fix: bucket only linode (#1703)

Co-authored-by: Jehoszafat Zimnowoda <17126497+j-zimnowoda@users.noreply.github.com>
linode · Sep 6, 2024 · 6ace30c · 6ace30c
1 parent 9af2bc6
commit 6ace30c
Show file tree

Hide file tree

Showing 11 changed files with 46 additions and 91 deletions.
diff --git a/helmfile.d/snippets/defaults.yaml b/helmfile.d/snippets/defaults.yaml
@@ -786,12 +786,6 @@ environments:
         obj:
           provider:
             type: disabled
-          buckets:
-            loki: loki
-            cnpg: cnpg
-            velero: velero
-            harbor: harbor
-            tempo: tempo
         platformBackups:
           database:
             harbor:
@@ -800,9 +794,6 @@ environments:
               enabled: false
             keycloak:
               enabled: false
-          persistentVolumes:
-            gitea:
-              enabled: false
         cluster:
           provider: linode
           name: apl

diff --git a/tests/fixtures/env/settings.yaml b/tests/fixtures/env/settings.yaml
@@ -45,16 +45,16 @@ kms:
             keys: somesecretvalue
             tenantId: somesecretvalue
 obj:
-    buckets:
-        cnpg: my-clusterid-cnpg
-        harbor: my-clusterid-harbor
-        loki: my-clusterid-loki
-        tempo: my-clusterid-tempo
-        velero: my-clusterid-velero
     provider:
         linode:
             accessKeyId: someaccessKeyId
             region: nl-ams-1
+            buckets:
+                cnpg: my-clusterid-cnpg
+                harbor: my-clusterid-harbor
+                loki: my-clusterid-loki
+                tempo: my-clusterid-tempo
+                velero: my-clusterid-velero
         type: linode
 oidc:
     adminGroupID: someAdminGroupID
@@ -88,9 +88,6 @@ platformBackups:
             enabled: true
             retentionPolicy: 7d
             schedule: 0 0 0 * * *
-    persistentVolumes:
-        gitea:
-            enabled: false
 smtp:
     auth_username: no-reply@doma.in
     from: no-reply@doma.in

diff --git a/values-changes.yaml b/values-changes.yaml
@@ -286,6 +286,8 @@ changes:
   - version: 28
     deletions:
       - 'apps.cnpg.storage'
+      - 'obj.buckets'
+      - 'platformBackups.persistentVolumes.gitea'
       - 'alerts.drone'
       - 'otomi.isHomeMonitored'
       - 'home'

diff --git a/values-schema.yaml b/values-schema.yaml
@@ -2894,22 +2894,11 @@ properties:
             description: Linode API Token
             $ref: '#/definitions/wordCharacterPattern'
             x-secret: ''
-          gitea:
-            title: Gitea
-            properties:
-              enabled:
-                type: boolean
-                default: false
-              ttl:
-                $ref: '#/definitions/backupTtl'
-              schedule:
-                $ref: '#/definitions/backupSchedule'
   obj:
     properties:
       provider:
         properties:
           linode:
-            additionalProperties: false
             properties:
               region:
                 description: The region of the bucket
@@ -2923,6 +2912,28 @@ properties:
                 description: The secret of the access key
                 $ref: '#/definitions/wordCharacterPattern'
                 x-secret: ''
+              buckets:
+                properties:
+                  loki:
+                    type: string
+                    $ref: '#/definitions/wordCharacterPattern'
+                    default: loki
+                  cnpg:
+                    type: string
+                    $ref: '#/definitions/wordCharacterPattern'
+                    default: cnpg
+                  velero:
+                    type: string
+                    $ref: '#/definitions/wordCharacterPattern'
+                    default: velero
+                  harbor:
+                    type: string
+                    $ref: '#/definitions/wordCharacterPattern'
+                    default: harbor
+                  tempo:
+                    type: string
+                    $ref: '#/definitions/wordCharacterPattern'
+                    default: tempo
             required:
               - region
               - accessKeyId
@@ -2934,28 +2945,6 @@ properties:
               - linode
               - disabled
             default: disabled
-      buckets:
-        properties:
-          loki:
-            type: string
-            $ref: '#/definitions/wordCharacterPattern'
-            default: loki
-          cnpg:
-            type: string
-            $ref: '#/definitions/wordCharacterPattern'
-            default: cnpg
-          velero:
-            type: string
-            $ref: '#/definitions/wordCharacterPattern'
-            default: velero
-          harbor:
-            type: string
-            $ref: '#/definitions/wordCharacterPattern'
-            default: harbor
-          tempo:
-            type: string
-            $ref: '#/definitions/wordCharacterPattern'
-            default: tempo
   databases:
     properties:
       keycloak:

diff --git a/values/gitea/gitea-otomi-db.gotmpl b/values/gitea/gitea-otomi-db.gotmpl
@@ -3,7 +3,6 @@
 {{- $cnpg := $v.apps.cnpg }}
 {{- $gdb := $v.databases.gitea }}
 {{- $obj := $v.obj.provider }}
-{{- $bu := $v.obj.buckets }}
 {{- $b := $v.platformBackups.database.gitea }}
 
 name: gitea-db
@@ -20,12 +19,12 @@ backup:
   type:  {{ $obj.type }}
 {{- if eq $obj.type "minioLocal" }}
   minioLocal:
-    destinationPath: "s3://{{ $bu.cnpg }}/gitea"
+    destinationPath: "s3://cnpg/gitea"
 {{- end }}
 {{- if eq $obj.type "linode" }}
   linode:
-    destinationPath: "s3://{{ $bu.cnpg }}/gitea"
-    endpointURL: https://{{ $bu.cnpg }}.{{ $obj.linode.region }}.linodeobjects.com
+    destinationPath: "s3://{{ $obj.linode.buckets.cnpg }}/gitea"
+    endpointURL: https://{{ $obj.linode.buckets.cnpg }}.{{ $obj.linode.region }}.linodeobjects.com
 {{- end }}
 {{- end }}
 {{- end }}

diff --git a/values/harbor/harbor-otomi-db.gotmpl b/values/harbor/harbor-otomi-db.gotmpl
@@ -2,7 +2,6 @@
 {{- $hdb := $v.databases.harbor }}
 {{- $cnpg := $v.apps.cnpg }}
 {{- $obj := $v.obj.provider }}
-{{- $bu := $v.obj.buckets }}
 {{- $b := $v.platformBackups.database.harbor }}
 
 name: harbor-otomi-db
@@ -19,12 +18,12 @@ backup:
   type:  {{ $obj.type }}
 {{- if eq $obj.type "minioLocal" }}
   minioLocal:
-    destinationPath: "s3://{{ $bu.cnpg }}/harbor"
+    destinationPath: "s3://cnpg/harbor"
 {{- end }}
 {{- if eq $obj.type "linode" }}
   linode:
-    destinationPath: "s3://{{ $bu.cnpg }}/harbor"
-    endpointURL: https://{{ $bu.cnpg }}.{{ $obj.linode.region }}.linodeobjects.com
+    destinationPath: "s3://{{ $obj.linode.buckets.cnpg }}/harbor"
+    endpointURL: https://{{ $obj.linode.buckets.cnpg }}.{{ $obj.linode.region }}.linodeobjects.com
 {{- end }}
 {{- end }}
 {{- end }}

diff --git a/values/harbor/harbor.gotmpl b/values/harbor/harbor.gotmpl
@@ -2,7 +2,6 @@
 {{- $h := $v.apps.harbor }}
 {{- $db := $v.databases.harbor }}
 {{- $obj := $v.obj.provider }}
-{{- $bu := $v.obj.buckets }}
 {{- $harborDomain := printf "harbor.%s" $v.cluster.domainSuffix }}
 {{- $notaryDomain := printf "notary.%s" $v.cluster.domainSuffix }}
 {{- $harborSecretName := ($harborDomain | replace "." "-") }}
@@ -183,7 +182,7 @@ persistence:
       v4auth: true
       {{- end }}
       {{- if eq $obj.type "linode" }}
-      bucket: {{ $bu.harbor }}
+      bucket: {{ $obj.linode.buckets.harbor }}
       regionendpoint: https://{{ $obj.linode.region }}.linodeobjects.com
       accesskey: {{ $obj.linode.accessKeyId }}               
       secretkey: {{ $obj.linode.secretAccessKey }}

diff --git a/values/keycloak/keycloak-otomi-db.gotmpl b/values/keycloak/keycloak-otomi-db.gotmpl
@@ -3,7 +3,6 @@
 {{- $cnpg := $v.apps.cnpg }}
 {{- $kdb := $v.databases.keycloak }}
 {{- $obj := $v.obj.provider }}
-{{- $bu := $v.obj.buckets }}
 {{- $b := $v.platformBackups.database.keycloak }}
 
 name: keycloak-db
@@ -20,12 +19,12 @@ backup:
   type:  {{ $obj.type }}
 {{- if eq $obj.type "minioLocal" }}
   minioLocal:
-    destinationPath: "s3://{{ $bu.cnpg }}/keycloak"
+    destinationPath: "s3://cnpg/keycloak"
 {{- end }}
 {{- if eq $obj.type "linode" }}
   linode:
-    destinationPath: "s3://{{ $bu.cnpg }}/keycloak"
-    endpointURL: https://{{ $bu.cnpg }}.{{ $obj.linode.region }}.linodeobjects.com
+    destinationPath: "s3://{{ $obj.linode.buckets.cnpg }}/keycloak"
+    endpointURL: https://{{ $obj.linode.buckets.cnpg }}.{{ $obj.linode.region }}.linodeobjects.com
 {{- end }}
 {{- end }}
 {{- end }}

diff --git a/values/loki/loki.gotmpl b/values/loki/loki.gotmpl
@@ -1,7 +1,6 @@
 {{- $v := .Values -}}
 {{- $l:= $v.apps.loki }}
 {{- $obj := $v.obj.provider }}
-{{- $bu := $v.obj.buckets }}
 {{- $useObjectStorage := eq $obj.type "minioLocal" "linode" }}
 
 nameOverride: loki
@@ -51,11 +50,11 @@ loki:
     {{- if $useObjectStorage }}
     aws:
       {{- if eq $obj.type "minioLocal" }}
-      s3: http://otomi-admin:{{ $v.otomi.adminPassword }}@minio.minio.svc.cluster.local.:9000/{{ $bu.loki }}
+      s3: http://otomi-admin:{{ $v.otomi.adminPassword }}@minio.minio.svc.cluster.local.:9000/loki
       s3forcepathstyle: true
       {{- end }}
       {{- if eq $obj.type "linode" }}
-      s3: https://{{ $obj.linode.accessKeyId }}:{{ $obj.linode.secretAccessKey }}@{{ $obj.linode.region }}.linodeobjects.com/{{ $bu.loki }}     
+      s3: https://{{ $obj.linode.accessKeyId }}:{{ $obj.linode.secretAccessKey }}@{{ $obj.linode.region }}.linodeobjects.com/{{ $obj.linode.buckets.loki }}     
       s3forcepathstyle: true
       sse_encryption: false
       http_config:

diff --git a/values/tempo/tempo.gotmpl b/values/tempo/tempo.gotmpl
@@ -1,7 +1,6 @@
 {{- $v := .Values -}}
 {{- $t:= $v.apps.tempo }}
 {{- $obj := $v.obj.provider }}
-{{- $bu := $v.obj.buckets }}
 
 
 fullnameOverride: tempo
@@ -80,7 +79,7 @@ storage:
     {{- end }}
     {{- if eq $obj.type "linode" }}
     s3:
-      bucket: {{ $bu.tempo }}
+      bucket: {{ $obj.linode.buckets.tempo }}
       endpoint: {{ $obj.linode.region }}.linodeobjects.com
       access_key: {{ $obj.linode.accessKeyId }}                      
       secret_key: {{ $obj.linode.secretAccessKey }}                           

diff --git a/values/velero/velero.gotmpl b/values/velero/velero.gotmpl
@@ -1,7 +1,6 @@
 {{- $v := .Values }}
 {{- $vl := $v.apps.velero }}
 {{- $obj := $v.obj.provider }}
-{{- $bu := $v.obj.buckets }}
 {{- $b := $v.platformBackups.persistentVolumes }}
 
 resources: {{- $vl.resources | toYaml | nindent 2 }}
@@ -64,7 +63,7 @@ configuration:
   - name: apl-minio
     provider: aws
     default: true
-    bucket: {{ $bu.velero}}   
+    bucket: velero  
     config:
       s3Url: http://minio.minio.svc.cluster.local:9000
       publicUrl: http://minio.minio.svc.cluster.local:9000
@@ -76,7 +75,7 @@ configuration:
   - name: apl-linode
     provider: aws
     default: true
-    bucket: {{ $bu.velero }} 
+    bucket: {{ $obj.linode.buckets.velero }} 
     config:
       s3Url: https://{{ $obj.linode.region }}.linodeobjects.com
       region: {{ $obj.linode.region }}
@@ -131,21 +130,4 @@ deployNodeAgent: {{ $vl.restic.enabled }}
 nodeAgent:
   podSecurityContext:
     runAsUser: 1338
-    fsGroup: 1338
-
-{{- if $b.gitea.enabled }}
-schedules:
-  gitea:
-    disabled: false
-    schedule: {{ $b.gitea.schedule }}
-    useOwnerReferencesInBackup: false
-    template:
-      ttl: {{ $b.gitea.ttl }}
-      includedNamespaces:
-      - gitea
-      includedResources:
-      - pv
-      - pvc
-      includeClusterResources: true
-      storageLocation: apl
-{{- end }}
+    fsGroup: 1338