mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-22 15:57:34 +00:00
425a8b5fd5
* fix(zitadelctl): implement takedown command * fix(zitadelctl): correct destroy flow * fix(zitadelctl): correct backup commands to read crds beforehand * fix: add of destroyfile * fix: clean for userlist * fix: change backup and restore to crdb native * fix: timeout for delete pvc for cockroachdb * fix: corrected unit tests * fix: add ignored file for scale * fix: correct handling of gitops in backup command * feat: add s3 backup kind * fix: backuplist for s3 and timeout for pv deletion * fix(database): fix nil pointer with binary version * fix(database): cleanup of errors which cam with merging of the s3 logic * fix: correct unit tests * fix: cleanup monitor output Co-authored-by: Elio Bischof <eliobischof@gmail.com> * fix: backup imagepullpolixy to ifnotpresent Co-authored-by: Elio Bischof <eliobischof@gmail.com>
155 lines
3.5 KiB
Go
155 lines
3.5 KiB
Go
package backup
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/caos/zitadel/operator"
|
|
|
|
"github.com/caos/orbos/mntr"
|
|
"github.com/caos/orbos/pkg/kubernetes"
|
|
"github.com/caos/orbos/pkg/kubernetes/resources/cronjob"
|
|
"github.com/caos/orbos/pkg/kubernetes/resources/job"
|
|
"github.com/caos/orbos/pkg/labels"
|
|
corev1 "k8s.io/api/core/v1"
|
|
)
|
|
|
|
const (
|
|
defaultMode int32 = 256
|
|
certPath = "/cockroach/cockroach-certs"
|
|
accessKeyIDPath = "/secrets/accessaccountkey"
|
|
secretAccessKeyPath = "/secrets/secretaccesskey"
|
|
sessionTokenPath = "/secrets/sessiontoken"
|
|
backupNameEnv = "BACKUP_NAME"
|
|
cronJobNamePrefix = "backup-"
|
|
internalSecretName = "client-certs"
|
|
rootSecretName = "cockroachdb.client.root"
|
|
timeout = 15 * time.Minute
|
|
Normal = "backup"
|
|
Instant = "instantbackup"
|
|
)
|
|
|
|
func AdaptFunc(
|
|
monitor mntr.Monitor,
|
|
backupName string,
|
|
namespace string,
|
|
componentLabels *labels.Component,
|
|
checkDBReady operator.EnsureFunc,
|
|
bucketName string,
|
|
cron string,
|
|
accessKeyIDName string,
|
|
accessKeyIDKey string,
|
|
secretAccessKeyName string,
|
|
secretAccessKeyKey string,
|
|
sessionTokenName string,
|
|
sessionTokenKey string,
|
|
region string,
|
|
endpoint string,
|
|
timestamp string,
|
|
nodeselector map[string]string,
|
|
tolerations []corev1.Toleration,
|
|
dbURL string,
|
|
dbPort int32,
|
|
features []string,
|
|
image string,
|
|
) (
|
|
queryFunc operator.QueryFunc,
|
|
destroyFunc operator.DestroyFunc,
|
|
err error,
|
|
) {
|
|
|
|
command := getBackupCommand(
|
|
timestamp,
|
|
bucketName,
|
|
backupName,
|
|
certPath,
|
|
accessKeyIDPath,
|
|
secretAccessKeyPath,
|
|
sessionTokenPath,
|
|
region,
|
|
endpoint,
|
|
dbURL,
|
|
dbPort,
|
|
)
|
|
|
|
jobSpecDef := getJobSpecDef(
|
|
nodeselector,
|
|
tolerations,
|
|
accessKeyIDName,
|
|
accessKeyIDKey,
|
|
secretAccessKeyName,
|
|
secretAccessKeyKey,
|
|
sessionTokenName,
|
|
sessionTokenKey,
|
|
backupName,
|
|
image,
|
|
command,
|
|
)
|
|
|
|
destroyers := []operator.DestroyFunc{}
|
|
queriers := []operator.QueryFunc{}
|
|
|
|
cronJobDef := getCronJob(
|
|
namespace,
|
|
labels.MustForName(componentLabels, GetJobName(backupName)),
|
|
cron,
|
|
jobSpecDef,
|
|
)
|
|
|
|
destroyCJ, err := cronjob.AdaptFuncToDestroy(cronJobDef.Namespace, cronJobDef.Name)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
queryCJ, err := cronjob.AdaptFuncToEnsure(cronJobDef)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
jobDef := getJob(
|
|
namespace,
|
|
labels.MustForName(componentLabels, cronJobNamePrefix+backupName),
|
|
jobSpecDef,
|
|
)
|
|
|
|
destroyJ, err := job.AdaptFuncToDestroy(jobDef.Namespace, jobDef.Name)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
queryJ, err := job.AdaptFuncToEnsure(jobDef)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
for _, feature := range features {
|
|
switch feature {
|
|
case Normal:
|
|
destroyers = append(destroyers,
|
|
operator.ResourceDestroyToZitadelDestroy(destroyCJ),
|
|
)
|
|
queriers = append(queriers,
|
|
operator.EnsureFuncToQueryFunc(checkDBReady),
|
|
operator.ResourceQueryToZitadelQuery(queryCJ),
|
|
)
|
|
case Instant:
|
|
destroyers = append(destroyers,
|
|
operator.ResourceDestroyToZitadelDestroy(destroyJ),
|
|
)
|
|
queriers = append(queriers,
|
|
operator.EnsureFuncToQueryFunc(checkDBReady),
|
|
operator.ResourceQueryToZitadelQuery(queryJ),
|
|
)
|
|
}
|
|
}
|
|
|
|
return func(k8sClient kubernetes.ClientInt, queried map[string]interface{}) (operator.EnsureFunc, error) {
|
|
return operator.QueriersToEnsureFunc(monitor, false, queriers, k8sClient, queried)
|
|
},
|
|
operator.DestroyersToDestroyFunc(monitor, destroyers),
|
|
nil
|
|
}
|
|
|
|
func GetJobName(backupName string) string {
|
|
return cronJobNamePrefix + backupName
|
|
}
|