CLOUDP-142977: Atlas Teams (#767)

CLOUDP-142977: Add support to Atlas Teams

Author: helderjs

.github/workflows/test-e2e.yml

@@ -93,6 +93,7 @@ jobs:
             "serverless-pe",
             "x509auth",
             "custom-roles",
+            "teams",
           ]
 
     steps:

PROJECT

@@ -52,4 +52,13 @@ resources:
   kind: AtlasBackupSchedule
   path: github.com/mongodb/mongodb-atlas-kubernetes/api/v1
   version: v1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: mongodb.com
+  group: atlas
+  kind: AtlasTeam
+  path: github.com/mongodb/mongodb-atlas-kubernetes/api/v1
+  version: v1
 version: "3"

bundle/manifests/atlas.mongodb.com_atlasprojects.yaml

@@ -775,6 +775,43 @@ spec:
                   isSchemaAdvisorEnabled:
                     type: boolean
                 type: object
+              teams:
+                description: Teams enable you to grant project access roles to multiple
+                  users.
+                items:
+                  properties:
+                    roles:
+                      description: Roles the users of the team has over the project
+                      items:
+                        enum:
+                        - GROUP_OWNER
+                        - GROUP_CLUSTER_MANAGER
+                        - GROUP_DATA_ACCESS_ADMIN
+                        - GROUP_DATA_ACCESS_READ_WRITE
+                        - GROUP_DATA_ACCESS_READ_ONLY
+                        - GROUP_READ_ONLY
+                        type: string
+                      minItems: 1
+                      type: array
+                    teamRef:
+                      description: Reference to the team which will assigned to the
+                        project
+                      properties:
+                        name:
+                          description: Name is the name of the Kubernetes Resource
+                          type: string
+                        namespace:
+                          description: Namespace is the namespace of the Kubernetes
+                            Resource
+                          type: string
+                      required:
+                      - name
+                      type: object
+                  required:
+                  - roles
+                  - teamRef
+                  type: object
+                type: array
               withDefaultAlertsSettings:
                 default: true
                 description: Flag that indicates whether to create the new project
@@ -1338,6 +1375,40 @@ spec:
                   scheme:
                     type: string
                 type: object
+              teams:
+                description: Teams contains a list of teams assignment statuses
+                properties:
+                  error:
+                    type: string
+                  status:
+                    type: boolean
+                  teams:
+                    items:
+                      properties:
+                        id:
+                          type: string
+                        teamRef:
+                          description: ResourceRefNamespaced is a reference to a Kubernetes
+                            Resource that allows to configure the namespace
+                          properties:
+                            name:
+                              description: Name is the name of the Kubernetes Resource
+                              type: string
+                            namespace:
+                              description: Namespace is the namespace of the Kubernetes
+                                Resource
+                              type: string
+                          required:
+                          - name
+                          type: object
+                      required:
+                      - teamRef
+                      type: object
+                    type: array
+                required:
+                - status
+                - teams
+                type: object
             required:
             - conditions
             type: object

bundle/manifests/atlas.mongodb.com_atlasteams.yaml

@@ -0,0 +1,130 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.9.2
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/component: controller
+    app.kubernetes.io/instance: mongodb-atlas-kubernetes-operator
+    app.kubernetes.io/name: mongodb-atlas-kubernetes-operator
+  name: atlasteams.atlas.mongodb.com
+spec:
+  group: atlas.mongodb.com
+  names:
+    kind: AtlasTeam
+    listKind: AtlasTeamList
+    plural: atlasteams
+    singular: atlasteam
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .spec.name
+      name: Name
+      type: string
+    name: v1
+    schema:
+      openAPIV3Schema:
+        description: AtlasTeam is the Schema for the Atlas Teams API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: TeamSpec defines the desired state of a Team in Atlas
+            properties:
+              name:
+                description: The name of the team you want to create.
+                type: string
+              usernames:
+                description: Valid email addresses of users to add to the new team
+                items:
+                  format: email
+                  type: string
+                type: array
+            required:
+            - name
+            - usernames
+            type: object
+          status:
+            properties:
+              conditions:
+                description: Conditions is the list of statuses showing the current
+                  state of the Atlas Custom Resource
+                items:
+                  description: Condition describes the state of an Atlas Custom Resource
+                    at a certain point.
+                  properties:
+                    lastTransitionTime:
+                      description: Last time the condition transitioned from one status
+                        to another.
+                      format: date-time
+                      type: string
+                    message:
+                      description: A human readable message indicating details about
+                        the transition.
+                      type: string
+                    reason:
+                      description: The reason for the condition's last transition.
+                      type: string
+                    status:
+                      description: Status of the condition, one of True, False, Unknown.
+                      type: string
+                    type:
+                      description: Type of Atlas Custom Resource condition.
+                      type: string
+                  required:
+                  - status
+                  - type
+                  type: object
+                type: array
+              id:
+                description: ID of the team
+                type: string
+              observedGeneration:
+                description: ObservedGeneration indicates the generation of the resource
+                  specification that the Atlas Operator is aware of. The Atlas Operator
+                  updates this field to the 'metadata.generation' as soon as it starts
+                  reconciliation of the resource.
+                format: int64
+                type: integer
+              projects:
+                description: List of projects which the team is assigned
+                items:
+                  properties:
+                    id:
+                      description: Unique identifier of the project inside atlas
+                      type: string
+                    name:
+                      description: Name given to the project
+                      type: string
+                  required:
+                  - id
+                  - name
+                  type: object
+                type: array
+            required:
+            - conditions
+            type: object
+        required:
+        - spec
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: null
+  storedVersions: null

bundle/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml

@@ -104,6 +104,19 @@ metadata:
               }
             ]
           }
+        },
+        {
+          "apiVersion": "atlas.mongodb.com/v1",
+          "kind": "AtlasTeam",
+          "metadata": {
+            "name": "atlasteam-sample"
+          },
+          "spec": {
+            "name": "my-team",
+            "usernames": [
+              "username@mongodb.com"
+            ]
+          }
         }
       ]
     capabilities: Full Lifecycle
@@ -143,6 +156,11 @@ spec:
         kind: AtlasProject
         name: atlasprojects.atlas.mongodb.com
         version: v1
+      - description: AtlasTeam is the Schema for the Atlas Teams API
+        displayName: Atlas Team
+        kind: AtlasTeam
+        name: atlasteams.atlas.mongodb.com
+        version: v1
   description: |
     The MongoDB Atlas Operator provides a native integration between the Kubernetes orchestration platform and MongoDB Atlas —
     the only multi-cloud document database service that gives you the versatility you need to build sophisticated and resilient applications that can adapt to changing customer demands and market trends.
@@ -379,6 +397,26 @@ spec:
                 - get
                 - patch
                 - update
+            - apiGroups:
+                - atlas.mongodb.com
+              resources:
+              - atlasteam
+              verbs:
+              - create
+              - delete
+              - get
+              - list
+              - patch
+              - update
+              - watch
+            - apiGroups:
+              - atlas.mongodb.com
+              resources:
+              - atlasteam/status
+              verbs:
+              - get
+              - patch
+              - update
           serviceAccountName: mongodb-atlas-operator
       deployments:
         - name: mongodb-atlas-operator

config/crd/bases/atlas.mongodb.com_atlasprojects.yaml

@@ -772,6 +772,43 @@ spec:
                   isSchemaAdvisorEnabled:
                     type: boolean
                 type: object
+              teams:
+                description: Teams enable you to grant project access roles to multiple
+                  users.
+                items:
+                  properties:
+                    roles:
+                      description: Roles the users of the team has over the project
+                      items:
+                        enum:
+                        - GROUP_OWNER
+                        - GROUP_CLUSTER_MANAGER
+                        - GROUP_DATA_ACCESS_ADMIN
+                        - GROUP_DATA_ACCESS_READ_WRITE
+                        - GROUP_DATA_ACCESS_READ_ONLY
+                        - GROUP_READ_ONLY
+                        type: string
+                      minItems: 1
+                      type: array
+                    teamRef:
+                      description: Reference to the team which will assigned to the
+                        project
+                      properties:
+                        name:
+                          description: Name is the name of the Kubernetes Resource
+                          type: string
+                        namespace:
+                          description: Namespace is the namespace of the Kubernetes
+                            Resource
+                          type: string
+                      required:
+                      - name
+                      type: object
+                  required:
+                  - roles
+                  - teamRef
+                  type: object
+                type: array
               withDefaultAlertsSettings:
                 default: true
                 description: Flag that indicates whether to create the new project
@@ -1335,6 +1372,30 @@ spec:
                   scheme:
                     type: string
                 type: object
+              teams:
+                description: Teams contains a list of teams assignment statuses
+                items:
+                  properties:
+                    id:
+                      type: string
+                    teamRef:
+                      description: ResourceRefNamespaced is a reference to a Kubernetes
+                        Resource that allows to configure the namespace
+                      properties:
+                        name:
+                          description: Name is the name of the Kubernetes Resource
+                          type: string
+                        namespace:
+                          description: Namespace is the namespace of the Kubernetes
+                            Resource
+                          type: string
+                      required:
+                      - name
+                      type: object
+                  required:
+                  - teamRef
+                  type: object
+                type: array
             required:
             - conditions
             type: object