From d4cd2208eaaf4cf26503a6f79368ccec467bf118 Mon Sep 17 00:00:00 2001 From: Julien Bouquillon Date: Tue, 1 Aug 2023 23:24:20 +0200 Subject: [PATCH 1/6] tests: more --- .../__snapshot__/cnpg-cluster_test.yaml.snap | 12 ++++------ .../tests/values/backup-recovery.yaml | 24 ++++++++++++++++--- charts/cnpg-cluster/tests/values/backup.yaml | 1 - .../cnpg-cluster/tests/values/recovery.yaml | 3 +-- 4 files changed, 26 insertions(+), 14 deletions(-) diff --git a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap index 71b9688..a85356f 100644 --- a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap +++ b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap @@ -19,13 +19,12 @@ cluster with enabled backup and recovery: secretAccessKey: key: ACCESS_SECRET_KEY name: minio - serverName: some-cluster retentionPolicy: 30d bootstrap: recovery: recoveryTarget: targetTime: 2020-11-26 15:22:00.00000+00 - source: my-cluster-name-backup + source: my-cluster-to-restore externalClusters: - barmanObjectStore: destinationPath: s3://backups/ @@ -37,8 +36,7 @@ cluster with enabled backup and recovery: secretAccessKey: key: ACCESS_SECRET_KEY name: minio - serverName: recoveredCluster - name: my-cluster-name-backup + name: my-cluster-to-restore imageName: ghcr.io/cloudnative-pg/postgis:15 imagePullPolicy: IfNotPresent instances: 1 @@ -61,7 +59,7 @@ cluster with recovery enabled: recovery: recoveryTarget: targetTime: 2020-11-26 15:22:00.00000+00 - source: my-cluster-name-backup + source: my-cluster-to-restore externalClusters: - barmanObjectStore: destinationPath: s3://backups/ @@ -73,8 +71,7 @@ cluster with recovery enabled: secretAccessKey: key: ACCESS_SECRET_KEY name: minio - serverName: recoveredCluster - name: my-cluster-name-backup + name: my-cluster-to-restore imageName: ghcr.io/cloudnative-pg/postgis:15 imagePullPolicy: IfNotPresent instances: 1 @@ -102,7 +99,6 @@ cluster with scheduled backup enabled: secretAccessKey: key: ACCESS_SECRET_KEY name: minio - serverName: some-cluster retentionPolicy: 30d bootstrap: initdb: diff --git a/charts/cnpg-cluster/tests/values/backup-recovery.yaml b/charts/cnpg-cluster/tests/values/backup-recovery.yaml index 99c5c94..c6d70b2 100644 --- a/charts/cnpg-cluster/tests/values/backup-recovery.yaml +++ b/charts/cnpg-cluster/tests/values/backup-recovery.yaml @@ -1,10 +1,8 @@ -recovery: +backup: enabled: true - externalClusterName: my-cluster-name-backup barmanObjectStore: destinationPath: s3://backups/ endpointURL: http://minio:9000 - serverName: "some-cluster-to-recover" s3Credentials: accessKeyId: name: minio @@ -12,4 +10,24 @@ recovery: secretAccessKey: name: minio key: ACCESS_SECRET_KEY + region: + name: minio + key: ACCESS_REGION retentionPolicy: "30d" + +recovery: + enabled: true + externalClusterName: my-cluster-to-restore + barmanObjectStore: + destinationPath: s3://backups/ + endpointURL: http://minio:9000 + s3Credentials: + accessKeyId: + name: minio + key: ACCESS_KEY_ID + secretAccessKey: + name: minio + key: ACCESS_SECRET_KEY + region: + name: minio + key: ACCESS_REGION diff --git a/charts/cnpg-cluster/tests/values/backup.yaml b/charts/cnpg-cluster/tests/values/backup.yaml index 33b30de..f39573c 100644 --- a/charts/cnpg-cluster/tests/values/backup.yaml +++ b/charts/cnpg-cluster/tests/values/backup.yaml @@ -4,7 +4,6 @@ backup: barmanObjectStore: destinationPath: s3://backups/ endpointURL: http://minio:9000 - serverName: "some-cluster" s3Credentials: accessKeyId: name: minio diff --git a/charts/cnpg-cluster/tests/values/recovery.yaml b/charts/cnpg-cluster/tests/values/recovery.yaml index c31bef2..3f3791b 100644 --- a/charts/cnpg-cluster/tests/values/recovery.yaml +++ b/charts/cnpg-cluster/tests/values/recovery.yaml @@ -1,11 +1,10 @@ recovery: enabled: true - externalClusterName: my-cluster-name-backup + externalClusterName: my-cluster-to-restore targetTime: "2020-11-26 15:22:00.00000+00" barmanObjectStore: destinationPath: s3://backups/ endpointURL: http://minio:9000 - serverName: "recoveredCluster" s3Credentials: accessKeyId: name: minio From 153ae351901d6655b854cfafecac27f0cc2a6e45 Mon Sep 17 00:00:00 2001 From: Julien Bouquillon Date: Tue, 1 Aug 2023 23:30:27 +0200 Subject: [PATCH 2/6] fix --- .../cnpg-cluster/templates/backup-cron.yaml | 6 +-- .../__snapshot__/cnpg-cluster_test.yaml.snap | 44 ++++++++++++++++++- .../cnpg-cluster/tests/cnpg-cluster_test.yaml | 10 +++++ .../tests/values/backup-recovery.yaml | 33 -------------- 4 files changed, 56 insertions(+), 37 deletions(-) delete mode 100644 charts/cnpg-cluster/tests/values/backup-recovery.yaml diff --git a/charts/cnpg-cluster/templates/backup-cron.yaml b/charts/cnpg-cluster/templates/backup-cron.yaml index 59bd692..bd6adb4 100644 --- a/charts/cnpg-cluster/templates/backup-cron.yaml +++ b/charts/cnpg-cluster/templates/backup-cron.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: CronJob metadata: labels: - app: sre + app: cnpg-backup-s3-client name: backup-cron spec: schedule: "0 0 * * *" @@ -14,7 +14,7 @@ spec: template: metadata: labels: - app: sre + app: cnpg-backup-s3-client name: backup-cron spec: securityContext: @@ -23,7 +23,7 @@ spec: fsGroup: 1001 restartPolicy: Never containers: - - name: image-checker + - name: s3-client image: ghcr.io/socialgouv/docker/s3-client:1 imagePullPolicy: IfNotPresent securityContext: diff --git a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap index a85356f..44e2cf3 100644 --- a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap +++ b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap @@ -5,6 +5,48 @@ cluster with custom pgparams: work_mem: 512MB cluster with enabled backup and recovery: 1: | + concurrencyPolicy: Forbid + jobTemplate: + spec: + backoffLimit: 0 + template: + metadata: + labels: + app: cnpg-backup-s3-client + name: backup-cron + spec: + containers: + - env: + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + key: bucket_access_key + name: minio + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + key: bucket_secret_key + name: minio + - name: AWS_DEFAULT_REGION + valueFrom: + secretKeyRef: + key: bucket_region + name: minio + - name: AWS_ENDPOINT_URL + value: http://minio:9000 + - name: DESTINATION_PATH + value: s3://backups/dumps + envFrom: + - secretRef: + name: pg-hasura-app + image: ghcr.io/socialgouv/docker/s3-client:1 + imagePullPolicy: IfNotPresent + name: s3-client + securityContext: + allowPrivilegeEscalation: false + restartPolicy: Never + schedule: 0 0 * * * + 2: | backup: barmanObjectStore: destinationPath: s3://backups/ @@ -48,7 +90,7 @@ cluster with enabled backup and recovery: parameters: null storage: size: 8Gi - 2: | + 3: | backupOwnerReference: self cluster: name: RELEASE-NAME-cnpg-cluster diff --git a/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml b/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml index 226ac38..ead76fc 100644 --- a/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml +++ b/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml @@ -1,6 +1,7 @@ suite: test cnpg-cluster templates: - cluster.cnpg.yaml + - backup-cron.yaml - scheduledbackup.cnpg.yaml tests: - it: cluster should render @@ -11,6 +12,9 @@ tests: - template: cluster.cnpg.yaml hasDocuments: count: 1 + - template: backup-cron.yaml + hasDocuments: + count: 0 # waiting for release of https://github.com/helm-unittest/helm-unittest/commit/0ace2cc039c1fa33133ea1f26e7cae620443d42a # - containsDocument: # kind: CronJob @@ -48,6 +52,9 @@ tests: equal: path: spec.schedule value: "1 2 3 * * 0" + - template: backup-cron.yaml + hasDocuments: + count: 1 - it: cluster with recovery enabled values: - ./values/recovery.yaml @@ -62,6 +69,9 @@ tests: asserts: - matchSnapshot: path: spec + - template: backup-cron.yaml + hasDocuments: + count: 1 - it: cluster with custom pgparams values: - ./values/pgparams.yaml diff --git a/charts/cnpg-cluster/tests/values/backup-recovery.yaml b/charts/cnpg-cluster/tests/values/backup-recovery.yaml deleted file mode 100644 index c6d70b2..0000000 --- a/charts/cnpg-cluster/tests/values/backup-recovery.yaml +++ /dev/null @@ -1,33 +0,0 @@ -backup: - enabled: true - barmanObjectStore: - destinationPath: s3://backups/ - endpointURL: http://minio:9000 - s3Credentials: - accessKeyId: - name: minio - key: ACCESS_KEY_ID - secretAccessKey: - name: minio - key: ACCESS_SECRET_KEY - region: - name: minio - key: ACCESS_REGION - retentionPolicy: "30d" - -recovery: - enabled: true - externalClusterName: my-cluster-to-restore - barmanObjectStore: - destinationPath: s3://backups/ - endpointURL: http://minio:9000 - s3Credentials: - accessKeyId: - name: minio - key: ACCESS_KEY_ID - secretAccessKey: - name: minio - key: ACCESS_SECRET_KEY - region: - name: minio - key: ACCESS_REGION From 1a624762e1b20e2795b800eee087f69c449f75ee Mon Sep 17 00:00:00 2001 From: Julien Bouquillon Date: Wed, 2 Aug 2023 00:23:09 +0200 Subject: [PATCH 3/6] fix --- charts/cnpg-cluster/templates/cluster.cnpg.yaml | 4 ++-- .../tests/__snapshot__/cnpg-cluster_test.yaml.snap | 10 ++++++---- charts/cnpg-cluster/tests/values/recovery.yaml | 2 +- charts/cnpg-cluster/values.yaml | 3 ++- 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/charts/cnpg-cluster/templates/cluster.cnpg.yaml b/charts/cnpg-cluster/templates/cluster.cnpg.yaml index b32bebc..d183f68 100644 --- a/charts/cnpg-cluster/templates/cluster.cnpg.yaml +++ b/charts/cnpg-cluster/templates/cluster.cnpg.yaml @@ -80,7 +80,7 @@ spec: bootstrap: {{- if .Values.recovery.enabled }} recovery: - source: "{{ or .Values.recovery.externalClusterName "cnpg-cluster" }}" + source: "recovery-cluster" {{- if .Values.recovery.targetTime }} recoveryTarget: targetTime: "{{ .Values.recovery.targetTime }}" @@ -110,7 +110,7 @@ spec: {{- if .Values.recovery.enabled }} externalClusters: - - name: "{{ or .Values.recovery.externalClusterName "cnpg-cluster" }}" + - name: "recovery-cluster" barmanObjectStore: {{- toYaml .Values.recovery.barmanObjectStore | nindent 8 }} {{- end }} diff --git a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap index 44e2cf3..4182239 100644 --- a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap +++ b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap @@ -66,7 +66,7 @@ cluster with enabled backup and recovery: recovery: recoveryTarget: targetTime: 2020-11-26 15:22:00.00000+00 - source: my-cluster-to-restore + source: recovery-cluster externalClusters: - barmanObjectStore: destinationPath: s3://backups/ @@ -78,7 +78,8 @@ cluster with enabled backup and recovery: secretAccessKey: key: ACCESS_SECRET_KEY name: minio - name: my-cluster-to-restore + serverName: my-cluster-to-restore + name: recovery-cluster imageName: ghcr.io/cloudnative-pg/postgis:15 imagePullPolicy: IfNotPresent instances: 1 @@ -101,7 +102,7 @@ cluster with recovery enabled: recovery: recoveryTarget: targetTime: 2020-11-26 15:22:00.00000+00 - source: my-cluster-to-restore + source: recovery-cluster externalClusters: - barmanObjectStore: destinationPath: s3://backups/ @@ -113,7 +114,8 @@ cluster with recovery enabled: secretAccessKey: key: ACCESS_SECRET_KEY name: minio - name: my-cluster-to-restore + serverName: my-cluster-to-restore + name: recovery-cluster imageName: ghcr.io/cloudnative-pg/postgis:15 imagePullPolicy: IfNotPresent instances: 1 diff --git a/charts/cnpg-cluster/tests/values/recovery.yaml b/charts/cnpg-cluster/tests/values/recovery.yaml index 3f3791b..26737c6 100644 --- a/charts/cnpg-cluster/tests/values/recovery.yaml +++ b/charts/cnpg-cluster/tests/values/recovery.yaml @@ -1,10 +1,10 @@ recovery: enabled: true - externalClusterName: my-cluster-to-restore targetTime: "2020-11-26 15:22:00.00000+00" barmanObjectStore: destinationPath: s3://backups/ endpointURL: http://minio:9000 + serverName: my-cluster-to-restore s3Credentials: accessKeyId: name: minio diff --git a/charts/cnpg-cluster/values.yaml b/charts/cnpg-cluster/values.yaml index ce55180..013d14d 100644 --- a/charts/cnpg-cluster/values.yaml +++ b/charts/cnpg-cluster/values.yaml @@ -139,7 +139,6 @@ recovery: enabled: false # -- Name of the source cluster in the backups - externalClusterName: # -- Time to restore from, in RFC3339 format https://datatracker.ietf.org/doc/html/rfc3339 # targetTime: "2020-11-26 15:22:00.00000+00" @@ -149,6 +148,8 @@ recovery: barmanObjectStore: # destinationPath: # endpointURL: + # name of the recovery server on the s3 backups + # serverName: # s3Credentials: # accessKeyId: # name: From 4983c7c1cb35df7ee05552e318b8585899e245af Mon Sep 17 00:00:00 2001 From: Julien Bouquillon Date: Wed, 2 Aug 2023 00:33:21 +0200 Subject: [PATCH 4/6] fix --- charts/cnpg-cluster/templates/backup-cron.yaml | 2 +- .../tests/__snapshot__/cnpg-cluster_test.yaml.snap | 2 +- charts/cnpg-cluster/tests/cnpg-cluster_test.yaml | 4 ++++ charts/cnpg-cluster/tests/values/backup.yaml | 1 + charts/cnpg-cluster/values.yaml | 3 +++ 5 files changed, 10 insertions(+), 2 deletions(-) diff --git a/charts/cnpg-cluster/templates/backup-cron.yaml b/charts/cnpg-cluster/templates/backup-cron.yaml index bd6adb4..45b1247 100644 --- a/charts/cnpg-cluster/templates/backup-cron.yaml +++ b/charts/cnpg-cluster/templates/backup-cron.yaml @@ -6,7 +6,7 @@ metadata: app: cnpg-backup-s3-client name: backup-cron spec: - schedule: "0 0 * * *" + schedule: {{ or .Values.backup.sqlDumpSchedule .Values.backup.schedule "0 0 * * *" }} concurrencyPolicy: Forbid jobTemplate: spec: diff --git a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap index 4182239..e37b0b7 100644 --- a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap +++ b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap @@ -45,7 +45,7 @@ cluster with enabled backup and recovery: securityContext: allowPrivilegeEscalation: false restartPolicy: Never - schedule: 0 0 * * * + schedule: 4 5 6 * * 0 2: | backup: barmanObjectStore: diff --git a/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml b/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml index ead76fc..fcb4712 100644 --- a/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml +++ b/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml @@ -52,6 +52,10 @@ tests: equal: path: spec.schedule value: "1 2 3 * * 0" + - template: backup-cron.yaml + equal: + path: spec.schedule + value: "4 5 6 * * 0" - template: backup-cron.yaml hasDocuments: count: 1 diff --git a/charts/cnpg-cluster/tests/values/backup.yaml b/charts/cnpg-cluster/tests/values/backup.yaml index f39573c..6471eb2 100644 --- a/charts/cnpg-cluster/tests/values/backup.yaml +++ b/charts/cnpg-cluster/tests/values/backup.yaml @@ -1,6 +1,7 @@ backup: enabled: true schedule: "1 2 3 * * 0" + sqlDumpSchedule: "4 5 6 * * 0" barmanObjectStore: destinationPath: s3://backups/ endpointURL: http://minio:9000 diff --git a/charts/cnpg-cluster/values.yaml b/charts/cnpg-cluster/values.yaml index 013d14d..71fe110 100644 --- a/charts/cnpg-cluster/values.yaml +++ b/charts/cnpg-cluster/values.yaml @@ -75,6 +75,9 @@ backup: # this cron format has the seconds on the left schedule: "0 0 0 * * 0" + # -- Schedule the SQL dump backups, for instance every Sunday + sqlDumpSchedule: "0 0 0 * * 0" + # -- RetentionPolicy is the retention policy to be used for backups and WALs (i.e. '60d'). # The retention policy is expressed in the form of XXu where XX is a positive integer and # u is in [dwm] - days, weeks, months. From 6313357ef5e865324b55b5a47e5324232933c732 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mat=C3=A9o=20M=C3=A9vollon?= Date: Wed, 2 Aug 2023 12:32:22 +0200 Subject: [PATCH 5/6] fix: snapshot --- .../tests/__snapshot__/cnpg-cluster_test.yaml.snap | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap index e37b0b7..0a1bcdc 100644 --- a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap +++ b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap @@ -45,6 +45,10 @@ cluster with enabled backup and recovery: securityContext: allowPrivilegeEscalation: false restartPolicy: Never + securityContext: + fsGroup: 1001 + runAsGroup: 1001 + runAsUser: 1001 schedule: 4 5 6 * * 0 2: | backup: From b0ff69f5b4e1860b5aa8fcadf4db2c96f6c790db Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mat=C3=A9o=20M=C3=A9vollon?= Date: Wed, 2 Aug 2023 12:40:18 +0200 Subject: [PATCH 6/6] fix: cron format --- .../cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap | 2 +- charts/cnpg-cluster/tests/cnpg-cluster_test.yaml | 2 +- charts/cnpg-cluster/tests/values/backup.yaml | 2 +- charts/cnpg-cluster/values.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap index 0a1bcdc..4d1f3df 100644 --- a/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap +++ b/charts/cnpg-cluster/tests/__snapshot__/cnpg-cluster_test.yaml.snap @@ -49,7 +49,7 @@ cluster with enabled backup and recovery: fsGroup: 1001 runAsGroup: 1001 runAsUser: 1001 - schedule: 4 5 6 * * 0 + schedule: 4 5 * * 0 2: | backup: barmanObjectStore: diff --git a/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml b/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml index fcb4712..9e13955 100644 --- a/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml +++ b/charts/cnpg-cluster/tests/cnpg-cluster_test.yaml @@ -55,7 +55,7 @@ tests: - template: backup-cron.yaml equal: path: spec.schedule - value: "4 5 6 * * 0" + value: "4 5 * * 0" - template: backup-cron.yaml hasDocuments: count: 1 diff --git a/charts/cnpg-cluster/tests/values/backup.yaml b/charts/cnpg-cluster/tests/values/backup.yaml index 6471eb2..1a0f603 100644 --- a/charts/cnpg-cluster/tests/values/backup.yaml +++ b/charts/cnpg-cluster/tests/values/backup.yaml @@ -1,7 +1,7 @@ backup: enabled: true schedule: "1 2 3 * * 0" - sqlDumpSchedule: "4 5 6 * * 0" + sqlDumpSchedule: "4 5 * * 0" barmanObjectStore: destinationPath: s3://backups/ endpointURL: http://minio:9000 diff --git a/charts/cnpg-cluster/values.yaml b/charts/cnpg-cluster/values.yaml index 71fe110..7e30844 100644 --- a/charts/cnpg-cluster/values.yaml +++ b/charts/cnpg-cluster/values.yaml @@ -76,7 +76,7 @@ backup: schedule: "0 0 0 * * 0" # -- Schedule the SQL dump backups, for instance every Sunday - sqlDumpSchedule: "0 0 0 * * 0" + sqlDumpSchedule: "0 0 * * 0" # -- RetentionPolicy is the retention policy to be used for backups and WALs (i.e. '60d'). # The retention policy is expressed in the form of XXu where XX is a positive integer and