From 5ee3b88d22e87418eb585b57b26e8e4c9aa572e1 Mon Sep 17 00:00:00 2001 From: "lukasz.widera@vshn.ch" Date: Wed, 25 Sep 2024 17:28:31 +0200 Subject: [PATCH] fixing PostgreSQL creation --- apis/v1/objectstorage_types.go | 1 - .../vshnpostgres/postgresql_deploy.go | 18 +- .../vshnpostgres/postgresql_deploy_test.go | 2 - .../vshn-postgres/deploy/01_default.yaml | 172 +++++++++++++++++- .../deploy/02_with_pg_config.yaml | 134 ++++++++++++++ .../vshn-postgres/deploy/03_with_restore.yaml | 134 ++++++++++++++ 6 files changed, 452 insertions(+), 9 deletions(-) diff --git a/apis/v1/objectstorage_types.go b/apis/v1/objectstorage_types.go index 08035befd7..893c4e36a0 100644 --- a/apis/v1/objectstorage_types.go +++ b/apis/v1/objectstorage_types.go @@ -18,7 +18,6 @@ const ( type BucketDeletionPolicy string //go:generate yq -i e ../generated/appcat.vshn.io_objectbuckets.yaml --expression "with(.spec.versions[]; .schema.openAPIV3Schema.properties.spec.properties.parameters.properties.security.default={})" - // +kubebuilder:object:root=true // +kubebuilder:printcolumn:name="Bucket Name",type="string",JSONPath=".spec.parameters.bucketName" // +kubebuilder:printcolumn:name="Region",type="string",JSONPath=".spec.parameters.region" diff --git a/pkg/comp-functions/functions/vshnpostgres/postgresql_deploy.go b/pkg/comp-functions/functions/vshnpostgres/postgresql_deploy.go index 8bdc9de78d..476cd2e1f4 100644 --- a/pkg/comp-functions/functions/vshnpostgres/postgresql_deploy.go +++ b/pkg/comp-functions/functions/vshnpostgres/postgresql_deploy.go @@ -480,6 +480,16 @@ func createObjectBucket(comp *vshnv1.VSHNPostgreSQL, svc *runtime.ServiceRuntime func createSgObjectStorage(comp *vshnv1.VSHNPostgreSQL, svc *runtime.ServiceRuntime) error { + sgBackupExists, err := svc.WaitForObservedDependenciesWithConnectionDetails("sgbackup-"+comp.GetName(), map[string][]string{ + "pg-bucket": {"AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY"}, + }) + + certificateExists := svc.WaitForObservedDependencies("sgbackup-"+comp.GetName(), "certificate") + + if err != nil || !sgBackupExists || !certificateExists { + return fmt.Errorf("waiting for dependencies: %w", err) + } + sgObjectStorage := &sgv1beta1.SGObjectStorage{ ObjectMeta: metav1.ObjectMeta{ Name: "sgbackup-" + comp.GetName(), @@ -507,9 +517,9 @@ func createSgObjectStorage(comp *vshnv1.VSHNPostgreSQL, svc *runtime.ServiceRunt }, }, } - err := svc.SetDesiredKubeObjectWithName(sgObjectStorage, comp.GetName()+"-object-storage", "sg-backup") + err = svc.SetDesiredKubeObjectWithName(sgObjectStorage, comp.GetName()+"-object-storage", "sg-backup") if err != nil { - err = fmt.Errorf("cannot create xObjectBucket: %w", err) + err = fmt.Errorf("cannot create sgBackup: %w", err) return err } @@ -559,7 +569,7 @@ func createPodMonitor(comp *vshnv1.VSHNPostgreSQL, svc *runtime.ServiceRuntime) err = svc.SetDesiredKubeObjectWithName(podMonitor, comp.GetName()+"-podmonitor", "podmonitor") if err != nil { - err = fmt.Errorf("cannot create xObjectBucket: %w", err) + err = fmt.Errorf("cannot create podMonitor: %w", err) return err } return nil @@ -610,7 +620,7 @@ func createCopyJob(comp *vshnv1.VSHNPostgreSQL, svc *runtime.ServiceRuntime) err err := svc.SetDesiredKubeObjectWithName(copyJob, comp.GetName()+"-copyjob", "copy-job") if err != nil { - err = fmt.Errorf("cannot create xObjectBucket: %w", err) + err = fmt.Errorf("cannot create copyJob: %w", err) return err } diff --git a/pkg/comp-functions/functions/vshnpostgres/postgresql_deploy_test.go b/pkg/comp-functions/functions/vshnpostgres/postgresql_deploy_test.go index 246d099d59..bbe964d892 100644 --- a/pkg/comp-functions/functions/vshnpostgres/postgresql_deploy_test.go +++ b/pkg/comp-functions/functions/vshnpostgres/postgresql_deploy_test.go @@ -27,11 +27,9 @@ func TestPostgreSqlDeploy(t *testing.T) { assert.Nil(t, DeployPostgreSQL(ctx, &vshnv1.VSHNPostgreSQL{}, svc)) assert.Nil(t, addSchedules(ctx, &vshnv1.VSHNPostgreSQL{}, svc)) - ns := &corev1.Namespace{} assert.NoError(t, svc.GetDesiredKubeObject(ns, "namespace-conditions")) assert.Equal(t, string("vshn"), ns.GetLabels()[utils.OrgLabelName]) - roleBinding := &rbacv1.RoleBinding{} assert.NoError(t, svc.GetDesiredKubeObject(roleBinding, "namespace-permissions")) diff --git a/test/functions/vshn-postgres/deploy/01_default.yaml b/test/functions/vshn-postgres/deploy/01_default.yaml index 9957ad5abd..927522219c 100644 --- a/test/functions/vshn-postgres/deploy/01_default.yaml +++ b/test/functions/vshn-postgres/deploy/01_default.yaml @@ -27,7 +27,41 @@ desired: writeConnectionSecretToRef: {} status: instanceNamespace: vshn-postgresql-pgsql-gc9x4 - + "pg-bucket": + resource: + apiVersion: appcat.vshn.io/v1 + kind: XObjectBucket + metadata: + name: pgsql-gc9x4 + labels: + appuio.io/organization: vshn + crossplane.io/claim-name: pgsql + crossplane.io/claim-namespace: unit-test + crossplane.io/composite: pgsql-gc9x4 + spec: + parameters: + bucketName: pgsql-gc9x4 + providerRef: + name: s3 + region: ch-gva-2 + security: + deletionProtection: false + allowAllNamespaces: false + writeConnectionSecretToRef: + name: pgsql-gc9x4 + namespace: vshn-postgresql-pgsql-gc9x4 + status: + conditions: + - lastTransitionTime: "2024-09-27T08:06:34Z" + reason: ReconcileSuccess + status: "True" + type: Synced + - lastTransitionTime: "2024-09-26T14:37:37Z" + reason: Available + status: "True" + type: Ready + connectionDetails: + lastPublishedTime: "2024-09-26T14:37:37Z" input: apiVersion: v1 data: @@ -120,7 +154,51 @@ observed: timeOfDay: '12:34:56' status: instanceNamespace: vshn-postgresql-pgsql-gc9x4 + #here resources: + "pg-bucket": + connection_details: + AWS_ACCESS_KEY_ID: whatever + AWS_REGION: whatever + AWS_SECRET_ACCESS_KEY: whatever + BUCKET_NAME: whatever + ENDPOINT: whatever + ENDPOINT_URL: whatever + resource: + apiVersion: appcat.vshn.io/v1 + kind: XObjectBucket + metadata: + name: pgsql-gc9x4 + labels: + appuio.io/organization: vshn + crossplane.io/claim-name: pgsql + crossplane.io/claim-namespace: unit-test + crossplane.io/composite: pgsql-gc9x4 + spec: + parameters: + bucketName: pgsql-gc9x4 + providerRef: + name: s3 + region: ch-gva-2 + security: + deletionProtection: false + allowAllNamespaces: false + writeConnectionSecretToRef: + name: pgsql-gc9x4 + namespace: vshn-postgresql-pgsql-gc9x4 + status: + conditions: + - lastTransitionTime: "2024-09-27T08:06:34Z" + reason: ReconcileSuccess + status: "True" + type: Synced + - lastTransitionTime: "2024-09-26T14:37:37Z" + reason: Available + status: "True" + type: Ready + connectionDetails: + lastPublishedTime: "2024-09-26T14:37:37Z" + namespace-conditions: resource: apiVersion: kubernetes.crossplane.io/v1alpha2 @@ -298,4 +376,94 @@ observed: pendingRestart: false primary: true replicationGroup: 0 - + certificate: + resource: + apiVersion: kubernetes.crossplane.io/v1alpha2 + kind: Object + metadata: + annotations: + crossplane.io/composition-resource-name: certificate + crossplane.io/external-create-pending: "2024-09-26T14:37:32Z" + crossplane.io/external-create-succeeded: "2024-09-26T14:37:32Z" + crossplane.io/external-name: pgsql-gc9x4-certificate + creationTimestamp: "2024-09-26T14:37:32Z" + finalizers: + - finalizer.managedresource.crossplane.io + generateName: pgsql-gc9x4- + generation: 38 + labels: + appcat.vshn.io/ownerapiversion: v1 + appcat.vshn.io/ownergroup: vshn.appcat.vshn.io + appcat.vshn.io/ownerkind: XVSHNPostgreSQL + crossplane.io/claim-name: postgresql-widera-test3 + crossplane.io/claim-namespace: widera-testing + crossplane.io/composite: pgsql-gc9x4 + manager: crossplane-kubernetes-provider + operation: Update + subresource: status + time: "2024-09-26T14:37:34Z" + name: pgsql-gc9x4-certificate + ownerReferences: + - apiVersion: vshn.appcat.vshn.io/v1 + blockOwnerDeletion: true + controller: true + kind: XVSHNPostgreSQL + name: pgsql-gc9x4 + uid: 4d072f13-029d-4d9d-bc24-0e4f622a9d3a + resourceVersion: "531293" + uid: 1ffeef69-4add-4d17-98ae-5c210cdd0503 + spec: + deletionPolicy: Delete + forProvider: + manifest: + apiVersion: cert-manager.io/v1 + kind: Certificate + metadata: + annotations: + appcat.vshn.io/forward-events-to: vshn.appcat.vshn.io/v1/VSHNPostgreSQL/widera-testing/postgresql-widera-test3 + labels: + appcat.vshn.io/ownerapiversion: v1 + appcat.vshn.io/ownergroup: vshn.appcat.vshn.io + appcat.vshn.io/ownerkind: XVSHNPostgreSQL + crossplane.io/composite: pgsql-gc9x4 + name: pgsql-gc9x4 + namespace: vshn-postgresql-pgsql-gc9x4 + spec: + dnsNames: + - pgsql-gc9x4.vshn-postgresql-pgsql-gc9x4.svc.cluster.local + - pgsql-gc9x4.vshn-postgresql-pgsql-gc9x4.svc + duration: 87600h0m0s + issuerRef: + group: cert-manager.io + kind: Issuer + name: pgsql-gc9x4 + privateKey: + algorithm: RSA + encoding: PKCS1 + size: 4096 + renewBefore: 2400h0m0s + secretName: tls-certificate + subject: + organizations: + - vshn-appcat + usages: + - server auth + - client auth + status: {} + managementPolicies: + - '*' + providerConfigRef: + name: kubernetes + readiness: + policy: SuccessfulCreate + watch: false + status: + conditions: + - lastTransitionTime: "2024-09-26T14:37:33Z" + reason: Available + status: "True" + type: Ready + - lastTransitionTime: "2024-09-26T14:37:32Z" + reason: ReconcileSuccess + status: "True" + type: Synced diff --git a/test/functions/vshn-postgres/deploy/02_with_pg_config.yaml b/test/functions/vshn-postgres/deploy/02_with_pg_config.yaml index e6ae7e67a0..c96141d2ff 100644 --- a/test/functions/vshn-postgres/deploy/02_with_pg_config.yaml +++ b/test/functions/vshn-postgres/deploy/02_with_pg_config.yaml @@ -125,6 +125,140 @@ observed: status: instanceNamespace: vshn-postgresql-pgsql-gc9x4 resources: + certificate: + resource: + apiVersion: kubernetes.crossplane.io/v1alpha2 + kind: Object + metadata: + annotations: + crossplane.io/composition-resource-name: certificate + crossplane.io/external-create-pending: "2024-09-26T14:37:32Z" + crossplane.io/external-create-succeeded: "2024-09-26T14:37:32Z" + crossplane.io/external-name: pgsql-gc9x4-certificate + creationTimestamp: "2024-09-26T14:37:32Z" + finalizers: + - finalizer.managedresource.crossplane.io + generateName: pgsql-gc9x4- + generation: 38 + labels: + appcat.vshn.io/ownerapiversion: v1 + appcat.vshn.io/ownergroup: vshn.appcat.vshn.io + appcat.vshn.io/ownerkind: XVSHNPostgreSQL + crossplane.io/claim-name: postgresql-widera-test3 + crossplane.io/claim-namespace: widera-testing + crossplane.io/composite: pgsql-gc9x4 + manager: crossplane-kubernetes-provider + operation: Update + subresource: status + time: "2024-09-26T14:37:34Z" + name: pgsql-gc9x4-certificate + ownerReferences: + - apiVersion: vshn.appcat.vshn.io/v1 + blockOwnerDeletion: true + controller: true + kind: XVSHNPostgreSQL + name: pgsql-gc9x4 + uid: 4d072f13-029d-4d9d-bc24-0e4f622a9d3a + resourceVersion: "531293" + uid: 1ffeef69-4add-4d17-98ae-5c210cdd0503 + spec: + deletionPolicy: Delete + forProvider: + manifest: + apiVersion: cert-manager.io/v1 + kind: Certificate + metadata: + annotations: + appcat.vshn.io/forward-events-to: vshn.appcat.vshn.io/v1/VSHNPostgreSQL/widera-testing/postgresql-widera-test3 + labels: + appcat.vshn.io/ownerapiversion: v1 + appcat.vshn.io/ownergroup: vshn.appcat.vshn.io + appcat.vshn.io/ownerkind: XVSHNPostgreSQL + crossplane.io/composite: pgsql-gc9x4 + name: pgsql-gc9x4 + namespace: vshn-postgresql-pgsql-gc9x4 + spec: + dnsNames: + - pgsql-gc9x4.vshn-postgresql-pgsql-gc9x4.svc.cluster.local + - pgsql-gc9x4.vshn-postgresql-pgsql-gc9x4.svc + duration: 87600h0m0s + issuerRef: + group: cert-manager.io + kind: Issuer + name: pgsql-gc9x4 + privateKey: + algorithm: RSA + encoding: PKCS1 + size: 4096 + renewBefore: 2400h0m0s + secretName: tls-certificate + subject: + organizations: + - vshn-appcat + usages: + - server auth + - client auth + status: {} + managementPolicies: + - '*' + providerConfigRef: + name: kubernetes + readiness: + policy: SuccessfulCreate + watch: false + status: + conditions: + - lastTransitionTime: "2024-09-26T14:37:33Z" + reason: Available + status: "True" + type: Ready + - lastTransitionTime: "2024-09-26T14:37:32Z" + reason: ReconcileSuccess + status: "True" + type: Synced + + "pg-bucket": + connection_details: + AWS_ACCESS_KEY_ID: whatever + AWS_REGION: whatever + AWS_SECRET_ACCESS_KEY: whatever + BUCKET_NAME: whatever + ENDPOINT: whatever + ENDPOINT_URL: whatever + resource: + apiVersion: appcat.vshn.io/v1 + kind: XObjectBucket + metadata: + name: pgsql-gc9x4 + labels: + appuio.io/organization: vshn + crossplane.io/claim-name: pgsql + crossplane.io/claim-namespace: unit-test + crossplane.io/composite: pgsql-gc9x4 + spec: + parameters: + bucketName: pgsql-gc9x4 + providerRef: + name: s3 + region: ch-gva-2 + security: + deletionProtection: false + allowAllNamespaces: false + writeConnectionSecretToRef: + name: pgsql-gc9x4 + namespace: vshn-postgresql-pgsql-gc9x4 + status: + conditions: + - lastTransitionTime: "2024-09-27T08:06:34Z" + reason: ReconcileSuccess + status: "True" + type: Synced + - lastTransitionTime: "2024-09-26T14:37:37Z" + reason: Available + status: "True" + type: Ready + connectionDetails: + lastPublishedTime: "2024-09-26T14:37:37Z" namespace-conditions: resource: apiVersion: kubernetes.crossplane.io/v1alpha2 diff --git a/test/functions/vshn-postgres/deploy/03_with_restore.yaml b/test/functions/vshn-postgres/deploy/03_with_restore.yaml index d3c7561423..b4ec225ce1 100644 --- a/test/functions/vshn-postgres/deploy/03_with_restore.yaml +++ b/test/functions/vshn-postgres/deploy/03_with_restore.yaml @@ -129,6 +129,140 @@ observed: status: instanceNamespace: vshn-postgresql-pgsql-gc9x4 resources: + certificate: + resource: + apiVersion: kubernetes.crossplane.io/v1alpha2 + kind: Object + metadata: + annotations: + crossplane.io/composition-resource-name: certificate + crossplane.io/external-create-pending: "2024-09-26T14:37:32Z" + crossplane.io/external-create-succeeded: "2024-09-26T14:37:32Z" + crossplane.io/external-name: pgsql-gc9x4-certificate + creationTimestamp: "2024-09-26T14:37:32Z" + finalizers: + - finalizer.managedresource.crossplane.io + generateName: pgsql-gc9x4- + generation: 38 + labels: + appcat.vshn.io/ownerapiversion: v1 + appcat.vshn.io/ownergroup: vshn.appcat.vshn.io + appcat.vshn.io/ownerkind: XVSHNPostgreSQL + crossplane.io/claim-name: postgresql-widera-test3 + crossplane.io/claim-namespace: widera-testing + crossplane.io/composite: pgsql-gc9x4 + manager: crossplane-kubernetes-provider + operation: Update + subresource: status + time: "2024-09-26T14:37:34Z" + name: pgsql-gc9x4-certificate + ownerReferences: + - apiVersion: vshn.appcat.vshn.io/v1 + blockOwnerDeletion: true + controller: true + kind: XVSHNPostgreSQL + name: pgsql-gc9x4 + uid: 4d072f13-029d-4d9d-bc24-0e4f622a9d3a + resourceVersion: "531293" + uid: 1ffeef69-4add-4d17-98ae-5c210cdd0503 + spec: + deletionPolicy: Delete + forProvider: + manifest: + apiVersion: cert-manager.io/v1 + kind: Certificate + metadata: + annotations: + appcat.vshn.io/forward-events-to: vshn.appcat.vshn.io/v1/VSHNPostgreSQL/widera-testing/postgresql-widera-test3 + labels: + appcat.vshn.io/ownerapiversion: v1 + appcat.vshn.io/ownergroup: vshn.appcat.vshn.io + appcat.vshn.io/ownerkind: XVSHNPostgreSQL + crossplane.io/composite: pgsql-gc9x4 + name: pgsql-gc9x4 + namespace: vshn-postgresql-pgsql-gc9x4 + spec: + dnsNames: + - pgsql-gc9x4.vshn-postgresql-pgsql-gc9x4.svc.cluster.local + - pgsql-gc9x4.vshn-postgresql-pgsql-gc9x4.svc + duration: 87600h0m0s + issuerRef: + group: cert-manager.io + kind: Issuer + name: pgsql-gc9x4 + privateKey: + algorithm: RSA + encoding: PKCS1 + size: 4096 + renewBefore: 2400h0m0s + secretName: tls-certificate + subject: + organizations: + - vshn-appcat + usages: + - server auth + - client auth + status: {} + managementPolicies: + - '*' + providerConfigRef: + name: kubernetes + readiness: + policy: SuccessfulCreate + watch: false + status: + conditions: + - lastTransitionTime: "2024-09-26T14:37:33Z" + reason: Available + status: "True" + type: Ready + - lastTransitionTime: "2024-09-26T14:37:32Z" + reason: ReconcileSuccess + status: "True" + type: Synced + + "pg-bucket": + connection_details: + AWS_ACCESS_KEY_ID: whatever + AWS_REGION: whatever + AWS_SECRET_ACCESS_KEY: whatever + BUCKET_NAME: whatever + ENDPOINT: whatever + ENDPOINT_URL: whatever + resource: + apiVersion: appcat.vshn.io/v1 + kind: XObjectBucket + metadata: + name: pgsql-gc9x4 + labels: + appuio.io/organization: vshn + crossplane.io/claim-name: pgsql + crossplane.io/claim-namespace: unit-test + crossplane.io/composite: pgsql-gc9x4 + spec: + parameters: + bucketName: pgsql-gc9x4 + providerRef: + name: s3 + region: ch-gva-2 + security: + deletionProtection: false + allowAllNamespaces: false + writeConnectionSecretToRef: + name: pgsql-gc9x4 + namespace: vshn-postgresql-pgsql-gc9x4 + status: + conditions: + - lastTransitionTime: "2024-09-27T08:06:34Z" + reason: ReconcileSuccess + status: "True" + type: Synced + - lastTransitionTime: "2024-09-26T14:37:37Z" + reason: Available + status: "True" + type: Ready + connectionDetails: + lastPublishedTime: "2024-09-26T14:37:37Z" namespace-conditions: resource: apiVersion: kubernetes.crossplane.io/v1alpha2