zitadel/operator/database/kinds/backups/s3/list.go

package s3

import (
	"context"
	"fmt"
	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/config"
	"github.com/aws/aws-sdk-go-v2/credentials"
	"github.com/aws/aws-sdk-go-v2/service/s3"
	"github.com/caos/orbos/mntr"
	"github.com/caos/orbos/pkg/kubernetes"
	"github.com/caos/orbos/pkg/secret/read"
	"github.com/caos/orbos/pkg/tree"
	"github.com/caos/zitadel/operator/database/kinds/backups/core"
	"strings"
)

func BackupList() core.BackupListFunc {
	return func(monitor mntr.Monitor, k8sClient kubernetes.ClientInt, name string, desired *tree.Tree) ([]string, error) {
		desiredKind, err := ParseDesiredV0(desired)
		if err != nil {
			return nil, fmt.Errorf("parsing desired state failed: %s", err)
		}
		desired.Parsed = desiredKind

		if !monitor.IsVerbose() && desiredKind.Spec.Verbose {
			monitor.Verbose()
		}

		valueAKI, err := read.GetSecretValue(k8sClient, desiredKind.Spec.AccessKeyID, desiredKind.Spec.ExistingAccessKeyID)
		if err != nil {
			return nil, err
		}

		valueSAK, err := read.GetSecretValue(k8sClient, desiredKind.Spec.SecretAccessKey, desiredKind.Spec.ExistingSecretAccessKey)
		if err != nil {
			return nil, err
		}

		valueST, err := read.GetSecretValue(k8sClient, desiredKind.Spec.SessionToken, desiredKind.Spec.ExistingSessionToken)
		if err != nil {
			return nil, err
		}

		return listFilesWithFilter(valueAKI, valueSAK, valueST, desiredKind.Spec.Region, desiredKind.Spec.Endpoint, desiredKind.Spec.Bucket, name)
	}
}

func listFilesWithFilter(akid, secretkey, sessionToken string, region string, endpoint string, bucketName, name string) ([]string, error) {
	customResolver := aws.EndpointResolverFunc(func(service, region string) (aws.Endpoint, error) {
		return aws.Endpoint{
			URL:           "https://" + endpoint,
			SigningRegion: region,
		}, nil
	})

	cfg, err := config.LoadDefaultConfig(
		context.Background(),
		config.WithRegion(region),
		config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(akid, secretkey, sessionToken)),
		config.WithEndpointResolver(customResolver),
	)
	if err != nil {
		return nil, err
	}

	client := s3.NewFromConfig(cfg)

	prefix := name + "/"
	params := &s3.ListObjectsV2Input{
		Bucket: aws.String(bucketName),
		Prefix: aws.String(prefix),
	}
	paginator := s3.NewListObjectsV2Paginator(client, params, func(o *s3.ListObjectsV2PaginatorOptions) {
		o.Limit = 10
	})

	names := make([]string, 0)
	for paginator.HasMorePages() {
		output, err := paginator.NextPage(context.Background())
		if err != nil {
			return nil, err
		}
		for _, value := range output.Contents {
			if strings.HasPrefix(*value.Key, prefix) {
				parts := strings.Split(*value.Key, "/")
				if len(parts) < 2 {
					continue
				}
				found := false
				for _, name := range names {
					if name == parts[1] {
						found = true
					}
				}
				if !found {
					names = append(names, parts[1])
				}
				names = append(names)
			}

		}
	}
	return names, nil
}
feat(crdb): use crdb native backup and s3 backup added (#1915) * fix(zitadelctl): implement takedown command * fix(zitadelctl): correct destroy flow * fix(zitadelctl): correct backup commands to read crds beforehand * fix: add of destroyfile * fix: clean for userlist * fix: change backup and restore to crdb native * fix: timeout for delete pvc for cockroachdb * fix: corrected unit tests * fix: add ignored file for scale * fix: correct handling of gitops in backup command * feat: add s3 backup kind * fix: backuplist for s3 and timeout for pv deletion * fix(database): fix nil pointer with binary version * fix(database): cleanup of errors which cam with merging of the s3 logic * fix: correct unit tests * fix: cleanup monitor output Co-authored-by: Elio Bischof <eliobischof@gmail.com> * fix: backup imagepullpolixy to ifnotpresent Co-authored-by: Elio Bischof <eliobischof@gmail.com> 2021-10-13 12:34:03 +00:00			`package s3`

			`import (`
			`"context"`
			`"fmt"`
			`"github.com/aws/aws-sdk-go-v2/aws"`
			`"github.com/aws/aws-sdk-go-v2/config"`
			`"github.com/aws/aws-sdk-go-v2/credentials"`
			`"github.com/aws/aws-sdk-go-v2/service/s3"`
			`"github.com/caos/orbos/mntr"`
			`"github.com/caos/orbos/pkg/kubernetes"`
			`"github.com/caos/orbos/pkg/secret/read"`
			`"github.com/caos/orbos/pkg/tree"`
			`"github.com/caos/zitadel/operator/database/kinds/backups/core"`
			`"strings"`
			`)`

			`func BackupList() core.BackupListFunc {`
			`return func(monitor mntr.Monitor, k8sClient kubernetes.ClientInt, name string, desired *tree.Tree) ([]string, error) {`
			`desiredKind, err := ParseDesiredV0(desired)`
			`if err != nil {`
			`return nil, fmt.Errorf("parsing desired state failed: %s", err)`
			`}`
			`desired.Parsed = desiredKind`

			`if !monitor.IsVerbose() && desiredKind.Spec.Verbose {`
			`monitor.Verbose()`
			`}`

			`valueAKI, err := read.GetSecretValue(k8sClient, desiredKind.Spec.AccessKeyID, desiredKind.Spec.ExistingAccessKeyID)`
			`if err != nil {`
			`return nil, err`
			`}`

			`valueSAK, err := read.GetSecretValue(k8sClient, desiredKind.Spec.SecretAccessKey, desiredKind.Spec.ExistingSecretAccessKey)`
			`if err != nil {`
			`return nil, err`
			`}`

			`valueST, err := read.GetSecretValue(k8sClient, desiredKind.Spec.SessionToken, desiredKind.Spec.ExistingSessionToken)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return listFilesWithFilter(valueAKI, valueSAK, valueST, desiredKind.Spec.Region, desiredKind.Spec.Endpoint, desiredKind.Spec.Bucket, name)`
			`}`
			`}`

			`func listFilesWithFilter(akid, secretkey, sessionToken string, region string, endpoint string, bucketName, name string) ([]string, error) {`
			`customResolver := aws.EndpointResolverFunc(func(service, region string) (aws.Endpoint, error) {`
			`return aws.Endpoint{`
			`URL: "https://" + endpoint,`
			`SigningRegion: region,`
			`}, nil`
			`})`

			`cfg, err := config.LoadDefaultConfig(`
			`context.Background(),`
			`config.WithRegion(region),`
			`config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(akid, secretkey, sessionToken)),`
			`config.WithEndpointResolver(customResolver),`
			`)`
			`if err != nil {`
			`return nil, err`
			`}`

			`client := s3.NewFromConfig(cfg)`

			`prefix := name + "/"`
			`params := &s3.ListObjectsV2Input{`
			`Bucket: aws.String(bucketName),`
			`Prefix: aws.String(prefix),`
			`}`
			`paginator := s3.NewListObjectsV2Paginator(client, params, func(o *s3.ListObjectsV2PaginatorOptions) {`
			`o.Limit = 10`
			`})`

			`names := make([]string, 0)`
			`for paginator.HasMorePages() {`
			`output, err := paginator.NextPage(context.Background())`
			`if err != nil {`
			`return nil, err`
			`}`
			`for _, value := range output.Contents {`
			`if strings.HasPrefix(*value.Key, prefix) {`
			`parts := strings.Split(*value.Key, "/")`
			`if len(parts) < 2 {`
			`continue`
			`}`
			`found := false`
			`for _, name := range names {`
			`if name == parts[1] {`
			`found = true`
			`}`
			`}`
			`if !found {`
			`names = append(names, parts[1])`
			`}`
			`names = append(names)`
			`}`

			`}`
			`}`
			`return names, nil`
			`}`