Skip to content

Commit

Permalink
fix: restore cluster failed when using cd/cv
Browse files Browse the repository at this point in the history
  • Loading branch information
@wangyelei
wangyelei committed Oct 17, 2024
1 parent 56c2dfc commit 933482e
Showing 1 changed file with 39 additions and 2 deletions.
41 changes: 39 additions & 2 deletions controllers/dataprotection/backup_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -756,8 +756,16 @@ func PatchBackupObjectMeta(
if err := setClusterSnapshotAnnotation(request, cluster); err != nil {
return false, err
}
if err := setEncryptedSystemAccountsAnnotation(request, cluster); err != nil {
return false, err
// compatible 0.8 api
if request.Target.ConnectionCredential != nil &&
request.Target.ConnectionCredential.SecretName == constant.GenerateDefaultConnCredential(cluster.Name) {
if err := setConnectionPasswordAnnotation(request); err != nil {
return false, err
}
} else {
if err := setEncryptedSystemAccountsAnnotation(request, cluster); err != nil {
return false, err
}
}
request.Labels[dptypes.ClusterUIDLabelKey] = string(cluster.UID)
}
Expand Down Expand Up @@ -826,6 +834,35 @@ func updateBackupStatusByActionStatus(backupStatus *dpv1alpha1.BackupStatus) {
}
}

// setConnectionPasswordAnnotation sets the encrypted password of the connection credential to the backup's annotations
func setConnectionPasswordAnnotation(request *dpbackup.Request) error {
encryptPassword := func() (string, error) {
target := request.Target
if target == nil || target.ConnectionCredential == nil {
return "", nil
}
secret := &corev1.Secret{}
if err := request.Client.Get(request.Ctx, client.ObjectKey{Name: target.ConnectionCredential.SecretName, Namespace: request.Namespace}, secret); err != nil {
return "", err
}
e := intctrlutil.NewEncryptor(viper.GetString(constant.CfgKeyDPEncryptionKey))
ciphertext, err := e.Encrypt(secret.Data[target.ConnectionCredential.PasswordKey])
if err != nil {
return "", err
}
return ciphertext, nil
}
// save the connection credential password for cluster.
ciphertext, err := encryptPassword()
if err != nil {
return err
}
if ciphertext != "" {
request.Backup.Annotations[dptypes.ConnectionPasswordAnnotationKey] = ciphertext
}
return nil
}

func setEncryptedSystemAccountsAnnotation(request *dpbackup.Request, cluster *appsv1alpha1.Cluster) error {
usernameKey := constant.AccountNameForSecret
passwordKey := constant.AccountPasswdForSecret
Expand Down

0 comments on commit 933482e

Please sign in to comment.