feat: conditional database (#29)

src/main/java/org/trustify/operator/Constants.java

@@ -43,6 +43,7 @@ public class Constants {
     public static final String DB_SECRET_USERNAME = "username";
     public static final String DB_SECRET_PASSWORD = "password";
     public static final String DB_NAME = "trustify";
+    public static final Integer DB_PORT= 5432;
 
     public static final String POSTGRESQL_PVC_SIZE = "10G";
 

src/main/java/org/trustify/operator/cdrs/v2alpha1/TrustifySpec.java

@@ -3,6 +3,7 @@
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.fasterxml.jackson.annotation.JsonPropertyDescription;
 import io.fabric8.kubernetes.api.model.LocalObjectReference;
+import io.fabric8.kubernetes.api.model.SecretKeySelector;
 
 import java.util.List;
 
@@ -50,12 +51,29 @@ public TrustifySpec() {
     }
 
     public record DatabaseSpec(
-            @JsonPropertyDescription("Size of the PVC to create.")
-            String size,
+            @JsonPropertyDescription("Use external database.")
+            boolean externalDatabase,
 
-            @JsonProperty("resourceLimits")
-            @JsonPropertyDescription("In this section you can configure resource limits settings.")
-            ResourcesLimitSpec resourceLimitSpec
+            @JsonPropertyDescription("Size of the PVC to create. Valid only if externalDatabase=false")
+            String pvcSize,
+
+            @JsonPropertyDescription("In this section you can configure resource limits settings. Valid only if externalDatabase=false")
+            ResourcesLimitSpec resourceLimits,
+
+            @JsonPropertyDescription("The reference to a secret holding the username of the database user.")
+            SecretKeySelector usernameSecret,
+
+            @JsonPropertyDescription("The reference to a secret holding the password of the database user.")
+            SecretKeySelector passwordSecret,
+
+            @JsonPropertyDescription("The host of the database.")
+            String host,
+
+            @JsonPropertyDescription("The port of the database.")
+            String port,
+
+            @JsonPropertyDescription("The database name.")
+            String name
     ) {
     }
 

src/main/java/org/trustify/operator/cdrs/v2alpha1/db/DBActivationCondition.java

@@ -0,0 +1,16 @@
+package org.trustify.operator.cdrs.v2alpha1.db;
+
+import org.trustify.operator.cdrs.v2alpha1.Trustify;
+import org.trustify.operator.cdrs.v2alpha1.TrustifySpec;
+
+import java.util.Optional;
+
+public abstract class DBActivationCondition {
+
+    protected boolean isMet(Trustify cr) {
+        return !Optional.ofNullable(cr.getSpec().databaseSpec())
+                .map(TrustifySpec.DatabaseSpec::externalDatabase)
+                .orElse(false);
+    }
+
+}

src/main/java/org/trustify/operator/cdrs/v2alpha1/db/DBDeployment.java

@@ -28,7 +28,7 @@
 public class DBDeployment extends CRUDKubernetesDependentResource<Deployment, Trustify>
         implements Matcher<Deployment, Trustify>, Condition<Deployment, Trustify> {
 
-    public static final String LABEL_SELECTOR="app.kubernetes.io/managed-by=trustify-operator,component=db";
+    public static final String LABEL_SELECTOR = "app.kubernetes.io/managed-by=trustify-operator,component=db";
 
     @Inject
     Config config;
@@ -98,7 +98,7 @@ private DeploymentSpec getDeploymentSpec(Trustify cr, Context<Trustify> context)
         String image = Optional.ofNullable(cr.getSpec().dbImage()).orElse(config.dbImage());
         String imagePullPolicy = Optional.ofNullable(cr.getSpec().imagePullPolicy()).orElse(config.imagePullPolicy());
 
-        TrustifySpec.ResourcesLimitSpec resourcesLimitSpec = CRDUtils.getValueFromSubSpec(cr.getSpec().databaseSpec(), TrustifySpec.DatabaseSpec::resourceLimitSpec)
+        TrustifySpec.ResourcesLimitSpec resourcesLimitSpec = CRDUtils.getValueFromSubSpec(cr.getSpec().databaseSpec(), TrustifySpec.DatabaseSpec::resourceLimits)
                 .orElse(null);
 
         return new DeploymentSpecBuilder()
@@ -130,7 +130,7 @@ private DeploymentSpec getDeploymentSpec(Trustify cr, Context<Trustify> context)
                                         .withPorts(new ContainerPortBuilder()
                                                 .withName("tcp")
                                                 .withProtocol(Constants.SERVICE_PROTOCOL)
-                                                .withContainerPort(5432)
+                                                .withContainerPort(getDatabasePort(cr))
                                                 .build()
                                         )
                                         .withLivenessProbe(new ProbeBuilder()
@@ -194,33 +194,70 @@ private List<EnvVar> getEnvVars(Trustify cr) {
         return Arrays.asList(
                 new EnvVarBuilder()
                         .withName("POSTGRESQL_USER")
-                        .withNewValueFrom()
-                        .withNewSecretKeyRef()
-                        .withName(DBSecret.getSecretName(cr))
-                        .withKey(Constants.DB_SECRET_USERNAME)
-                        .withOptional(false)
-                        .endSecretKeyRef()
-                        .endValueFrom()
+                        .withValueFrom(new EnvVarSourceBuilder()
+                                .withSecretKeyRef(getUsernameSecretKeySelector(cr))
+                                .build()
+                        )
                         .build(),
                 new EnvVarBuilder()
                         .withName("POSTGRESQL_PASSWORD")
-                        .withNewValueFrom()
-                        .withNewSecretKeyRef()
-                        .withName(DBSecret.getSecretName(cr))
-                        .withKey(Constants.DB_SECRET_PASSWORD)
-                        .withOptional(false)
-                        .endSecretKeyRef()
-                        .endValueFrom()
+                        .withValueFrom(new EnvVarSourceBuilder()
+                                .withSecretKeyRef(getPasswordSecretKeySelector(cr))
+                                .build()
+                        )
                         .build(),
-
-        new EnvVarBuilder()
+                new EnvVarBuilder()
                         .withName("POSTGRESQL_DATABASE")
-                        .withValue(Constants.DB_NAME)
+                        .withValue(getDatabaseName(cr))
                         .build()
         );
     }
 
     public static String getDeploymentName(Trustify cr) {
         return cr.getMetadata().getName() + Constants.DB_DEPLOYMENT_SUFFIX;
     }
+
+    public static SecretKeySelector getUsernameSecretKeySelector(Trustify cr) {
+        return Optional.ofNullable(cr.getSpec().databaseSpec())
+                .map(TrustifySpec.DatabaseSpec::usernameSecret)
+                .map(secret -> new SecretKeySelectorBuilder()
+                        .withName(secret.getName())
+                        .withKey(secret.getKey())
+                        .withOptional(false)
+                        .build()
+                )
+                .orElseGet(() -> new SecretKeySelectorBuilder()
+                        .withName(DBSecret.getSecretName(cr))
+                        .withKey(Constants.DB_SECRET_USERNAME)
+                        .withOptional(false)
+                        .build()
+                );
+    }
+
+    public static SecretKeySelector getPasswordSecretKeySelector(Trustify cr) {
+        return Optional.ofNullable(cr.getSpec().databaseSpec())
+                .map(TrustifySpec.DatabaseSpec::passwordSecret)
+                .map(secret -> new SecretKeySelectorBuilder()
+                        .withName(secret.getName())
+                        .withKey(secret.getKey())
+                        .withOptional(false)
+                        .build()
+                )
+                .orElseGet(() -> new SecretKeySelectorBuilder()
+                        .withName(DBSecret.getSecretName(cr))
+                        .withKey(Constants.DB_SECRET_PASSWORD)
+                        .withOptional(false)
+                        .build()
+                );
+    }
+
+    public static String getDatabaseName(Trustify cr) {
+        return Optional.ofNullable(cr.getSpec().databaseSpec())
+                .map(TrustifySpec.DatabaseSpec::name)
+                .orElse(Constants.DB_NAME);
+    }
+
+    public static Integer getDatabasePort(Trustify cr) {
+        return Constants.DB_PORT;
+    }
 }

src/main/java/org/trustify/operator/cdrs/v2alpha1/db/DBDeploymentActivationCondition.java

@@ -0,0 +1,18 @@
+package org.trustify.operator.cdrs.v2alpha1.db;
+
+import io.fabric8.kubernetes.api.model.apps.Deployment;
+import io.javaoperatorsdk.operator.api.reconciler.Context;
+import io.javaoperatorsdk.operator.api.reconciler.dependent.DependentResource;
+import io.javaoperatorsdk.operator.processing.dependent.workflow.Condition;
+import jakarta.enterprise.context.ApplicationScoped;
+import org.trustify.operator.cdrs.v2alpha1.Trustify;
+
+@ApplicationScoped
+public class DBDeploymentActivationCondition extends DBActivationCondition implements Condition<Deployment, Trustify> {
+
+    @Override
+    public boolean isMet(DependentResource<Deployment, Trustify> resource, Trustify cr, Context<Trustify> context) {
+        return super.isMet(cr);
+    }
+
+}

src/main/java/org/trustify/operator/cdrs/v2alpha1/db/DBDeploymentDiscriminator.java

@@ -14,7 +14,7 @@ public class DBDeploymentDiscriminator implements ResourceDiscriminator<Deployme
     public Optional<Deployment> distinguish(Class<Deployment> resource, Trustify cr, Context<Trustify> context) {
         String deploymentName = DBDeployment.getDeploymentName(cr);
         ResourceID resourceID = new ResourceID(deploymentName, cr.getMetadata().getNamespace());
-        var informerEventSource = (InformerEventSource<Deployment, Trustify>) context.eventSourceRetriever().getResourceEventSourceFor(Deployment.class);
+        var informerEventSource = (InformerEventSource<Deployment, Trustify>) context.eventSourceRetriever().getResourceEventSourceFor(Deployment.class, "db-deployment");
         return informerEventSource.get(resourceID);
     }
 }

src/main/java/org/trustify/operator/cdrs/v2alpha1/db/DBPersistentVolumeClaim.java

@@ -35,7 +35,7 @@ private PersistentVolumeClaim newPersistentVolumeClaim(Trustify cr, Context<Trus
         final var labels = (Map<String, String>) context.managedDependentResourceContext()
                 .getMandatory(Constants.CONTEXT_LABELS_KEY, Map.class);
 
-        String pvcStorageSize = CRDUtils.getValueFromSubSpec(cr.getSpec().databaseSpec(), TrustifySpec.DatabaseSpec::size)
+        String pvcStorageSize = CRDUtils.getValueFromSubSpec(cr.getSpec().databaseSpec(), TrustifySpec.DatabaseSpec::pvcSize)
                 .orElse(Constants.POSTGRESQL_PVC_SIZE);
 
         return new PersistentVolumeClaimBuilder()

src/main/java/org/trustify/operator/cdrs/v2alpha1/db/DBPersistentVolumeClaimActivationCondition.java

@@ -0,0 +1,18 @@
+package org.trustify.operator.cdrs.v2alpha1.db;
+
+import io.fabric8.kubernetes.api.model.PersistentVolumeClaim;
+import io.javaoperatorsdk.operator.api.reconciler.Context;
+import io.javaoperatorsdk.operator.api.reconciler.dependent.DependentResource;
+import io.javaoperatorsdk.operator.processing.dependent.workflow.Condition;
+import jakarta.enterprise.context.ApplicationScoped;
+import org.trustify.operator.cdrs.v2alpha1.Trustify;
+
+@ApplicationScoped
+public class DBPersistentVolumeClaimActivationCondition extends DBActivationCondition implements Condition<PersistentVolumeClaim, Trustify> {
+
+    @Override
+    public boolean isMet(DependentResource<PersistentVolumeClaim, Trustify> resource, Trustify cr, Context<Trustify> context) {
+        return super.isMet(cr);
+    }
+
+}

src/main/java/org/trustify/operator/cdrs/v2alpha1/db/DBSecretActivationCondition.java

@@ -0,0 +1,26 @@
+package org.trustify.operator.cdrs.v2alpha1.db;
+
+import io.fabric8.kubernetes.api.model.Secret;
+import io.javaoperatorsdk.operator.api.reconciler.Context;
+import io.javaoperatorsdk.operator.api.reconciler.dependent.DependentResource;
+import io.javaoperatorsdk.operator.processing.dependent.workflow.Condition;
+import jakarta.enterprise.context.ApplicationScoped;
+import org.trustify.operator.cdrs.v2alpha1.Trustify;
+
+import java.util.Optional;
+
+@ApplicationScoped
+public class DBSecretActivationCondition extends DBActivationCondition implements Condition<Secret, Trustify> {
+
+    @Override
+    public boolean isMet(DependentResource<Secret, Trustify> resource, Trustify cr, Context<Trustify> context) {
+        boolean databaseRequired = super.isMet(cr);
+
+        boolean manualSecretIsNotSet = Optional.ofNullable(cr.getSpec().databaseSpec())
+                .map(databaseSpec -> databaseSpec.usernameSecret() == null || databaseSpec.passwordSecret() == null)
+                .orElse(true);
+
+        return databaseRequired && manualSecretIsNotSet;
+    }
+
+}

src/main/java/org/trustify/operator/cdrs/v2alpha1/db/DBService.java

@@ -49,7 +49,7 @@ private Service newService(Trustify cr, Context<Trustify> context) {
     private ServiceSpec getServiceSpec(Trustify cr) {
         return new ServiceSpecBuilder()
                 .addNewPort()
-                .withPort(5432)
+                .withPort(DBDeployment.getDatabasePort(cr))
                 .withProtocol(Constants.SERVICE_PROTOCOL)
                 .endPort()
                 .withSelector(Constants.DB_SELECTOR_LABELS)
@@ -61,13 +61,4 @@ public static String getServiceName(Trustify cr) {
         return cr.getMetadata().getName() + Constants.DB_SERVICE_SUFFIX;
     }
 
-    public static String getJdbcUrl(Trustify cr) {
-        return String.format(
-                "jdbc:postgresql://%s:%s/%s",
-                cr.getMetadata().getName() + Constants.DB_SERVICE_SUFFIX,
-                5432,
-                Constants.DB_NAME
-        );
-    }
-
 }

src/main/java/org/trustify/operator/cdrs/v2alpha1/db/DBServiceActivationCondition.java

@@ -0,0 +1,18 @@
+package org.trustify.operator.cdrs.v2alpha1.db;
+
+import io.fabric8.kubernetes.api.model.Service;
+import io.javaoperatorsdk.operator.api.reconciler.Context;
+import io.javaoperatorsdk.operator.api.reconciler.dependent.DependentResource;
+import io.javaoperatorsdk.operator.processing.dependent.workflow.Condition;
+import jakarta.enterprise.context.ApplicationScoped;
+import org.trustify.operator.cdrs.v2alpha1.Trustify;
+
+@ApplicationScoped
+public class DBServiceActivationCondition extends DBActivationCondition implements Condition<Service, Trustify> {
+
+    @Override
+    public boolean isMet(DependentResource<Service, Trustify> resource, Trustify cr, Context<Trustify> context) {
+        return super.isMet(cr);
+    }
+
+}

src/main/java/org/trustify/operator/cdrs/v2alpha1/db/DBServiceDiscriminator.java

@@ -14,7 +14,7 @@ public class DBServiceDiscriminator implements ResourceDiscriminator<Service, Tr
     public Optional<Service> distinguish(Class<Service> resource, Trustify cr, Context<Trustify> context) {
         String serviceName = DBService.getServiceName(cr);
         ResourceID resourceID = new ResourceID(serviceName, cr.getMetadata().getNamespace());
-        var informerEventSource = (InformerEventSource<Service, Trustify>) context.eventSourceRetriever().getResourceEventSourceFor(Service.class);
+        var informerEventSource = (InformerEventSource<Service, Trustify>) context.eventSourceRetriever().getResourceEventSourceFor(Service.class, "db-service");
         return informerEventSource.get(resourceID);
     }
 }

src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerDeploymentDiscriminator.java

@@ -6,6 +6,7 @@
 import io.javaoperatorsdk.operator.processing.event.ResourceID;
 import io.javaoperatorsdk.operator.processing.event.source.informer.InformerEventSource;
 import org.trustify.operator.cdrs.v2alpha1.Trustify;
+import org.trustify.operator.controllers.TrustifyReconciler;
 
 import java.util.Optional;
 
@@ -14,7 +15,7 @@ public class ServerDeploymentDiscriminator implements ResourceDiscriminator<Depl
     public Optional<Deployment> distinguish(Class<Deployment> resource, Trustify cr, Context<Trustify> context) {
         String deploymentName = ServerDeployment.getDeploymentName(cr);
         ResourceID resourceID = new ResourceID(deploymentName, cr.getMetadata().getNamespace());
-        var informerEventSource = (InformerEventSource<Deployment, Trustify>) context.eventSourceRetriever().getResourceEventSourceFor(Deployment.class);
+        var informerEventSource = (InformerEventSource<Deployment, Trustify>) context.eventSourceRetriever().getResourceEventSourceFor(Deployment.class, TrustifyReconciler.SERVER_DEPLOYMENT_EVENT_SOURCE);
         return informerEventSource.get(resourceID);
     }
 }

src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerServiceDiscriminator.java

@@ -6,6 +6,7 @@
 import io.javaoperatorsdk.operator.processing.event.ResourceID;
 import io.javaoperatorsdk.operator.processing.event.source.informer.InformerEventSource;
 import org.trustify.operator.cdrs.v2alpha1.Trustify;
+import org.trustify.operator.controllers.TrustifyReconciler;
 
 import java.util.Optional;
 
@@ -14,7 +15,7 @@ public class ServerServiceDiscriminator implements ResourceDiscriminator<Service
     public Optional<Service> distinguish(Class<Service> resource, Trustify cr, Context<Trustify> context) {
         String serviceName = ServerService.getServiceName(cr);
         ResourceID resourceID = new ResourceID(serviceName, cr.getMetadata().getNamespace());
-        var informerEventSource = (InformerEventSource<Service, Trustify>) context.eventSourceRetriever().getResourceEventSourceFor(Service.class);
+        var informerEventSource = (InformerEventSource<Service, Trustify>) context.eventSourceRetriever().getResourceEventSourceFor(Service.class, TrustifyReconciler.SERVER_SERVICE_EVENT_SOURCE);
         return informerEventSource.get(resourceID);
     }
 }