Skip to content

feat: CNPG recovery options #1926

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 19 commits into from
Mar 19, 2025
Merged

feat: CNPG recovery options #1926

Show file tree
Hide file tree
Changes from 16 commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
379a084
feat: added values for cnpg bootstrap
merll Jan 31, 2025
80d2e44
chore: clean up
merll Jan 31, 2025
85ecffe
fix: added defaults
merll Jan 31, 2025
9f07ffd
fix: deploy harbor artifacts before main chart
merll Jan 31, 2025
27b6f6c
fix: template
merll Jan 31, 2025
f93677a
feat: allow for changing backup path
merll Feb 3, 2025
4de656a
fix: gitea app backup remote retention
merll Feb 4, 2025
49acca8
chore: upgrade rclone to latest release
merll Feb 4, 2025
6a72436
chore: clean up unused values
merll Feb 4, 2025
5cb9d82
feat: updated schema
merll Feb 5, 2025
585a910
Merge branch 'main'
merll Feb 5, 2025
564704b
Merge branch 'main' into APL-220-cnpg-recovery
Ani1357 Mar 5, 2025
2b83b55
Merge branch 'main' into APL-220-cnpg-recovery
Ani1357 Mar 5, 2025
2c29d95
fix: remove rclone binary on checksum mismatch
merll Mar 6, 2025
84dc592
fix: paths
merll Mar 6, 2025
26d7723
Merge branch 'main' into APL-220-cnpg-recovery
Ani1357 Mar 7, 2025
092d1cc
Merge branch 'main' into APL-220-cnpg-recovery
j-zimnowoda Mar 10, 2025
7e56e68
Merge branch 'main'
merll Mar 19, 2025
2e9a5ef
test: added recovery config to fixtures
merll Mar 19, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 2 additions & 19 deletions charts/otomi-db/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,25 +21,8 @@ clusterAffinity:
topologyKey: kubernetes.io/hostname
podAntiAffinityType: preferred

# Example for backups:
# clusterBackup:
# backup:
# barmanObjectStore:
# destinationPath: s3://bucket/
# endpointURL: "http://minio.minio.svc.cluster.local:9000"
# s3Credentials:
# accessKeyId:
# name: minio-creds
# key: MINIO_ACCESS_KEY
# secretAccessKey:
# name: minio-creds
# key: MINIO_SECRET_KEY

clusterSpec:
bootstrap:
initdb:
database: app
owner: app
bootstrap: {}

backup:
enabled: false
Expand All @@ -53,4 +36,4 @@ backup:
minioLocal:
destinationPath: ""
linode:
destinationPath: ""
destinationPath: ""
8 changes: 7 additions & 1 deletion helmfile.d/helmfile-03.init.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ releases:
namespace: argocd
labels:
app: core
<<: *default
<<: *default
- name: otomi-operator
installed: true
namespace: otomi-operator
Expand Down Expand Up @@ -57,6 +57,12 @@ releases:
pkg: apl-gitea-operator
app: core
<<: *default
- name: harbor-artifacts
installed: {{ $a | get "harbor.enabled" }}
namespace: harbor
labels:
pkg: harbor
<<: *raw
- name: apl-harbor-operator-artifacts
installed: {{ $a | get "harbor.enabled" }}
namespace: apl-harbor-operator
Expand Down
2 changes: 1 addition & 1 deletion helmfile.d/helmfile-04.databases.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ releases:
pkg: keycloak
<<: *otomiDb
- name: gitea-otomi-db
installed: {{ or $v.databases.gitea.useOtomiDB $v.databases.gitea.imported }}
installed: true
namespace: gitea
labels:
pkg: gitea
Expand Down
10 changes: 1 addition & 9 deletions helmfile.d/helmfile-09.init.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,6 @@ bases:
{{ readFile "snippets/templates.gotmpl" }}
{{- $v := .Values }}
{{- $a := $v.apps }}
{{- $h := $a.harbor }}
{{- $k := $a.keycloak }}

releases:
- name: knative-serving-artifacts
Expand Down Expand Up @@ -40,12 +38,6 @@ releases:
labels:
pkg: minio
<<: *default
- name: harbor-artifacts
installed: {{ $h | get "enabled" }}
namespace: harbor
labels:
pkg: harbor
<<: *raw
- name: tekton-triggers
installed: true
namespace: tekton-pipelines
Expand All @@ -58,4 +50,4 @@ releases:
namespace: otomi-pipelines
labels:
app: core
<<: *default
<<: *default
28 changes: 21 additions & 7 deletions helmfile.d/snippets/defaults.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ environments:
memory: 64Mi
limits:
cpu: 200m
memory: 256Mi
memory: 256Mi
_rawValues: {}
argocd:
controllerStatusProcessors: 20
Expand Down Expand Up @@ -249,7 +249,7 @@ environments:
condition: (
container.image.repository in (
docker.io/gitea/gitea
) or (k8s.ns.name = "keycloak")
) or (k8s.ns.name = "keycloak")
)
- macro: user_known_create_files_below_dev_activities
condition: (
Expand Down Expand Up @@ -881,7 +881,7 @@ environments:
cpu: 100m
memory: 256Mi
persistence:
master:
master:
size: 1Gi
sentinel:
size: 1Gi
Expand Down Expand Up @@ -1037,7 +1037,7 @@ environments:
memory: 24Mi
limits:
cpu: 100m
memory: 128Mi
memory: 128Mi
_rawValues: {}
otel:
enabled: false
Expand Down Expand Up @@ -1261,9 +1261,10 @@ environments:
databases:
keycloak:
imageName: null
imported: false
size: 5Gi
replicas: 2
recovery: {}
externalClusters: []
resources:
limits:
cpu: "200m"
Expand All @@ -1276,6 +1277,8 @@ environments:
size: 5Gi
replicas: 2
coreDatabase: registry
recovery: {}
externalClusters: []
resources:
limits:
cpu: "200m"
Expand All @@ -1285,10 +1288,10 @@ environments:
memory: 192Mi
gitea:
imageName: null
useOtomiDB: true
imported: false
size: 5Gi
replicas: 2
recovery: {}
externalClusters: []
resources:
limits:
cpu: "200m"
Expand All @@ -1303,12 +1306,23 @@ environments:
database:
harbor:
enabled: false
retentionPolicy: 7d
schedule: 0 0 * * *
pathSuffix: harbor
gitea:
enabled: false
retentionPolicy: 7d
schedule: 0 0 * * *
pathSuffix: gitea
keycloak:
enabled: false
retentionPolicy: 7d
schedule: 0 0 * * *
pathSuffix: keycloak
gitea:
enabled: false
retentionPolicy: 7d
schedule: 0 0 * * *
cluster:
provider: linode
name: apl
Expand Down
2 changes: 1 addition & 1 deletion tests/fixtures/env/settings.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ platformBackups:
gitea:
enabled: true
retentionPolicy: 7d
schedule: 0 0 0 * * *
schedule: 0 0 * * *
persistentVolumes: {}
smtp:
auth_username: [email protected]
Expand Down
5 changes: 5 additions & 0 deletions values-changes.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -336,3 +336,8 @@ changes:
- databases.harbor.resources.limits.cpu: '200m'
- databases.harbor.resources.requests.memory: '192Mi'
- databases.harbor.resources.requests.cpu: '200m'
- version: 33
deletions:
- 'databases.keycloak.imported'
- 'databases.gitea.imported'
- 'databases.gitea.useOtomiDB'
53 changes: 43 additions & 10 deletions values-schema.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1655,7 +1655,7 @@ properties:
$ref: '#/definitions/email'
issuer:
description: |
Indicates the origin of the wildcard certificate.
Indicates the origin of the wildcard certificate.
The custom-ca - cert-manager uses the customRootCA to generate wildcard certificate.
The letsencrypt - cert-manager requests certificate from letsencrypt endpoint.
The byo-wildcard-cert allows users to bring their own trusted wildcard certificate (cert-manager not involved)
Expand Down Expand Up @@ -3168,6 +3168,10 @@ properties:
$ref: '#/definitions/backupRetentionPolicy'
schedule:
$ref: '#/definitions/backupSchedule'
pathSuffix:
type: string
pattern: '^[a-z0-9]([-a-z0-9]*[a-z0-9])$'
default: harbor
gitea:
title: Gitea
properties:
Expand All @@ -3180,6 +3184,10 @@ properties:
$ref: '#/definitions/backupRetentionPolicy'
schedule:
$ref: '#/definitions/backupSchedule'
pathSuffix:
type: string
pattern: '^[a-z0-9]([-a-z0-9]*[a-z0-9])$'
default: gitea
keycloak:
title: Keycloak
properties:
Expand All @@ -3192,6 +3200,10 @@ properties:
$ref: '#/definitions/backupRetentionPolicy'
schedule:
$ref: '#/definitions/backupSchedule'
pathSuffix:
type: string
pattern: '^[a-z0-9]([-a-z0-9]*[a-z0-9])$'
default: keycloak
persistentVolumes:
type: object
description: Create backups of persistent volumes
Expand Down Expand Up @@ -3293,9 +3305,16 @@ properties:
replicas:
type: integer
default: 2
imported:
type: boolean
default: false
recovery:
type: object
additionalProperties: true
default: {}
externalClusters:
type: array
items:
type: object
additionalProperties: true
default: []
harbor:
title: Harbor
properties:
Expand All @@ -3306,22 +3325,36 @@ properties:
replicas:
type: integer
default: 2
recovery:
type: object
additionalProperties: true
default: {}
externalClusters:
type: array
items:
type: object
additionalProperties: true
default: []
gitea:
title: gitea
properties:
useOtomiDB:
type: boolean
default: false
size:
type: string
resources:
$ref: '#/definitions/resources'
replicas:
type: integer
default: 2
imported:
type: boolean
default: false
recovery:
type: object
additionalProperties: true
default: {}
externalClusters:
type: array
items:
type: object
additionalProperties: true
default: []
teamConfig:
additionalProperties: false
patternProperties:
Expand Down
34 changes: 7 additions & 27 deletions values/gitea/gitea-otomi-db.gotmpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,44 +29,21 @@ backup:
type: {{ $obj.type }}
{{- if eq $obj.type "minioLocal" }}
minioLocal:
destinationPath: "s3://cnpg/gitea"
destinationPath: "s3://cnpg/{{ $b.pathSuffix }}"
{{- end }}
{{- if eq $obj.type "linode" }}
linode:
destinationPath: "s3://{{ $obj.linode.buckets.cnpg }}/gitea"
destinationPath: "s3://{{ $obj.linode.buckets.cnpg }}/{{ $b.pathSuffix }}"
endpointURL: https://{{ $obj.linode.region }}.linodeobjects.com
{{- end }}
{{- end }}
{{- end }}

{{- if $gdb.imported }}
clusterSpec:
bootstrap:
initdb:
database: gitea
owner: gitea
secret:
name: gitea-db-secret
import:
type: microservice
databases:
- gitea
source:
externalCluster: gitea-postgresql
externalClusters:
- name: gitea-postgresql
connectionParameters:
host: gitea-postgresql.gitea.svc.cluster.local
user: gitea
dbname: gitea
sslmode: disable
password:
name: gitea-postgresql
key: postgresql-password

{{- if $gdb.recovery }}
recovery: {{ toYaml $gdb.recovery | nindent 6 }}
{{- else }}
clusterSpec:
bootstrap:
initdb:
database: gitea
owner: gitea
Expand All @@ -75,5 +52,8 @@ clusterSpec:
localeCollate: 'en_US.UTF-8'
localeCType: 'en_US.UTF-8'
{{- end }}
{{- if $gdb.externalClusters }}
externalClusters: {{ toYaml $gdb.externalClusters | nindent 4 }}
{{- end }}

resources: {{- toYaml $gdb.resources | nindent 2 }}
Loading