Ensure Postgres and Patroni log directories are writable

The `install` command only sets permissions on the final directory.

Author: cbandy

internal/collector/patroni.go

@@ -21,6 +21,7 @@ func EnablePatroniLogging(ctx context.Context,
 
 		// Keep track of what log records and files have been processed.
 		// Use a subdirectory of the logs directory to stay within the same failure domain.
+		// TODO(log-rotation): Create this directory during Collector startup.
 		//
 		// https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/-/extension/storage/filestorage#readme
 		outConfig.Extensions["file_storage/patroni_logs"] = map[string]any{

internal/collector/pgbackrest.go

@@ -47,6 +47,7 @@ func NewConfigForPgBackrestRepoHostPod(
 
 		// Keep track of what log records and files have been processed.
 		// Use a subdirectory of the logs directory to stay within the same failure domain.
+		// TODO(log-rotation): Create this directory during Collector startup.
 		config.Extensions["file_storage/pgbackrest_logs"] = map[string]any{
 			"directory":        directory + "/receiver",
 			"create_directory": true,

internal/collector/pgbouncer.go

@@ -50,6 +50,7 @@ func EnablePgBouncerLogging(ctx context.Context,
 
 		// Keep track of what log records and files have been processed.
 		// Use a subdirectory of the logs directory to stay within the same failure domain.
+		// TODO(log-rotation): Create this directory during Collector startup.
 		//
 		// https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/-/extension/storage/filestorage#readme
 		outConfig.Extensions["file_storage/pgbouncer_logs"] = map[string]any{

internal/collector/postgres.go

@@ -110,6 +110,7 @@ func EnablePostgresLogging(
 
 		// Keep track of what log records and files have been processed.
 		// Use a subdirectory of the logs directory to stay within the same failure domain.
+		// TODO(log-rotation): Create this directory during Collector startup.
 		//
 		// https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/-/extension/storage/filestorage#readme
 		outConfig.Extensions["file_storage/postgres_logs"] = map[string]any{
@@ -215,6 +216,7 @@ func EnablePostgresLogging(
 		}
 
 		// pgBackRest pipeline
+		// TODO(log-rotation): Create this directory during Collector startup.
 		outConfig.Extensions["file_storage/pgbackrest_logs"] = map[string]any{
 			"directory":        naming.PGBackRestPGDataLogPath + "/receiver",
 			"create_directory": true,

internal/postgres/config.go

@@ -14,6 +14,7 @@ import (
 	"github.com/crunchydata/postgres-operator/internal/config"
 	"github.com/crunchydata/postgres-operator/internal/feature"
 	"github.com/crunchydata/postgres-operator/internal/naming"
+	"github.com/crunchydata/postgres-operator/internal/shell"
 	"github.com/crunchydata/postgres-operator/pkg/apis/postgres-operator.crunchydata.com/v1beta1"
 )
 
@@ -297,9 +298,9 @@ chmod +x /tmp/pg_rewind_tde.sh
 `
 	}
 
-	args := []string{version, walDir, naming.PGBackRestPGDataLogPath, naming.PatroniPGDataLogPath}
+	args := []string{version, walDir}
 	script := strings.Join([]string{
-		`declare -r expected_major_version="$1" pgwal_directory="$2" pgbrLog_directory="$3" patroniLog_directory="$4"`,
+		`declare -r expected_major_version="$1" pgwal_directory="$2"`,
 
 		// Function to print the permissions of a file or directory and its parents.
 		bashPermissions,
@@ -370,17 +371,12 @@ chmod +x /tmp/pg_rewind_tde.sh
 		`else (halt Permissions!); fi ||`,
 		`halt "$(permissions "${postgres_data_directory}" ||:)"`,
 
-		// Create the pgBackRest log directory.
-		`results 'pgBackRest log directory' "${pgbrLog_directory}"`,
-		`install --directory --mode=0775 "${pgbrLog_directory}" ||`,
-		`halt "$(permissions "${pgbrLog_directory}" ||:)"`,
-
-		// Create the Patroni log directory.
-		`results 'Patroni log directory' "${patroniLog_directory}"`,
-		`install --directory --mode=0775 "${patroniLog_directory}" ||`,
-		`halt "$(permissions "${patroniLog_directory}" ||:)"`,
-
-		`install --directory --mode=0775 ` + LogDirectory() + ` ||`,
+		// Create log directories.
+		`(` + shell.MakeDirectories(0o775, dataMountPath, naming.PGBackRestPGDataLogPath) + `) ||`,
+		`halt "$(permissions ` + naming.PGBackRestPGDataLogPath + ` ||:)"`,
+		`(` + shell.MakeDirectories(0o775, dataMountPath, naming.PatroniPGDataLogPath) + `) ||`,
+		`halt "$(permissions ` + naming.PatroniPGDataLogPath + ` ||:)"`,
+		`(` + shell.MakeDirectories(0o775, dataMountPath, LogDirectory()) + `) ||`,
 		`halt "$(permissions ` + LogDirectory() + ` ||:)"`,
 
 		// Copy replication client certificate files

internal/postgres/reconcile_test.go

@@ -230,7 +230,7 @@ initContainers:
   - -ceu
   - --
   - |-
-    declare -r expected_major_version="$1" pgwal_directory="$2" pgbrLog_directory="$3" patroniLog_directory="$4"
+    declare -r expected_major_version="$1" pgwal_directory="$2"
     permissions() { while [[ -n "$1" ]]; do set "${1%/*}" "$@"; done; shift; stat -Lc '%A %4u %4g %n' "$@"; }
     halt() { local rc=$?; >&2 echo "$@"; exit "${rc/#0/1}"; }
     results() { printf '::postgres-operator: %s::%s\n' "$@"; }
@@ -267,13 +267,11 @@ initContainers:
     recreate "${postgres_data_directory}" '0700'
     else (halt Permissions!); fi ||
     halt "$(permissions "${postgres_data_directory}" ||:)"
-    results 'pgBackRest log directory' "${pgbrLog_directory}"
-    install --directory --mode=0775 "${pgbrLog_directory}" ||
-    halt "$(permissions "${pgbrLog_directory}" ||:)"
-    results 'Patroni log directory' "${patroniLog_directory}"
-    install --directory --mode=0775 "${patroniLog_directory}" ||
-    halt "$(permissions "${patroniLog_directory}" ||:)"
-    install --directory --mode=0775 /pgdata/logs/postgres ||
+    (mkdir -p '/pgdata/pgbackrest/log' && chmod 0775 '/pgdata/pgbackrest/log' '/pgdata/pgbackrest') ||
+    halt "$(permissions /pgdata/pgbackrest/log ||:)"
+    (mkdir -p '/pgdata/patroni/log' && chmod 0775 '/pgdata/patroni/log' '/pgdata/patroni') ||
+    halt "$(permissions /pgdata/patroni/log ||:)"
+    (mkdir -p '/pgdata/logs/postgres' && chmod 0775 '/pgdata/logs/postgres' '/pgdata/logs') ||
     halt "$(permissions /pgdata/logs/postgres ||:)"
     install -D --mode=0600 -t "/tmp/replication" "/pgconf/tls/replication"/{tls.crt,tls.key,ca.crt}
 
@@ -290,8 +288,6 @@ initContainers:
   - startup
   - "11"
   - /pgdata/pg11_wal
-  - /pgdata/pgbackrest/log
-  - /pgdata/patroni/log
   env:
   - name: PGDATA
     value: /pgdata/pg11
@@ -479,7 +475,7 @@ volumes:
 
 		// Startup moves WAL files to data volume.
 		assert.DeepEqual(t, pod.InitContainers[0].Command[4:],
-			[]string{"startup", "11", "/pgdata/pg11_wal", "/pgdata/pgbackrest/log", "/pgdata/patroni/log"})
+			[]string{"startup", "11", "/pgdata/pg11_wal"})
 	})
 
 	t.Run("WithAdditionalConfigFiles", func(t *testing.T) {
@@ -709,7 +705,7 @@ volumes:
 
 		// Startup moves WAL files to WAL volume.
 		assert.DeepEqual(t, pod.InitContainers[0].Command[4:],
-			[]string{"startup", "11", "/pgwal/pg11_wal", "/pgdata/pgbackrest/log", "/pgdata/patroni/log"})
+			[]string{"startup", "11", "/pgwal/pg11_wal"})
 	})
 }