https://github.com/doodlescheduling/neo4j-aura-controller
Kubernetes controller for managing Neo4j Aura
https://github.com/doodlescheduling/neo4j-aura-controller
aura kubernetes-controller neo4j
Last synced: about 2 months ago
JSON representation
Kubernetes controller for managing Neo4j Aura
- Host: GitHub
- URL: https://github.com/doodlescheduling/neo4j-aura-controller
- Owner: DoodleScheduling
- License: apache-2.0
- Created: 2025-09-25T09:00:51.000Z (9 months ago)
- Default Branch: master
- Last Pushed: 2025-10-02T13:24:41.000Z (8 months ago)
- Last Synced: 2025-10-02T15:22:56.111Z (8 months ago)
- Topics: aura, kubernetes-controller, neo4j
- Language: Go
- Homepage:
- Size: 175 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: CODEOWNERS
- Security: SECURITY.md
Awesome Lists containing this project
README
# neo4j-aura-controller
[](https://github.com/DoodleScheduling/neo4j-aura-controller/releases)
[](https://github.com/DoodleScheduling/neo4j-aura-controller/actions/workflows/release.yaml)
[](https://goreportcard.com/report/github.com/DoodleScheduling/neo4j-aura-controller)
[](https://api.securityscorecards.dev/projects/github.com/DoodleScheduling/neo4j-aura-controller)
[](https://coveralls.io/github/DoodleScheduling/neo4j-aura-controller?branch=master)
[](https://github.com/DoodleScheduling/neo4j-aura-controller/blob/master/LICENSE)
Kubernetes controller for managing Neo4j Aura.
## Quickstart
### Usage Example
```yaml
apiVersion: neo4j.infra.doodle.com/v1beta1
kind: AuraInstance
metadata:
name: my-instance
spec:
cloudProvider: gcp
memory: 4GB
region: eu-central-1
tier: free-db
tenantID: xxx-xxx-xx
neo4jVersion: "5"
secret:
name: neo4j-project-admin
---
apiVersion: v1
data:
clientID: c2VjcmV0=
clientSecret: c2VjcmV0=
kind: Secret
metadata:
name: neo4j-project-admin
type: Opaque
```
#### Custom Secret Key Mapping
If your secret uses different key names (e.g., `clientId` instead of `clientID`), you can specify custom key mappings:
```yaml
apiVersion: v1
kind: Secret
metadata:
name: neo4j-aura-api-custom
namespace: default
data:
clientId:
clientSecret:
---
apiVersion: neo4j.infra.doodle.com/v1beta1
kind: AuraInstance
metadata:
name: my-neo4j-instance
namespace: default
spec:
tier: professional-db
region: eu-central-1
cloudProvider: aws
neo4jVersion: "5"
tenantID: 928f3731-1111-5ffd-a2f7-3602aafb304b
memory: 8GB
secret:
name: neo4j-aura-api-custom
clientIDKey: clientId # Map to the actual key in the secret
clientSecretKey: clientSecret # Map to the actual key in the secret
```
## Observe reconciliation
Each resource reports various conditions in `.status.conditions` which will give the necessary insight about the
current state of the resource.
```yaml
status:
conditions:
- lastTransitionTime: "2023-11-30T12:01:52Z"
message: random cloud error
observedGeneration: 32
reason: ReconciliationFailed
status: "False"
type: Ready
```
## Installation
### Helm
Please see [chart/neo4j-aura-controller](https://github.com/DoodleScheduling/neo4j-aura-controller/tree/master/chart/neo4j-aura-controller) for the helm chart docs.
### Manifests/kustomize
Alternatively you may get the bundled manifests in each release to deploy it using kustomize or use them directly.
## Configuration
The controller can be configured using cmd args:
```
--base-url string The base API URL for neo4j Aura. (default "https://api.neo4j.io/v1")
--concurrent int The number of concurrent reconciles. (default 4)
--enable-leader-election Enable leader election for controller manager. Enabling this will ensure there is only one active controller manager.
--graceful-shutdown-timeout duration The duration given to the reconciler to finish before forcibly stopping. (default 10m0s)
--health-addr string The address the health endpoint binds to. (default ":9557")
--insecure-kubeconfig-exec Allow use of the user.exec section in kubeconfigs provided for remote apply.
--insecure-kubeconfig-tls Allow that kubeconfigs provided for remote apply can disable TLS verification.
--kube-api-burst int The maximum burst queries-per-second of requests sent to the Kubernetes API. (default 300)
--kube-api-qps float32 The maximum queries-per-second of requests sent to the Kubernetes API. (default 50)
--leader-election-lease-duration duration Interval at which non-leader candidates will wait to force acquire leadership (duration string). (default 35s)
--leader-election-release-on-cancel Defines if the leader should step down voluntarily on controller manager shutdown. (default true)
--leader-election-renew-deadline duration Duration that the leading controller manager will retry refreshing leadership before giving up (duration string). (default 30s)
--leader-election-retry-period duration Duration the LeaderElector clients should wait between tries of actions (duration string). (default 5s)
--log-encoding string Log encoding format. Can be 'json' or 'console'. (default "json")
--log-level string Log verbosity level. Can be one of 'trace', 'debug', 'info', 'error'. (default "info")
--max-retry-delay duration The maximum amount of time for which an object being reconciled will have to wait before a retry. (default 15m0s)
--metrics-addr string The address the metric endpoint binds to. (default ":9556")
--min-retry-delay duration The minimum amount of time for which an object being reconciled will have to wait before a retry. (default 750ms)
--token-url string The OAuth2 token endpoint URL for neo4j Aura. Use for the client credentials flow. (default "https://api.neo4j.io/oauth/token")
--watch-all-namespaces Watch for resources in all namespaces, if set to false it will only watch the runtime namespace. (default true)
--watch-label-selector string Watch for resources with matching labels e.g. 'sharding.fluxcd.io/shard=shard1'.
```