diff --git a/internal/controller/bootstrap/init.go b/internal/controller/bootstrap/init.go index fad8524e5..5d64ac5f1 100644 --- a/internal/controller/bootstrap/init.go +++ b/internal/controller/bootstrap/init.go @@ -969,7 +969,6 @@ func (b *Bootstrap) InstallOrUpdateOpcon(forceUpdateODLMCRs bool) error { constant.UserMgmtOpCon, constant.IdpConfigUIOpCon, constant.PlatformUIOpCon, - constant.EDBOpCon, constant.KeyCloakOpCon, constant.CommonServicePGOpCon, constant.CommonServiceCNPGOpCon, diff --git a/internal/controller/constant/odlm.go b/internal/controller/constant/odlm.go index 2db9130d5..17e6bec70 100644 --- a/internal/controller/constant/odlm.go +++ b/internal/controller/constant/odlm.go @@ -1032,160 +1032,6 @@ spec: ` ) -const EDBOpCon = ` -apiVersion: operator.ibm.com/v1alpha1 -kind: OperandConfig -metadata: - name: common-service - namespace: "{{ .ServicesNs }}" - labels: - operator.ibm.com/managedByCsOperator: "true" - annotations: - version: {{ .Version }} -spec: - services: - {{- range .ServiceNames.PostgreSQL }} - - name: {{ . }} - resources: - - apiVersion: batch/v1 - kind: Job - name: create-postgres-license-config - namespace: "{{ $.OperatorNs }}" - labels: - operator.ibm.com/opreq-control: 'true' - data: - spec: - activeDeadlineSeconds: 600 - backoffLimit: 5 - template: - metadata: - annotations: - productID: 068a62892a1e4db39641342e592daa25 - productMetric: FREE - productName: IBM Cloud Platform Common Services - spec: - imagePullSecrets: - - name: ibm-entitlement-key - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/arch - operator: In - values: - - amd64 - - ppc64le - - s390x - initContainers: - - command: - - bash - - -c - - | - cat << EOF | kubectl apply -f - - apiVersion: v1 - kind: Secret - type: Opaque - metadata: - name: postgresql-operator-controller-manager-config - data: - EDB_LICENSE_KEY: $(base64 /license_keys/edb/EDB_LICENSE_KEY | tr -d '\n') - EOF - image: - templatingValueFrom: - default: - required: true - configMapKeyRef: - name: cloud-native-postgresql-image-list - key: edb-postgres-license-provider-image - namespace: {{ $.OperatorNs }} - configMapKeyRef: - name: cloud-native-postgresql-operand-images-config - key: edb-postgres-license-provider-image - namespace: {{ $.OperatorNs }} - name: edb-license - resources: - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 100m - memory: 50Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - containers: - - command: ["bash", "-c"] - args: - - | - kubectl delete pods -l app.kubernetes.io/name=cloud-native-postgresql - kubectl annotate secret postgresql-operator-controller-manager-config ibm-license-key-applied="EDB Database with IBM License Key" - image: - templatingValueFrom: - default: - required: true - configMapKeyRef: - name: cloud-native-postgresql-image-list - key: edb-postgres-license-provider-image - namespace: {{ $.OperatorNs }} - configMapKeyRef: - name: cloud-native-postgresql-operand-images-config - key: edb-postgres-license-provider-image - namespace: {{ $.OperatorNs }} - name: restart-edb-pod - resources: - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 100m - memory: 50Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - hostIPC: false - hostNetwork: false - hostPID: false - restartPolicy: OnFailure - securityContext: - runAsNonRoot: true - serviceAccountName: edb-license-sa - - apiVersion: v1 - kind: ServiceAccount - name: edb-license-sa - namespace: "{{ $.OperatorNs }}" - - apiVersion: rbac.authorization.k8s.io/v1 - kind: Role - name: edb-license-role - namespace: "{{ $.OperatorNs }}" - data: - rules: - - apiGroups: [""] - resources: ["pods", "secrets"] - verbs: ["create", "update", "patch", "get", "list", "delete", "watch"] - - apiVersion: rbac.authorization.k8s.io/v1 - kind: RoleBinding - name: edb-license-rolebinding - namespace: "{{ $.OperatorNs }}" - data: - subjects: - - kind: ServiceAccount - name: edb-license-sa - roleRef: - kind: Role - name: edb-license-role - apiGroup: rbac.authorization.k8s.io - {{- end }} -` - const ( KeyCloakOpCon = ` apiVersion: operator.ibm.com/v1alpha1 @@ -1905,143 +1751,6 @@ spec: supportedLocales: [ "en", "de" , "es", "fr", "it", "ja", "ko", "pt_BR", "zh_CN", "zh_TW"] - name: edb-keycloak resources: - - apiVersion: batch/v1 - kind: Job - force: true - name: create-postgres-license-config - namespace: "{{ .OperatorNs }}" - labels: - operator.ibm.com/opreq-control: 'true' - data: - spec: - activeDeadlineSeconds: 600 - backoffLimit: 5 - template: - metadata: - annotations: - productID: 068a62892a1e4db39641342e592daa25 - productMetric: FREE - productName: IBM Cloud Platform Common Services - spec: - imagePullSecrets: - - name: ibm-entitlement-key - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: kubernetes.io/arch - operator: In - values: - - amd64 - - ppc64le - - s390x - initContainers: - - command: - - bash - - -c - - | - cat << EOF | kubectl apply -f - - apiVersion: v1 - kind: Secret - type: Opaque - metadata: - name: postgresql-operator-controller-manager-config - data: - EDB_LICENSE_KEY: $(base64 /license_keys/edb/EDB_LICENSE_KEY | tr -d '\n') - EOF - image: - templatingValueFrom: - default: - required: true - configMapKeyRef: - name: cloud-native-postgresql-image-list - key: edb-postgres-license-provider-image - namespace: {{ .OperatorNs }} - configMapKeyRef: - name: cloud-native-postgresql-operand-images-config - key: edb-postgres-license-provider-image - namespace: {{ $.OperatorNs }} - name: edb-license - resources: - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 100m - memory: 50Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - containers: - - command: ["bash", "-c"] - args: - - | - kubectl delete pods -l app.kubernetes.io/name=cloud-native-postgresql - kubectl annotate secret postgresql-operator-controller-manager-config ibm-license-key-applied="EDB Database with IBM License Key" - image: - templatingValueFrom: - default: - required: true - configMapKeyRef: - name: cloud-native-postgresql-image-list - key: edb-postgres-license-provider-image - namespace: {{ .OperatorNs }} - configMapKeyRef: - name: cloud-native-postgresql-operand-images-config - key: edb-postgres-license-provider-image - namespace: {{ $.OperatorNs }} - name: restart-edb-pod - resources: - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 100m - memory: 50Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - hostIPC: false - hostNetwork: false - hostPID: false - restartPolicy: OnFailure - securityContext: - runAsNonRoot: true - serviceAccountName: edb-license-sa - - apiVersion: v1 - kind: ServiceAccount - name: edb-license-sa - namespace: "{{ .OperatorNs }}" - - apiVersion: rbac.authorization.k8s.io/v1 - kind: Role - name: edb-license-role - namespace: "{{ .OperatorNs }}" - data: - rules: - - apiGroups: [""] - resources: ["pods", "secrets"] - verbs: ["create", "update", "patch", "get", "list", "delete", "watch"] - - apiVersion: rbac.authorization.k8s.io/v1 - kind: RoleBinding - name: edb-license-rolebinding - namespace: "{{ .OperatorNs }}" - data: - subjects: - - kind: ServiceAccount - name: edb-license-sa - roleRef: - kind: Role - name: edb-license-role - apiGroup: rbac.authorization.k8s.io - apiVersion: postgresql.k8s.enterprisedb.io/v1 data: spec: @@ -2050,15 +1759,6 @@ spec: backup.velero.io/backup-volumes: pgdata,pg-wal labels: foundationservices.cloudpak.ibm.com: keycloak - description: - templatingValueFrom: - objectRef: - apiVersion: v1 - kind: Secret - name: postgresql-operator-controller-manager-config - path: .metadata.annotations.ibm-license-key-applied - namespace: {{ .OperatorNs }} - required: true bootstrap: initdb: database: keycloak @@ -2120,17 +1820,6 @@ spec: services: - name: common-service-postgresql resources: - - apiVersion: operator.ibm.com/v1alpha1 - data: - spec: - requests: - - operands: - - name: cloud-native-postgresql-v1.25 - registry: common-service - registryNamespace: {{ .ServicesNs }} - force: true - kind: OperandRequest - name: postgresql-operator-request - apiVersion: cert-manager.io/v1 kind: Certificate name: common-service-db-replica-tls-cert @@ -2253,15 +1942,6 @@ spec: inheritedMetadata: labels: foundationservices.cloudpak.ibm.com: cs-db - description: - templatingValueFrom: - objectRef: - apiVersion: v1 - kind: Secret - name: postgresql-operator-controller-manager-config - path: .metadata.annotations.ibm-license-key-applied - namespace: {{ .OperatorNs }} - required: true bootstrap: initdb: database: im