diff --git a/library/common-test/Chart.yaml b/library/common-test/Chart.yaml index 5d9d56d8..fcc78b6a 100644 --- a/library/common-test/Chart.yaml +++ b/library/common-test/Chart.yaml @@ -3,7 +3,7 @@ appVersion: "" dependencies: - name: common repository: file://../common - version: ~21.0.0 + version: ~22.0.0 deprecated: false description: Helper chart to test different use cases of the common library home: https://github.com/truecharts/apps/tree/master/charts/library/common-test diff --git a/library/common-test/tests/cnpg/backup_metadata_test.yaml b/library/common-test/tests/cnpg/backup_metadata_test.yaml index cadb571d..26d9a7b0 100644 --- a/library/common-test/tests/cnpg/backup_metadata_test.yaml +++ b/library/common-test/tests/cnpg/backup_metadata_test.yaml @@ -9,6 +9,10 @@ release: tests: - it: should pass with cnpg manualBackups backup created with labels and annotations set: + credentials: + test: + type: azure + connectionString: some-connection-string label1: label1 label2: global_label2 label3: label3 @@ -44,10 +48,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string labels: label5: label5 annotations: @@ -104,6 +106,10 @@ tests: - it: should pass with cnpg manualBackups backup created with namespace set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -115,10 +121,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: @@ -129,6 +133,10 @@ tests: - it: should pass with cnpg manualBackups backup created with object namespace from tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: some-namespace cnpg: my-pg: @@ -141,10 +149,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: @@ -155,6 +161,10 @@ tests: - it: should pass with cnpg manualBackups backup created with namespace from global with tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: global-namespace global: namespace: "{{ .Values.key }}" @@ -168,10 +178,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: @@ -182,6 +190,10 @@ tests: - it: should pass with cnpg manualBackups backup created with namespace from root with tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: local-namespace namespace: "{{ .Values.key }}" global: @@ -196,10 +208,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: @@ -210,6 +220,10 @@ tests: - it: should pass with cnpg manualBackups backup created with namespace in TrueNAS SCALE set: + credentials: + test: + type: azure + connectionString: some-connection-string global: ixChartContext: iAmNotEmpty: true @@ -225,10 +239,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: diff --git a/library/common-test/tests/cnpg/backup_name_test.yaml b/library/common-test/tests/cnpg/backup_name_test.yaml index c9c8083b..6084ba51 100644 --- a/library/common-test/tests/cnpg/backup_name_test.yaml +++ b/library/common-test/tests/cnpg/backup_name_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should generate correct name set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today my-pg2: @@ -32,10 +34,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: other asserts: diff --git a/library/common-test/tests/cnpg/backup_provider_secret_spec_test.yaml b/library/common-test/tests/cnpg/backup_provider_secret_spec_test.yaml index 234ff0e5..057a8b31 100644 --- a/library/common-test/tests/cnpg/backup_provider_secret_spec_test.yaml +++ b/library/common-test/tests/cnpg/backup_provider_secret_spec_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should create secret for azure provider with connection string set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: @@ -45,6 +47,10 @@ tests: - it: should create secret for google provider with application credentials set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -55,10 +61,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: google + credentials: test destinationPath: some-path - google: - applicationCredentials: some-credentials manualBackups: - name: today asserts: @@ -80,6 +84,12 @@ tests: - it: should create secret for s3 provider with application credentials set: + credentials: + test: + type: s3 + url: some-url + secretKey: some-secret-key + accessKey: some-access-key cnpg: my-pg: enabled: true @@ -90,12 +100,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: s3 + credentials: test destinationPath: some-path - endpointURL: some-url - s3: - secretKey: some-secret-key - accessKey: some-access-key manualBackups: - name: today asserts: diff --git a/library/common-test/tests/cnpg/backup_provider_validation_test.yaml b/library/common-test/tests/cnpg/backup_provider_validation_test.yaml index 95540988..ce127bc7 100644 --- a/library/common-test/tests/cnpg/backup_provider_validation_test.yaml +++ b/library/common-test/tests/cnpg/backup_provider_validation_test.yaml @@ -5,44 +5,18 @@ release: name: test-release-name namespace: test-release-namespace tests: - - it: should fail with invalid provider - set: - cnpg: - my-pg: - enabled: true - backups: - enabled: true - provider: invalid - manualBackups: - - name: today - asserts: - - failedTemplate: - errorMessage: CNPG Backup - Expected [backups.provider] to be one of [azure, s3, google], but got [invalid] - - - it: should fail with missing "provider" object - set: - cnpg: - my-pg: - enabled: true - backups: - enabled: true - provider: azure - manualBackups: - - name: today - asserts: - - failedTemplate: - errorMessage: CNPG Backup - Expected [backups.azure] to be defined when [backups.provider] is set to [azure] - - it: should fail with missing storageAccount or connectionString with azure provider set: + credentials: + test: + type: azure + storageKey: test cnpg: my-pg: enabled: true backups: enabled: true - provider: azure - azure: - storageKey: test + credentials: test manualBackups: - name: today asserts: @@ -51,14 +25,16 @@ tests: - it: should fail with missing storageKey or storageSasToken with azure provider set: + credentials: + test: + type: azure + storageAccount: test cnpg: my-pg: enabled: true backups: enabled: true - provider: azure - azure: - storageAccount: test + credentials: test manualBackups: - name: today asserts: @@ -67,16 +43,18 @@ tests: - it: should fail with both storageKey and storageSasToken defined with azure provider set: + credentials: + test: + type: azure + storageAccount: test + storageKey: test + storageSasToken: test cnpg: my-pg: enabled: true backups: enabled: true - provider: azure - azure: - storageAccount: test - storageKey: test - storageSasToken: test + credentials: test manualBackups: - name: today asserts: @@ -85,14 +63,16 @@ tests: - it: should fail with applicationCredentials missing with google provider set: + credentials: + test: + type: google + gkeEnvironment: false cnpg: my-pg: enabled: true backups: enabled: true - provider: google - google: - gkeEnvironment: false + credentials: test manualBackups: - name: today asserts: @@ -101,14 +81,16 @@ tests: - it: should fail with accessKey missing with s3 provider set: + credentials: + test: + type: s3 + secretKey: test cnpg: my-pg: enabled: true backups: enabled: true - provider: s3 - s3: - secretKey: test + credentials: test manualBackups: - name: today asserts: @@ -117,14 +99,16 @@ tests: - it: should fail with secretKey missing with s3 provider set: + credentials: + test: + type: s3 + accessKey: test cnpg: my-pg: enabled: true backups: enabled: true - provider: s3 - s3: - accessKey: test + credentials: test manualBackups: - name: today asserts: diff --git a/library/common-test/tests/cnpg/backup_spec_test.yaml b/library/common-test/tests/cnpg/backup_spec_test.yaml index d4e40a9b..47222c5e 100644 --- a/library/common-test/tests/cnpg/backup_spec_test.yaml +++ b/library/common-test/tests/cnpg/backup_spec_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should generate correct spec set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today - name: before-upgrade diff --git a/library/common-test/tests/cnpg/backup_validation_test.yaml b/library/common-test/tests/cnpg/backup_validation_test.yaml index 71e1613d..2bb1b803 100644 --- a/library/common-test/tests/cnpg/backup_validation_test.yaml +++ b/library/common-test/tests/cnpg/backup_validation_test.yaml @@ -7,14 +7,16 @@ release: tests: - it: should fail without name in manualBackups backup set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true backups: enabled: true - provider: azure - azure: - connectionString: some-connection-string + credentials: test manualBackups: - name: asserts: @@ -23,14 +25,16 @@ tests: - it: should fail with invalid name in manualBackups backup set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true backups: enabled: true - provider: azure - azure: - connectionString: some-connection-string + credentials: test manualBackups: - name: _invalid asserts: diff --git a/library/common-test/tests/cnpg/cluster_backup_spec_test.yaml b/library/common-test/tests/cnpg/cluster_backup_spec_test.yaml index 974c29b2..88e47455 100644 --- a/library/common-test/tests/cnpg/cluster_backup_spec_test.yaml +++ b/library/common-test/tests/cnpg/cluster_backup_spec_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should generate correct spec with backups (azure) set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string asserts: - documentIndex: &secretDoc 1 isKind: @@ -84,6 +86,10 @@ tests: - it: should generate correct spec with backups (google) set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -94,10 +100,9 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: google + credentials: test destinationPath: some-path - google: - applicationCredentials: some-credentials + asserts: - documentIndex: *secretDoc isKind: @@ -150,6 +155,12 @@ tests: - it: should generate correct spec with backups (s3) set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + url: some-url cnpg: my-pg: enabled: true @@ -160,12 +171,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: s3 + credentials: test destinationPath: some-path - endpointURL: some-url - s3: - accessKey: some-access-key - secretKey: some-secret-key asserts: - documentIndex: *secretDoc isKind: @@ -221,6 +228,12 @@ tests: - it: should use the revision when set in server name set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + url: some-url cnpg: my-pg: enabled: true @@ -231,13 +244,9 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: s3 + credentials: test destinationPath: some-path - endpointURL: some-url revision: some-revision - s3: - accessKey: some-access-key - secretKey: some-secret-key asserts: - documentIndex: *secretDoc isKind: @@ -293,6 +302,12 @@ tests: - it: should override serverName when set set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + url: some-url cnpg: my-pg: enabled: true @@ -303,13 +318,9 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: s3 + credentials: test destinationPath: some-path - endpointURL: some-url serverName: some-server-name - s3: - accessKey: some-access-key - secretKey: some-secret-key asserts: - documentIndex: *secretDoc isKind: @@ -365,6 +376,12 @@ tests: - it: should override serverName when set (and also take account revision) set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + url: some-url cnpg: my-pg: enabled: true @@ -375,14 +392,11 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: s3 + credentials: test destinationPath: some-path - endpointURL: some-url serverName: some-server-name revision: "1" - s3: - accessKey: some-access-key - secretKey: some-secret-key + asserts: - documentIndex: *secretDoc isKind: @@ -438,6 +452,10 @@ tests: - it: should generate correct spec with empty target set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -447,10 +465,8 @@ tests: backups: enabled: true retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string asserts: - documentIndex: &clusterDoc 0 isKind: diff --git a/library/common-test/tests/cnpg/cluster_recovery_spec_test.yaml b/library/common-test/tests/cnpg/cluster_recovery_spec_test.yaml index b33c1b34..ebb69eae 100644 --- a/library/common-test/tests/cnpg/cluster_recovery_spec_test.yaml +++ b/library/common-test/tests/cnpg/cluster_recovery_spec_test.yaml @@ -73,6 +73,11 @@ tests: - it: should generate correct spec with recovery/objectStore (google) set: + credentials: + test: + type: google + applicationCredentials: some-credentials + bucket: some-bucket cnpg: my-pg: enabled: true @@ -80,13 +85,10 @@ tests: database: test-db password: test-password mode: recovery + path: some-path recovery: method: object_store - provider: google - google: - applicationCredentials: some-credentials - bucket: some-bucket - path: some-path + credentials: test pitrTarget: time: "2021-01-01T00:00:00Z" asserts: @@ -146,6 +148,10 @@ tests: - it: should generate correct spec with recovery/objectStore (google - destinationPath) set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -155,10 +161,8 @@ tests: mode: recovery recovery: method: object_store - provider: google + credentials: test destinationPath: gs://some-bucket - google: - applicationCredentials: some-credentials pitrTarget: time: "2021-01-01T00:00:00Z" asserts: @@ -218,6 +222,13 @@ tests: - it: should generate correct spec with recovery/objectStore (s3) set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + bucket: some-bucket + region: some-region cnpg: my-pg: enabled: true @@ -225,15 +236,11 @@ tests: database: test-db password: test-password mode: recovery + path: some-path recovery: method: object_store - provider: s3 - s3: - accessKey: some-access-key - secretKey: some-secret-key - bucket: some-bucket - path: some-path - region: some-region + credentials: test + asserts: - documentIndex: *secretDoc isKind: @@ -292,6 +299,12 @@ tests: - it: should generate correct spec with recovery/objectStore (s3 - destinationPath/endpointURL) set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + url: some-endpoint-url cnpg: my-pg: enabled: true @@ -301,12 +314,9 @@ tests: mode: recovery recovery: method: object_store - provider: s3 + credentials: test destinationPath: s3://some-bucket - endpointURL: some-endpoint-url - s3: - accessKey: some-access-key - secretKey: some-secret-key + asserts: - documentIndex: *secretDoc isKind: @@ -365,6 +375,14 @@ tests: - it: should generate correct spec with recovery/objectStore (azure) set: + credentials: + test: + type: azure + connectionString: some-connection-string + storageAccount: some-storage-account + serviceName: some-service-name + containerName: some-container-name + cnpg: my-pg: enabled: true @@ -372,15 +390,10 @@ tests: database: test-db password: test-password mode: recovery + path: some-path recovery: method: object_store - provider: azure - azure: - connectionString: some-connection-string - storageAccount: some-storage-account - serviceName: some-service-name - containerName: some-container-name - path: some-path + credentials: test asserts: - documentIndex: *secretDoc isKind: @@ -447,6 +460,10 @@ tests: - it: should generate correct spec with recovery/objectStore (azure - destinationPath) set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -456,10 +473,8 @@ tests: mode: recovery recovery: method: object_store - provider: azure + credentials: test destinationPath: https://some-storage-account.some-service-name.core.windows.net/some-container-name - azure: - connectionString: some-connection-string asserts: - documentIndex: *secretDoc isKind: @@ -526,6 +541,10 @@ tests: - it: should use revision in serverName when set set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -535,11 +554,9 @@ tests: mode: recovery recovery: method: object_store - provider: google + credentials: test destinationPath: gs://some-bucket revision: some-revision - google: - applicationCredentials: some-credentials pitrTarget: time: "2021-01-01T00:00:00Z" asserts: @@ -599,6 +616,10 @@ tests: - it: should override serverName when set set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -608,11 +629,9 @@ tests: mode: recovery recovery: method: object_store - provider: google + credentials: test destinationPath: gs://some-bucket serverName: some-server-name - google: - applicationCredentials: some-credentials pitrTarget: time: "2021-01-01T00:00:00Z" asserts: @@ -672,6 +691,10 @@ tests: - it: should override serverName when set along with revision set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -681,12 +704,10 @@ tests: mode: recovery recovery: method: object_store - provider: google + credentials: test destinationPath: gs://some-bucket serverName: some-server-name revision: "20" - google: - applicationCredentials: some-credentials pitrTarget: time: "2021-01-01T00:00:00Z" asserts: diff --git a/library/common-test/tests/cnpg/cluster_validation_test.yaml b/library/common-test/tests/cnpg/cluster_validation_test.yaml index 2f2b9ea9..71f04d18 100644 --- a/library/common-test/tests/cnpg/cluster_validation_test.yaml +++ b/library/common-test/tests/cnpg/cluster_validation_test.yaml @@ -222,40 +222,12 @@ tests: - failedTemplate: errorMessage: CNPG Recovery - Expected a non-empty [recovery.backupName] key - - it: should fail with invalid provider on recovery method object_store - set: - cnpg: - my-pg: - enabled: true - user: test-user - database: test-db - password: test-password - mode: recovery - recovery: - method: object_store - provider: invalid - asserts: - - failedTemplate: - errorMessage: CNPG Recovery - Expected [recovery.provider] to be one of [azure, s3, google], but got [invalid] - - - it: should fail with missing "provider" key on recovery method object_store - set: - cnpg: - my-pg: - enabled: true - user: test-user - database: test-db - password: test-password - mode: recovery - recovery: - method: object_store - provider: google - asserts: - - failedTemplate: - errorMessage: CNPG Recovery - Expected [recovery.google] to be defined when [recovery.provider] is set to [google] - - it: should fail with missing destinationPath and google bucket on recovery method object_store set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -265,15 +237,18 @@ tests: mode: recovery recovery: method: object_store - provider: google - google: - applicationCredentials: some-credentials + credentials: test asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.google.bucket] or [recovery.destinationPath] - it: should fail with missing destinationPath and s3 bucket on recovery method object_store set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key cnpg: my-pg: enabled: true @@ -283,16 +258,19 @@ tests: mode: recovery recovery: method: object_store - provider: s3 - s3: - accessKey: some-access-key - secretKey: some-secret-key + credentials: test asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.s3.bucket] or [recovery.destinationPath] - it: should fail with missing endpointURL and s3 region on recovery method object_store set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + bucket: some-bucket cnpg: my-pg: enabled: true @@ -302,17 +280,17 @@ tests: mode: recovery recovery: method: object_store - provider: s3 - s3: - accessKey: some-access-key - secretKey: some-secret-key - bucket: some-bucket + credentials: test asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.s3.region] or [recovery.endpointURL] - it: should fail with missing destinationPath and azure storageAccount on recovery method object_store set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -322,15 +300,18 @@ tests: mode: recovery recovery: method: object_store - provider: azure - azure: - connectionString: some-connection-string + credentials: test asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.azure.storageAccount] or [recovery.destinationPath] - it: should fail with missing destinationPath and azure serviceName on recovery method object_store set: + credentials: + test: + type: azure + connectionString: some-connection-string + storageAccount: some-storage-account cnpg: my-pg: enabled: true @@ -340,16 +321,20 @@ tests: mode: recovery recovery: method: object_store - provider: azure - azure: - connectionString: some-connection-string - storageAccount: some-storage-account + credentials: test + asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.azure.serviceName] or [recovery.destinationPath] - it: should fail with missing destinationPath and azure containerName on recovery method object_store set: + credentials: + test: + type: azure + connectionString: some-connection-string + storageAccount: some-storage-account + serviceName: some-service-name cnpg: my-pg: enabled: true @@ -359,17 +344,18 @@ tests: mode: recovery recovery: method: object_store - provider: azure - azure: - connectionString: some-connection-string - storageAccount: some-storage-account - serviceName: some-service-name + credentials: test + asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.azure.containerName] or [recovery.destinationPath] - it: should fail with revision in backups not a string set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -378,10 +364,8 @@ tests: password: test-password backups: enabled: true - provider: azure + credentials: test revision: 5 - azure: - connectionString: some-connection-string target: primary asserts: - failedTemplate: @@ -389,6 +373,10 @@ tests: - it: should fail with invalid target when backups are enabled set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -397,9 +385,7 @@ tests: password: test-password backups: enabled: true - provider: azure - azure: - connectionString: some-connection-string + credentials: test target: invalid asserts: - failedTemplate: @@ -407,6 +393,11 @@ tests: - it: should fail with invalid retentionPolicy when backups are enabled set: + credentials: + test: + type: azure + connectionString: some-connection-string + applicationCredentials: some-credential cnpg: my-pg: enabled: true @@ -415,9 +406,7 @@ tests: password: test-password backups: enabled: true - provider: azure - azure: - connectionString: some-connection-string + credentials: test target: primary retentionPolicy: invalid asserts: @@ -426,6 +415,11 @@ tests: - it: should fail with missing destinationPath and google bucket on backups set: + credentials: + test: + type: google + connectionString: some-credentials + applicationCredentials: some-credential cnpg: my-pg: enabled: true @@ -434,17 +428,20 @@ tests: password: test-password backups: enabled: true - provider: google + credentials: test target: primary retentionPolicy: 1d - google: - applicationCredentials: some-credentials asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.google.bucket] or [backups.destinationPath] - it: should fail with missing destinationPath and s3 bucket on backups set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key cnpg: my-pg: enabled: true @@ -453,18 +450,22 @@ tests: password: test-password backups: enabled: true - provider: s3 + credentials: test target: primary retentionPolicy: 1d - s3: - accessKey: some-access-key - secretKey: some-secret-key + asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.s3.bucket] or [backups.destinationPath] - it: should fail with missing endpointURL and s3 region on backups set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + bucket: some-bucket cnpg: my-pg: enabled: true @@ -473,19 +474,19 @@ tests: password: test-password backups: enabled: true - provider: s3 + credentials: test target: primary retentionPolicy: 1d - s3: - accessKey: some-access-key - secretKey: some-secret-key - bucket: some-bucket asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.s3.region] or [backups.endpointURL] - it: should fail with missing destinationPath and azure storageAccount on backups set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -494,17 +495,20 @@ tests: password: test-password backups: enabled: true - provider: azure + credentials: test target: primary retentionPolicy: 1d - azure: - connectionString: some-connection-string asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.azure.storageAccount] or [backups.destinationPath] - it: should fail with missing destinationPath and azure serviceName on backups set: + credentials: + test: + type: azure + connectionString: some-connection-string + storageAccount: some-storage-account cnpg: my-pg: enabled: true @@ -513,18 +517,21 @@ tests: password: test-password backups: enabled: true - provider: azure + credentials: test target: primary retentionPolicy: 1d - azure: - connectionString: some-connection-string - storageAccount: some-storage-account asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.azure.serviceName] or [backups.destinationPath] - it: should fail with missing destinationPath and azure containerName on backups set: + credentials: + test: + type: azure + connectionString: some-connection-string + storageAccount: some-storage-account + serviceName: some-service-name cnpg: my-pg: enabled: true @@ -533,13 +540,9 @@ tests: password: test-password backups: enabled: true - provider: azure + credentials: test target: primary retentionPolicy: 1d - azure: - connectionString: some-connection-string - storageAccount: some-storage-account - serviceName: some-service-name asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.azure.containerName] or [backups.destinationPath] diff --git a/library/common-test/tests/cnpg/scheduled_backup_metadata_test.yaml b/library/common-test/tests/cnpg/scheduled_backup_metadata_test.yaml index 5d105231..68b04fb9 100644 --- a/library/common-test/tests/cnpg/scheduled_backup_metadata_test.yaml +++ b/library/common-test/tests/cnpg/scheduled_backup_metadata_test.yaml @@ -9,6 +9,10 @@ release: tests: - it: should pass with cnpg scheduledBackup backup created with labels and annotations set: + credentials: + test: + type: azure + connectionString: some-connection-string label1: label1 label2: global_label2 label3: label3 @@ -44,10 +48,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string labels: label5: label5 annotations: @@ -106,6 +108,10 @@ tests: - it: should pass with cnpg scheduledBackup backup created with namespace set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -117,10 +123,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -133,6 +137,10 @@ tests: - it: should pass with cnpg scheduledBackup backup created with object namespace from tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: some-namespace cnpg: my-pg: @@ -145,10 +153,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -161,6 +167,10 @@ tests: - it: should pass with cnpg scheduledBackup backup created with namespace from global with tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: global-namespace global: namespace: "{{ .Values.key }}" @@ -174,10 +184,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -190,6 +198,10 @@ tests: - it: should pass with cnpg scheduledBackup backup created with namespace from root with tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: local-namespace namespace: "{{ .Values.key }}" global: @@ -204,10 +216,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -220,6 +230,10 @@ tests: - it: should pass with cnpg scheduledBackup backup created with namespace in TrueNAS SCALE set: + credentials: + test: + type: azure + connectionString: some-connection-string global: ixChartContext: iAmNotEmpty: true @@ -235,10 +249,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" diff --git a/library/common-test/tests/cnpg/scheduled_backup_name_test.yaml b/library/common-test/tests/cnpg/scheduled_backup_name_test.yaml index c4a42f3b..31168349 100644 --- a/library/common-test/tests/cnpg/scheduled_backup_name_test.yaml +++ b/library/common-test/tests/cnpg/scheduled_backup_name_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should generate correct name set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -34,7 +36,7 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path azure: connectionString: some-connection-string diff --git a/library/common-test/tests/cnpg/scheduled_backup_spec_test.yaml b/library/common-test/tests/cnpg/scheduled_backup_spec_test.yaml index 3dde0808..3052ef34 100644 --- a/library/common-test/tests/cnpg/scheduled_backup_spec_test.yaml +++ b/library/common-test/tests/cnpg/scheduled_backup_spec_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should generate correct spec set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" diff --git a/library/common-test/tests/cnpg/scheduled_backup_stop_test.yaml b/library/common-test/tests/cnpg/scheduled_backup_stop_test.yaml index bc9c7457..0e6ab589 100644 --- a/library/common-test/tests/cnpg/scheduled_backup_stop_test.yaml +++ b/library/common-test/tests/cnpg/scheduled_backup_stop_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should pass with hibernate set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -18,10 +22,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -41,6 +43,10 @@ tests: - it: should set suspend on stopAll set: + credentials: + test: + type: azure + connectionString: some-connection-string global: stopAll: true cnpg: @@ -54,10 +60,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -77,6 +81,10 @@ tests: - it: should set suspend on ixChartContext - isStopped (true) set: + credentials: + test: + type: azure + connectionString: some-connection-string global: namespace: ix-something ixChartContext: @@ -93,10 +101,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -116,6 +122,10 @@ tests: - it: should not suspend on ixChartContext - isStopped (false) set: + credentials: + test: + type: azure + connectionString: some-connection-string global: namespace: ix-something ixChartContext: @@ -132,10 +142,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" diff --git a/library/common/Chart.yaml b/library/common/Chart.yaml index 65627a3e..4ad9f07c 100644 --- a/library/common/Chart.yaml +++ b/library/common/Chart.yaml @@ -15,7 +15,7 @@ maintainers: name: common sources: null type: library -version: 21.0.1 +version: 22.0.0 annotations: artifacthub.io/category: "integration-delivery" artifacthub.io/license: "BUSL-1.1" diff --git a/library/common/templates/lib/cnpg/barmanObjectStore/_azure.tpl b/library/common/templates/lib/cnpg/barmanObjectStore/_azure.tpl index cf5ce360..6dc3bb6c 100644 --- a/library/common/templates/lib/cnpg/barmanObjectStore/_azure.tpl +++ b/library/common/templates/lib/cnpg/barmanObjectStore/_azure.tpl @@ -28,7 +28,7 @@ {{- if not $data.containerName -}} {{- fail (printf "CNPG %s - You need to specify [%s.azure.containerName] or [%s.destinationPath]" ($type | camelcase) $key $key) -}} {{- end -}} - {{- $destinationPath = (printf "https://%s.%s.core.windows.net/%s/%s" $data.storageAccount $data.serviceName $data.containerName (($data.path | default "/") | trimSuffix "/")) -}} + {{- $destinationPath = (printf "https://%s.%s.core.windows.net/%s/%s" $data.storageAccount $data.serviceName $data.containerName (($objectData.path | default "/") | trimSuffix "/")) -}} {{- end }} endpointURL: {{ $endpointURL }} destinationPath: {{ $destinationPath }} diff --git a/library/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl b/library/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl index 21edf552..b41b2981 100644 --- a/library/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl +++ b/library/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl @@ -7,9 +7,11 @@ {{- $endpointURL := "" -}} {{- $destinationPath := "" -}} {{- $key := "" -}} + {{- $creds := dict -}} {{- if eq $type "recovery" -}} - {{- $endpointURL = $objectData.recovery.endpointURL -}} + {{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} + {{- $endpointURL = $creds.url -}} {{- $destinationPath = $objectData.recovery.destinationPath -}} {{- $key = "recovery" -}} @@ -21,8 +23,8 @@ {{- end -}} {{- else if eq $type "backup" -}} - - {{- $endpointURL = $objectData.backups.endpointURL -}} + {{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} + {{- $endpointURL = $creds.url -}} {{- $destinationPath = $objectData.backups.destinationPath -}} {{- $key = "backups" -}} diff --git a/library/common/templates/lib/cnpg/barmanObjectStore/_google.tpl b/library/common/templates/lib/cnpg/barmanObjectStore/_google.tpl index 243f0397..2aa2da95 100644 --- a/library/common/templates/lib/cnpg/barmanObjectStore/_google.tpl +++ b/library/common/templates/lib/cnpg/barmanObjectStore/_google.tpl @@ -27,7 +27,7 @@ {{- if not $data.bucket -}} {{- fail (printf "CNPG %s - You need to specify [%s.google.bucket] or [%s.destinationPath]" ($type | camelcase) $key $key) -}} {{- end -}} - {{- $destinationPath = (printf "gs://%s/%s" $data.bucket (($data.path | default "/") | trimSuffix "/")) -}} + {{- $destinationPath = (printf "gs://%s/%s" $data.bucket (($objectData.path | default "/") | trimSuffix "/")) -}} {{- end }} endpointURL: {{ $endpointURL }} destinationPath: {{ $destinationPath }} diff --git a/library/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl b/library/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl index 7aa6a6a7..659fc96e 100644 --- a/library/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl +++ b/library/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl @@ -22,7 +22,7 @@ {{- if not $data.bucket -}} {{- fail (printf "CNPG %s - You need to specify [%s.s3.bucket] or [%s.destinationPath]" ($type | camelcase) $key $key) -}} {{- end -}} - {{- $destinationPath = (printf "s3://%s/%s" $data.bucket (($data.path | default "/") | trimSuffix "/")) -}} + {{- $destinationPath = (printf "s3://%s/%s" $data.bucket (($objectData.path | default "/") | trimSuffix "/")) -}} {{- end -}} {{- if not $endpointURL -}} {{- if not $data.region -}} diff --git a/library/common/templates/lib/cnpg/cluster/_backup.tpl b/library/common/templates/lib/cnpg/cluster/_backup.tpl index 18a786da..bec27a24 100644 --- a/library/common/templates/lib/cnpg/cluster/_backup.tpl +++ b/library/common/templates/lib/cnpg/cluster/_backup.tpl @@ -14,8 +14,9 @@ backup: compression: gzip encryption: AES256 jobs: {{ $objectData.backups.jobs | default 2 }} - {{- $provider := $objectData.backups.provider -}} {{/* Fetch provider data */}} - {{- $data := (get $objectData.backups $provider) -}} - {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $data "type" "backup") | nindent 4 -}} + {{/* Get the creds defined in backup.$provider */}} + {{- $creds := (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} + {{ $provider := $creds.type -}} + {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "backup") | nindent 4 -}} {{- end -}} diff --git a/library/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl b/library/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl index 3208cbd3..6798cf25 100644 --- a/library/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl +++ b/library/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl @@ -12,9 +12,10 @@ externalClusters: - name: {{ $serverName }} barmanObjectStore: - {{- $provider := $objectData.recovery.provider -}} {{/* Fetch provider data */}} - {{- $data := (get $objectData.recovery $provider) -}} - {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $data "type" "recovery") | nindent 6 -}} - {{- end -}} + {{/* Get the creds defined in backup.$provider */}} + {{- $creds := (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} + {{ $provider := $creds.type -}} + {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "recovery") | nindent 6 -}} + {{- end -}} {{- end -}} diff --git a/library/common/templates/lib/cnpg/providers/_backupValidation.tpl b/library/common/templates/lib/cnpg/providers/_backupValidation.tpl deleted file mode 100644 index a612b7ad..00000000 --- a/library/common/templates/lib/cnpg/providers/_backupValidation.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.provider.backupValidation" -}} - {{- $objectData := .objectData -}} - {{- $provider := $objectData.backups.provider -}} - - {{- include "tc.v1.common.lib.cnpg.provider.validation" (dict - "objectData" $objectData - "key" "backups" "caller" "CNPG Backup" - "provider" $provider) -}} - - {{- if not (get $objectData.backups $provider) -}} - {{- fail (printf "CNPG Backup - Expected [backups.%s] to be defined when [backups.provider] is set to [%s]" $provider $provider) -}} - {{- end -}} - -{{- end -}} diff --git a/library/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl b/library/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl index 031d98b5..c999d9f1 100644 --- a/library/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl +++ b/library/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl @@ -10,15 +10,13 @@ {{- $provider := "" -}} {{- $creds := dict -}} {{- if eq $type "backup" -}} - {{- include "tc.v1.common.lib.cnpg.provider.backupValidation" (dict "objectData" $objectData) -}} - {{- $provider = $objectData.backups.provider -}} {{/* Get the creds defined in backup.$provider */}} - {{- $creds = (get $objectData.backups $provider) -}} + {{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} + {{- $provider = $creds.type -}} {{- else if eq $type "recovery" -}} - {{- include "tc.v1.common.lib.cnpg.provider.recoveryValidation" (dict "objectData" $objectData) -}} - {{- $provider = $objectData.recovery.provider -}} {{/* Get the creds defined in recovery.$provider */}} - {{- $creds = (get $objectData.recovery $provider) -}} + {{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} + {{- $provider = $creds.type -}} {{- end -}} {{- include (printf "tc.v1.common.lib.cnpg.provider.%s.validation" $provider) (dict "objectData" $objectData "creds" $creds) -}} diff --git a/library/common/templates/lib/cnpg/providers/_recoveryValidation.tpl b/library/common/templates/lib/cnpg/providers/_recoveryValidation.tpl deleted file mode 100644 index f7cff9b2..00000000 --- a/library/common/templates/lib/cnpg/providers/_recoveryValidation.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.provider.recoveryValidation" -}} - {{- $objectData := .objectData -}} - {{- $provider := $objectData.recovery.provider -}} - - {{- include "tc.v1.common.lib.cnpg.provider.validation" (dict - "objectData" $objectData - "key" "recovery" "caller" "CNPG Recovery" - "provider" $provider) -}} - - {{- if not (get $objectData.recovery $provider) -}} - {{- fail (printf "CNPG Recovery - Expected [recovery.%s] to be defined when [recovery.provider] is set to [%s]" $provider $provider) -}} - {{- end -}} - -{{- end -}} diff --git a/library/common/values.yaml b/library/common/values.yaml index aceee9cc..2535a3de 100644 --- a/library/common/values.yaml +++ b/library/common/values.yaml @@ -236,6 +236,22 @@ credentials: {} # encrKey: "" + # azure: + # connectionString: "" + # storageAccount: "" + # storageKey: "" + # storageSasToken: "" + # containerName: "" + # serviceName: blob + # inheritFromAzureAD: false + + ## TODO: Add support for google: + # google: + # bucket: "" + # gkeEnvironment: false + # applicationCredentials: "" + + # -- (docs/persistence/README.md) persistence: shared: @@ -1101,44 +1117,18 @@ cnpg: # Object Store Recovery Method clusterName: "" - # Overrides the provider specific default endpoint. Defaults to: - # S3: https://s3..amazonaws.com" - endpointURL: "" # Leave empty if using the default S3 endpoint + # Overrides the provider specific default path. Defaults to: # S3: s3:// # Azure: https://..core.windows.net/ # Google: gs:// destinationPath: "" - provider: s3 # One of s3, azure, google - s3: - region: "" - bucket: "" - path: "/" - accessKey: "" - secretKey: "" - azure: - path: "/" - connectionString: "" - storageAccount: "" - storageKey: "" - storageSasToken: "" - containerName: "" - serviceName: blob - inheritFromAzureAD: false - google: - path: "/" - bucket: "" - gkeEnvironment: false - applicationCredentials: "" + path: "/" # Database cluster backup configuration backups: enabled: false # You need to configure backups manually, so backups are disabled by default. - # Overrides the provider specific default endpoint. Defaults to: - # S3: https://s3..amazonaws.com" - endpointURL: "" # Leave empty if using the default S3 endpoint - ## set a revision to append to the serverName to ensure restore and backup dont target the same thing # revision: 1 @@ -1150,29 +1140,13 @@ cnpg: # Azure: https://..core.windows.net/ # Google: gs:// destinationPath: "" + # default: primary, other option prefer-standby target: "" - provider: s3 - s3: - region: "" - bucket: "" - path: "/" - accessKey: "" - secretKey: "" - azure: - path: "/" - connectionString: "" - storageAccount: "" - storageKey: "" - storageSasToken: "" - containerName: "" - serviceName: blob - inheritFromAzureAD: false - google: - path: "/" - bucket: "" - gkeEnvironment: false - applicationCredentials: "" + + # name of credentials in .Values.Credentials + credentials: "" + path: "/" scheduledBackups: - name: daily-backup # Daily at midnight