apiVersion: v1 kind: Namespace metadata: labels: control-plane: controller-manager name: oracle-database-operator-system --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.6.1 creationTimestamp: null name: autonomousdatabases.database.oracle.com spec: group: database.oracle.com names: kind: AutonomousDatabase listKind: AutonomousDatabaseList plural: autonomousdatabases shortNames: - adb - adbs singular: autonomousdatabase scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.displayName name: Display Name type: string - jsonPath: .status.lifecycleState name: State type: string - jsonPath: .status.isDedicated name: Dedicated type: string - jsonPath: .status.cpuCoreCount name: OCPUs type: integer - jsonPath: .status.dataStorageSizeInTBs name: Storage (TB) type: integer - jsonPath: .status.dbWorkload name: Workload Type type: string - jsonPath: .status.timeCreated name: Created type: string name: v1alpha1 schema: openAPIV3Schema: description: AutonomousDatabase is the Schema for the autonomousdatabases API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: 'AutonomousDatabaseSpec defines the desired state of AutonomousDatabase Important: Run "make" to regenerate code after modifying this file' properties: details: description: AutonomousDatabaseDetails defines the detail information of AutonomousDatabase, corresponding to oci-go-sdk/database/AutonomousDatabase properties: adminPassword: properties: k8sSecretName: type: string ociSecretOCID: type: string type: object autonomousDatabaseOCID: type: string compartmentOCID: type: string cpuCoreCount: type: integer dataStorageSizeInTBs: type: integer dbName: type: string dbVersion: type: string dbWorkload: description: 'AutonomousDatabaseDbWorkloadEnum Enum with underlying type: string' enum: - OLTP - DW - AJD - APEX type: string displayName: type: string freeformTags: additionalProperties: type: string type: object isAutoScalingEnabled: type: boolean isDedicated: type: boolean lifecycleState: description: 'AutonomousDatabaseLifecycleStateEnum Enum with underlying type: string' type: string nsgOCIDs: items: type: string type: array privateEndpoint: type: string privateEndpointIP: type: string privateEndpointLabel: type: string subnetOCID: type: string wallet: properties: name: type: string password: properties: k8sSecretName: type: string ociSecretOCID: type: string type: object type: object type: object hardLink: default: false type: boolean ociConfig: properties: configMapName: type: string secretName: type: string type: object required: - details type: object status: description: AutonomousDatabaseStatus defines the observed state of AutonomousDatabase properties: cpuCoreCount: type: integer dataStorageSizeInTBs: type: integer dbWorkload: description: 'AutonomousDatabaseDbWorkloadEnum Enum with underlying type: string' type: string displayName: description: 'INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file' type: string isDedicated: type: string lifecycleState: description: 'AutonomousDatabaseLifecycleStateEnum Enum with underlying type: string' type: string timeCreated: type: string type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.6.1 creationTimestamp: null name: shardingdatabases.database.oracle.com spec: group: database.oracle.com names: kind: ShardingDatabase listKind: ShardingDatabaseList plural: shardingdatabases singular: shardingdatabase scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: ShardingDatabase is the Schema for the shardingdatabases API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: ShardingDatabaseSpec defines the desired state of ShardingDatabase properties: catalog: items: description: CatalogSpec defines the desired state of CatalogSpec properties: envVars: items: description: EnvironmentVariable represents a named variable accessible for containers. properties: name: type: string value: type: string required: - name - value type: object type: array imagePullPolicy: description: PullPolicy describes a policy for if/when to pull a container image type: string isDelete: type: boolean label: type: string name: type: string nodeSelector: additionalProperties: type: string type: object pvAnnotations: additionalProperties: type: string type: object pvMatchLabels: additionalProperties: type: string type: object pvcName: type: string resources: description: ResourceRequirements describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object storageSizeInGb: format: int32 type: integer required: - name type: object type: array dbImage: type: string dbImagePullSecret: type: string gsm: items: description: GsmSpec defines the desired state of GsmSpec properties: envVars: items: description: EnvironmentVariable represents a named variable accessible for containers. properties: name: type: string value: type: string required: - name - value type: object type: array imagePullPolicy: description: PullPolicy describes a policy for if/when to pull a container image type: string isDelete: type: boolean label: type: string name: type: string nodeSelector: additionalProperties: type: string type: object pvMatchLabels: additionalProperties: type: string type: object pvcName: type: string replicas: format: int32 type: integer resources: description: ResourceRequirements describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object storageSizeInGb: format: int32 type: integer required: - name type: object type: array gsmImage: type: string gsmImagePullSecret: type: string isClone: type: boolean isDataGuard: type: boolean isDebug: type: boolean isDeleteOraPvc: type: boolean isExternalSvc: type: boolean namespace: type: string nsConfigMap: type: string nsSecret: type: string portMappings: items: description: PortMapping is a specification of port mapping for an application deployment. properties: port: format: int32 type: integer protocol: default: TCP type: string targetPort: format: int32 type: integer required: - port - protocol - targetPort type: object type: array scriptsLocation: type: string secret: type: string shard: description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster Important: Run "make" to regenerate code after modifying this file' items: description: ShardSpec is a specification of Shards for an application deployment. properties: envVars: items: description: EnvironmentVariable represents a named variable accessible for containers. properties: name: type: string value: type: string required: - name - value type: object type: array imagePullPolicy: description: PullPolicy describes a policy for if/when to pull a container image type: string isDelete: type: boolean label: type: string name: type: string nodeSelector: additionalProperties: type: string type: object pvAnnotations: additionalProperties: type: string type: object pvMatchLabels: additionalProperties: type: string type: object pvcName: type: string resources: description: ResourceRequirements describes the compute resource requirements. properties: limits: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object requests: additionalProperties: anyOf: - type: integer - type: string pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true description: 'Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' type: object type: object storageSizeInGb: format: int32 type: integer required: - name type: object type: array stagePvcName: type: string storageClass: type: string required: - catalog - dbImage - gsm - gsmImage - secret - shard type: object status: description: To understand Metav1.Condition, please refer the link https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1 ShardingDatabaseStatus defines the observed state of ShardingDatabase properties: catalogs: additionalProperties: type: string type: object conditions: items: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map gsm: properties: details: additionalProperties: type: string type: object externalConnectStr: type: string internalConnectStr: type: string services: type: string shards: additionalProperties: type: string type: object state: type: string type: object shards: additionalProperties: type: string type: object type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert controller-gen.kubebuilder.io/version: v0.6.1 name: singleinstancedatabases.database.oracle.com spec: group: database.oracle.com names: kind: SingleInstanceDatabase listKind: SingleInstanceDatabaseList plural: singleinstancedatabases singular: singleinstancedatabase scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .status.edition name: Edition type: string - jsonPath: .status.status name: Status type: string - jsonPath: .status.role name: Role priority: 1 type: string - jsonPath: .status.releaseUpdate name: Version type: string - jsonPath: .status.connectString name: Connect Str type: string - jsonPath: .status.pdbConnectString name: Pdb Connect Str priority: 1 type: string - jsonPath: .status.oemExpressUrl name: Oem Express Url type: string name: v1alpha1 schema: openAPIV3Schema: description: SingleInstanceDatabase is the Schema for the singleinstancedatabases API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: SingleInstanceDatabaseSpec defines the desired state of SingleInstanceDatabase properties: adminPassword: description: SingleInsatnceAdminPassword defines the secret containing Admin Password mapped to secretKey for Database properties: keepSecret: type: boolean secretKey: type: string secretName: type: string required: - secretKey - secretName type: object archiveLog: type: boolean charset: type: string cloneFrom: type: string edition: enum: - standard - enterprise type: string flashBack: type: boolean forceLog: type: boolean image: description: SingleInstanceDatabaseImage defines the Image source and pullSecrets for POD properties: pullFrom: type: string pullSecrets: type: string version: type: string required: - pullFrom type: object initParams: description: SingleInstanceDatabaseInitParams defines the Init Parameters properties: cpuCount: type: integer pgaAggregateTarget: type: integer processes: type: integer sgaTarget: type: integer type: object installApex: type: boolean loadBalancer: type: boolean nodeSelector: additionalProperties: type: string type: object pdbName: type: string persistence: description: SingleInstanceDatabasePersistence defines the storage size and class for PVC properties: accessMode: enum: - ReadWriteOnce - ReadWriteMany type: string size: type: string storageClass: type: string required: - accessMode - size - storageClass type: object readinessCheckPeriod: type: integer replicas: minimum: 1 type: integer sid: description: SID can only have a-z , A-Z, 0-9 . It cant have any special characters pattern: ^[a-zA-Z0-9]+$ type: string required: - adminPassword - image - persistence - replicas type: object status: description: SingleInstanceDatabaseStatus defines the observed state of SingleInstanceDatabase properties: apexInstalled: type: boolean archiveLog: type: string charset: type: string cloneFrom: type: string clusterConnectString: type: string conditions: items: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map connectString: type: string datafilesCreated: type: string datafilesPatched: type: string edition: type: string flashBack: type: string forceLog: type: string initParams: description: SingleInstanceDatabaseInitParams defines the Init Parameters properties: cpuCount: type: integer pgaAggregateTarget: type: integer processes: type: integer sgaTarget: type: integer type: object initPgaSize: type: integer initSgaSize: type: integer nodes: items: type: string type: array oemExpressUrl: type: string ordsReference: type: string pdbConnectString: type: string pdbName: type: string persistence: description: SingleInstanceDatabasePersistence defines the storage size and class for PVC properties: accessMode: enum: - ReadWriteOnce - ReadWriteMany type: string size: type: string storageClass: type: string required: - accessMode - size - storageClass type: object releaseUpdate: type: string replicas: type: integer role: type: string sid: type: string standbyDatabases: additionalProperties: type: string type: object status: type: string required: - persistence - replicas type: object type: object served: true storage: true subresources: scale: specReplicasPath: .spec.replicas statusReplicasPath: .status.replicas status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: oracle-database-operator-leader-election-role namespace: oracle-database-operator-system rules: - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - configmaps/status verbs: - get - update - patch - apiGroups: - "" resources: - events verbs: - create - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null name: oracle-database-operator-manager-role rules: - apiGroups: - "" resources: - configmaps - secrets verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - events - nodes - persistentvolumeclaims - pods - pods/exec - pods/log - services verbs: - create - delete - get - list - patch - update - watch - apiGroups: - '''''' resources: - statefulsets/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - statefulsets verbs: - create - delete - get - list - patch - update - watch - apiGroups: - coordination.k8s.io resources: - leases verbs: - create - get - list - update - apiGroups: - "" resources: - configmaps - events - namespaces - nodes - persistentvolumeclaims - pods - pods/exec - pods/log - secrets - services verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - pods/exec verbs: - create - apiGroups: - database.oracle.com resources: - autonomousdatabases verbs: - create - delete - get - list - patch - update - watch - apiGroups: - database.oracle.com resources: - autonomousdatabases/status verbs: - patch - update - apiGroups: - database.oracle.com resources: - shardingdatabases verbs: - create - delete - get - list - patch - update - watch - apiGroups: - database.oracle.com resources: - shardingdatabases/finalizers verbs: - create - delete - get - patch - update - apiGroups: - database.oracle.com resources: - shardingdatabases/status verbs: - get - patch - update - apiGroups: - database.oracle.com resources: - singleinstancedatabases verbs: - create - delete - get - list - patch - update - watch - apiGroups: - database.oracle.com resources: - singleinstancedatabases/finalizers verbs: - update - apiGroups: - database.oracle.com resources: - singleinstancedatabases/status verbs: - get - patch - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: oracle-database-operator-metrics-reader rules: - nonResourceURLs: - /metrics verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: oracle-database-operator-oracle-database-operator-proxy-role rules: - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: oracle-database-operator-oracle-database-operator-leader-election-rolebinding namespace: oracle-database-operator-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: oracle-database-operator-leader-election-role subjects: - kind: ServiceAccount name: default namespace: oracle-database-operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: oracle-database-operator-oracle-database-operator-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: oracle-database-operator-manager-role subjects: - kind: ServiceAccount name: default namespace: oracle-database-operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: oracle-database-operator-oracle-database-operator-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: proxy-role subjects: - kind: ServiceAccount name: default namespace: oracle-database-operator-system --- apiVersion: v1 kind: Service metadata: labels: control-plane: controller-manager name: oracle-database-operator-controller-manager-metrics-service namespace: oracle-database-operator-system spec: ports: - name: https port: 8443 targetPort: https selector: control-plane: controller-manager --- apiVersion: v1 kind: Service metadata: name: oracle-database-operator-webhook-service namespace: oracle-database-operator-system spec: ports: - port: 443 protocol: TCP targetPort: 9443 selector: control-plane: controller-manager --- apiVersion: apps/v1 kind: Deployment metadata: labels: control-plane: controller-manager name: oracle-database-operator-controller-manager namespace: oracle-database-operator-system spec: replicas: 3 selector: matchLabels: control-plane: controller-manager template: metadata: labels: control-plane: controller-manager spec: containers: - args: - --enable-leader-election command: - /manager image: container-registry.oracle.com/database/operator:0.1.0 imagePullPolicy: Always name: manager ports: - containerPort: 9443 name: webhook-server protocol: TCP resources: limits: cpu: 400m memory: 400Mi requests: cpu: 400m memory: 400Mi volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true imagePullSecrets: - name: container-registry-secret terminationGracePeriodSeconds: 10 volumes: - name: cert secret: defaultMode: 420 secretName: webhook-server-cert --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: oracle-database-operator-serving-cert namespace: oracle-database-operator-system spec: dnsNames: - oracle-database-operator-webhook-service.oracle-database-operator-system.svc - oracle-database-operator-webhook-service.oracle-database-operator-system.svc.cluster.local issuerRef: kind: Issuer name: oracle-database-operator-selfsigned-issuer secretName: webhook-server-cert --- apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: oracle-database-operator-selfsigned-issuer namespace: oracle-database-operator-system spec: selfSigned: {} --- apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert name: oracle-database-operator-mutating-webhook-configuration webhooks: - admissionReviewVersions: - v1 - v1beta1 clientConfig: service: name: oracle-database-operator-webhook-service namespace: oracle-database-operator-system path: /mutate-database-oracle-com-v1alpha1-singleinstancedatabase failurePolicy: Fail name: msingleinstancedatabase.kb.io rules: - apiGroups: - database.oracle.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE resources: - singleinstancedatabases sideEffects: None --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: annotations: cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert name: oracle-database-operator-validating-webhook-configuration webhooks: - admissionReviewVersions: - v1 - v1beta1 clientConfig: service: name: oracle-database-operator-webhook-service namespace: oracle-database-operator-system path: /validate-database-oracle-com-v1alpha1-singleinstancedatabase failurePolicy: Fail name: vsingleinstancedatabase.kb.io rules: - apiGroups: - database.oracle.com apiVersions: - v1alpha1 operations: - CREATE - UPDATE - DELETE resources: - singleinstancedatabases sideEffects: None