feat!(cnpg): move cnpg credentials to .Values.credentials store (#796)

**Description**
<!--
Please include a summary of the change and which issue is fixed. Please
also include relevant motivation and context. List any dependencies that
are required for this change.
-->
⚒️ Fixes  # <!--(issue)-->

**⚙️ Type of change**

- [x] ⚙️ Feature/App addition
- [ ] 🪛 Bugfix
- [x] ⚠️ Breaking change (fix or feature that would cause existing
functionality to not work as expected)
- [x] 🔃 Refactor of current code

**🧪 How Has This Been Tested?**
<!--
Please describe the tests that you ran to verify your changes. Provide
instructions so we can reproduce. Please also list any relevant details
for your test configuration
-->

**📃 Notes:**
<!-- Please enter any other relevant information here -->

**✔️ Checklist:**

- [ ] ⚖️ My code follows the style guidelines of this project
- [ ] 👀 I have performed a self-review of my own code
- [ ] #️⃣ I have commented my code, particularly in hard-to-understand
areas
- [ ] 📄 I have made corresponding changes to the documentation
- [ ] ⚠️ My changes generate no new warnings
- [ ] 🧪 I have added tests to this description that prove my fix is
effective or that my feature works
- [ ] ⬆️ I increased versions for any altered app according to semantic
versioning
- [ ] I made sure the title starts with `feat(chart-name):`,
`fix(chart-name):` or `chore(chart-name):`

** App addition**

If this PR is an app addition please make sure you have done the
following.

- [ ] 🖼️ I have added an icon in the Chart's root directory called
`icon.png`

---

_Please don't blindly check all the boxes. Read them and only check
those that apply.
Those checkboxes are there for the reviewer to see what is this all
about and
the status of this PR with a quick glance._
This commit is contained in:
Kjeld Schouten
2024-04-29 11:10:52 +02:00
committed by GitHub
parent 8ee9061c71
commit a6f9209658
25 changed files with 404 additions and 384 deletions

View File

@@ -3,7 +3,7 @@ appVersion: ""
dependencies:
- name: common
repository: file://../common
version: ~21.0.0
version: ~22.0.0
deprecated: false
description: Helper chart to test different use cases of the common library
home: https://github.com/truecharts/apps/tree/master/charts/library/common-test

View File

@@ -9,6 +9,10 @@ release:
tests:
- it: should pass with cnpg manualBackups backup created with labels and annotations
set:
credentials:
test:
type: azure
connectionString: some-connection-string
label1: label1
label2: global_label2
label3: label3
@@ -44,10 +48,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
labels:
label5: label5
annotations:
@@ -104,6 +106,10 @@ tests:
- it: should pass with cnpg manualBackups backup created with namespace
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -115,10 +121,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:
@@ -129,6 +133,10 @@ tests:
- it: should pass with cnpg manualBackups backup created with object namespace from tpl
set:
credentials:
test:
type: azure
connectionString: some-connection-string
key: some-namespace
cnpg:
my-pg:
@@ -141,10 +149,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:
@@ -155,6 +161,10 @@ tests:
- it: should pass with cnpg manualBackups backup created with namespace from global with tpl
set:
credentials:
test:
type: azure
connectionString: some-connection-string
key: global-namespace
global:
namespace: "{{ .Values.key }}"
@@ -168,10 +178,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:
@@ -182,6 +190,10 @@ tests:
- it: should pass with cnpg manualBackups backup created with namespace from root with tpl
set:
credentials:
test:
type: azure
connectionString: some-connection-string
key: local-namespace
namespace: "{{ .Values.key }}"
global:
@@ -196,10 +208,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:
@@ -210,6 +220,10 @@ tests:
- it: should pass with cnpg manualBackups backup created with namespace in TrueNAS SCALE
set:
credentials:
test:
type: azure
connectionString: some-connection-string
global:
ixChartContext:
iAmNotEmpty: true
@@ -225,10 +239,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should generate correct name
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -17,10 +21,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
my-pg2:
@@ -32,10 +34,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: other
asserts:

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should create secret for azure provider with connection string
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -17,10 +21,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
asserts:
@@ -45,6 +47,10 @@ tests:
- it: should create secret for google provider with application credentials
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -55,10 +61,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: google
credentials: test
destinationPath: some-path
google:
applicationCredentials: some-credentials
manualBackups:
- name: today
asserts:
@@ -80,6 +84,12 @@ tests:
- it: should create secret for s3 provider with application credentials
set:
credentials:
test:
type: s3
url: some-url
secretKey: some-secret-key
accessKey: some-access-key
cnpg:
my-pg:
enabled: true
@@ -90,12 +100,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: s3
credentials: test
destinationPath: some-path
endpointURL: some-url
s3:
secretKey: some-secret-key
accessKey: some-access-key
manualBackups:
- name: today
asserts:

View File

@@ -5,44 +5,18 @@ release:
name: test-release-name
namespace: test-release-namespace
tests:
- it: should fail with invalid provider
set:
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: invalid
manualBackups:
- name: today
asserts:
- failedTemplate:
errorMessage: CNPG Backup - Expected [backups.provider] to be one of [azure, s3, google], but got [invalid]
- it: should fail with missing "provider" object
set:
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
manualBackups:
- name: today
asserts:
- failedTemplate:
errorMessage: CNPG Backup - Expected [backups.azure] to be defined when [backups.provider] is set to [azure]
- it: should fail with missing storageAccount or connectionString with azure provider
set:
credentials:
test:
type: azure
storageKey: test
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
azure:
storageKey: test
credentials: test
manualBackups:
- name: today
asserts:
@@ -51,14 +25,16 @@ tests:
- it: should fail with missing storageKey or storageSasToken with azure provider
set:
credentials:
test:
type: azure
storageAccount: test
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
azure:
storageAccount: test
credentials: test
manualBackups:
- name: today
asserts:
@@ -67,16 +43,18 @@ tests:
- it: should fail with both storageKey and storageSasToken defined with azure provider
set:
credentials:
test:
type: azure
storageAccount: test
storageKey: test
storageSasToken: test
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
azure:
storageAccount: test
storageKey: test
storageSasToken: test
credentials: test
manualBackups:
- name: today
asserts:
@@ -85,14 +63,16 @@ tests:
- it: should fail with applicationCredentials missing with google provider
set:
credentials:
test:
type: google
gkeEnvironment: false
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: google
google:
gkeEnvironment: false
credentials: test
manualBackups:
- name: today
asserts:
@@ -101,14 +81,16 @@ tests:
- it: should fail with accessKey missing with s3 provider
set:
credentials:
test:
type: s3
secretKey: test
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: s3
s3:
secretKey: test
credentials: test
manualBackups:
- name: today
asserts:
@@ -117,14 +99,16 @@ tests:
- it: should fail with secretKey missing with s3 provider
set:
credentials:
test:
type: s3
accessKey: test
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: s3
s3:
accessKey: test
credentials: test
manualBackups:
- name: today
asserts:

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should generate correct spec
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -17,10 +21,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
manualBackups:
- name: today
- name: before-upgrade

View File

@@ -7,14 +7,16 @@ release:
tests:
- it: should fail without name in manualBackups backup
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
azure:
connectionString: some-connection-string
credentials: test
manualBackups:
- name:
asserts:
@@ -23,14 +25,16 @@ tests:
- it: should fail with invalid name in manualBackups backup
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
backups:
enabled: true
provider: azure
azure:
connectionString: some-connection-string
credentials: test
manualBackups:
- name: _invalid
asserts:

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should generate correct spec with backups (azure)
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -17,10 +21,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
asserts:
- documentIndex: &secretDoc 1
isKind:
@@ -84,6 +86,10 @@ tests:
- it: should generate correct spec with backups (google)
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -94,10 +100,9 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: google
credentials: test
destinationPath: some-path
google:
applicationCredentials: some-credentials
asserts:
- documentIndex: *secretDoc
isKind:
@@ -150,6 +155,12 @@ tests:
- it: should generate correct spec with backups (s3)
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
url: some-url
cnpg:
my-pg:
enabled: true
@@ -160,12 +171,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: s3
credentials: test
destinationPath: some-path
endpointURL: some-url
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: *secretDoc
isKind:
@@ -221,6 +228,12 @@ tests:
- it: should use the revision when set in server name
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
url: some-url
cnpg:
my-pg:
enabled: true
@@ -231,13 +244,9 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: s3
credentials: test
destinationPath: some-path
endpointURL: some-url
revision: some-revision
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: *secretDoc
isKind:
@@ -293,6 +302,12 @@ tests:
- it: should override serverName when set
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
url: some-url
cnpg:
my-pg:
enabled: true
@@ -303,13 +318,9 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: s3
credentials: test
destinationPath: some-path
endpointURL: some-url
serverName: some-server-name
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: *secretDoc
isKind:
@@ -365,6 +376,12 @@ tests:
- it: should override serverName when set (and also take account revision)
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
url: some-url
cnpg:
my-pg:
enabled: true
@@ -375,14 +392,11 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: s3
credentials: test
destinationPath: some-path
endpointURL: some-url
serverName: some-server-name
revision: "1"
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: *secretDoc
isKind:
@@ -438,6 +452,10 @@ tests:
- it: should generate correct spec with empty target
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -447,10 +465,8 @@ tests:
backups:
enabled: true
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
asserts:
- documentIndex: &clusterDoc 0
isKind:

View File

@@ -73,6 +73,11 @@ tests:
- it: should generate correct spec with recovery/objectStore (google)
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
bucket: some-bucket
cnpg:
my-pg:
enabled: true
@@ -80,13 +85,10 @@ tests:
database: test-db
password: test-password
mode: recovery
path: some-path
recovery:
method: object_store
provider: google
google:
applicationCredentials: some-credentials
bucket: some-bucket
path: some-path
credentials: test
pitrTarget:
time: "2021-01-01T00:00:00Z"
asserts:
@@ -146,6 +148,10 @@ tests:
- it: should generate correct spec with recovery/objectStore (google - destinationPath)
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -155,10 +161,8 @@ tests:
mode: recovery
recovery:
method: object_store
provider: google
credentials: test
destinationPath: gs://some-bucket
google:
applicationCredentials: some-credentials
pitrTarget:
time: "2021-01-01T00:00:00Z"
asserts:
@@ -218,6 +222,13 @@ tests:
- it: should generate correct spec with recovery/objectStore (s3)
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
region: some-region
cnpg:
my-pg:
enabled: true
@@ -225,15 +236,11 @@ tests:
database: test-db
password: test-password
mode: recovery
path: some-path
recovery:
method: object_store
provider: s3
s3:
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
path: some-path
region: some-region
credentials: test
asserts:
- documentIndex: *secretDoc
isKind:
@@ -292,6 +299,12 @@ tests:
- it: should generate correct spec with recovery/objectStore (s3 - destinationPath/endpointURL)
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
url: some-endpoint-url
cnpg:
my-pg:
enabled: true
@@ -301,12 +314,9 @@ tests:
mode: recovery
recovery:
method: object_store
provider: s3
credentials: test
destinationPath: s3://some-bucket
endpointURL: some-endpoint-url
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- documentIndex: *secretDoc
isKind:
@@ -365,6 +375,14 @@ tests:
- it: should generate correct spec with recovery/objectStore (azure)
set:
credentials:
test:
type: azure
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
containerName: some-container-name
cnpg:
my-pg:
enabled: true
@@ -372,15 +390,10 @@ tests:
database: test-db
password: test-password
mode: recovery
path: some-path
recovery:
method: object_store
provider: azure
azure:
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
containerName: some-container-name
path: some-path
credentials: test
asserts:
- documentIndex: *secretDoc
isKind:
@@ -447,6 +460,10 @@ tests:
- it: should generate correct spec with recovery/objectStore (azure - destinationPath)
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -456,10 +473,8 @@ tests:
mode: recovery
recovery:
method: object_store
provider: azure
credentials: test
destinationPath: https://some-storage-account.some-service-name.core.windows.net/some-container-name
azure:
connectionString: some-connection-string
asserts:
- documentIndex: *secretDoc
isKind:
@@ -526,6 +541,10 @@ tests:
- it: should use revision in serverName when set
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -535,11 +554,9 @@ tests:
mode: recovery
recovery:
method: object_store
provider: google
credentials: test
destinationPath: gs://some-bucket
revision: some-revision
google:
applicationCredentials: some-credentials
pitrTarget:
time: "2021-01-01T00:00:00Z"
asserts:
@@ -599,6 +616,10 @@ tests:
- it: should override serverName when set
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -608,11 +629,9 @@ tests:
mode: recovery
recovery:
method: object_store
provider: google
credentials: test
destinationPath: gs://some-bucket
serverName: some-server-name
google:
applicationCredentials: some-credentials
pitrTarget:
time: "2021-01-01T00:00:00Z"
asserts:
@@ -672,6 +691,10 @@ tests:
- it: should override serverName when set along with revision
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -681,12 +704,10 @@ tests:
mode: recovery
recovery:
method: object_store
provider: google
credentials: test
destinationPath: gs://some-bucket
serverName: some-server-name
revision: "20"
google:
applicationCredentials: some-credentials
pitrTarget:
time: "2021-01-01T00:00:00Z"
asserts:

View File

@@ -222,40 +222,12 @@ tests:
- failedTemplate:
errorMessage: CNPG Recovery - Expected a non-empty [recovery.backupName] key
- it: should fail with invalid provider on recovery method object_store
set:
cnpg:
my-pg:
enabled: true
user: test-user
database: test-db
password: test-password
mode: recovery
recovery:
method: object_store
provider: invalid
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - Expected [recovery.provider] to be one of [azure, s3, google], but got [invalid]
- it: should fail with missing "provider" key on recovery method object_store
set:
cnpg:
my-pg:
enabled: true
user: test-user
database: test-db
password: test-password
mode: recovery
recovery:
method: object_store
provider: google
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - Expected [recovery.google] to be defined when [recovery.provider] is set to [google]
- it: should fail with missing destinationPath and google bucket on recovery method object_store
set:
credentials:
test:
type: google
applicationCredentials: some-credentials
cnpg:
my-pg:
enabled: true
@@ -265,15 +237,18 @@ tests:
mode: recovery
recovery:
method: object_store
provider: google
google:
applicationCredentials: some-credentials
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.google.bucket] or [recovery.destinationPath]
- it: should fail with missing destinationPath and s3 bucket on recovery method object_store
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
cnpg:
my-pg:
enabled: true
@@ -283,16 +258,19 @@ tests:
mode: recovery
recovery:
method: object_store
provider: s3
s3:
accessKey: some-access-key
secretKey: some-secret-key
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.s3.bucket] or [recovery.destinationPath]
- it: should fail with missing endpointURL and s3 region on recovery method object_store
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
cnpg:
my-pg:
enabled: true
@@ -302,17 +280,17 @@ tests:
mode: recovery
recovery:
method: object_store
provider: s3
s3:
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.s3.region] or [recovery.endpointURL]
- it: should fail with missing destinationPath and azure storageAccount on recovery method object_store
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -322,15 +300,18 @@ tests:
mode: recovery
recovery:
method: object_store
provider: azure
azure:
connectionString: some-connection-string
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.azure.storageAccount] or [recovery.destinationPath]
- it: should fail with missing destinationPath and azure serviceName on recovery method object_store
set:
credentials:
test:
type: azure
connectionString: some-connection-string
storageAccount: some-storage-account
cnpg:
my-pg:
enabled: true
@@ -340,16 +321,20 @@ tests:
mode: recovery
recovery:
method: object_store
provider: azure
azure:
connectionString: some-connection-string
storageAccount: some-storage-account
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.azure.serviceName] or [recovery.destinationPath]
- it: should fail with missing destinationPath and azure containerName on recovery method object_store
set:
credentials:
test:
type: azure
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
cnpg:
my-pg:
enabled: true
@@ -359,17 +344,18 @@ tests:
mode: recovery
recovery:
method: object_store
provider: azure
azure:
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
credentials: test
asserts:
- failedTemplate:
errorMessage: CNPG Recovery - You need to specify [recovery.azure.containerName] or [recovery.destinationPath]
- it: should fail with revision in backups not a string
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -378,10 +364,8 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
credentials: test
revision: 5
azure:
connectionString: some-connection-string
target: primary
asserts:
- failedTemplate:
@@ -389,6 +373,10 @@ tests:
- it: should fail with invalid target when backups are enabled
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -397,9 +385,7 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
azure:
connectionString: some-connection-string
credentials: test
target: invalid
asserts:
- failedTemplate:
@@ -407,6 +393,11 @@ tests:
- it: should fail with invalid retentionPolicy when backups are enabled
set:
credentials:
test:
type: azure
connectionString: some-connection-string
applicationCredentials: some-credential
cnpg:
my-pg:
enabled: true
@@ -415,9 +406,7 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
azure:
connectionString: some-connection-string
credentials: test
target: primary
retentionPolicy: invalid
asserts:
@@ -426,6 +415,11 @@ tests:
- it: should fail with missing destinationPath and google bucket on backups
set:
credentials:
test:
type: google
connectionString: some-credentials
applicationCredentials: some-credential
cnpg:
my-pg:
enabled: true
@@ -434,17 +428,20 @@ tests:
password: test-password
backups:
enabled: true
provider: google
credentials: test
target: primary
retentionPolicy: 1d
google:
applicationCredentials: some-credentials
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.google.bucket] or [backups.destinationPath]
- it: should fail with missing destinationPath and s3 bucket on backups
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
cnpg:
my-pg:
enabled: true
@@ -453,18 +450,22 @@ tests:
password: test-password
backups:
enabled: true
provider: s3
credentials: test
target: primary
retentionPolicy: 1d
s3:
accessKey: some-access-key
secretKey: some-secret-key
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.s3.bucket] or [backups.destinationPath]
- it: should fail with missing endpointURL and s3 region on backups
set:
credentials:
test:
type: s3
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
cnpg:
my-pg:
enabled: true
@@ -473,19 +474,19 @@ tests:
password: test-password
backups:
enabled: true
provider: s3
credentials: test
target: primary
retentionPolicy: 1d
s3:
accessKey: some-access-key
secretKey: some-secret-key
bucket: some-bucket
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.s3.region] or [backups.endpointURL]
- it: should fail with missing destinationPath and azure storageAccount on backups
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -494,17 +495,20 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
credentials: test
target: primary
retentionPolicy: 1d
azure:
connectionString: some-connection-string
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.azure.storageAccount] or [backups.destinationPath]
- it: should fail with missing destinationPath and azure serviceName on backups
set:
credentials:
test:
type: azure
connectionString: some-connection-string
storageAccount: some-storage-account
cnpg:
my-pg:
enabled: true
@@ -513,18 +517,21 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
credentials: test
target: primary
retentionPolicy: 1d
azure:
connectionString: some-connection-string
storageAccount: some-storage-account
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.azure.serviceName] or [backups.destinationPath]
- it: should fail with missing destinationPath and azure containerName on backups
set:
credentials:
test:
type: azure
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
cnpg:
my-pg:
enabled: true
@@ -533,13 +540,9 @@ tests:
password: test-password
backups:
enabled: true
provider: azure
credentials: test
target: primary
retentionPolicy: 1d
azure:
connectionString: some-connection-string
storageAccount: some-storage-account
serviceName: some-service-name
asserts:
- failedTemplate:
errorMessage: CNPG Backup - You need to specify [backups.azure.containerName] or [backups.destinationPath]

View File

@@ -9,6 +9,10 @@ release:
tests:
- it: should pass with cnpg scheduledBackup backup created with labels and annotations
set:
credentials:
test:
type: azure
connectionString: some-connection-string
label1: label1
label2: global_label2
label3: label3
@@ -44,10 +48,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
labels:
label5: label5
annotations:
@@ -106,6 +108,10 @@ tests:
- it: should pass with cnpg scheduledBackup backup created with namespace
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -117,10 +123,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"
@@ -133,6 +137,10 @@ tests:
- it: should pass with cnpg scheduledBackup backup created with object namespace from tpl
set:
credentials:
test:
type: azure
connectionString: some-connection-string
key: some-namespace
cnpg:
my-pg:
@@ -145,10 +153,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"
@@ -161,6 +167,10 @@ tests:
- it: should pass with cnpg scheduledBackup backup created with namespace from global with tpl
set:
credentials:
test:
type: azure
connectionString: some-connection-string
key: global-namespace
global:
namespace: "{{ .Values.key }}"
@@ -174,10 +184,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"
@@ -190,6 +198,10 @@ tests:
- it: should pass with cnpg scheduledBackup backup created with namespace from root with tpl
set:
credentials:
test:
type: azure
connectionString: some-connection-string
key: local-namespace
namespace: "{{ .Values.key }}"
global:
@@ -204,10 +216,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"
@@ -220,6 +230,10 @@ tests:
- it: should pass with cnpg scheduledBackup backup created with namespace in TrueNAS SCALE
set:
credentials:
test:
type: azure
connectionString: some-connection-string
global:
ixChartContext:
iAmNotEmpty: true
@@ -235,10 +249,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should generate correct name
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -17,10 +21,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"
@@ -34,7 +36,7 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should generate correct spec
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -17,10 +21,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"

View File

@@ -7,6 +7,10 @@ release:
tests:
- it: should pass with hibernate
set:
credentials:
test:
type: azure
connectionString: some-connection-string
cnpg:
my-pg:
enabled: true
@@ -18,10 +22,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"
@@ -41,6 +43,10 @@ tests:
- it: should set suspend on stopAll
set:
credentials:
test:
type: azure
connectionString: some-connection-string
global:
stopAll: true
cnpg:
@@ -54,10 +60,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"
@@ -77,6 +81,10 @@ tests:
- it: should set suspend on ixChartContext - isStopped (true)
set:
credentials:
test:
type: azure
connectionString: some-connection-string
global:
namespace: ix-something
ixChartContext:
@@ -93,10 +101,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"
@@ -116,6 +122,10 @@ tests:
- it: should not suspend on ixChartContext - isStopped (false)
set:
credentials:
test:
type: azure
connectionString: some-connection-string
global:
namespace: ix-something
ixChartContext:
@@ -132,10 +142,8 @@ tests:
enabled: true
target: primary
retentionPolicy: 10d
provider: azure
credentials: test
destinationPath: some-path
azure:
connectionString: some-connection-string
scheduledBackups:
- name: daily
schedule: "0 0 * * *"

View File

@@ -15,7 +15,7 @@ maintainers:
name: common
sources: null
type: library
version: 21.0.1
version: 22.0.0
annotations:
artifacthub.io/category: "integration-delivery"
artifacthub.io/license: "BUSL-1.1"

View File

@@ -28,7 +28,7 @@
{{- if not $data.containerName -}}
{{- fail (printf "CNPG %s - You need to specify [%s.azure.containerName] or [%s.destinationPath]" ($type | camelcase) $key $key) -}}
{{- end -}}
{{- $destinationPath = (printf "https://%s.%s.core.windows.net/%s/%s" $data.storageAccount $data.serviceName $data.containerName (($data.path | default "/") | trimSuffix "/")) -}}
{{- $destinationPath = (printf "https://%s.%s.core.windows.net/%s/%s" $data.storageAccount $data.serviceName $data.containerName (($objectData.path | default "/") | trimSuffix "/")) -}}
{{- end }}
endpointURL: {{ $endpointURL }}
destinationPath: {{ $destinationPath }}

View File

@@ -7,9 +7,11 @@
{{- $endpointURL := "" -}}
{{- $destinationPath := "" -}}
{{- $key := "" -}}
{{- $creds := dict -}}
{{- if eq $type "recovery" -}}
{{- $endpointURL = $objectData.recovery.endpointURL -}}
{{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}}
{{- $endpointURL = $creds.url -}}
{{- $destinationPath = $objectData.recovery.destinationPath -}}
{{- $key = "recovery" -}}
@@ -21,8 +23,8 @@
{{- end -}}
{{- else if eq $type "backup" -}}
{{- $endpointURL = $objectData.backups.endpointURL -}}
{{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}}
{{- $endpointURL = $creds.url -}}
{{- $destinationPath = $objectData.backups.destinationPath -}}
{{- $key = "backups" -}}

View File

@@ -27,7 +27,7 @@
{{- if not $data.bucket -}}
{{- fail (printf "CNPG %s - You need to specify [%s.google.bucket] or [%s.destinationPath]" ($type | camelcase) $key $key) -}}
{{- end -}}
{{- $destinationPath = (printf "gs://%s/%s" $data.bucket (($data.path | default "/") | trimSuffix "/")) -}}
{{- $destinationPath = (printf "gs://%s/%s" $data.bucket (($objectData.path | default "/") | trimSuffix "/")) -}}
{{- end }}
endpointURL: {{ $endpointURL }}
destinationPath: {{ $destinationPath }}

View File

@@ -22,7 +22,7 @@
{{- if not $data.bucket -}}
{{- fail (printf "CNPG %s - You need to specify [%s.s3.bucket] or [%s.destinationPath]" ($type | camelcase) $key $key) -}}
{{- end -}}
{{- $destinationPath = (printf "s3://%s/%s" $data.bucket (($data.path | default "/") | trimSuffix "/")) -}}
{{- $destinationPath = (printf "s3://%s/%s" $data.bucket (($objectData.path | default "/") | trimSuffix "/")) -}}
{{- end -}}
{{- if not $endpointURL -}}
{{- if not $data.region -}}

View File

@@ -14,8 +14,9 @@ backup:
compression: gzip
encryption: AES256
jobs: {{ $objectData.backups.jobs | default 2 }}
{{- $provider := $objectData.backups.provider -}}
{{/* Fetch provider data */}}
{{- $data := (get $objectData.backups $provider) -}}
{{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $data "type" "backup") | nindent 4 -}}
{{/* Get the creds defined in backup.$provider */}}
{{- $creds := (get $rootCtx.Values.credentials $objectData.backups.credentials) -}}
{{ $provider := $creds.type -}}
{{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "backup") | nindent 4 -}}
{{- end -}}

View File

@@ -12,9 +12,10 @@ externalClusters:
- name: {{ $serverName }}
barmanObjectStore:
{{- $provider := $objectData.recovery.provider -}}
{{/* Fetch provider data */}}
{{- $data := (get $objectData.recovery $provider) -}}
{{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $data "type" "recovery") | nindent 6 -}}
{{- end -}}
{{/* Get the creds defined in backup.$provider */}}
{{- $creds := (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}}
{{ $provider := $creds.type -}}
{{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "recovery") | nindent 6 -}}
{{- end -}}
{{- end -}}

View File

@@ -1,14 +0,0 @@
{{- define "tc.v1.common.lib.cnpg.provider.backupValidation" -}}
{{- $objectData := .objectData -}}
{{- $provider := $objectData.backups.provider -}}
{{- include "tc.v1.common.lib.cnpg.provider.validation" (dict
"objectData" $objectData
"key" "backups" "caller" "CNPG Backup"
"provider" $provider) -}}
{{- if not (get $objectData.backups $provider) -}}
{{- fail (printf "CNPG Backup - Expected [backups.%s] to be defined when [backups.provider] is set to [%s]" $provider $provider) -}}
{{- end -}}
{{- end -}}

View File

@@ -10,15 +10,13 @@
{{- $provider := "" -}}
{{- $creds := dict -}}
{{- if eq $type "backup" -}}
{{- include "tc.v1.common.lib.cnpg.provider.backupValidation" (dict "objectData" $objectData) -}}
{{- $provider = $objectData.backups.provider -}}
{{/* Get the creds defined in backup.$provider */}}
{{- $creds = (get $objectData.backups $provider) -}}
{{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}}
{{- $provider = $creds.type -}}
{{- else if eq $type "recovery" -}}
{{- include "tc.v1.common.lib.cnpg.provider.recoveryValidation" (dict "objectData" $objectData) -}}
{{- $provider = $objectData.recovery.provider -}}
{{/* Get the creds defined in recovery.$provider */}}
{{- $creds = (get $objectData.recovery $provider) -}}
{{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}}
{{- $provider = $creds.type -}}
{{- end -}}
{{- include (printf "tc.v1.common.lib.cnpg.provider.%s.validation" $provider) (dict "objectData" $objectData "creds" $creds) -}}

View File

@@ -1,14 +0,0 @@
{{- define "tc.v1.common.lib.cnpg.provider.recoveryValidation" -}}
{{- $objectData := .objectData -}}
{{- $provider := $objectData.recovery.provider -}}
{{- include "tc.v1.common.lib.cnpg.provider.validation" (dict
"objectData" $objectData
"key" "recovery" "caller" "CNPG Recovery"
"provider" $provider) -}}
{{- if not (get $objectData.recovery $provider) -}}
{{- fail (printf "CNPG Recovery - Expected [recovery.%s] to be defined when [recovery.provider] is set to [%s]" $provider $provider) -}}
{{- end -}}
{{- end -}}

View File

@@ -236,6 +236,22 @@ credentials: {}
# encrKey: ""
# azure:
# connectionString: ""
# storageAccount: ""
# storageKey: ""
# storageSasToken: ""
# containerName: ""
# serviceName: blob
# inheritFromAzureAD: false
## TODO: Add support for google:
# google:
# bucket: ""
# gkeEnvironment: false
# applicationCredentials: ""
# -- (docs/persistence/README.md)
persistence:
shared:
@@ -1101,44 +1117,18 @@ cnpg:
# Object Store Recovery Method
clusterName: ""
# Overrides the provider specific default endpoint. Defaults to:
# S3: https://s3.<region>.amazonaws.com"
endpointURL: "" # Leave empty if using the default S3 endpoint
# Overrides the provider specific default path. Defaults to:
# S3: s3://<bucket><path>
# Azure: https://<storageAccount>.<serviceName>.core.windows.net/<clusterName><path>
# Google: gs://<bucket><path>
destinationPath: ""
provider: s3 # One of s3, azure, google
s3:
region: ""
bucket: ""
path: "/"
accessKey: ""
secretKey: ""
azure:
path: "/"
connectionString: ""
storageAccount: ""
storageKey: ""
storageSasToken: ""
containerName: ""
serviceName: blob
inheritFromAzureAD: false
google:
path: "/"
bucket: ""
gkeEnvironment: false
applicationCredentials: ""
path: "/"
# Database cluster backup configuration
backups:
enabled: false # You need to configure backups manually, so backups are disabled by default.
# Overrides the provider specific default endpoint. Defaults to:
# S3: https://s3.<region>.amazonaws.com"
endpointURL: "" # Leave empty if using the default S3 endpoint
## set a revision to append to the serverName to ensure restore and backup dont target the same thing
# revision: 1
@@ -1150,29 +1140,13 @@ cnpg:
# Azure: https://<storageAccount>.<serviceName>.core.windows.net/<clusterName><path>
# Google: gs://<bucket><path>
destinationPath: ""
# default: primary, other option prefer-standby
target: ""
provider: s3
s3:
region: ""
bucket: ""
path: "/"
accessKey: ""
secretKey: ""
azure:
path: "/"
connectionString: ""
storageAccount: ""
storageKey: ""
storageSasToken: ""
containerName: ""
serviceName: blob
inheritFromAzureAD: false
google:
path: "/"
bucket: ""
gkeEnvironment: false
applicationCredentials: ""
# name of credentials in .Values.Credentials
credentials: ""
path: "/"
scheduledBackups:
- name: daily-backup # Daily at midnight