You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
which causing the following error during the applying of the CRD:
cannot establish control of object: admission webhook "compositeresourcedefinitions.apiextensions.crossplane.io" denied the request: invalid CRD generated for CompositeResourceDefinition: CustomResourceDefinition.apiextensions.k8s.io "compositedbclusters.rds.aws.xxx.cloud" is invalid: [spec.versions: Invalid value: []apiextensions.CustomResourceDefinitionVersion{apiextensions.CustomResourceDefinitionVersion{Name:"v1alpha1", Served:true, Storage:false, Deprecated:false, DeprecationWarning:(*string)(nil), Schema:(*apiextensions.CustomResourceValidation)(nil), Subresources:(*apiextensions.CustomResourceSubresources)(nil), AdditionalPrinterColumns:[]apiextensions.CustomResourceColumnDefinition(nil)}}: must have exactly one version marked as storage version, status.storedVersions: Invalid value: []string(nil): must have at least one stored version]
How I solved the issue locally (I can't create PR due to permissions)?
I added a versions array in the generate.yaml file (full generate file is in the issue reproduce section):
group: rds.aws.xxx.cloudname: DBClusterversion: v1alpha1purpose: dbclusterprovider:
baseURL: https://raw.githubusercontent.com/upbound/%s/%s/package/crds/%sname: provider-awsversion: v1.7.0crd:
file: rds.aws.upbound.io_clusters.yamlversion: v1beta2ignore: falseconnectionSecretKeys:
- username
- password
- endpoint
- portcompositions:
- name: compositedbcluster.rds.aws.xxx.cloudprovider: sopdefault: trueversions:
- name: v1alpha1served: truereferenceable: trueoverrideFieldsInClaim:
- claimPath: spec.forProvider.autogeneratePasswordignore: falseoverrideSettings:
property:
description: Deprecated, Use `autoGeneratePassword` instead. AutogeneratePassword indicates whether the controllershould generate a random password for the master user if oneis not provided via MasterUserPasswordSecretRef. If a passwordis generated, it will be stored as a secret at the locationspecified by MasterUserPasswordSecretRef.type: boolean# TODO: test deprecateddeprecated: truepatches:
- fromFieldPath: spec.forProvider.autogeneratePasswordpolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.autoGeneratePasswordtype: FromCompositeFieldPath
- claimPath: spec.forProvider.dbSystemIDignore: falseoverrideSettings:
property:
description: Deprecated, Use `dbSystemId` instead. Reserved for future use.type: string# TODO: test deprecateddeprecated: truepatches:
- fromFieldPath: spec.forProvider.dbSystemIDpolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.dbSystemIdtype: FromCompositeFieldPath
- claimPath: spec.forProvider.domainIAMRoleNameignore: falseoverrideSettings:
property:
description: Deprecated, Use `domainIamRoleName` instead. The name of the IAM role to be used when making APIcalls to the Directory Service.type: string# TODO: test deprecateddeprecated: truepatches:
- fromFieldPath: spec.forProvider.domainIAMRoleNamepolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.domainIamRoleNametype: FromCompositeFieldPath
- claimPath: spec.forProvider.enableHTTPEndpointignore: falseoverrideSettings:
property:
description: 'Deprecated, Use `enableHttpEndpoint` instead. Specifies whether to enable the HTTP endpoint for an Aurora Serverless v1 DB cluster. By default, the HTTP endpoint is disabled. \n When enabled, the HTTP endpoint provides a connectionless web service API for running SQL queries on the Aurora Serverless v1 DB cluster. You can also query your database from inside the RDS console with the query editor. \n For more information, see Using the Data API for Aurora Serverless v1 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the Amazon Aurora User Guide. \n Valid for Cluster Type: Aurora DB clusters only'type: boolean# TODO: test deprecateddeprecated: truepatches:
- fromFieldPath: spec.forProvider.enableHTTPEndpointpolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.enableHttpEndpointtype: FromCompositeFieldPath
- claimPath: spec.forProvider.finalDBSnapshotIdentifierignore: falseoverrideSettings:
property:
description: "Deprecated, Use `finalSnapshotIdentifier` instead. The DB cluster snapshot identifier of the new DB cluster snapshot created when SkipFinalSnapshot is disabled.\n Specifying this parameter and also skipping the creation of a final DB cluster snapshot with the SkipFinalShapshot parameter results in an error. \n Constraints: \n * Must be 1 to 255 letters, numbers, or hyphens. \n * First character must be a letter \n * Can't end with a hyphen or contain two consecutive hyphens"type: string# TODO: test deprecateddeprecated: truepatches:
- fromFieldPath: spec.forProvider.finalDBSnapshotIdentifierpolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.finalSnapshotIdentifiertype: FromCompositeFieldPath
- claimPath: spec.forProvider.kmsKeyIDignore: falseoverrideSettings:
property:
description: Deprecated, Use `kmsKeyId` instead. ARN for the KMS encryption key. When specifying kms_key_id,storage_encrypted needs to be set to true.type: string# TODO: test deprecateddeprecated: truepatches:
- fromFieldPath: spec.forProvider.kmsKeyIDpolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.kmsKeyIdtype: FromCompositeFieldPath
- claimPath: spec.forProvider.kmsKeyIDRefignore: falseoverrideSettings:
property:
description: Deprecated, Use `kmsKeyIdRef` instead. Reference to a Key in kms to populate kmsKeyId.# TODO: test deprecateddeprecated: trueproperties:
name:
description: Name of the referenced object.type: stringpolicy:
description: Policies for referencing.properties:
resolution:
default: Requireddescription: |- Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved.enum:
- Required
- Optionaltype: stringresolve:
description: |- Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile.enum:
- Always
- IfNotPresenttype: stringtype: objectrequired:
- nametype: objectpatches:
- fromFieldPath: spec.forProvider.kmsKeyIDRef.namepolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.kmsKeyIdRef.nametype: FromCompositeFieldPath
- fromFieldPath: spec.forProvider.kmsKeyIDRef.policy.resolutionpolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.kmsKeyIdRef.policy.resolutiontype: FromCompositeFieldPath
- fromFieldPath: spec.forProvider.kmsKeyIDRef.policy.resolvepolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.kmsKeyIdRef.policy.resolvetype: FromCompositeFieldPath
- claimPath: spec.forProvider.kmsKeyIDSelectorignore: falseoverrideSettings:
property:
description: Deprecated, Use `kmsKeyIdSelector` instead. Selector for a Key in kms to populate kmsKeyId.# TODO: test deprecateddeprecated: trueproperties:
matchControllerRef:
description: |- MatchControllerRef ensures an object with the same controller reference as the selecting object is selected.type: booleanmatchLabels:
additionalProperties:
type: stringdescription: MatchLabels ensures an object with matching labelsis selected.type: objectpolicy:
description: Policies for selection.properties:
resolution:
default: Requireddescription: |- Resolution specifies whether resolution of this reference is required. The default is 'Required', which means the reconcile will fail if the reference cannot be resolved. 'Optional' means this reference will be a no-op if it cannot be resolved.enum:
- Required
- Optionaltype: stringresolve:
description: |- Resolve specifies when this reference should be resolved. The default is 'IfNotPresent', which will attempt to resolve the reference only when the corresponding field is not present. Use 'Always' to resolve the reference on every reconcile.enum:
- Always
- IfNotPresenttype: stringtype: objecttype: objectpatches:
- fromFieldPath: spec.forProvider.kmsKeyIDSelector.matchControllerRefpolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.kmsKeyIdSelector.matchControllerReftype: FromCompositeFieldPath
- fromFieldPath: spec.forProvider.kmsKeyIDSelector.matchLabelspolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.kmsKeyIdSelector.matchLabelstype: FromCompositeFieldPath
- fromFieldPath: spec.forProvider.kmsKeyIDSelector.policy.resolutionpolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.kmsKeyIdSelector.policy.resolutiontype: FromCompositeFieldPath
- fromFieldPath: spec.forProvider.kmsKeyIDSelector.policy.resolvepolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.kmsKeyIdSelector.policy.resolvetype: FromCompositeFieldPath
- claimPath: spec.forProvider.masterUserPasswordSecretRefignore: falseoverrideSettings:
property:
description: |- Deprecated, Use `masterPasswordSecretRef` instead. Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Please refer to the RDS Naming Constraints. Cannot be set if manage_master_user_password is set to true. Password for the master DB user. If you set autoGeneratePassword to true, the Secret referenced here will be created or updated with generated password if it does not already contain one.# TODO: test deprecateddeprecated: trueproperties:
key:
description: The key to select.type: stringname:
description: Name of the secret.type: stringnamespace:
description: Namespace of the secret.type: stringrequired:
- key
- name
- namespacetype: objectpatches:
- fromFieldPath: spec.forProvider.masterUserPasswordSecretRef.keypolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.masterPasswordSecretRef.keytype: FromCompositeFieldPath
- fromFieldPath: spec.forProvider.masterUserPasswordSecretRef.namepolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.masterPasswordSecretRef.nametype: FromCompositeFieldPath
- fromFieldPath: spec.forProvider.masterUserPasswordSecretRef.namespacepolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.masterPasswordSecretRef.namespacetype: FromCompositeFieldPath
- claimPath: spec.forProvider.masterUserSecretKMSKeyIDignore: falseoverrideSettings:
property:
description: Deprecated, Use `masterUserSecretKmsKeyId` instead. Amazon Web Services KMS key identifier is the keyARN, key ID, alias ARN, or alias name for the KMS key. To usea KMS key in a different Amazon Web Services account, specifythe key ARN or alias ARN. If not specified, the default KMSkey for your Amazon Web Services account is used.# TODO: test deprecateddeprecated: truetype: stringpatches:
- fromFieldPath: spec.forProvider.masterUserSecretKMSKeyIDpolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.masterUserSecretKmsKeyIdtype: FromCompositeFieldPath
- claimPath: spec.forProvider.enableIAMDatabaseAuthenticationignore: falseoverrideSettings:
property:
description: 'Deprecated, Use `iamDatabaseAuthenticationEnabled` instead. Specifies whether to enable mapping of Amazon Web Services Identity and Access Management (IAM) accounts to database accounts. By default, mapping is not enabled. \n For more information, see IAM Database Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the Amazon Aurora User Guide. \n Valid for Cluster Type: Aurora DB clusters only'# TODO: test deprecateddeprecated: truetype: stringpatches:
- fromFieldPath: spec.forProvider.enableIAMDatabaseAuthenticationpolicy:
fromFieldPath: OptionaltoFieldPath: spec.forProvider.iamDatabaseAuthenticationEnabledtype: FromCompositeFieldPath
What happened?
The generated XRD always ends up having
referenceable: false
:which leads to a CRD with
storage: false
:which causing the following error during the applying of the CRD:
How I solved the issue locally (I can't create PR due to permissions)?
// feature/expose-versions-configs
to see my changes:How can we reproduce it?
Here's the generate.yaml file which I am using:
What environment did it happen in?
Crossplane version: xpkg.upbound.io/upbound/crossplane:v1.14.7-up.1
The text was updated successfully, but these errors were encountered: