From e333b9b3d266b985d05946bda450d0a9f9c025fb Mon Sep 17 00:00:00 2001
From: Martin Weise <martin.weise@tuwien.ac.at>
Date: Sat, 15 Jun 2024 12:50:17 +0200
Subject: [PATCH] WIP

---
 helm/dbrepo/values.yaml | 180 ++++++-------
 values.schema.json      | 582 +++++++++++++++++-----------------------
 2 files changed, 327 insertions(+), 435 deletions(-)

diff --git a/helm/dbrepo/values.yaml b/helm/dbrepo/values.yaml
index 1942c37da9..e00b326306 100644
--- a/helm/dbrepo/values.yaml
+++ b/helm/dbrepo/values.yaml
@@ -22,47 +22,43 @@ clusterDomain: cluster.local
 
 ## @section Internal Admin User
 
-## @param admin.username The internal admin username.
-## @param admin.password The internal admin password.
-##
 admin:
+  ## @param admin.username The internal admin username.
   username: admin
+  ## @param admin.password The internal admin password.
   password: admin
 
 ## @section Metadata Database
 
-## @param metadatadb.enabled Enable the Metadata Database.
-## @skip metadatadb.fullnameOverride
-## @param metadatadb.image.debug Set the logging level to `trace`. Otherwise, set to `info`.
-## @param metadatadb.host The hostname for the microservices.
-## @param metadatadb.rootUser.user The root username.
-## @param metadatadb.rootUser.password The root user password.
-## @param metadatadb.jdbcExtraArgs The extra arguments for JDBC connections in the microservices.
-## @param metadatadb.db.name The database name.
-## @skip metadatadb.metrics.enabled The Prometheus settings.
-## @skip metadatadb.galera The Galera settings.
-## @skip metadatadb.initdbScriptsConfigMap The initial database scripts.
-## @param metadatadb.extraInitDbScripts Additional init.db scripts that are executed on the first start.
-## @skip metadatadb.service The initial database scripts.
-## @param metadatadb.persistence.enabled Enable persistent storage. Requires PV-provisioner.
-## @param metadatadb.replicaCount The number of replicas, should be uneven (2n+1).
-##
 metadatadb:
+  ## @param metadatadb.enabled Enable the Metadata Database.
   enabled: true
+  ## @skip metadatadb.fullnameOverride
   fullnameOverride: metadata-db
   image:
+    ## @param metadatadb.image.debug Set the logging level to `trace`. Otherwise, set to `info`.
     debug: false
+  ## @param metadatadb.host The hostname for the microservices.
   host: metadata-db
   auth:
+    ## @param metadatadb.auth.root The root username.
     root: root
+    ## @param metadatadb.auth.rootPassword The root user password.
     rootPassword: dbrepo
+    ## @param metadatadb.auth.database The database name.
     database: dbrepo
+    ## @param metadatadb.auth.replicationUser The database replication username.
     replicationUser: replication
+    ## @param metadatadb.auth.replicationPassword The database replication user password
     replicationPassword: replication
+  ## @param metadatadb.jdbcExtraArgs The extra arguments for JDBC connections in the microservices.
   jdbcExtraArgs: ""
   metrics:
+    ## @skip metadatadb.metrics.enabled The Prometheus settings.
     enabled: false
+  ## @skip metadatadb.initdbScriptsConfigMap The initial database scripts.
   initdbScriptsConfigMap: metadata-db-setup
+  ## @param metadatadb.extraInitDbScripts Additional init.db scripts that are executed on the first start.
   extraInitDbScripts: { }
   #    03-additional-data.sql: |
   #      BEGIN;
@@ -70,94 +66,88 @@ metadatadb:
   #        VALUES ('MariaDB Galera TEST', 'mariadb_11_1_3', 1, 'data-db', 3306, 'data-db', 80, 'root', 'dbrepo');
   #      COMMIT;
   secondary:
+    ## @param metadatadb.secondary.replicaCount The number of replicas of the secondary database pods.
     replicaCount: 2
 
 ## @section Auth Service
 
-## @param authservice.enabled Enable the Auth Service.
-## @skip authservice.fullnameOverride
-## @param authservice.image.debug Set the logging level to `trace`. Otherwise, set to `info`.
-## @param authservice.endpoint The hostname for the microservices.
-## @param authservice.auth.adminUser The admin username.
-## @param authservice.auth.adminPassword The admin user password.
-## @skip authservice.postgresql
-## @skip authservice.extraStartupArgs
-## @param authservice.jwt.pubkey The JWT public key from the `dbrepo-client`.
-## @param authservice.tls.enabled Enable TLS/SSL communication. Required for HTTPS.
-## @param authservice.tls.existingSecret The secret containing the `tls.crt`, `tls.key` and `ca.crt`.
-## @param authservice.tls.usePem Use PEM certificates as input instead of PKS12/JKS stores.
-## @param authservice.metrics.enabled Enable the Prometheus metrics export sidecar container.
-## @param authservice.client.id The client id for the microservices.
-## @param authservice.client.secret The client secret for the microservices.
-## @skip authservice.extraEnvVarsCM
-## @skip authservice.extraVolumes
-## @skip authservice.extraVolumeMounts
-## @skip authservice.replicaCount The number of replicas.
-##
 authservice:
+  ## @param authservice.enabled Enable the Auth Service.
   enabled: true
+  ## @skip authservice.fullnameOverride
   fullnameOverride: auth-service
   image:
+    ## @param authservice.image.debug Set the logging level to `trace`. Otherwise, set to `info`.
     debug: false
+  ## @param authservice.endpoint The hostname for the microservices.
   endpoint: http://auth-service
   auth:
+    ## @param authservice.auth.adminUser The admin username.
     adminUser: fda
+    ## @param authservice.auth.adminPassword The admin user password.
     adminPassword: fda
+  ## @skip authservice.postgresql
   postgresql:
     enabled: true
     auth:
       postgresPassword: postgres
+  ## @skip authservice.extraStartupArgs
   extraStartupArgs: "--import-realm"
   jwt:
+    ## @param authservice.jwt.pubkey The JWT public key from the `dbrepo-client`.
     pubkey: "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqnHQ2BWWW9vDNLRCcxD++xZg/16oqMo/c1l+lcFEjjAIJjJp/HqrPYU/U9GvquGE6PbVFtTzW1KcKawOW+FJNOA3CGo8Q1TFEfz43B8rZpKsFbJKvQGVv1Z4HaKPvLUm7iMm8Hv91cLduuoWx6Q3DPe2vg13GKKEZe7UFghF+0T9u8EKzA/XqQ0OiICmsmYPbwvf9N3bCKsB/Y10EYmZRb8IhCoV9mmO5TxgWgiuNeCTtNCv2ePYqL/U0WvyGFW0reasIK8eg3KrAUj8DpyOgPOVBn3lBGf+3KFSYi+0bwZbJZWqbC/Xlk20Go1YfeJPRIt7ImxD27R/lNjgDO/MwIDAQAB"
   tls:
+    ## @param authservice.tls.enabled Enable TLS/SSL communication. Required for HTTPS.
     enabled: true
+    ## @param authservice.tls.existingSecret The secret containing the `tls.crt`, `tls.key` and `ca.crt`.
     existingSecret: ingress-cert
+    ## @skip authservice.tls.usePem
     usePem: true
   metrics:
+    ## @param authservice.metrics.enabled Enable the Prometheus metrics export sidecar container.
     enabled: false
   client:
+    ## @param authservice.client.id The client id for the microservices.
     id: dbrepo-client
+    ## @param authservice.client.secret The client secret for the microservices.
     secret: MUwRc7yfXSJwX8AdRMWaQC3Nep1VjwgG
+  ## @skip authservice.extraEnvVarsCM
   extraEnvVarsCM: auth-service-config
+  ## @skip authservice.extraVolumes
   extraVolumes:
     - name: config-map
       configMap:
         name: auth-service-config
+  ## @skip authservice.extraVolumeMounts
   extraVolumeMounts:
     - name: config-map
       mountPath: /opt/bitnami/keycloak/data/import
+  ## @skip authservice.replicaCount The number of replicas.
   replicaCount: 2
 
 ## @section Data Database
 
-## @param datadb.enabled Enable the Data Database.
-## @skip datadb.fullnameOverride
-## @param datadb.image.debug Set the logging level to `trace`. Otherwise, set to `info`.
-## @skip datadb.extraFlags
-## @param datadb.rootUser.user The root username.
-## @param datadb.rootUser.password The root user password.
-## @skip datadb.metrics.enabled The Prometheus settings.
-## @skip datadb.galera The Galera settings.
-## @skip datadb.service
-## @skip datadb.sidecars
-## @skip datadb.extraVolumeMounts
-## @skip datadb.extraVolumes
-## @param datadb.persistence.enabled Enable persistent storage. Requires PV-provisioner.
-## @param datadb.replicaCount The number of replicas, should be uneven (2n+1).
-##
 datadb:
+  ## @param datadb.enabled Enable the Data Database.
   enabled: true
+  ## @skip datadb.fullnameOverride
   fullnameOverride: data-db
   image:
+    ## @param datadb.image.debug Set the logging level to `trace`. Otherwise, set to `info`.
     debug: false
+  ## @skip datadb.extraFlags
   extraFlags: "--character-set-server=utf8mb4 --collation-server=utf8mb4_general_ci"
   auth:
+    ## @param datadb.auth.rootPassword The root user password.
     rootPassword: dbrepo
+    ## @param datadb.auth.replicationPassword The database replication user password
     replicationUser: replication
+    ## @param datadb.jdbcExtraArgs The extra arguments for JDBC connections in the microservices.
     replicationPassword: replication
   metrics:
+    ## @skip datadb.metrics.enabled
     enabled: true
+  ## @skip datadb.primary
   primary:
     service:
       extraPorts:
@@ -213,54 +203,41 @@ datadb:
         emptyDir: { }
     persistence:
       enabled: false
+  ## @skip datadb.secondary
   secondary:
     replicaCount: 2
 
 ## @section Search Database
 
-## @param searchdb.enabled Enable the Search Database.
-## @skip searchdb.fullnameOverride
-## @param searchdb.host The hostname for the microservices.
-## @param searchdb.port The port for the microservices.
-## @param searchdb.username The admin username.
-## @param searchdb.password The admin user password.
-## @skip searchdb.clusterName
-## @skip searchdb.masterService
-## @param searchdb.replicas The number of replicas.
-## @skip searchdb.sysctlInit
-## @param searchdb.persistence.enabled Enable persistent storage. Requires PV-provisioner.
-## @skip searchdb.service
-## @skip searchdb.extraEnvs
-## @skip searchdb.extraVolumeMounts
-## @skip searchdb.extraVolumes
-## @skip searchdb.config
-##
 searchdb:
-  enabled: true
+  enabled: true.
+  ## @skip searchdb.fullnameOverride
   fullnameOverride: search-db
+  ## @skip searchdb.servicenameOverride
   servicenameOverride: search-db
+  ## @param searchdb.host The hostname for the microservices.
   host: search-db
+  ## @param searchdb.port The port for the microservices.
   port: 9200
+  ## @skip searchdb.security
   security:
     enabled: false
     adminPassword: admin
+  ## @param searchdb.clusterName The cluster name.
   clusterName: search-db
 
 ## @section Upload Service
 
-## @param uploadservice.enabled Enable the Upload Service.
-## @skip uploadservice.fullnameOverride
-## @skip uploadservice.image
-## @skip uploadservice.containerArgs
-## @skip uploadservice.envFrom
-## @param uploadservice.replicaCount The number of replicas.
-##
 uploadservice:
+  ## @param uploadservice.enabled Enable the Upload Service.
   enabled: true
+  ## @skip uploadservice.fullnameOverride
   fullnameOverride: upload-service
+  ## @skip uploadservice.image
   image:
     repository: tusproject/tusd
     tag: v1.12
+  ## @skip uploadservice.securityContext
   securityContext:
     allowPrivilegeEscalation: false
     runAsUser: 1000
@@ -271,59 +248,58 @@ uploadservice:
     capabilities:
       drop:
         - ALL
+  ## @skip uploadservice.containerArgs
   containerArgs:
     - "--base-path=/api/upload/files/"
     - "-s3-endpoint=http://storageservice-s3:9000"
     - "-s3-bucket=dbrepo-upload"
+  ## @skip uploadservice.envFrom
   envFrom:
     - secretRef:
         name: upload-service-secret
+  ## @param uploadservice.replicaCount The number of replicas.
   replicaCount: 2
 
 ## @section Broker Service
 
-## @param brokerservice.enabled Enable the Broker Service.
-## @skip brokerservice.fullnameOverride
-## @skip brokerservice.image
-## @param brokerservice.endpoint The management api endpoint for the microservices.
-## @param brokerservice.host The hostname for the microservices.
-## @param brokerservice.port The port for the microservices.
-## @param brokerservice.virtualHost The default virtual host name.
-## @param brokerservice.queueName The default queue name.
-## @param brokerservice.exchangeName The default exchange name.
-## @param brokerservice.routingKey The default routing key binding from the default queue to the default exchange.
-## @param brokerservice.connectionTimeout The connection timeout in ms.
-## @skip brokerservice.auth
-## @skip brokerservice.extraConfiguration
-## @skip brokerservice.loadDefinition
-## @skip brokerservice.extraVolumes
-## @skip brokerservice.extraPlugins
-## @param brokerservice.persistence.enabled Enable persistent storage. Requires PV-provisioner.
-## @skip brokerservice.service
-## @param brokerservice.replicaCount The number of replicas.
-##
 brokerservice:
+  ## @param brokerservice.enabled Enable the Broker Service.
   enabled: true
+  ## @skip brokerservice.fullnameOverride
   fullnameOverride: broker-service
   image:
+    ## @param brokerservice.image.debug Set the logging level to `trace`. Otherwise, set to `info`.
     debug: true
+  ## @param brokerservice.endpoint The management api endpoint for the microservices.
   endpoint: http://broker-service:15672
+  ## @param brokerservice.host The hostname for the microservices.
   host: broker-service
+  ## @param brokerservice.port The port for the microservices.
   port: 5672
+  ## @param brokerservice.virtualHost The default virtual host name.
   virtualHost: dbrepo
+  ## @param brokerservice.queueName The default queue name.
   queueName: dbrepo
+  ## @param brokerservice.exchangeName The default exchange name.
   exchangeName: dbrepo
+  ## @param brokerservice.routingKey The default routing key binding from the default queue to the default exchange.
   routingKey: dbrepo.#
+  ## @param brokerservice.connectionTimeout The connection timeout in ms.
   connectionTimeout: 60000
   auth:
+    ## @skip brokerservice.auth.tls
     tls:
       enabled: false
       sslOptionsVerify: true
       failIfNoPeerCert: true
       existingSecret: ingress-cert
+    ## @param brokerservice.auth.username The initial administrator username.
     username: broker
+    ## @param brokerservice.auth.password The initial administrator user password.
     password: broker
+    ## @param brokerservice.auth.passwordHash The initial administrator user password has generated with [`generate-rabbitmq-pw.sh`](https://gitlab.phaidra.org/fair-data-austria-db-repository/fda-services/-/blob/release-1.4.4/helm/dbrepo/hack/generate-rabbitmq-pw.sh).
     passwordHash: 1gwjNNTBPKLgyzbsUykfR0JIFC6nNqbNJaxzZ14uPT8JGcTZ
+  ## @skip brokerservice.extraConfiguration
   extraConfiguration: |-
     default_vhost = dbrepo
     default_user_tags.administrator = true
@@ -347,20 +323,26 @@ brokerservice:
     management.oauth_client_secret = JEC2FexxrX4N65fLeDGukAl6R3Lc9y0u
     management.oauth_scopes = openid
     management.oauth_provider_url = https://example.com/api/auth/realms/dbrepo
+  ## @skip brokerservice.loadDefinition
   loadDefinition:
     enabled: true
     existingSecret: broker-service-secret
+  ## @skip brokerservice.extraVolumes
   extraVolumes:
     - name: secret-map
       secret:
         secretName: broker-service-secret
+  ## @param brokerservice.extraPlugins The list of plugins to be activated.
   extraPlugins: rabbitmq_prometheus rabbitmq_auth_backend_oauth2 rabbitmq_auth_mechanism_ssl
   persistence:
+    ## @param brokerservice.persistence.enabled If set to true, a PVC will be created.
     enabled: false
+  ## @skip brokerservice.service
   service:
     type: ClusterIP
     managerPortEnabled: true
     # loadBalancerIP:
+  ## @param brokerservice.replicaCount The number of replicas.
   replicaCount: 1
 
 ## @section Analyse Service
diff --git a/values.schema.json b/values.schema.json
index 2cc52abfed..d8b81c6a48 100644
--- a/values.schema.json
+++ b/values.schema.json
@@ -187,6 +187,9 @@
                         "password": {
                             "type": "string"
                         },
+                        "passwordHash": {
+                            "type": "string"
+                        },
                         "tls": {
                             "properties": {
                                 "enabled": {
@@ -314,60 +317,29 @@
         },
         "datadb": {
             "properties": {
+                "auth": {
+                    "properties": {
+                        "replicationPassword": {
+                            "type": "string"
+                        },
+                        "replicationUser": {
+                            "type": "string"
+                        },
+                        "rootPassword": {
+                            "type": "string"
+                        }
+                    },
+                    "type": "object"
+                },
                 "enabled": {
                     "type": "boolean"
                 },
                 "extraFlags": {
                     "type": "string"
                 },
-                "extraVolumeMounts": {
-                    "items": {
-                        "properties": {
-                            "mountPath": {
-                                "type": "string"
-                            },
-                            "name": {
-                                "type": "string"
-                            }
-                        },
-                        "type": "object"
-                    },
-                    "type": "array"
-                },
-                "extraVolumes": {
-                    "items": {
-                        "properties": {
-                            "emptyDir": {
-                                "properties": {},
-                                "type": "object"
-                            },
-                            "name": {
-                                "type": "string"
-                            }
-                        },
-                        "type": "object"
-                    },
-                    "type": "array"
-                },
                 "fullnameOverride": {
                     "type": "string"
                 },
-                "galera": {
-                    "properties": {
-                        "mariabackup": {
-                            "properties": {
-                                "password": {
-                                    "type": "string"
-                                },
-                                "user": {
-                                    "type": "string"
-                                }
-                            },
-                            "type": "object"
-                        }
-                    },
-                    "type": "object"
-                },
                 "image": {
                     "properties": {
                         "debug": {
@@ -384,196 +356,224 @@
                     },
                     "type": "object"
                 },
-                "persistence": {
-                    "properties": {
-                        "enabled": {
-                            "type": "boolean"
-                        }
-                    },
-                    "type": "object"
-                },
-                "replicaCount": {
-                    "type": "integer"
-                },
-                "rootUser": {
+                "primary": {
                     "properties": {
-                        "password": {
-                            "type": "string"
-                        },
-                        "user": {
-                            "type": "string"
-                        }
-                    },
-                    "type": "object"
-                },
-                "service": {
-                    "properties": {
-                        "extraPorts": {
+                        "extraVolumeMounts": {
                             "items": {
                                 "properties": {
-                                    "name": {
+                                    "mountPath": {
                                         "type": "string"
                                     },
-                                    "port": {
-                                        "type": "integer"
-                                    },
-                                    "protocol": {
+                                    "name": {
                                         "type": "string"
-                                    },
-                                    "targetPort": {
-                                        "type": "integer"
                                     }
                                 },
                                 "type": "object"
                             },
                             "type": "array"
-                        }
-                    },
-                    "type": "object"
-                },
-                "sidecars": {
-                    "items": {
-                        "properties": {
-                            "envFrom": {
-                                "items": {
-                                    "properties": {
-                                        "secretRef": {
-                                            "properties": {
-                                                "name": {
-                                                    "type": "string"
-                                                }
-                                            },
-                                            "type": "object"
-                                        }
-                                    },
-                                    "type": "object"
-                                },
-                                "type": "array"
-                            },
-                            "image": {
-                                "type": "string"
-                            },
-                            "imagePullPolicy": {
-                                "type": "string"
-                            },
-                            "livenessProbe": {
+                        },
+                        "extraVolumes": {
+                            "items": {
                                 "properties": {
-                                    "exec": {
-                                        "properties": {
-                                            "command": {
-                                                "items": {
-                                                    "type": "string"
-                                                },
-                                                "type": "array"
-                                            }
-                                        },
+                                    "emptyDir": {
+                                        "properties": {},
                                         "type": "object"
                                     },
-                                    "initialDelaySeconds": {
-                                        "type": "integer"
-                                    },
-                                    "periodSeconds": {
-                                        "type": "integer"
+                                    "name": {
+                                        "type": "string"
                                     }
                                 },
                                 "type": "object"
                             },
-                            "name": {
-                                "type": "string"
+                            "type": "array"
+                        },
+                        "persistence": {
+                            "properties": {
+                                "enabled": {
+                                    "type": "boolean"
+                                }
                             },
-                            "ports": {
-                                "items": {
-                                    "properties": {
-                                        "containerPort": {
-                                            "type": "integer"
-                                        },
-                                        "name": {
-                                            "type": "string"
+                            "type": "object"
+                        },
+                        "service": {
+                            "properties": {
+                                "extraPorts": {
+                                    "items": {
+                                        "properties": {
+                                            "name": {
+                                                "type": "string"
+                                            },
+                                            "port": {
+                                                "type": "integer"
+                                            },
+                                            "protocol": {
+                                                "type": "string"
+                                            },
+                                            "targetPort": {
+                                                "type": "integer"
+                                            }
                                         },
-                                        "protocol": {
-                                            "type": "string"
-                                        }
+                                        "type": "object"
                                     },
-                                    "type": "object"
-                                },
-                                "type": "array"
+                                    "type": "array"
+                                }
                             },
-                            "readinessProbe": {
+                            "type": "object"
+                        },
+                        "sidecars": {
+                            "items": {
                                 "properties": {
-                                    "exec": {
+                                    "envFrom": {
+                                        "items": {
+                                            "properties": {
+                                                "secretRef": {
+                                                    "properties": {
+                                                        "name": {
+                                                            "type": "string"
+                                                        }
+                                                    },
+                                                    "type": "object"
+                                                }
+                                            },
+                                            "type": "object"
+                                        },
+                                        "type": "array"
+                                    },
+                                    "image": {
+                                        "type": "string"
+                                    },
+                                    "imagePullPolicy": {
+                                        "type": "string"
+                                    },
+                                    "livenessProbe": {
                                         "properties": {
-                                            "command": {
-                                                "items": {
-                                                    "type": "string"
+                                            "exec": {
+                                                "properties": {
+                                                    "command": {
+                                                        "items": {
+                                                            "type": "string"
+                                                        },
+                                                        "type": "array"
+                                                    }
                                                 },
-                                                "type": "array"
+                                                "type": "object"
+                                            },
+                                            "initialDelaySeconds": {
+                                                "type": "integer"
+                                            },
+                                            "periodSeconds": {
+                                                "type": "integer"
                                             }
                                         },
                                         "type": "object"
                                     },
-                                    "initialDelaySeconds": {
-                                        "type": "integer"
+                                    "name": {
+                                        "type": "string"
                                     },
-                                    "periodSeconds": {
-                                        "type": "integer"
-                                    }
-                                },
-                                "type": "object"
-                            },
-                            "securityContext": {
-                                "properties": {
-                                    "allowPrivilegeEscalation": {
-                                        "type": "boolean"
+                                    "ports": {
+                                        "items": {
+                                            "properties": {
+                                                "containerPort": {
+                                                    "type": "integer"
+                                                },
+                                                "name": {
+                                                    "type": "string"
+                                                },
+                                                "protocol": {
+                                                    "type": "string"
+                                                }
+                                            },
+                                            "type": "object"
+                                        },
+                                        "type": "array"
                                     },
-                                    "capabilities": {
+                                    "readinessProbe": {
                                         "properties": {
-                                            "drop": {
-                                                "items": {
-                                                    "type": "string"
+                                            "exec": {
+                                                "properties": {
+                                                    "command": {
+                                                        "items": {
+                                                            "type": "string"
+                                                        },
+                                                        "type": "array"
+                                                    }
                                                 },
-                                                "type": "array"
+                                                "type": "object"
+                                            },
+                                            "initialDelaySeconds": {
+                                                "type": "integer"
+                                            },
+                                            "periodSeconds": {
+                                                "type": "integer"
                                             }
                                         },
                                         "type": "object"
                                     },
-                                    "runAsGroup": {
-                                        "type": "integer"
-                                    },
-                                    "runAsNonRoot": {
-                                        "type": "boolean"
-                                    },
-                                    "runAsUser": {
-                                        "type": "integer"
-                                    },
-                                    "seccompProfile": {
+                                    "securityContext": {
                                         "properties": {
-                                            "type": {
-                                                "type": "string"
+                                            "allowPrivilegeEscalation": {
+                                                "type": "boolean"
+                                            },
+                                            "capabilities": {
+                                                "properties": {
+                                                    "drop": {
+                                                        "items": {
+                                                            "type": "string"
+                                                        },
+                                                        "type": "array"
+                                                    }
+                                                },
+                                                "type": "object"
+                                            },
+                                            "runAsGroup": {
+                                                "type": "integer"
+                                            },
+                                            "runAsNonRoot": {
+                                                "type": "boolean"
+                                            },
+                                            "runAsUser": {
+                                                "type": "integer"
+                                            },
+                                            "seccompProfile": {
+                                                "properties": {
+                                                    "type": {
+                                                        "type": "string"
+                                                    }
+                                                },
+                                                "type": "object"
                                             }
                                         },
                                         "type": "object"
+                                    },
+                                    "volumeMounts": {
+                                        "items": {
+                                            "properties": {
+                                                "mountPath": {
+                                                    "type": "string"
+                                                },
+                                                "name": {
+                                                    "type": "string"
+                                                }
+                                            },
+                                            "type": "object"
+                                        },
+                                        "type": "array"
                                     }
                                 },
                                 "type": "object"
                             },
-                            "volumeMounts": {
-                                "items": {
-                                    "properties": {
-                                        "mountPath": {
-                                            "type": "string"
-                                        },
-                                        "name": {
-                                            "type": "string"
-                                        }
-                                    },
-                                    "type": "object"
-                                },
-                                "type": "array"
-                            }
-                        },
-                        "type": "object"
+                            "type": "array"
+                        }
                     },
-                    "type": "array"
+                    "type": "object"
+                },
+                "secondary": {
+                    "properties": {
+                        "replicaCount": {
+                            "type": "integer"
+                        }
+                    },
+                    "type": "object"
                 }
             },
             "type": "object"
@@ -762,9 +762,21 @@
         },
         "metadatadb": {
             "properties": {
-                "db": {
+                "auth": {
                     "properties": {
-                        "name": {
+                        "database": {
+                            "type": "string"
+                        },
+                        "replicationPassword": {
+                            "type": "string"
+                        },
+                        "replicationUser": {
+                            "type": "string"
+                        },
+                        "root": {
+                            "type": "string"
+                        },
+                        "rootPassword": {
                             "type": "string"
                         }
                     },
@@ -780,22 +792,6 @@
                 "fullnameOverride": {
                     "type": "string"
                 },
-                "galera": {
-                    "properties": {
-                        "mariabackup": {
-                            "properties": {
-                                "password": {
-                                    "type": "string"
-                                },
-                                "user": {
-                                    "type": "string"
-                                }
-                            },
-                            "type": "object"
-                        }
-                    },
-                    "type": "object"
-                },
                 "host": {
                     "type": "string"
                 },
@@ -821,42 +817,10 @@
                     },
                     "type": "object"
                 },
-                "persistence": {
-                    "properties": {
-                        "enabled": {
-                            "type": "boolean"
-                        }
-                    },
-                    "type": "object"
-                },
-                "replicaCount": {
-                    "type": "integer"
-                },
-                "rootUser": {
-                    "properties": {
-                        "password": {
-                            "type": "string"
-                        },
-                        "user": {
-                            "type": "string"
-                        }
-                    },
-                    "type": "object"
-                },
-                "service": {
+                "secondary": {
                     "properties": {
-                        "annotations": {
-                            "properties": {},
-                            "type": "object"
-                        },
-                        "loadBalancerIP": {
-                            "type": "string"
-                        },
-                        "loadBalancerSourceRanges": {
-                            "type": "array"
-                        },
-                        "type": {
-                            "type": "string"
+                        "replicaCount": {
+                            "type": "integer"
                         }
                     },
                     "type": "object"
@@ -975,120 +939,30 @@
                 "clusterName": {
                     "type": "string"
                 },
-                "config": {
-                    "properties": {
-                        "opensearch.yml": {
-                            "type": "string"
-                        }
-                    },
-                    "type": "object"
-                },
                 "enabled": {
                     "type": "boolean"
                 },
-                "extraEnvs": {
-                    "items": {
-                        "properties": {
-                            "name": {
-                                "type": "string"
-                            },
-                            "value": {
-                                "type": "string"
-                            }
-                        },
-                        "type": "object"
-                    },
-                    "type": "array"
-                },
-                "extraVolumeMounts": {
-                    "items": {
-                        "properties": {
-                            "mountPath": {
-                                "type": "string"
-                            },
-                            "name": {
-                                "type": "string"
-                            },
-                            "readOnly": {
-                                "type": "boolean"
-                            }
-                        },
-                        "type": "object"
-                    },
-                    "type": "array"
-                },
-                "extraVolumes": {
-                    "items": {
-                        "properties": {
-                            "name": {
-                                "type": "string"
-                            },
-                            "secret": {
-                                "properties": {
-                                    "secretName": {
-                                        "type": "string"
-                                    }
-                                },
-                                "type": "object"
-                            }
-                        },
-                        "type": "object"
-                    },
-                    "type": "array"
-                },
                 "fullnameOverride": {
                     "type": "string"
                 },
                 "host": {
                     "type": "string"
                 },
-                "masterService": {
-                    "type": "string"
-                },
-                "password": {
-                    "type": "string"
-                },
-                "persistence": {
-                    "properties": {
-                        "enabled": {
-                            "type": "boolean"
-                        }
-                    },
-                    "type": "object"
-                },
                 "port": {
                     "type": "integer"
                 },
-                "protocol": {
-                    "type": "string"
-                },
-                "replicas": {
-                    "type": "integer"
-                },
-                "service": {
+                "security": {
                     "properties": {
-                        "annotations": {
-                            "properties": {},
-                            "type": "object"
-                        },
-                        "loadBalancerSourceRanges": {
-                            "type": "array"
-                        },
-                        "type": {
+                        "adminPassword": {
                             "type": "string"
-                        }
-                    },
-                    "type": "object"
-                },
-                "sysctlInit": {
-                    "properties": {
+                        },
                         "enabled": {
                             "type": "boolean"
                         }
                     },
                     "type": "object"
                 },
-                "username": {
+                "servicenameOverride": {
                     "type": "string"
                 }
             },
@@ -1450,6 +1324,42 @@
                 },
                 "replicaCount": {
                     "type": "integer"
+                },
+                "securityContext": {
+                    "properties": {
+                        "allowPrivilegeEscalation": {
+                            "type": "boolean"
+                        },
+                        "capabilities": {
+                            "properties": {
+                                "drop": {
+                                    "items": {
+                                        "type": "string"
+                                    },
+                                    "type": "array"
+                                }
+                            },
+                            "type": "object"
+                        },
+                        "runAsGroup": {
+                            "type": "integer"
+                        },
+                        "runAsNonRoot": {
+                            "type": "boolean"
+                        },
+                        "runAsUser": {
+                            "type": "integer"
+                        },
+                        "seccompProfile": {
+                            "properties": {
+                                "type": {
+                                    "type": "string"
+                                }
+                            },
+                            "type": "object"
+                        }
+                    },
+                    "type": "object"
                 }
             },
             "type": "object"
-- 
GitLab