Skip to content

Commit

Permalink
[cherry-pick] Use username/password as keys in Postgres secret (#270) (
Browse files Browse the repository at this point in the history
…#271)

/cherry-pick

Signed-off-by: Tamal Saha <tamal@appscode.com>

Co-authored-by: Tamal Saha <tamal@appscode.com>
  • Loading branch information
1gtm and tamalsaha authored Oct 8, 2020
1 parent f583dac commit 50d9b08
Show file tree
Hide file tree
Showing 9 changed files with 45 additions and 31 deletions.
7 changes: 0 additions & 7 deletions docs/examples/backup/appbinding.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,5 @@ spec:
scheme: postgresql
secret:
name: sample-postgres-auth
secretTransforms:
- renameKey:
from: POSTGRES_USER
to: username
- renameKey:
from: POSTGRES_PASSWORD
to: password
type: kubedb.com/postgres
version: "10.14"
7 changes: 0 additions & 7 deletions docs/standalone.md
Original file line number Diff line number Diff line change
Expand Up @@ -148,13 +148,6 @@ spec:
scheme: postgresql
secret:
name: sample-postgres-auth
secretTransforms:
- renameKey:
from: POSTGRES_USER
to: username
- renameKey:
from: POSTGRES_PASSWORD
to: password
type: kubedb.com/postgres
version: "10.14"
```
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ require (
k8s.io/client-go v12.0.0+incompatible
k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6
k8s.io/kubernetes v1.18.9 // indirect
kmodules.xyz/client-go v0.0.0-20201007024140-3223988adf40
kmodules.xyz/client-go v0.0.0-20201008164401-74d81f261ec5
kmodules.xyz/crd-schema-fuzz v0.0.0-20200922204806-c1426cd7fcf4
kmodules.xyz/custom-resources v0.0.0-20201008012351-6d8090f759d4
kmodules.xyz/objectstore-api v0.0.0-20200922210707-59bab27e5d41 // indirect
Expand Down
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -955,8 +955,8 @@ kmodules.xyz/client-go v0.0.0-20200818143024-600fef263e03/go.mod h1:sY/eoe4ktxZE
kmodules.xyz/client-go v0.0.0-20200915091229-7df16c29f4e8 h1:C6+M9aTLhPCmsJ8dmhPvkr7Qe2MN+iiY3kZvbonhS9E=
kmodules.xyz/client-go v0.0.0-20200915091229-7df16c29f4e8/go.mod h1:sY/eoe4ktxZEoHpr5NpAQ5s22VSwTE8psJtKVeVgLRY=
kmodules.xyz/client-go v0.0.0-20200922200830-63d86b6e5b63/go.mod h1:JZN34jqk6ZlR+QOnBPpnUVBab4rmfamqxfSvLaulBMY=
kmodules.xyz/client-go v0.0.0-20201007024140-3223988adf40 h1:XQLn2whq+TYbGxVloiyopxSM9jsqjqvWQjltXFKd+aA=
kmodules.xyz/client-go v0.0.0-20201007024140-3223988adf40/go.mod h1:pnRh7gtJ6ErPJQBkQeRlpD95KRtxhD4eGrYagZEU8RM=
kmodules.xyz/client-go v0.0.0-20201008164401-74d81f261ec5 h1:mGySTT2dC8u2FQDUFbDLcOt7GM+IkXqlH2xzATyddKg=
kmodules.xyz/client-go v0.0.0-20201008164401-74d81f261ec5/go.mod h1:pnRh7gtJ6ErPJQBkQeRlpD95KRtxhD4eGrYagZEU8RM=
kmodules.xyz/constants v0.0.0-20200506032633-a21e58ceec72/go.mod h1:DbiFk1bJ1KEO94t1SlAn7tzc+Zz95rSXgyUKa2nzPmY=
kmodules.xyz/crd-schema-fuzz v0.0.0-20200521005638-2433a187de95 h1:v0S/+ftzL6Xrs9XevgchAOJyPKlRQXPiZf87xotj3X4=
kmodules.xyz/crd-schema-fuzz v0.0.0-20200521005638-2433a187de95/go.mod h1:jpu8xFsDKd6kAWUAKk8oTu/GQGBWqhrcaDeOJdaCJnk=
Expand Down
6 changes: 4 additions & 2 deletions pkg/backup.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,11 @@ import (
"github.com/appscode/go/flags"
"github.com/spf13/cobra"
license "go.bytebuilders.dev/license-verifier/kubernetes"
core "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/tools/clientcmd"
meta_util "kmodules.xyz/client-go/meta"
appcatalog "kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1"
appcatalog_cs "kmodules.xyz/custom-resources/client/clientset/versioned"
v1 "kmodules.xyz/offshoot-api/api/v1"
Expand Down Expand Up @@ -210,12 +212,12 @@ func (opt *postgresOptions) backupPostgreSQL(targetRef api_v1beta1.TargetRef) (*
}

// set env for pg_dump/pg_dumpall
resticWrapper.SetEnv(EnvPgPassword, string(appBindingSecret.Data[PostgresPassword]))
resticWrapper.SetEnv(EnvPgPassword, must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthPasswordKey, envPostgresPassword)))
// setup pipe command
opt.backupOptions.StdinPipeCommand = restic.Command{
Name: pgBackupCMD,
Args: []interface{}{
"-U", string(appBindingSecret.Data[PostgresUser]),
"-U", must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthUsernameKey, envPostgresUser)),
"-h", appBinding.Spec.ClientConfig.Service.Name,
},
}
Expand Down
6 changes: 4 additions & 2 deletions pkg/restore.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,11 @@ import (
"github.com/appscode/go/flags"
"github.com/spf13/cobra"
license "go.bytebuilders.dev/license-verifier/kubernetes"
core "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/tools/clientcmd"
meta_util "kmodules.xyz/client-go/meta"
appcatalog "kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1"
appcatalog_cs "kmodules.xyz/custom-resources/client/clientset/versioned"
v1 "kmodules.xyz/offshoot-api/api/v1"
Expand Down Expand Up @@ -171,12 +173,12 @@ func (opt *postgresOptions) restorePostgreSQL(targetRef api_v1beta1.TargetRef) (
}

// set env for psql
resticWrapper.SetEnv(EnvPgPassword, string(appBindingSecret.Data[PostgresPassword]))
resticWrapper.SetEnv(EnvPgPassword, must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthPasswordKey, envPostgresPassword)))
// setup pipe command
opt.dumpOptions.StdoutPipeCommand = restic.Command{
Name: PgRestoreCMD,
Args: []interface{}{
"-U", string(appBindingSecret.Data[PostgresUser]),
"-U", must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthUsernameKey, envPostgresUser)),
"-h", appBinding.Spec.ClientConfig.Service.Name,
},
}
Expand Down
29 changes: 20 additions & 9 deletions pkg/util.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,18 +26,22 @@ import (
"github.com/codeskyblue/go-sh"
core "k8s.io/api/core/v1"
"k8s.io/client-go/kubernetes"
meta_util "kmodules.xyz/client-go/meta"
"kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1"
appcatalog_cs "kmodules.xyz/custom-resources/client/clientset/versioned"
)

const (
PostgresUser = "POSTGRES_USER"
PostgresPassword = "POSTGRES_PASSWORD"
EnvPgPassword = "PGPASSWORD"
PgDumpFile = "dumpfile.sql"
PgDumpCMD = "pg_dump"
PgDumpallCMD = "pg_dumpall"
PgRestoreCMD = "psql"
EnvPgPassword = "PGPASSWORD"
PgDumpFile = "dumpfile.sql"
PgDumpCMD = "pg_dump"
PgDumpallCMD = "pg_dumpall"
PgRestoreCMD = "psql"

// Deprecated
envPostgresUser = "POSTGRES_USER"
// Deprecated
envPostgresPassword = "POSTGRES_PASSWORD"
)

type postgresOptions struct {
Expand All @@ -58,14 +62,21 @@ type postgresOptions struct {
dumpOptions restic.DumpOptions
}

func must(v []byte, err error) string {
if err != nil {
panic(err)
}
return string(v)
}

func waitForDBReady(appBinding *v1alpha1.AppBinding, secret *core.Secret, waitTimeout int32) error {
log.Infoln("Waiting for the database to be ready.....")
shell := sh.NewSession()
shell.SetEnv(EnvPgPassword, string(secret.Data[PostgresPassword]))
shell.SetEnv(EnvPgPassword, must(meta_util.GetBytesForKeys(secret.Data, core.BasicAuthPasswordKey, envPostgresPassword)))
args := []interface{}{
fmt.Sprintf("--host=%s", appBinding.Spec.ClientConfig.Service.Name),
fmt.Sprintf("--port=%d", appBinding.Spec.ClientConfig.Service.Port),
fmt.Sprintf("--username=%s", secret.Data[PostgresUser]),
fmt.Sprintf("--username=%s", must(meta_util.GetBytesForKeys(secret.Data, core.BasicAuthUsernameKey, envPostgresUser))),
fmt.Sprintf("--timeout=%d", waitTimeout),
}
return shell.Command("pg_isready", args...).Run()
Expand Down
13 changes: 13 additions & 0 deletions vendor/kmodules.xyz/client-go/meta/annotations.go
Original file line number Diff line number Diff line change
Expand Up @@ -187,3 +187,16 @@ func GetStringValueForKeys(m map[string]string, key string, alts ...string) (str
}
return "", kutil.ErrNotFound
}

func GetBytesForKeys(m map[string][]byte, key string, alts ...string) ([]byte, error) {
if m == nil {
return nil, kutil.ErrNotFound
}
keys := append([]string{key}, alts...)
for _, k := range keys {
if v, ok := m[k]; ok {
return v, nil
}
}
return nil, kutil.ErrNotFound
}
2 changes: 1 addition & 1 deletion vendor/modules.txt
Original file line number Diff line number Diff line change
Expand Up @@ -843,7 +843,7 @@ k8s.io/utils/net
k8s.io/utils/path
k8s.io/utils/pointer
k8s.io/utils/trace
# kmodules.xyz/client-go v0.0.0-20201007024140-3223988adf40
# kmodules.xyz/client-go v0.0.0-20201008164401-74d81f261ec5
kmodules.xyz/client-go
kmodules.xyz/client-go/api/v1
kmodules.xyz/client-go/apiextensions
Expand Down

0 comments on commit 50d9b08

Please sign in to comment.