Added failover openrc environment variables

This PS adds failover OpenRC environment variables
to the keystone_openrc_failover_env_vars.tpl
snippet and includes this snippet in the mariadb,
mariadb-backup, and postgresql backup cron job
templates.

Change-Id: I54b9aff48d1b3d801f00680e9d8721050c6a4b29
Signed-off-by: Sergiy Markin <smarkin@mirantis.com>

helm-toolkit/templates/snippets/_keystone_openrc_failover_env_vars.tpl

@@ -0,0 +1,116 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{/*
+abstract: |
+  Returns a set of container failover environment variables, equivlant to an openrc for
+  use with keystone based command line clients.
+values: |
+  secrets:
+    identity:
+      admin: example-keystone-admin
+usage: |
+  {{ include "helm-toolkit.snippets.keystone_openrc_failover_env_vars" ( dict "ksUserSecret" .Values.secrets.identity.admin ) }}
+return: |
+  - name: OS_AUTH_URL_FAILOVER
+    valueFrom:
+      secretKeyRef:
+        name: example-keystone-admin
+        key: OS_AUTH_URL_FAILOVER
+  - name: OS_REGION_NAME_FAILOVER
+    valueFrom:
+      secretKeyRef:
+        name: example-keystone-admin
+        key: OS_REGION_NAME_FAILOVER
+  - name: OS_INTERFACE_FAILOVER
+    valueFrom:
+      secretKeyRef:
+        name: example-keystone-admin
+        key: OS_INTERFACE_FAILOVER
+  - name: OS_PROJECT_DOMAIN_NAME_FAILOVER
+    valueFrom:
+      secretKeyRef:
+        name: example-keystone-admin
+        key: OS_PROJECT_DOMAIN_NAME_FAILOVER
+  - name: OS_PROJECT_NAME_FAILOVER
+    valueFrom:
+      secretKeyRef:
+        name: example-keystone-admin
+        key: OS_PROJECT_NAME_FAILOVER
+  - name: OS_USER_DOMAIN_NAME_FAILOVER
+    valueFrom:
+      secretKeyRef:
+        name: example-keystone-admin
+        key: OS_USER_DOMAIN_NAME_FAILOVER
+  - name: OS_USERNAME_FAILOVER
+    valueFrom:
+      secretKeyRef:
+        name: example-keystone-admin
+        key: OS_USERNAME_FAILOVER
+  - name: OS_PASSWORD_FAILOVER
+    valueFrom:
+      secretKeyRef:
+        name: example-keystone-admin
+        key: OS_PASSWORD_FAILOVER
+*/}}
+
+{{- define "helm-toolkit.snippets.keystone_openrc_failover_env_vars" }}
+{{- $useCA := .useCA -}}
+{{- $ksUserSecret := .ksUserSecret }}
+- name: OS_AUTH_URL_FAILOVER
+  valueFrom:
+    secretKeyRef:
+      name: {{ $ksUserSecret }}
+      key: OS_AUTH_URL_FAILOVER
+- name: OS_REGION_NAME_FAILOVER
+  valueFrom:
+    secretKeyRef:
+      name: {{ $ksUserSecret }}
+      key: OS_REGION_NAME_FAILOVER
+- name: OS_INTERFACE_FAILOVER
+  valueFrom:
+    secretKeyRef:
+      name: {{ $ksUserSecret }}
+      key: OS_INTERFACE_FAILOVER
+- name: OS_PROJECT_DOMAIN_NAME_FAILOVER
+  valueFrom:
+    secretKeyRef:
+      name: {{ $ksUserSecret }}
+      key: OS_PROJECT_DOMAIN_NAME_FAILOVER
+- name: OS_PROJECT_NAME_FAILOVER
+  valueFrom:
+    secretKeyRef:
+      name: {{ $ksUserSecret }}
+      key: OS_PROJECT_NAME_FAILOVER
+- name: OS_USER_DOMAIN_NAME_FAILOVER
+  valueFrom:
+    secretKeyRef:
+      name: {{ $ksUserSecret }}
+      key: OS_USER_DOMAIN_NAME_FAILOVER
+- name: OS_USERNAME_FAILOVER
+  valueFrom:
+    secretKeyRef:
+      name: {{ $ksUserSecret }}
+      key: OS_USERNAME_FAILOVER
+- name: OS_PASSWORD_FAILOVER
+  valueFrom:
+    secretKeyRef:
+      name: {{ $ksUserSecret }}
+      key: OS_PASSWORD_FAILOVER
+- name: OS_DEFAULT_DOMAIN_FAILOVER
+  valueFrom:
+    secretKeyRef:
+      name: {{ $ksUserSecret }}
+      key: OS_DEFAULT_DOMAIN_FAILOVER
+{{- end }}

mariadb-backup/templates/cron-job-backup-mariadb.yaml

@@ -16,6 +16,7 @@ limitations under the License.
 {{- $envAll := . }}
 
 {{- $serviceAccountName := "mariadb-backup" }}
+{{- $failoverUserClass := .Values.conf.backup.remote_backup.failover_user_class }}
 {{ tuple $envAll "mariadb_backup" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
 ---
 apiVersion: batch/v1
@@ -144,6 +145,10 @@ spec:
                   value: {{ .Values.conf.backup.remote_backup.throttle_backups.container_name | quote }}
 {{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.mariadb }}
 {{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 16 }}
+{{- $failoverIdentityClass := index $envAll.Values.endpoints.identity.auth $failoverUserClass }}
+{{- if $failoverIdentityClass }}
+{{- include "helm-toolkit.snippets.keystone_openrc_failover_env_vars" $env | indent 16 }}
+{{- end }}
 {{- end }}
 {{- end }}
 {{ tuple $envAll "mariadb_backup" | include "helm-toolkit.snippets.image" | indent 14 }}

mariadb/templates/cron-job-backup-mariadb.yaml

@@ -16,6 +16,7 @@ limitations under the License.
 {{- $envAll := . }}
 
 {{- $serviceAccountName := "mariadb-backup" }}
+{{- $failoverUserClass := .Values.conf.backup.remote_backup.failover_user_class }}
 {{ tuple $envAll "mariadb_backup" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
 ---
 apiVersion: batch/v1
@@ -144,6 +145,10 @@ spec:
                   value: {{ .Values.conf.backup.remote_backup.throttle_backups.container_name | quote }}
 {{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.mariadb }}
 {{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 16 }}
+{{- $failoverIdentityClass := index $envAll.Values.endpoints.identity.auth $failoverUserClass }}
+{{- if $failoverIdentityClass }}
+{{- include "helm-toolkit.snippets.keystone_openrc_failover_env_vars" $env | indent 16 }}
+{{- end }}
 {{- end }}
 {{- end }}
 {{ tuple $envAll "mariadb_backup" | include "helm-toolkit.snippets.image" | indent 14 }}

postgresql/templates/cron-job-backup-postgres.yaml

@@ -16,6 +16,7 @@ limitations under the License.
 {{- $envAll := . }}
 
 {{- $serviceAccountName := "postgresql-backup" }}
+{{- $failoverUserClass := .Values.conf.backup.remote_backup.failover_user_class }}
 {{ tuple $envAll "postgresql_backup" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
 ---
 apiVersion: batch/v1
@@ -134,6 +135,10 @@ spec:
                   value: {{ .Values.conf.backup.remote_backup.throttle_backups.container_name | quote }}
 {{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.postgresql }}
 {{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 16 }}
+{{- $failoverIdentityClass := index $envAll.Values.endpoints.identity.auth $failoverUserClass }}
+{{- if $failoverIdentityClass }}
+{{- include "helm-toolkit.snippets.keystone_openrc_failover_env_vars" $env | indent 16 }}
+{{- end }}
 {{- end }}
 {{- end }}
               volumeMounts:

releasenotes/notes/helm-toolkit-81cf091a301877ff.yaml

@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Added new snippet to include failover OpenRC environment variables in backup cron jobs for
+    MariaDB and PostgreSQL charts.
+...

releasenotes/notes/mariadb-0cb94bb0ae8cf38a.yaml

@@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    Added failover openrc environment variables to database backup cron jobs.
+...

releasenotes/notes/mariadb-backup-58c8a77f9c03bae8.yaml

@@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    Added failover openrc environment variables to database backup cron jobs.
+...

releasenotes/notes/postgresql-4ee4e72706f17d8a.yaml

@@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    Added failover openrc environment variables to database backup cron jobs.
+...

values_overrides/mariadb/backups.yaml

@@ -3,7 +3,7 @@ conf:
   backup:
     enabled: true
     remote_backup:
-      enabled: false
+      enabled: true
 volume:
   backup:
     enabled: true
@@ -12,4 +12,25 @@ manifests:
   job_ks_user: false
   cron_job_mariadb_backup: true
   secret_backup_restore: true
+endpoints:
+  identity:
+    auth:
+      mariadb:
+        auth_url: null
+        role: admin
+        region_name: RegionOne
+        username: mariadb-backup-user
+        password: password
+        project_name: service
+        user_domain_name: service
+        project_domain_name: service
+      mariadb_failover:
+        auth_url: null
+        role: admin
+        region_name: RegionOne
+        username: mariadb-backup-user-failover
+        password: password
+        project_name: service
+        user_domain_name: service
+        project_domain_name: service
 ...

values_overrides/postgresql/backups.yaml

@@ -3,7 +3,7 @@ conf:
   backup:
     enabled: true
     remote_backup:
-      enabled: false
+      enabled: true
 volume:
   backup:
     enabled: true
@@ -12,4 +12,25 @@ manifests:
   job_ks_user: false
   cron_job_postgresql_backup: true
   secret_backup_restore: true
+endpoints:
+  identity:
+    auth:
+      postgresql:
+        auth_url: null
+        role: admin
+        region_name: RegionOne
+        username: postgresql-backup-user
+        password: password
+        project_name: service
+        user_domain_name: service
+        project_domain_name: service
+      postgresql_failover:
+        auth_url: null
+        role: admin
+        region_name: RegionOne
+        username: postgresql-backup-user-failover
+        password: password
+        project_name: service
+        user_domain_name: service
+        project_domain_name: service
 ...