mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-22 15:57:34 +00:00
425a8b5fd5
* fix(zitadelctl): implement takedown command * fix(zitadelctl): correct destroy flow * fix(zitadelctl): correct backup commands to read crds beforehand * fix: add of destroyfile * fix: clean for userlist * fix: change backup and restore to crdb native * fix: timeout for delete pvc for cockroachdb * fix: corrected unit tests * fix: add ignored file for scale * fix: correct handling of gitops in backup command * feat: add s3 backup kind * fix: backuplist for s3 and timeout for pv deletion * fix(database): fix nil pointer with binary version * fix(database): cleanup of errors which cam with merging of the s3 logic * fix: correct unit tests * fix: cleanup monitor output Co-authored-by: Elio Bischof <eliobischof@gmail.com> * fix: backup imagepullpolixy to ifnotpresent Co-authored-by: Elio Bischof <eliobischof@gmail.com>
116 lines
2.5 KiB
Go
116 lines
2.5 KiB
Go
package restore
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/caos/zitadel/operator"
|
|
|
|
"github.com/caos/orbos/mntr"
|
|
"github.com/caos/orbos/pkg/kubernetes"
|
|
"github.com/caos/orbos/pkg/kubernetes/resources/job"
|
|
"github.com/caos/orbos/pkg/labels"
|
|
corev1 "k8s.io/api/core/v1"
|
|
)
|
|
|
|
const (
|
|
Instant = "restore"
|
|
defaultMode = int32(256)
|
|
certPath = "/cockroach/cockroach-certs"
|
|
accessKeyIDPath = "/secrets/accessaccountkey"
|
|
secretAccessKeyPath = "/secrets/secretaccesskey"
|
|
sessionTokenPath = "/secrets/sessiontoken"
|
|
jobPrefix = "backup-"
|
|
jobSuffix = "-restore"
|
|
internalSecretName = "client-certs"
|
|
rootSecretName = "cockroachdb.client.root"
|
|
timeout = 15 * time.Minute
|
|
)
|
|
|
|
func AdaptFunc(
|
|
monitor mntr.Monitor,
|
|
backupName string,
|
|
namespace string,
|
|
componentLabels *labels.Component,
|
|
bucketName string,
|
|
timestamp string,
|
|
accessKeyIDName string,
|
|
accessKeyIDKey string,
|
|
secretAccessKeyName string,
|
|
secretAccessKeyKey string,
|
|
sessionTokenName string,
|
|
sessionTokenKey string,
|
|
region string,
|
|
endpoint string,
|
|
nodeselector map[string]string,
|
|
tolerations []corev1.Toleration,
|
|
checkDBReady operator.EnsureFunc,
|
|
dbURL string,
|
|
dbPort int32,
|
|
image string,
|
|
) (
|
|
queryFunc operator.QueryFunc,
|
|
destroyFunc operator.DestroyFunc,
|
|
err error,
|
|
) {
|
|
|
|
jobName := jobPrefix + backupName + jobSuffix
|
|
command := getCommand(
|
|
timestamp,
|
|
bucketName,
|
|
backupName,
|
|
certPath,
|
|
accessKeyIDPath,
|
|
secretAccessKeyPath,
|
|
sessionTokenPath,
|
|
region,
|
|
endpoint,
|
|
dbURL,
|
|
dbPort,
|
|
)
|
|
|
|
jobdef := getJob(
|
|
namespace,
|
|
labels.MustForName(componentLabels, GetJobName(backupName)),
|
|
nodeselector,
|
|
tolerations,
|
|
accessKeyIDName,
|
|
accessKeyIDKey,
|
|
secretAccessKeyName,
|
|
secretAccessKeyKey,
|
|
sessionTokenName,
|
|
sessionTokenKey,
|
|
image,
|
|
command,
|
|
)
|
|
|
|
destroyJ, err := job.AdaptFuncToDestroy(jobName, namespace)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
destroyers := []operator.DestroyFunc{
|
|
operator.ResourceDestroyToZitadelDestroy(destroyJ),
|
|
}
|
|
|
|
queryJ, err := job.AdaptFuncToEnsure(jobdef)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
queriers := []operator.QueryFunc{
|
|
operator.EnsureFuncToQueryFunc(checkDBReady),
|
|
operator.ResourceQueryToZitadelQuery(queryJ),
|
|
}
|
|
|
|
return func(k8sClient kubernetes.ClientInt, queried map[string]interface{}) (operator.EnsureFunc, error) {
|
|
return operator.QueriersToEnsureFunc(monitor, false, queriers, k8sClient, queried)
|
|
},
|
|
operator.DestroyersToDestroyFunc(monitor, destroyers),
|
|
|
|
nil
|
|
}
|
|
|
|
func GetJobName(backupName string) string {
|
|
return jobPrefix + backupName + jobSuffix
|
|
}
|