mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-16 12:58:00 +00:00
425a8b5fd5
* fix(zitadelctl): implement takedown command * fix(zitadelctl): correct destroy flow * fix(zitadelctl): correct backup commands to read crds beforehand * fix: add of destroyfile * fix: clean for userlist * fix: change backup and restore to crdb native * fix: timeout for delete pvc for cockroachdb * fix: corrected unit tests * fix: add ignored file for scale * fix: correct handling of gitops in backup command * feat: add s3 backup kind * fix: backuplist for s3 and timeout for pv deletion * fix(database): fix nil pointer with binary version * fix(database): cleanup of errors which cam with merging of the s3 logic * fix: correct unit tests * fix: cleanup monitor output Co-authored-by: Elio Bischof <eliobischof@gmail.com> * fix: backup imagepullpolixy to ifnotpresent Co-authored-by: Elio Bischof <eliobischof@gmail.com>
128 lines
2.9 KiB
Go
128 lines
2.9 KiB
Go
package backup
|
|
|
|
import (
|
|
"github.com/caos/orbos/pkg/labels"
|
|
"github.com/caos/zitadel/operator/helpers"
|
|
batchv1 "k8s.io/api/batch/v1"
|
|
"k8s.io/api/batch/v1beta1"
|
|
corev1 "k8s.io/api/core/v1"
|
|
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
)
|
|
|
|
func getCronJob(
|
|
namespace string,
|
|
nameLabels *labels.Name,
|
|
cron string,
|
|
jobSpecDef batchv1.JobSpec,
|
|
) *v1beta1.CronJob {
|
|
return &v1beta1.CronJob{
|
|
ObjectMeta: v1.ObjectMeta{
|
|
Name: nameLabels.Name(),
|
|
Namespace: namespace,
|
|
Labels: labels.MustK8sMap(nameLabels),
|
|
},
|
|
Spec: v1beta1.CronJobSpec{
|
|
Schedule: cron,
|
|
ConcurrencyPolicy: v1beta1.ForbidConcurrent,
|
|
JobTemplate: v1beta1.JobTemplateSpec{
|
|
Spec: jobSpecDef,
|
|
},
|
|
},
|
|
}
|
|
}
|
|
|
|
func getJob(
|
|
namespace string,
|
|
nameLabels *labels.Name,
|
|
jobSpecDef batchv1.JobSpec,
|
|
) *batchv1.Job {
|
|
return &batchv1.Job{
|
|
ObjectMeta: v1.ObjectMeta{
|
|
Name: nameLabels.Name(),
|
|
Namespace: namespace,
|
|
Labels: labels.MustK8sMap(nameLabels),
|
|
},
|
|
Spec: jobSpecDef,
|
|
}
|
|
}
|
|
|
|
func getJobSpecDef(
|
|
nodeselector map[string]string,
|
|
tolerations []corev1.Toleration,
|
|
accessKeyIDName string,
|
|
accessKeyIDKey string,
|
|
secretAccessKeyName string,
|
|
secretAccessKeyKey string,
|
|
sessionTokenName string,
|
|
sessionTokenKey string,
|
|
backupName string,
|
|
image string,
|
|
command string,
|
|
) batchv1.JobSpec {
|
|
return batchv1.JobSpec{
|
|
Template: corev1.PodTemplateSpec{
|
|
Spec: corev1.PodSpec{
|
|
RestartPolicy: corev1.RestartPolicyNever,
|
|
NodeSelector: nodeselector,
|
|
Tolerations: tolerations,
|
|
Containers: []corev1.Container{{
|
|
Name: backupName,
|
|
Image: image,
|
|
Command: []string{
|
|
"/bin/bash",
|
|
"-c",
|
|
command,
|
|
},
|
|
VolumeMounts: []corev1.VolumeMount{{
|
|
Name: internalSecretName,
|
|
MountPath: certPath,
|
|
}, {
|
|
Name: accessKeyIDKey,
|
|
SubPath: accessKeyIDKey,
|
|
MountPath: accessKeyIDPath,
|
|
}, {
|
|
Name: secretAccessKeyKey,
|
|
SubPath: secretAccessKeyKey,
|
|
MountPath: secretAccessKeyPath,
|
|
}, {
|
|
Name: sessionTokenKey,
|
|
SubPath: sessionTokenKey,
|
|
MountPath: sessionTokenPath,
|
|
}},
|
|
ImagePullPolicy: corev1.PullIfNotPresent,
|
|
}},
|
|
Volumes: []corev1.Volume{{
|
|
Name: internalSecretName,
|
|
VolumeSource: corev1.VolumeSource{
|
|
Secret: &corev1.SecretVolumeSource{
|
|
SecretName: rootSecretName,
|
|
DefaultMode: helpers.PointerInt32(defaultMode),
|
|
},
|
|
},
|
|
}, {
|
|
Name: accessKeyIDKey,
|
|
VolumeSource: corev1.VolumeSource{
|
|
Secret: &corev1.SecretVolumeSource{
|
|
SecretName: accessKeyIDName,
|
|
},
|
|
},
|
|
}, {
|
|
Name: secretAccessKeyKey,
|
|
VolumeSource: corev1.VolumeSource{
|
|
Secret: &corev1.SecretVolumeSource{
|
|
SecretName: secretAccessKeyName,
|
|
},
|
|
},
|
|
}, {
|
|
Name: sessionTokenKey,
|
|
VolumeSource: corev1.VolumeSource{
|
|
Secret: &corev1.SecretVolumeSource{
|
|
SecretName: sessionTokenName,
|
|
},
|
|
},
|
|
}},
|
|
},
|
|
},
|
|
}
|
|
}
|