From a6f92096586cfb8be2b345425e282fe30bf3bba3 Mon Sep 17 00:00:00 2001 From: Kjeld Schouten Date: Mon, 29 Apr 2024 11:10:52 +0200 Subject: [PATCH] feat!(cnpg): move cnpg credentials to .Values.credentials store (#796) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit **Description** ⚒️ Fixes # **⚙️ Type of change** - [x] ⚙️ Feature/App addition - [ ] 🪛 Bugfix - [x] ⚠️ Breaking change (fix or feature that would cause existing functionality to not work as expected) - [x] 🔃 Refactor of current code **🧪 How Has This Been Tested?** **📃 Notes:** **✔️ Checklist:** - [ ] ⚖️ My code follows the style guidelines of this project - [ ] 👀 I have performed a self-review of my own code - [ ] #️⃣ I have commented my code, particularly in hard-to-understand areas - [ ] 📄 I have made corresponding changes to the documentation - [ ] ⚠️ My changes generate no new warnings - [ ] 🧪 I have added tests to this description that prove my fix is effective or that my feature works - [ ] ⬆️ I increased versions for any altered app according to semantic versioning - [ ] I made sure the title starts with `feat(chart-name):`, `fix(chart-name):` or `chore(chart-name):` **➕ App addition** If this PR is an app addition please make sure you have done the following. - [ ] 🖼️ I have added an icon in the Chart's root directory called `icon.png` --- _Please don't blindly check all the boxes. Read them and only check those that apply. Those checkboxes are there for the reviewer to see what is this all about and the status of this PR with a quick glance._ --- library/common-test/Chart.yaml | 2 +- .../tests/cnpg/backup_metadata_test.yaml | 48 +++-- .../tests/cnpg/backup_name_test.yaml | 12 +- .../backup_provider_secret_spec_test.yaml | 28 +-- .../cnpg/backup_provider_validation_test.yaml | 80 ++++---- .../tests/cnpg/backup_spec_test.yaml | 8 +- .../tests/cnpg/backup_validation_test.yaml | 16 +- .../tests/cnpg/cluster_backup_spec_test.yaml | 74 ++++--- .../cnpg/cluster_recovery_spec_test.yaml | 99 ++++++---- .../tests/cnpg/cluster_validation_test.yaml | 181 +++++++++--------- .../cnpg/scheduled_backup_metadata_test.yaml | 48 +++-- .../cnpg/scheduled_backup_name_test.yaml | 10 +- .../cnpg/scheduled_backup_spec_test.yaml | 8 +- .../cnpg/scheduled_backup_stop_test.yaml | 32 ++-- library/common/Chart.yaml | 2 +- .../lib/cnpg/barmanObjectStore/_azure.tpl | 2 +- .../lib/cnpg/barmanObjectStore/_getData.tpl | 8 +- .../lib/cnpg/barmanObjectStore/_google.tpl | 2 +- .../lib/cnpg/barmanObjectStore/_s3.tpl | 2 +- .../templates/lib/cnpg/cluster/_backup.tpl | 7 +- .../_bootstrapRecoveryExternalCluster.tpl | 9 +- .../lib/cnpg/providers/_backupValidation.tpl | 14 -- .../cnpg/providers/_providerSecretSpawner.tpl | 10 +- .../cnpg/providers/_recoveryValidation.tpl | 14 -- library/common/values.yaml | 72 +++---- 25 files changed, 404 insertions(+), 384 deletions(-) delete mode 100644 library/common/templates/lib/cnpg/providers/_backupValidation.tpl delete mode 100644 library/common/templates/lib/cnpg/providers/_recoveryValidation.tpl diff --git a/library/common-test/Chart.yaml b/library/common-test/Chart.yaml index 5d9d56d8..fcc78b6a 100644 --- a/library/common-test/Chart.yaml +++ b/library/common-test/Chart.yaml @@ -3,7 +3,7 @@ appVersion: "" dependencies: - name: common repository: file://../common - version: ~21.0.0 + version: ~22.0.0 deprecated: false description: Helper chart to test different use cases of the common library home: https://github.com/truecharts/apps/tree/master/charts/library/common-test diff --git a/library/common-test/tests/cnpg/backup_metadata_test.yaml b/library/common-test/tests/cnpg/backup_metadata_test.yaml index cadb571d..26d9a7b0 100644 --- a/library/common-test/tests/cnpg/backup_metadata_test.yaml +++ b/library/common-test/tests/cnpg/backup_metadata_test.yaml @@ -9,6 +9,10 @@ release: tests: - it: should pass with cnpg manualBackups backup created with labels and annotations set: + credentials: + test: + type: azure + connectionString: some-connection-string label1: label1 label2: global_label2 label3: label3 @@ -44,10 +48,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string labels: label5: label5 annotations: @@ -104,6 +106,10 @@ tests: - it: should pass with cnpg manualBackups backup created with namespace set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -115,10 +121,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: @@ -129,6 +133,10 @@ tests: - it: should pass with cnpg manualBackups backup created with object namespace from tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: some-namespace cnpg: my-pg: @@ -141,10 +149,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: @@ -155,6 +161,10 @@ tests: - it: should pass with cnpg manualBackups backup created with namespace from global with tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: global-namespace global: namespace: "{{ .Values.key }}" @@ -168,10 +178,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: @@ -182,6 +190,10 @@ tests: - it: should pass with cnpg manualBackups backup created with namespace from root with tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: local-namespace namespace: "{{ .Values.key }}" global: @@ -196,10 +208,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: @@ -210,6 +220,10 @@ tests: - it: should pass with cnpg manualBackups backup created with namespace in TrueNAS SCALE set: + credentials: + test: + type: azure + connectionString: some-connection-string global: ixChartContext: iAmNotEmpty: true @@ -225,10 +239,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: diff --git a/library/common-test/tests/cnpg/backup_name_test.yaml b/library/common-test/tests/cnpg/backup_name_test.yaml index c9c8083b..6084ba51 100644 --- a/library/common-test/tests/cnpg/backup_name_test.yaml +++ b/library/common-test/tests/cnpg/backup_name_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should generate correct name set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today my-pg2: @@ -32,10 +34,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: other asserts: diff --git a/library/common-test/tests/cnpg/backup_provider_secret_spec_test.yaml b/library/common-test/tests/cnpg/backup_provider_secret_spec_test.yaml index 234ff0e5..057a8b31 100644 --- a/library/common-test/tests/cnpg/backup_provider_secret_spec_test.yaml +++ b/library/common-test/tests/cnpg/backup_provider_secret_spec_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should create secret for azure provider with connection string set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today asserts: @@ -45,6 +47,10 @@ tests: - it: should create secret for google provider with application credentials set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -55,10 +61,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: google + credentials: test destinationPath: some-path - google: - applicationCredentials: some-credentials manualBackups: - name: today asserts: @@ -80,6 +84,12 @@ tests: - it: should create secret for s3 provider with application credentials set: + credentials: + test: + type: s3 + url: some-url + secretKey: some-secret-key + accessKey: some-access-key cnpg: my-pg: enabled: true @@ -90,12 +100,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: s3 + credentials: test destinationPath: some-path - endpointURL: some-url - s3: - secretKey: some-secret-key - accessKey: some-access-key manualBackups: - name: today asserts: diff --git a/library/common-test/tests/cnpg/backup_provider_validation_test.yaml b/library/common-test/tests/cnpg/backup_provider_validation_test.yaml index 95540988..ce127bc7 100644 --- a/library/common-test/tests/cnpg/backup_provider_validation_test.yaml +++ b/library/common-test/tests/cnpg/backup_provider_validation_test.yaml @@ -5,44 +5,18 @@ release: name: test-release-name namespace: test-release-namespace tests: - - it: should fail with invalid provider - set: - cnpg: - my-pg: - enabled: true - backups: - enabled: true - provider: invalid - manualBackups: - - name: today - asserts: - - failedTemplate: - errorMessage: CNPG Backup - Expected [backups.provider] to be one of [azure, s3, google], but got [invalid] - - - it: should fail with missing "provider" object - set: - cnpg: - my-pg: - enabled: true - backups: - enabled: true - provider: azure - manualBackups: - - name: today - asserts: - - failedTemplate: - errorMessage: CNPG Backup - Expected [backups.azure] to be defined when [backups.provider] is set to [azure] - - it: should fail with missing storageAccount or connectionString with azure provider set: + credentials: + test: + type: azure + storageKey: test cnpg: my-pg: enabled: true backups: enabled: true - provider: azure - azure: - storageKey: test + credentials: test manualBackups: - name: today asserts: @@ -51,14 +25,16 @@ tests: - it: should fail with missing storageKey or storageSasToken with azure provider set: + credentials: + test: + type: azure + storageAccount: test cnpg: my-pg: enabled: true backups: enabled: true - provider: azure - azure: - storageAccount: test + credentials: test manualBackups: - name: today asserts: @@ -67,16 +43,18 @@ tests: - it: should fail with both storageKey and storageSasToken defined with azure provider set: + credentials: + test: + type: azure + storageAccount: test + storageKey: test + storageSasToken: test cnpg: my-pg: enabled: true backups: enabled: true - provider: azure - azure: - storageAccount: test - storageKey: test - storageSasToken: test + credentials: test manualBackups: - name: today asserts: @@ -85,14 +63,16 @@ tests: - it: should fail with applicationCredentials missing with google provider set: + credentials: + test: + type: google + gkeEnvironment: false cnpg: my-pg: enabled: true backups: enabled: true - provider: google - google: - gkeEnvironment: false + credentials: test manualBackups: - name: today asserts: @@ -101,14 +81,16 @@ tests: - it: should fail with accessKey missing with s3 provider set: + credentials: + test: + type: s3 + secretKey: test cnpg: my-pg: enabled: true backups: enabled: true - provider: s3 - s3: - secretKey: test + credentials: test manualBackups: - name: today asserts: @@ -117,14 +99,16 @@ tests: - it: should fail with secretKey missing with s3 provider set: + credentials: + test: + type: s3 + accessKey: test cnpg: my-pg: enabled: true backups: enabled: true - provider: s3 - s3: - accessKey: test + credentials: test manualBackups: - name: today asserts: diff --git a/library/common-test/tests/cnpg/backup_spec_test.yaml b/library/common-test/tests/cnpg/backup_spec_test.yaml index d4e40a9b..47222c5e 100644 --- a/library/common-test/tests/cnpg/backup_spec_test.yaml +++ b/library/common-test/tests/cnpg/backup_spec_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should generate correct spec set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string manualBackups: - name: today - name: before-upgrade diff --git a/library/common-test/tests/cnpg/backup_validation_test.yaml b/library/common-test/tests/cnpg/backup_validation_test.yaml index 71e1613d..2bb1b803 100644 --- a/library/common-test/tests/cnpg/backup_validation_test.yaml +++ b/library/common-test/tests/cnpg/backup_validation_test.yaml @@ -7,14 +7,16 @@ release: tests: - it: should fail without name in manualBackups backup set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true backups: enabled: true - provider: azure - azure: - connectionString: some-connection-string + credentials: test manualBackups: - name: asserts: @@ -23,14 +25,16 @@ tests: - it: should fail with invalid name in manualBackups backup set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true backups: enabled: true - provider: azure - azure: - connectionString: some-connection-string + credentials: test manualBackups: - name: _invalid asserts: diff --git a/library/common-test/tests/cnpg/cluster_backup_spec_test.yaml b/library/common-test/tests/cnpg/cluster_backup_spec_test.yaml index 974c29b2..88e47455 100644 --- a/library/common-test/tests/cnpg/cluster_backup_spec_test.yaml +++ b/library/common-test/tests/cnpg/cluster_backup_spec_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should generate correct spec with backups (azure) set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string asserts: - documentIndex: &secretDoc 1 isKind: @@ -84,6 +86,10 @@ tests: - it: should generate correct spec with backups (google) set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -94,10 +100,9 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: google + credentials: test destinationPath: some-path - google: - applicationCredentials: some-credentials + asserts: - documentIndex: *secretDoc isKind: @@ -150,6 +155,12 @@ tests: - it: should generate correct spec with backups (s3) set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + url: some-url cnpg: my-pg: enabled: true @@ -160,12 +171,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: s3 + credentials: test destinationPath: some-path - endpointURL: some-url - s3: - accessKey: some-access-key - secretKey: some-secret-key asserts: - documentIndex: *secretDoc isKind: @@ -221,6 +228,12 @@ tests: - it: should use the revision when set in server name set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + url: some-url cnpg: my-pg: enabled: true @@ -231,13 +244,9 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: s3 + credentials: test destinationPath: some-path - endpointURL: some-url revision: some-revision - s3: - accessKey: some-access-key - secretKey: some-secret-key asserts: - documentIndex: *secretDoc isKind: @@ -293,6 +302,12 @@ tests: - it: should override serverName when set set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + url: some-url cnpg: my-pg: enabled: true @@ -303,13 +318,9 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: s3 + credentials: test destinationPath: some-path - endpointURL: some-url serverName: some-server-name - s3: - accessKey: some-access-key - secretKey: some-secret-key asserts: - documentIndex: *secretDoc isKind: @@ -365,6 +376,12 @@ tests: - it: should override serverName when set (and also take account revision) set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + url: some-url cnpg: my-pg: enabled: true @@ -375,14 +392,11 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: s3 + credentials: test destinationPath: some-path - endpointURL: some-url serverName: some-server-name revision: "1" - s3: - accessKey: some-access-key - secretKey: some-secret-key + asserts: - documentIndex: *secretDoc isKind: @@ -438,6 +452,10 @@ tests: - it: should generate correct spec with empty target set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -447,10 +465,8 @@ tests: backups: enabled: true retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string asserts: - documentIndex: &clusterDoc 0 isKind: diff --git a/library/common-test/tests/cnpg/cluster_recovery_spec_test.yaml b/library/common-test/tests/cnpg/cluster_recovery_spec_test.yaml index b33c1b34..ebb69eae 100644 --- a/library/common-test/tests/cnpg/cluster_recovery_spec_test.yaml +++ b/library/common-test/tests/cnpg/cluster_recovery_spec_test.yaml @@ -73,6 +73,11 @@ tests: - it: should generate correct spec with recovery/objectStore (google) set: + credentials: + test: + type: google + applicationCredentials: some-credentials + bucket: some-bucket cnpg: my-pg: enabled: true @@ -80,13 +85,10 @@ tests: database: test-db password: test-password mode: recovery + path: some-path recovery: method: object_store - provider: google - google: - applicationCredentials: some-credentials - bucket: some-bucket - path: some-path + credentials: test pitrTarget: time: "2021-01-01T00:00:00Z" asserts: @@ -146,6 +148,10 @@ tests: - it: should generate correct spec with recovery/objectStore (google - destinationPath) set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -155,10 +161,8 @@ tests: mode: recovery recovery: method: object_store - provider: google + credentials: test destinationPath: gs://some-bucket - google: - applicationCredentials: some-credentials pitrTarget: time: "2021-01-01T00:00:00Z" asserts: @@ -218,6 +222,13 @@ tests: - it: should generate correct spec with recovery/objectStore (s3) set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + bucket: some-bucket + region: some-region cnpg: my-pg: enabled: true @@ -225,15 +236,11 @@ tests: database: test-db password: test-password mode: recovery + path: some-path recovery: method: object_store - provider: s3 - s3: - accessKey: some-access-key - secretKey: some-secret-key - bucket: some-bucket - path: some-path - region: some-region + credentials: test + asserts: - documentIndex: *secretDoc isKind: @@ -292,6 +299,12 @@ tests: - it: should generate correct spec with recovery/objectStore (s3 - destinationPath/endpointURL) set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + url: some-endpoint-url cnpg: my-pg: enabled: true @@ -301,12 +314,9 @@ tests: mode: recovery recovery: method: object_store - provider: s3 + credentials: test destinationPath: s3://some-bucket - endpointURL: some-endpoint-url - s3: - accessKey: some-access-key - secretKey: some-secret-key + asserts: - documentIndex: *secretDoc isKind: @@ -365,6 +375,14 @@ tests: - it: should generate correct spec with recovery/objectStore (azure) set: + credentials: + test: + type: azure + connectionString: some-connection-string + storageAccount: some-storage-account + serviceName: some-service-name + containerName: some-container-name + cnpg: my-pg: enabled: true @@ -372,15 +390,10 @@ tests: database: test-db password: test-password mode: recovery + path: some-path recovery: method: object_store - provider: azure - azure: - connectionString: some-connection-string - storageAccount: some-storage-account - serviceName: some-service-name - containerName: some-container-name - path: some-path + credentials: test asserts: - documentIndex: *secretDoc isKind: @@ -447,6 +460,10 @@ tests: - it: should generate correct spec with recovery/objectStore (azure - destinationPath) set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -456,10 +473,8 @@ tests: mode: recovery recovery: method: object_store - provider: azure + credentials: test destinationPath: https://some-storage-account.some-service-name.core.windows.net/some-container-name - azure: - connectionString: some-connection-string asserts: - documentIndex: *secretDoc isKind: @@ -526,6 +541,10 @@ tests: - it: should use revision in serverName when set set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -535,11 +554,9 @@ tests: mode: recovery recovery: method: object_store - provider: google + credentials: test destinationPath: gs://some-bucket revision: some-revision - google: - applicationCredentials: some-credentials pitrTarget: time: "2021-01-01T00:00:00Z" asserts: @@ -599,6 +616,10 @@ tests: - it: should override serverName when set set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -608,11 +629,9 @@ tests: mode: recovery recovery: method: object_store - provider: google + credentials: test destinationPath: gs://some-bucket serverName: some-server-name - google: - applicationCredentials: some-credentials pitrTarget: time: "2021-01-01T00:00:00Z" asserts: @@ -672,6 +691,10 @@ tests: - it: should override serverName when set along with revision set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -681,12 +704,10 @@ tests: mode: recovery recovery: method: object_store - provider: google + credentials: test destinationPath: gs://some-bucket serverName: some-server-name revision: "20" - google: - applicationCredentials: some-credentials pitrTarget: time: "2021-01-01T00:00:00Z" asserts: diff --git a/library/common-test/tests/cnpg/cluster_validation_test.yaml b/library/common-test/tests/cnpg/cluster_validation_test.yaml index 2f2b9ea9..71f04d18 100644 --- a/library/common-test/tests/cnpg/cluster_validation_test.yaml +++ b/library/common-test/tests/cnpg/cluster_validation_test.yaml @@ -222,40 +222,12 @@ tests: - failedTemplate: errorMessage: CNPG Recovery - Expected a non-empty [recovery.backupName] key - - it: should fail with invalid provider on recovery method object_store - set: - cnpg: - my-pg: - enabled: true - user: test-user - database: test-db - password: test-password - mode: recovery - recovery: - method: object_store - provider: invalid - asserts: - - failedTemplate: - errorMessage: CNPG Recovery - Expected [recovery.provider] to be one of [azure, s3, google], but got [invalid] - - - it: should fail with missing "provider" key on recovery method object_store - set: - cnpg: - my-pg: - enabled: true - user: test-user - database: test-db - password: test-password - mode: recovery - recovery: - method: object_store - provider: google - asserts: - - failedTemplate: - errorMessage: CNPG Recovery - Expected [recovery.google] to be defined when [recovery.provider] is set to [google] - - it: should fail with missing destinationPath and google bucket on recovery method object_store set: + credentials: + test: + type: google + applicationCredentials: some-credentials cnpg: my-pg: enabled: true @@ -265,15 +237,18 @@ tests: mode: recovery recovery: method: object_store - provider: google - google: - applicationCredentials: some-credentials + credentials: test asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.google.bucket] or [recovery.destinationPath] - it: should fail with missing destinationPath and s3 bucket on recovery method object_store set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key cnpg: my-pg: enabled: true @@ -283,16 +258,19 @@ tests: mode: recovery recovery: method: object_store - provider: s3 - s3: - accessKey: some-access-key - secretKey: some-secret-key + credentials: test asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.s3.bucket] or [recovery.destinationPath] - it: should fail with missing endpointURL and s3 region on recovery method object_store set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + bucket: some-bucket cnpg: my-pg: enabled: true @@ -302,17 +280,17 @@ tests: mode: recovery recovery: method: object_store - provider: s3 - s3: - accessKey: some-access-key - secretKey: some-secret-key - bucket: some-bucket + credentials: test asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.s3.region] or [recovery.endpointURL] - it: should fail with missing destinationPath and azure storageAccount on recovery method object_store set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -322,15 +300,18 @@ tests: mode: recovery recovery: method: object_store - provider: azure - azure: - connectionString: some-connection-string + credentials: test asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.azure.storageAccount] or [recovery.destinationPath] - it: should fail with missing destinationPath and azure serviceName on recovery method object_store set: + credentials: + test: + type: azure + connectionString: some-connection-string + storageAccount: some-storage-account cnpg: my-pg: enabled: true @@ -340,16 +321,20 @@ tests: mode: recovery recovery: method: object_store - provider: azure - azure: - connectionString: some-connection-string - storageAccount: some-storage-account + credentials: test + asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.azure.serviceName] or [recovery.destinationPath] - it: should fail with missing destinationPath and azure containerName on recovery method object_store set: + credentials: + test: + type: azure + connectionString: some-connection-string + storageAccount: some-storage-account + serviceName: some-service-name cnpg: my-pg: enabled: true @@ -359,17 +344,18 @@ tests: mode: recovery recovery: method: object_store - provider: azure - azure: - connectionString: some-connection-string - storageAccount: some-storage-account - serviceName: some-service-name + credentials: test + asserts: - failedTemplate: errorMessage: CNPG Recovery - You need to specify [recovery.azure.containerName] or [recovery.destinationPath] - it: should fail with revision in backups not a string set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -378,10 +364,8 @@ tests: password: test-password backups: enabled: true - provider: azure + credentials: test revision: 5 - azure: - connectionString: some-connection-string target: primary asserts: - failedTemplate: @@ -389,6 +373,10 @@ tests: - it: should fail with invalid target when backups are enabled set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -397,9 +385,7 @@ tests: password: test-password backups: enabled: true - provider: azure - azure: - connectionString: some-connection-string + credentials: test target: invalid asserts: - failedTemplate: @@ -407,6 +393,11 @@ tests: - it: should fail with invalid retentionPolicy when backups are enabled set: + credentials: + test: + type: azure + connectionString: some-connection-string + applicationCredentials: some-credential cnpg: my-pg: enabled: true @@ -415,9 +406,7 @@ tests: password: test-password backups: enabled: true - provider: azure - azure: - connectionString: some-connection-string + credentials: test target: primary retentionPolicy: invalid asserts: @@ -426,6 +415,11 @@ tests: - it: should fail with missing destinationPath and google bucket on backups set: + credentials: + test: + type: google + connectionString: some-credentials + applicationCredentials: some-credential cnpg: my-pg: enabled: true @@ -434,17 +428,20 @@ tests: password: test-password backups: enabled: true - provider: google + credentials: test target: primary retentionPolicy: 1d - google: - applicationCredentials: some-credentials asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.google.bucket] or [backups.destinationPath] - it: should fail with missing destinationPath and s3 bucket on backups set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key cnpg: my-pg: enabled: true @@ -453,18 +450,22 @@ tests: password: test-password backups: enabled: true - provider: s3 + credentials: test target: primary retentionPolicy: 1d - s3: - accessKey: some-access-key - secretKey: some-secret-key + asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.s3.bucket] or [backups.destinationPath] - it: should fail with missing endpointURL and s3 region on backups set: + credentials: + test: + type: s3 + accessKey: some-access-key + secretKey: some-secret-key + bucket: some-bucket cnpg: my-pg: enabled: true @@ -473,19 +474,19 @@ tests: password: test-password backups: enabled: true - provider: s3 + credentials: test target: primary retentionPolicy: 1d - s3: - accessKey: some-access-key - secretKey: some-secret-key - bucket: some-bucket asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.s3.region] or [backups.endpointURL] - it: should fail with missing destinationPath and azure storageAccount on backups set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -494,17 +495,20 @@ tests: password: test-password backups: enabled: true - provider: azure + credentials: test target: primary retentionPolicy: 1d - azure: - connectionString: some-connection-string asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.azure.storageAccount] or [backups.destinationPath] - it: should fail with missing destinationPath and azure serviceName on backups set: + credentials: + test: + type: azure + connectionString: some-connection-string + storageAccount: some-storage-account cnpg: my-pg: enabled: true @@ -513,18 +517,21 @@ tests: password: test-password backups: enabled: true - provider: azure + credentials: test target: primary retentionPolicy: 1d - azure: - connectionString: some-connection-string - storageAccount: some-storage-account asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.azure.serviceName] or [backups.destinationPath] - it: should fail with missing destinationPath and azure containerName on backups set: + credentials: + test: + type: azure + connectionString: some-connection-string + storageAccount: some-storage-account + serviceName: some-service-name cnpg: my-pg: enabled: true @@ -533,13 +540,9 @@ tests: password: test-password backups: enabled: true - provider: azure + credentials: test target: primary retentionPolicy: 1d - azure: - connectionString: some-connection-string - storageAccount: some-storage-account - serviceName: some-service-name asserts: - failedTemplate: errorMessage: CNPG Backup - You need to specify [backups.azure.containerName] or [backups.destinationPath] diff --git a/library/common-test/tests/cnpg/scheduled_backup_metadata_test.yaml b/library/common-test/tests/cnpg/scheduled_backup_metadata_test.yaml index 5d105231..68b04fb9 100644 --- a/library/common-test/tests/cnpg/scheduled_backup_metadata_test.yaml +++ b/library/common-test/tests/cnpg/scheduled_backup_metadata_test.yaml @@ -9,6 +9,10 @@ release: tests: - it: should pass with cnpg scheduledBackup backup created with labels and annotations set: + credentials: + test: + type: azure + connectionString: some-connection-string label1: label1 label2: global_label2 label3: label3 @@ -44,10 +48,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string labels: label5: label5 annotations: @@ -106,6 +108,10 @@ tests: - it: should pass with cnpg scheduledBackup backup created with namespace set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -117,10 +123,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -133,6 +137,10 @@ tests: - it: should pass with cnpg scheduledBackup backup created with object namespace from tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: some-namespace cnpg: my-pg: @@ -145,10 +153,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -161,6 +167,10 @@ tests: - it: should pass with cnpg scheduledBackup backup created with namespace from global with tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: global-namespace global: namespace: "{{ .Values.key }}" @@ -174,10 +184,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -190,6 +198,10 @@ tests: - it: should pass with cnpg scheduledBackup backup created with namespace from root with tpl set: + credentials: + test: + type: azure + connectionString: some-connection-string key: local-namespace namespace: "{{ .Values.key }}" global: @@ -204,10 +216,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -220,6 +230,10 @@ tests: - it: should pass with cnpg scheduledBackup backup created with namespace in TrueNAS SCALE set: + credentials: + test: + type: azure + connectionString: some-connection-string global: ixChartContext: iAmNotEmpty: true @@ -235,10 +249,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" diff --git a/library/common-test/tests/cnpg/scheduled_backup_name_test.yaml b/library/common-test/tests/cnpg/scheduled_backup_name_test.yaml index c4a42f3b..31168349 100644 --- a/library/common-test/tests/cnpg/scheduled_backup_name_test.yaml +++ b/library/common-test/tests/cnpg/scheduled_backup_name_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should generate correct name set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -34,7 +36,7 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path azure: connectionString: some-connection-string diff --git a/library/common-test/tests/cnpg/scheduled_backup_spec_test.yaml b/library/common-test/tests/cnpg/scheduled_backup_spec_test.yaml index 3dde0808..3052ef34 100644 --- a/library/common-test/tests/cnpg/scheduled_backup_spec_test.yaml +++ b/library/common-test/tests/cnpg/scheduled_backup_spec_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should generate correct spec set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -17,10 +21,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" diff --git a/library/common-test/tests/cnpg/scheduled_backup_stop_test.yaml b/library/common-test/tests/cnpg/scheduled_backup_stop_test.yaml index bc9c7457..0e6ab589 100644 --- a/library/common-test/tests/cnpg/scheduled_backup_stop_test.yaml +++ b/library/common-test/tests/cnpg/scheduled_backup_stop_test.yaml @@ -7,6 +7,10 @@ release: tests: - it: should pass with hibernate set: + credentials: + test: + type: azure + connectionString: some-connection-string cnpg: my-pg: enabled: true @@ -18,10 +22,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -41,6 +43,10 @@ tests: - it: should set suspend on stopAll set: + credentials: + test: + type: azure + connectionString: some-connection-string global: stopAll: true cnpg: @@ -54,10 +60,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -77,6 +81,10 @@ tests: - it: should set suspend on ixChartContext - isStopped (true) set: + credentials: + test: + type: azure + connectionString: some-connection-string global: namespace: ix-something ixChartContext: @@ -93,10 +101,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" @@ -116,6 +122,10 @@ tests: - it: should not suspend on ixChartContext - isStopped (false) set: + credentials: + test: + type: azure + connectionString: some-connection-string global: namespace: ix-something ixChartContext: @@ -132,10 +142,8 @@ tests: enabled: true target: primary retentionPolicy: 10d - provider: azure + credentials: test destinationPath: some-path - azure: - connectionString: some-connection-string scheduledBackups: - name: daily schedule: "0 0 * * *" diff --git a/library/common/Chart.yaml b/library/common/Chart.yaml index 65627a3e..4ad9f07c 100644 --- a/library/common/Chart.yaml +++ b/library/common/Chart.yaml @@ -15,7 +15,7 @@ maintainers: name: common sources: null type: library -version: 21.0.1 +version: 22.0.0 annotations: artifacthub.io/category: "integration-delivery" artifacthub.io/license: "BUSL-1.1" diff --git a/library/common/templates/lib/cnpg/barmanObjectStore/_azure.tpl b/library/common/templates/lib/cnpg/barmanObjectStore/_azure.tpl index cf5ce360..6dc3bb6c 100644 --- a/library/common/templates/lib/cnpg/barmanObjectStore/_azure.tpl +++ b/library/common/templates/lib/cnpg/barmanObjectStore/_azure.tpl @@ -28,7 +28,7 @@ {{- if not $data.containerName -}} {{- fail (printf "CNPG %s - You need to specify [%s.azure.containerName] or [%s.destinationPath]" ($type | camelcase) $key $key) -}} {{- end -}} - {{- $destinationPath = (printf "https://%s.%s.core.windows.net/%s/%s" $data.storageAccount $data.serviceName $data.containerName (($data.path | default "/") | trimSuffix "/")) -}} + {{- $destinationPath = (printf "https://%s.%s.core.windows.net/%s/%s" $data.storageAccount $data.serviceName $data.containerName (($objectData.path | default "/") | trimSuffix "/")) -}} {{- end }} endpointURL: {{ $endpointURL }} destinationPath: {{ $destinationPath }} diff --git a/library/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl b/library/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl index 21edf552..b41b2981 100644 --- a/library/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl +++ b/library/common/templates/lib/cnpg/barmanObjectStore/_getData.tpl @@ -7,9 +7,11 @@ {{- $endpointURL := "" -}} {{- $destinationPath := "" -}} {{- $key := "" -}} + {{- $creds := dict -}} {{- if eq $type "recovery" -}} - {{- $endpointURL = $objectData.recovery.endpointURL -}} + {{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} + {{- $endpointURL = $creds.url -}} {{- $destinationPath = $objectData.recovery.destinationPath -}} {{- $key = "recovery" -}} @@ -21,8 +23,8 @@ {{- end -}} {{- else if eq $type "backup" -}} - - {{- $endpointURL = $objectData.backups.endpointURL -}} + {{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} + {{- $endpointURL = $creds.url -}} {{- $destinationPath = $objectData.backups.destinationPath -}} {{- $key = "backups" -}} diff --git a/library/common/templates/lib/cnpg/barmanObjectStore/_google.tpl b/library/common/templates/lib/cnpg/barmanObjectStore/_google.tpl index 243f0397..2aa2da95 100644 --- a/library/common/templates/lib/cnpg/barmanObjectStore/_google.tpl +++ b/library/common/templates/lib/cnpg/barmanObjectStore/_google.tpl @@ -27,7 +27,7 @@ {{- if not $data.bucket -}} {{- fail (printf "CNPG %s - You need to specify [%s.google.bucket] or [%s.destinationPath]" ($type | camelcase) $key $key) -}} {{- end -}} - {{- $destinationPath = (printf "gs://%s/%s" $data.bucket (($data.path | default "/") | trimSuffix "/")) -}} + {{- $destinationPath = (printf "gs://%s/%s" $data.bucket (($objectData.path | default "/") | trimSuffix "/")) -}} {{- end }} endpointURL: {{ $endpointURL }} destinationPath: {{ $destinationPath }} diff --git a/library/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl b/library/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl index 7aa6a6a7..659fc96e 100644 --- a/library/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl +++ b/library/common/templates/lib/cnpg/barmanObjectStore/_s3.tpl @@ -22,7 +22,7 @@ {{- if not $data.bucket -}} {{- fail (printf "CNPG %s - You need to specify [%s.s3.bucket] or [%s.destinationPath]" ($type | camelcase) $key $key) -}} {{- end -}} - {{- $destinationPath = (printf "s3://%s/%s" $data.bucket (($data.path | default "/") | trimSuffix "/")) -}} + {{- $destinationPath = (printf "s3://%s/%s" $data.bucket (($objectData.path | default "/") | trimSuffix "/")) -}} {{- end -}} {{- if not $endpointURL -}} {{- if not $data.region -}} diff --git a/library/common/templates/lib/cnpg/cluster/_backup.tpl b/library/common/templates/lib/cnpg/cluster/_backup.tpl index 18a786da..bec27a24 100644 --- a/library/common/templates/lib/cnpg/cluster/_backup.tpl +++ b/library/common/templates/lib/cnpg/cluster/_backup.tpl @@ -14,8 +14,9 @@ backup: compression: gzip encryption: AES256 jobs: {{ $objectData.backups.jobs | default 2 }} - {{- $provider := $objectData.backups.provider -}} {{/* Fetch provider data */}} - {{- $data := (get $objectData.backups $provider) -}} - {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $data "type" "backup") | nindent 4 -}} + {{/* Get the creds defined in backup.$provider */}} + {{- $creds := (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} + {{ $provider := $creds.type -}} + {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "backup") | nindent 4 -}} {{- end -}} diff --git a/library/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl b/library/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl index 3208cbd3..6798cf25 100644 --- a/library/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl +++ b/library/common/templates/lib/cnpg/cluster/_bootstrapRecoveryExternalCluster.tpl @@ -12,9 +12,10 @@ externalClusters: - name: {{ $serverName }} barmanObjectStore: - {{- $provider := $objectData.recovery.provider -}} {{/* Fetch provider data */}} - {{- $data := (get $objectData.recovery $provider) -}} - {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $data "type" "recovery") | nindent 6 -}} - {{- end -}} + {{/* Get the creds defined in backup.$provider */}} + {{- $creds := (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} + {{ $provider := $creds.type -}} + {{- include (printf "tc.v1.common.lib.cnpg.cluster.barmanObjectStoreConfig.%s" $provider) (dict "rootCtx" $rootCtx "objectData" $objectData "data" $creds "type" "recovery") | nindent 6 -}} + {{- end -}} {{- end -}} diff --git a/library/common/templates/lib/cnpg/providers/_backupValidation.tpl b/library/common/templates/lib/cnpg/providers/_backupValidation.tpl deleted file mode 100644 index a612b7ad..00000000 --- a/library/common/templates/lib/cnpg/providers/_backupValidation.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.provider.backupValidation" -}} - {{- $objectData := .objectData -}} - {{- $provider := $objectData.backups.provider -}} - - {{- include "tc.v1.common.lib.cnpg.provider.validation" (dict - "objectData" $objectData - "key" "backups" "caller" "CNPG Backup" - "provider" $provider) -}} - - {{- if not (get $objectData.backups $provider) -}} - {{- fail (printf "CNPG Backup - Expected [backups.%s] to be defined when [backups.provider] is set to [%s]" $provider $provider) -}} - {{- end -}} - -{{- end -}} diff --git a/library/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl b/library/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl index 031d98b5..c999d9f1 100644 --- a/library/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl +++ b/library/common/templates/lib/cnpg/providers/_providerSecretSpawner.tpl @@ -10,15 +10,13 @@ {{- $provider := "" -}} {{- $creds := dict -}} {{- if eq $type "backup" -}} - {{- include "tc.v1.common.lib.cnpg.provider.backupValidation" (dict "objectData" $objectData) -}} - {{- $provider = $objectData.backups.provider -}} {{/* Get the creds defined in backup.$provider */}} - {{- $creds = (get $objectData.backups $provider) -}} + {{- $creds = (get $rootCtx.Values.credentials $objectData.backups.credentials) -}} + {{- $provider = $creds.type -}} {{- else if eq $type "recovery" -}} - {{- include "tc.v1.common.lib.cnpg.provider.recoveryValidation" (dict "objectData" $objectData) -}} - {{- $provider = $objectData.recovery.provider -}} {{/* Get the creds defined in recovery.$provider */}} - {{- $creds = (get $objectData.recovery $provider) -}} + {{- $creds = (get $rootCtx.Values.credentials $objectData.recovery.credentials) -}} + {{- $provider = $creds.type -}} {{- end -}} {{- include (printf "tc.v1.common.lib.cnpg.provider.%s.validation" $provider) (dict "objectData" $objectData "creds" $creds) -}} diff --git a/library/common/templates/lib/cnpg/providers/_recoveryValidation.tpl b/library/common/templates/lib/cnpg/providers/_recoveryValidation.tpl deleted file mode 100644 index f7cff9b2..00000000 --- a/library/common/templates/lib/cnpg/providers/_recoveryValidation.tpl +++ /dev/null @@ -1,14 +0,0 @@ -{{- define "tc.v1.common.lib.cnpg.provider.recoveryValidation" -}} - {{- $objectData := .objectData -}} - {{- $provider := $objectData.recovery.provider -}} - - {{- include "tc.v1.common.lib.cnpg.provider.validation" (dict - "objectData" $objectData - "key" "recovery" "caller" "CNPG Recovery" - "provider" $provider) -}} - - {{- if not (get $objectData.recovery $provider) -}} - {{- fail (printf "CNPG Recovery - Expected [recovery.%s] to be defined when [recovery.provider] is set to [%s]" $provider $provider) -}} - {{- end -}} - -{{- end -}} diff --git a/library/common/values.yaml b/library/common/values.yaml index aceee9cc..2535a3de 100644 --- a/library/common/values.yaml +++ b/library/common/values.yaml @@ -236,6 +236,22 @@ credentials: {} # encrKey: "" + # azure: + # connectionString: "" + # storageAccount: "" + # storageKey: "" + # storageSasToken: "" + # containerName: "" + # serviceName: blob + # inheritFromAzureAD: false + + ## TODO: Add support for google: + # google: + # bucket: "" + # gkeEnvironment: false + # applicationCredentials: "" + + # -- (docs/persistence/README.md) persistence: shared: @@ -1101,44 +1117,18 @@ cnpg: # Object Store Recovery Method clusterName: "" - # Overrides the provider specific default endpoint. Defaults to: - # S3: https://s3..amazonaws.com" - endpointURL: "" # Leave empty if using the default S3 endpoint + # Overrides the provider specific default path. Defaults to: # S3: s3:// # Azure: https://..core.windows.net/ # Google: gs:// destinationPath: "" - provider: s3 # One of s3, azure, google - s3: - region: "" - bucket: "" - path: "/" - accessKey: "" - secretKey: "" - azure: - path: "/" - connectionString: "" - storageAccount: "" - storageKey: "" - storageSasToken: "" - containerName: "" - serviceName: blob - inheritFromAzureAD: false - google: - path: "/" - bucket: "" - gkeEnvironment: false - applicationCredentials: "" + path: "/" # Database cluster backup configuration backups: enabled: false # You need to configure backups manually, so backups are disabled by default. - # Overrides the provider specific default endpoint. Defaults to: - # S3: https://s3..amazonaws.com" - endpointURL: "" # Leave empty if using the default S3 endpoint - ## set a revision to append to the serverName to ensure restore and backup dont target the same thing # revision: 1 @@ -1150,29 +1140,13 @@ cnpg: # Azure: https://..core.windows.net/ # Google: gs:// destinationPath: "" + # default: primary, other option prefer-standby target: "" - provider: s3 - s3: - region: "" - bucket: "" - path: "/" - accessKey: "" - secretKey: "" - azure: - path: "/" - connectionString: "" - storageAccount: "" - storageKey: "" - storageSasToken: "" - containerName: "" - serviceName: blob - inheritFromAzureAD: false - google: - path: "/" - bucket: "" - gkeEnvironment: false - applicationCredentials: "" + + # name of credentials in .Values.Credentials + credentials: "" + path: "/" scheduledBackups: - name: daily-backup # Daily at midnight