cozystack
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 0 deletions b/‎.gitignore‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎api/v1alpha2/cel_validation_test.go‎
Lines changed: 0 additions & 60 deletions b/‎api/v1alpha2/cel_validation_test.go‎
Lines changed: 0 additions & 60 deletions
diff --git a/‎api/v1alpha2/etcdcluster_types.go‎
Lines changed: 0 additions & 23 deletions b/‎api/v1alpha2/etcdcluster_types.go‎
Lines changed: 0 additions & 23 deletions
diff --git a/‎api/v1alpha2/etcdmember_types.go‎
Lines changed: 0 additions & 26 deletions b/‎api/v1alpha2/etcdmember_types.go‎
Lines changed: 0 additions & 26 deletions
@@ -8,6 +8,8 @@
 bin
 # kubectl-etcd plugin: build to bin/ (see Makefile); never commit a root-level build artifact
 /kubectl-etcd
+# etcd-migrate tool: same rule — build to bin/, never commit the root-level artifact
+/etcd-migrate
 
 # Test binary, build with `go test -c`
 *.test
 
@@ -655,66 +655,6 @@ func TestSchema_OptionsValidation(t *testing.T) {
 	}
 }
 
-// TestCEL_HeadlessServiceNameImmutable covers the adoption field's
-// lifecycle rules: valid on create, rejected on add, change and removal —
-// the name is baked into member identity (peer URLs persisted in etcd,
-// pod subdomains), so any post-create edit would desync DNS from etcd.
-func TestCEL_HeadlessServiceNameImmutable(t *testing.T) {
-	skipIfNoEnvtest(t)
-	ctx := context.Background()
-
-	// Valid on create (the in-place migration path).
-	c := validCluster("hsn-create")
-	c.Spec.HeadlessServiceName = "legacy-headless"
-	if err := k8s.Create(ctx, c); err != nil {
-		t.Fatalf("create with headlessServiceName: %v", err)
-	}
-	t.Cleanup(func() { _ = k8s.Delete(ctx, c) })
-
-	// Change rejected.
-	got := &lll.EtcdCluster{}
-	if err := k8s.Get(ctx, ctrlclient.ObjectKeyFromObject(c), got); err != nil {
-		t.Fatalf("Get: %v", err)
-	}
-	got.Spec.HeadlessServiceName = "other"
-	if err := k8s.Update(ctx, got); err == nil {
-		t.Fatalf("apiserver accepted headlessServiceName change; expected rejection")
-	} else if !strings.Contains(err.Error(), "immutable") {
-		t.Fatalf("error did not mention immutability: %v", err)
-	}
-
-	// Removal rejected.
-	if err := k8s.Get(ctx, ctrlclient.ObjectKeyFromObject(c), got); err != nil {
-		t.Fatalf("Get: %v", err)
-	}
-	got.Spec.HeadlessServiceName = ""
-	if err := k8s.Update(ctx, got); err == nil {
-		t.Fatalf("apiserver accepted headlessServiceName removal; expected rejection")
-	}
-
-	// Add-on-existing rejected.
-	plain := validCluster("hsn-add")
-	if err := k8s.Create(ctx, plain); err != nil {
-		t.Fatalf("create plain cluster: %v", err)
-	}
-	t.Cleanup(func() { _ = k8s.Delete(ctx, plain) })
-	if err := k8s.Get(ctx, ctrlclient.ObjectKeyFromObject(plain), got); err != nil {
-		t.Fatalf("Get: %v", err)
-	}
-	got.Spec.HeadlessServiceName = "late-override"
-	if err := k8s.Update(ctx, got); err == nil {
-		t.Fatalf("apiserver accepted adding headlessServiceName post-create; expected rejection")
-	}
-
-	// DNS-label pattern enforced.
-	bad := validCluster("hsn-bad")
-	bad.Spec.HeadlessServiceName = "Not_A_DNS_Label"
-	if err := k8s.Create(ctx, bad); err == nil {
-		_ = k8s.Delete(ctx, bad)
-		t.Fatalf("apiserver accepted invalid headlessServiceName; expected rejection")
-	}
-}
-
 // spec.auth.enabled requires spec.tls.client — auth credentials must
 // not cross a plaintext wire. This rule does not reference oldSelf, so it is
 // enforced on CREATE.
 
@@ -435,8 +435,6 @@ type StorageSpec struct {
 // +kubebuilder:validation:XValidation:rule="!has(self.auth) || !has(oldSelf.auth) || self.auth == oldSelf.auth",message="spec.auth is immutable post-create; delete and recreate the cluster to change auth configuration"
 // +kubebuilder:validation:XValidation:rule="!(has(self.auth) && self.auth.enabled) || (has(self.tls) && has(self.tls.client))",message="spec.auth.enabled requires spec.tls.client (auth credentials must not cross a plaintext connection)"
 // +kubebuilder:validation:XValidation:rule="!(has(self.auth) && self.auth.enabled) || has(self.auth.rootCredentialsSecretRef)",message="spec.auth.enabled requires spec.auth.rootCredentialsSecretRef"
-// +kubebuilder:validation:XValidation:rule="has(self.headlessServiceName) == has(oldSelf.headlessServiceName)",message="spec.headlessServiceName cannot be added to or removed from an existing cluster; it is baked into member identity (peer URLs, pod subdomains)"
-// +kubebuilder:validation:XValidation:rule="!has(self.headlessServiceName) || !has(oldSelf.headlessServiceName) || self.headlessServiceName == oldSelf.headlessServiceName",message="spec.headlessServiceName is immutable post-create; it is baked into member identity (peer URLs, pod subdomains)"
 // +kubebuilder:validation:XValidation:rule="has(self.bootstrap) == has(oldSelf.bootstrap)",message="spec.bootstrap cannot be added to or removed from an existing cluster; it is consulted only at first bootstrap"
 // +kubebuilder:validation:XValidation:rule="!has(self.bootstrap) || !has(oldSelf.bootstrap) || self.bootstrap == oldSelf.bootstrap",message="spec.bootstrap is immutable post-create; it is consulted only at first bootstrap"
 // +kubebuilder:validation:XValidation:rule="!(has(self.bootstrap) && has(self.bootstrap.restore)) || !(has(self.storage) && has(self.storage.medium) && self.storage.medium == 'Memory')",message="spec.bootstrap.restore is unsupported with spec.storage.medium=Memory: the restored data dir is tmpfs, so any seed Pod restart re-restores the snapshot — reverting writes (single member) or breaking the cluster with a fresh ID it can't rejoin (multi-member). Use persistent storage to restore."
@@ -560,27 +558,6 @@ type EtcdClusterSpec struct {
 	// tuning change in place.
 	// +optional
 	Options *EtcdOptions `json:"options,omitempty"`
-
-	// HeadlessServiceName overrides the name of the headless Service the
-	// operator maintains for per-member DNS. Empty (the default) means
-	// the Service is named after the cluster. The name is baked into
-	// every member's identity — peer URLs persisted inside etcd, the
-	// Pods' spec.subdomain, and every endpoint the operator dials — so
-	// the field is immutable post-create (spec-level CEL, like
-	// storageClassName).
-	//
-	// The main consumer is in-place migration from the legacy
-	// etcd.aenix.io operator: its StatefulSet pods carry an immutable
-	// spec.subdomain of "<cluster>-headless" and their peer URLs are
-	// persisted in etcd under that DNS domain. Setting
-	// headlessServiceName to the legacy Service name makes the operator's
-	// constructed URLs match the adopted pods' actual DNS exactly, so
-	// discovery, scale-up and replacement work without any
-	// adopted-member special cases.
-	// +kubebuilder:validation:MaxLength=63
-	// +kubebuilder:validation:Pattern=`^[a-z]([-a-z0-9]*[a-z0-9])?$`
-	// +optional
-	HeadlessServiceName string `json:"headlessServiceName,omitempty"`
 }
 
 // AdditionalMetadata is a set of labels and annotations the operator merges
 
@@ -105,32 +105,6 @@ type EtcdMemberSpec struct {
 	// +optional
 	Options *EtcdOptions `json:"options,omitempty"`
 
-	// HeadlessServiceName mirrors EtcdCluster.spec.headlessServiceName.
-	// Empty means the headless Service is named after the cluster. The
-	// member controller uses it for the Pod's spec.subdomain and for
-	// every constructed peer/client URL, so the member's DNS identity
-	// matches the cluster's headless Service.
-	// +kubebuilder:validation:MaxLength=63
-	// +kubebuilder:validation:Pattern=`^[a-z]([-a-z0-9]*[a-z0-9])?$`
-	// +optional
-	HeadlessServiceName string `json:"headlessServiceName,omitempty"`
-
-	// DataDirSubPath relocates etcd's --data-dir to a subdirectory of the
-	// member's data volume: empty (the default) means the volume root
-	// (/var/lib/etcd), a value V means /var/lib/etcd/V. A single path
-	// component — no slashes — so it cannot escape the mount.
-	//
-	// Set by the in-place migration from the legacy etcd.aenix.io
-	// operator, whose StatefulSet pods kept their data under the
-	// "default.etcd" subdirectory of the PVC. With the subPath recorded
-	// here, a replacement Pod built by this operator finds the existing
-	// data dir and resumes with the member's persisted identity instead
-	// of starting empty and crashlooping against the cluster.
-	// +kubebuilder:validation:MaxLength=128
-	// +kubebuilder:validation:Pattern=`^[a-zA-Z0-9][a-zA-Z0-9._-]*$`
-	// +optional
-	DataDirSubPath string `json:"dataDirSubPath,omitempty"`
-
 	// Bootstrap indicates this member is part of the initial cluster formation.
 	// When true the member starts with --initial-cluster-state=new.
 	// +optional