CRD mongodbcommunity.mongodbcommunity.mongodb.com spec.prometheus.tlsSecretKeyRef broken #607
Description
What did you do to encounter the bug?
Steps to reproduce the behavior:
- Try to deploy a mongodbcommunity.mongodbcommunity.mongodb.com resource with prometheus and tls enabled
- Fail to do so because the CRD expects spec.prometheus.tlsSecretKeyRef.key and spec.prometheus.tlsSecretKeyRef.name fields to hold a password
What did you expect?
spec.prometheus.tlsSecretKeyRef should hold a name attribute only and with a reference to the respective secret resource that contains the tls certificate
What happened instead?
The operate fails to deploy the resource
Operator Information
- Operator Version: 1.6
- MongoDB Image used: quay.io/mongodb/mongodb-community-server:8.2-ubi8
Kubernetes Cluster Information
- 1.31.4
- Image Registry location: quay
Additional context
See https://github.com/mongodb/mongodb-kubernetes/blob/master/helm_chart/crds/mongodbcommunity.mongodb.com_mongodbcommunity.yaml#L335 how tlsSecretKeyref are implemented in other parts
See https://github.com/mongodb/mongodb-kubernetes/blob/master/helm_chart/crds/mongodbcommunity.mongodb.com_mongodbcommunity.yaml#L293 for the broken one
I would also like to mention that requiring basic auth for a metrics endpoint feels a little zealous to me.