diff --git a/README.md b/README.md index 101365860d..8e1e775fc3 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,6 @@ For existing Kubernetes applications that are currently using additional tools ( 1. Install the infrastructure in your cluster: ```bash kubectl apply -f install-bundle/ - kubectl apply -f install-bundle/resources ``` **NOTE:** If you previously installed Config Connector alpha and wish to upgrade, newer versions of the `CustomResourceDefinitions` may cause some of @@ -359,12 +358,14 @@ You can find more details on the meaning of specific properties in the API docum | containerclusters.container.cnrm.cloud.google.com | [Container Cluster](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters) | | iampolicies.iam.cnrm.cloud.google.com | [IAM Policy](https://cloud.google.com/iam/reference/rest/v1/Policy) | | iamserviceaccounts.iam.cnrm.cloud.google.com | [IAM Service Account](https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts) | +| iamserviceaccountkeys.iam.cnrm.cloud.google.com | [IAM Service Account Key](https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts.keys) | | pubsubsubscriptions.pubsub.cnrm.cloud.google.com | [Pub/Sub Subscription](https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.subscriptions) | | pubsubtopics.pubsub.cnrm.cloud.google.com | [Pub/Sub Topic](https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.topics) | | redisinstances.redis.cnrm.cloud.google.com | [Cloud Memorystore for Redis](https://cloud.google.com/memorystore/docs/redis/reference/rest/v1/projects.locations.instances) | | spannerinstances.spanner.cnrm.cloud.google.com | [Spanner Instance](https://cloud.google.com/spanner/docs/reference/rest/v1/projects.instances) | | sqlinstances.sql.cnrm.cloud.google.com | [Cloud SQL Instance](https://cloud.google.com/sql/docs/mysql/admin-api/v1beta4/instances) | | sqldatabases.sql.cnrm.cloud.google.com | [Cloud SQL Database](https://cloud.google.com/sql/docs/mysql/admin-api/v1beta4/databases) | +| sqlusers.sql.cnrm.cloud.google.com | [Cloud SQL User](https://cloud.google.com/sql/docs/mysql/admin-api/v1beta4/users) | | storagebuckets.storage.cnrm.cloud.google.com | [Cloud Storage Bucket](https://cloud.google.com/storage/docs/json_api/v1/buckets) | | storagebucketaccesscontrols.storage.cnrm.cloud.google.com | [Cloud Storage Bucket Access Control](https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls) | | storagedefaultobjectaccesscontrols.storage.cnrm.cloud.google.com | [Cloud Storage Default Object Access Control](https://cloud.google.com/storage/docs/json_api/v1/defaultObjectAccessControls) | @@ -389,11 +390,11 @@ Note: if you `kubectl delete` the configuration, Config Connector will delete th ## Uninstalling Config Connector Bundle ```bash -kubectl delete -f install-bundle/resources -kubectl delete -f install-bundle/ +kubectl delete -f install-bundle/crds.yaml +kubectl delete -f install-bundle/0-cnrm-system.yaml ``` -Note: Make sure to `kubectl delete -f install-bundle/resources` first to ensure the custom resource definitions are removed first before the controllers. +Note: Make sure to `kubectl delete -f install-bundle/crds.yaml` first to ensure the custom resource definitions are removed first before the controllers. s ## Config Connector Resource Functionality diff --git a/apps/musicians/manifests/overlays/prod/cloud-sql-instance.yaml b/apps/musicians/manifests/overlays/prod/cloud-sql-instance.yaml index 29b4c9fd48..3aac1234c1 100644 --- a/apps/musicians/manifests/overlays/prod/cloud-sql-instance.yaml +++ b/apps/musicians/manifests/overlays/prod/cloud-sql-instance.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: sql.cnrm.cloud.google.com/v1alpha2 +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 kind: SQLInstance metadata: name: musicians-demo diff --git a/apps/musicians/manifests/overlays/prod/cloud-sql-user.yaml b/apps/musicians/manifests/overlays/prod/cloud-sql-user.yaml new file mode 100644 index 0000000000..0d6bb53cad --- /dev/null +++ b/apps/musicians/manifests/overlays/prod/cloud-sql-user.yaml @@ -0,0 +1,23 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 +kind: SQLUser +metadata: + name: root +spec: + instanceRef: + name: musicians-demo-prod + host: "%" + diff --git a/apps/musicians/manifests/overlays/prod/kustomization.yaml b/apps/musicians/manifests/overlays/prod/kustomization.yaml index 61f66bd5bf..c96cd02558 100644 --- a/apps/musicians/manifests/overlays/prod/kustomization.yaml +++ b/apps/musicians/manifests/overlays/prod/kustomization.yaml @@ -23,7 +23,8 @@ bases: resources: - cloud-sql-instance.yaml +- cloud-sql-user.yaml patches: - musicians-deployment-project-patch.yaml -- replica-patch.yaml \ No newline at end of file +- replica-patch.yaml diff --git a/apps/musicians/manifests/release-configuration.yaml b/apps/musicians/manifests/release-configuration.yaml index ec729308bf..a98abbbbf2 100644 --- a/apps/musicians/manifests/release-configuration.yaml +++ b/apps/musicians/manifests/release-configuration.yaml @@ -74,7 +74,7 @@ spec: secret: secretName: gcp-key --- -apiVersion: sql.cnrm.cloud.google.com/v1alpha2 +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 kind: SQLInstance metadata: name: musicians-demo diff --git a/resources/compute_v1alpha1_computebackendservice.yaml b/resources/computebackendservice/compute_v1alpha1_computebackendservice.yaml similarity index 100% rename from resources/compute_v1alpha1_computebackendservice.yaml rename to resources/computebackendservice/compute_v1alpha1_computebackendservice.yaml diff --git a/resources/computefirewall/compute_v1alpha1_computefirewall.yaml b/resources/computefirewall/allow-rule/compute_v1alpha1_computefirewall.yaml similarity index 86% rename from resources/computefirewall/compute_v1alpha1_computefirewall.yaml rename to resources/computefirewall/allow-rule/compute_v1alpha1_computefirewall.yaml index 2a459e31f1..68b5c6a448 100644 --- a/resources/computefirewall/compute_v1alpha1_computefirewall.yaml +++ b/resources/computefirewall/allow-rule/compute_v1alpha1_computefirewall.yaml @@ -3,7 +3,7 @@ kind: ComputeFirewall metadata: labels: label-one: "value-one" - name: computefirewall-sample + name: computefirewall-allow-sample spec: allow: - protocol: tcp diff --git a/resources/computefirewall/compute_v1alpha1_computenetwork.yaml b/resources/computefirewall/allow-rule/compute_v1alpha1_computenetwork.yaml similarity index 100% rename from resources/computefirewall/compute_v1alpha1_computenetwork.yaml rename to resources/computefirewall/allow-rule/compute_v1alpha1_computenetwork.yaml diff --git a/resources/computefirewall/deny-rule/compute_v1alpha1_computefirewall.yaml b/resources/computefirewall/deny-rule/compute_v1alpha1_computefirewall.yaml new file mode 100644 index 0000000000..9d79fb46c4 --- /dev/null +++ b/resources/computefirewall/deny-rule/compute_v1alpha1_computefirewall.yaml @@ -0,0 +1,11 @@ +apiVersion: compute.cnrm.cloud.google.com/v1alpha1 +kind: ComputeFirewall +metadata: + labels: + label-one: "value-one" + name: computefirewall-deny-sample +spec: + deny: + - protocol: icmp + networkRef: + name: computefirewall-dep diff --git a/resources/computefirewall/deny-rule/compute_v1alpha1_computenetwork.yaml b/resources/computefirewall/deny-rule/compute_v1alpha1_computenetwork.yaml new file mode 100644 index 0000000000..5c8d3a25ec --- /dev/null +++ b/resources/computefirewall/deny-rule/compute_v1alpha1_computenetwork.yaml @@ -0,0 +1,7 @@ +apiVersion: compute.cnrm.cloud.google.com/v1alpha1 +kind: ComputeNetwork +metadata: + name: computefirewall-dep +spec: + routingMode: REGIONAL + autoCreateSubnetworks: true diff --git a/resources/computehealthcheck/compute_v1alpha1_computehealthcheck.yaml b/resources/computehealthcheck/compute_v1alpha1_computehealthcheck.yaml index bff845afe1..bca4a73863 100644 --- a/resources/computehealthcheck/compute_v1alpha1_computehealthcheck.yaml +++ b/resources/computehealthcheck/compute_v1alpha1_computehealthcheck.yaml @@ -4,6 +4,5 @@ metadata: name: computehealthcheck-sample spec: checkIntervalSec: 10 - type: HTTP httpHealthCheck: port: 80 diff --git a/resources/computesubnetwork/compute_v1alpha1_computenetwork.yaml b/resources/computesubnetwork/compute_v1alpha1_computenetwork.yaml new file mode 100644 index 0000000000..bcf124e563 --- /dev/null +++ b/resources/computesubnetwork/compute_v1alpha1_computenetwork.yaml @@ -0,0 +1,7 @@ +apiVersion: compute.cnrm.cloud.google.com/v1alpha1 +kind: ComputeNetwork +metadata: + name: computesubnetwork-dep +spec: + routingMode: REGIONAL + autoCreateSubnetworks: false diff --git a/resources/computesubnetwork/compute_v1alpha1_computesubnetwork.yaml b/resources/computesubnetwork/compute_v1alpha1_computesubnetwork.yaml new file mode 100644 index 0000000000..bd74d86df1 --- /dev/null +++ b/resources/computesubnetwork/compute_v1alpha1_computesubnetwork.yaml @@ -0,0 +1,18 @@ +apiVersion: compute.cnrm.cloud.google.com/v1alpha1 +kind: ComputeSubnetwork +metadata: + labels: + label-one: "value-one" + name: computesubnetwork-sample +spec: + ipCidrRange: 10.2.0.0/16 + region: us-central1 + description: My subnet + enableFlowLogs: true + privateIpGoogleAccess: false + networkRef: + name: computesubnetwork-dep + logConfig: + aggregationInterval: INTERVAL_10_MIN + flowSampling: "0.5" + metadata: INCLUDE_ALL_METADATA diff --git a/resources/containercluster/container_v1alpha1_containercluster.yaml b/resources/containercluster/container_v1alpha1_containercluster.yaml index 58c4c1a424..8e6520ce6c 100644 --- a/resources/containercluster/container_v1alpha1_containercluster.yaml +++ b/resources/containercluster/container_v1alpha1_containercluster.yaml @@ -9,3 +9,8 @@ spec: initialNodeCount: 1 removeDefaultNodePool: false loggingService: none + masterAuth: + username: "user" + password: "password12345678" + clientCertificateConfig: + issueClientCertificate: false diff --git a/resources/iampolicy/project-level/iam_v1alpha1_iampolicy.yaml b/resources/iampolicy/project-level/iam_v1alpha1_iampolicy.yaml new file mode 100644 index 0000000000..7ec9fbe42d --- /dev/null +++ b/resources/iampolicy/project-level/iam_v1alpha1_iampolicy.yaml @@ -0,0 +1,47 @@ +# **WARNING**: The bindings here represent the full declarative intent for the project. +# It will fully overwrite the existing policy on the given project. +# +# This sample assumes the following additional APIs are enabled: +# - compute.googleapis.com +# - container.googleapis.com +# - containerregistry.googleapis.com +# - redis.googleapis.com +# +# Replace [PROJECT_ID], [PROJECT_NUMBER], and [ACCOUNT] with your desired project ID, +# that project's project number, and your Google Cloud account email respectively. +apiVersion: iam.cnrm.cloud.google.com/v1alpha1 +kind: IAMPolicy +metadata: + labels: + label-one: value-one + name: iampolicy-project-level-sample +spec: + resourceRef: + kind: Project + name: [PROJECT_ID] + bindings: + - members: + - serviceAccount:service-[PROJECT_NUMBER]@compute-system.iam.gserviceaccount.com + role: roles/compute.serviceAgent + - members: + - serviceAccount:service-[PROJECT_NUMBER]@container-engine-robot.iam.gserviceaccount.com + role: roles/container.serviceAgent + - members: + - serviceAccount:[PROJECT_NUMBER]-compute@developer.gserviceaccount.com + - serviceAccount:[PROJECT_NUMBER]@cloudservices.gserviceaccount.com + - serviceAccount:cnrm-application-demo@[PROJECT_ID].iam.gserviceaccount.com + - serviceAccount:service-[PROJECT_NUMBER]@containerregistry.iam.gserviceaccount.com + role: roles/editor + - members: + # Make sure to keep the "cnrm-system" service account permission, or else KCC will + # be locked out from managing GCP resources. + - serviceAccount:cnrm-system@[PROJECT_ID].iam.gserviceaccount.com + # Ensure that your account is not locked out of the project. + - user:[ACCOUNT] + role: roles/owner + - members: + - serviceAccount:service-[PROJECT_NUMBER]@cloud-redis.iam.gserviceaccount.com + role: roles/redis.serviceAgent + - members: + - serviceAccount:cnrm-system@[PROJECT_ID].iam.gserviceaccount.com + role: roles/storage.admin diff --git a/resources/iampolicy/iam_v1alpha1_iampolicy.yaml b/resources/iampolicy/pubsub-admin/iam_v1alpha1_iampolicy.yaml similarity index 55% rename from resources/iampolicy/iam_v1alpha1_iampolicy.yaml rename to resources/iampolicy/pubsub-admin/iam_v1alpha1_iampolicy.yaml index ad1db92bc9..8b09871bdc 100644 --- a/resources/iampolicy/iam_v1alpha1_iampolicy.yaml +++ b/resources/iampolicy/pubsub-admin/iam_v1alpha1_iampolicy.yaml @@ -3,13 +3,14 @@ kind: IAMPolicy metadata: labels: label-one: value-one - name: iampolicy-sample + name: iampolicy-pubsubtopic-admin-sample spec: resourceRef: apiVersion: pubsub.cnrm.cloud.google.com/v1alpha2 kind: PubSubTopic name: iampolicy-dep bindings: - - role: roles/pubsub.admin + - role: roles/editor members: - - user:me@myownpersonaldomain.com + # replace ${PROJECT_NAME?} with your project name + - serviceAccount:iampolicy-dep@${PROJECT_NAME?}.iam.gserviceaccount.com diff --git a/resources/iampolicy/pubsub-admin/iam_v1alpha1_iamserviceaccount.yaml b/resources/iampolicy/pubsub-admin/iam_v1alpha1_iamserviceaccount.yaml new file mode 100644 index 0000000000..239a9faf80 --- /dev/null +++ b/resources/iampolicy/pubsub-admin/iam_v1alpha1_iamserviceaccount.yaml @@ -0,0 +1,4 @@ +apiVersion: iam.cnrm.cloud.google.com/v1alpha1 +kind: IAMServiceAccount +metadata: + name: iampolicy-dep \ No newline at end of file diff --git a/resources/iampolicy/pubsub_v1alpha2_pubsubtopic.yaml b/resources/iampolicy/pubsub-admin/pubsub_v1alpha2_pubsubtopic.yaml similarity index 100% rename from resources/iampolicy/pubsub_v1alpha2_pubsubtopic.yaml rename to resources/iampolicy/pubsub-admin/pubsub_v1alpha2_pubsubtopic.yaml diff --git a/resources/iampolicy/workload-identity/iam_v1alpha1_iampolicy.yaml b/resources/iampolicy/workload-identity/iam_v1alpha1_iampolicy.yaml new file mode 100644 index 0000000000..5fceeddbdd --- /dev/null +++ b/resources/iampolicy/workload-identity/iam_v1alpha1_iampolicy.yaml @@ -0,0 +1,14 @@ +apiVersion: iam.cnrm.cloud.google.com/v1alpha1 +kind: IAMPolicy +metadata: + name: iampolicy-workload-identity-sample +spec: + resourceRef: + apiVersion: iam.cnrm.cloud.google.com/v1alpha1 + kind: IAMServiceAccount + name: iampolicy-gsa-dep + bindings: + - role: roles/iam.workloadIdentityUser + members: + # replace ${PROJECT_NAME?} with your project name + - serviceAccount:${PROJECT_NAME?}.svc.id.goog[default/iampolicy-ksa-dep] diff --git a/resources/iampolicy/workload-identity/iam_v1alpha1_iamserviceaccount.yaml b/resources/iampolicy/workload-identity/iam_v1alpha1_iamserviceaccount.yaml new file mode 100644 index 0000000000..344e45a29a --- /dev/null +++ b/resources/iampolicy/workload-identity/iam_v1alpha1_iamserviceaccount.yaml @@ -0,0 +1,6 @@ +apiVersion: iam.cnrm.cloud.google.com/v1alpha1 +kind: IAMServiceAccount +metadata: + name: iampolicy-gsa-dep +spec: + displayName: Example Service Account \ No newline at end of file diff --git a/resources/iampolicy/workload-identity/kubernetes_service_account.yaml b/resources/iampolicy/workload-identity/kubernetes_service_account.yaml new file mode 100644 index 0000000000..4342558142 --- /dev/null +++ b/resources/iampolicy/workload-identity/kubernetes_service_account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: iampolicy-ksa-dep + annotations: + # replace ${PROJECT_NAME?} with your project name + iam.gke.io/gcp-service-account: iampolicy-gsa-dep@${project_name?}.iam.gserviceaccount.com diff --git a/resources/iamserviceaccountkey/iam_v1alpha1_iamserviceaccount.yaml b/resources/iamserviceaccountkey/iam_v1alpha1_iamserviceaccount.yaml new file mode 100644 index 0000000000..56fad81360 --- /dev/null +++ b/resources/iamserviceaccountkey/iam_v1alpha1_iamserviceaccount.yaml @@ -0,0 +1,4 @@ +apiVersion: iam.cnrm.cloud.google.com/v1alpha1 +kind: IAMServiceAccount +metadata: + name: iamserviceaccountkey-dep \ No newline at end of file diff --git a/resources/iamserviceaccountkey/iam_v1alpha1_iamserviceaccountkey.yaml b/resources/iamserviceaccountkey/iam_v1alpha1_iamserviceaccountkey.yaml new file mode 100644 index 0000000000..dd2c46b6a0 --- /dev/null +++ b/resources/iamserviceaccountkey/iam_v1alpha1_iamserviceaccountkey.yaml @@ -0,0 +1,12 @@ +apiVersion: iam.cnrm.cloud.google.com/v1alpha1 +kind: IAMServiceAccountKey +metadata: + name: key-sample + labels: + label-one: "value-one" +spec: + publicKeyType: TYPE_X509_PEM_FILE + keyAlgorithm: KEY_ALG_RSA_2048 + privateKeyType: TYPE_GOOGLE_CREDENTIALS_FILE + serviceAccountRef: + name: iamserviceaccountkey-dep diff --git a/resources/sqldatabase/sql_v1alpha2_sqlinstance.yaml b/resources/sqldatabase/sql_v1alpha2_sqlinstance.yaml index 2f34a50fa8..46cefbd926 100644 --- a/resources/sqldatabase/sql_v1alpha2_sqlinstance.yaml +++ b/resources/sqldatabase/sql_v1alpha2_sqlinstance.yaml @@ -1,8 +1,9 @@ -apiVersion: sql.cnrm.cloud.google.com/v1alpha2 +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 kind: SQLInstance metadata: name: sqldatabase-dep spec: + region: us-central1 databaseVersion: MYSQL_5_7 settings: tier: db-n1-standard-1 diff --git a/resources/sqldatabase/sql_v1alpha2_sqldatabase.yaml b/resources/sqldatabase/sql_v1alpha3_sqldatabase.yaml similarity index 79% rename from resources/sqldatabase/sql_v1alpha2_sqldatabase.yaml rename to resources/sqldatabase/sql_v1alpha3_sqldatabase.yaml index 19f39293c2..bc98770125 100644 --- a/resources/sqldatabase/sql_v1alpha2_sqldatabase.yaml +++ b/resources/sqldatabase/sql_v1alpha3_sqldatabase.yaml @@ -1,4 +1,4 @@ -apiVersion: sql.cnrm.cloud.google.com/v1alpha2 +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 kind: SQLDatabase metadata: labels: diff --git a/resources/sqlinstance/mysql-sql-instance-with-replication/sql_v1alpha3_sqlinstance.yaml b/resources/sqlinstance/mysql-sql-instance-with-replication/sql_v1alpha3_sqlinstance.yaml new file mode 100644 index 0000000000..b074201444 --- /dev/null +++ b/resources/sqlinstance/mysql-sql-instance-with-replication/sql_v1alpha3_sqlinstance.yaml @@ -0,0 +1,35 @@ +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 +kind: SQLInstance +metadata: + name: mysql-instance-sample-with-replication-primary +spec: + databaseVersion: MYSQL_5_7 + region: us-central1 + settings: + tier: db-f1-micro + backupConfiguration: + binaryLogEnabled: true + enabled: true + startTime: "18:00" + ipConfiguration: + requireSsl: true + locationPreference: + zone: us-central1-b +--- +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 +kind: SQLInstance +metadata: + name: mysql-instance-sample-with-replication-secondary +spec: + databaseVersion: MYSQL_5_7 + region: us-central1 + masterInstanceRef: + name: mysql-instance-sample-with-replication-primary + replicaConfiguration: + connectRetryInterval: 30 + settings: + tier: db-f1-micro + ipConfiguration: + requireSsl: true + locationPreference: + zone: us-central1-c \ No newline at end of file diff --git a/resources/sqlinstance/mysql-sql-instance-with-sql-user/sql_v1alpha3_sqlinstance.yaml b/resources/sqlinstance/mysql-sql-instance-with-sql-user/sql_v1alpha3_sqlinstance.yaml new file mode 100644 index 0000000000..b4fa31634f --- /dev/null +++ b/resources/sqlinstance/mysql-sql-instance-with-sql-user/sql_v1alpha3_sqlinstance.yaml @@ -0,0 +1,9 @@ +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 +kind: SQLInstance +metadata: + name: mysql-instance-sample-with-sql-user +spec: + databaseVersion: MYSQL_5_7 + region: us-central1 + settings: + tier: db-f1-micro \ No newline at end of file diff --git a/resources/sqlinstance/mysql-sql-instance-with-sql-user/sql_v1alpha3_sqluser.yaml b/resources/sqlinstance/mysql-sql-instance-with-sql-user/sql_v1alpha3_sqluser.yaml new file mode 100644 index 0000000000..876c19d4a1 --- /dev/null +++ b/resources/sqlinstance/mysql-sql-instance-with-sql-user/sql_v1alpha3_sqluser.yaml @@ -0,0 +1,12 @@ +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 +kind: SQLUser +metadata: + name: sqluser-sample +spec: + instanceRef: + name: mysql-instance-sample-with-sql-user + host: "%" + password: change-me +# after running this sample, you can verify that sql instance can be accessed +# with user credentials by running from cloud shell: +# gcloud sql connect mysql-instance-sample-with-sql-user --user=sqluser-sample \ No newline at end of file diff --git a/resources/sqlinstance/mysql-sql-instance/sql_v1alpha3_sqlinstance.yaml b/resources/sqlinstance/mysql-sql-instance/sql_v1alpha3_sqlinstance.yaml new file mode 100644 index 0000000000..892ed850c2 --- /dev/null +++ b/resources/sqlinstance/mysql-sql-instance/sql_v1alpha3_sqlinstance.yaml @@ -0,0 +1,8 @@ +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 +kind: SQLInstance +metadata: + name: mysql-instance-sample +spec: + databaseVersion: MYSQL_5_7 + settings: + tier: db-f1-micro \ No newline at end of file diff --git a/resources/sqlinstance/postgres-sql-instance-high-availability/sql_v1alpha3_sqlinstance.yaml b/resources/sqlinstance/postgres-sql-instance-high-availability/sql_v1alpha3_sqlinstance.yaml new file mode 100644 index 0000000000..f8be972b0f --- /dev/null +++ b/resources/sqlinstance/postgres-sql-instance-high-availability/sql_v1alpha3_sqlinstance.yaml @@ -0,0 +1,10 @@ +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 +kind: SQLInstance +metadata: + name: postgres-sql-instance-ha-sample +spec: + databaseVersion: POSTGRES_9_6 + region: us-central1 + settings: + tier: db-custom-1-3840 + availabilityType: REGIONAL \ No newline at end of file diff --git a/resources/sqlinstance/postgres-sql-instance/sql_v1alpha3_sqlinstance.yaml b/resources/sqlinstance/postgres-sql-instance/sql_v1alpha3_sqlinstance.yaml new file mode 100644 index 0000000000..5911f4654c --- /dev/null +++ b/resources/sqlinstance/postgres-sql-instance/sql_v1alpha3_sqlinstance.yaml @@ -0,0 +1,8 @@ +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 +kind: SQLInstance +metadata: + name: postgres-sql-instance-sample +spec: + databaseVersion: POSTGRES_9_6 + settings: + tier: db-custom-16-61440 # see https://cloud.google.com/sql/docs/postgres/create-instance \ No newline at end of file diff --git a/resources/sqlinstance/sql_v1alpha2_sqlinstance.yaml b/resources/sqluser/sql_v1alpha3_sqlinstance.yaml similarity index 60% rename from resources/sqlinstance/sql_v1alpha2_sqlinstance.yaml rename to resources/sqluser/sql_v1alpha3_sqlinstance.yaml index 25a033a867..6e585228a6 100644 --- a/resources/sqlinstance/sql_v1alpha2_sqlinstance.yaml +++ b/resources/sqluser/sql_v1alpha3_sqlinstance.yaml @@ -1,10 +1,11 @@ -apiVersion: sql.cnrm.cloud.google.com/v1alpha2 +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 kind: SQLInstance metadata: labels: label-one: "value-one" - name: sqlinstance-sample + name: sqluser-dep spec: + region: us-central1 databaseVersion: MYSQL_5_7 settings: tier: db-n1-standard-1 diff --git a/resources/sqluser/sql_v1alpha3_sqluser.yaml b/resources/sqluser/sql_v1alpha3_sqluser.yaml new file mode 100644 index 0000000000..64a7105831 --- /dev/null +++ b/resources/sqluser/sql_v1alpha3_sqluser.yaml @@ -0,0 +1,9 @@ +apiVersion: sql.cnrm.cloud.google.com/v1alpha3 +kind: SQLUser +metadata: + name: sqluser-sample +spec: + instanceRef: + name: sqluser-dep + host: "%" + password: password diff --git a/resources/storagedefaultobjectaccesscontrol/storage_v1alpha2_storagedefaultobjectaccesscontrol.yaml b/resources/storagedefaultobjectaccesscontrol/storage_v1alpha2_storagedefaultobjectaccesscontrol.yaml index faf4d09f68..72863132e4 100644 --- a/resources/storagedefaultobjectaccesscontrol/storage_v1alpha2_storagedefaultobjectaccesscontrol.yaml +++ b/resources/storagedefaultobjectaccesscontrol/storage_v1alpha2_storagedefaultobjectaccesscontrol.yaml @@ -6,6 +6,6 @@ metadata: name: storagedefaultobjectaccesscontrol-sample spec: bucketRef: - name: storagedefaultobjectaccesscontrol + name: storagedefaultobjectaccesscontrol-dep entity: allAuthenticatedUsers role: READER