update samples and user guide for version 0.0.8

README.md

@@ -56,6 +56,7 @@ For existing Kubernetes applications that are currently using additional tools (
 1. Install the infrastructure in your cluster:
     ```bash
     kubectl apply -f install-bundle/
+    kubectl apply -f install-bundle/resources
     ```
     **NOTE:** If you previously installed Config Connector alpha and wish to
     upgrade, newer versions of the `CustomResourceDefinitions` may cause some of
@@ -351,7 +352,11 @@ You can find more details on the meaning of specific properties in the API docum
 | bigtableclusters.bigtable.cnrm.cloud.google.com | [Bigtable Cluster](https://cloud.google.com/bigtable/docs/reference/admin/rest/v2/projects.instances.clusters) |
 | bigtableinstances.bigtable.cnrm.cloud.google.com | [Bigtable Instance](https://cloud.google.com/bigtable/docs/reference/admin/rest/v2/projects.instances) |
 | bigquerydatasets.bigquery.cnrm.cloud.google.com | [BigQuery Dataset](https://cloud.google.com/bigquery/docs/reference/rest/v2/datasets) |
-| computehealthchecks.compute.cloud.google.com | [Compute Health Check](https://cloud.google.com/compute/docs/reference/rest/v1/healthChecks) |
+| computebackendservices.compute.cnrm.cloud.google.com | [Compute Backend Service](https://cloud.google.com/compute/docs/reference/rest/v1/backendServices) |
+| computehealthchecks.compute.cnrm.cloud.google.com | [Compute Health Check](https://cloud.google.com/compute/docs/reference/rest/v1/healthChecks) |
+| computenetworks.compute.cnrm.cloud.google.com | [Compute Network](https://cloud.google.com/compute/docs/reference/rest/v1/networks) |
+| computefirewalls.compute.cnrm.cloud.google.com | [Compute Firewall](https://cloud.google.com/compute/docs/reference/rest/v1/firewalls) |
+| containerclusters.container.cnrm.cloud.google.com | [Container Cluster](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters) |
 | iampolicies.iam.cnrm.cloud.google.com | [IAM Policy](https://cloud.google.com/iam/reference/rest/v1/Policy) |
 | iamserviceaccounts.iam.cnrm.cloud.google.com | [IAM Service Account](https://cloud.google.com/iam/reference/rest/v1/projects.serviceAccounts) |
 | pubsubsubscriptions.pubsub.cnrm.cloud.google.com | [Pub/Sub Subscription](https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.subscriptions) |
@@ -381,6 +386,15 @@ Config Connector will assume control of the resource and update it to match the
 
 Note: if you `kubectl delete` the configuration, Config Connector will delete the underlying GCP resource.
 
+## Uninstalling Config Connector Bundle
+
+```bash
+kubectl delete -f install-bundle/resources
+kubectl delete -f install-bundle/
+```
+
+Note: Make sure to `kubectl delete -f install-bundle/resources` first to ensure the custom resource definitions are removed first before the controllers.
+s
 ## Config Connector Resource Functionality
 
 GCP services managed by Config Connector feel native to Kubernetes; thus, all the behavior you would expect from native Kubernetes resources is replicated with Config Connector-managed resources, such as eventual consistency, declarative updates, status, and events.
@@ -488,6 +502,20 @@ sed -i'' -e "s/${OLD_SQL_NAME}/${NEW_SQL_NAME}/" samples/apps/musicians/manifest
 
 There is no cost to using Config Connector beyond the cost of the cluster it runs in. Customers may incur costs for using the GCP resources they create (i.e. Spanner, etc.) 
 
+**Can I use Config Connector in Production?**
+
+Config Connector Alpha is a limited-availability experiment to prepare it for the next release stage. Our focus with Alpha testing is to verify functionality and gather feedback from a limited set of customers. Participation in Config Connector Alpha is by invitation only and the binaries are not intended to be shared publicly. 
+
+No SLAs are provided for Config Connector Alpha, and there are no technical support obligations. However, Config Connector Alpha is extensively tested and is suitable for use in test environments. 
+
+We recommend that you understand and consider the following recommendations before proceeding with production deployment.
+
+1. Create the intended number and types of GCP resources and verify that they are deployed successfully on your test cluster  before proceeding with production cluster deployment.
+1. The default Config Connector behavior is that GCP resources created by Config Connector are deleted when Custom Objects, such as PubSubTopic or  Custom Resource Definitions installed as part of Config Connector are deleted. If you prefer that Config Connector does not delete the GCP resources under management, [enable the abandon deletion policy](https://github.com/GoogleCloudPlatform/k8s-config-connector#resource-abandonment).  
+1. To prevent system error, it is recommended that for a given GCP Project, there is only a single namespace in a single Config-Connector enabled cluster that is mapped to the Project.
+
+
+
 ## Feedback
 
 If you encounter an issue, or have any questions, please contact the development team:

resources/bigquery_v1alpha2_bigquerydataset.yaml → resources/bigquerydataset/bigquery_v1alpha2_bigquerydataset.yaml

@@ -6,3 +6,4 @@ spec:
   defaultTableExpirationMs: 3600000
   description: "BigQuery Dataset Sample"
   friendlyName: bigquerydataset-sample
+  location: US

resources/bigtable_v1alpha1_bigtablecluster.yaml → resources/bigtablecluster/bigtable_v1alpha1_bigtablecluster.yaml

@@ -6,7 +6,7 @@ metadata:
   name: bigtablecluster-sample
 spec:
   instanceRef:
-    name: bigtableinstance-sample
+    name: bigtablecluster-dep
   defaultStorageType: SSD
   location: us-central1-a
   serveNodes: 3

resources/bigtablecluster/bigtable_v1alpha1_bigtableinstance.yaml

@@ -0,0 +1,6 @@
+apiVersion: bigtable.cnrm.cloud.google.com/v1alpha1
+kind: BigtableInstance
+metadata:
+  name: bigtablecluster-dep
+spec:
+  displayName: Bigtable Cluster Dependency

resources/compute_v1alpha1_computebackendservice.yaml

@@ -0,0 +1,7 @@
+apiVersion: compute.cnrm.cloud.google.com/v1alpha1
+kind: ComputeBackendService
+metadata:
+  name: computebackendservice-sample
+spec:
+  healthCheckRef:
+    name: computehealthcheck-sample

resources/computefirewall/compute_v1alpha1_computefirewall.yaml

@@ -0,0 +1,14 @@
+apiVersion: compute.cnrm.cloud.google.com/v1alpha1
+kind: ComputeFirewall
+metadata:
+  labels:
+    label-one: "value-one"
+  name: computefirewall-sample
+spec:
+  allow:
+    - protocol: tcp
+      ports:
+       - "80"
+       - "1000-2000"
+  networkRef:
+    name: computefirewall-dep

resources/computefirewall/compute_v1alpha1_computenetwork.yaml

@@ -0,0 +1,7 @@
+apiVersion: compute.cnrm.cloud.google.com/v1alpha1
+kind: ComputeNetwork
+metadata:
+  name: computefirewall-dep
+spec:
+  routingMode: REGIONAL
+  autoCreateSubnetworks: true

resources/compute_v1alpha1_computehealthcheck.yaml → resources/computehealthcheck/compute_v1alpha1_computehealthcheck.yaml

@@ -1,11 +1,9 @@
 apiVersion: compute.cnrm.cloud.google.com/v1alpha1
 kind: ComputeHealthCheck
 metadata:
-  labels:
-    label-one: "value-one"
   name: computehealthcheck-sample
 spec:
   checkIntervalSec: 10
-  type: TCP
-  tcpHealthCheck:
+  type: HTTP
+  httpHealthCheck:
     port: 80

resources/iam_v1alpha1_iampolicy.yaml → resources/iampolicy/iam_v1alpha1_iampolicy.yaml

@@ -8,7 +8,7 @@ spec:
   resourceRef:
     apiVersion: pubsub.cnrm.cloud.google.com/v1alpha2
     kind: PubSubTopic
-    name: pubsubtopic-sample
+    name: iampolicy-dep
   bindings:
     - role: roles/pubsub.admin
       members:

resources/iampolicy/pubsub_v1alpha2_pubsubtopic.yaml

@@ -0,0 +1,4 @@
+apiVersion: pubsub.cnrm.cloud.google.com/v1alpha2
+kind: PubSubTopic
+metadata:
+  name: iampolicy-dep

resources/iam_v1alpha1_iamserviceaccount.yaml → resources/iamserviceaccount/iam_v1alpha1_iamserviceaccount.yaml

@@ -5,4 +5,4 @@ metadata:
     label-one: "value-one"
   name: iamserviceaccount-example
 spec:
-  displayName: KCC Example Service Account
+  displayName: Example Service Account

resources/kmskeyring/kms_v1alpha1_kmskeyring.yaml

@@ -0,0 +1,6 @@
+apiVersion: kms.cnrm.cloud.google.com/v1alpha1
+kind: KMSKeyRing
+metadata:
+  name: key-ring-samples
+spec:
+  location: us-central1

resources/pubsub_v1alpha2_pubsubsubscription.yaml → resources/pubsubsubscription/pubsub_v1alpha2_pubsubsubscription.yaml

@@ -9,4 +9,4 @@ spec:
   messageRetentionDuration: 86400s
   retainAckedMessages: false
   topicRef:
-    name: pubsubtopic-sample
+    name: pubsubsubscription-dep

resources/pubsubsubscription/pubsub_v1alpha2_pubsubtopic.yaml

@@ -0,0 +1,4 @@
+apiVersion: pubsub.cnrm.cloud.google.com/v1alpha2
+kind: PubSubTopic
+metadata:
+  name: pubsubsubscription-dep

resources/sql_v1alpha2_sqldatabase.yaml → resources/sqldatabase/sql_v1alpha2_sqldatabase.yaml

@@ -8,4 +8,4 @@ spec:
   charset: utf8mb4
   collation: utf8mb4_bin
   instanceRef:
-    name: sqlinstance-sample
+    name: sqldatabase-dep

resources/sqldatabase/sql_v1alpha2_sqlinstance.yaml

@@ -0,0 +1,8 @@
+apiVersion: sql.cnrm.cloud.google.com/v1alpha2
+kind: SQLInstance
+metadata:
+  name: sqldatabase-dep
+spec:
+  databaseVersion: MYSQL_5_7
+  settings:
+    tier: db-n1-standard-1

resources/storage_v1alpha2_storagebucket.yaml → resources/storagebucket/storage_v1alpha2_storagebucket.yaml

@@ -10,3 +10,10 @@ spec:
         type: Delete
       condition:
         age: 7
+  versioning:
+    enabled: true
+  cors:
+    - origin: ["http://example.appspot.com"]
+      responseHeader: ["Content-Type"]
+      method: ["GET", "HEAD", "DELETE"]
+      maxAgeSeconds: 3600

resources/storagebucketaccesscontrol/storage_v1alpha2_storagebucket.yaml

@@ -0,0 +1,4 @@
+apiVersion: storage.cnrm.cloud.google.com/v1alpha2
+kind: StorageBucket
+metadata:
+  name: storagebucketaccesscontrol-dep

resources/storage_v1alpha2_storagebucketaccesscontrol.yaml → resources/storagebucketaccesscontrol/storage_v1alpha2_storagebucketaccesscontrol.yaml

@@ -6,6 +6,6 @@ metadata:
   name: storagebucketaccesscontrol-sample
 spec:
   bucketRef:
-    name: storagebucket-sample
+    name: storagebucketaccesscontrol-dep
   entity: allAuthenticatedUsers
   role: READER

resources/storagedefaultobjectaccesscontrol/storage_v1alpha2_storagebucket.yaml

@@ -0,0 +1,4 @@
+apiVersion: storage.cnrm.cloud.google.com/v1alpha2
+kind: StorageBucket
+metadata:
+  name: storagedefaultobjectaccesscontrol-dep

resources/storage_v1alpha2_storagedefaultobjectaccesscontrol.yaml → resources/storagedefaultobjectaccesscontrol/storage_v1alpha2_storagedefaultobjectaccesscontrol.yaml

@@ -6,6 +6,6 @@ metadata:
   name: storagedefaultobjectaccesscontrol-sample
 spec:
   bucketRef:
-    name: storagebucket-sample
+    name: storagedefaultobjectaccesscontrol
   entity: allAuthenticatedUsers
   role: READER