mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-15 20:38:00 +00:00
425a8b5fd5
* fix(zitadelctl): implement takedown command * fix(zitadelctl): correct destroy flow * fix(zitadelctl): correct backup commands to read crds beforehand * fix: add of destroyfile * fix: clean for userlist * fix: change backup and restore to crdb native * fix: timeout for delete pvc for cockroachdb * fix: corrected unit tests * fix: add ignored file for scale * fix: correct handling of gitops in backup command * feat: add s3 backup kind * fix: backuplist for s3 and timeout for pv deletion * fix(database): fix nil pointer with binary version * fix(database): cleanup of errors which cam with merging of the s3 logic * fix: correct unit tests * fix: cleanup monitor output Co-authored-by: Elio Bischof <eliobischof@gmail.com> * fix: backup imagepullpolixy to ifnotpresent Co-authored-by: Elio Bischof <eliobischof@gmail.com>
501 lines
13 KiB
Go
501 lines
13 KiB
Go
package s3
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/caos/orbos/mntr"
|
|
"github.com/caos/orbos/pkg/kubernetes"
|
|
kubernetesmock "github.com/caos/orbos/pkg/kubernetes/mock"
|
|
"github.com/caos/orbos/pkg/labels"
|
|
"github.com/caos/orbos/pkg/secret"
|
|
"github.com/caos/orbos/pkg/tree"
|
|
"github.com/caos/zitadel/operator/database/kinds/backups/bucket/backup"
|
|
"github.com/caos/zitadel/operator/database/kinds/backups/bucket/restore"
|
|
"github.com/golang/mock/gomock"
|
|
"github.com/stretchr/testify/assert"
|
|
corev1 "k8s.io/api/core/v1"
|
|
)
|
|
|
|
func TestBucket_Secrets(t *testing.T) {
|
|
masterkey := "testMk"
|
|
features := []string{backup.Normal}
|
|
region := "testRegion"
|
|
endpoint := "testEndpoint"
|
|
akid := "testAKID"
|
|
sak := "testSAK"
|
|
st := "testST"
|
|
|
|
bucketName := "testBucket2"
|
|
cron := "testCron2"
|
|
monitor := mntr.Monitor{}
|
|
namespace := "testNs2"
|
|
|
|
dbURL := "testDB"
|
|
dbPort := int32(80)
|
|
kindVersion := "v0"
|
|
kind := "BucketBackup"
|
|
componentLabels := labels.MustForComponent(labels.MustForAPI(labels.MustForOperator("testProd", "testOp", "testVersion"), "BucketBackup", kindVersion), "testComponent")
|
|
|
|
timestamp := "test2"
|
|
nodeselector := map[string]string{"test2": "test2"}
|
|
tolerations := []corev1.Toleration{
|
|
{Key: "testKey2", Operator: "testOp2"}}
|
|
backupName := "testName2"
|
|
version := "testVersion2"
|
|
|
|
desired := getDesiredTree(t, masterkey, &DesiredV0{
|
|
Common: tree.NewCommon("databases.caos.ch/"+kind, kindVersion, false),
|
|
Spec: &Spec{
|
|
Verbose: true,
|
|
Cron: cron,
|
|
Bucket: bucketName,
|
|
Endpoint: endpoint,
|
|
Region: region,
|
|
AccessKeyID: &secret.Secret{
|
|
Value: akid,
|
|
},
|
|
SecretAccessKey: &secret.Secret{
|
|
Value: sak,
|
|
},
|
|
SessionToken: &secret.Secret{
|
|
Value: st,
|
|
},
|
|
},
|
|
})
|
|
|
|
checkDBReady := func(k8sClient kubernetes.ClientInt) error {
|
|
return nil
|
|
}
|
|
|
|
allSecrets := map[string]string{
|
|
"accesskeyid": "testAKID",
|
|
"secretaccesskey": "testSAK",
|
|
"sessiontoken": "testST",
|
|
}
|
|
|
|
_, _, _, secrets, existing, _, err := AdaptFunc(
|
|
backupName,
|
|
namespace,
|
|
componentLabels,
|
|
checkDBReady,
|
|
timestamp,
|
|
nodeselector,
|
|
tolerations,
|
|
version,
|
|
dbURL,
|
|
dbPort,
|
|
features,
|
|
"",
|
|
)(
|
|
monitor,
|
|
desired,
|
|
&tree.Tree{},
|
|
)
|
|
assert.NoError(t, err)
|
|
for key, value := range allSecrets {
|
|
assert.Contains(t, secrets, key)
|
|
assert.Contains(t, existing, key)
|
|
assert.Equal(t, value, secrets[key].Value)
|
|
}
|
|
}
|
|
|
|
func TestBucket_AdaptBackup(t *testing.T) {
|
|
masterkey := "testMk"
|
|
client := kubernetesmock.NewMockClientInt(gomock.NewController(t))
|
|
features := []string{backup.Normal}
|
|
region := "testRegion"
|
|
endpoint := "testEndpoint"
|
|
akid := "testAKID"
|
|
sak := "testSAK"
|
|
st := "testST"
|
|
|
|
dbURL := "testDB"
|
|
dbPort := int32(80)
|
|
bucketName := "testBucket2"
|
|
cron := "testCron2"
|
|
monitor := mntr.Monitor{}
|
|
namespace := "testNs2"
|
|
|
|
componentLabels := labels.MustForComponent(labels.MustForAPI(labels.MustForOperator("testProd", "testOp", "testVersion"), "BucketBackup", "v0"), "testComponent")
|
|
k8sLabelsAKID := map[string]string{
|
|
"app.kubernetes.io/component": "testComponent",
|
|
"app.kubernetes.io/managed-by": "testOp",
|
|
"app.kubernetes.io/name": accessKeyIDName,
|
|
"app.kubernetes.io/part-of": "testProd",
|
|
"app.kubernetes.io/version": "testVersion",
|
|
"caos.ch/apiversion": "v0",
|
|
"caos.ch/kind": "BucketBackup",
|
|
}
|
|
k8sLabelsSAK := map[string]string{
|
|
"app.kubernetes.io/component": "testComponent",
|
|
"app.kubernetes.io/managed-by": "testOp",
|
|
"app.kubernetes.io/name": secretAccessKeyName,
|
|
"app.kubernetes.io/part-of": "testProd",
|
|
"app.kubernetes.io/version": "testVersion",
|
|
"caos.ch/apiversion": "v0",
|
|
"caos.ch/kind": "BucketBackup",
|
|
}
|
|
k8sLabelsST := map[string]string{
|
|
"app.kubernetes.io/component": "testComponent",
|
|
"app.kubernetes.io/managed-by": "testOp",
|
|
"app.kubernetes.io/name": sessionTokenName,
|
|
"app.kubernetes.io/part-of": "testProd",
|
|
"app.kubernetes.io/version": "testVersion",
|
|
"caos.ch/apiversion": "v0",
|
|
"caos.ch/kind": "BucketBackup",
|
|
}
|
|
timestamp := "test2"
|
|
nodeselector := map[string]string{"test2": "test2"}
|
|
tolerations := []corev1.Toleration{
|
|
{Key: "testKey2", Operator: "testOp2"}}
|
|
backupName := "testName2"
|
|
version := "testVersion2"
|
|
|
|
desired := getDesiredTree(t, masterkey, &DesiredV0{
|
|
Common: tree.NewCommon("databases.caos.ch/BucketBackup", "v0", false),
|
|
Spec: &Spec{
|
|
Verbose: true,
|
|
Cron: cron,
|
|
Bucket: bucketName,
|
|
Endpoint: endpoint,
|
|
Region: region,
|
|
AccessKeyID: &secret.Secret{
|
|
Value: akid,
|
|
},
|
|
SecretAccessKey: &secret.Secret{
|
|
Value: sak,
|
|
},
|
|
SessionToken: &secret.Secret{
|
|
Value: st,
|
|
},
|
|
},
|
|
})
|
|
|
|
checkDBReady := func(k8sClient kubernetes.ClientInt) error {
|
|
return nil
|
|
}
|
|
|
|
SetBackup(client, namespace, k8sLabelsAKID, k8sLabelsSAK, k8sLabelsST, akid, sak, st)
|
|
|
|
query, _, _, _, _, _, err := AdaptFunc(
|
|
backupName,
|
|
namespace,
|
|
componentLabels,
|
|
checkDBReady,
|
|
timestamp,
|
|
nodeselector,
|
|
tolerations,
|
|
version,
|
|
dbURL,
|
|
dbPort,
|
|
features,
|
|
"",
|
|
)(
|
|
monitor,
|
|
desired,
|
|
&tree.Tree{},
|
|
)
|
|
|
|
assert.NoError(t, err)
|
|
databases := []string{"test1", "test2"}
|
|
queried := SetQueriedForDatabases(databases, []string{})
|
|
ensure, err := query(client, queried)
|
|
assert.NoError(t, err)
|
|
assert.NotNil(t, ensure)
|
|
assert.NoError(t, ensure(client))
|
|
}
|
|
|
|
func TestBucket_AdaptInstantBackup(t *testing.T) {
|
|
masterkey := "testMk"
|
|
client := kubernetesmock.NewMockClientInt(gomock.NewController(t))
|
|
features := []string{backup.Instant}
|
|
|
|
bucketName := "testBucket1"
|
|
cron := "testCron"
|
|
monitor := mntr.Monitor{}
|
|
namespace := "testNs"
|
|
dbURL := "testDB"
|
|
dbPort := int32(80)
|
|
|
|
componentLabels := labels.MustForComponent(labels.MustForAPI(labels.MustForOperator("testProd", "testOp", "testVersion"), "BucketBackup", "v0"), "testComponent")
|
|
k8sLabelsAKID := map[string]string{
|
|
"app.kubernetes.io/component": "testComponent",
|
|
"app.kubernetes.io/managed-by": "testOp",
|
|
"app.kubernetes.io/name": accessKeyIDName,
|
|
"app.kubernetes.io/part-of": "testProd",
|
|
"app.kubernetes.io/version": "testVersion",
|
|
"caos.ch/apiversion": "v0",
|
|
"caos.ch/kind": "BucketBackup",
|
|
}
|
|
k8sLabelsSAK := map[string]string{
|
|
"app.kubernetes.io/component": "testComponent",
|
|
"app.kubernetes.io/managed-by": "testOp",
|
|
"app.kubernetes.io/name": secretAccessKeyName,
|
|
"app.kubernetes.io/part-of": "testProd",
|
|
"app.kubernetes.io/version": "testVersion",
|
|
"caos.ch/apiversion": "v0",
|
|
"caos.ch/kind": "BucketBackup",
|
|
}
|
|
k8sLabelsST := map[string]string{
|
|
"app.kubernetes.io/component": "testComponent",
|
|
"app.kubernetes.io/managed-by": "testOp",
|
|
"app.kubernetes.io/name": sessionTokenName,
|
|
"app.kubernetes.io/part-of": "testProd",
|
|
"app.kubernetes.io/version": "testVersion",
|
|
"caos.ch/apiversion": "v0",
|
|
"caos.ch/kind": "BucketBackup",
|
|
}
|
|
timestamp := "test"
|
|
nodeselector := map[string]string{"test": "test"}
|
|
tolerations := []corev1.Toleration{
|
|
{Key: "testKey", Operator: "testOp"}}
|
|
backupName := "testName"
|
|
version := "testVersion"
|
|
region := "testRegion"
|
|
endpoint := "testEndpoint"
|
|
akid := "testAKID"
|
|
sak := "testSAK"
|
|
st := "testST"
|
|
|
|
desired := getDesiredTree(t, masterkey, &DesiredV0{
|
|
Common: tree.NewCommon("databases.caos.ch/BucketBackup", "v0", false),
|
|
Spec: &Spec{
|
|
Verbose: true,
|
|
Cron: cron,
|
|
Bucket: bucketName,
|
|
Endpoint: endpoint,
|
|
Region: region,
|
|
AccessKeyID: &secret.Secret{
|
|
Value: akid,
|
|
},
|
|
SecretAccessKey: &secret.Secret{
|
|
Value: sak,
|
|
},
|
|
SessionToken: &secret.Secret{
|
|
Value: st,
|
|
},
|
|
},
|
|
})
|
|
|
|
checkDBReady := func(k8sClient kubernetes.ClientInt) error {
|
|
return nil
|
|
}
|
|
|
|
SetInstantBackup(client, namespace, backupName, k8sLabelsAKID, k8sLabelsSAK, k8sLabelsST, akid, sak, st)
|
|
|
|
query, _, _, _, _, _, err := AdaptFunc(
|
|
backupName,
|
|
namespace,
|
|
componentLabels,
|
|
checkDBReady,
|
|
timestamp,
|
|
nodeselector,
|
|
tolerations,
|
|
version,
|
|
dbURL,
|
|
dbPort,
|
|
features,
|
|
"",
|
|
)(
|
|
monitor,
|
|
desired,
|
|
&tree.Tree{},
|
|
)
|
|
|
|
assert.NoError(t, err)
|
|
databases := []string{"test1", "test2"}
|
|
queried := SetQueriedForDatabases(databases, []string{})
|
|
ensure, err := query(client, queried)
|
|
assert.NotNil(t, ensure)
|
|
assert.NoError(t, err)
|
|
assert.NoError(t, ensure(client))
|
|
}
|
|
|
|
func TestBucket_AdaptRestore(t *testing.T) {
|
|
masterkey := "testMk"
|
|
client := kubernetesmock.NewMockClientInt(gomock.NewController(t))
|
|
features := []string{restore.Instant}
|
|
|
|
bucketName := "testBucket1"
|
|
cron := "testCron"
|
|
monitor := mntr.Monitor{}
|
|
namespace := "testNs"
|
|
|
|
componentLabels := labels.MustForComponent(labels.MustForAPI(labels.MustForOperator("testProd", "testOp", "testVersion"), "BucketBackup", "v0"), "testComponent")
|
|
k8sLabelsAKID := map[string]string{
|
|
"app.kubernetes.io/component": "testComponent",
|
|
"app.kubernetes.io/managed-by": "testOp",
|
|
"app.kubernetes.io/name": accessKeyIDName,
|
|
"app.kubernetes.io/part-of": "testProd",
|
|
"app.kubernetes.io/version": "testVersion",
|
|
"caos.ch/apiversion": "v0",
|
|
"caos.ch/kind": "BucketBackup",
|
|
}
|
|
k8sLabelsSAK := map[string]string{
|
|
"app.kubernetes.io/component": "testComponent",
|
|
"app.kubernetes.io/managed-by": "testOp",
|
|
"app.kubernetes.io/name": secretAccessKeyName,
|
|
"app.kubernetes.io/part-of": "testProd",
|
|
"app.kubernetes.io/version": "testVersion",
|
|
"caos.ch/apiversion": "v0",
|
|
"caos.ch/kind": "BucketBackup",
|
|
}
|
|
k8sLabelsST := map[string]string{
|
|
"app.kubernetes.io/component": "testComponent",
|
|
"app.kubernetes.io/managed-by": "testOp",
|
|
"app.kubernetes.io/name": sessionTokenName,
|
|
"app.kubernetes.io/part-of": "testProd",
|
|
"app.kubernetes.io/version": "testVersion",
|
|
"caos.ch/apiversion": "v0",
|
|
"caos.ch/kind": "BucketBackup",
|
|
}
|
|
|
|
timestamp := "test"
|
|
nodeselector := map[string]string{"test": "test"}
|
|
tolerations := []corev1.Toleration{
|
|
{Key: "testKey", Operator: "testOp"}}
|
|
backupName := "testName"
|
|
version := "testVersion"
|
|
region := "testRegion"
|
|
endpoint := "testEndpoint"
|
|
akid := "testAKID"
|
|
sak := "testSAK"
|
|
st := "testST"
|
|
dbURL := "testDB"
|
|
dbPort := int32(80)
|
|
|
|
desired := getDesiredTree(t, masterkey, &DesiredV0{
|
|
Common: tree.NewCommon("databases.caos.ch/BucketBackup", "v0", false),
|
|
Spec: &Spec{
|
|
Verbose: true,
|
|
Cron: cron,
|
|
Bucket: bucketName,
|
|
Endpoint: endpoint,
|
|
Region: region,
|
|
AccessKeyID: &secret.Secret{
|
|
Value: akid,
|
|
},
|
|
SecretAccessKey: &secret.Secret{
|
|
Value: sak,
|
|
},
|
|
SessionToken: &secret.Secret{
|
|
Value: st,
|
|
},
|
|
},
|
|
})
|
|
|
|
checkDBReady := func(k8sClient kubernetes.ClientInt) error {
|
|
return nil
|
|
}
|
|
|
|
SetRestore(client, namespace, backupName, k8sLabelsAKID, k8sLabelsSAK, k8sLabelsST, akid, sak, st)
|
|
|
|
query, _, _, _, _, _, err := AdaptFunc(
|
|
backupName,
|
|
namespace,
|
|
componentLabels,
|
|
checkDBReady,
|
|
timestamp,
|
|
nodeselector,
|
|
tolerations,
|
|
version,
|
|
dbURL,
|
|
dbPort,
|
|
features,
|
|
"",
|
|
)(
|
|
monitor,
|
|
desired,
|
|
&tree.Tree{},
|
|
)
|
|
|
|
assert.NoError(t, err)
|
|
databases := []string{"test1", "test2"}
|
|
queried := SetQueriedForDatabases(databases, []string{})
|
|
ensure, err := query(client, queried)
|
|
assert.NotNil(t, ensure)
|
|
assert.NoError(t, err)
|
|
assert.NoError(t, ensure(client))
|
|
}
|
|
|
|
/*
|
|
func TestBucket_AdaptClean(t *testing.T) {
|
|
masterkey := "testMk"
|
|
client := kubernetesmock.NewMockClientInt(gomock.NewController(t))
|
|
features := []string{clean.Instant}
|
|
|
|
bucketName := "testBucket1"
|
|
cron := "testCron"
|
|
monitor := mntr.Monitor{}
|
|
namespace := "testNs"
|
|
|
|
componentLabels := labels.MustForComponent(labels.MustForAPI(labels.MustForOperator("testProd", "testOp", "testVersion"), "BucketBackup", "v0"), "testComponent")
|
|
k8sLabels := map[string]string{
|
|
"app.kubernetes.io/component": "testComponent",
|
|
"app.kubernetes.io/managed-by": "testOp",
|
|
"app.kubernetes.io/name": "backup-serviceaccountjson",
|
|
"app.kubernetes.io/part-of": "testProd",
|
|
"app.kubernetes.io/version": "testVersion",
|
|
"caos.ch/apiversion": "v0",
|
|
"caos.ch/kind": "BucketBackup",
|
|
}
|
|
|
|
timestamp := "test"
|
|
nodeselector := map[string]string{"test": "test"}
|
|
tolerations := []corev1.Toleration{
|
|
{Key: "testKey", Operator: "testOp"}}
|
|
backupName := "testName"
|
|
version := "testVersion"
|
|
saJson := "testSA"
|
|
dbURL := "testDB"
|
|
dbPort := int32(80)
|
|
|
|
desired := getDesiredTree(t, masterkey, &DesiredV0{
|
|
Common: &tree.Common{
|
|
Kind: "databases.caos.ch/BucketBackup",
|
|
Version: "v0",
|
|
},
|
|
Spec: &Spec{
|
|
Verbose: true,
|
|
Cron: cron,
|
|
Bucket: bucketName,
|
|
ServiceAccountJSON: &secret.Secret{
|
|
Value: saJson,
|
|
},
|
|
},
|
|
})
|
|
|
|
checkDBReady := func(k8sClient kubernetes.ClientInt) error {
|
|
return nil
|
|
}
|
|
|
|
SetClean(client, namespace, backupName, k8sLabels, saJson)
|
|
|
|
query, _, _, _, _, _, err := AdaptFunc(
|
|
backupName,
|
|
namespace,
|
|
componentLabels,
|
|
checkDBReady,
|
|
timestamp,
|
|
nodeselector,
|
|
tolerations,
|
|
version,
|
|
dbURL,
|
|
dbPort,
|
|
features,
|
|
)(
|
|
monitor,
|
|
desired,
|
|
&tree.Tree{},
|
|
)
|
|
|
|
assert.NoError(t, err)
|
|
databases := []string{"test1", "test2"}
|
|
users := []string{"test1", "test2"}
|
|
queried := SetQueriedForDatabases(databases, users)
|
|
ensure, err := query(client, queried)
|
|
assert.NotNil(t, ensure)
|
|
assert.NoError(t, err)
|
|
assert.NoError(t, ensure(client))
|
|
}*/
|