Changes for ver 1.3.0 (#115)

* Changes for ver 1.3.0

Changes for ver 1.3.0

* updates from review

* updates from review

* updates per Jon's comments

* Updates per review

* Updates per review

* Reordering settings

Author: jeff-allen-mongo

conf.py

@@ -201,6 +201,7 @@
     'dl': ('http://www.mongodb.com/download-center/%s?jmp=docs',''),
     'website': ('https://www.mongodb.com%s?jmp=docs',''),
     'k8sdocs': ('https://kubernetes.io/docs%s', ''),
+    'v1.2': ('https://docs.mongodb.com/kubernetes-operator/v1.2%s', ''),
     'gh' : ('https://github.com%s', '')
 }
 

source/includes/fact-migrate-to-single-resource.rst

@@ -0,0 +1,4 @@
+Starting in |k8s-op-full| version 1.3.0, you can only have one MongoDB
+resource per project. This document explains how to migrate existing
+projects which have multiple MongoDB resources into configurations with
+a single resource per project.

source/includes/fact-one-cluster-per-proj.rst

@@ -0,0 +1,3 @@
+Starting in |k8s-op-full| version 1.3.0, you can only have one MongoDB
+resource per project. To learn how to migrate your project to a
+single-cluster configuration, see :ref:`migrate-single-cluster`.

source/includes/important-unique-names-deployment-items.rst

@@ -52,6 +52,9 @@
           Operator adds additional internal information to Projects
           that it creates.
 
+          If you omit the ``projectName``, the |k8s-op-short| creates
+          a project with the same name as your |k8s| resource.
+
        If you need or want to use an existing Project, you can find
        the ``projectName`` by clicking the :guilabel:`All Clusters`
        link at the top left of the screen, then either search by

source/includes/list-table-configmap-keys-x509.rst

@@ -87,18 +87,6 @@ inherit:
   name: spec.clusterName
   program: _shared
   file: options-k8s-shared.yaml
-
----
-program: k8sRsConf
-name: spec.project
-type: string
-directive: setting
-optional: false
-inherit:
-  name: spec.project
-  program: _shared
-  file: options-k8s-shared.yaml
-
 ---
 program: k8sRsConf
 name: spec.credentials
@@ -323,23 +311,45 @@ inherit:
   file: options-k8s-shared.yaml
 ---
 program: k8sRsConf
+name: spec.security.authentication.internalCluster
+inherit:
+  name: spec.security.authentication.internalCluster
+  program: _shared
+  file: options-k8s-shared.yaml
+---
+program: k8sRsConf
+name: spec.security.authentication.enabled
+inherit:
+  name: spec.security.authentication.enabled
+  program: _shared
+  file: options-k8s-shared.yaml
+---
+program: k8sRsConf
 name: spec.security.tls.enabled
 inherit:
   name: spec.security.tls.enabled
   program: _shared
   file: options-k8s-shared.yaml
 ---
 program: k8sRsConf
+name: spec.security.authentication.modes
+inherit:
+  name: spec.security.authentication.modes
+  program: _shared
+  file: options-k8s-shared.yaml
+---
+program: k8sRsConf
 name: spec.additionalMongodConfig.net.ssl.mode
 inherit:
   name: spec.additionalMongodConfig.net.ssl.mode
   program: _shared
   file: options-k8s-shared.yaml
 ---
 program: k8sRsConf
-name: spec.security.clusterAuthenticationMode
+name: spec.security.authentication.internalCluster
 inherit:
-  name: spec.security.clusterAuthenticationMode
+  name: spec.security.authentication.internalCluster
   program: _shared
   file: options-k8s-shared.yaml
+
 ...

source/includes/list-table-configmap-keys.rst

@@ -108,13 +108,13 @@ description: |
 
 ---
 program: _shared
-name: spec.project
+name: spec.opsManager.configMapRef.name
 type: string
 directive: setting
-optional: false
 description: |
-  *Required.* Name of the |k8s-configmap| with the |com| connection
-  configuration.
+  Name of the |k8s-configmap| with the |com| connection
+  configuration. The :setting:`spec.cloudManager.configMapRef.name`
+  setting is an alias for this setting and can be used in its place.
 
   .. admonition:: Value must match namespace and name of ConfigMap
      :class: note
@@ -131,6 +131,22 @@ description: |
 
   .. include:: /includes/k8s/fact-k8s-operator-manages-configmap.rst
 
+  *(Changed in version 1.3)*:
+
+  In prior versions of the |k8s-op|, this setting was
+  ``spec.project``. See the
+  :v1.2:`v1.2 documentation
+  </reference/k8s-operator-specification/#spec.project>`
+  for information on the previous setting name.
+
+---
+program: _shared
+name: spec.cloudManager.configMapRef.name
+type: string
+directive: setting
+optional: false
+description: |
+  Alias for :setting:`spec.opsManager.configMapRef.name`.
 ---
 program: _shared
 name: spec.credentials
@@ -481,6 +497,26 @@ description: |
   :setting:`spec.additionalMongodConfig.net.ssl.mode`.
 ---
 program: _shared
+name: spec.security.authentication.modes
+type: array
+directive: setting
+optional: true
+description: |
+  Set to ``["X509"]`` to enable
+  :ref:`X.509 internal cluster authentication
+  <x509-internal-authentication>` for the |com| project.
+---
+program: _shared
+name: spec.security.authentication.enabled
+type: boolean
+directive: setting
+optional: true
+default: "``false``"
+description: |
+  Specifies whether x.509 authentication is enabled on the |com|
+  project.
+---
+program: _shared
 name: spec.additionalMongodConfig.net.ssl.mode
 type: string
 directive: setting
@@ -491,25 +527,30 @@ description: |
   The following are valid options:
 
   .. include:: /includes/list-table-requiressl-modes.rst
-
 ---
 program: _shared
-name: spec.security.clusterAuthenticationMode
+name: spec.security.authentication.internalCluster
 type: string
 directive: setting
 optional: true
 description: |
-
-  Set to ``x509`` to enable
-  :ref:`X.509 internal cluster authentication <x509-internal-authentication>`.
-  Requires |tls| on the resource by setting
-  :setting:`spec.security.tls.enabled` to ``true``.
+  Set to ``X509`` to enable :ref:`X.509 internal cluster authentication
+  <x509-internal-authentication>`. Requires |tls| on the resource by
+  setting :setting:`spec.security.tls.enabled` to ``true``.
 
   .. important::
 
      Once internal cluster authentication is enabled, it can not be
      disabled.
 
+  *(Changed in version 1.3)*:
+
+  In prior versions of the |k8s-op|, this setting was
+  ``spec.security.clusterAuthenticationMode``. See the
+  :v1.2:`v1.2 documentation
+  </reference/k8s-operator-specification/#spec.security.clusterAuthenticationMode>`
+  for information on the previous setting name.
+
 ---
 program: _shared
 name: spec.exposedExternally

source/includes/options-k8s-replica-set.yaml

@@ -114,18 +114,6 @@ inherit:
   name: spec.clusterName
   program: _shared
   file: options-k8s-shared.yaml
-
----
-program: k8sScConf
-name: spec.project
-type: string
-directive: setting
-optional: false
-inherit:
-  name: spec.project
-  program: _shared
-  file: options-k8s-shared.yaml
-
 ---
 program: k8sScConf
 name: spec.credentials
@@ -638,4 +626,3 @@ inherit:
   file: options-k8s-shared.yaml
 
 ...
-

source/includes/options-k8s-shared.yaml

@@ -104,15 +104,24 @@ inherit:
 
 ---
 program: k8sSaConf
-name: spec.project
+name: spec.opsManager.configMapRef.name
 type: string
 directive: setting
 optional: false
 inherit:
-  name: spec.project
+  name: spec.opsManager.configMapRef.name
+  program: _shared
+  file: options-k8s-shared.yaml
+---
+program: k8sSaConf
+name: spec.cloudManager.configMapRef.name
+type: string
+directive: setting
+optional: false
+inherit:
+  name: spec.cloudManager.configMapRef.name
   program: _shared
   file: options-k8s-shared.yaml
-
 ---
 program: k8sSaConf
 name: spec.credentials

source/includes/options-k8s-shared_cluster.yaml

@@ -48,29 +48,37 @@ content: |
           The username must comply with the
           `RFC 2253 <https://tools.ietf.org/html/rfc2253>`__
           LDAPv3 Distinguished Name standard.
-       
+
        To get the subject line of the X.509 certificate, run the
        following command:
 
        .. code-block:: sh
 
           openssl x509 -noout \
             -subject -in <my-cert.pem> \
-            -nameopt RFC2253 
+            -nameopt RFC2253
 
      - ``CN=mms-user,U=My Organizational Unit,O=My Org,L=New York,ST=New York,C=US``
 
-   * - ``spec.project``
+   * - ``spec.opsManager.configMapRef.name``
      - string
      - The name of the project containing the MongoDB database
-       where user will be added.
+       where user will be added. The
+       :setting:`spec.cloudManager.configMapRef.name` setting is an
+       alias for this setting and can be used in its place.
      - ``my-project``
 
    * - ``spec.roles.db``
      - string
      - The database the :ref:`role <roles>` can act on.
      - ``admin``
 
+   * - ``spec.mongodbResourceRef.name``
+     - string
+     - The name of the :ref:`MongoDB resource <deploy-resources>` to
+       which this user is associated.
+     - ``my-resource``
+
    * - ``spec.roles.name``
      - string
      - The name of the :ref:`role <roles>` to grant the database

source/includes/options-k8s-standalone.yaml

@@ -18,14 +18,15 @@ content: |
      spec:
        username: "CN=my-x509-authenticated-user, OU=organizationalunit, O=organization"
        db: "$external"
-       project: my-project
+       mongodbResourceRef:
+         name: '<name of the MongoDB resource>'
        roles:
          - db: "admin"
            name: "clusterAdmin"
 
   This ConfigMap ``.yaml`` file describes a ``MongoDBUser`` custom object. You
   can use these custom objects to create MongoDB users.
-  
+
   In this example, the ConfigMap describes the user as an X.509
   user that the client can use to connect to MongoDB with the
   corresponding X.509 certificate.
@@ -77,7 +78,7 @@ content: |
   deployment using the mongo Shell:
 
   .. tabs::
-  
+
      .. tab:: MongoDB 4.2
         :tabid: mdb-4-2