fix: adapt for v2, fix default privileges and add examples and tests

apis/cluster/postgresql/v1alpha1/default_privileges_types.go

@@ -1,18 +1,19 @@
 package v1alpha1
 
 import (
-	xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
+	xpv1 "github.com/crossplane/crossplane-runtime/v2/apis/common/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
 // +kubebuilder:object:root=true
 
-// A Grant represents the declarative state of a PostgreSQL grant.
+// A DefaultPrivileges represents the declarative state of a PostgreSQL DefaultPrivileges.
 // +kubebuilder:subresource:status
 // +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status"
 // +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status"
 // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
 // +kubebuilder:printcolumn:name="ROLE",type="string",JSONPath=".spec.forProvider.role"
+// +kubebuilder:printcolumn:name="TARGET_ROLE",type="string",JSONPath=".spec.forProvider.targetRole"
 // +kubebuilder:printcolumn:name="SCHEMA",type="string",JSONPath=".spec.forProvider.schema"
 // +kubebuilder:printcolumn:name="DATABASE",type="string",JSONPath=".spec.forProvider.database"
 // +kubebuilder:printcolumn:name="PRIVILEGES",type="string",JSONPath=".spec.forProvider.privileges"
@@ -43,13 +44,15 @@ type DefaultPrivilegesParameters struct {
 	// +optional
 	Privileges GrantPrivileges `json:"privileges,omitempty"`
 
-	// TargetRole is the role who owns objects on which the default privileges are granted.
+	// TargetRole is the role whose future objects will have default privileges applied.
+	// When this role creates new objects, the specified privileges are automatically
+	// granted. Maps to FOR ROLE in ALTER DEFAULT PRIVILEGES.
 	// See https://www.postgresql.org/docs/current/sql-alterdefaultprivileges.html
 	// +required
 	TargetRole *string `json:"targetRole"`
 
 	// ObjectType to which the privileges are granted.
-	// +kubebuilder:validation:Enum=table;sequence;function;schema
+	// +kubebuilder:validation:Enum=table;sequence;function;schema;type
 	// +required
 	ObjectType *string `json:"objectType,omitempty"`
 
@@ -60,8 +63,10 @@ type DefaultPrivilegesParameters struct {
 	// +optional
 	WithOption *GrantOption `json:"withOption,omitempty"`
 
-	// Role to which default privileges are granted
+	// Role is the role that will receive the default privileges (the grantee).
+	// Maps to TO in ALTER DEFAULT PRIVILEGES ... GRANT ... TO role.
 	// +optional
+	// +crossplane:generate:reference:type=Role
 	Role *string `json:"role,omitempty"`
 
 	// RoleRef to which default privileges are granted.
@@ -76,6 +81,7 @@ type DefaultPrivilegesParameters struct {
 
 	// Database in which the default privileges are applied
 	// +optional
+	// +crossplane:generate:reference:type=Database
 	Database *string `json:"database,omitempty"`
 
 	// DatabaseRef references the database object this default grant it for.
@@ -89,18 +95,8 @@ type DefaultPrivilegesParameters struct {
 	DatabaseSelector *xpv1.Selector `json:"databaseSelector,omitempty"`
 
 	// Schema in which the default privileges are applied
-	// +optional
+	// +required
 	Schema *string `json:"schema,omitempty"`
-
-	// SchemaRef references the database object this default grant it for.
-	// +immutable
-	// +optional
-	SchemaRef *xpv1.Reference `json:"schemaRef,omitempty"`
-
-	// SchemaSelector selects a reference to a Database this grant is for.
-	// +immutable
-	// +optional
-	SchemaSelector *xpv1.Selector `json:"schemaSelector,omitempty"`
 }
 
 // +kubebuilder:object:root=true
@@ -111,52 +107,3 @@ type DefaultPrivilegesList struct {
 	metav1.ListMeta `json:"metadata,omitempty"`
 	Items           []DefaultPrivileges `json:"items"`
 }
-
-// ResolveReferences of this DefaultPrivileges.
-// func (mg *DefaultPrivileges) ResolveReferences(ctx context.Context, c client.Reader) error {
-// 	r := reference.NewAPIResolver(c, mg)
-
-// 	// Resolve spec.forProvider.database
-// 	rsp, err := r.Resolve(ctx, reference.ResolutionRequest{
-// 		CurrentValue: reference.FromPtrValue(mg.Spec.ForProvider.Database),
-// 		Reference:    mg.Spec.ForProvider.DatabaseRef,
-// 		Selector:     mg.Spec.ForProvider.DatabaseSelector,
-// 		To:           reference.To{Managed: &Database{}, List: &DatabaseList{}},
-// 		Extract:      reference.ExternalName(),
-// 	})
-// 	if err != nil {
-// 		return errors.Wrap(err, "spec.forProvider.database")
-// 	}
-// 	mg.Spec.ForProvider.Database = reference.ToPtrValue(rsp.ResolvedValue)
-// 	mg.Spec.ForProvider.DatabaseRef = rsp.ResolvedReference
-
-// 	// Resolve spec.forProvider.role
-// 	rsp, err = r.Resolve(ctx, reference.ResolutionRequest{
-// 		CurrentValue: reference.FromPtrValue(mg.Spec.ForProvider.Role),
-// 		Reference:    mg.Spec.ForProvider.RoleRef,
-// 		Selector:     mg.Spec.ForProvider.RoleSelector,
-// 		To:           reference.To{Managed: &Role{}, List: &RoleList{}},
-// 		Extract:      reference.ExternalName(),
-// 	})
-// 	if err != nil {
-// 		return errors.Wrap(err, "spec.forProvider.role")
-// 	}
-// 	mg.Spec.ForProvider.Role = reference.ToPtrValue(rsp.ResolvedValue)
-// 	mg.Spec.ForProvider.RoleRef = rsp.ResolvedReference
-
-// 	// Resolve spec.forProvider.schema
-// 	rsp, err = r.Resolve(ctx, reference.ResolutionRequest{
-// 		CurrentValue: reference.FromPtrValue(mg.Spec.ForProvider.Schema),
-// 		Reference:    mg.Spec.ForProvider.SchemaRef,
-// 		Selector:     mg.Spec.ForProvider.SchemaSelector,
-// 		To:           reference.To{Managed: &Role{}, List: &RoleList{}},
-// 		Extract:      reference.ExternalName(),
-// 	})
-// 	if err != nil {
-// 		return errors.Wrap(err, "spec.forProvider.schema")
-// 	}
-// 	mg.Spec.ForProvider.Schema = reference.ToPtrValue(rsp.ResolvedValue)
-// 	mg.Spec.ForProvider.SchemaRef = rsp.ResolvedReference
-
-// 	return nil
-// }

apis/cluster/postgresql/v1alpha1/default_grant_types.go → apis/namespaced/postgresql/v1alpha1/default_privileges_types.go

@@ -1,13 +1,9 @@
 package v1alpha1
 
 import (
-	"context"
-
-	xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
-	"github.com/crossplane/crossplane-runtime/pkg/reference"
-	"github.com/pkg/errors"
+	xpv1 "github.com/crossplane/crossplane-runtime/v2/apis/common/v1"
+	xpv2 "github.com/crossplane/crossplane-runtime/v2/apis/common/v2"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
 // +kubebuilder:object:root=true
@@ -33,8 +29,8 @@ type DefaultPrivileges struct {
 
 // A DefaultPrivilegesSpec defines the desired state of a Default Grant.
 type DefaultPrivilegesSpec struct {
-	xpv1.ResourceSpec `json:",inline"`
-	ForProvider       DefaultPrivilegesParameters `json:"forProvider"`
+	xpv2.ManagedResourceSpec `json:",inline"`
+	ForProvider              DefaultPrivilegesParameters `json:"forProvider"`
 }
 
 // A DefaultPrivilegesStatus represents the observed state of a Grant.
@@ -49,7 +45,9 @@ type DefaultPrivilegesParameters struct {
 	// +optional
 	Privileges GrantPrivileges `json:"privileges,omitempty"`
 
-	// TargetRole is the role who owns objects on which the default privileges are granted.
+	// TargetRole is the role whose future objects will have default privileges applied.
+	// When this role creates new objects, the specified privileges are automatically
+	// granted. Maps to FOR ROLE in ALTER DEFAULT PRIVILEGES.
 	// See https://www.postgresql.org/docs/current/sql-alterdefaultprivileges.html
 	// +required
 	TargetRole *string `json:"targetRole"`
@@ -66,33 +64,36 @@ type DefaultPrivilegesParameters struct {
 	// +optional
 	WithOption *GrantOption `json:"withOption,omitempty"`
 
-	// Role to which default privileges are granted
+	// Role is the role that will receive the default privileges (the grantee).
+	// Maps to TO in ALTER DEFAULT PRIVILEGES ... GRANT ... TO role.
 	// +optional
+	// +crossplane:generate:reference:type=Role
 	Role *string `json:"role,omitempty"`
 
 	// RoleRef to which default privileges are granted.
 	// +immutable
 	// +optional
-	RoleRef *xpv1.Reference `json:"roleRef,omitempty"`
+	RoleRef *xpv1.NamespacedReference `json:"roleRef,omitempty"`
 
 	// RoleSelector selects a reference to a Role this default grant is for.
 	// +immutable
 	// +optional
-	RoleSelector *xpv1.Selector `json:"roleSelector,omitempty"`
+	RoleSelector *xpv1.NamespacedSelector `json:"roleSelector,omitempty"`
 
 	// Database in which the default privileges are applied
 	// +optional
+	// +crossplane:generate:reference:type=Database
 	Database *string `json:"database,omitempty"`
 
 	// DatabaseRef references the database object this default grant it for.
 	// +immutable
 	// +optional
-	DatabaseRef *xpv1.Reference `json:"databaseRef,omitempty"`
+	DatabaseRef *xpv1.NamespacedReference `json:"databaseRef,omitempty"`
 
 	// DatabaseSelector selects a reference to a Database this grant is for.
 	// +immutable
 	// +optional
-	DatabaseSelector *xpv1.Selector `json:"databaseSelector,omitempty"`
+	DatabaseSelector *xpv1.NamespacedSelector `json:"databaseSelector,omitempty"`
 
 	// Schema in which the default privileges are applied
 	// +required
@@ -107,38 +108,3 @@ type DefaultPrivilegesList struct {
 	metav1.ListMeta `json:"metadata,omitempty"`
 	Items           []DefaultPrivileges `json:"items"`
 }
-
-// ResolveReferences of this DefaultPrivileges.
-func (mg *DefaultPrivileges) ResolveReferences(ctx context.Context, c client.Reader) error {
-	r := reference.NewAPIResolver(c, mg)
-
-	// // Resolve spec.forProvider.database
-	// rsp, err := r.Resolve(ctx, reference.ResolutionRequest{
-	// 	CurrentValue: reference.FromPtrValue(mg.Spec.ForProvider.Database),
-	// 	Reference:    mg.Spec.ForProvider.DatabaseRef,
-	// 	Selector:     mg.Spec.ForProvider.DatabaseSelector,
-	// 	To:           reference.To{Managed: &Database{}, List: &DatabaseList{}},
-	// 	Extract:      reference.ExternalName(),
-	// })
-	// if err != nil {
-	// 	return errors.Wrap(err, "spec.forProvider.database")
-	// }
-	// mg.Spec.ForProvider.Database = reference.ToPtrValue(rsp.ResolvedValue)
-	// mg.Spec.ForProvider.DatabaseRef = rsp.ResolvedReference
-
-	// Resolve spec.forProvider.role
-	rsp, err := r.Resolve(ctx, reference.ResolutionRequest{
-		CurrentValue: reference.FromPtrValue(mg.Spec.ForProvider.Role),
-		Reference:    mg.Spec.ForProvider.RoleRef,
-		Selector:     mg.Spec.ForProvider.RoleSelector,
-		To:           reference.To{Managed: &Role{}, List: &RoleList{}},
-		Extract:      reference.ExternalName(),
-	})
-	if err != nil {
-		return errors.Wrap(err, "spec.forProvider.role")
-	}
-	mg.Spec.ForProvider.Role = reference.ToPtrValue(rsp.ResolvedValue)
-	mg.Spec.ForProvider.RoleRef = rsp.ResolvedReference
-
-	return nil
-}

apis/namespaced/postgresql/v1alpha1/register.go

@@ -95,6 +95,14 @@ var (
 	GrantGroupVersionKind = SchemeGroupVersion.WithKind(GrantKind)
 )
 
+// DefaultPrivileges type metadata.
+var (
+	DefaultPrivilegesKind             = reflect.TypeOf(DefaultPrivileges{}).Name()
+	DefaultPrivilegesGroupKind        = schema.GroupKind{Group: Group, Kind: DefaultPrivilegesKind}.String()
+	DefaultPrivilegesKindAPIVersion   = DefaultPrivilegesKind + "." + SchemeGroupVersion.String()
+	DefaultPrivilegesGroupVersionKind = SchemeGroupVersion.WithKind(DefaultPrivilegesKind)
+)
+
 // Schema type metadata.
 var (
 	SchemaKind             = reflect.TypeOf(Schema{}).Name()
@@ -112,4 +120,5 @@ func init() {
 	SchemeBuilder.Register(&Grant{}, &GrantList{})
 	SchemeBuilder.Register(&Extension{}, &ExtensionList{})
 	SchemeBuilder.Register(&Schema{}, &SchemaList{})
+	SchemeBuilder.Register(&DefaultPrivileges{}, &DefaultPrivilegesList{})
 }