Skip to content

Remove permanent dedicated repo host and make archiving to cloud repo… #4197

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jul 7, 2025
Merged

Remove permanent dedicated repo host and make archiving to cloud repo… #4197

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
6d0723e
Remove permanent dedicated repo host and make archiving to cloud repo…
dsessler7 Jul 3, 2025
b4ea436
Fix noctx linter error: change http.NewRequest to http.NewRequestWith…
dsessler7 Jul 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions internal/controller/postgrescluster/instance.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1395,8 +1395,10 @@ func addPGBackRestToInstancePodSpec(
ctx context.Context, cluster *v1beta1.PostgresCluster,
instanceCertificates *corev1.Secret, instancePod *corev1.PodSpec,
) {
pgbackrest.AddServerToInstancePod(ctx, cluster, instancePod,
instanceCertificates.Name)
if pgbackrest.RepoHostVolumeDefined(cluster) {
pgbackrest.AddServerToInstancePod(ctx, cluster, instancePod,
instanceCertificates.Name)
}

pgbackrest.AddConfigToInstancePod(cluster, instancePod)
}
Expand Down
105 changes: 2 additions & 103 deletions internal/controller/postgrescluster/instance_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -565,104 +565,14 @@ func TestAddPGBackRestToInstancePodSpec(t *testing.T) {
readOnly: true
- name: other
resources: {}
- command:
- pgbackrest
- server
livenessProbe:
exec:
command:
- pgbackrest
- server-ping
name: pgbackrest
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /etc/pgbackrest/server
name: pgbackrest-server
readOnly: true
- mountPath: /pgdata
name: postgres-data
- mountPath: /pgwal
name: postgres-wal
- mountPath: /etc/pgbackrest/conf.d
name: pgbackrest-config
readOnly: true
- command:
- bash
- -ceu
- --
- |-
monitor() {
exec {fd}<> <(:||:)
until read -r -t 5 -u "${fd}"; do
if
[[ "${filename}" -nt "/proc/self/fd/${fd}" ]] &&
pkill -HUP --exact --parent=0 pgbackrest
then
exec {fd}>&- && exec {fd}<> <(:||:)
stat --dereference --format='Loaded configuration dated %y' "${filename}"
elif
{ [[ "${directory}" -nt "/proc/self/fd/${fd}" ]] ||
[[ "${authority}" -nt "/proc/self/fd/${fd}" ]]
} &&
pkill -HUP --exact --parent=0 pgbackrest
then
exec {fd}>&- && exec {fd}<> <(:||:)
stat --format='Loaded certificates dated %y' "${directory}"
fi
done
}; export directory="$1" authority="$2" filename="$3"; export -f monitor; exec -a "$0" bash -ceu monitor
- pgbackrest-config
- /etc/pgbackrest/server
- /etc/pgbackrest/conf.d/~postgres-operator/tls-ca.crt
- /etc/pgbackrest/conf.d/~postgres-operator_server.conf
name: pgbackrest-config
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
volumeMounts:
- mountPath: /etc/pgbackrest/server
name: pgbackrest-server
readOnly: true
- mountPath: /etc/pgbackrest/conf.d
name: pgbackrest-config
readOnly: true
`))

// Instance configuration files with certificates.
// Instance configuration files but no certificates.
// Other volumes are ignored.
assert.Assert(t, cmp.MarshalMatches(out.Volumes, `
- name: other
- name: postgres-data
- name: postgres-wal
- name: pgbackrest-server
projected:
sources:
- secret:
items:
- key: pgbackrest-server.crt
path: server-tls.crt
- key: pgbackrest-server.key
mode: 384
path: server-tls.key
name: some-secret
- name: pgbackrest-config
projected:
sources:
Expand All @@ -672,19 +582,7 @@ func TestAddPGBackRestToInstancePodSpec(t *testing.T) {
path: pgbackrest_instance.conf
- key: config-hash
path: config-hash
- key: pgbackrest-server.conf
path: ~postgres-operator_server.conf
name: hippo-pgbackrest-config
- secret:
items:
- key: pgbackrest.ca-roots
path: ~postgres-operator/tls-ca.crt
- key: pgbackrest-client.crt
path: ~postgres-operator/client-tls.crt
- key: pgbackrest-client.key
mode: 384
path: ~postgres-operator/client-tls.key
name: hippo-pgbackrest
`))
})

Expand Down Expand Up @@ -733,6 +631,7 @@ func TestAddPGBackRestToInstancePodSpec(t *testing.T) {
mode: 384
path: ~postgres-operator/client-tls.key
name: hippo-pgbackrest
optional: true
`))
}

Expand Down
Loading
Loading