openstack/openstack-helm-infra
Code Issues Proposed changes

Add backup/restore configuration secret

Browse Source 
This patchset adds a secret containing the backup/restore configuration
for Postgresql, in case it is needed for invoking a backup/restore
operation from a different application or from a different namespace
(like from a utility container). Default is to not produce the secret.

Change-Id: I273fe169e7ee533c3fe04ad33c97af64b29bc16f
This commit is contained in:
Parsons, Cliff (cp769u) 2020-05-20 16:06:46 +00:00 committed by Cliff Parsons
parent 38775079fb
commit 9b6f5b267f
2 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
postgresql/templates/secret-backup-restore.yaml Normal file
View File

@ -0,0 +1,27 @@
{{/*
This manifest results a secret being created which has the key information
needed for backing up and restoring the Postgresql databases.
*/}}
{{- if and .Values.conf.backup.enabled .Values.manifests.secret_backup_restore }}
{{- $envAll := . }}
{{- $userClass := "backup_restore" }}
{{- $secretName := index $envAll.Values.secrets.postgresql $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
BACKUP_ENABLED: {{ $envAll.Values.conf.backup.enabled | b64enc }}
BACKUP_BASE_PATH: {{ $envAll.Values.conf.backup.base_path | b64enc }}
LOCAL_DAYS_TO_KEEP: {{ $envAll.Values.conf.backup.days_to_keep | quote | b64enc }}
PG_DUMPALL_OPTIONS: {{ $envAll.Values.conf.backup.pg_dumpall_options | b64enc }}
REMOTE_BACKUP_ENABLED: {{ $envAll.Values.conf.backup.remote_backup.enabled | b64enc }}
REMOTE_BACKUP_CONTAINER: {{ $envAll.Values.conf.backup.remote_backup.container_name | b64enc }}
REMOTE_BACKUP_DAYS_TO_KEEP: {{ $envAll.Values.conf.backup.remote_backup.days_to_keep | quote | b64enc }}
REMOTE_BACKUP_STORAGE_POLICY: {{ $envAll.Values.conf.backup.remote_backup.storage_policy | b64enc }}
...
{{- end }}

2
postgresql/values.yaml
View File

@ -419,6 +419,7 @@ secrets:
server: postgresql-server-pki
exporter: postgresql-exporter
audit: postgresql-audit
backup_restore: postgresql-backup-restore
identity:
admin: keystone-admin-user
postgresql: postgresql-backup-user
@ -532,6 +533,7 @@ manifests:
secret_server: true
secret_etc: true
secret_audit: true
secret_backup_restore: false
service: true
statefulset: true
cron_job_postgresql_backup: false