The BackupSession controller in the sidecar should get the latest informtation about the repository everytime it reconciles because it might change

2023-03-06 23:04:39 +01:00 · 2023-03-06 23:04:39 +01:00 · f0c17e061f
commit f0c17e061f
parent 613d0a6374
2 changed files with 8 additions and 56 deletions
--- a/api/v1alpha1/repo_types.go
+++ b/api/v1alpha1/repo_types.go
@ -17,10 +17,8 @@ limitations under the License.
 package v1alpha1
 import (
 	"fmt"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"strings"
 )
 const (
@ -85,53 +83,3 @@ type RepoList struct {
 func init() {
 	SchemeBuilder.Register(&Repo{}, &RepoList{})
 }
 func (repo *Repo) GetResticEnv(backupConf BackupConfiguration) []corev1.EnvVar {
 	env := []corev1.EnvVar{}
 	if repo.Spec.Backend.S3 != nil {
 		url := fmt.Sprintf("s3:http://%s/%s/%s-%s",
 			repo.Spec.Backend.S3.Server,
 			repo.Spec.Backend.S3.Bucket,
 			strings.ToUpper(backupConf.Namespace),
 			strings.ToLower(backupConf.Name))
 		env = append(env, corev1.EnvVar{
 			Name:  RESTIC_REPOSITORY,
 			Value: url,
 		})
 		for _, key := range []string{
 			AWS_ACCESS_KEY_ID,
 			AWS_SECRET_ACCESS_KEY,
 		} {
 			env = append(env, corev1.EnvVar{
 				Name: key,
 				ValueFrom: &corev1.EnvVarSource{
 					SecretKeyRef: &corev1.SecretKeySelector{
 						LocalObjectReference: corev1.LocalObjectReference{
 							Name: repo.Spec.RepositorySecrets,
 						},
 						Key: key,
 					},
 				},
 			})
 		}
 	}
 	if repo.Spec.Backend.Local != nil {
 		env = append(env, corev1.EnvVar{
 			Name:  RESTIC_REPOSITORY,
 			Value: RESTIC_REPO_PATH,
 		})
 	}
 	env = append(env, corev1.EnvVar{
 		Name: RESTIC_PASSWORD,
 		ValueFrom: &corev1.EnvVarSource{
 			SecretKeyRef: &corev1.SecretKeySelector{
 				LocalObjectReference: corev1.LocalObjectReference{
 					Name: repo.Spec.RepositorySecrets,
 				},
 				Key: RESTIC_PASSWORD,
 			},
 		},
 	})
 	return env
 }
--- a/controllers/backupconfiguration_controller_helpers.go
+++ b/controllers/backupconfiguration_controller_helpers.go
@ -253,12 +253,11 @@ func (r *BackupConfigurationReconciler) addSidecar(backupConf formolv1alpha1.Bac
 		return err
 	}
 	r.Log.V(1).Info("Got Repository", "repo", repo)
 	env := repo.GetResticEnv(backupConf)
 	sidecar := corev1.Container{
 		Name:  formolv1alpha1.SIDECARCONTAINER_NAME,
 		Image: backupConf.Spec.Image,
 		Args:  []string{"backupsession", "server"},
-		Env: append(env,
+		Env: []corev1.EnvVar{
 			corev1.EnvVar{
 				Name:  formolv1alpha1.TARGET_NAME,
 				Value: target.TargetName,
@ -270,7 +269,7 @@ func (r *BackupConfigurationReconciler) addSidecar(backupConf formolv1alpha1.Bac
 						FieldPath: "metadata.namespace",
 					},
 				},
-			}),
+			}},
 		VolumeMounts: []corev1.VolumeMount{},
 		SecurityContext: &corev1.SecurityContext{
 			Privileged: func() *bool { b := true; return &b }(),
@ -379,7 +378,12 @@ func (r *BackupConfigurationReconciler) createRBACSidecar(sa corev1.ServiceAccou
 				rbacv1.PolicyRule{
 					Verbs:     []string{"get", "list", "watch"},
 					APIGroups: []string{"formol.desmojim.fr"},
-					Resources: []string{"restoresessions", "backupsessions", "backupconfigurations", "functions", "repos"},
+					Resources: []string{"restoresessions", "backupsessions", "backupconfigurations", "functions", "repoes"},
 				},
 				rbacv1.PolicyRule{
 					Verbs:     []string{"get", "list", "watch"},
 					APIGroups: []string{""},
 					Resources: []string{"secrets"},
 				},
 				rbacv1.PolicyRule{
 					Verbs:     []string{"get", "list", "watch", "create", "update", "patch", "delete"},