DOCSP-21717: first attempt at removing tls.secretRef.name

Author: jwilliams-mongo

source/includes/admonitions/deprecate-secret-ref-name.rst

@@ -1,6 +1 @@
-You must prefix your secrets with ``<prefix>-<metadata.name>`` if both
-of the following items are true:
-
-- You set :setting:`spec.security.certsSecretPrefix` or 
-  :setting:`spec.security.tls.secretRef.prefix`
-- You omit :setting:`spec.security.tls.secretRef.name`.
+You must prefix your secrets with ``<prefix>-<metadata.name>``.

source/includes/fact-req-secret-prefix.rst

@@ -435,13 +435,6 @@ inherit:
   file: options-k8s-shared.yaml
 ---
 program: k8sRsConf
-name: spec.security.tls.secretRef.name
-inherit:
-  name: spec.security.tls.secretRef.name
-  program: _shared
-  file: options-k8s-shared.yaml
----
-program: k8sRsConf
 name: spec.security.tls.secretRef.prefix
 inherit:
   name: spec.security.tls.secretRef.prefix

source/includes/options-k8s-replica-set.yaml

@@ -478,29 +478,6 @@ directive: setting
 optional: true
 description: |
   Provide the name of the |k8s-configmap| that stores the |certauth|.
----
-program: _shared
-name: spec.security.tls.secretRef.name
-type: string
-directive: setting
-optional: true
-description: |
-  Deprecated. See :setting:`spec.security.certsSecretPrefix`.
-  Text to prefix to the |k8s| |k8s-secrets| that you created that 
-  contain your replica set's or sharded cluster's |tls| keys and 
-  certificates.
-
-  .. note::
-
-     If set, the value of :setting:`spec.security.tls.secretRef.name` 
-     overrides the following values: 
-      
-     - :setting:`spec.security.tls.secretRef.prefix`
-     - :setting:`spec.security.certsSecretPrefix`
-
-  To learn more about naming the secrets that contain your |tls| 
-  certificates, see the topic in :ref:`secure-tls` that applies to your 
-  deployment.
 
 ---
 program: _shared
@@ -515,17 +492,10 @@ description: |
 
   .. note::
 
-     If set, the value of :setting:`spec.security.tls.secretRef.name` 
-     overrides the value of :setting:`spec.security.tls.secretRef.prefix`.
-
      If set, the value of :setting:`spec.security.tls.secretRef.prefix` 
      overrides the value of :setting:`spec.security.certsSecretPrefix`.
 
-  You must prefix your secrets with ``<prefix>-<metadata.name>`` if both
-  of the following items are true:
-
-  - You set :setting:`spec.security.certsSecretPrefix` or :setting:`spec.security.tls.secretRef.prefix`
-  - You omit :setting:`spec.security.tls.secretRef.name`.
+  You must prefix your secrets with ``<prefix>-<metadata.name>``.
 
   To learn more about naming the secrets that contain your |tls| 
   certificates, see the topic in :ref:`secure-tls` that applies to your 
@@ -544,11 +514,8 @@ description: |
 
   .. note::
 
-     If set, the value of the following settings override the value of 
-     :setting:`spec.security.certsSecretPrefix`:
-
-     - :setting:`spec.security.tls.secretRef.name`
-     - :setting:`spec.security.tls.secretRef.prefix`
+     If set, the value of the :setting:`spec.security.tls.secretRef.prefix` 
+     overrides the value of :setting:`spec.security.certsSecretPrefix`.
 
   .. include:: /includes/fact-req-secret-prefix.rst
 

source/includes/options-k8s-shared.yaml

@@ -509,8 +509,6 @@ content: |
         Create this database as a :ref:`replica set
         <deploy-replica-set>`.
 
-     .. include:: /includes/admonitions/deprecate-secret-ref-name.rst
-
      Match the ``metadata.name`` of the resource with the
      :opsmgrkube:`spec.backup.opLogStores.mongodbResourceRef.name`
      that you specified in your |onprem| resource definition.

source/includes/steps-deploy-k8s-opsmgr-http.yaml

@@ -211,21 +211,10 @@ Optional |onprem| Resource Settings
 
    .. note::
 
-      If set, the value of the following settings override the value of 
-      :opsmgrkube:`spec.applicationDatabase.security.certsSecretPrefix`:
+      If set, the value of :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.prefix` 
+      overrides the value of :opsmgrkube:`spec.applicationDatabase.security.certsSecretPrefix`.
 
-      - :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.name`
-      - :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.prefix`
-
-   You must name your secret ``<prefix>-<metadata.name>-db-cert`` if
-   all of the following items are true:
-
-   - You set
-     :opsmgrkube:`spec.applicationDatabase.security.certsSecretPrefix` 
-     or
-     :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.prefix`.
-   - You omit 
-     :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.name`.
+   You must name your secret ``<prefix>-<metadata.name>-db-cert``.
 
    To learn how to configure your |onprem| instance to run over
    |https|, see :ref:`deploy-om-container`.
@@ -259,11 +248,6 @@ Optional |onprem| Resource Settings
 
    .. note::
 
-      If set, the value of 
-      :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.name` 
-      overrides the value of 
-      :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.prefix`.
-
       If set, the value of 
       :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.prefix`
       overrides the value of 
@@ -272,24 +256,6 @@ Optional |onprem| Resource Settings
    To learn how to configure your |onprem| instance to run over
    |https|, see :ref:`deploy-om-container`.
 
-.. opsmgrkube:: spec.applicationDatabase.security.tls.secretRef.name
-
-   .. include:: /includes/admonitions/deprecate-secret-ref-name.rst
-
-   *Type*: string
-
-   Name of the |k8s| |k8s-secret| you created to secure the application
-   database resources.
-
-   .. note::
-
-      If set, the value of 
-      :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.name`
-      overrrides the values of the following settings:
-
-      - :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.prefix`
-      - :opsmgrkube:`spec.applicationDatabase.security.certsSecretPrefix`
-
 .. opsmgrkube:: spec.backup.enabled
 
    *Type*: boolean
@@ -1103,14 +1069,10 @@ Optional |onprem| Resource Settings
    .. note::
 
       If set, the value of 
-      :opsmgrkube:`spec.security.tls.secretRef.name` overrides the 
+      :opsmgrkube:`spec.security.tls.secretRef.prefix` overrides the 
       value of :opsmgrkube:`spec.security.certsSecretPrefix`.
 
-   You must name your secret ``<prefix>-<metadata.name>-cert`` if both
-   of the following items are true:
-
-   - You set :opsmgrkube:`spec.security.certsSecretPrefix`, and
-   - You omit :opsmgrkube:`spec.security.tls.secretRef.name`.
+   You must name your secret ``<prefix>-<metadata.name>-cert``.
 
    To learn how to configure your |onprem| instance to run over
    |https|, see :ref:`deploy-om-container`.
@@ -1136,19 +1098,6 @@ Optional |onprem| Resource Settings
 
    .. include:: /includes/admonitions/warning-concatenate-download-certs.rst
 
-.. opsmgrkube:: spec.security.tls.secretRef.name
-
-   *Type*: string
-
-   .. include:: /includes/admonitions/deprecate-secret-ref-name.rst
-
-   Name of the |k8s| |k8s-secret| you created for your |onprem| |tls|
-   certificate. Used when creating an |onprem| instance which runs
-   over |https|.
-
-   To learn how to configure your |onprem| instance to run over
-   |https|, see :ref:`deploy-om-container`.
-
 .. opsmgrkube:: spec.security.tls.enabled
 
   .. important::
@@ -1175,10 +1124,6 @@ Optional |onprem| Resource Settings
    certificate.
 
    .. note::
-      If set, the value of 
-      :opsmgrkube:`spec.security.tls.secretRef.name` 
-      overrides the value of 
-      :opsmgrkube:`spec.security.tls.secretRef.prefix`.
 
       If set, the value of 
       :opsmgrkube:`spec.security.tls.secretRef.prefix`

source/reference/k8s-operator-om-specification.txt

@@ -213,7 +213,6 @@ cluster resource types:
 .. include:: /includes/option/setting-k8sRsConf-spec.security.tls.ca.rst
 .. include:: /includes/option/setting-k8sRsConf-spec.security.certsSecretPrefix.rst
 .. include:: /includes/option/setting-k8sRsConf-spec.security.tls.secretRef.prefix.rst
-.. include:: /includes/option/setting-k8sRsConf-spec.security.tls.secretRef.name.rst
 .. include:: /includes/option/setting-k8sRsConf-spec.security.tls.additionalCertificateDomains.rst
 .. include:: /includes/option/setting-k8sRsConf-spec.additionalMongodConfig.net.ssl.mode.rst
 .. include:: /includes/option/setting-k8sRsConf-spec.security.authentication.rst

source/reference/k8s-operator-specification.txt

@@ -27,8 +27,6 @@ between:
 This guide instructs you on how to configure the |k8s-op-short| to use
 |tls| for its MongoDB instances.
 
-.. include:: /includes/admonitions/deprecate-secret-ref-name.rst
-
 .. _secure-tls-prerequisites:
 
 General Prerequisites