feat!(cnpg): move cnpg credentials to .Values.credentials store

This commit is contained in:
Kjeld Schouten
2024-04-28 21:46:33 +02:00
parent 8ee9061c71
commit 51e614ed00
21 changed files with 342 additions and 347 deletions

View File

@@ -3,7 +3,7 @@ appVersion: ""
dependencies:
- name: common
repository: file://../common
version: ~21.0.0
version: ~22.0.0
deprecated: false
description: Helper chart to test different use cases of the common library
home: https://github.com/truecharts/apps/tree/master/charts/library/common-test

View File

@@ -9,6 +9,10 @@ release:
tests:
- it: should pass with cnpg manualBackups backup created with labels and annotations
set:
credentials:
test:
type: azure
connectionString: some-connection-string
label1: label1
label2: global_label2
label3: label3
@@ -44,10 +48,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
labels:
label5: label5
annotations:
@@ -104,6 +106,10 @@ tests:
- it: should pass with cnpg manualBackups backup created with namespace
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -115,10 +121,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:
@@ -129,6 +133,10 @@ tests:
- it: should pass with cnpg manualBackups backup created with object namespace from tpl
set:
credentials:
test:
type: azure
connectionString: some-connection-string
key: some-namespace
cnpg:
my-pg:
@@ -141,10 +149,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:
@@ -155,6 +161,10 @@ tests:
- it: should pass with cnpg manualBackups backup created with namespace from global with tpl
set:
credentials:
test:
type: azure
connectionString: some-connection-string
key: global-namespace
global:
namespace: "{{ .Values.key }}"
@@ -168,10 +178,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:
@@ -182,6 +190,10 @@ tests:
- it: should pass with cnpg manualBackups backup created with namespace from root with tpl
set:
credentials:
test:
type: azure
connectionString: some-connection-string
key: local-namespace
namespace: "{{ .Values.key }}"
global:
@@ -196,10 +208,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:
@@ -210,6 +220,10 @@ tests:
- it: should pass with cnpg manualBackups backup created with namespace in TrueNAS SCALE
set:
credentials:
test:
type: azure
connectionString: some-connection-string
global:
ixChartContext:
iAmNotEmpty: true
@@ -225,10 +239,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should generate correct name
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -17,10 +21,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
my-pg2:
@@ -32,10 +34,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: other
asserts:

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should create secret for azure provider with connection string
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -17,10 +21,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:
@@ -45,6 +47,10 @@ tests:
- it: should create secret for google provider with application credentials
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -55,10 +61,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: google
credentials: test
destinationPath: some-path
google:
applicationCredentials: some-credentials
manualBackups:
- name: today
asserts:
@@ -80,6 +84,12 @@ tests:
- it: should create secret for s3 provider with application credentials
set:
credentials:
test:
type: s3
url: some-url
secretKey: some-secret-key
accessKey: some-access-key
cnpg:
my-pg:
enabled: true
@@ -90,12 +100,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: s3
credentials: test
destinationPath: some-path
endpointURL: some-url
s3:
secretKey: some-secret-key
accessKey: some-access-key
manualBackups:
- name: today
asserts:

View File

@@ -5,44 +5,18 @@ release:
name: test-release-name
namespace: test-release-namespace
tests:
- it: should fail with invalid provider
set:
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: invalid
manualBackups:
- name: today
asserts:
- failedTemplate:
errorMessage: CNPG Backup - Expected [backups.provider] to be one of [azure, s3, google], but got [invalid]
- it: should fail with missing "provider" object
set:
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
manualBackups:
- name: today
asserts:
- failedTemplate:
errorMessage: CNPG Backup - Expected [backups.azure] to be defined when [backups.provider] is set to [azure]
- it: should fail with missing storageAccount or connectionString with azure provider
set:
credentials:
test:
type: azure
storageKey: test
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
azure:
storageKey: test
credentials: test
manualBackups:
- name: today
asserts:
@@ -51,14 +25,16 @@ tests:
- it: should fail with missing storageKey or storageSasToken with azure provider
set:
credentials:
test:
type: azure
storageAccount: test
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
azure:
storageAccount: test
credentials: test
manualBackups:
- name: today
asserts:
@@ -67,16 +43,18 @@ tests:
- it: should fail with both storageKey and storageSasToken defined with azure provider
set:
credentials:
test:
type: azure
storageAccount: test
storageKey: test
storageSasToken: test
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
azure:
storageAccount: test
storageKey: test
storageSasToken: test
credentials: test
manualBackups:
- name: today
asserts:
@@ -85,14 +63,16 @@ tests:
- it: should fail with applicationCredentials missing with google provider
set:
credentials:
test:
type: google
gkeEnvironment: false
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: google
google:
gkeEnvironment: false
credentials: test
manualBackups:
- name: today
asserts:
@@ -101,14 +81,16 @@ tests:
- it: should fail with accessKey missing with s3 provider
set:
credentials:
test:
type: s3
secretKey: test
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: s3
s3:
secretKey: test
credentials: test
manualBackups:
- name: today
asserts:
@@ -117,14 +99,16 @@ tests:
- it: should fail with secretKey missing with s3 provider
set:
credentials:
test:
type: s3
accessKey: test
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: s3
s3:
accessKey: test
credentials: test
manualBackups:
- name: today
asserts:

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should generate correct spec
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -17,10 +21,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
- name: before-upgrade

View File

@@ -7,14 +7,16 @@ release:
tests:
- it: should fail without name in manualBackups backup
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
azure:
connectionString: some-connection-string
credentials: test
manualBackups:
- name:
asserts:
@@ -23,14 +25,16 @@ tests:
- it: should fail with invalid name in manualBackups backup
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
azure:
connectionString: some-connection-string
credentials: test
manualBackups:
- name: _invalid
asserts:

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should generate correct spec with backups (azure)
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -17,10 +21,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
asserts:
- documentIndex: &secretDoc 1
isKind:
@@ -84,6 +86,10 @@ tests:
- it: should generate correct spec with backups (google)
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -94,10 +100,9 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: google
credentials: test
destinationPath: some-path
google:
applicationCredentials: some-credentials
asserts:
- documentIndex: *secretDoc
isKind:
@@ -150,6 +155,12 @@ tests:
- it: should generate correct spec with backups (s3)
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
url: some-url
cnpg:
my-pg:
enabled: true
@@ -160,12 +171,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: s3
credentials: test
destinationPath: some-path
endpointURL: some-url
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: *secretDoc
isKind:
@@ -221,6 +228,12 @@ tests:
- it: should use the revision when set in server name
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
url: some-url
cnpg:
my-pg:
enabled: true
@@ -231,13 +244,9 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: s3
credentials: test
destinationPath: some-path
endpointURL: some-url
revision: some-revision
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: *secretDoc
isKind:
@@ -293,6 +302,12 @@ tests:
- it: should override serverName when set
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
url: some-url
cnpg:
my-pg:
enabled: true
@@ -303,13 +318,9 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: s3
credentials: test
destinationPath: some-path
endpointURL: some-url
serverName: some-server-name
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: *secretDoc
isKind:
@@ -365,6 +376,12 @@ tests:
- it: should override serverName when set (and also take account revision)
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
url: some-url
cnpg:
my-pg:
enabled: true
@@ -375,14 +392,11 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: s3
credentials: test
destinationPath: some-path
endpointURL: some-url
serverName: some-server-name
revision: "1"
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: *secretDoc
isKind:
@@ -438,6 +452,10 @@ tests:
- it: should generate correct spec with empty target
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -447,10 +465,8 @@ tests:
backups:
enabled: true
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
asserts:
- documentIndex: &clusterDoc 0
isKind:

View File

@@ -73,6 +73,11 @@ tests:
- it: should generate correct spec with recovery/objectStore (google)
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
bucket: some-bucket
cnpg:
my-pg:
enabled: true
@@ -80,13 +85,10 @@ tests:
database: test-db
password: test-password
mode: recovery
path: some-path
recovery:
method: object_store
provider: google
google:
applicationCredentials: some-credentials
bucket: some-bucket
path: some-path
credentials: test
pitrTarget:
time: "2021-01-01T00:00:00Z"
asserts:
@@ -146,6 +148,10 @@ tests:
- it: should generate correct spec with recovery/objectStore (google - destinationPath)
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -155,10 +161,8 @@ tests:
mode: recovery
recovery:
method: object_store
provider: google
credentials: test
destinationPath: gs://some-bucket
google:
applicationCredentials: some-credentials
pitrTarget:
time: "2021-01-01T00:00:00Z"
asserts:
@@ -218,6 +222,13 @@ tests:
- it: should generate correct spec with recovery/objectStore (s3)
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
region: some-region
cnpg:
my-pg:
enabled: true
@@ -225,15 +236,11 @@ tests:
database: test-db
password: test-password
mode: recovery
path: some-path
recovery:
method: object_store
provider: s3
s3:
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
path: some-path
region: some-region
credentials: test
asserts:
- documentIndex: *secretDoc
isKind:
@@ -292,6 +299,12 @@ tests:
- it: should generate correct spec with recovery/objectStore (s3 - destinationPath/endpointURL)
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
url: some-endpoint-url
cnpg:
my-pg:
enabled: true
@@ -301,12 +314,9 @@ tests:
mode: recovery
recovery:
method: object_store
provider: s3
credentials: test
destinationPath: s3://some-bucket
endpointURL: some-endpoint-url
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: *secretDoc
isKind:
@@ -365,6 +375,14 @@ tests:
- it: should generate correct spec with recovery/objectStore (azure)
set:
credentials:
test:
type: azure
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
containerName: some-container-name
cnpg:
my-pg:
enabled: true
@@ -372,15 +390,10 @@ tests:
database: test-db
password: test-password
mode: recovery
path: some-path
recovery:
method: object_store
provider: azure
azure:
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
containerName: some-container-name
path: some-path
credentials: test
asserts:
- documentIndex: *secretDoc
isKind:
@@ -447,6 +460,10 @@ tests:
- it: should generate correct spec with recovery/objectStore (azure - destinationPath)
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -456,10 +473,8 @@ tests:
mode: recovery
recovery:
method: object_store
provider: azure
credentials: test
destinationPath: https://some-storage-account.some-service-name.core.windows.net/some-container-name
azure:
connectionString: some-connection-string
asserts:
- documentIndex: *secretDoc
isKind:
@@ -526,6 +541,10 @@ tests:
- it: should use revision in serverName when set
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -535,11 +554,9 @@ tests:
mode: recovery
recovery:
method: object_store
provider: google
credentials: test
destinationPath: gs://some-bucket
revision: some-revision
google:
applicationCredentials: some-credentials
pitrTarget:
time: "2021-01-01T00:00:00Z"
asserts:
@@ -599,6 +616,10 @@ tests:
- it: should override serverName when set
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -608,11 +629,9 @@ tests:
mode: recovery
recovery:
method: object_store
provider: google
credentials: test
destinationPath: gs://some-bucket
serverName: some-server-name
google:
applicationCredentials: some-credentials
pitrTarget:
time: "2021-01-01T00:00:00Z"
asserts:
@@ -672,6 +691,10 @@ tests:
- it: should override serverName when set along with revision
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -681,12 +704,10 @@ tests:
mode: recovery
recovery:
method: object_store
provider: google
credentials: test
destinationPath: gs://some-bucket
serverName: some-server-name
revision: "20"
google:
applicationCredentials: some-credentials
pitrTarget:
time: "2021-01-01T00:00:00Z"
asserts:

View File

@@ -222,40 +222,12 @@ tests:
- failedTemplate:
errorMessage: CNPG Recovery - Expected a non-empty [recovery.backupName] key
- it: should fail with invalid provider on recovery method object_store
set:
cnpg:
my-pg:
enabled: true
user: test-user
database: test-db
password: test-password
mode: recovery
recovery:
method: object_store
provider: invalid
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - Expected [recovery.provider] to be one of [azure, s3, google], but got [invalid]
- it: should fail with missing "provider" key on recovery method object_store
set:
cnpg:
my-pg:
enabled: true
user: test-user
database: test-db
password: test-password
mode: recovery
recovery:
method: object_store
provider: google
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - Expected [recovery.google] to be defined when [recovery.provider] is set to [google]
- it: should fail with missing destinationPath and google bucket on recovery method object_store
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -265,15 +237,18 @@ tests:
mode: recovery
recovery:
method: object_store
provider: google
google:
applicationCredentials: some-credentials
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.google.bucket] or [recovery.destinationPath]
- it: should fail with missing destinationPath and s3 bucket on recovery method object_store
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
cnpg:
my-pg:
enabled: true
@@ -283,16 +258,19 @@ tests:
mode: recovery
recovery:
method: object_store
provider: s3
s3:
accessKey: some-access-key
secretKey: some-secret-key
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.s3.bucket] or [recovery.destinationPath]
- it: should fail with missing endpointURL and s3 region on recovery method object_store
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
cnpg:
my-pg:
enabled: true
@@ -302,17 +280,17 @@ tests:
mode: recovery
recovery:
method: object_store
provider: s3
s3:
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.s3.region] or [recovery.endpointURL]
- it: should fail with missing destinationPath and azure storageAccount on recovery method object_store
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -322,15 +300,18 @@ tests:
mode: recovery
recovery:
method: object_store
provider: azure
azure:
connectionString: some-connection-string
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.azure.storageAccount] or [recovery.destinationPath]
- it: should fail with missing destinationPath and azure serviceName on recovery method object_store
set:
credentials:
test:
type: azure
connectionString: some-connection-string
storageAccount: some-storage-account
cnpg:
my-pg:
enabled: true
@@ -340,16 +321,20 @@ tests:
mode: recovery
recovery:
method: object_store
provider: azure
azure:
connectionString: some-connection-string
storageAccount: some-storage-account
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.azure.serviceName] or [recovery.destinationPath]
- it: should fail with missing destinationPath and azure containerName on recovery method object_store
set:
credentials:
test:
type: azure
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
cnpg:
my-pg:
enabled: true
@@ -359,17 +344,18 @@ tests:
mode: recovery
recovery:
method: object_store
provider: azure
azure:
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.azure.containerName] or [recovery.destinationPath]
- it: should fail with revision in backups not a string
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -378,10 +364,8 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
credentials: test
revision: 5
azure:
connectionString: some-connection-string
target: primary
asserts:
- failedTemplate:
@@ -389,6 +373,10 @@ tests:
- it: should fail with invalid target when backups are enabled
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -397,9 +385,7 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
azure:
connectionString: some-connection-string
credentials: test
target: invalid
asserts:
- failedTemplate:
@@ -407,6 +393,11 @@ tests:
- it: should fail with invalid retentionPolicy when backups are enabled
set:
credentials:
test:
type: azure
connectionString: some-connection-string
applicationCredentials: some-credential
cnpg:
my-pg:
enabled: true
@@ -415,9 +406,7 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
azure:
connectionString: some-connection-string
credentials: test
target: primary
retentionPolicy: invalid
asserts:
@@ -426,6 +415,10 @@ tests:
- it: should fail with missing destinationPath and google bucket on backups
set:
credentials:
test:
type: google
connectionString: some-credentials
cnpg:
my-pg:
enabled: true
@@ -434,17 +427,20 @@ tests:
password: test-password
backups:
enabled: true
provider: google
credentials: test
target: primary
retentionPolicy: 1d
google:
applicationCredentials: some-credentials
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.google.bucket] or [backups.destinationPath]
- it: should fail with missing destinationPath and s3 bucket on backups
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
cnpg:
my-pg:
enabled: true
@@ -453,18 +449,22 @@ tests:
password: test-password
backups:
enabled: true
provider: s3
credentials: test
target: primary
retentionPolicy: 1d
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.s3.bucket] or [backups.destinationPath]
- it: should fail with missing endpointURL and s3 region on backups
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
cnpg:
my-pg:
enabled: true
@@ -473,19 +473,19 @@ tests:
password: test-password
backups:
enabled: true
provider: s3
credentials: test
target: primary
retentionPolicy: 1d
s3:
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.s3.region] or [backups.endpointURL]
- it: should fail with missing destinationPath and azure storageAccount on backups
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -494,17 +494,20 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
credentials: test
target: primary
retentionPolicy: 1d
azure:
connectionString: some-connection-string
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.azure.storageAccount] or [backups.destinationPath]
- it: should fail with missing destinationPath and azure serviceName on backups
set:
credentials:
test:
type: azure
connectionString: some-connection-string
storageAccount: some-storage-account
cnpg:
my-pg:
enabled: true
@@ -513,18 +516,21 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
credentials: test
target: primary
retentionPolicy: 1d
azure:
connectionString: some-connection-string
storageAccount: some-storage-account
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.azure.serviceName] or [backups.destinationPath]
- it: should fail with missing destinationPath and azure containerName on backups
set:
credentials:
test:
type: azure
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
cnpg:
my-pg:
enabled: true
@@ -533,13 +539,9 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
credentials: test
target: primary
retentionPolicy: 1d
azure:
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.azure.containerName] or [backups.destinationPath]

View File

@@ -15,7 +15,7 @@ maintainers:
name: common
sources: null
type: library
version: 21.0.1
version: 22.0.0
annotations:
artifacthub.io/category: "integration-delivery"
artifacthub.io/license: "BUSL-1.1"

View File

@@ -28,7 +28,7 @@
{{- if not $data.containerName -}}
{{- fail (printf "CNPG %s - You need to specify [%s.azure.containerName] or [%s.destinationPath]" ($type | camelcase) $key $key) -}}
{{- end -}}
{{- $destinationPath = (printf "https://%s.%s.core.windows.net/%s/%s" $data.storageAccount $data.serviceName $data.containerName (($data.path | default "/") | trimSuffix "/")) -}}
{{- $destinationPath = (printf "https://%s.%s.core.windows.net/%s/%s" $data.storageAccount $data.serviceName $data.containerName (($objectData.path | default "/") | trimSuffix "/")) -}}
{{- end }}
endpointURL: {{ $endpointURL }}
destinationPath: {{ $destinationPath }}

View File

@@ -7,9 +7,11 @@
{{- $endpointURL := "" -}}
{{- $destinationPath := "" -}}
{{- $key := "" -}}
{{- $creds := dict -}}
{{- if eq $type "recovery" -}}
{{- $endpointURL = $objectData.recovery.endpointURL -}}
{{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}}
{{- $endpointURL = $creds.url -}}
{{- $destinationPath = $objectData.recovery.destinationPath -}}
{{- $key = "recovery" -}}
@@ -21,8 +23,8 @@
{{- end -}}
{{- else if eq $type "backup" -}}
{{- $endpointURL = $objectData.backups.endpointURL -}}
{{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}}
{{- $endpointURL = $creds.url -}}
{{- $destinationPath = $objectData.backups.destinationPath -}}
{{- $key = "backups" -}}

View File

@@ -27,7 +27,7 @@
{{- if not $data.bucket -}}
{{- fail (printf "CNPG %s - You need to specify [%s.google.bucket] or [%s.destinationPath]" ($type | camelcase) $key $key) -}}
{{- end -}}
{{- $destinationPath = (printf "gs://%s/%s" $data.bucket (($data.path | default "/") | trimSuffix "/")) -}}
{{- $destinationPath = (printf "gs://%s/%s" $data.bucket (($objectData.path | default "/") | trimSuffix "/")) -}}
{{- end }}
endpointURL: {{ $endpointURL }}
destinationPath: {{ $destinationPath }}

View File

@@ -22,7 +22,7 @@
{{- if not $data.bucket -}}
{{- fail (printf "CNPG %s - You need to specify [%s.s3.bucket] or [%s.destinationPath]" ($type | camelcase) $key $key) -}}
{{- end -}}
{{- $destinationPath = (printf "s3://%s/%s" $data.bucket (($data.path | default "/") | trimSuffix "/")) -}}
{{- $destinationPath = (printf "s3://%s/%s" $data.bucket (($objectData.path | default "/") | trimSuffix "/")) -}}
{{- end -}}
{{- if not $endpointURL -}}
{{- if not $data.region -}}

View File

@@ -14,8 +14,9 @@ backup:
compression: gzip
encryption: AES256
jobs: {{ $objectData.backups.jobs | default 2 }}
{{- $provider := $objectData.backups.provider -}}
{{/* Fetch provider data */}}
{{- $data := (get $objectData.backups $provider) -}}
{{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $data "type" "backup") | nindent 4 -}}
{{/* Get the creds defined in backup.$provider */}}
{{- $creds := (get $rootCtx.Values.credentials $objectData.backups.credentials) -}}
{{ $provider := $creds.type -}}
{{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "backup") | nindent 4 -}}
{{- end -}}

View File

@@ -12,9 +12,10 @@ externalClusters:
- name: {{ $serverName }}
barmanObjectStore:
{{- $provider := $objectData.recovery.provider -}}
{{/* Fetch provider data */}}
{{- $data := (get $objectData.recovery $provider) -}}
{{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $data "type" "recovery") | nindent 6 -}}
{{- end -}}
{{/* Get the creds defined in backup.$provider */}}
{{- $creds := (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}}
{{ $provider := $creds.type -}}
{{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "recovery") | nindent 6 -}}
{{- end -}}
{{- end -}}

View File

@@ -1,14 +0,0 @@
{{- define "tc.v1.common.lib.cnpg.provider.backupValidation" -}}
{{- $objectData := .objectData -}}
{{- $provider := $objectData.backups.provider -}}
{{- include "tc.v1.common.lib.cnpg.provider.validation" (dict
"objectData" $objectData
"key" "backups" "caller" "CNPG Backup"
"provider" $provider) -}}
{{- if not (get $objectData.backups $provider) -}}
{{- fail (printf "CNPG Backup - Expected [backups.%s] to be defined when [backups.provider] is set to [%s]" $provider $provider) -}}
{{- end -}}
{{- end -}}

View File

@@ -10,15 +10,13 @@
{{- $provider := "" -}}
{{- $creds := dict -}}
{{- if eq $type "backup" -}}
{{- include "tc.v1.common.lib.cnpg.provider.backupValidation" (dict "objectData" $objectData) -}}
{{- $provider = $objectData.backups.provider -}}
{{/* Get the creds defined in backup.$provider */}}
{{- $creds = (get $objectData.backups $provider) -}}
{{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}}
{{- $provider = $creds.type -}}
{{- else if eq $type "recovery" -}}
{{- include "tc.v1.common.lib.cnpg.provider.recoveryValidation" (dict "objectData" $objectData) -}}
{{- $provider = $objectData.recovery.provider -}}
{{/* Get the creds defined in recovery.$provider */}}
{{- $creds = (get $objectData.recovery $provider) -}}
{{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}}
{{- $provider = $creds.type -}}
{{- end -}}
{{- include (printf "tc.v1.common.lib.cnpg.provider.%s.validation" $provider) (dict "objectData" $objectData "creds" $creds) -}}

View File

@@ -1,14 +0,0 @@
{{- define "tc.v1.common.lib.cnpg.provider.recoveryValidation" -}}
{{- $objectData := .objectData -}}
{{- $provider := $objectData.recovery.provider -}}
{{- include "tc.v1.common.lib.cnpg.provider.validation" (dict
"objectData" $objectData
"key" "recovery" "caller" "CNPG Recovery"
"provider" $provider) -}}
{{- if not (get $objectData.recovery $provider) -}}
{{- fail (printf "CNPG Recovery - Expected [recovery.%s] to be defined when [recovery.provider] is set to [%s]" $provider $provider) -}}
{{- end -}}
{{- end -}}

View File

@@ -236,6 +236,22 @@ credentials: {}
# encrKey: ""
# azure:
# connectionString: ""
# storageAccount: ""
# storageKey: ""
# storageSasToken: ""
# containerName: ""
# serviceName: blob
# inheritFromAzureAD: false
## TODO: Add support for google:
# google:
# bucket: ""
# gkeEnvironment: false
# applicationCredentials: ""
# -- (docs/persistence/README.md)
persistence:
shared:
@@ -1101,44 +1117,18 @@ cnpg:
# Object Store Recovery Method
clusterName: ""
# Overrides the provider specific default endpoint. Defaults to:
# S3: https://s3.<region>.amazonaws.com"
endpointURL: "" # Leave empty if using the default S3 endpoint
# Overrides the provider specific default path. Defaults to:
# S3: s3://<bucket><path>
# Azure: https://<storageAccount>.<serviceName>.core.windows.net/<clusterName><path>
# Google: gs://<bucket><path>
destinationPath: ""
provider: s3 # One of s3, azure, google
s3:
region: ""
bucket: ""
path: "/"
accessKey: ""
secretKey: ""
azure:
path: "/"
connectionString: ""
storageAccount: ""
storageKey: ""
storageSasToken: ""
containerName: ""
serviceName: blob
inheritFromAzureAD: false
google:
path: "/"
bucket: ""
gkeEnvironment: false
applicationCredentials: ""
path: "/"
# Database cluster backup configuration
backups:
enabled: false # You need to configure backups manually, so backups are disabled by default.
# Overrides the provider specific default endpoint. Defaults to:
# S3: https://s3.<region>.amazonaws.com"
endpointURL: "" # Leave empty if using the default S3 endpoint
## set a revision to append to the serverName to ensure restore and backup dont target the same thing
# revision: 1
@@ -1150,29 +1140,13 @@ cnpg:
# Azure: https://<storageAccount>.<serviceName>.core.windows.net/<clusterName><path>
# Google: gs://<bucket><path>
destinationPath: ""
# default: primary, other option prefer-standby
target: ""
provider: s3
s3:
region: ""
bucket: ""
path: "/"
accessKey: ""
secretKey: ""
azure:
path: "/"
connectionString: ""
storageAccount: ""
storageKey: ""
storageSasToken: ""
containerName: ""
serviceName: blob
inheritFromAzureAD: false
google:
path: "/"
bucket: ""
gkeEnvironment: false
applicationCredentials: ""
# name of credentials in .Values.Credentials
credentials: ""
path: "/"
scheduledBackups:
- name: daily-backup # Daily at midnight