airship/porthole
Code Issues Proposed changes

Fix backup/restore bug for remote backup disabled case

Browse Source 
Currently, if you try to start an on-demand container using the
"utilscli dbutils" command, on a site where remote backup has been
disabled, then the on-demand container will get a container create error
saying that it cannot read the backup-user secret (which does not get
generated when remote backup is disabled).

This patchset disables the reading of variables from the backup-user
secret (aka, the rgw secret) if remote backup is disabled.

Change-Id: I326a5b812f6b13d7dd42f4d3e339ba0d37eef538
This commit is contained in:
Parsons, Cliff (cp769u)
2020-07-17 22:16:55 +00:00
parent 8be19b8fe4
commit bfaeab4597
3 changed files with 51 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
charts/postgresql-utility/templates/bin/utility/_pg_ondemand_job.sh.tpl
View File

@@ -8,17 +8,20 @@ if [[ $POSTGRESQL_POD_NAMESPACE == "" ]]; then
exit 1
fi
export POSTGRESQL_RGW_SECRET={{ $envAll.Values.conf.postgresql_backup_restore.secrets.rgw_secret }}
export POSTGRESQL_CONF_SECRET={{ $envAll.Values.conf.postgresql_backup_restore.secrets.conf_secret }}
export POSTGRESQL_IMAGE_NAME=$(kubectl get cronjob -n ucp postgresql-backup -o yaml -o jsonpath="{range .spec.jobTemplate.spec.template.spec.containers[*]}{.image}{'\n'}{end}" | grep postgresql-utility)
export POSTGRESQL_BACKUP_BASE_PATH=$(kubectl get secret -o yaml -n ${POSTGRESQL_POD_NAMESPACE} ${POSTGRESQL_CONF_SECRET} | grep BACKUP_BASE_PATH | awk '{print $2}' | base64 -d)
POSTGRESQL_REMOTE_BACKUP_ENABLED=$(kubectl get secret -o yaml -n ${POSTGRESQL_POD_NAMESPACE} ${POSTGRESQL_CONF_SECRET} | grep REMOTE_BACKUP_ENABLED | awk '{print $2}' | base64 -d)
export POSTGRESQL_REMOTE_BACKUP_ENABLED=$(echo $POSTGRESQL_REMOTE_BACKUP_ENABLED | sed 's/"//g')
if [[ $POSTGRESQL_IMAGE_NAME == "" ]]; then
echo "Cannot find the utility image for populating POSTGRESQL_IMAGE_NAME variable."
exit 1
fi
cat <<EOF | kubectl create -n $POSTGRESQL_POD_NAMESPACE -f -
export TMP_FILE=$(mktemp -p /tmp)
cat > $TMP_FILE << EOF
---
apiVersion: batch/v1
kind: Job
@@ -104,6 +107,11 @@ spec:
name: ${POSTGRESQL_CONF_SECRET}
- name: OS_IDENTITY_API_VERSION
value: "3"
EOF
if $POSTGRESQL_REMOTE_BACKUP_ENABLED; then
export POSTGRESQL_RGW_SECRET={{ $envAll.Values.conf.postgresql_backup_restore.secrets.rgw_secret }}
cat >> $TMP_FILE << EOF
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
@@ -139,6 +147,10 @@ spec:
secretKeyRef:
name: ${POSTGRESQL_RGW_SECRET}
key: OS_PASSWORD
EOF
fi
cat >> $TMP_FILE << EOF
volumeMounts:
- name: pod-tmp
mountPath: /tmp
@@ -180,3 +192,6 @@ spec:
persistentVolumeClaim:
claimName: postgresql-backup-data
EOF
kubectl create -n $POSTGRESQL_POD_NAMESPACE -f $TMP_FILE
rm -rf $TMP_FILE