The operator does not know the CNPG API group at runtime (it is
not a sidecar injected by the CNPG operator, so CUSTOM_CNPG_GROUP
and CUSTOM_CNPG_VERSION are not available). Move SetControllerReference
to the specs package and read the GVK from the decoded Cluster's
TypeMeta rather than looking it up in the scheme.
Remove CNPG types from the operator's scheme and the env var bindings
from cmd/operator since they are no longer needed.
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
The ObjectStore controller now lists Roles by a label
(barmancloud.cnpg.io/cluster) set by the Pre hook, inspects their
rules to find which ObjectStores they reference, then fetches those
ObjectStores and rebuilds the rules. This removes the clusters
get/list/watch permission. Conflict handling uses RetryOnConflict to
match the existing project pattern, and partial failures across Roles
are aggregated with errors.Join instead of failing on the first one.
Pre-existing Roles without the label won't be found by the ObjectStore
controller until the Pre hook adds it on the next Cluster
reconciliation. Same staleness window as the current main branch.
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
When an ObjectStore's credentials change (e.g., secret rename), the
RBAC Role granting the Cluster's ServiceAccount access to those secrets
was not updated because nothing triggered a Cluster reconciliation.
Implement the ObjectStore controller's Reconcile to detect referencing
Clusters and update their Roles directly. Extract ensureRole into a
shared rbac.EnsureRole function used by both the Pre hook and the
ObjectStore controller.
Handle concurrent modifications between the Pre hook and ObjectStore
controller gracefully: AlreadyExists on Create and Conflict on Patch
are retried once to avoid propagating transient errors as gRPC failures
to CNPG.
Replace the custom setOwnerReference helper (ownership.go) with
controllerutil.SetControllerReference for both Role and RoleBinding.
The old helper read the GVK from the object's metadata and replaced
all owner references unconditionally. The new function reads the GVK
from the scheme and appends to existing owner references, refusing to
overwrite if another controller already owns the object. Both produce
identical results for our use case since the Role is always freshly
built. The GVK is now resolved from the scheme configured via
CUSTOM_CNPG_GROUP/CUSTOM_CNPG_VERSION, which must match the actual
CNPG API group (same requirement as the instance sidecar).
Add dynamic CNPG scheme registration (internal/scheme) to the operator,
instance, and restore managers, replacing hardcoded cnpgv1.AddToScheme
calls. Add RBAC permission for the plugin to list/watch Clusters.
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
The operator was not announcing the TYPE_INSTANCE_SIDECAR_INJECTION
capability so the CNPG operator did not consider the plugin enabled
for instance pods. The instance manager never queried the plugin's
metrics endpoint, and the barman_cloud_cloudnative_pg_io_* metrics
were missing entirely.
This bug was masked when isWALArchiver was set to true in the plugin
configuration, because the backward compatibility code in CNPG would
mark the plugin as enabled as a side-effect. Users with isWALArchiver
set to false (or omitted) never saw the new metrics.
Closes#682
Signed-off-by: Kenny Root <kenny@the-b.org>
This commit adds support for the DefaultAzureCredential authentication
mechanism in Azure Blob Storage. Users can now use the
`useDefaultAzureCredentials` option to enable Azure's default credential
chain, which automatically discovers and uses available credentials in
the following order
1. Environment Variables (Service Principal)
2. Managed Identity
3. Azure CLI
4. Azure PowerShell
This is particularly useful when running on Azure Kubernetes Service
(AKS) with Workload Identity, eliminating the need to explicitly store
credentials in Kubernetes Secrets.
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Gabriele Fedi <gabriele.fedi@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Enable the LeaderElectionReleaseOnCancel option in the controller
manager to fix a deadlock issue during RollingUpdate deployments with
leader election enabled.
Without this setting, the old pod holds the leader lease during
shutdown, preventing the new pod from becoming ready. This creates a
deadlock where Kubernetes won't terminate the old pod because the new
pod isn't ready, and the new pod can't become ready because it can't
acquire the lease.
With LeaderElectionReleaseOnCancel enabled, the old pod voluntarily
releases the lease when it receives a shutdown signal, allowing the new
pod to acquire leadership immediately and become ready, enabling smooth
rolling updates.
Closes#419
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
This commit adds a new `logLevel` field to the plugin configuration,
allowing users to select the desired log verbosity for the instances
(e.g. error, warning, info, debug, trace).
Closes#514
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Introduce the `additionalContainerArgs` field in the `ObjectStore` resource.
It allows specifying an optional list of command-line arguments appended to
the Barman Cloud sidecar container at startup.
Closes#501
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
When referring to the same ObjectStore with custom TLS certificates
multiple times, the plugin was adding the same volume projection two
times. This lead to a wrong Job definition.
This patch makes the plugin add a sidecar to replica cluster Pods that
are using the plugin to get WALs, even if the plugin itself is not used
for WAL archiving.
Closes: #329
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
This patch allows the plugin trigger a rolling deployment on existing
clusters, enabling seamless migration between the in-tree barman cloud
support and the plugin.
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
This commit makes the Barman cloud plugin support the enforcement of
retention policy as provided by the barman-cloud tool suite.
The first recoverability point and the last successful backup are
shown in the status of the ObjectStore resource for each involved
server name.
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
This patch enables the barman-cloud plugin to function with an operator
that is structurally identical to CNPG but works with a different API group.
It achieves this through lenient decoding of the provided CNPG resources
and injecting the detected GVK into the sidecar, enabling it to correctly
encode and decode the Kubernetes resources.
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
This patch enables the use of custom CA certificates when connecting
to the object store in the barman-cloud plugin. The certificates are
injected into the sidecar via a projected volume and used by the
barman-cloud tool suite.
If the barman object name or the key name changes, users must trigger
a Pod rollout to apply the new values.
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Signed-off-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
Co-authored-by: Marco Nenciarini <marco.nenciarini@enterprisedb.com>
Run basic backup and restore tests for the plugin. Use MinIO for S3,
Azurite for ACS and fake-gcs-server for GCS.
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Adds support for building and publishing Docker images for both amd64 and arm64 architectures.
Ensures compatibility across multiple platforms by using cross-compilation.
Updates relevant configuration files for CI/CD to handle the new build process.
Fixes issues related to Python version conflicts and ensures the correct directory structure in the final image.
Signed-off-by: Francesco Canovai <francesco.canovai@enterprisedb.com>
Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Signed-off-by: Jonathan Gonzalez V. <jonathan.abdiel@gmail.com>
Signed-off-by: Niccolò Fei <niccolo.fei@enterprisedb.com>
Co-authored-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
Co-authored-by: Jonathan Gonzalez V. <jonathan.abdiel@gmail.com>
Co-authored-by: Niccolò Fei <niccolo.fei@enterprisedb.com>