Change policy/v1beta1 to policy/v1 and remove PSP

.drone.yml

@@ -151,7 +151,7 @@ steps:
   - gcloud container clusters create $CLUSTER_NAME
       --zone $GOOGLE_CLOUD_ZONE
       --preemptible
-      --cluster-version 1.19
+      --cluster-version 1.21
       --addons=GcePersistentDiskCsiDriver
       --monitoring=NONE
 

build/makelib/kubebuilder-v3.mk

@@ -31,7 +31,7 @@ CONTROLLER_GEN_WEBHOOK_OPTIONS ?= webhook
 CONTROLLER_GEN_OBJECT_OPTIONS ?= object:headerFile=$(BOILERPLATE_FILE)
 CONTROLLER_GEN_PATHS ?= $(foreach t,$(GO_SUBDIRS),paths=./$(t)/...)
 
-KUBEBUILDER_ASSETS_VERSION ?= 1.19.2
+KUBEBUILDER_ASSETS_VERSION ?= 1.21.2
 KUBEBUILDER_ASSETS = $(CACHE_DIR)/kubebuilder/k8s/$(KUBEBUILDER_ASSETS_VERSION)-$(HOSTOS)-$(HOSTARCH)
 export KUBEBUILDER_ASSETS
 

deploy/charts/mysql-cluster/values.yaml

@@ -11,7 +11,7 @@ replicas: 1
 # mysqlVersion: "5.7"
 
 ## MySQL connect credentials, those credentials will be provisioned in the cluster
-rootPassword: ""
+rootPassword: "CHANGE_ME"
 appUser: ""
 appPassword: ""
 appDatabase: ""
@@ -48,7 +48,6 @@ backupCredentials:
   # GCS_STORAGE_CLASS: MULTI_REGIONAL
 
   # HTTP_URL: ?
-
 ## For enabling and configuring pt-kill: https://www.percona.com/doc/percona-toolkit/LATEST/pt-kill.html
 #queryLimits:
 #  maxIdleTime: ...                # pt-kill --idle-time

deploy/charts/mysql-operator/README.md

@@ -3,13 +3,15 @@
 This is the helm chart for [mysql-operator](https://github.com/bitpoke/mysql-operator).
 
 ## TL;DR
+
 ```sh
 ## For Helm v3
 helm repo add bitpoke https://helm-charts.bitpoke.io
 helm install mysql-operator bitpoke/mysql-operator
 ```
 
 ## Configuration
+
 The following table contains the configuration parameters for mysql-operator and default values.
 
 | Parameter                       | Description                                                                                   | Default value                                           |
@@ -36,9 +38,8 @@ The following table contains the configuration parameters for mysql-operator and
 | `podSecurityContext`            | The pod security context. `65532` is the UID/GID for the nonroot user in the official images  | `{runAsNonRoot: true, runAsUser: 65532, runAsGroup: 65532, fsGroup: 65532}` |
 | `securityContext`               | Security context for the MySQL Operator container                                             | `{}`                                                    |
 | `podDisruptionBudget.enabled`   | Specifies whether a PodDisruptionBudget for the MySQL operator StatefulSet should be created. <br /> _NOTE_ it only takes effect if `replicaCount` is greated than 1. | `true` |
-| `podDisruptionBudget.minAvailable`   | ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget | `empty` |
-| `podDisruptionBudget.maxUnavailable` | ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget | `1`     |
-| `podSecurityPolicy.enabled`     | Specified whether a PodSecurityPolicy should be created. PSP are deprecated and this will be removed in the future | `false` |
+| `podDisruptionBudget.minAvailable`   | ref: <https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget> | `empty` |
+| `podDisruptionBudget.maxUnavailable` | ref: <https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget> | `1`     |
 | `nodeSelector`                  | MySQL Operator pod nodeSelector                                                               | `{}`                                                    |
 | `tolerations`                   | MySQL Operator pod tolerations                                                                | `[]`                                                    |
 | `affinity`                      | MySQL Operator pod affinity                                                                   | `{}`                                                    |

deploy/charts/mysql-operator/templates/pdb.yaml

@@ -1,5 +1,5 @@
 {{- if and .Values.podDisruptionBudget.enabled (gt (int64 .Values.replicaCount) 1) }}
-apiVersion: policy/v1beta1
+apiVersion: policy/v1
 kind: PodDisruptionBudget
 metadata:
   name: {{ include "mysql-operator.fullname" . }}

deploy/charts/mysql-operator/values.yaml

@@ -67,12 +67,6 @@ podDisruptionBudget:
   enabled: true
   maxUnavailable: 1
 
-podSecurityPolicy:
-  enabled: false
-  annotations:
-    seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default'
-    seccomp.security.alpha.kubernetes.io/defaultProfileName:  'docker/default'
-
 resources: {}
   # We usually recommend not to specify default resources and to leave this as a conscious
   # choice for the user. This also increases chances charts run on environments with little

pkg/controller/mysqlcluster/internal/syncer/pdb.go

@@ -17,7 +17,7 @@ limitations under the License.
 package mysqlcluster
 
 import (
-	policy "k8s.io/api/policy/v1beta1"
+	policy "k8s.io/api/policy/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/intstr"

pkg/controller/mysqlcluster/mysqlcluster_controller.go

@@ -23,7 +23,7 @@ import (
 	"github.com/presslabs/controller-util/syncer"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
-	policyv1beta1 "k8s.io/api/policy/v1beta1"
+	policyv1 "k8s.io/api/policy/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/client-go/tools/record"
@@ -104,7 +104,7 @@ func add(mgr manager.Manager, r reconcile.Reconciler) error {
 		return err
 	}
 
-	err = c.Watch(&source.Kind{Type: &policyv1beta1.PodDisruptionBudget{}}, &handler.EnqueueRequestForOwner{
+	err = c.Watch(&source.Kind{Type: &policyv1.PodDisruptionBudget{}}, &handler.EnqueueRequestForOwner{
 		IsController: true,
 		OwnerType:    &mysqlv1alpha1.MysqlCluster{},
 	})

pkg/controller/mysqlcluster/mysqlcluster_controller_test.go

@@ -30,7 +30,7 @@ import (
 	"golang.org/x/net/context"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
-	policyv1beta1 "k8s.io/api/policy/v1beta1"
+	policyv1 "k8s.io/api/policy/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/types"
@@ -156,7 +156,7 @@ var _ = Describe("MysqlCluster controller", func() {
 						Namespace: cluster.Namespace,
 					},
 				},
-				&policyv1beta1.PodDisruptionBudget{
+				&policyv1.PodDisruptionBudget{
 					ObjectMeta: metav1.ObjectMeta{
 						Name:      fmt.Sprintf("%s-mysql", name),
 						Namespace: cluster.Namespace,
@@ -212,7 +212,7 @@ var _ = Describe("MysqlCluster controller", func() {
 			Entry("reconciles the master service", "%s-mysql-master", &corev1.Service{}),
 			Entry("reconciles the operator secret", "%s-mysql-operated", &corev1.Secret{}),
 			Entry("reconciles the config map", "%s-mysql", &corev1.ConfigMap{}),
-			Entry("reconciles the pod disruption budget", "%s-mysql", &policyv1beta1.PodDisruptionBudget{}),
+			Entry("reconciles the pod disruption budget", "%s-mysql", &policyv1.PodDisruptionBudget{}),
 		)
 
 		Describe("the reconciler", func() {