CrunchyData
diff --git a/‎cmd/postgres-operator/main.go‎
Lines changed: 17 additions & 0 deletions b/‎cmd/postgres-operator/main.go‎
Lines changed: 17 additions & 0 deletions
diff --git a/‎config/crd/bases/postgres-operator.crunchydata.com_crunchybridgeclusters.yaml‎
Lines changed: 285 additions & 0 deletions b/‎config/crd/bases/postgres-operator.crunchydata.com_crunchybridgeclusters.yaml‎
Lines changed: 285 additions & 0 deletions
diff --git a/‎config/crd/kustomization.yaml‎
Lines changed: 1 addition & 0 deletions b/‎config/crd/kustomization.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎config/rbac/role.yaml‎
Lines changed: 18 additions & 0 deletions b/‎config/rbac/role.yaml‎
Lines changed: 18 additions & 0 deletions
@@ -9,6 +9,7 @@ import (
 	"crypto/tls"
 	"errors"
 	"fmt"
+	"net/http"
 	"os"
 	"os/signal"
 	"strconv"
@@ -23,6 +24,8 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/healthz"
 	"sigs.k8s.io/controller-runtime/pkg/metrics/filters"
 
+	"github.com/crunchydata/postgres-operator/internal/bridge"
+	"github.com/crunchydata/postgres-operator/internal/bridge/crunchybridgecluster"
 	"github.com/crunchydata/postgres-operator/internal/controller/pgupgrade"
 	"github.com/crunchydata/postgres-operator/internal/controller/postgrescluster"
 	"github.com/crunchydata/postgres-operator/internal/controller/runtime"
@@ -238,10 +241,24 @@ func main() {
 	manager := need(runtime.NewManager(config, options))
 	must(manager.Add(k8s))
 
+	bridgeURL := os.Getenv("PGO_BRIDGE_URL")
+	bridgeClient := func() *bridge.Client {
+		client := bridge.NewClient(bridgeURL, versionString)
+		client.Transport = otelTransportWrapper()(http.DefaultTransport)
+		return client
+	}
+
 	// add all PostgreSQL Operator controllers to the runtime manager
 	must(pgupgrade.ManagedReconciler(manager))
 	must(postgrescluster.ManagedReconciler(manager))
 	must(standalone_pgadmin.ManagedReconciler(manager))
+	must(crunchybridgecluster.ManagedReconciler(manager, func() bridge.ClientInterface {
+		return bridgeClient()
+	}))
+
+	if features.Enabled(feature.BridgeIdentifiers) {
+		must(bridge.ManagedInstallationReconciler(manager, bridgeClient))
+	}
 
 	// Enable health probes
 	must(manager.AddHealthzCheck("health", healthz.Ping))
 
@@ -0,0 +1,285 @@
+---
+# controller-gen.kubebuilder.io/version: v0.18.0
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: crunchybridgeclusters.postgres-operator.crunchydata.com
+spec:
+  group: postgres-operator.crunchydata.com
+  names:
+    kind: CrunchyBridgeCluster
+    listKind: CrunchyBridgeClusterList
+    plural: crunchybridgeclusters
+    singular: crunchybridgecluster
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        description: CrunchyBridgeCluster is the Schema for the crunchybridgeclusters
+          API
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: |-
+              CrunchyBridgeClusterSpec defines the desired state of CrunchyBridgeCluster
+              to be managed by Crunchy Data Bridge
+            properties:
+              clusterName:
+                description: The name of the cluster
+                maxLength: 50
+                minLength: 5
+                pattern: ^[A-Za-z][A-Za-z0-9\-_ ]*[A-Za-z0-9]$
+                type: string
+              isHa:
+                description: |-
+                  Whether the cluster is high availability,
+                  meaning that it has a secondary it can fail over to quickly
+                  in case the primary becomes unavailable.
+                type: boolean
+              isProtected:
+                description: |-
+                  Whether the cluster is protected. Protected clusters can't be destroyed until
+                  their protected flag is removed
+                type: boolean
+              majorVersion:
+                description: |-
+                  The ID of the cluster's major Postgres version.
+                  Currently Bridge offers 13-17
+                maximum: 17
+                minimum: 13
+                type: integer
+              metadata:
+                description: Metadata contains metadata for custom resources
+                properties:
+                  annotations:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                type: object
+              plan:
+                description: The ID of the cluster's plan. Determines instance, CPU,
+                  and memory.
+                type: string
+              provider:
+                description: |-
+                  The cloud provider where the cluster is located.
+                  Currently Bridge offers aws, azure, and gcp only
+                enum:
+                - aws
+                - azure
+                - gcp
+                maxLength: 5
+                type: string
+                x-kubernetes-validations:
+                - message: immutable
+                  rule: self == oldSelf
+              region:
+                description: The provider region where the cluster is located.
+                type: string
+                x-kubernetes-validations:
+                - message: immutable
+                  rule: self == oldSelf
+              roles:
+                description: |-
+                  Roles for which to create Secrets that contain their credentials which
+                  are retrieved from the Bridge API. An empty list creates no role secrets.
+                  Removing a role from this list does NOT drop the role nor revoke their
+                  access, but it will delete that role's secret from the kube cluster.
+                items:
+                  properties:
+                    name:
+                      description: |-
+                        Name of the role within Crunchy Bridge.
+                        More info: https://docs.crunchybridge.com/concepts/users
+                      type: string
+                    secretName:
+                      description: The name of the Secret that will hold the role
+                        credentials.
+                      maxLength: 253
+                      pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
+                      type: string
+                  required:
+                  - name
+                  - secretName
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - name
+                x-kubernetes-list-type: map
+              secret:
+                description: The name of the secret containing the API key and team
+                  id
+                type: string
+              storage:
+                description: |-
+                  The amount of storage available to the cluster in gigabytes.
+                  The amount must be an integer, followed by Gi (gibibytes) or G (gigabytes) to match Kubernetes conventions.
+                  If the amount is given in Gi, we round to the nearest G value.
+                  The minimum value allowed by Bridge is 10 GB.
+                  The maximum value allowed by Bridge is 65535 GB.
+                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                x-kubernetes-int-or-string: true
+            required:
+            - clusterName
+            - isHa
+            - majorVersion
+            - plan
+            - provider
+            - region
+            - secret
+            - storage
+            type: object
+          status:
+            description: CrunchyBridgeClusterStatus defines the observed state of
+              CrunchyBridgeCluster
+            properties:
+              conditions:
+                description: conditions represent the observations of postgres cluster's
+                  current state.
+                items:
+                  description: Condition contains details for one aspect of the current
+                    state of this API Resource.
+                  properties:
+                    lastTransitionTime:
+                      description: |-
+                        lastTransitionTime is the last time the condition transitioned from one status to another.
+                        This should be when the underlying condition changed.  If that is not known, then using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: |-
+                        message is a human readable message indicating details about the transition.
+                        This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: |-
+                        observedGeneration represents the .metadata.generation that the condition was set based upon.
+                        For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+                        with respect to the current state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: |-
+                        reason contains a programmatic identifier indicating the reason for the condition's last transition.
+                        Producers of specific condition types may define expected values and meanings for this field,
+                        and whether the values are considered a guaranteed API.
+                        The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      maxLength: 7
+                      type: string
+                    type:
+                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              host:
+                description: The Hostname of the postgres cluster in Bridge, provided
+                  by Bridge API and null until then.
+                type: string
+              id:
+                description: The ID of the postgres cluster in Bridge, provided by
+                  Bridge API and null until then.
+                type: string
+              isHa:
+                description: |-
+                  Whether the cluster is high availability, meaning that it has a secondary it can fail
+                  over to quickly in case the primary becomes unavailable.
+                type: boolean
+              isProtected:
+                description: |-
+                  Whether the cluster is protected. Protected clusters can't be destroyed until
+                  their protected flag is removed
+                type: boolean
+              majorVersion:
+                description: The cluster's major Postgres version.
+                type: integer
+              name:
+                description: The name of the cluster in Bridge.
+                type: string
+              observedGeneration:
+                description: observedGeneration represents the .metadata.generation
+                  on which the status was based.
+                format: int64
+                minimum: 0
+                type: integer
+              ongoingUpgrade:
+                description: The cluster upgrade as represented by Bridge
+                items:
+                  properties:
+                    flavor:
+                      type: string
+                    starting_from:
+                      type: string
+                    state:
+                      type: string
+                  required:
+                  - flavor
+                  - starting_from
+                  - state
+                  type: object
+                type: array
+              plan:
+                description: The ID of the cluster's plan. Determines instance, CPU,
+                  and memory.
+                type: string
+              responses:
+                description: Most recent, raw responses from Bridge API
+                type: object
+                x-kubernetes-preserve-unknown-fields: true
+              state:
+                description: State of cluster in Bridge.
+                type: string
+              storage:
+                description: The amount of storage available to the cluster.
+                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                x-kubernetes-int-or-string: true
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
@@ -1,6 +1,7 @@
 kind: Kustomization
 
 resources:
+- bases/postgres-operator.crunchydata.com_crunchybridgeclusters.yaml
 - bases/postgres-operator.crunchydata.com_postgresclusters.yaml
 - bases/postgres-operator.crunchydata.com_pgupgrades.yaml
 - bases/postgres-operator.crunchydata.com_pgadmins.yaml
 
@@ -111,6 +111,24 @@ rules:
   - list
   - patch
   - watch
+- apiGroups:
+  - postgres-operator.crunchydata.com
+  resources:
+  - crunchybridgeclusters
+  verbs:
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - postgres-operator.crunchydata.com
+  resources:
+  - crunchybridgeclusters/finalizers
+  - crunchybridgeclusters/status
+  verbs:
+  - patch
+  - update
 - apiGroups:
   - postgres-operator.crunchydata.com
   resources: