(DOCSP-26751) Remove spec.security.tls.secretRef setting from the custom resource types (#1150)

* (DOCSP-26751) Remove spec.security.tls.secretRef setting from the custom resource types

* Fix build warnings, remove refs to very old 1.3 deprecation notes spotted by chance

* Added certsSecretPrefix to examples per review from Raj

Author: JuliaMongo

source/includes/options-k8s-replica-set.yaml

@@ -545,13 +545,6 @@ inherit:
   file: options-k8s-shared.yaml
 ---
 program: k8sRsConf
-name: spec.security.tls.secretRef.prefix
-inherit:
-  name: spec.security.tls.secretRef.prefix
-  program: _shared
-  file: options-k8s-shared.yaml
----
-program: k8sRsConf
 name: spec.security.authentication.modes
 inherit:
   name: spec.security.authentication.modes

source/includes/options-k8s-shared.yaml

@@ -318,14 +318,6 @@ description: |
 
   .. include:: /includes/admonitions/fact-k8s-operator-manages-configmap.rst
 
-  *(Changed in version 1.3)*:
-
-  In prior versions of the |k8s-op|, this setting was
-  ``spec.project``. See the
-  :v1.2:`v1.2 documentation
-  </reference/k8s-operator-specification/#spec.project>`
-  for information on the previous setting name.
-
 ---
 program: _shared
 name: spec.cloudManager.configMapRef.name
@@ -605,27 +597,6 @@ description: |
 
 ---
 program: _shared
-name: spec.security.tls.secretRef.prefix
-type: string
-directive: setting
-optional: true
-description: |
-  Text to prefix to the |k8s| |k8s-secrets| that you
-  created that contain your replica set's or sharded cluster's |tls| 
-  keys and certificates.
-
-  .. note::
-
-     If set, the value of :setting:`spec.security.tls.secretRef.prefix` 
-     overrides the value of :setting:`spec.security.certsSecretPrefix`.
-
-  You must prefix your secrets with ``<prefix>-<metadata.name>``.
-
-  To learn more about naming the secrets that contain your |tls| 
-  certificates, see the topic in :ref:`secure-tls` that applies to your 
-  deployment.
----
-program: _shared
 name: spec.security.certsSecretPrefix
 type: string
 directive: setting
@@ -636,11 +607,6 @@ description: |
   created that contain your replica set's or sharded cluster's |tls| 
   keys and certificates.
 
-  .. note::
-
-     If set, the value of the :setting:`spec.security.tls.secretRef.prefix` 
-     overrides the value of :setting:`spec.security.certsSecretPrefix`.
-
   .. include:: /includes/fact-req-secret-prefix.rst
 
   .. include:: /includes/fact-example-secret-prefix-cluster-file.rst
@@ -1265,14 +1231,6 @@ description: |
      After you enable internal cluster authentication, you can't disable
      it.
 
-  *(Changed in version 1.3)*:
-
-  In prior versions of the |k8s-op|, this setting was
-  ``spec.security.clusterAuthenticationMode``. See the
-  :v1.2:`v1.2 documentation
-  </reference/k8s-operator-specification/#spec.security.clusterAuthenticationMode>`
-  for information on the previous setting name.
-
 ---
 program: _shared
 name: spec.exposedExternally

source/reference/k8s-operator-om-specification.txt

@@ -221,11 +221,6 @@ Optional |onprem| Resource Settings
    created that contains your application database's |tls| key and 
    certificate.
 
-   .. note::
-
-      If set, the value of :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.prefix` 
-      overrides the value of :opsmgrkube:`spec.applicationDatabase.security.certsSecretPrefix`.
-
    You must name your secret ``<prefix>-<metadata.name>-db-cert``.
 
    To learn how to configure your |onprem| instance to run over
@@ -244,29 +239,6 @@ Optional |onprem| Resource Settings
   Encrypts communications using |tls| certificates between |onprem| and
   the application database.
 
-.. opsmgrkube:: spec.applicationDatabase.security.tls.secretRef.prefix
-
-   *Type*: string
-
-   .. important::
-
-      :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.prefix`
-      is deprecated and will be removed in a future release. Use 
-      :opsmgrkube:`spec.applicationDatabase.security.certsSecretPrefix` 
-      instead.
-
-   Text to prefix to the |k8s| |k8s-secret| that contain your application database's |tls| key and 
-   certificate.
-
-   .. note::
-
-      If set, the value of 
-      :opsmgrkube:`spec.applicationDatabase.security.tls.secretRef.prefix`
-      overrides the value of 
-      :opsmgrkube:`spec.applicationDatabase.security.certsSecretPrefix`.
-
-   To learn how to configure your |onprem| instance to run over
-   |https|, see :ref:`deploy-om-container`.
 
 .. opsmgrkube:: spec.backup.enabled
 
@@ -766,6 +738,7 @@ Optional |onprem| Resource Settings
    </tutorials/services/source-ip/>` in the |k8s| documentation.
 
    .. note::
+
       If you select ``Cluster``, the ``Source-IP`` of your clients are
       lost during the network hops that happen at the |k8s|
       network boundary.
@@ -811,12 +784,6 @@ Optional |onprem| Resource Settings
    Text to prefix to the |k8s| |k8s-secret| that you
    created that contain |onprem|\'s |tls| key and certificate.
 
-   .. note::
-
-      If set, the value of 
-      :opsmgrkube:`spec.security.tls.secretRef.prefix` overrides the 
-      value of :opsmgrkube:`spec.security.certsSecretPrefix`.
-
    You must name your secret ``<prefix>-<metadata.name>-cert``.
 
    To learn how to configure your |onprem| instance to run over
@@ -856,28 +823,6 @@ Optional |onprem| Resource Settings
   Encrypts communications using |tls| certificates between clients and 
   |onprem|.
 
-.. opsmgrkube:: spec.security.tls.secretRef.prefix
-
-   .. important::
-
-      :opsmgrkube:`spec.security.tls.secretRef.prefix`
-      is deprecated and will be removed in a future release. Use 
-      :opsmgrkube:`spec.security.certsSecretPrefix` 
-      instead.
-
-   Text to prefix to the |k8s| |k8s-secret| that contains the |onprem| |tls| key and 
-   certificate.
-
-   .. note::
-
-      If set, the value of 
-      :opsmgrkube:`spec.security.tls.secretRef.prefix`
-      overrides the value of 
-      :opsmgrkube:`spec.security.certsSecretPrefix`.
-
-   To learn how to configure your |onprem| instance to run over
-   |https|, see :ref:`deploy-om-container`.
-
 .. opsmgrkube:: spec.statefulSet.spec
 
    *Type*: collection

source/reference/k8s-operator-specification.txt

@@ -347,7 +347,6 @@ cluster resource types:
 .. include:: /includes/option/setting-k8sRsConf-spec.security.tls.enabled.rst
 .. include:: /includes/option/setting-k8sRsConf-spec.security.tls.ca.rst
 .. include:: /includes/option/setting-k8sRsConf-spec.security.certsSecretPrefix.rst
-.. include:: /includes/option/setting-k8sRsConf-spec.security.tls.secretRef.prefix.rst
 .. include:: /includes/option/setting-k8sRsConf-spec.security.tls.additionalCertificateDomains.rst
 .. include:: /includes/option/setting-k8sRsConf-spec.additionalMongodConfig.net.ssl.mode.rst
 .. include:: /includes/option/setting-k8sRsConf-spec.security.authentication.rst

source/reference/k8s/replicasetpodspec.yaml

@@ -5,7 +5,7 @@ metadata:
   name: my-replica-set
 spec:
   members: 3
-  version: "4.2.2-ent"
+  version: "4.4.0-ent"
   service: my-service
   opsManager: # Alias of cloudManager
     configMapRef:
@@ -57,10 +57,9 @@ spec:
                   topologyKey: "mykey"
                 weight: 50
   security:
+    certsSecretPrefix: "prefix"
     tls:
-      enabled: true
-      secretRef:
-        prefix: "prefix"
+      ca: custom-ca
     authentication:
       enabled: true
       modes: ["X509"]

source/reference/k8s/shardedclusterpodspec.yaml

@@ -8,7 +8,7 @@ spec:
   mongodsPerShardCount: 3
   mongosCount: 2
   configServerCount: 3
-  version: "4.2.2-ent"
+  version: "4.4.0-ent"
   service: my-service
   type: ShardedCluster
 
@@ -97,10 +97,9 @@ spec:
         journal:
           commitIntervalMs: 50
   security:
+    certsSecretPrefix: "prefix"
     tls:
-      enabled: true
-      secretRef:
-        prefix: "prefix"
+     ca: custom-ca
     authentication:
       enabled: true
       modes: ["X509"]

source/tutorial/create-project-using-configmap.txt

@@ -29,8 +29,7 @@ apply to your Kubernetes environment.
 Considerations
 --------------
 
-Starting in |k8s-op-full| version 1.3.0, you can only deploy one
-MongoDB resource per project. See :ref:`k8s-deploy-mdb-resources`.
+You can only deploy one MongoDB resource per project. See :ref:`k8s-deploy-mdb-resources`.
 
 .. include:: /includes/admonitions/note-k8s-supported-in-om4.rst