Integrate Atlas Operator with Openshift Database Access

Author: Jianrong Zhang

Dockerfile

@@ -5,6 +5,9 @@ WORKDIR /workspace
 # Copy the Go Modules manifests
 COPY go.mod go.mod
 COPY go.sum go.sum
+# Copy DBaaSProvider config
+COPY config/dbaasprovider/dbaas_provider.yaml dbaas_provider.yaml
+
 # cache deps before building and copying source so that we don't need to re-download as much
 # and so that source changes don't invalidate our downloaded layer
 RUN go mod download
@@ -55,6 +58,7 @@ LABEL name="MongoDB Atlas Operator" \
 WORKDIR /
 COPY --from=builder /workspace/bin/manager .
 COPY hack/licenses licenses
+COPY --from=builder /workspace/dbaas_provider.yaml .
 
 USER 1001:0
 ENTRYPOINT ["/manager"]

PROJECT

@@ -1,6 +1,6 @@
 domain: mongodb.com
 layout:
-- go.kubebuilder.io/v2
+- go.kubebuilder.io/v3
 plugins:
   manifests.sdk.operatorframework.io/v2: {}
   scorecard.sdk.operatorframework.io/v2: {}
@@ -15,7 +15,33 @@ resources:
   group: atlas
   kind: AtlasDeployment
   path: github.com/mongodb/mongodb-atlas-kubernetes/api/v1
-  version: v1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: redhat.com
+  group: dbaas
+  kind: MongoDBAtlasConnection
+  path: github.com/mongodb/mongodb-atlas-kubernetes/pkg/api/dbaas
+  version: v1beta1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: redhat.com
+  group: dbaas
+  kind: MongoDBAtlasInventory
+  path: github.com/mongodb/mongodb-atlas-kubernetes/pkg/api/dbaas
+  version: v1beta1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: redhat.com
+  group: dbaas
+  kind: MongoDBAtlasInstance
+  path: github.com/mongodb/mongodb-atlas-kubernetes/pkg/api/dbaas
+  version: v1beta1
 - api:
     crdVersion: v1
     namespaced: true

README.md

@@ -151,6 +151,196 @@ Operator support Third Party Integration.
 - [Mongodb Atlas Operator sample](docs/project-integration.md)
 - [Atlas documentation Atlas](https://docs.atlas.mongodb.com/reference/api/third-party-integration-settings/)
 
+### Step 4. Test Database as a Service (DBaaS) on OpenShift
+
+The Atlas Operator is integrated with the [OpenShift Database Access Operator, a.k.a. Database-as-a-Service (DBaaS) Operator](https://github.com/RHEcosystemAppEng/dbaas-operator) which allows application developers to import database instances and connect to the databases through the [Service Binding Operator](https://github.com/redhat-developer/service-binding-operator). More information can be found [here](https://github.com/RHEcosystemAppEng/dbaas-operator#readme).
+
+**1.** Check DBaaS Registration
+
+If the DBaaS Operator has been deployed in the OpenShift Cluster, the Atlas Operator automatically creates a cluster level [DBaaSProvider](https://github.com/RHEcosystemAppEng/dbaas-operator/blob/main/config/crd/bases/dbaas.redhat.com_dbaasproviders.yaml) custom resource (CR) object `mongodb-atlas-registration` to automatically register itself with the DBaaS Operator. See file `config/dbaasprovider/dbaas_provider.yaml` for the content of the registration CR. 
+If the Atlas Operator is undeployed with the OLM, the above registration CR gets cleaned up automatically.
+
+**2.** Check MongoDBAtlasInventory Custom Resource
+
+First an administrator imports a provider account by creating a [DBaaSInventory](https://github.com/RHEcosystemAppEng/dbaas-operator/blob/main/config/crd/bases/dbaas.redhat.com_dbaasinventories.yaml) CR for MongoDB. The DBaaS Operator automatically creates a MongoDBAtlasInventory CR, and the Atlas Operator discovers the clusters and  instances, and sets the result in the CR status. 
+Here is an example of MongoDBAtlasInventory CR.
+```
+apiVersion: dbaas.redhat.com/v1beta1
+kind: MongoDBAtlasInventory
+metadata:
+  name: dbaas-mytest
+  namespace: openshift-operators
+  ownerReferences:
+  - apiVersion: dbaas.redhat.com/v1beta1
+    blockOwnerDeletion: true
+    controller: true
+    kind: DBaaSInventory
+    name: dbaas-mytest
+    uid: 01f5a690-c640-462f-b6e8-ccb9db95df70
+spec:
+  credentialsRef:
+    name: my-atlas-key
+    namespace: openshift-operators
+status:
+  conditions:
+    - lastTransitionTime: "2023-03-28T16:41:55Z"
+      message: Spec sync OK
+      reason: SyncOK
+      status: "True"
+      type: SpecSynced
+    databaseServices:
+    - serviceID: 62c2c8a362b69c2cddfd7092
+      serviceInfo:
+        connectionStringsStandardSrv: mongodb+srv://test-cluster-1.uokag.mongodb.net
+        instanceSizeName: M0
+        projectID: 62c2c89d1072f947cc60b38a
+        projectName: testproject1
+        providerName: AWS
+        regionName: US_EAST_1
+        state: Ready
+      serviceName: test-cluster-1
+    - serviceID: 630db3bc7d0eac3a77881c9b
+      serviceInfo:
+        connectionStringsStandardSrv: mongodb+srv://test-cluster-2.vrfxrzl.mongodb.net
+        instanceSizeName: M0
+        projectID: 630db3b67d0eac3a77881c0e
+        projectName: testproject2
+        providerName: AWS
+        regionName: US_EAST_1
+        state: Ready
+      serviceName: test-cluster-2
+```
+**3.** Provision a MongoDB Atlas Deployment
+The administrator or developer can then optionally provision an Atlas Deployment by creating a [DBaaSInstance](https://github.com/RHEcosystemAppEng/dbaas-operator/blob/main/config/crd/bases/dbaas.redhat.com_dbaasinstances.yaml) CR. The DBaaS Operator automatically creates a MongoDBAtlasInstance CR, and the Atlas Operator provisions the Atlas Deployment and sets the result in the CR status. 
+
+Here is an example of MongoDBAtlasInstance CR.
+```
+apiVersion: dbaas.redhat.com/v1beta1
+kind: MongoDBAtlasInstance
+metadata:
+  creationTimestamp: "2023-03-28T15:46:29Z"
+  generation: 1
+  name: dbaas-mytest
+  namespace: openshift-dbaas-operator
+  ownerReferences:
+  - apiVersion: dbaas.redhat.com/v1beta1
+    blockOwnerDeletion: true
+    controller: true
+    kind: DBaaSInstance
+    name: dbaas-mytest
+    uid: fe931f44-bb2c-4e8b-8bab-e5174346eb09
+  resourceVersion: "447263"
+  uid: 291acf9d-3fa9-4ee5-823f-425e9fa31c87
+spec:
+  inventoryRef:
+    name: dbaas-mytest
+    namespace: openshift-dbaas-operator
+  provisioningParameters:
+    cloudProvider: AWS
+    name: mytestinstance
+    plan: FREETRIAL
+    teamProject: mytestproject
+status:
+  conditions:
+  - lastTransitionTime: "2023-03-28T17:14:56Z"
+    message: ""
+    reason: Ready
+    status: "True"
+    type: ProvisionReady
+  instanceID: 64231ff384042d1c6822f55e
+  instanceInfo:
+    connectionStringsStandardSrv: mongodb+srv://mytestinstance.uuvk4lr.mongodb.net
+    instanceSizeName: M0
+    projectID: 64231fe609d3af11d356962d
+    projectName: mytestproject
+    providerName: AWS
+    regionName: US_EAST_1
+  phase: Ready
+```
+**4.** Check MongoDBAtlasConnection Custom Resource
+
+Now the application developer can create a [DBaaSConnection](https://github.com/RHEcosystemAppEng/dbaas-operator/blob/main/config/crd/bases/dbaas.redhat.com_dbaasconnections.yaml) CR for connection to the MongoDB database instance found, the DBaaS Operator automatically creates a MongoDBAtlasConnection CR. The Atlas Operator creates a database user in Atlas for the cluster with the default database `admin`. The Atlas Operator stores the db user credentials in a kubernetes secret, and the remaining connection information in a configmap and then updates the MongoDBAtlasConnection CR status.
+
+Here is an example of MongoDBAtlasConnection CR.
+```
+apiVersion: dbaas.redhat.com/v1beta1
+kind: MongoDBAtlasConnection
+metadata:
+  name: test-dbaas-connection
+  namespace: test-namespace
+  ownerReferences:
+  - apiVersion: dbaas.redhat.com/v1beta1
+    blockOwnerDeletion: true
+    controller: true
+    kind: DBaaSConnection
+    name: test-dbaas-connection
+    uid: 77193619-6ab1-43c9-acf2-a40c2cfe7703
+spec:
+  databaseServiceID: 12345ffbc9a90e310e642482
+  inventoryRef:
+    name: dbaas-mytest
+    namespace: openshift-operators
+status:
+  conditions:
+  - lastTransitionTime: "2023-03-28T20:06:56Z"
+    message: ""
+    reason: Ready
+    status: "True"
+    type: ReadyForBinding
+  connectionInfoRef:
+    name: atlas-connection-cm-knp9z
+  credentialsRef:
+    name: atlas-db-user-5pc8b
+```
+The corresponding generated secret:
+```
+apiVersion: v1
+data:
+  password: cGFzczEyM3dAcmQ=
+  username: ZGJVc2VyXzEwMQ==
+kind: Secret
+metadata:
+  labels:
+    managed-by: atlas-operator
+    owner: test-dbaas-connection
+    owner.kind: MongoDBAtlasConnection
+    owner.namespace: test-namespace
+  name: atlas-db-user-5pc8b
+  namespace: test-namespace
+  ownerReferences:
+  - apiVersion: dbaas.redhat.com/v1beta1
+    blockOwnerDeletion: false
+    controller: true
+    kind: MongoDBAtlasConnection
+    name: test-dbaas-connection
+    uid: a50b06db-8fa1-45c9-9893-833a028dfccc
+type: Opaque
+```
+The corresponding generated configmap:
+```
+apiVersion: v1
+data:
+  host: cluster0.ubajs.mongodb.net
+  provider: OpenShift Datase Access / MongoDB Atlas
+  srv: "true"
+  type: mongodb
+kind: ConfigMap
+metadata:
+   labels:
+    managed-by: atlas-operator
+    owner: test-dbaas-connection
+    owner.kind: MongoDBAtlasConnection
+    owner.namespace: test-namespace
+    name: atlas-connection-cm-knp9z
+  namespace: test-namespace
+  ownerReferences:
+  - apiVersion: dbaas.redhat.com/v1beta1
+    blockOwnerDeletion: false
+    controller: true
+    kind: MongoDBAtlasConnection
+    name: test-dbaas-connection
+    uid: a50b06db-8fa1-45c9-9893-833a028dfccc
+```
 ## How to Contribute
 
 Please file issues before filing PRs. For PRs to be accepted, contributors must sign

bundle.Dockerfile

@@ -1,19 +1,15 @@
 FROM scratch
 
-LABEL com.redhat.openshift.versions="v4.8"
-LABEL com.redhat.delivery.backport=true
-LABEL com.redhat.delivery.operator.bundle=true
-
 # Core bundle labels.
 LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
 LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
 LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
 LABEL operators.operatorframework.io.bundle.package.v1=mongodb-atlas-kubernetes
-LABEL operators.operatorframework.io.bundle.channels.v1=stable
-LABEL operators.operatorframework.io.bundle.channel.default.v1=stable
-LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.15.0+git
+LABEL operators.operatorframework.io.bundle.channels.v1=beta
+LABEL operators.operatorframework.io.bundle.channel.default.v1=beta
+LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.19.0+git
 LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1
-LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v2
+LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3
 
 # Labels for testing.
 LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1