kobzonega
diff --git a/‎api/v1alpha1/database_types.go
+2-1 b/‎api/v1alpha1/database_types.go
+2-1
diff --git a/‎api/v1alpha1/database_webhook.go
+4 b/‎api/v1alpha1/database_webhook.go
+4
diff --git a/‎api/v1alpha1/service_types.go
+2 b/‎api/v1alpha1/service_types.go
+2
diff --git a/‎api/v1alpha1/storage_types.go
+2-1 b/‎api/v1alpha1/storage_types.go
+2-1
diff --git a/‎api/v1alpha1/storage_webhook.go
+4 b/‎api/v1alpha1/storage_webhook.go
+4
diff --git a/‎api/v1alpha1/zz_generated.deepcopy.go
+5 b/‎api/v1alpha1/zz_generated.deepcopy.go
+5
diff --git a/‎deploy/ydb-operator/Chart.yaml
+2-2 b/‎deploy/ydb-operator/Chart.yaml
+2-2
diff --git a/‎deploy/ydb-operator/crds/database.yaml
+64 b/‎deploy/ydb-operator/crds/database.yaml
+64
diff --git a/‎deploy/ydb-operator/crds/databasenodeset.yaml
+64 b/‎deploy/ydb-operator/crds/databasenodeset.yaml
+64
diff --git a/‎deploy/ydb-operator/crds/remotedatabasenodeset.yaml
+64 b/‎deploy/ydb-operator/crds/remotedatabasenodeset.yaml
+64
diff --git a/‎deploy/ydb-operator/crds/remotestoragenodeset.yaml
+64 b/‎deploy/ydb-operator/crds/remotestoragenodeset.yaml
+64
@@ -268,5 +268,6 @@ func init() {
 func (r *Database) AnyCertificatesAdded() bool {
 	return len(r.Spec.CABundle) > 0 ||
 		r.Spec.Service.GRPC.TLSConfiguration.Enabled ||
-		r.Spec.Service.Interconnect.TLSConfiguration.Enabled
+		r.Spec.Service.Interconnect.TLSConfiguration.Enabled ||
+		r.Spec.Service.Status.TLSConfiguration.Enabled
 }
@@ -106,6 +106,10 @@ func (r *DatabaseDefaulter) Default(ctx context.Context, obj runtime.Object) err
 		database.Spec.Service.Datastreams.TLSConfiguration = &TLSConfiguration{Enabled: false}
 	}
 
+	if database.Spec.Service.Status.TLSConfiguration == nil {
+		database.Spec.Service.Status.TLSConfiguration = &TLSConfiguration{Enabled: false}
+	}
+
 	if database.Spec.Domain == "" {
 		database.Spec.Domain = DefaultDatabaseDomain
 	}
 
@@ -32,6 +32,8 @@ type InterconnectService struct {
 
 type StatusService struct {
 	Service `json:""`
+
+	TLSConfiguration *TLSConfiguration `json:"tls,omitempty"`
 }
 
 type DatastreamsService struct {
 
@@ -242,5 +242,6 @@ func init() {
 func (r *Storage) AnyCertificatesAdded() bool {
 	return len(r.Spec.CABundle) > 0 ||
 		r.Spec.Service.GRPC.TLSConfiguration.Enabled ||
-		r.Spec.Service.Interconnect.TLSConfiguration.Enabled
+		r.Spec.Service.Interconnect.TLSConfiguration.Enabled ||
+		r.Spec.Service.Status.TLSConfiguration.Enabled
 }
@@ -156,6 +156,10 @@ func (r *StorageDefaulter) Default(ctx context.Context, obj runtime.Object) erro
 		storage.Spec.Service.Interconnect.TLSConfiguration = &TLSConfiguration{Enabled: false}
 	}
 
+	if storage.Spec.Service.Status.TLSConfiguration == nil {
+		storage.Spec.Service.Status.TLSConfiguration = &TLSConfiguration{Enabled: false}
+	}
+
 	if storage.Spec.Monitoring == nil {
 		storage.Spec.Monitoring = &MonitoringOptions{
 			Enabled: false,
 
@@ -15,10 +15,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.5.13
+version: 0.5.14
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.5.13"
+appVersion: "0.5.14"
@@ -3994,6 +3994,70 @@ spec:
                         description: IPFamilyPolicy represents the dual-stack-ness
                           requested or required by a Service
                         type: string
+                      tls:
+                        properties:
+                          CA:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          certificate:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          enabled:
+                            type: boolean
+                          key:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                        required:
+                        - enabled
+                        type: object
                     type: object
                 type: object
               sharedResources:
 
@@ -2699,6 +2699,70 @@ spec:
                         description: IPFamilyPolicy represents the dual-stack-ness
                           requested or required by a Service
                         type: string
+                      tls:
+                        properties:
+                          CA:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          certificate:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          enabled:
+                            type: boolean
+                          key:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                        required:
+                        - enabled
+                        type: object
                     type: object
                 type: object
               sharedResources:
 
@@ -2700,6 +2700,70 @@ spec:
                         description: IPFamilyPolicy represents the dual-stack-ness
                           requested or required by a Service
                         type: string
+                      tls:
+                        properties:
+                          CA:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          certificate:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          enabled:
+                            type: boolean
+                          key:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                        required:
+                        - enabled
+                        type: object
                     type: object
                 type: object
               sharedResources:
 
@@ -2710,6 +2710,70 @@ spec:
                         description: IPFamilyPolicy represents the dual-stack-ness
                           requested or required by a Service
                         type: string
+                      tls:
+                        properties:
+                          CA:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          certificate:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                          enabled:
+                            type: boolean
+                          key:
+                            description: SecretKeySelector selects a key of a Secret.
+                            properties:
+                              key:
+                                description: The key of the secret to select from.  Must
+                                  be a valid secret key.
+                                type: string
+                              name:
+                                description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                                  TODO: Add other useful fields. apiVersion, kind,
+                                  uid?'
+                                type: string
+                              optional:
+                                description: Specify whether the Secret or its key
+                                  must be defined
+                                type: boolean
+                            required:
+                            - key
+                            type: object
+                        required:
+                        - enabled
+                        type: object
                     type: object
                 type: object
               storageRef:
Original file line number	Diff line number	Diff line change
`@@ -268,5 +268,6 @@ func init() {`
`268`	`268`	`func (r *Database) AnyCertificatesAdded() bool {`
`269`	`269`	`return len(r.Spec.CABundle) > 0 \|\|`
`270`	`270`	`r.Spec.Service.GRPC.TLSConfiguration.Enabled \|\|`
`271`		`- r.Spec.Service.Interconnect.TLSConfiguration.Enabled`
	`271`	`+ r.Spec.Service.Interconnect.TLSConfiguration.Enabled \|\|`
	`272`	`+ r.Spec.Service.Status.TLSConfiguration.Enabled`
`272`	`273`	`}`
Original file line number	Diff line number	Diff line change
`@@ -106,6 +106,10 @@ func (r *DatabaseDefaulter) Default(ctx context.Context, obj runtime.Object) err`
`106`	`106`	`database.Spec.Service.Datastreams.TLSConfiguration = &TLSConfiguration{Enabled: false}`
`107`	`107`	`}`
`108`	`108`
	`109`	`+ if database.Spec.Service.Status.TLSConfiguration == nil {`
	`110`	`+ database.Spec.Service.Status.TLSConfiguration = &TLSConfiguration{Enabled: false}`
	`111`	`+ }`
	`112`	`+`
`109`	`113`	`if database.Spec.Domain == "" {`
`110`	`114`	`database.Spec.Domain = DefaultDatabaseDomain`
`111`	`115`	`}`
Original file line number	Diff line number	Diff line change
`@@ -32,6 +32,8 @@ type InterconnectService struct {`
`32`	`32`
`33`	`33`	`type StatusService struct {`
`34`	`34`	Service `json:""`
	`35`	`+`
	`36`	+ TLSConfiguration *TLSConfiguration `json:"tls,omitempty"`
`35`	`37`	`}`
`36`	`38`
`37`	`39`	`type DatastreamsService struct {`
Original file line number	Diff line number	Diff line change
`@@ -242,5 +242,6 @@ func init() {`
`242`	`242`	`func (r *Storage) AnyCertificatesAdded() bool {`
`243`	`243`	`return len(r.Spec.CABundle) > 0 \|\|`
`244`	`244`	`r.Spec.Service.GRPC.TLSConfiguration.Enabled \|\|`
`245`		`- r.Spec.Service.Interconnect.TLSConfiguration.Enabled`
	`245`	`+ r.Spec.Service.Interconnect.TLSConfiguration.Enabled \|\|`
	`246`	`+ r.Spec.Service.Status.TLSConfiguration.Enabled`
`246`	`247`	`}`