Merge branch 'main' into k8spg-416-hba-minor

.github/CODEOWNERS

@@ -1 +1 @@
-/charts/pmm/ @gen1us2k @atymchuk @denisok @spron-in
+/charts/pmm/ @percona/pmm-review-be  @spron-in

.gitignore

@@ -1 +1,2 @@
 .deploy/
+.idea/

charts/pg-db/Chart.yaml

@@ -2,8 +2,8 @@ apiVersion: v2
 name: pg-db
 description: 'A Helm chart to deploy the PostgreSQL database with the Percona Operator for PostgreSQL'
 type: application
-version: 2.2.5
-appVersion: 2.2.0
+version: 2.3.3
+appVersion: 2.3.1
 home: https://docs.percona.com/percona-operator-for-postgresql/2.0/
 maintainers:
   - name: tplavcic

charts/pg-db/templates/NOTES.txt

@@ -31,5 +31,5 @@ To get a PostgreSQL prompt inside your new cluster you can run:
 
 And then connect to a cluster with a temporary Pod:
 
-  $ kubectl run -i --rm --tty percona-client --image=perconalab/percona-distribution-postgresql:15 --restart=Never \
+  $ kubectl run -i --rm --tty percona-client --image=perconalab/percona-distribution-postgresql:16 --restart=Never \
   -- psql $PGBOUNCER_URI

charts/pg-db/templates/cluster.yaml

@@ -100,12 +100,20 @@ spec:
     {{ .Values.expose.annotations | toYaml | indent 6 }}
     labels:
     {{ .Values.expose.labels | toYaml | indent 6 }}
+    {{- if .Values.expose.loadBalancerSourceRanges }}
+    loadBalancerSourceRanges:
+      {{ .Values.expose.loadBalancerSourceRanges | toYaml | indent 6 }}
+    {{- end }}
   {{- end }}
 
   instances:
   {{- range $instance := .Values.instances }}
     - name: {{ $instance.name }}
       replicas: {{ $instance.replicas }}
+      {{- if $instance.affinity }}
+      affinity:
+{{ $instance.affinity | toYaml | indent 8 }}
+      {{- end }}
       {{- if $instance.resources }}
       resources:
         limits:
@@ -184,6 +192,10 @@ spec:
         {{ .Values.proxy.pgBouncer.expose.annotations | toYaml | indent 10 }}
         labels:
         {{.Values.proxy.pgBouncer.expose.labels | toYaml | indent 10 }}
+        {{- if .Values.expose.loadBalancerSourceRanges }}
+        loadBalancerSourceRanges:
+          {{ .Values.expose.loadBalancerSourceRanges | toYaml | indent 10 }}
+        {{- end }}
       {{- end }}
       {{- if .Values.proxy.pgBouncer.sidecars }}
       sidecars:
@@ -215,14 +227,7 @@ spec:
       {{- end }}
       {{- if .Values.proxy.pgBouncer.affinity }}
       affinity:
-        podAntiAffinity:
-          preferredDuringSchedulingIgnoredDuringExecution:
-          - weight: {{ .Values.proxy.pgBouncer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.weight }}
-            podAffinityTerm:
-              labelSelector:
-                matchLabels:
-{{ .Values.proxy.pgBouncer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchLabels | toYaml | indent 18 }}
-              topologyKey: {{ .Values.proxy.pgBouncer.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.topologyKey }}
+{{ .Values.proxy.pgBouncer.affinity | toYaml | indent 8 }}
       {{- end }}
       {{- if .Values.proxy.pgBouncer.tolerations }}
       tolerations:
@@ -281,14 +286,7 @@ spec:
         {{- end }}
         {{- if .Values.backups.pgbackrest.repoHost.affinity }}
         affinity:
-          podAntiAffinity:
-            preferredDuringSchedulingIgnoredDuringExecution:
-            - weight: {{ .Values.backups.pgbackrest.repoHost.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.weight }}
-              podAffinityTerm:
-                labelSelector:
-                  matchLabels:
-{{ .Values.backups.pgbackrest.repoHost.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.labelSelector.matchLabels | toYaml | indent 18 }}
-                topologyKey: {{ .Values.backups.pgbackrest.repoHost.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution.podAffinityTerm.topologyKey }}
+{{ .Values.backups.pgbackrest.repoHost.affinity | toYaml | indent 10 }}
         {{- end }}
       {{- end }}
       manual:
@@ -325,7 +323,6 @@ spec:
       {{- end }}
       {{- end }}
 
-
 {{- if .Values.patroni }}
   patroni:
     dynamicConfiguration:
@@ -337,3 +334,37 @@ spec:
         - {{ $pg_hba_entry }} 
         {{- end }}
 {{- end }}
+
+{{- if .Values.extensions }}
+  extensions:
+    {{- if .Values.extensions.image }}
+    image: {{ .Values.extensions.image }}
+    {{- end }}
+    {{- if .Values.extensions.imagePullPolicy }}
+    imagePullPolicy: {{ .Values.extensions.imagePullPolicy }}
+    {{- end }}
+    {{- if .Values.extensions.storage }}
+    storage:
+      {{- if .Values.extensions.storage.type }}
+      type: {{ .Values.extensions.storage.type }}
+      {{- end }}
+      {{- if .Values.extensions.storage.bucket }}
+      bucket: {{ .Values.extensions.storage.bucket }}
+      {{- end }}
+      {{- if .Values.extensions.storage.region }}
+      region: {{ .Values.extensions.storage.region }}
+      {{- end }}
+      {{- if .Values.extensions.storage.secret.name }}
+      secret:
+        name: {{ .Values.extensions.storage.secret.name }}
+      {{- end }}
+    {{- end }}
+    {{- if .Values.extensions.builtin }}
+    builtin:
+{{ .Values.extensions.builtin | toYaml | indent 6 }}
+    {{- end }}
+    {{- if .Values.extensions.custom }}
+    custom:
+{{ .Values.extensions.custom | toYaml | indent 6 }}
+    {{- end }}
+{{- end }}

charts/pg-db/values.yaml

@@ -8,11 +8,11 @@ finalizers:
 # Set this if you want that operator deletes the ssl objects on cluster deletion
 #  - percona.com/delete-ssl
 
-crVersion: 2.2.0
-repository: percona/percona-postgresql-operator
+crVersion: 2.3.1
+repository: registry-1.percona.com/percona/percona-postgresql-operator
 image: ""
 imagePullPolicy: Always
-postgresVersion: 15
+postgresVersion: 16
 # port: 5432
 pause: false
 unmanaged: false
@@ -69,10 +69,23 @@ customReplicationTLSSecret:
 #   labels:
 #     my-label: value2
 #   type: LoadBalancer
+#   loadBalancerSourceRanges:
+#     - 10.0.0.0/8
 
 instances:
 - name: instance1
   replicas: 3
+
+  affinity:
+    podAntiAffinity:
+      preferredDuringSchedulingIgnoredDuringExecution:
+      - weight: 1
+        podAffinityTerm:
+          labelSelector:
+            matchLabels:
+              postgres-operator.crunchydata.com/data: postgres
+          topologyKey: kubernetes.io/hostname
+
 #  resources:
 #    limits:
 #      cpu: 2.0
@@ -130,18 +143,19 @@ proxy:
 #        labels:
 #          my-label: value2
 #        type: LoadBalancer
-#
-#      affinity:
-#        podAntiAffinity:
-#          preferredDuringSchedulingIgnoredDuringExecution:
-#          - weight: 1
-#            podAffinityTerm:
-#              labelSelector:
-#                matchLabels:
-#                  postgres-operator.crunchydata.com/cluster: keycloakdb
-#                  postgres-operator.crunchydata.com/role: pgbouncer
-#              topologyKey: kubernetes.io/hostname
-#
+#        loadBalancerSourceRanges:
+#          - 10.0.0.0/8
+
+    affinity:
+      podAntiAffinity:
+        preferredDuringSchedulingIgnoredDuringExecution:
+        - weight: 1
+          podAffinityTerm:
+            labelSelector:
+              matchLabels:
+                postgres-operator.crunchydata.com/role: pgbouncer
+            topologyKey: kubernetes.io/hostname
+
 #      tolerations:
 #      - effect: NoSchedule
 #        key: role
@@ -196,7 +210,18 @@ backups:
 #      repo2-path: /pgbackrest/postgres-operator/cluster1-multi-repo/repo2
 #      repo3-path: /pgbackrest/postgres-operator/cluster1-multi-repo/repo3
 #      repo4-path: /pgbackrest/postgres-operator/cluster1-multi-repo/repo4
-#    repoHost:
+
+    repoHost:
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - weight: 1
+            podAffinityTerm:
+              labelSelector:
+                matchLabels:
+                  postgres-operator.crunchydata.com/data: pgbackrest
+              topologyKey: kubernetes.io/hostname
+
 #      priorityClassName: high-priority
 #
 #      topologySpreadConstraints:
@@ -206,16 +231,7 @@ backups:
 #        labelSelector:
 #          matchLabels:
 #            postgres-operator.crunchydata.com/pgbackrest: ""
-#      affinity:
-#        podAntiAffinity:
-#          preferredDuringSchedulingIgnoredDuringExecution:
-#           - weight: 1
-#           podAffinityTerm:
-#             labelSelector:
-#             matchLabels:
-#               postgres-operator.crunchydata.com/cluster: keycloakdb
-#               postgres-operator.crunchydata.com/role: pgbouncer
-#             topologyKey: kubernetes.io/hostname
+
     manual:
       repoName: repo1
       options:
@@ -249,7 +265,7 @@ pmm:
   enabled: false
   image:
     repository: percona/pmm-client
-    tag: 2.38.0
+    tag: 2.41.0
 #  imagePullPolicy: IfNotPresent
   secret: cluster1-pmm-secret
   serverHost: monitoring-service
@@ -269,6 +285,22 @@ pmm:
 #       pg_hba:
 #       - host    all mytest 123.123.123.123/32 reject
 
+# extensions:
+#   image: percona/percona-postgresql-operator:2.3.1
+#   imagePullPolicy: Always
+#   storage:
+#     type: s3
+#     bucket: pg-extensions
+#     region: eu-central-1
+#     secret:
+#       name: cluster1-extensions-secret
+#   builtin:
+#     pg_stat_monitor: true
+#     pg_audit: true
+#   custom:
+#   - name: pg_cron
+#     version: 1.6.1
+
 secrets:
   name:
   # replication user password

charts/pg-operator/Chart.yaml

@@ -2,8 +2,8 @@ apiVersion: v2
 name: pg-operator
 description: 'A Helm chart to deploy the Percona Operator for PostgreSQL'
 type: application
-version: 2.2.2
-appVersion: 2.2.0
+version: 2.3.3
+appVersion: 2.3.1
 home: https://docs.percona.com/percona-operator-for-postgresql/2.0/
 maintainers:
   - name: tplavcic

charts/pg-operator/README.md

@@ -26,7 +26,7 @@ To install the chart with the `pg-operator` release name using a dedicated names
 
 ```sh
 helm repo add percona https://percona.github.io/percona-helm-charts/
-helm install my-operator percona/pg-operator --version 2.2.0 --namespace my-namespace --create-namespace
+helm install my-operator percona/pg-operator --version 2.3.1 --namespace my-namespace --create-namespace
 ```
 
 ## Configuration
@@ -35,20 +35,21 @@ Chart.
 
 | Parameter                       | Description                                                             | Default                                          |
 | ------------------------------- | ------------------------------------------------------------------------| -------------------------------------------------|
-| `image`| PG Operator Container image full path| `percona/percona-postgresql-operator:2.2.0` |
-| `imagePullPolicy`| PG Operator Container pull policy| `Always`|
-| `resources`| Resource requests and limits| `{}`|
-| `nodeSelector`| Labels for Pod assignment| `{}`|
-| `disableTelemetry`| Disable sending PXC Operator telemetry data to Percona| `false`|
-| `operatorDebug`| Enable/disable operators' extended log output | `false` |
-| `watchNamespace`| Set this variable if the target cluster namespace differs from operators namespace | `` |
-| `watchAllNamespaces`| K8S Cluster-wide operation | `false` |
+| `image` | PG Operator Container image full path | `percona/percona-postgresql-operator:2.3.1` |
+| `imagePullPolicy` | PG Operator Container pull policy | `Always`|
+| `resources` | Resource requests and limits | `{}` |
+| `nodeSelector` | Labels for Pod assignment | `{}` |
+| `logStructured` | Force PXC operator to print JSON-wrapped log messages | `false` |
+| `logLevel` | PXC Operator logging level | `INFO` |
+| `disableTelemetry` | Disable sending PXC Operator telemetry data to Percona | `false`|
+| `watchNamespace` | Set this variable if the target cluster namespace differs from operators namespace | `` |
+| `watchAllNamespaces` | K8S Cluster-wide operation | `false` |
 
 ## Deploy the database
 To deploy Percona Operator for PostgreSQL cluster with disabled telemetry run the following command:
 
 ```sh
-helm install my-db percona/pg-db --version 2.2.0 --namespace my-namespace
+helm install my-db percona/pg-db --version 2.3.1 --namespace my-namespace
 ```
 
 See more about Percona Operator for PostgreSQL deployment in its chart [here](https://github.com/percona/percona-helm-charts/tree/main/charts/pg-db) or in the [Helm chart installation guide](https://www.percona.com/doc/kubernetes-operator-for-postgresql/helm.html).