: string
134137
passwordSecretRef:
135138
description: PasswordSecret is a reference to the Secret keeping the
@@ -212,7 +215,7 @@ spec:
212215
Username is a username for authenticating to MongoDB
213216
Human-readable label that represents the user that authenticates to MongoDB. The format of this label depends on the method of authentication:
214217
In case of AWS IAM: the value should be AWS ARN for the IAM User/Role;
215-
In case of OIDC: the value should be the Identity Provider ID;
218+
In case of OIDC Workload or Workforce: the value should be the Atlas OIDC IdP ID, followed by a '/', followed by the IdP group name;
216219
In case of Plain text auth: the value can be anything
217220
maxLength: 1024
218221
type: string

bundle/manifests/atlas.mongodb.com_atlasdeployments.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -72,8 +72,8 @@ spec:
7272
- name
7373
type: object
7474
connectionSecret:
75-
description: LocalObjectReference is a reference to an object in the
76-
same namespace as the referent
75+
description: Name of the secret containing Atlas API private and public
76+
keys
7777
properties:
7878
name:
7979
description: |-

bundle/manifests/atlas.mongodb.com_atlasfederatedauths.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,13 @@ spec:
6464
required:
6565
- name
6666
type: object
67+
dataAccessIdentityProviders:
68+
description: |-
69+
The collection of unique ids representing the identity providers that can be used for data access in this organization.
70+
Currently connected data access identity providers missing from the this field will be disconnected.
71+
items:
72+
type: string
73+
type: array
6774
domainAllowList:
6875
description: Approved domains that restrict users who can join the
6976
organization based on their email address.

0 commit comments

Comments
 (0)