diff --git a/.gitignore b/.gitignore
index b07199c3..24a90612 100644
--- a/.gitignore
+++ b/.gitignore
@@ -43,3 +43,5 @@ config/rbac/role.yaml
internal/api/v1/zz_generated.deepcopy.go
installer/install.sh
installer/cloud-sql-proxy-operator.yaml
+.tools
+.envrc
diff --git a/Makefile b/Makefile
index 1a89955f..9e7a834a 100644
--- a/Makefile
+++ b/Makefile
@@ -90,6 +90,10 @@ generate: ctrl_generate ctrl_manifests generate_crd_docs go_lint tf_lint instal
build: generate build_push_docker ## Builds and pushes the docker image to tag defined in envvar IMG
@echo "TIME: $(shell date) end make build"
+.PHONY: build_docker_local
+build_docker_local: generate build_docker ## Builds the docker image but does not push
+ @echo "TIME: $(shell date) end make build"
+
.PHONY: test
test: generate go_test go_test_k8s_1_28 ## Run tests (but not internal/teste2e)
@echo "TIME: $(shell date) end make test"
@@ -151,6 +155,15 @@ build_push_docker: # Build docker image with the operator. set IMG env var befor
test -d 'bin' || mkdir -p bin
echo "$(IMG)" > bin/last-pushed-image-url.txt
+.PHONY: build_docker
+build_docker: # Build docker image with the operator. set IMG env var before running: `IMG=example.com/img:1.0 make build`
+ docker buildx build --platform "linux/amd64" \
+ --build-arg GO_LD_FLAGS="$(VERSION_LDFLAGS)" \
+ -f "Dockerfile-operator" \
+ "$(PWD)"
+ test -d 'bin' || mkdir -p bin
+ echo "$(IMG)" > bin/last-pushed-image-url.txt
+
.PHONY: go_lint
go_lint: golangci-lint # Run go lint tools, fail if unchecked errors
# Implements golang CI based on settings described here:
diff --git a/build.sh b/build.sh
index 61aeaed8..79a85082 100755
--- a/build.sh
+++ b/build.sh
@@ -29,9 +29,9 @@ function clean() {
make clean
}
-## build - Builds the project without running tests.
+## build - Builds the project without running tests or pushing the container image
function build() {
- make build
+ make build_docker_local
}
## test - Runs local unit tests.
diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml
index bcf04cb6..c4fb77c5 100644
--- a/config/manager/kustomization.yaml
+++ b/config/manager/kustomization.yaml
@@ -12,16 +12,16 @@
# See the License for the specific language governing permissions and
# limitations under the License.
resources:
- - manager.yaml
+- manager.yaml
generatorOptions:
disableNameSuffixHash: true
configMapGenerator:
- - files:
- - controller_manager_config.yaml
- name: manager-config
+- files:
+ - controller_manager_config.yaml
+ name: manager-config
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
images:
- - name: controller
- newName: cloud-sql-proxy-operator
- newTag: latest
+- name: controller
+ newName: us-central1-docker.pkg.dev/hessjc-csql-operator-04/testhessjc/cloud-sql-auth-proxy-operator
+ newTag: f2eb19b2d91f77a5c4c800a64902bbff720c8bd6-dirty-20260122T2138
diff --git a/docs/api.md b/docs/api.md
index 5f1d7262..d5061245 100644
--- a/docs/api.md
+++ b/docs/api.md
@@ -58,7 +58,7 @@ _Appears in:_
| `maxSigtermDelay` _integer_ | MaxSigtermDelay is the maximum number of seconds to wait for connections to
close after receiving a TERM signal. This sets the proxy container's
CLI argument `--max-sigterm-delay` and
configures `terminationGracePeriodSeconds` on the workload's PodSpec. | | Minimum: 0
Optional: \{\}
|
| `minSigtermDelay` _integer_ | MinSigtermDelay is the minimum number of seconds to wait for connections to
close after receiving a TERM signal. This sets the proxy container's
CLI argument `--min-sigterm-delay` | | Minimum: 0
Optional: \{\}
|
| `sqlAdminAPIEndpoint` _string_ | SQLAdminAPIEndpoint is a debugging parameter that when specified will
change the Google Cloud api endpoint used by the proxy. | | Optional: \{\}
|
-| `image` _string_ | Image is the URL to the proxy image. Optional, by default the operator
will use the latest Cloud SQL Auth Proxy version as of the release of the
operator.
The operator ensures that all workloads configured with the default proxy
image are upgraded automatically to use to the latest released proxy image.
When the customer upgrades the operator, the operator upgrades all
workloads using the default proxy image to the latest proxy image. The
change to the proxy container image is applied in accordance with
the RolloutStrategy. | | Optional: \{\}
|
+| `image` _string_ | Image is the URL to the proxy image. Optional, by default the operator
will use the latest Cloud SQL Auth Proxy version as of the release of the
operator.
The operator ensures that all workloads configured with the default proxy
image are upgraded automatically to use to the latest released proxy image.
When the customer upgrades the operator, the operator upgrades all
workloads using the default proxy image to the latest proxy image. The
change to the proxy container image is applied in accordance with
the RolloutStrategy. | | Optional: \{\}
|
| `rolloutStrategy` _string_ | RolloutStrategy indicates the strategy to use when rolling out changes to
the workloads affected by the results. When this is set to
`Workload`, changes to this resource will be automatically applied
to a running Deployment, StatefulSet, DaemonSet, or ReplicaSet in
accordance with the Strategy set on that workload. When this is set to
`None`, the operator will take no action to roll out changes to affected
workloads. `Workload` will be used by default if no value is set.
See: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy | Workload | Enum: [Workload None]
Optional: \{\}
|
| `refreshStrategy` _string_ | RefreshStrategy indicates which refresh strategy the proxy should use.
When this is set to `lazy`, the proxy will use a lazy refresh strategy,
and will be configured to run with the --lazy-refresh flag. When this
omitted or set to `background`, the proxy will use the default background
refresh strategy.
See: https://github.com/GoogleCloudPlatform/cloud-sql-proxy/?tab=readme-ov-file#configuring-a-lazy-refresh | background | Enum: [lazy background]
Optional: \{\}
|
| `quiet` _boolean_ | Quiet configures the proxy's --quiet flag to limit the amount of
logging generated by the proxy container. | | |
@@ -130,25 +130,21 @@ _Appears in:_
InstanceSpec describes the configuration for how the proxy should expose
a Cloud SQL database instance to a workload.
-
In the minimum recommended configuration, the operator will choose
a non-conflicting TCP port and set environment
variables MY_DB_SERVER_PORT MY_DB_SERVER_HOST with the value of the TCP port
and hostname. The application can read these values to connect to the database
through the proxy. For example:
-
`{
"connectionString":"my-project:us-central1:my-db-server",
"portEnvName":"MY_DB_SERVER_PORT"
"hostEnvName":"MY_DB_SERVER_HOST"
}`
-
If you want to assign a specific port number for a database, set the `port`
field. For example:
-
`{ "connectionString":"my-project:us-central1:my-db-server", "port":5000 }`
diff --git a/infra/resources/gke_cluster.tf b/infra/resources/gke_cluster.tf
index f70fb2e8..89900b1b 100644
--- a/infra/resources/gke_cluster.tf
+++ b/infra/resources/gke_cluster.tf
@@ -43,6 +43,9 @@ resource "google_container_cluster" "primary" {
remove_default_node_pool = true
resource_labels = local.standard_labels
+ lifecycle {
+ ignore_changes = [min_master_version]
+ }
}
resource "google_container_node_pool" "primary_preemptible_nodes" {
@@ -78,6 +81,9 @@ resource "google_container_node_pool" "primary_preemptible_nodes" {
"https://www.googleapis.com/auth/sqlservice.admin",
]
}
+ lifecycle {
+ ignore_changes = [version]
+ }
}
diff --git a/infra/resources/private_gke_cluster.tf b/infra/resources/private_gke_cluster.tf
index b61e4f10..83aa86ae 100644
--- a/infra/resources/private_gke_cluster.tf
+++ b/infra/resources/private_gke_cluster.tf
@@ -41,6 +41,10 @@ resource "google_container_cluster" "private" {
services_secondary_range_name = google_compute_subnetwork.private_k8s_network.secondary_ip_range.0.range_name
cluster_secondary_range_name = google_compute_subnetwork.private_k8s_network.secondary_ip_range.1.range_name
}
+
+ lifecycle {
+ ignore_changes = [min_master_version]
+ }
}
resource "google_container_node_pool" "private_preemptible_nodes" {
@@ -82,6 +86,9 @@ resource "google_container_node_pool" "private_preemptible_nodes" {
"https://www.googleapis.com/auth/sqlservice.admin",
]
}
+ lifecycle {
+ ignore_changes = [version]
+ }
}