From 737f0e78c2a84d19b71b69945cb76dedf9bb179f Mon Sep 17 00:00:00 2001 From: Jean-Marc Andre Date: Thu, 3 Jun 2021 09:18:48 +0200 Subject: [PATCH] backup init steps might need env from secrets or configmaps --- api/v1alpha1/backupconfiguration_types.go | 2 -- api/v1alpha1/zz_generated.deepcopy.go | 7 ------- controllers/backupconfiguration_controller.go | 2 ++ controllers/backupconfiguration_controller_test.go | 6 ------ controllers/backupsession_controller.go | 2 +- controllers/restoresession_controller.go | 2 +- controllers/suite_test.go | 12 ++++++------ pkg/rbac/backupconfiguration.go | 4 ++-- 8 files changed, 12 insertions(+), 25 deletions(-) diff --git a/api/v1alpha1/backupconfiguration_types.go b/api/v1alpha1/backupconfiguration_types.go index 7370544..7b156bf 100644 --- a/api/v1alpha1/backupconfiguration_types.go +++ b/api/v1alpha1/backupconfiguration_types.go @@ -30,8 +30,6 @@ const ( type Step struct { Name string `json:"name"` // +optional - Env []corev1.EnvVar `json:"env,omitempty"` - // +optional Finalize *bool `json:"finalize,omitempty"` } diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 743bb90..52c08e3 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -569,13 +569,6 @@ func (in *S3) DeepCopy() *S3 { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Step) DeepCopyInto(out *Step) { *out = *in - if in.Env != nil { - in, out := &in.Env, &out.Env - *out = make([]v1.EnvVar, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } if in.Finalize != nil { in, out := &in.Finalize, &out.Finalize *out = new(bool) diff --git a/controllers/backupconfiguration_controller.go b/controllers/backupconfiguration_controller.go index 35fb39e..a56bb96 100644 --- a/controllers/backupconfiguration_controller.go +++ b/controllers/backupconfiguration_controller.go @@ -51,6 +51,8 @@ var _ reconcile.Reconciler = &BackupConfigurationReconciler{} // +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=apps,resources=replicasets,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list;watch +// +kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;watch +// +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch // +kubebuilder:rbac:groups=core,resources=serviceaccounts,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=rbac.authorization.k8s.io,resources=roles,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=rbac.authorization.k8s.io,resources=rolebindings,verbs=get;list;watch;create;update;patch;delete diff --git a/controllers/backupconfiguration_controller_test.go b/controllers/backupconfiguration_controller_test.go index 319d6d6..1bd6ac9 100644 --- a/controllers/backupconfiguration_controller_test.go +++ b/controllers/backupconfiguration_controller_test.go @@ -62,12 +62,6 @@ var _ = Describe("Testing BackupConf controller", func() { Steps: []formolv1alpha1.Step{ formolv1alpha1.Step{ Name: TestBackupFuncName, - Env: []corev1.EnvVar{ - corev1.EnvVar{ - Name: "foo", - Value: "bar", - }, - }, }, }, }, diff --git a/controllers/backupsession_controller.go b/controllers/backupsession_controller.go index 4700c9d..5f2abae 100644 --- a/controllers/backupsession_controller.go +++ b/controllers/backupsession_controller.go @@ -212,7 +212,7 @@ func (r *BackupSessionReconciler) Reconcile(ctx context.Context, req reconcile.R return err } function.Spec.Name = function.Name - function.Spec.Env = append(step.Env, backupSessionEnv...) + function.Spec.Env = append(function.Spec.Env, backupSessionEnv...) function.Spec.VolumeMounts = append(function.Spec.VolumeMounts, output) job.Spec.Template.Spec.InitContainers = append(job.Spec.Template.Spec.InitContainers, function.Spec) } diff --git a/controllers/restoresession_controller.go b/controllers/restoresession_controller.go index 0f119c7..eb3f917 100644 --- a/controllers/restoresession_controller.go +++ b/controllers/restoresession_controller.go @@ -200,7 +200,7 @@ func (r *RestoreSessionReconciler) Reconcile(ctx context.Context, req reconcile. return err } function.Spec.Name = function.Name - function.Spec.Env = append(step.Env, restoreSessionEnv...) + function.Spec.Env = append(function.Spec.Env, restoreSessionEnv...) function.Spec.VolumeMounts = append(function.Spec.VolumeMounts, output) job.Spec.Template.Spec.InitContainers = append(job.Spec.Template.Spec.InitContainers, function.Spec) } diff --git a/controllers/suite_test.go b/controllers/suite_test.go index 0fdc255..0eb694a 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -159,6 +159,12 @@ var ( Name: "backup-func", Image: "myimage", Args: []string{"a", "set", "of", "args"}, + Env: []corev1.EnvVar{ + corev1.EnvVar{ + Name: "foo", + Value: "bar", + }, + }, }, } testBackupConf = &formolv1alpha1.BackupConfiguration{ @@ -201,12 +207,6 @@ var ( }, formolv1alpha1.Step{ Name: TestBackupFuncName, - Env: []corev1.EnvVar{ - corev1.EnvVar{ - Name: "foo", - Value: "bar", - }, - }, }, }, }, diff --git a/pkg/rbac/backupconfiguration.go b/pkg/rbac/backupconfiguration.go index a03f66c..a3d729d 100644 --- a/pkg/rbac/backupconfiguration.go +++ b/pkg/rbac/backupconfiguration.go @@ -217,7 +217,7 @@ func CreateFormolRBAC(cl client.Client, saName string, namespace string) error { rbacv1.PolicyRule{ Verbs: []string{"get", "list", "watch"}, APIGroups: []string{""}, - Resources: []string{"pods"}, + Resources: []string{"pods", "secrets", "configmaps"}, }, rbacv1.PolicyRule{ Verbs: []string{"get", "list", "watch"}, @@ -281,7 +281,7 @@ func CreateBackupSessionListenerRBAC(cl client.Client, saName string, namespace rbacv1.PolicyRule{ Verbs: []string{"get", "list", "watch"}, APIGroups: []string{""}, - Resources: []string{"pods"}, + Resources: []string{"pods", "secrets", "configmaps"}, }, rbacv1.PolicyRule{ Verbs: []string{"get", "list", "watch"},