mirror of
https://github.com/cloudnative-pg/plugin-barman-cloud.git
synced 2026-01-11 21:23:12 +01:00
8c20e4fe85
When referring to the same ObjectStore with custom TLS certificates multiple times, the plugin was adding the same volume projection two times. This lead to a wrong Job definition. This patch makes the plugin add a sidecar to replica cluster Pods that are using the plugin to get WALs, even if the plugin itself is not used for WAL archiving. Closes: #329 Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
69 lines
1.7 KiB
Go
69 lines
1.7 KiB
Go
package operator
|
|
|
|
import (
|
|
"context"
|
|
"path"
|
|
|
|
corev1 "k8s.io/api/core/v1"
|
|
"k8s.io/apimachinery/pkg/types"
|
|
|
|
barmancloudv1 "github.com/cloudnative-pg/plugin-barman-cloud/api/v1"
|
|
"github.com/cloudnative-pg/plugin-barman-cloud/internal/cnpgi/metadata"
|
|
"github.com/cloudnative-pg/plugin-barman-cloud/internal/cnpgi/operator/config"
|
|
)
|
|
|
|
// barmanCertificatesVolumeName is the name of the volume that hosts
|
|
// the barman certificates to be used
|
|
const barmanCertificatesVolumeName = "barman-certificates"
|
|
|
|
func (impl LifecycleImplementation) collectAdditionalCertificates(
|
|
ctx context.Context,
|
|
pluginConfiguration *config.PluginConfiguration,
|
|
) ([]corev1.VolumeProjection, error) {
|
|
var result []corev1.VolumeProjection
|
|
|
|
for _, barmanObjectKey := range pluginConfiguration.GetReferredBarmanObjectsKey() {
|
|
certs, err := impl.collectObjectStoreCertificates(ctx, barmanObjectKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
result = append(result, certs...)
|
|
}
|
|
|
|
return result, nil
|
|
}
|
|
|
|
func (impl LifecycleImplementation) collectObjectStoreCertificates(
|
|
ctx context.Context,
|
|
barmanObjectKey types.NamespacedName,
|
|
) ([]corev1.VolumeProjection, error) {
|
|
var objectStore barmancloudv1.ObjectStore
|
|
if err := impl.Client.Get(ctx, barmanObjectKey, &objectStore); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
endpointCA := objectStore.Spec.Configuration.EndpointCA
|
|
if endpointCA == nil {
|
|
return nil, nil
|
|
}
|
|
|
|
return []corev1.VolumeProjection{
|
|
{
|
|
Secret: &corev1.SecretProjection{
|
|
LocalObjectReference: corev1.LocalObjectReference{
|
|
Name: endpointCA.Name,
|
|
},
|
|
Items: []corev1.KeyToPath{
|
|
{
|
|
Key: endpointCA.Key,
|
|
Path: path.Join(
|
|
barmanObjectKey.Name,
|
|
metadata.BarmanCertificatesFileName,
|
|
),
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}, nil
|
|
}
|