From fd6cd462a000ffda9a204b8468c3bcf25c655e13 Mon Sep 17 00:00:00 2001
From: Johannes Meixner <xmj@chaot.net>
Date: Thu, 28 Aug 2025 06:11:13 +0200
Subject: [PATCH] feat(cloudnative-pg): add annotations to all CRDs

We want to be able to pass annotations to all CustomResourceDefinitions.

This is helpful in that it allows passing an annotation to ArgoCD to
enable ServerSideApply:

```
crds:
  annotations:
    argocd.argoproj.io/sync-options: ServerSideApply=true
```

Fixes #656

Signed-off-by: Johannes Meixner <xmj@chaot.net>
---
 charts/cloudnative-pg/README.md               |  1 +
 .../cloudnative-pg/templates/crds/crds.yaml   | 30 +++++++++++++++++++
 charts/cloudnative-pg/values.yaml             |  3 +-
 3 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/charts/cloudnative-pg/README.md b/charts/cloudnative-pg/README.md
index 7d1e3aaad7..6b21ac6835 100644
--- a/charts/cloudnative-pg/README.md
+++ b/charts/cloudnative-pg/README.md
@@ -38,6 +38,7 @@ CloudNativePG Operator Helm Chart
 | config.secret | bool | `false` | Specifies whether it should be stored in a secret, instead of a configmap. |
 | containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsGroup":10001,"runAsUser":10001,"seccompProfile":{"type":"RuntimeDefault"}}` | Container Security Context. |
 | crds.create | bool | `true` | Specifies whether the CRDs should be created when installing the chart. |
+| crds.annotations | dict | `{}` | Annotations to pass to the CRDs created. Useful e.g. for ArgoCD ServerSideApply |
 | dnsPolicy | string | `""` |  |
 | fullnameOverride | string | `""` |  |
 | hostNetwork | bool | `false` |  |
diff --git a/charts/cloudnative-pg/templates/crds/crds.yaml b/charts/cloudnative-pg/templates/crds/crds.yaml
index 3674cebf53..4c6dc249dd 100644
--- a/charts/cloudnative-pg/templates/crds/crds.yaml
+++ b/charts/cloudnative-pg/templates/crds/crds.yaml
@@ -5,6 +5,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
+    {{- with .Values.crds.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
   name: backups.postgresql.cnpg.io
 spec:
   group: postgresql.cnpg.io
@@ -451,6 +454,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
+    {{- with .Values.crds.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
   name: clusterimagecatalogs.postgresql.cnpg.io
 spec:
   group: postgresql.cnpg.io
@@ -533,6 +539,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
+    {{- with .Values.crds.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
   name: clusters.postgresql.cnpg.io
 spec:
   group: postgresql.cnpg.io
@@ -7104,6 +7113,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
+    {{- with .Values.crds.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
   name: databases.postgresql.cnpg.io
 spec:
   group: postgresql.cnpg.io
@@ -7477,6 +7489,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
+    {{- with .Values.crds.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
   name: failoverquorums.postgresql.cnpg.io
 spec:
   group: postgresql.cnpg.io
@@ -7555,6 +7570,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
+    {{- with .Values.crds.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
   name: imagecatalogs.postgresql.cnpg.io
 spec:
   group: postgresql.cnpg.io
@@ -7636,6 +7654,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
+    {{- with .Values.crds.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
   name: poolers.postgresql.cnpg.io
 spec:
   group: postgresql.cnpg.io
@@ -16503,6 +16524,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
+    {{- with .Values.crds.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
   name: publications.postgresql.cnpg.io
 spec:
   group: postgresql.cnpg.io
@@ -16699,6 +16723,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
+    {{- with .Values.crds.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
   name: scheduledbackups.postgresql.cnpg.io
 spec:
   group: postgresql.cnpg.io
@@ -16891,6 +16918,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.18.0
     helm.sh/resource-policy: keep
+    {{- with .Values.crds.annotations }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
   name: subscriptions.postgresql.cnpg.io
 spec:
   group: postgresql.cnpg.io
diff --git a/charts/cloudnative-pg/values.yaml b/charts/cloudnative-pg/values.yaml
index 26e78c19e5..9fc5c39480 100644
--- a/charts/cloudnative-pg/values.yaml
+++ b/charts/cloudnative-pg/values.yaml
@@ -45,7 +45,8 @@ updateStrategy: {}
 crds:
   # -- Specifies whether the CRDs should be created when installing the chart.
   create: true
-
+  # -- Annotations to pass to the CRDs created. Useful e.g. for ArgoCD ServerSideApply
+  annotations: {}
 # -- The webhook configuration.
 webhook:
   port: 9443