Skip to content
This repository has been archived by the owner on Apr 24, 2023. It is now read-only.

Commit

Permalink
Merge pull request #37 from philbrookes/INTLY-1180
Browse files Browse the repository at this point in the history 
specify namespace for component secret
  • Loading branch information
@philbrookes
philbrookes authored Mar 11, 2019
2 parents ad2d5dc + 4384952 commit 0079148
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 28 deletions.
2 changes: 2 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
ORG=integreatly
NAMESPACE=rhsso
CONSUMER_NAMESPACES=${NAMESPACE}
PROJECT=keycloak-operator
REG=quay.io
SHELL=/bin/bash
Expand All @@ -22,6 +23,7 @@ setup/travis:

.PHONY: code/run
code/run:
export CONSUMER_NAMESPACES=${CONSUMER_NAMESPACES}
@operator-sdk up local --namespace=${NAMESPACE} --operator-flags="--resync=10"

.PHONY: code/compile
Expand Down
4 changes: 2 additions & 2 deletions deploy/examples/keycloak_backed_up.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,10 @@
"backups": [
{
"name": "daily-at-midnight",
"schedule": "* 0 * * *",
"schedule": "0 0 * * *",
"encryption_key_secret_name": "example-encryption-key",
"aws_credentials_secret_name": "example-aws-key",
"image": "quay.io/philbrookes/backup-container-image",
"image": "quay.io/integreatly/backup-container",
"image_tag": "latest"
}
]
Expand Down
41 changes: 15 additions & 26 deletions pkg/keycloak/phaseHandler.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -227,25 +227,28 @@ func (ph *phaseHandler) reconcileBackup(sso *v1alpha1.Keycloak, backup v1alpha1.
Spec: batchv1.JobSpec{
Template: v1.PodTemplateSpec{
Spec: v1.PodSpec{
ServiceAccountName: "backupjob",
Containers: []v1.Container{
{
Name: backup.Name + "-keycloak-backup",
Image: backup.Image + ":" + backup.ImageTag,
Command: []string{"/opt/intly/tools/entrypoint.sh", "-c", "postgres", "-b", "s3", "-e", "gpg"},
EnvFrom: []v1.EnvFromSource{
Command: []string{"/opt/intly/tools/entrypoint.sh", "-c", "postgres", "-n", namespace, "-b", "s3", "-e", "gpg"},
Env: []v1.EnvVar{
{
SecretRef: &v1.SecretEnvSource{
LocalObjectReference: v1.LocalObjectReference{
Name: backup.AwsCredentialsSecretName,
},
},
Name: "BACKEND_SECRET_NAME",
Value: backup.AwsCredentialsSecretName,
},
{
SecretRef: &v1.SecretEnvSource{
LocalObjectReference: v1.LocalObjectReference{
Name: "db-credentials-" + sso.Name,
},
},
Name: "ENCRYPTION_SECRET_NAME",
Value: backup.EncryptionKeySecretName,
},
{
Name: "COMPONENT_SECRET_NAME",
Value: "db-credentials-" + sso.Name,
},
{
Name: "PRODUCT_NAME",
Value: "rhsso",
},
},
},
Expand All @@ -257,21 +260,7 @@ func (ph *phaseHandler) reconcileBackup(sso *v1alpha1.Keycloak, backup v1alpha1.
},
},
}
/*

*/
if backup.EncryptionKeySecretName != "" {
cron.Spec.JobTemplate.Spec.Template.Spec.Containers[0].EnvFrom = append(
cron.Spec.JobTemplate.Spec.Template.Spec.Containers[0].EnvFrom,
v1.EnvFromSource{
SecretRef: &v1.SecretEnvSource{
LocalObjectReference: v1.LocalObjectReference{
Name: backup.EncryptionKeySecretName,
},
},
},
)
}
_, err := ph.k8sClient.BatchV1beta1().CronJobs(namespace).Create(cron)
if err != nil && !errors2.IsAlreadyExists(err) {
return errors.Wrapf(err, "error creating cronjob %s/%s", cron.Namespace, cron.Name)
Expand Down

0 comments on commit 0079148

Please sign in to comment.