The BackupSession controller in the sidecar should get the latest informtation about the repository everytime it reconciles because it might change

2023-03-06 23:04:39 +01:00 · 2023-03-06 23:04:39 +01:00 · f0c17e061f
commit f0c17e061f
parent 613d0a6374
2 changed files with 8 additions and 56 deletions
--- a/api/v1alpha1/repo_types.go
+++ b/api/v1alpha1/repo_types.go
@ -17,10 +17,8 @@ limitations under the License.
 package v1alpha1

 import (
-	"fmt"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"strings"
 )

 const (
@ -85,53 +83,3 @@ type RepoList struct {
 func init() {
 	SchemeBuilder.Register(&Repo{}, &RepoList{})
 }
-
-func (repo *Repo) GetResticEnv(backupConf BackupConfiguration) []corev1.EnvVar {
-	env := []corev1.EnvVar{}
-	if repo.Spec.Backend.S3 != nil {
-		url := fmt.Sprintf("s3:http://%s/%s/%s-%s",
-			repo.Spec.Backend.S3.Server,
-			repo.Spec.Backend.S3.Bucket,
-			strings.ToUpper(backupConf.Namespace),
-			strings.ToLower(backupConf.Name))
-		env = append(env, corev1.EnvVar{
-			Name:  RESTIC_REPOSITORY,
-			Value: url,
-		})
-		for _, key := range []string{
-			AWS_ACCESS_KEY_ID,
-			AWS_SECRET_ACCESS_KEY,
-		} {
-			env = append(env, corev1.EnvVar{
-				Name: key,
-				ValueFrom: &corev1.EnvVarSource{
-					SecretKeyRef: &corev1.SecretKeySelector{
-						LocalObjectReference: corev1.LocalObjectReference{
-							Name: repo.Spec.RepositorySecrets,
-						},
-						Key: key,
-					},
-				},
-			})
-		}
-	}
-	if repo.Spec.Backend.Local != nil {
-		env = append(env, corev1.EnvVar{
-			Name:  RESTIC_REPOSITORY,
-			Value: RESTIC_REPO_PATH,
-		})
-	}
-	env = append(env, corev1.EnvVar{
-		Name: RESTIC_PASSWORD,
-		ValueFrom: &corev1.EnvVarSource{
-			SecretKeyRef: &corev1.SecretKeySelector{
-				LocalObjectReference: corev1.LocalObjectReference{
-					Name: repo.Spec.RepositorySecrets,
-				},
-				Key: RESTIC_PASSWORD,
-			},
-		},
-	})
-
-	return env
-}
--- a/controllers/backupconfiguration_controller_helpers.go
+++ b/controllers/backupconfiguration_controller_helpers.go
@ -253,12 +253,11 @@ func (r *BackupConfigurationReconciler) addSidecar(backupConf formolv1alpha1.Bac
 		return err
 	}
 	r.Log.V(1).Info("Got Repository", "repo", repo)
-	env := repo.GetResticEnv(backupConf)
 	sidecar := corev1.Container{
 		Name:  formolv1alpha1.SIDECARCONTAINER_NAME,
 		Image: backupConf.Spec.Image,
 		Args:  []string{"backupsession", "server"},
-		Env: append(env,
+		Env: []corev1.EnvVar{
 			corev1.EnvVar{
 				Name:  formolv1alpha1.TARGET_NAME,
 				Value: target.TargetName,
@ -270,7 +269,7 @@ func (r *BackupConfigurationReconciler) addSidecar(backupConf formolv1alpha1.Bac
 						FieldPath: "metadata.namespace",
 					},
 				},
-			}),
+			}},
 		VolumeMounts: []corev1.VolumeMount{},
 		SecurityContext: &corev1.SecurityContext{
 			Privileged: func() *bool { b := true; return &b }(),
@ -379,7 +378,12 @@ func (r *BackupConfigurationReconciler) createRBACSidecar(sa corev1.ServiceAccou
 				rbacv1.PolicyRule{
 					Verbs:     []string{"get", "list", "watch"},
 					APIGroups: []string{"formol.desmojim.fr"},
-					Resources: []string{"restoresessions", "backupsessions", "backupconfigurations", "functions", "repos"},
+					Resources: []string{"restoresessions", "backupsessions", "backupconfigurations", "functions", "repoes"},
+				},
+				rbacv1.PolicyRule{
+					Verbs:     []string{"get", "list", "watch"},
+					APIGroups: []string{""},
+					Resources: []string{"secrets"},
 				},
 				rbacv1.PolicyRule{
 					Verbs:     []string{"get", "list", "watch", "create", "update", "patch", "delete"},