Skip to content

Edb license job removed from odlm.go #2760

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Daniel-Fan merged 5 commits into from
Mar 5, 2026
Merged

Edb license job removed from odlm.go #2760

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
7d1664a
Edb license job removed from odlm.go
Jeremy-Cheng-stack Feb 27, 2026
e535382
Remove rest of license resource and remove alternative secret reference
Jeremy-Cheng-stack Mar 3, 2026
2fc4a8c
Revert "Remove rest of license resource and remove alternative secret…
Jeremy-Cheng-stack Mar 3, 2026
23e7412
Remove rest of license resource and remove alternative secret reference
Jeremy-Cheng-stack Mar 3, 2026
29b3be4
Remove postgresql-operator-request operand request from odlm.go
Jeremy-Cheng-stack Mar 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion internal/controller/bootstrap/init.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -969,7 +969,6 @@ func (b *Bootstrap) InstallOrUpdateOpcon(forceUpdateODLMCRs bool) error {
constant.UserMgmtOpCon,
constant.IdpConfigUIOpCon,
constant.PlatformUIOpCon,
constant.EDBOpCon,
constant.KeyCloakOpCon,
constant.CommonServicePGOpCon,
constant.CommonServiceCNPGOpCon,
Expand Down
320 changes: 0 additions & 320 deletions internal/controller/constant/odlm.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1032,160 +1032,6 @@ spec:
`
)

const EDBOpCon = `
apiVersion: operator.ibm.com/v1alpha1
kind: OperandConfig
metadata:
name: common-service
namespace: "{{ .ServicesNs }}"
labels:
operator.ibm.com/managedByCsOperator: "true"
annotations:
version: {{ .Version }}
spec:
services:
{{- range .ServiceNames.PostgreSQL }}
- name: {{ . }}
resources:
- apiVersion: batch/v1
kind: Job
name: create-postgres-license-config
namespace: "{{ $.OperatorNs }}"
labels:
operator.ibm.com/opreq-control: 'true'
data:
spec:
activeDeadlineSeconds: 600
backoffLimit: 5
template:
metadata:
annotations:
productID: 068a62892a1e4db39641342e592daa25
productMetric: FREE
productName: IBM Cloud Platform Common Services
spec:
imagePullSecrets:
- name: ibm-entitlement-key
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- ppc64le
- s390x
initContainers:
- command:
- bash
- -c
- |
cat << EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: postgresql-operator-controller-manager-config
data:
EDB_LICENSE_KEY: $(base64 /license_keys/edb/EDB_LICENSE_KEY | tr -d '\n')
EOF
image:
templatingValueFrom:
default:
required: true
configMapKeyRef:
name: cloud-native-postgresql-image-list
key: edb-postgres-license-provider-image
namespace: {{ $.OperatorNs }}
configMapKeyRef:
name: cloud-native-postgresql-operand-images-config
key: edb-postgres-license-provider-image
namespace: {{ $.OperatorNs }}
name: edb-license
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
containers:
- command: ["bash", "-c"]
args:
- |
kubectl delete pods -l app.kubernetes.io/name=cloud-native-postgresql
kubectl annotate secret postgresql-operator-controller-manager-config ibm-license-key-applied="EDB Database with IBM License Key"
image:
templatingValueFrom:
default:
required: true
configMapKeyRef:
name: cloud-native-postgresql-image-list
key: edb-postgres-license-provider-image
namespace: {{ $.OperatorNs }}
configMapKeyRef:
name: cloud-native-postgresql-operand-images-config
key: edb-postgres-license-provider-image
namespace: {{ $.OperatorNs }}
name: restart-edb-pod
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
hostIPC: false
hostNetwork: false
hostPID: false
restartPolicy: OnFailure
securityContext:
runAsNonRoot: true
serviceAccountName: edb-license-sa
- apiVersion: v1
kind: ServiceAccount
name: edb-license-sa
namespace: "{{ $.OperatorNs }}"
- apiVersion: rbac.authorization.k8s.io/v1
kind: Role
name: edb-license-role
namespace: "{{ $.OperatorNs }}"
data:
rules:
- apiGroups: [""]
resources: ["pods", "secrets"]
verbs: ["create", "update", "patch", "get", "list", "delete", "watch"]
- apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
name: edb-license-rolebinding
namespace: "{{ $.OperatorNs }}"
data:
subjects:
- kind: ServiceAccount
name: edb-license-sa
roleRef:
kind: Role
name: edb-license-role
apiGroup: rbac.authorization.k8s.io
{{- end }}
`

const (
KeyCloakOpCon = `
apiVersion: operator.ibm.com/v1alpha1
Expand Down Expand Up @@ -1905,143 +1751,6 @@ spec:
supportedLocales: [ "en", "de" , "es", "fr", "it", "ja", "ko", "pt_BR", "zh_CN", "zh_TW"]
- name: edb-keycloak
resources:
- apiVersion: batch/v1
kind: Job
force: true
name: create-postgres-license-config
namespace: "{{ .OperatorNs }}"
labels:
operator.ibm.com/opreq-control: 'true'
data:
spec:
activeDeadlineSeconds: 600
backoffLimit: 5
template:
metadata:
annotations:
productID: 068a62892a1e4db39641342e592daa25
productMetric: FREE
productName: IBM Cloud Platform Common Services
spec:
imagePullSecrets:
- name: ibm-entitlement-key
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- ppc64le
- s390x
initContainers:
- command:
- bash
- -c
- |
cat << EOF | kubectl apply -f -
apiVersion: v1
kind: Secret
type: Opaque
metadata:
name: postgresql-operator-controller-manager-config
data:
EDB_LICENSE_KEY: $(base64 /license_keys/edb/EDB_LICENSE_KEY | tr -d '\n')
EOF
image:
templatingValueFrom:
default:
required: true
configMapKeyRef:
name: cloud-native-postgresql-image-list
key: edb-postgres-license-provider-image
namespace: {{ .OperatorNs }}
configMapKeyRef:
name: cloud-native-postgresql-operand-images-config
key: edb-postgres-license-provider-image
namespace: {{ $.OperatorNs }}
name: edb-license
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
containers:
- command: ["bash", "-c"]
args:
- |
kubectl delete pods -l app.kubernetes.io/name=cloud-native-postgresql
kubectl annotate secret postgresql-operator-controller-manager-config ibm-license-key-applied="EDB Database with IBM License Key"
image:
templatingValueFrom:
default:
required: true
configMapKeyRef:
name: cloud-native-postgresql-image-list
key: edb-postgres-license-provider-image
namespace: {{ .OperatorNs }}
configMapKeyRef:
name: cloud-native-postgresql-operand-images-config
key: edb-postgres-license-provider-image
namespace: {{ $.OperatorNs }}
name: restart-edb-pod
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 50Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
hostIPC: false
hostNetwork: false
hostPID: false
restartPolicy: OnFailure
securityContext:
runAsNonRoot: true
serviceAccountName: edb-license-sa
- apiVersion: v1
kind: ServiceAccount
name: edb-license-sa
namespace: "{{ .OperatorNs }}"
- apiVersion: rbac.authorization.k8s.io/v1
kind: Role
name: edb-license-role
namespace: "{{ .OperatorNs }}"
data:
rules:
- apiGroups: [""]
resources: ["pods", "secrets"]
verbs: ["create", "update", "patch", "get", "list", "delete", "watch"]
- apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
name: edb-license-rolebinding
namespace: "{{ .OperatorNs }}"
data:
subjects:
- kind: ServiceAccount
name: edb-license-sa
roleRef:
kind: Role
name: edb-license-role
apiGroup: rbac.authorization.k8s.io
- apiVersion: postgresql.k8s.enterprisedb.io/v1
data:
spec:
Expand All @@ -2050,15 +1759,6 @@ spec:
backup.velero.io/backup-volumes: pgdata,pg-wal
labels:
foundationservices.cloudpak.ibm.com: keycloak
description:
templatingValueFrom:
objectRef:
apiVersion: v1
kind: Secret
name: postgresql-operator-controller-manager-config
path: .metadata.annotations.ibm-license-key-applied
namespace: {{ .OperatorNs }}
required: true
bootstrap:
initdb:
database: keycloak
Expand Down Expand Up @@ -2120,17 +1820,6 @@ spec:
services:
- name: common-service-postgresql
resources:
- apiVersion: operator.ibm.com/v1alpha1
data:
spec:
requests:
- operands:
- name: cloud-native-postgresql-v1.25
registry: common-service
registryNamespace: {{ .ServicesNs }}
force: true
kind: OperandRequest
name: postgresql-operator-request
- apiVersion: cert-manager.io/v1
kind: Certificate
name: common-service-db-replica-tls-cert
Expand Down Expand Up @@ -2253,15 +1942,6 @@ spec:
inheritedMetadata:
labels:
foundationservices.cloudpak.ibm.com: cs-db
description:
templatingValueFrom:
objectRef:
apiVersion: v1
kind: Secret
name: postgresql-operator-controller-manager-config
path: .metadata.annotations.ibm-license-key-applied
namespace: {{ .OperatorNs }}
required: true
bootstrap:
initdb:
database: im
Expand Down