From 72d7b6e71e5639e37f9f721647313c00bca130c3 Mon Sep 17 00:00:00 2001 From: Sergey Pronin Date: Thu, 7 Dec 2023 20:26:55 +0300 Subject: [PATCH 01/25] remove adopters (#1497) Co-authored-by: Viacheslav Sarzhan --- ADOPTERS.md | 16 --------------- adopters/example/README.md | 14 ------------- adopters/leviatan/README.md | 15 -------------- adopters/users/laimison/README.md | 33 ------------------------------- adopters/users/spron-in/README.md | 13 ------------ 5 files changed, 91 deletions(-) delete mode 100644 ADOPTERS.md delete mode 100644 adopters/example/README.md delete mode 100644 adopters/leviatan/README.md delete mode 100644 adopters/users/laimison/README.md delete mode 100644 adopters/users/spron-in/README.md diff --git a/ADOPTERS.md b/ADOPTERS.md deleted file mode 100644 index c219529cc3..0000000000 --- a/ADOPTERS.md +++ /dev/null @@ -1,16 +0,0 @@ -# Percona Operator for MySQL based on Percona XtraDB Cluster Adopters - -This is the list of organizations and users that publicly shared details of how they are using Percona Operator for running their MySQL databases. Please send PRs to add or remove organizations/users. - -The list of organizations that have publicly shared the usage of Percona Operator for MySQL based on Percona XtraDB Cluster (PXC). - -| Organization | Description | Success Story | -| :--- | :--- | :--- | -| [Leviatan](https://leviatan.com.br/) | Leviatan runs PXC Operator to implement a monolithic application in a Multiple single-tenant (MST) architecture | [Story](./adopters/leviatan/README.md) | - -The list of users that have publicly shared the usage of Percona Operator for MySQL based on Percona XtraDB Cluster. - -| User | Description | Success Story | -| :--- | :--- | :--- | -| [Sergey Pronin](https://github.com/spron-in) | Personal tests for MySQL | [Story](./adopters/users/spron-in/README.md) | -| [Laimis Valatka](https://github.com/laimison) | Running three-sites Kubernetes project where PXC Operator is successfully operating | [Story](./adopters/users/laimison/README.md) | diff --git a/adopters/example/README.md b/adopters/example/README.md deleted file mode 100644 index dff870c661..0000000000 --- a/adopters/example/README.md +++ /dev/null @@ -1,14 +0,0 @@ -Company: [Example](https://example.com/) - -**Description** -Running multiple PXCs for core applications - -**Are you evaluating or already using in development, CI/CD, production** -Production, CI/CD - -**A brief description of the use case or details on how Percona Operator is helping your projects.** -- Great replacement for Managed Databases from cloud vendors -- No vendor lock-in -- Excellent community and Percona support -- Quick bug fixes - diff --git a/adopters/leviatan/README.md b/adopters/leviatan/README.md deleted file mode 100644 index cc91b1b425..0000000000 --- a/adopters/leviatan/README.md +++ /dev/null @@ -1,15 +0,0 @@ -Company: [Leviatan](https://leviatan.com.br/) - -**Description** - -Running PXC Operator to implement a monolithic application in a Multiple single-tenant (MST) architecture - -**Are you evaluating or already using in development, CI/CD, production** - -Production - -**A brief description of the use case or details on how Percona Operator is helping your projects.** - -(English): We containerized a monolithic application that many law firms in Brazil used to host themselves. Percona's PXC operator enabled us to achieve both cost management and legal concerns (LGPD is our version of GDPR) since it allow us to completely isolate each of our client's workloads in separate HA MySQL clusters, keeping costs down and yet providing a fully managed RDBMS that just works. - -(Portuguese): Portamos para Docker um software monolítico que muitos escritórios de advocacia no Brasil costumavam hospedar eles mesmos. O operador PXC da Percona simplificou tanto o gerenciamento de custos quanto questões jurídicas (LGPD é nossa versão do GDPR) ao permitir o isolamento completo de cada uma das aplicações separando os clientes em clusters MySQL próprios, mantendo os custos baixos e ainda fornecendo um RDBMS totalmente gerenciado que simplesmente funciona. diff --git a/adopters/users/laimison/README.md b/adopters/users/laimison/README.md deleted file mode 100644 index 5a6e537cb5..0000000000 --- a/adopters/users/laimison/README.md +++ /dev/null @@ -1,33 +0,0 @@ -User: [https://github.com/laimison](laimison) - -**Description** - -I'm DevOps engineer and have an interest in Kubernetes and its operators. -Running three-sites Kubernetes project where PXC Operator is successfully operating over VPN/Wireguard. -The initial goal is to expand DevOps knowledge, learn networking, operators, solve clustering problems, prepare for CKA exam, etc. - -A fan of idea to move DBs to Kubernetes. - -An author of [percona-backup-notification](https://github.com/laimison/percona-backup-notification) - -**Are you evaluating or already using in development, CI/CD, production** - -Development and production environments and using GItOps method for deployments - -**Are you using for home use or for your organization** - -Personal lab and sites in development at current date - -**A brief description of the use case or details on how Percona Operator is helping your projects.** - -* Works in a private, public or hybrid cloud - flexible solution to stay with, now and in the future - -* Useful for development - -* Open source - -* It has a great community - -* It has a support options in case DBs are sensitive and well established in business - -* Production focused diff --git a/adopters/users/spron-in/README.md b/adopters/users/spron-in/README.md deleted file mode 100644 index 4e5c54bb7f..0000000000 --- a/adopters/users/spron-in/README.md +++ /dev/null @@ -1,13 +0,0 @@ -User: [https://github.com/spron-in](spron-in) - -**Description** -Running PXC Operator to deploy MySQL databases for personal use - -**Are you evaluating or already using in development, CI/CD, production** -Personal use - -**Are you using for home use or for your organization** -Home lab - -**A brief description of the use case or details on how Percona Operator is helping your projects.** -Cheap and out of the box MySQL database as a replacement for Managed Cloud services. From 8408b0933c7bcde877cb9f80301a4f0459b4da2b Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Mon, 11 Dec 2023 10:37:11 +0200 Subject: [PATCH 02/25] K8SPXC-200: custom options for xtrabackup binaries (#1521) * refactor restore * K8SPXC-200: custom options for xtrabackup binaries https://jira.percona.com/browse/K8SPXC-200 * small fix * update cr * rename `extraArgs` to `args` and change it to array type * fix tests * fix demand-backup and security-context tests * fix demand-backup * fix `.backupSource.verifyTLS` for `pxc-restore` * rename `ExtraArgs` to `Args` --------- Co-authored-by: Viacheslav Sarzhan --- ...rcona.com_perconaxtradbclusterbackups.yaml | 78 +++ ...cona.com_perconaxtradbclusterrestores.yaml | 78 +++ ...pxc.percona.com_perconaxtradbclusters.yaml | 78 +++ deploy/backup/backup.yaml | 11 + deploy/backup/restore.yaml | 11 + deploy/bundle.yaml | 234 ++++++++ deploy/cr.yaml | 11 + deploy/crd.yaml | 234 ++++++++ deploy/cw-bundle.yaml | 234 ++++++++ ...-backup-azure-demand-backup-cloud-k127.yml | 22 +- ...nd-backup-azure-demand-backup-cloud-oc.yml | 22 +- ...emand-backup-azure-demand-backup-cloud.yml | 22 +- ...and-backup-s3-demand-backup-cloud-k127.yml | 26 +- ...emand-backup-s3-demand-backup-cloud-oc.yml | 26 +- ...n-demand-backup-s3-demand-backup-cloud.yml | 26 +- ...ob.batch_xb-on-demand-backup-aws-s3-oc.yml | 4 + .../job.batch_xb-on-demand-backup-aws-s3.yml | 4 + .../conf/demand-backup-cloud.yml | 6 + e2e-tests/demand-backup-cloud/run | 36 +- ...demand-backup-minio-demand-backup-k127.yml | 28 +- ...n-demand-backup-minio-demand-backup-oc.yml | 28 +- ...b-on-demand-backup-minio-demand-backup.yml | 28 +- .../job_xb-on-demand-backup-minio-oc.yml | 4 + .../compare/job_xb-on-demand-backup-minio.yml | 4 + .../demand-backup/conf/demand-backup.yml | 8 + .../conf/on-demand-backup-minio.yml | 7 + .../conf/restore-on-demand-backup-minio.yaml | 8 + e2e-tests/demand-backup/run | 9 + ...store-job-restore-pvc-sec-context-k127.yml | 14 +- ...ch_restore-job-restore-pvc-sec-context.yml | 14 +- ...estore-job-restore-s3-sec-context-k127.yml | 22 +- ...tch_restore-job-restore-s3-sec-context.yml | 22 +- pkg/apis/pxc/v1/pxc_backup_types.go | 27 +- pkg/apis/pxc/v1/pxc_prestore_types.go | 11 +- pkg/apis/pxc/v1/pxc_types.go | 55 ++ pkg/apis/pxc/v1/zz_generated.deepcopy.go | 70 ++- pkg/controller/pxcbackup/controller.go | 2 +- pkg/controller/pxcrestore/controller.go | 6 +- pkg/controller/pxcrestore/restore.go | 6 +- pkg/pxc/backup/job.go | 69 +-- pkg/pxc/backup/restore.go | 532 +++++++----------- pkg/util/env.go | 29 + 42 files changed, 1659 insertions(+), 507 deletions(-) create mode 100644 pkg/util/env.go diff --git a/config/crd/bases/pxc.percona.com_perconaxtradbclusterbackups.yaml b/config/crd/bases/pxc.percona.com_perconaxtradbclusterbackups.yaml index 68ef8fef7f..3f94493da0 100644 --- a/config/crd/bases/pxc.percona.com_perconaxtradbclusterbackups.yaml +++ b/config/crd/bases/pxc.percona.com_perconaxtradbclusterbackups.yaml @@ -58,6 +58,84 @@ spec: type: string spec: properties: + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object pxcCluster: type: string storageName: diff --git a/config/crd/bases/pxc.percona.com_perconaxtradbclusterrestores.yaml b/config/crd/bases/pxc.percona.com_perconaxtradbclusterrestores.yaml index 85cad7303e..b22210e5a8 100644 --- a/config/crd/bases/pxc.percona.com_perconaxtradbclusterrestores.yaml +++ b/config/crd/bases/pxc.percona.com_perconaxtradbclusterrestores.yaml @@ -133,6 +133,84 @@ spec: verifyTLS: type: boolean type: object + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object pitr: properties: backupSource: diff --git a/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml b/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml index 6412d201e7..1e71c56a01 100644 --- a/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml +++ b/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml @@ -505,6 +505,84 @@ spec: storageClass: type: string type: object + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object containerSecurityContext: properties: allowPrivilegeEscalation: diff --git a/deploy/backup/backup.yaml b/deploy/backup/backup.yaml index 0775469d67..c91d9e65e1 100644 --- a/deploy/backup/backup.yaml +++ b/deploy/backup/backup.yaml @@ -7,3 +7,14 @@ metadata: spec: pxcCluster: cluster1 storageName: fs-pvc +# containerOptions: +# env: +# - name: VERIFY_TLS +# value: "false" +# args: +# xtrabackup: +# - "--someflag=abc" +# xbcloud: +# - "--someflag=abc" +# xbstream: +# - "--someflag=abc" diff --git a/deploy/backup/restore.yaml b/deploy/backup/restore.yaml index fee0980176..abb5a81c44 100644 --- a/deploy/backup/restore.yaml +++ b/deploy/backup/restore.yaml @@ -7,6 +7,17 @@ metadata: spec: pxcCluster: cluster1 backupName: backup1 +# containerOptions: +# env: +# - name: VERIFY_TLS +# value: "false" +# args: +# xtrabackup: +# - "--someflag=abc" +# xbcloud: +# - "--someflag=abc" +# xbstream: +# - "--someflag=abc" # resources: # requests: # memory: 100M diff --git a/deploy/bundle.yaml b/deploy/bundle.yaml index 37681218b9..32b9b924e4 100644 --- a/deploy/bundle.yaml +++ b/deploy/bundle.yaml @@ -57,6 +57,84 @@ spec: type: string spec: properties: + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object pxcCluster: type: string storageName: @@ -293,6 +371,84 @@ spec: verifyTLS: type: boolean type: object + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object pitr: properties: backupSource: @@ -1242,6 +1398,84 @@ spec: storageClass: type: string type: object + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object containerSecurityContext: properties: allowPrivilegeEscalation: diff --git a/deploy/cr.yaml b/deploy/cr.yaml index c8c65df6af..3e6d093fbc 100644 --- a/deploy/cr.yaml +++ b/deploy/cr.yaml @@ -551,6 +551,17 @@ spec: # podSecurityContext: # fsGroup: 1001 # supplementalGroups: [1001, 1002, 1003] +# containerOptions: +# env: +# - name: VERIFY_TLS +# value: "false" +# args: +# xtrabackup: +# - "--someflag=abc" +# xbcloud: +# - "--someflag=abc" +# xbstream: +# - "--someflag=abc" s3: bucket: S3-BACKUP-BUCKET-NAME-HERE credentialsSecret: my-cluster-name-backup-s3 diff --git a/deploy/crd.yaml b/deploy/crd.yaml index 63aa865d00..389dd25b74 100644 --- a/deploy/crd.yaml +++ b/deploy/crd.yaml @@ -57,6 +57,84 @@ spec: type: string spec: properties: + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object pxcCluster: type: string storageName: @@ -293,6 +371,84 @@ spec: verifyTLS: type: boolean type: object + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object pitr: properties: backupSource: @@ -1242,6 +1398,84 @@ spec: storageClass: type: string type: object + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object containerSecurityContext: properties: allowPrivilegeEscalation: diff --git a/deploy/cw-bundle.yaml b/deploy/cw-bundle.yaml index 524ef34200..a0097dc398 100644 --- a/deploy/cw-bundle.yaml +++ b/deploy/cw-bundle.yaml @@ -57,6 +57,84 @@ spec: type: string spec: properties: + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object pxcCluster: type: string storageName: @@ -293,6 +371,84 @@ spec: verifyTLS: type: boolean type: object + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object pitr: properties: backupSource: @@ -1242,6 +1398,84 @@ spec: storageClass: type: string type: object + containerOptions: + properties: + args: + properties: + xbcloud: + items: + type: string + type: array + xbstream: + items: + type: string + type: array + xtrabackup: + items: + type: string + type: array + type: object + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + type: object containerSecurityContext: properties: allowPrivilegeEscalation: diff --git a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud-k127.yml b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud-k127.yml index 05ba134fe0..69084bfe0b 100644 --- a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud-k127.yml +++ b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud-k127.yml @@ -28,6 +28,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: demand-backup-cloud-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "true" - name: AZURE_STORAGE_ACCOUNT valueFrom: secretKeyRef: @@ -40,17 +51,6 @@ spec: name: azure-secret - name: AZURE_ENDPOINT - name: AZURE_STORAGE_CLASS - - name: PXC_SERVICE - value: demand-backup-cloud-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "true" - name: XB_USE_MEMORY value: 100MB imagePullPolicy: Always diff --git a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud-oc.yml b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud-oc.yml index 65b1292908..031d3f7a46 100644 --- a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud-oc.yml +++ b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud-oc.yml @@ -26,6 +26,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: demand-backup-cloud-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "true" - name: AZURE_STORAGE_ACCOUNT valueFrom: secretKeyRef: @@ -38,17 +49,6 @@ spec: name: azure-secret - name: AZURE_ENDPOINT - name: AZURE_STORAGE_CLASS - - name: PXC_SERVICE - value: demand-backup-cloud-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "true" - name: XB_USE_MEMORY value: 100MB imagePullPolicy: Always diff --git a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud.yml b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud.yml index a5de715e3b..9c8cdd2a7d 100644 --- a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud.yml +++ b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-azure-demand-backup-cloud.yml @@ -26,6 +26,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: demand-backup-cloud-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "true" - name: AZURE_STORAGE_ACCOUNT valueFrom: secretKeyRef: @@ -38,17 +49,6 @@ spec: name: azure-secret - name: AZURE_ENDPOINT - name: AZURE_STORAGE_CLASS - - name: PXC_SERVICE - value: demand-backup-cloud-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "true" - name: XB_USE_MEMORY value: 100MB imagePullPolicy: Always diff --git a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud-k127.yml b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud-k127.yml index 2eb1645a00..bbceb8402d 100644 --- a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud-k127.yml +++ b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud-k127.yml @@ -28,6 +28,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: demand-backup-cloud-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "true" - name: ENDPOINT - name: DEFAULT_REGION value: us-east-1 @@ -41,17 +52,10 @@ spec: secretKeyRef: key: AWS_SECRET_ACCESS_KEY name: aws-s3-secret - - name: PXC_SERVICE - value: demand-backup-cloud-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "true" + - name: XBCLOUD_EXTRA_ARGS + value: --parallel=2 + - name: XBSTREAM_EXTRA_ARGS + value: --parallel=2 - name: XB_USE_MEMORY value: 100MB imagePullPolicy: Always diff --git a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud-oc.yml b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud-oc.yml index a7c60d73a1..50a92a3e7b 100644 --- a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud-oc.yml +++ b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud-oc.yml @@ -26,6 +26,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: demand-backup-cloud-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "true" - name: ENDPOINT - name: DEFAULT_REGION value: us-east-1 @@ -39,17 +50,10 @@ spec: secretKeyRef: key: AWS_SECRET_ACCESS_KEY name: aws-s3-secret - - name: PXC_SERVICE - value: demand-backup-cloud-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "true" + - name: XBCLOUD_EXTRA_ARGS + value: --parallel=2 + - name: XBSTREAM_EXTRA_ARGS + value: --parallel=2 - name: XB_USE_MEMORY value: 100MB imagePullPolicy: Always diff --git a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud.yml b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud.yml index daa097f622..937041ff10 100644 --- a/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud.yml +++ b/e2e-tests/demand-backup-cloud/compare/job.batch_restore-job-on-demand-backup-s3-demand-backup-cloud.yml @@ -26,6 +26,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: demand-backup-cloud-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "true" - name: ENDPOINT - name: DEFAULT_REGION value: us-east-1 @@ -39,17 +50,10 @@ spec: secretKeyRef: key: AWS_SECRET_ACCESS_KEY name: aws-s3-secret - - name: PXC_SERVICE - value: demand-backup-cloud-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "true" + - name: XBCLOUD_EXTRA_ARGS + value: --parallel=2 + - name: XBSTREAM_EXTRA_ARGS + value: --parallel=2 - name: XB_USE_MEMORY value: 100MB imagePullPolicy: Always diff --git a/e2e-tests/demand-backup-cloud/compare/job.batch_xb-on-demand-backup-aws-s3-oc.yml b/e2e-tests/demand-backup-cloud/compare/job.batch_xb-on-demand-backup-aws-s3-oc.yml index 861d55c111..ba56fdd6b6 100644 --- a/e2e-tests/demand-backup-cloud/compare/job.batch_xb-on-demand-backup-aws-s3-oc.yml +++ b/e2e-tests/demand-backup-cloud/compare/job.batch_xb-on-demand-backup-aws-s3-oc.yml @@ -49,6 +49,10 @@ spec: name: my-cluster-secrets - name: VERIFY_TLS value: "true" + - name: XBCLOUD_EXTRA_ARGS + value: --parallel=2 + - name: XBSTREAM_EXTRA_ARGS + value: --parallel=2 - name: ACCESS_KEY_ID valueFrom: secretKeyRef: diff --git a/e2e-tests/demand-backup-cloud/compare/job.batch_xb-on-demand-backup-aws-s3.yml b/e2e-tests/demand-backup-cloud/compare/job.batch_xb-on-demand-backup-aws-s3.yml index 43c1bc2125..146879b7de 100644 --- a/e2e-tests/demand-backup-cloud/compare/job.batch_xb-on-demand-backup-aws-s3.yml +++ b/e2e-tests/demand-backup-cloud/compare/job.batch_xb-on-demand-backup-aws-s3.yml @@ -49,6 +49,10 @@ spec: name: my-cluster-secrets - name: VERIFY_TLS value: "true" + - name: XBCLOUD_EXTRA_ARGS + value: --parallel=2 + - name: XBSTREAM_EXTRA_ARGS + value: --parallel=2 - name: ACCESS_KEY_ID valueFrom: secretKeyRef: diff --git a/e2e-tests/demand-backup-cloud/conf/demand-backup-cloud.yml b/e2e-tests/demand-backup-cloud/conf/demand-backup-cloud.yml index d6516eef76..6ed6fd2d83 100644 --- a/e2e-tests/demand-backup-cloud/conf/demand-backup-cloud.yml +++ b/e2e-tests/demand-backup-cloud/conf/demand-backup-cloud.yml @@ -76,6 +76,12 @@ spec: region: us-east-1 bucket: operator-testing credentialsSecret: aws-s3-secret + containerOptions: + args: + xbstream: + - '--parallel=2' + xbcloud: + - '--parallel=2' minio: type: s3 s3: diff --git a/e2e-tests/demand-backup-cloud/run b/e2e-tests/demand-backup-cloud/run index 903658c0dc..e77261d1a2 100755 --- a/e2e-tests/demand-backup-cloud/run +++ b/e2e-tests/demand-backup-cloud/run @@ -7,6 +7,24 @@ test_dir=$(realpath $(dirname $0)) set_debug +get_container_options() { + backup_name=$1 + cluster_name=$2 + + backup_options=$(kubectl_bin get pxc-backup "$backup_name" -o jsonpath='{.spec.containerOptions}') + if [[ -n $backup_options ]]; then + echo "$backup_options" + return + fi + + storage_name=$(kubectl_bin get pxc-backup "$backup_name" -o jsonpath='{.spec.storageName}') + storage_options=$(kubectl_bin get pxc "$cluster_name" -o jsonpath="{.spec.backup.storages.$storage_name.containerOptions}") + if [[ -n $storage_options ]]; then + echo "$storage_options" + return + fi +} + run_recovery_from_source() { local storage_type=${1:-s3} local backup_name=${2:-on-demand-backup-aws-s3} @@ -24,9 +42,22 @@ run_recovery_from_source() { fi desc "$storage_type restore with backup source" - stext=$(kubectl_bin get pxc-backup $backup_name -o json | jq -c '.status | {'"$storage_type"', destination} | del(.'"$storage_type"'.endpointUrl, .'"$storage_type"'.storageClass '"$remove_options"')' | $sed "s|$remove_prefix://||") - jq --argjson s "$stext" --arg restore_name "on-demand-backup-$storage_type" '.spec.backupSource=$s | .metadata.name=$restore_name' $test_dir/conf/restore-from-source-backup.json \ + restore_name="on-demand-backup-$storage_type" + + restore_json=$(jq ".metadata.name=\"$restore_name\"" "$test_dir/conf/restore-from-source-backup.json") + + container_options=$(get_container_options "$backup_name" "$cluster") + if [[ -n $container_options ]]; then + restore_json=$(echo "$restore_json" | jq ".spec.containerOptions=$container_options") + fi + + backup_source_json=$(kubectl_bin get pxc-backup "$backup_name" -o json \ + | jq -c '.status | {'"$storage_type"', destination} | del(.'"$storage_type"'.endpointUrl, .'"$storage_type"'.storageClass '"$remove_options"')' \ + | $sed "s|$remove_prefix://||") + echo "$restore_json" \ + | jq ".spec.backupSource=$backup_source_json" \ | kubectl_bin apply -f - + sleep 30 wait_for_running "$cluster-proxysql" 1 wait_for_running "$cluster-pxc" 3 @@ -35,7 +66,6 @@ run_recovery_from_source() { compare_mysql_cmd "select-1" "SELECT * from myApp.myApp;" "-h $cluster-pxc-0.$cluster-pxc -uroot -proot_password" compare_mysql_cmd "select-1" "SELECT * from myApp.myApp;" "-h $cluster-pxc-1.$cluster-pxc -uroot -proot_password" compare_mysql_cmd "select-1" "SELECT * from myApp.myApp;" "-h $cluster-pxc-2.$cluster-pxc -uroot -proot_password" - } main() { diff --git a/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup-k127.yml b/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup-k127.yml index 19c4bdf87c..fa8394e01f 100644 --- a/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup-k127.yml +++ b/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup-k127.yml @@ -28,6 +28,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: demand-backup-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "false" - name: ENDPOINT value: https://minio-service.namespace:9000/ - name: DEFAULT_REGION @@ -42,17 +53,12 @@ spec: secretKeyRef: key: AWS_SECRET_ACCESS_KEY name: minio-secret - - name: PXC_SERVICE - value: demand-backup-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "false" + - name: XB_EXTRA_ARGS + value: --parallel=3 + - name: XBCLOUD_EXTRA_ARGS + value: --parallel=3 + - name: XBSTREAM_EXTRA_ARGS + value: --parallel=3 - name: XB_USE_MEMORY value: "1500000000" imagePullPolicy: Always diff --git a/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup-oc.yml b/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup-oc.yml index ec067814da..75b35bbc9e 100644 --- a/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup-oc.yml +++ b/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup-oc.yml @@ -26,6 +26,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: demand-backup-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "false" - name: ENDPOINT value: https://minio-service.namespace:9000/ - name: DEFAULT_REGION @@ -40,17 +51,12 @@ spec: secretKeyRef: key: AWS_SECRET_ACCESS_KEY name: minio-secret - - name: PXC_SERVICE - value: demand-backup-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "false" + - name: XB_EXTRA_ARGS + value: --parallel=3 + - name: XBCLOUD_EXTRA_ARGS + value: --parallel=3 + - name: XBSTREAM_EXTRA_ARGS + value: --parallel=3 - name: XB_USE_MEMORY value: "1500000000" imagePullPolicy: Always diff --git a/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup.yml b/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup.yml index fe11487090..f12a3eb32b 100644 --- a/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup.yml +++ b/e2e-tests/demand-backup/compare/job_restore-job-on-demand-backup-minio-demand-backup.yml @@ -26,6 +26,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: demand-backup-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "false" - name: ENDPOINT value: https://minio-service.namespace:9000/ - name: DEFAULT_REGION @@ -40,17 +51,12 @@ spec: secretKeyRef: key: AWS_SECRET_ACCESS_KEY name: minio-secret - - name: PXC_SERVICE - value: demand-backup-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "false" + - name: XB_EXTRA_ARGS + value: --parallel=3 + - name: XBCLOUD_EXTRA_ARGS + value: --parallel=3 + - name: XBSTREAM_EXTRA_ARGS + value: --parallel=3 - name: XB_USE_MEMORY value: "1500000000" imagePullPolicy: Always diff --git a/e2e-tests/demand-backup/compare/job_xb-on-demand-backup-minio-oc.yml b/e2e-tests/demand-backup/compare/job_xb-on-demand-backup-minio-oc.yml index 6363a9022e..04f674aefa 100644 --- a/e2e-tests/demand-backup/compare/job_xb-on-demand-backup-minio-oc.yml +++ b/e2e-tests/demand-backup/compare/job_xb-on-demand-backup-minio-oc.yml @@ -49,6 +49,10 @@ spec: name: my-cluster-secrets - name: VERIFY_TLS value: "false" + - name: XBCLOUD_EXTRA_ARGS + value: --parallel=2 --curl-retriable-errors=8 + - name: XBSTREAM_EXTRA_ARGS + value: --parallel=2 - name: ACCESS_KEY_ID valueFrom: secretKeyRef: diff --git a/e2e-tests/demand-backup/compare/job_xb-on-demand-backup-minio.yml b/e2e-tests/demand-backup/compare/job_xb-on-demand-backup-minio.yml index 6a36d8daa0..486a7ad8c0 100644 --- a/e2e-tests/demand-backup/compare/job_xb-on-demand-backup-minio.yml +++ b/e2e-tests/demand-backup/compare/job_xb-on-demand-backup-minio.yml @@ -49,6 +49,10 @@ spec: name: my-cluster-secrets - name: VERIFY_TLS value: "false" + - name: XBCLOUD_EXTRA_ARGS + value: --parallel=2 --curl-retriable-errors=8 + - name: XBSTREAM_EXTRA_ARGS + value: --parallel=2 - name: ACCESS_KEY_ID valueFrom: secretKeyRef: diff --git a/e2e-tests/demand-backup/conf/demand-backup.yml b/e2e-tests/demand-backup/conf/demand-backup.yml index 6984d605c4..74ae380783 100644 --- a/e2e-tests/demand-backup/conf/demand-backup.yml +++ b/e2e-tests/demand-backup/conf/demand-backup.yml @@ -88,3 +88,11 @@ spec: bucket: operator-testing endpointUrl: https://minio-service.#namespace:9000/ verifyTLS: false + containerOptions: + args: + xbstream: + - 'invalidarg' + xtrabackup: + - 'invalidarg' + xbcloud: + - 'invalidarg' diff --git a/e2e-tests/demand-backup/conf/on-demand-backup-minio.yml b/e2e-tests/demand-backup/conf/on-demand-backup-minio.yml index e60a610c72..fcaff5dd44 100644 --- a/e2e-tests/demand-backup/conf/on-demand-backup-minio.yml +++ b/e2e-tests/demand-backup/conf/on-demand-backup-minio.yml @@ -7,3 +7,10 @@ metadata: spec: pxcCluster: demand-backup storageName: minio + containerOptions: + args: + xbstream: + - '--parallel=2' + xbcloud: + - '--parallel=2' + - '--curl-retriable-errors=8' diff --git a/e2e-tests/demand-backup/conf/restore-on-demand-backup-minio.yaml b/e2e-tests/demand-backup/conf/restore-on-demand-backup-minio.yaml index 3426d4cf27..6ade806dcb 100644 --- a/e2e-tests/demand-backup/conf/restore-on-demand-backup-minio.yaml +++ b/e2e-tests/demand-backup/conf/restore-on-demand-backup-minio.yaml @@ -5,6 +5,14 @@ metadata: spec: pxcCluster: demand-backup backupName: on-demand-backup-minio + containerOptions: + args: + xbstream: + - '--parallel=3' + xbcloud: + - '--parallel=3' + xtrabackup: + - '--parallel=3' resources: requests: memory: 0.5G diff --git a/e2e-tests/demand-backup/run b/e2e-tests/demand-backup/run index c970103f40..c3fe9328a2 100755 --- a/e2e-tests/demand-backup/run +++ b/e2e-tests/demand-backup/run @@ -25,9 +25,18 @@ main() { run_backup "$cluster" "on-demand-backup-minio" compare_kubectl job/xb-on-demand-backup-minio + backup_job_name=$(kubectl get pod -l job-name=xb-on-demand-backup-minio -o jsonpath='{.items[].metadata.name}') + kubectl logs "$backup_job_name" | egrep "xbcloud put --storage=s3 --parallel=4 --md5 --insecure (--curl-retriable-errors=7 )?--parallel=2 --curl-retriable-errors=8" + kubectl logs "$backup_job_name" | grep "xbstream -x -C /tmp --parallel=2" run_recovery_check "$cluster" "on-demand-backup-minio" compare_kubectl job/restore-job-on-demand-backup-minio-demand-backup + restore_job_name=$(kubectl get pod -l job-name=restore-job-on-demand-backup-minio-demand-backup -o jsonpath='{.items[].metadata.name}') + kubectl logs "$restore_job_name" | grep "xtrabackup --defaults-group=mysqld --datadir=/datadir --move-back --parallel=3" + kubectl logs "$restore_job_name" | grep "xtrabackup --use-memory=1500000000 --prepare --parallel=3" + kubectl logs "$restore_job_name" | egrep "(xbcloud get --parallel=4 --insecure --curl-retriable-errors=7 --parallel=3|xbcloud get --parallel=4 --insecure --parallel=3)" + kubectl logs "$restore_job_name" | grep "xbstream -x -C .* --parallel=4 --parallel=3" + kubectl logs "$restore_job_name" | egrep "(xbstream --decompress -x -C .* --parallel=4 --parallel=3|xbstream -x -C .* --parallel=4 --parallel=3)" desc "Check backup deletion" kubectl_bin delete pxc-backup --all diff --git a/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k127.yml b/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k127.yml index ec9a262997..1cf7b4b739 100644 --- a/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k127.yml +++ b/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k127.yml @@ -44,12 +44,12 @@ spec: volumeMounts: - mountPath: /datadir name: datadir + - mountPath: /etc/mysql/vault-keyring-secret + name: vault-keyring-secret - mountPath: /etc/mysql/ssl name: ssl - mountPath: /etc/mysql/ssl-internal name: ssl-internal - - mountPath: /etc/mysql/vault-keyring-secret - name: vault-keyring-secret dnsPolicy: ClusterFirst restartPolicy: Never schedulerName: default-scheduler @@ -65,6 +65,11 @@ spec: - name: datadir persistentVolumeClaim: claimName: datadir-sec-context-pxc-0 + - name: vault-keyring-secret + secret: + defaultMode: 420 + optional: true + secretName: sec-context-vault - name: ssl-internal secret: defaultMode: 420 @@ -75,8 +80,3 @@ spec: defaultMode: 420 optional: false secretName: some-name-ssl - - name: vault-keyring-secret - secret: - defaultMode: 420 - optional: true - secretName: sec-context-vault diff --git a/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context.yml b/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context.yml index aed0fe17dd..8df4ff8eec 100644 --- a/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context.yml +++ b/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context.yml @@ -42,12 +42,12 @@ spec: volumeMounts: - mountPath: /datadir name: datadir + - mountPath: /etc/mysql/vault-keyring-secret + name: vault-keyring-secret - mountPath: /etc/mysql/ssl name: ssl - mountPath: /etc/mysql/ssl-internal name: ssl-internal - - mountPath: /etc/mysql/vault-keyring-secret - name: vault-keyring-secret dnsPolicy: ClusterFirst restartPolicy: Never schedulerName: default-scheduler @@ -63,6 +63,11 @@ spec: - name: datadir persistentVolumeClaim: claimName: datadir-sec-context-pxc-0 + - name: vault-keyring-secret + secret: + defaultMode: 420 + optional: true + secretName: sec-context-vault - name: ssl-internal secret: defaultMode: 420 @@ -73,8 +78,3 @@ spec: defaultMode: 420 optional: false secretName: some-name-ssl - - name: vault-keyring-secret - secret: - defaultMode: 420 - optional: true - secretName: sec-context-vault diff --git a/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k127.yml b/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k127.yml index ea00d66130..c35a9b756c 100644 --- a/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k127.yml +++ b/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k127.yml @@ -30,6 +30,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: sec-context-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "true" - name: ENDPOINT value: http://minio-service:9000/ - name: DEFAULT_REGION @@ -44,17 +55,6 @@ spec: secretKeyRef: key: AWS_SECRET_ACCESS_KEY name: minio-secret - - name: PXC_SERVICE - value: sec-context-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "true" - name: XB_USE_MEMORY value: 100MB imagePullPolicy: Always diff --git a/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context.yml b/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context.yml index 564e91964d..071d48ec6c 100644 --- a/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context.yml +++ b/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context.yml @@ -28,6 +28,17 @@ spec: - command: - recovery-cloud.sh env: + - name: PXC_SERVICE + value: sec-context-pxc + - name: PXC_USER + value: xtrabackup + - name: PXC_PASS + valueFrom: + secretKeyRef: + key: xtrabackup + name: my-cluster-secrets + - name: VERIFY_TLS + value: "true" - name: ENDPOINT value: http://minio-service:9000/ - name: DEFAULT_REGION @@ -42,17 +53,6 @@ spec: secretKeyRef: key: AWS_SECRET_ACCESS_KEY name: minio-secret - - name: PXC_SERVICE - value: sec-context-pxc - - name: PXC_USER - value: xtrabackup - - name: PXC_PASS - valueFrom: - secretKeyRef: - key: xtrabackup - name: my-cluster-secrets - - name: VERIFY_TLS - value: "true" - name: XB_USE_MEMORY value: 100MB imagePullPolicy: Always diff --git a/pkg/apis/pxc/v1/pxc_backup_types.go b/pkg/apis/pxc/v1/pxc_backup_types.go index 285fa53a92..b12fbbd973 100644 --- a/pkg/apis/pxc/v1/pxc_backup_types.go +++ b/pkg/apis/pxc/v1/pxc_backup_types.go @@ -44,8 +44,9 @@ type PerconaXtraDBClusterBackup struct { } type PXCBackupSpec struct { - PXCCluster string `json:"pxcCluster"` - StorageName string `json:"storageName,omitempty"` + PXCCluster string `json:"pxcCluster"` + StorageName string `json:"storageName,omitempty"` + ContainerOptions *BackupContainerOptions `json:"containerOptions,omitempty"` } type PXCBackupStatus struct { @@ -65,6 +66,28 @@ type PXCBackupStatus struct { VerifyTLS *bool `json:"verifyTLS,omitempty"` } +func (status *PXCBackupStatus) GetStorageType(cluster *PerconaXtraDBCluster) BackupStorageType { + if status.StorageType != "" { + return status.StorageType + } + + if cluster != nil { + storage, ok := cluster.Spec.Backup.Storages[status.StorageName] + if ok { + return storage.Type + } + } + + switch { + case status.S3 != nil: + return BackupStorageS3 + case status.Azure != nil: + return BackupStorageAzure + } + + return "" +} + const ( BackupConditionPITRReady = "PITRReady" ) diff --git a/pkg/apis/pxc/v1/pxc_prestore_types.go b/pkg/apis/pxc/v1/pxc_prestore_types.go index d2e74a0158..accd547816 100644 --- a/pkg/apis/pxc/v1/pxc_prestore_types.go +++ b/pkg/apis/pxc/v1/pxc_prestore_types.go @@ -9,11 +9,12 @@ import ( // PerconaXtraDBClusterRestoreSpec defines the desired state of PerconaXtraDBClusterRestore type PerconaXtraDBClusterRestoreSpec struct { - PXCCluster string `json:"pxcCluster"` - BackupName string `json:"backupName"` - BackupSource *PXCBackupStatus `json:"backupSource,omitempty"` - PITR *PITR `json:"pitr,omitempty"` - Resources corev1.ResourceRequirements `json:"resources,omitempty"` + PXCCluster string `json:"pxcCluster"` + BackupName string `json:"backupName"` + ContainerOptions *BackupContainerOptions `json:"containerOptions,omitempty"` + BackupSource *PXCBackupStatus `json:"backupSource,omitempty"` + PITR *PITR `json:"pitr,omitempty"` + Resources corev1.ResourceRequirements `json:"resources,omitempty"` } // PerconaXtraDBClusterRestoreStatus defines the observed state of PerconaXtraDBClusterRestore diff --git a/pkg/apis/pxc/v1/pxc_types.go b/pkg/apis/pxc/v1/pxc_types.go index 12f69e4f67..1aad867c13 100644 --- a/pkg/apis/pxc/v1/pxc_types.go +++ b/pkg/apis/pxc/v1/pxc_types.go @@ -20,6 +20,7 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/users" + "github.com/percona/percona-xtradb-cluster-operator/pkg/util" "github.com/percona/percona-xtradb-cluster-operator/version" ) @@ -526,6 +527,60 @@ type BackupStorageSpec struct { ContainerSecurityContext *corev1.SecurityContext `json:"containerSecurityContext,omitempty"` RuntimeClassName *string `json:"runtimeClassName,omitempty"` VerifyTLS *bool `json:"verifyTLS,omitempty"` + ContainerOptions *BackupContainerOptions `json:"containerOptions,omitempty"` +} + +type BackupContainerOptions struct { + Env []corev1.EnvVar `json:"env,omitempty"` + Args BackupContainerArgs `json:"args,omitempty"` +} + +func (b *BackupContainerOptions) GetEnv() []corev1.EnvVar { + return util.MergeEnvLists(b.Env, b.Args.Env()) +} + +func (b *BackupContainerOptions) GetEnvVar(cluster *PerconaXtraDBCluster, storageName string) []corev1.EnvVar { + if b != nil { + return util.MergeEnvLists(b.Args.Env(), b.Env) + } + if cluster == nil { + return nil + } + + storage, ok := cluster.Spec.Backup.Storages[storageName] + if !ok || storage.ContainerOptions == nil { + return nil + } + return storage.ContainerOptions.GetEnvVar(nil, "") +} + +type BackupContainerArgs struct { + Xtrabackup []string `json:"xtrabackup,omitempty"` + Xbcloud []string `json:"xbcloud,omitempty"` + Xbstream []string `json:"xbstream,omitempty"` +} + +func (b *BackupContainerArgs) Env() []corev1.EnvVar { + envs := []corev1.EnvVar{} + if len(b.Xtrabackup) > 0 { + envs = append(envs, corev1.EnvVar{ + Name: "XB_EXTRA_ARGS", + Value: strings.Join(b.Xtrabackup, " "), + }) + } + if len(b.Xbcloud) > 0 { + envs = append(envs, corev1.EnvVar{ + Name: "XBCLOUD_EXTRA_ARGS", + Value: strings.Join(b.Xbcloud, " "), + }) + } + if len(b.Xbstream) > 0 { + envs = append(envs, corev1.EnvVar{ + Name: "XBSTREAM_EXTRA_ARGS", + Value: strings.Join(b.Xbstream, " "), + }) + } + return envs } type BackupStorageType string diff --git a/pkg/apis/pxc/v1/zz_generated.deepcopy.go b/pkg/apis/pxc/v1/zz_generated.deepcopy.go index 46aad0174b..58b130db4c 100644 --- a/pkg/apis/pxc/v1/zz_generated.deepcopy.go +++ b/pkg/apis/pxc/v1/zz_generated.deepcopy.go @@ -29,6 +29,59 @@ func (in *AppStatus) DeepCopy() *AppStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BackupContainerArgs) DeepCopyInto(out *BackupContainerArgs) { + *out = *in + if in.Xtrabackup != nil { + in, out := &in.Xtrabackup, &out.Xtrabackup + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Xbcloud != nil { + in, out := &in.Xbcloud, &out.Xbcloud + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Xbstream != nil { + in, out := &in.Xbstream, &out.Xbstream + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackupContainerArgs. +func (in *BackupContainerArgs) DeepCopy() *BackupContainerArgs { + if in == nil { + return nil + } + out := new(BackupContainerArgs) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BackupContainerOptions) DeepCopyInto(out *BackupContainerOptions) { + *out = *in + if in.Env != nil { + in, out := &in.Env, &out.Env + *out = make([]corev1.EnvVar, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + in.Args.DeepCopyInto(&out.Args) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackupContainerOptions. +func (in *BackupContainerOptions) DeepCopy() *BackupContainerOptions { + if in == nil { + return nil + } + out := new(BackupContainerOptions) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BackupStorageAzureSpec) DeepCopyInto(out *BackupStorageAzureSpec) { *out = *in @@ -131,6 +184,11 @@ func (in *BackupStorageSpec) DeepCopyInto(out *BackupStorageSpec) { *out = new(bool) **out = **in } + if in.ContainerOptions != nil { + in, out := &in.ContainerOptions, &out.ContainerOptions + *out = new(BackupContainerOptions) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackupStorageSpec. @@ -311,6 +369,11 @@ func (in *PMMSpec) DeepCopy() *PMMSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PXCBackupSpec) DeepCopyInto(out *PXCBackupSpec) { *out = *in + if in.ContainerOptions != nil { + in, out := &in.ContainerOptions, &out.ContainerOptions + *out = new(BackupContainerOptions) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PXCBackupSpec. @@ -506,7 +569,7 @@ func (in *PerconaXtraDBClusterBackup) DeepCopyInto(out *PerconaXtraDBClusterBack *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec + in.Spec.DeepCopyInto(&out.Spec) in.Status.DeepCopyInto(&out.Status) } @@ -654,6 +717,11 @@ func (in *PerconaXtraDBClusterRestoreList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PerconaXtraDBClusterRestoreSpec) DeepCopyInto(out *PerconaXtraDBClusterRestoreSpec) { *out = *in + if in.ContainerOptions != nil { + in, out := &in.ContainerOptions, &out.ContainerOptions + *out = new(BackupContainerOptions) + (*in).DeepCopyInto(*out) + } if in.BackupSource != nil { in, out := &in.BackupSource, &out.BackupSource *out = new(PXCBackupStatus) diff --git a/pkg/controller/pxcbackup/controller.go b/pkg/controller/pxcbackup/controller.go index b227a01729..cc3d8858e1 100644 --- a/pkg/controller/pxcbackup/controller.go +++ b/pkg/controller/pxcbackup/controller.go @@ -320,7 +320,7 @@ func (r *ReconcilePerconaXtraDBClusterBackup) runDeleteBackupFinalizer(ctx conte if (cr.Status.S3 == nil && cr.Status.Azure == nil) || cr.Status.Destination == "" { continue } - switch cr.Status.StorageType { + switch cr.Status.GetStorageType(nil) { case api.BackupStorageS3: if !strings.HasPrefix(cr.Status.Destination, api.AwsBlobStoragePrefix) { continue diff --git a/pkg/controller/pxcrestore/controller.go b/pkg/controller/pxcrestore/controller.go index 25e2b53f62..7f60a927e3 100644 --- a/pkg/controller/pxcrestore/controller.go +++ b/pkg/controller/pxcrestore/controller.go @@ -166,7 +166,7 @@ func (r *ReconcilePerconaXtraDBClusterRestore) Reconcile(ctx context.Context, re return reconcile.Result{}, err } - bcp, err := r.getBackup(cr) + bcp, err := r.getBackup(ctx, cr) if err != nil { return rr, errors.Wrap(err, "get backup") } @@ -254,7 +254,7 @@ func (r *ReconcilePerconaXtraDBClusterRestore) Reconcile(ctx context.Context, re return rr, err } -func (r *ReconcilePerconaXtraDBClusterRestore) getBackup(cr *api.PerconaXtraDBClusterRestore) (*api.PerconaXtraDBClusterBackup, error) { +func (r *ReconcilePerconaXtraDBClusterRestore) getBackup(ctx context.Context, cr *api.PerconaXtraDBClusterRestore) (*api.PerconaXtraDBClusterBackup, error) { if cr.Spec.BackupSource != nil { status := cr.Spec.BackupSource.DeepCopy() status.State = api.BackupSucceeded @@ -274,7 +274,7 @@ func (r *ReconcilePerconaXtraDBClusterRestore) getBackup(cr *api.PerconaXtraDBCl } bcp := &api.PerconaXtraDBClusterBackup{} - err := r.client.Get(context.TODO(), types.NamespacedName{Name: cr.Spec.BackupName, Namespace: cr.Namespace}, bcp) + err := r.client.Get(ctx, types.NamespacedName{Name: cr.Spec.BackupName, Namespace: cr.Namespace}, bcp) if err != nil { err = errors.Wrapf(err, "get backup %s", cr.Spec.BackupName) return bcp, err diff --git a/pkg/controller/pxcrestore/restore.go b/pkg/controller/pxcrestore/restore.go index 8c6755c954..4bd262a961 100644 --- a/pkg/controller/pxcrestore/restore.go +++ b/pkg/controller/pxcrestore/restore.go @@ -53,7 +53,7 @@ func (r *ReconcilePerconaXtraDBClusterRestore) restorePVC(cr *api.PerconaXtraDBC } k8s.SetControllerReference(cr, pod, r.scheme) - job, err := backup.PVCRestoreJob(cr, cluster, bcp) + job, err := backup.RestoreJob(cr, bcp, cluster, "", false) if err != nil { return errors.Wrap(err, "restore job") } @@ -91,7 +91,7 @@ func (r *ReconcilePerconaXtraDBClusterRestore) restorePVC(cr *api.PerconaXtraDBC return r.createJob(job) } func (r *ReconcilePerconaXtraDBClusterRestore) restoreAzure(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDBClusterBackup, dest string, cluster *api.PerconaXtraDBCluster, pitr bool) error { - job, err := backup.AzureRestoreJob(cr, bcp, cluster, dest, pitr) + job, err := backup.RestoreJob(cr, bcp, cluster, dest, pitr) if err != nil { return err } @@ -103,7 +103,7 @@ func (r *ReconcilePerconaXtraDBClusterRestore) restoreAzure(cr *api.PerconaXtraD } func (r *ReconcilePerconaXtraDBClusterRestore) restoreS3(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDBClusterBackup, s3dest string, cluster *api.PerconaXtraDBCluster, pitr bool) error { - job, err := backup.S3RestoreJob(cr, bcp, s3dest, cluster, pitr) + job, err := backup.RestoreJob(cr, bcp, cluster, s3dest, pitr) if err != nil { return err } diff --git a/pkg/pxc/backup/job.go b/pkg/pxc/backup/job.go index 57bfe66c64..17feaf0df3 100644 --- a/pkg/pxc/backup/job.go +++ b/pkg/pxc/backup/job.go @@ -13,6 +13,7 @@ import ( api "github.com/percona/percona-xtradb-cluster-operator/pkg/apis/pxc/v1" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/app" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/users" + "github.com/percona/percona-xtradb-cluster-operator/pkg/util" ) func (*Backup) Job(cr *api.PerconaXtraDBClusterBackup, cluster *api.PerconaXtraDBCluster) *batchv1.Job { @@ -47,9 +48,32 @@ func (bcp *Backup) JobSpec(spec api.PXCBackupSpec, cluster *api.PerconaXtraDBClu backoffLimit = *cluster.Spec.Backup.BackoffLimit } verifyTLS := true - if cluster.Spec.Backup.Storages[spec.StorageName].VerifyTLS != nil { - verifyTLS = *cluster.Spec.Backup.Storages[spec.StorageName].VerifyTLS + storage := cluster.Spec.Backup.Storages[spec.StorageName] + if storage.VerifyTLS != nil { + verifyTLS = *storage.VerifyTLS } + envs := []corev1.EnvVar{ + { + Name: "BACKUP_DIR", + Value: "/backup", + }, + { + Name: "PXC_SERVICE", + Value: spec.PXCCluster + "-pxc", + }, + { + Name: "PXC_PASS", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: app.SecretKeySelector(cluster.Spec.SecretsName, users.Xtrabackup), + }, + }, + { + Name: "VERIFY_TLS", + Value: strconv.FormatBool(verifyTLS), + }, + } + envs = util.MergeEnvLists(envs, spec.ContainerOptions.GetEnvVar(cluster, spec.StorageName)) + return batchv1.JobSpec{ BackoffLimit: &backoffLimit, ManualSelector: &manualSelector, @@ -59,10 +83,10 @@ func (bcp *Backup) JobSpec(spec api.PXCBackupSpec, cluster *api.PerconaXtraDBClu Template: corev1.PodTemplateSpec{ ObjectMeta: metav1.ObjectMeta{ Labels: job.Labels, - Annotations: cluster.Spec.Backup.Storages[spec.StorageName].Annotations, + Annotations: storage.Annotations, }, Spec: corev1.PodSpec{ - SecurityContext: cluster.Spec.Backup.Storages[spec.StorageName].PodSecurityContext, + SecurityContext: storage.PodSecurityContext, ImagePullSecrets: bcp.imagePullSecrets, RestartPolicy: corev1.RestartPolicyNever, ServiceAccountName: cluster.Spec.Backup.ServiceAccountName, @@ -70,38 +94,19 @@ func (bcp *Backup) JobSpec(spec api.PXCBackupSpec, cluster *api.PerconaXtraDBClu { Name: "xtrabackup", Image: bcp.image, - SecurityContext: cluster.Spec.Backup.Storages[spec.StorageName].ContainerSecurityContext, + SecurityContext: storage.ContainerSecurityContext, ImagePullPolicy: bcp.imagePullPolicy, Command: []string{"bash", "/usr/bin/backup.sh"}, - Env: []corev1.EnvVar{ - { - Name: "BACKUP_DIR", - Value: "/backup", - }, - { - Name: "PXC_SERVICE", - Value: spec.PXCCluster + "-pxc", - }, - { - Name: "PXC_PASS", - ValueFrom: &corev1.EnvVarSource{ - SecretKeyRef: app.SecretKeySelector(cluster.Spec.SecretsName, users.Xtrabackup), - }, - }, - { - Name: "VERIFY_TLS", - Value: strconv.FormatBool(verifyTLS), - }, - }, - Resources: cluster.Spec.Backup.Storages[spec.StorageName].Resources, + Env: envs, + Resources: storage.Resources, }, }, - Affinity: cluster.Spec.Backup.Storages[spec.StorageName].Affinity, - Tolerations: cluster.Spec.Backup.Storages[spec.StorageName].Tolerations, - NodeSelector: cluster.Spec.Backup.Storages[spec.StorageName].NodeSelector, - SchedulerName: cluster.Spec.Backup.Storages[spec.StorageName].SchedulerName, - PriorityClassName: cluster.Spec.Backup.Storages[spec.StorageName].PriorityClassName, - RuntimeClassName: cluster.Spec.Backup.Storages[spec.StorageName].RuntimeClassName, + Affinity: storage.Affinity, + Tolerations: storage.Tolerations, + NodeSelector: storage.NodeSelector, + SchedulerName: storage.SchedulerName, + PriorityClassName: storage.PriorityClassName, + RuntimeClassName: storage.RuntimeClassName, }, }, }, nil diff --git a/pkg/pxc/backup/restore.go b/pkg/pxc/backup/restore.go index 744a0a02df..69a6170bd0 100644 --- a/pkg/pxc/backup/restore.go +++ b/pkg/pxc/backup/restore.go @@ -14,6 +14,7 @@ import ( api "github.com/percona/percona-xtradb-cluster-operator/pkg/apis/pxc/v1" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/app" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/users" + "github.com/percona/percona-xtradb-cluster-operator/pkg/util" ) var log = logf.Log.WithName("backup/restore") @@ -132,46 +133,83 @@ func PVCRestorePod(cr *api.PerconaXtraDBClusterRestore, bcpStorageName, pvcName }, nil } -func PVCRestoreJob(cr *api.PerconaXtraDBClusterRestore, cluster *api.PerconaXtraDBCluster, bcp *api.PerconaXtraDBClusterBackup) (*batchv1.Job, error) { - jobPVC := corev1.Volume{ - Name: "datadir", - VolumeSource: corev1.VolumeSource{ - PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ - ClaimName: "datadir-" + cr.Spec.PXCCluster + "-pxc-0", - }, - }, +func RestoreJob(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDBClusterBackup, cluster *api.PerconaXtraDBCluster, destination string, pitr bool) (*batchv1.Job, error) { + switch bcp.Status.GetStorageType(cluster) { + case api.BackupStorageAzure: + if bcp.Status.Azure == nil { + return nil, errors.New("nil azure backup status storage") + } + case api.BackupStorageS3: + if bcp.Status.S3 == nil { + return nil, errors.New("nil s3 backup status storage") + } + case api.BackupStorageFilesystem: + default: + return nil, errors.Errorf("no storage type was specified in status, got: %s", bcp.Status.GetStorageType(cluster)) } - jobPVCs := []corev1.Volume{ - jobPVC, - app.GetSecretVolumes("ssl-internal", cluster.Spec.PXC.SSLInternalSecretName, true), - app.GetSecretVolumes("ssl", cluster.Spec.PXC.SSLSecretName, cluster.Spec.AllowUnsafeConfig), - app.GetSecretVolumes("vault-keyring-secret", cluster.Spec.PXC.VaultSecretName, true), - } - command := []string{"recovery-pvc-joiner.sh"} + jobName := "restore-job-" + cr.Name + "-" + cr.Spec.PXCCluster volumeMounts := []corev1.VolumeMount{ { Name: "datadir", MountPath: "/datadir", }, - { - Name: "ssl", - MountPath: "/etc/mysql/ssl", - }, - { - Name: "ssl-internal", - MountPath: "/etc/mysql/ssl-internal", - }, { Name: "vault-keyring-secret", MountPath: "/etc/mysql/vault-keyring-secret", }, } - envs := []corev1.EnvVar{ + jobPVCs := []corev1.Volume{ { - Name: "RESTORE_SRC_SERVICE", - Value: "restore-src-" + cr.Name + "-" + cr.Spec.PXCCluster, + Name: "datadir", + VolumeSource: corev1.VolumeSource{ + PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ + ClaimName: "datadir-" + cr.Spec.PXCCluster + "-pxc-0", + }, + }, }, + app.GetSecretVolumes("vault-keyring-secret", cluster.Spec.PXC.VaultSecretName, true), + } + var command []string + + switch bcp.Status.GetStorageType(cluster) { + case api.BackupStorageFilesystem: + command = []string{"recovery-pvc-joiner.sh"} + volumeMounts = append(volumeMounts, []corev1.VolumeMount{ + { + Name: "ssl", + MountPath: "/etc/mysql/ssl", + }, + { + Name: "ssl-internal", + MountPath: "/etc/mysql/ssl-internal", + }, + }...) + jobPVCs = append(jobPVCs, []corev1.Volume{ + app.GetSecretVolumes("ssl-internal", cluster.Spec.PXC.SSLInternalSecretName, true), + app.GetSecretVolumes("ssl", cluster.Spec.PXC.SSLSecretName, cluster.Spec.AllowUnsafeConfig), + }...) + case api.BackupStorageAzure, api.BackupStorageS3: + command = []string{"recovery-cloud.sh"} + if bcp.Status.GetStorageType(cluster) == api.BackupStorageS3 && cluster.CompareVersionWith("1.12.0") < 0 { + command = []string{"recovery-s3.sh"} + } + if pitr { + if cluster.Spec.Backup == nil && len(cluster.Spec.Backup.Storages) == 0 { + return nil, errors.New("no storage section") + } + jobName = "pitr-job-" + cr.Name + "-" + cr.Spec.PXCCluster + volumeMounts = []corev1.VolumeMount{} + jobPVCs = []corev1.Volume{} + command = []string{"pitr", "recover"} + } + default: + return nil, errors.Errorf("invalid storage type was specified in status, got: %s", bcp.Status.GetStorageType(cluster)) + } + + envs, err := restoreJobEnvs(bcp, cr, cluster, destination, pitr) + if err != nil { + return nil, errors.Wrap(err, "restore job envs") } job := &batchv1.Job{ @@ -180,7 +218,7 @@ func PVCRestoreJob(cr *api.PerconaXtraDBClusterRestore, cluster *api.PerconaXtra Kind: "Job", }, ObjectMeta: metav1.ObjectMeta{ - Name: "restore-job-" + cr.Name + "-" + cr.Spec.PXCCluster, + Name: jobName, Namespace: cr.Namespace, }, Spec: batchv1.JobSpec{ @@ -209,31 +247,22 @@ func PVCRestoreJob(cr *api.PerconaXtraDBClusterRestore, cluster *api.PerconaXtra BackoffLimit: func(i int32) *int32 { return &i }(4), }, } - return job, nil } -func AzureRestoreJob(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDBClusterBackup, cluster *api.PerconaXtraDBCluster, destination string, pitr bool) (*batchv1.Job, error) { - if bcp.Status.Azure == nil { - return nil, errors.New("nil azure storage backup status") - } - - jobPVC := corev1.Volume{ - Name: "datadir", - VolumeSource: corev1.VolumeSource{ - PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ - ClaimName: "datadir-" + cr.Spec.PXCCluster + "-pxc-0", +func restoreJobEnvs(bcp *api.PerconaXtraDBClusterBackup, cr *api.PerconaXtraDBClusterRestore, cluster *api.PerconaXtraDBCluster, destination string, pitr bool) ([]corev1.EnvVar, error) { + if bcp.Status.GetStorageType(cluster) == api.BackupStorageFilesystem { + return util.MergeEnvLists( + []corev1.EnvVar{ + { + Name: "RESTORE_SRC_SERVICE", + Value: "restore-src-" + cr.Name + "-" + cr.Spec.PXCCluster, + }, }, - }, - } - - jobPVCs := []corev1.Volume{ - jobPVC, - app.GetSecretVolumes("vault-keyring-secret", cluster.Spec.PXC.VaultSecretName, true), + cr.Spec.ContainerOptions.GetEnvVar(cluster, bcp.Spec.StorageName), + ), nil } pxcUser := users.Xtrabackup - command := []string{"recovery-cloud.sh"} - verifyTLS := true if cluster.Spec.Backup != nil && len(cluster.Spec.Backup.Storages) > 0 { storage, ok := cluster.Spec.Backup.Storages[bcp.Spec.StorageName] @@ -241,13 +270,90 @@ func AzureRestoreJob(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDB verifyTLS = *storage.VerifyTLS } } - if bcp.Status.VerifyTLS != nil { - verifyTLS = *bcp.Status.VerifyTLS + if bs := cr.Spec.BackupSource; bs != nil { + if bs.StorageName != "" { + storage, ok := cluster.Spec.Backup.Storages[bs.StorageName] + if ok && storage.VerifyTLS != nil { + verifyTLS = *storage.VerifyTLS + } + } + if bs.VerifyTLS != nil { + verifyTLS = *bs.VerifyTLS + } } - azure := bcp.Status.Azure - if azure == nil { - return nil, errors.New("azure storage is not specified") + envs := []corev1.EnvVar{ + { + Name: "PXC_SERVICE", + Value: cr.Spec.PXCCluster + "-pxc", + }, + { + Name: "PXC_USER", + Value: pxcUser, + }, + { + Name: "PXC_PASS", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: app.SecretKeySelector(cluster.Spec.SecretsName, pxcUser), + }, + }, } + if pitr { + envs = append(envs, []corev1.EnvVar{ + { + Name: "PITR_GTID", + Value: cr.Spec.PITR.GTID, + }, + { + Name: "PITR_DATE", + Value: cr.Spec.PITR.Date, + }, + { + Name: "PITR_RECOVERY_TYPE", + Value: cr.Spec.PITR.Type, + }, + }...) + if bs := cr.Spec.PITR.BackupSource; bs != nil { + if bs.StorageName != "" { + storage, ok := cluster.Spec.Backup.Storages[bs.StorageName] + if ok && storage.VerifyTLS != nil { + verifyTLS = *storage.VerifyTLS + } + } + if bs.VerifyTLS != nil { + verifyTLS = *bs.VerifyTLS + } + } + } + + envs = append(envs, corev1.EnvVar{ + Name: "VERIFY_TLS", + Value: strconv.FormatBool(verifyTLS), + }) + + switch bcp.Status.GetStorageType(cluster) { + case api.BackupStorageAzure: + azureEnvs, err := azureEnvs(cr, bcp, cluster, destination, pitr) + if err != nil { + return nil, err + } + envs = append(envs, azureEnvs...) + case api.BackupStorageS3: + s3Envs, err := s3Envs(cr, bcp, cluster, destination, pitr) + if err != nil { + return nil, err + } + envs = append(envs, s3Envs...) + default: + return nil, errors.Errorf("invalid storage type was specified in status, got: %s", bcp.Status.GetStorageType(cluster)) + } + return util.MergeEnvLists( + envs, + cr.Spec.ContainerOptions.GetEnvVar(cluster, bcp.Spec.StorageName), + ), nil +} + +func azureEnvs(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDBClusterBackup, cluster *api.PerconaXtraDBCluster, destination string, pitr bool) ([]corev1.EnvVar, error) { + azure := bcp.Status.Azure container, _ := azure.ContainerAndPrefix() destination = strings.TrimPrefix(destination, api.AzureBlobStoragePrefix+container+"/") destination = strings.TrimPrefix(destination, container+"/") @@ -280,60 +386,23 @@ func AzureRestoreJob(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDB Name: "BACKUP_PATH", Value: destination, }, - { - Name: "PXC_SERVICE", - Value: cr.Spec.PXCCluster + "-pxc", - }, - { - Name: "PXC_USER", - Value: pxcUser, - }, - { - Name: "PXC_PASS", - ValueFrom: &corev1.EnvVarSource{ - SecretKeyRef: app.SecretKeySelector(cluster.Spec.SecretsName, pxcUser), - }, - }, } - jobName := "restore-job-" + cr.Name + "-" + cr.Spec.PXCCluster - volumeMounts := []corev1.VolumeMount{ - { - Name: "datadir", - MountPath: "/datadir", - }, - { - Name: "vault-keyring-secret", - MountPath: "/etc/mysql/vault-keyring-secret", - }, - } - if pitr { - if cluster.Spec.Backup == nil && len(cluster.Spec.Backup.Storages) == 0 { - return nil, errors.New("no storage section") - } storageAzure := new(api.BackupStorageAzureSpec) - - if len(cr.Spec.PITR.BackupSource.StorageName) > 0 { - storage, ok := cluster.Spec.Backup.Storages[cr.Spec.PITR.BackupSource.StorageName] - if ok { - storageAzure = storage.Azure - } - if ok && storage.VerifyTLS != nil { - verifyTLS = *storage.VerifyTLS + if bs := cr.Spec.PITR.BackupSource; bs != nil { + if bs.StorageName != "" { + storage, ok := cluster.Spec.Backup.Storages[cr.Spec.PITR.BackupSource.StorageName] + if ok { + storageAzure = storage.Azure + } } - } - if cr.Spec.PITR.BackupSource != nil && cr.Spec.PITR.BackupSource.Azure != nil { - storageAzure = cr.Spec.PITR.BackupSource.Azure - if cr.Spec.PITR.BackupSource.VerifyTLS != nil { - verifyTLS = *cr.Spec.PITR.BackupSource.VerifyTLS + if bs.Azure != nil { + storageAzure = cr.Spec.PITR.BackupSource.Azure } } - if len(storageAzure.ContainerPath) == 0 { return nil, errors.New("container name is not specified in storage") } - - command = []string{"pitr", "recover"} envs = append(envs, []corev1.EnvVar{ { Name: "BINLOG_AZURE_STORAGE_ACCOUNT", @@ -359,110 +428,20 @@ func AzureRestoreJob(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDB Name: "BINLOG_AZURE_ENDPOINT", Value: storageAzure.Endpoint, }, - { - Name: "PITR_RECOVERY_TYPE", - Value: cr.Spec.PITR.Type, - }, - { - Name: "PITR_GTID", - Value: cr.Spec.PITR.GTID, - }, - { - Name: "PITR_DATE", - Value: cr.Spec.PITR.Date, - }, { Name: "STORAGE_TYPE", Value: "azure", }, }...) - jobName = "pitr-job-" + cr.Name + "-" + cr.Spec.PXCCluster - volumeMounts = []corev1.VolumeMount{} - jobPVCs = []corev1.Volume{} } - envs = append(envs, corev1.EnvVar{ - Name: "VERIFY_TLS", - Value: strconv.FormatBool(verifyTLS), - }) - job := &batchv1.Job{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "batch/v1", - Kind: "Job", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: jobName, - Namespace: cr.Namespace, - }, - Spec: batchv1.JobSpec{ - Template: corev1.PodTemplateSpec{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: cluster.Spec.PXC.Annotations, - Labels: cluster.Spec.PXC.Labels, - }, - Spec: corev1.PodSpec{ - ImagePullSecrets: cluster.Spec.Backup.ImagePullSecrets, - SecurityContext: cluster.Spec.PXC.PodSecurityContext, - Containers: []corev1.Container{xtrabackupContainer(cr, cluster, command, volumeMounts, envs)}, - RestartPolicy: corev1.RestartPolicyNever, - Volumes: jobPVCs, - NodeSelector: cluster.Spec.PXC.NodeSelector, - Affinity: cluster.Spec.PXC.Affinity.Advanced, - Tolerations: cluster.Spec.PXC.Tolerations, - SchedulerName: cluster.Spec.PXC.SchedulerName, - PriorityClassName: cluster.Spec.PXC.PriorityClassName, - ServiceAccountName: cluster.Spec.PXC.ServiceAccountName, - RuntimeClassName: cluster.Spec.PXC.RuntimeClassName, - }, - }, - BackoffLimit: func(i int32) *int32 { return &i }(4), - }, - } - - return job, nil + return envs, nil } -// S3RestoreJob returns restore job object for s3 -func S3RestoreJob(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDBClusterBackup, s3dest string, cluster *api.PerconaXtraDBCluster, pitr bool) (*batchv1.Job, error) { - if bcp.Status.S3 == nil { - return nil, errors.New("nil s3 backup status storage") - } - - jobPVC := corev1.Volume{ - Name: "datadir", - VolumeSource: corev1.VolumeSource{ - PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ - ClaimName: "datadir-" + cr.Spec.PXCCluster + "-pxc-0", - }, - }, - } - - jobPVCs := []corev1.Volume{ - jobPVC, - app.GetSecretVolumes("vault-keyring-secret", cluster.Spec.PXC.VaultSecretName, true), - } - pxcUser := users.Xtrabackup - command := []string{"recovery-cloud.sh"} - if cluster.CompareVersionWith("1.12.0") < 0 { - command = []string{"recovery-s3.sh"} - } - - verifyTLS := true - if cluster.Spec.Backup != nil && len(cluster.Spec.Backup.Storages) > 0 { - storage, ok := cluster.Spec.Backup.Storages[bcp.Spec.StorageName] - if ok && storage.VerifyTLS != nil { - verifyTLS = *storage.VerifyTLS - } - } - if bcp.Status.VerifyTLS != nil { - verifyTLS = *bcp.Status.VerifyTLS - } - if bcp.Status.S3 == nil { - return nil, errors.New("s3 storage is not specified") - } +func s3Envs(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDBClusterBackup, cluster *api.PerconaXtraDBCluster, destination string, pitr bool) ([]corev1.EnvVar, error) { envs := []corev1.EnvVar{ { Name: "S3_BUCKET_URL", - Value: s3dest, + Value: destination, }, { Name: "ENDPOINT", @@ -494,159 +473,68 @@ func S3RestoreJob(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDBClu }, }, }, - { - Name: "PXC_SERVICE", - Value: cr.Spec.PXCCluster + "-pxc", - }, - { - Name: "PXC_USER", - Value: pxcUser, - }, - { - Name: "PXC_PASS", - ValueFrom: &corev1.EnvVarSource{ - SecretKeyRef: app.SecretKeySelector(cluster.Spec.SecretsName, pxcUser), - }, - }, - } - jobName := "restore-job-" + cr.Name + "-" + cr.Spec.PXCCluster - volumeMounts := []corev1.VolumeMount{ - { - Name: "datadir", - MountPath: "/datadir", - }, - { - Name: "vault-keyring-secret", - MountPath: "/etc/mysql/vault-keyring-secret", - }, } if pitr { bucket := "" - if cluster.Spec.Backup == nil && len(cluster.Spec.Backup.Storages) == 0 { - return nil, errors.New("no storage section") - } storageS3 := new(api.BackupStorageS3Spec) - - if bs := cr.Spec.PITR.BackupSource; bs != nil && len(bs.StorageName) > 0 { - storage, ok := cluster.Spec.Backup.Storages[cr.Spec.PITR.BackupSource.StorageName] - if ok { - storageS3 = storage.S3 - bucket = storage.S3.Bucket - if storage.VerifyTLS != nil { - verifyTLS = *storage.VerifyTLS + if bs := cr.Spec.PITR.BackupSource; bs != nil { + if bs.StorageName != "" { + storage, ok := cluster.Spec.Backup.Storages[bs.StorageName] + if ok { + storageS3 = storage.S3 + bucket = storage.S3.Bucket } } - } - if cr.Spec.PITR.BackupSource != nil { - if cr.Spec.PITR.BackupSource.VerifyTLS != nil { - verifyTLS = *cr.Spec.PITR.BackupSource.VerifyTLS - } - if cr.Spec.PITR.BackupSource.S3 != nil { - storageS3 = cr.Spec.PITR.BackupSource.S3 + if bs.S3 != nil { + storageS3 = bs.S3 bucket = storageS3.Bucket } } if len(bucket) == 0 { return nil, errors.New("no bucket in storage") } - - command = []string{"pitr", "recover"} - envs = append(envs, corev1.EnvVar{ - Name: "BINLOG_S3_ENDPOINT", - Value: storageS3.EndpointURL, - }) - envs = append(envs, corev1.EnvVar{ - Name: "BINLOG_S3_REGION", - Value: storageS3.Region, - }) - envs = append(envs, corev1.EnvVar{ - Name: "BINLOG_ACCESS_KEY_ID", - ValueFrom: &corev1.EnvVarSource{ - SecretKeyRef: &corev1.SecretKeySelector{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: storageS3.CredentialsSecret, + envs = append(envs, []corev1.EnvVar{ + { + Name: "BINLOG_S3_ENDPOINT", + Value: storageS3.EndpointURL, + }, + { + Name: "BINLOG_S3_REGION", + Value: storageS3.Region, + }, + { + Name: "BINLOG_ACCESS_KEY_ID", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: storageS3.CredentialsSecret, + }, + Key: "AWS_ACCESS_KEY_ID", }, - Key: "AWS_ACCESS_KEY_ID", }, }, - }) - envs = append(envs, corev1.EnvVar{ - Name: "BINLOG_SECRET_ACCESS_KEY", - ValueFrom: &corev1.EnvVarSource{ - SecretKeyRef: &corev1.SecretKeySelector{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: storageS3.CredentialsSecret, + { + Name: "BINLOG_SECRET_ACCESS_KEY", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: storageS3.CredentialsSecret, + }, + Key: "AWS_SECRET_ACCESS_KEY", }, - Key: "AWS_SECRET_ACCESS_KEY", }, }, - }) - - envs = append(envs, corev1.EnvVar{ - Name: "PITR_RECOVERY_TYPE", - Value: cr.Spec.PITR.Type, - }) - envs = append(envs, corev1.EnvVar{ - Name: "BINLOG_S3_BUCKET_URL", - Value: bucket, - }) - envs = append(envs, corev1.EnvVar{ - Name: "PITR_GTID", - Value: cr.Spec.PITR.GTID, - }) - envs = append(envs, corev1.EnvVar{ - Name: "PITR_DATE", - Value: cr.Spec.PITR.Date, - }) - envs = append(envs, corev1.EnvVar{ - Name: "STORAGE_TYPE", - Value: "s3", - }) - jobName = "pitr-job-" + cr.Name + "-" + cr.Spec.PXCCluster - volumeMounts = []corev1.VolumeMount{} - jobPVCs = []corev1.Volume{} - } - - envs = append(envs, corev1.EnvVar{ - Name: "VERIFY_TLS", - Value: strconv.FormatBool(verifyTLS), - }) - - job := &batchv1.Job{ - TypeMeta: metav1.TypeMeta{ - APIVersion: "batch/v1", - Kind: "Job", - }, - ObjectMeta: metav1.ObjectMeta{ - Name: jobName, - Namespace: cr.Namespace, - }, - Spec: batchv1.JobSpec{ - Template: corev1.PodTemplateSpec{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: cluster.Spec.PXC.Annotations, - Labels: cluster.Spec.PXC.Labels, - }, - Spec: corev1.PodSpec{ - ImagePullSecrets: cluster.Spec.Backup.ImagePullSecrets, - SecurityContext: cluster.Spec.PXC.PodSecurityContext, - Containers: []corev1.Container{xtrabackupContainer(cr, cluster, command, volumeMounts, envs)}, - RestartPolicy: corev1.RestartPolicyNever, - Volumes: jobPVCs, - NodeSelector: cluster.Spec.PXC.NodeSelector, - Affinity: cluster.Spec.PXC.Affinity.Advanced, - Tolerations: cluster.Spec.PXC.Tolerations, - SchedulerName: cluster.Spec.PXC.SchedulerName, - PriorityClassName: cluster.Spec.PXC.PriorityClassName, - ServiceAccountName: cluster.Spec.PXC.ServiceAccountName, - RuntimeClassName: cluster.Spec.PXC.RuntimeClassName, - }, + { + Name: "BINLOG_S3_BUCKET_URL", + Value: bucket, }, - BackoffLimit: func(i int32) *int32 { return &i }(4), - }, + { + Name: "STORAGE_TYPE", + Value: "s3", + }, + }...) } - - return job, nil + return envs, nil } func xtrabackupContainer(cr *api.PerconaXtraDBClusterRestore, cluster *api.PerconaXtraDBCluster, cmd []string, volumeMounts []corev1.VolumeMount, envs []corev1.EnvVar) corev1.Container { diff --git a/pkg/util/env.go b/pkg/util/env.go new file mode 100644 index 0000000000..aaebdc7fca --- /dev/null +++ b/pkg/util/env.go @@ -0,0 +1,29 @@ +package util + +import ( + corev1 "k8s.io/api/core/v1" +) + +func MergeEnvLists(envLists ...[]corev1.EnvVar) []corev1.EnvVar { + resultList := make([]corev1.EnvVar, 0) + for _, list := range envLists { + for _, env := range list { + idx := FindEnvIndex(resultList, env.Name) + if idx == -1 { + resultList = append(resultList, env) + continue + } + resultList[idx] = env + } + } + return resultList +} + +func FindEnvIndex(envs []corev1.EnvVar, name string) int { + for i, env := range envs { + if env.Name == name { + return i + } + } + return -1 +} From f293f2497998ddc6d2a46bc849eed3e33097a317 Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Mon, 11 Dec 2023 10:38:17 +0200 Subject: [PATCH 03/25] K8SPXC-927: add `serviceLabels` and `serviceAnnotations` for PXC (#1517) * K8SPXC-927: add `serviceLabels` and `serviceAnnotations` for PXC https://jira.percona.com/browse/K8SPXC-927 * add unit-test * rename test * add labels annotations to pxc-unready service --------- Co-authored-by: Viacheslav Sarzhan --- deploy/cr.yaml | 4 + pkg/controller/pxc/controller.go | 57 ++++---- pkg/controller/pxc/replication.go | 5 - pkg/controller/pxc/service_test.go | 213 +++++++++++++++++++++++++++++ pkg/pxc/service.go | 35 ++++- 5 files changed, 274 insertions(+), 40 deletions(-) create mode 100644 pkg/controller/pxc/service_test.go diff --git a/deploy/cr.yaml b/deploy/cr.yaml index 3e6d093fbc..11c97fb0f7 100644 --- a/deploy/cr.yaml +++ b/deploy/cr.yaml @@ -94,6 +94,10 @@ spec: # iam.amazonaws.com/role: role-arn # labels: # rack: rack-22 +# serviceAnnotations: +# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http +# serviceLabels: +# rack: rack-23 # readinessProbes: # initialDelaySeconds: 15 # timeoutSeconds: 15 diff --git a/pkg/controller/pxc/controller.go b/pkg/controller/pxc/controller.go index 07c7d7a0b1..fed25d5493 100644 --- a/pkg/controller/pxc/controller.go +++ b/pkg/controller/pxc/controller.go @@ -324,16 +324,17 @@ func (r *ReconcilePerconaXtraDBCluster) Reconcile(ctx context.Context, request r return reconcile.Result{}, errors.Wrap(err, "pxc upgrade error") } - for _, pxcService := range []*corev1.Service{pxc.NewServicePXC(o), pxc.NewServicePXCUnready(o)} { - err := setControllerReference(o, pxcService, r.scheme) - if err != nil { - return reconcile.Result{}, errors.Wrap(err, "setControllerReference") - } - - err = r.createOrUpdateService(o, pxcService, true) - if err != nil { - return reconcile.Result{}, errors.Wrap(err, "PXC service upgrade error") - } + saveOldSvcMeta := true + if o.CompareVersionWith("1.14.0") >= 0 { + saveOldSvcMeta = len(o.Spec.PXC.ServiceLabels) == 0 && len(o.Spec.PXC.ServiceAnnotations) == 0 + } + err = r.createOrUpdateService(o, pxc.NewServicePXC(o), saveOldSvcMeta) + if err != nil { + return reconcile.Result{}, errors.Wrap(err, "PXC service upgrade error") + } + err = r.createOrUpdateService(o, pxc.NewServicePXCUnready(o), true) + if err != nil { + return reconcile.Result{}, errors.Wrap(err, "PXC service upgrade error") } if o.Spec.PXC.Expose.Enabled { @@ -372,19 +373,11 @@ func (r *ReconcilePerconaXtraDBCluster) Reconcile(ctx context.Context, request r return reconcile.Result{}, errors.Wrap(err, "ProxySQL upgrade error") } svc := pxc.NewServiceProxySQL(o) - err := setControllerReference(o, svc, r.scheme) - if err != nil { - return reconcile.Result{}, errors.Wrapf(err, "%s setControllerReference", svc.Name) - } err = r.createOrUpdateService(o, svc, len(o.Spec.ProxySQL.ServiceLabels) == 0 && len(o.Spec.ProxySQL.ServiceAnnotations) == 0) if err != nil { return reconcile.Result{}, errors.Wrapf(err, "%s upgrade error", svc.Name) } svc = pxc.NewServiceProxySQLUnready(o) - err = setControllerReference(o, svc, r.scheme) - if err != nil { - return reconcile.Result{}, errors.Wrapf(err, "%s setControllerReference", svc.Name) - } err = r.createOrUpdateService(o, svc, true) if err != nil { return reconcile.Result{}, errors.Wrapf(err, "%s upgrade error", svc.Name) @@ -467,21 +460,13 @@ func (r *ReconcilePerconaXtraDBCluster) reconcileHAProxy(ctx context.Context, cr return errors.Wrap(err, "HAProxy upgrade error") } svc := pxc.NewServiceHAProxy(cr) - err := setControllerReference(cr, svc, r.scheme) - if err != nil { - return errors.Wrapf(err, "%s setControllerReference", svc.Name) - } podSpec := cr.Spec.HAProxy.PodSpec - err = r.createOrUpdateService(cr, svc, len(podSpec.ServiceLabels) == 0 && len(podSpec.ServiceAnnotations) == 0) + err := r.createOrUpdateService(cr, svc, len(podSpec.ServiceLabels) == 0 && len(podSpec.ServiceAnnotations) == 0) if err != nil { return errors.Wrapf(err, "%s upgrade error", svc.Name) } if cr.HAProxyReplicasServiceEnabled() { svc := pxc.NewServiceHAProxyReplicas(cr) - err := setControllerReference(cr, svc, r.scheme) - if err != nil { - return errors.Wrapf(err, "%s setControllerReference", svc.Name) - } err = r.createOrUpdateService(cr, svc, len(podSpec.ReplicasServiceLabels) == 0 && len(podSpec.ReplicasServiceAnnotations) == 0) if err != nil { return errors.Wrapf(err, "%s upgrade error", svc.Name) @@ -1311,7 +1296,13 @@ func (r *ReconcilePerconaXtraDBCluster) createOrUpdate(cr *api.PerconaXtraDBClus func setIgnoredAnnotationsAndLabels(cr *api.PerconaXtraDBCluster, obj, oldObject client.Object) error { oldAnnotations := oldObject.GetAnnotations() + if oldAnnotations == nil { + oldAnnotations = make(map[string]string) + } annotations := obj.GetAnnotations() + if annotations == nil { + annotations = make(map[string]string) + } for _, annotation := range cr.Spec.IgnoreAnnotations { if v, ok := oldAnnotations[annotation]; ok { annotations[annotation] = v @@ -1319,7 +1310,13 @@ func setIgnoredAnnotationsAndLabels(cr *api.PerconaXtraDBCluster, obj, oldObject } obj.SetAnnotations(annotations) oldLabels := oldObject.GetLabels() + if oldLabels == nil { + oldLabels = make(map[string]string) + } labels := obj.GetLabels() + if labels == nil { + labels = make(map[string]string) + } for _, label := range cr.Spec.IgnoreLabels { if v, ok := oldLabels[label]; ok { labels[label] = v @@ -1342,11 +1339,15 @@ func mergeMaps(x, y map[string]string) map[string]string { } func (r *ReconcilePerconaXtraDBCluster) createOrUpdateService(cr *api.PerconaXtraDBCluster, svc *corev1.Service, saveOldMeta bool) error { + err := setControllerReference(cr, svc, r.scheme) + if err != nil { + return errors.Wrap(err, "set controller reference") + } if !saveOldMeta && len(cr.Spec.IgnoreAnnotations) == 0 && len(cr.Spec.IgnoreLabels) == 0 { return r.createOrUpdate(cr, svc) } oldSvc := new(corev1.Service) - err := r.client.Get(context.TODO(), types.NamespacedName{ + err = r.client.Get(context.TODO(), types.NamespacedName{ Name: svc.GetName(), Namespace: svc.GetNamespace(), }, oldSvc) diff --git a/pkg/controller/pxc/replication.go b/pkg/controller/pxc/replication.go index 1f91786d8f..2d81904ae6 100644 --- a/pkg/controller/pxc/replication.go +++ b/pkg/controller/pxc/replication.go @@ -53,11 +53,6 @@ func (r *ReconcilePerconaXtraDBCluster) ensurePxcPodServices(cr *api.PerconaXtra svcName := fmt.Sprintf("%s-pxc-%d", cr.Name, i) svc := NewExposedPXCService(svcName, cr) - err := setControllerReference(cr, svc, r.scheme) - if err != nil { - return errors.Wrap(err, "failed to set owner to external service") - } - err = r.createOrUpdateService(cr, svc, len(cr.Spec.PXC.Expose.Annotations) == 0) if err != nil { return errors.Wrap(err, "failed to ensure pxc service") diff --git a/pkg/controller/pxc/service_test.go b/pkg/controller/pxc/service_test.go new file mode 100644 index 0000000000..80460424fa --- /dev/null +++ b/pkg/controller/pxc/service_test.go @@ -0,0 +1,213 @@ +package pxc + +import ( + "context" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + + "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc" +) + +var _ = Describe("Service labels and annotations", Ordered, func() { + ctx := context.Background() + const ns = "svc-ls-an" + namespace := &corev1.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: ns, + Namespace: ns, + }, + } + crName := ns + "-reconciler" + crNamespacedName := types.NamespacedName{Name: crName, Namespace: ns} + cr, err := readDefaultCR(crName, ns) + It("should read default cr.yaml", func() { + Expect(err).NotTo(HaveOccurred()) + }) + + BeforeAll(func() { + By("Creating the Namespace to perform the tests") + err := k8sClient.Create(ctx, namespace) + Expect(err).To(Not(HaveOccurred())) + }) + + AfterAll(func() { + // TODO(user): Attention if you improve this code by adding other context test you MUST + // be aware of the current delete namespace limitations. More info: https://book.kubebuilder.io/reference/envtest.html#testing-considerations + By("Deleting the Namespace to perform the tests") + _ = k8sClient.Delete(ctx, namespace) + }) + + Context("Create Percona XtraDB cluster", func() { + It("Should create PerconaXtraDBCluster", func() { + Expect(k8sClient.Create(ctx, cr)).Should(Succeed()) + }) + }) + + It("should reconcile PerconaXtraDBCluster", func() { + _, err := reconciler().Reconcile(ctx, reconcile.Request{ + NamespacedName: crNamespacedName, + }) + Expect(err).To(Succeed()) + }) + + checkLabelsAndAnnotations := func(services []*corev1.Service) { + Context("update service labels manually", func() { + It("should update service labels manually", func() { + for i := range services { + svc := new(corev1.Service) + + Expect(k8sClient.Get(ctx, client.ObjectKeyFromObject(services[i]), svc)).To(Succeed()) + + svc.Labels["manual-label"] = "test" + svc.Labels["ignored-label"] = "test" + svc.Annotations["manual-annotation"] = "test" + svc.Annotations["ignored-annotation"] = "test" + Expect(k8sClient.Update(ctx, svc)).To(Succeed()) + } + }) + + It("should reconcile PerconaXtraDBCluster", func() { + _, err := reconciler().Reconcile(ctx, reconcile.Request{ + NamespacedName: crNamespacedName, + }) + Expect(err).To(Succeed()) + }) + It("should check if manual labels and annotations are still there", func() { + for i := range services { + svc := new(corev1.Service) + + Expect(k8sClient.Get(ctx, client.ObjectKeyFromObject(services[i]), svc)).To(Succeed()) + + Expect(svc.Labels["manual-label"]).To(Equal("test")) + Expect(svc.Annotations["manual-annotation"]).To(Equal("test")) + Expect(svc.Labels["ignored-label"]).To(Equal("test")) + Expect(svc.Annotations["ignored-annotation"]).To(Equal("test")) + } + }) + }) + + Context("set service labels and annotations", func() { + It("should update cr", func() { + Expect(k8sClient.Get(ctx, client.ObjectKeyFromObject(cr), cr)).To(Succeed()) + cr.Spec.IgnoreAnnotations = []string{"ignored-annotation"} + cr.Spec.IgnoreLabels = []string{"ignored-label"} + cr.Spec.PXC.ServiceLabels = map[string]string{"cr-label": "test"} + cr.Spec.PXC.ServiceAnnotations = map[string]string{"cr-annotation": "test"} + cr.Spec.HAProxy.ServiceLabels = map[string]string{"cr-label": "test"} + cr.Spec.HAProxy.ServiceAnnotations = map[string]string{"cr-annotation": "test"} + cr.Spec.HAProxy.ReplicasServiceLabels = map[string]string{"cr-label": "test"} + cr.Spec.HAProxy.ReplicasServiceAnnotations = map[string]string{"cr-annotation": "test"} + cr.Spec.ProxySQL.ServiceLabels = map[string]string{"cr-label": "test"} + cr.Spec.ProxySQL.ServiceAnnotations = map[string]string{"cr-annotation": "test"} + Expect(k8sClient.Update(ctx, cr)).Should(Succeed()) + }) + It("should reconcile PerconaXtraDBCluster", func() { + _, err := reconciler().Reconcile(ctx, reconcile.Request{ + NamespacedName: crNamespacedName, + }) + Expect(err).To(Succeed()) + }) + It("check labels and annotations", func() { + for i := range services { + svc := new(corev1.Service) + + Expect(k8sClient.Get(ctx, client.ObjectKeyFromObject(services[i]), svc)).To(Succeed()) + + Expect(svc.Labels["manual-label"]).To(Equal("")) + Expect(svc.Annotations["manual-annotation"]).To(Equal("")) + Expect(svc.Labels["ignored-label"]).To(Equal("test")) + Expect(svc.Annotations["ignored-annotation"]).To(Equal("test")) + Expect(svc.Labels["cr-label"]).To(Equal("test")) + Expect(svc.Annotations["cr-annotation"]).To(Equal("test")) + } + }) + }) + Context("remove ignored labels and annotations", func() { + It("should update cr", func() { + Expect(k8sClient.Get(ctx, client.ObjectKeyFromObject(cr), cr)).To(Succeed()) + cr.Spec.IgnoreAnnotations = []string{} + cr.Spec.IgnoreLabels = []string{} + Expect(k8sClient.Update(ctx, cr)).Should(Succeed()) + }) + It("should reconcile PerconaXtraDBCluster", func() { + _, err := reconciler().Reconcile(ctx, reconcile.Request{ + NamespacedName: crNamespacedName, + }) + Expect(err).To(Succeed()) + }) + It("should check if there are no ignored labels and annotations", func() { + for i := range services { + svc := new(corev1.Service) + + Expect(k8sClient.Get(ctx, client.ObjectKeyFromObject(services[i]), svc)).To(Succeed()) + + Expect(svc.Labels["ignored-label"]).To(Equal("")) + Expect(svc.Annotations["ignored-annotation"]).To(Equal("")) + Expect(svc.Labels["cr-label"]).To(Equal("test")) + Expect(svc.Annotations["cr-annotation"]).To(Equal("test")) + } + }) + }) + } + + services := []*corev1.Service{ + pxc.NewServicePXC(cr), + pxc.NewServiceHAProxy(cr), + pxc.NewServiceHAProxyReplicas(cr), + } + + Context("check haproxy cluster", func() { + checkLabelsAndAnnotations(services) + }) + + It("should delete services", func() { + for _, svc := range services { + Expect(k8sClient.Delete(ctx, svc)).To(Succeed()) + } + }) + + It("should switch to ProxySQL and remove serviceLabels, serviceAnnotations", func() { + haproxySts := &appsv1.StatefulSet{ + ObjectMeta: metav1.ObjectMeta{ + Name: cr.Name + "-haproxy", + Namespace: cr.Namespace, + }, + } + Expect(k8sClient.Get(ctx, client.ObjectKeyFromObject(haproxySts), haproxySts)).To(Succeed()) + Expect(k8sClient.Delete(ctx, haproxySts)).To(Succeed()) + + Expect(k8sClient.Get(ctx, client.ObjectKeyFromObject(cr), cr)).To(Succeed()) + cr.Spec.HAProxy.Enabled = false + cr.Spec.ProxySQL.Enabled = true + + cr.Spec.PXC.ServiceLabels = nil + cr.Spec.PXC.ServiceAnnotations = nil + cr.Spec.HAProxy.ServiceLabels = nil + cr.Spec.HAProxy.ServiceAnnotations = nil + cr.Spec.HAProxy.ReplicasServiceLabels = nil + cr.Spec.HAProxy.ReplicasServiceAnnotations = nil + cr.Spec.ProxySQL.ServiceLabels = nil + cr.Spec.ProxySQL.ServiceAnnotations = nil + Expect(k8sClient.Update(ctx, cr)).To(Succeed()) + }) + It("should reconcile PerconaXtraDBCluster", func() { + _, err := reconciler().Reconcile(ctx, reconcile.Request{ + NamespacedName: crNamespacedName, + }) + Expect(err).To(Succeed()) + }) + + Context("check proxysql cluster", func() { + checkLabelsAndAnnotations([]*corev1.Service{ + pxc.NewServicePXC(cr), + pxc.NewServiceProxySQL(cr), + }) + }) +}) diff --git a/pkg/pxc/service.go b/pkg/pxc/service.go index fa69f3b4e3..abfdfef39c 100644 --- a/pkg/pxc/service.go +++ b/pkg/pxc/service.go @@ -48,7 +48,8 @@ func NewServicePXC(cr *api.PerconaXtraDBCluster) *corev1.Service { obj.Spec.Ports, corev1.ServicePort{ Port: 33062, - Name: "mysql-admin"}, + Name: "mysql-admin", + }, ) } @@ -61,10 +62,18 @@ func NewServicePXC(cr *api.PerconaXtraDBCluster) *corev1.Service { obj.Spec.Ports, corev1.ServicePort{ Port: 33060, - Name: "mysqlx"}, + Name: "mysqlx", + }, ) } + if cr.CompareVersionWith("1.14.0") >= 0 { + if cr.Spec.PXC != nil { + obj.Annotations = cr.Spec.PXC.ServiceAnnotations + obj.Labels = fillServiceLabels(obj.Labels, cr.Spec.PXC.ServiceLabels) + } + } + return obj } @@ -106,7 +115,8 @@ func NewServicePXCUnready(cr *api.PerconaXtraDBCluster) *corev1.Service { obj.Spec.Ports, corev1.ServicePort{ Port: 33062, - Name: "mysql-admin"}, + Name: "mysql-admin", + }, ) } @@ -119,7 +129,8 @@ func NewServicePXCUnready(cr *api.PerconaXtraDBCluster) *corev1.Service { obj.Spec.Ports, corev1.ServicePort{ Port: 33060, - Name: "mysqlx"}, + Name: "mysqlx", + }, ) } @@ -128,6 +139,13 @@ func NewServicePXCUnready(cr *api.PerconaXtraDBCluster) *corev1.Service { delete(obj.ObjectMeta.Annotations, "service.alpha.kubernetes.io/tolerate-unready-endpoints") } + if cr.CompareVersionWith("1.14.0") >= 0 { + if cr.Spec.PXC != nil { + obj.Annotations = cr.Spec.PXC.ServiceAnnotations + obj.Labels = fillServiceLabels(obj.Labels, cr.Spec.PXC.ServiceLabels) + } + } + return obj } @@ -173,7 +191,8 @@ func NewServiceProxySQLUnready(cr *api.PerconaXtraDBCluster) *corev1.Service { obj.Spec.Ports, corev1.ServicePort{ Port: 33062, - Name: "mysql-admin"}, + Name: "mysql-admin", + }, ) } @@ -259,7 +278,8 @@ func NewServiceProxySQL(cr *api.PerconaXtraDBCluster) *corev1.Service { obj.Spec.Ports, corev1.ServicePort{ Port: 33062, - Name: "mysql-admin"}, + Name: "mysql-admin", + }, ) } @@ -382,7 +402,8 @@ func NewServiceHAProxyReplicas(cr *api.PerconaXtraDBCluster) *corev1.Service { "app.kubernetes.io/instance": cr.Name, "app.kubernetes.io/component": "haproxy", "app.kubernetes.io/managed-by": "percona-xtradb-cluster-operator", - "app.kubernetes.io/part-of": "percona-xtradb-cluster"} + "app.kubernetes.io/part-of": "percona-xtradb-cluster", + } loadBalancerSourceRanges := []string{} loadBalancerIP := "" if cr.Spec.HAProxy != nil { From 4c1c9753fb162a216fda501295bfce99b517407f Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Mon, 11 Dec 2023 10:45:04 +0200 Subject: [PATCH 04/25] K8SPXC-1147: log more info if replica channel isn't empty (#1546) https://jira.percona.com/browse/K8SPXC-1147 Co-authored-by: Viacheslav Sarzhan --- pkg/controller/pxc/replication.go | 19 ++++++----- pkg/pxc/queries/queries.go | 56 ++++++++++++++++++++----------- 2 files changed, 48 insertions(+), 27 deletions(-) diff --git a/pkg/controller/pxc/replication.go b/pkg/controller/pxc/replication.go index 2d81904ae6..9948e08805 100644 --- a/pkg/controller/pxc/replication.go +++ b/pkg/controller/pxc/replication.go @@ -5,7 +5,6 @@ import ( "fmt" "strings" - "github.com/go-logr/logr" "github.com/hashicorp/go-version" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" @@ -62,7 +61,7 @@ func (r *ReconcilePerconaXtraDBCluster) ensurePxcPodServices(cr *api.PerconaXtra } func (r *ReconcilePerconaXtraDBCluster) removeOutdatedServices(cr *api.PerconaXtraDBCluster) error { - //needed for labels + // needed for labels svc := NewExposedPXCService("", cr) svcNames := make(map[string]struct{}, cr.Spec.PXC.Size) @@ -78,7 +77,6 @@ func (r *ReconcilePerconaXtraDBCluster) removeOutdatedServices(cr *api.PerconaXt LabelSelector: labels.SelectorFromSet(svc.Labels), }, ) - if err != nil { return errors.Wrap(err, "failed to list external services") } @@ -240,7 +238,7 @@ func (r *ReconcilePerconaXtraDBCluster) reconcileReplication(ctx context.Context currConf := currentReplicaConfig(channel.Name, cr.Status.PXCReplication) - err = manageReplicationChannel(log, primaryDB, channel, currConf, string(sysUsersSecretObj.Data[users.Replication])) + err = manageReplicationChannel(ctx, primaryDB, channel, currConf, string(sysUsersSecretObj.Data[users.Replication])) if err != nil { return errors.Wrapf(err, "manage replication channel %s", channel.Name) } @@ -355,20 +353,25 @@ func removeOutdatedChannels(ctx context.Context, db queries.Database, currentCha return nil } -func manageReplicationChannel(log logr.Logger, primaryDB queries.Database, channel api.ReplicationChannel, currConf api.ReplicationChannelConfig, replicaPW string) error { +func manageReplicationChannel(ctx context.Context, primaryDB queries.Database, channel api.ReplicationChannel, currConf api.ReplicationChannelConfig, replicaPW string) error { + log := logf.FromContext(ctx) currentSources, err := primaryDB.ReplicationChannelSources(channel.Name) if err != nil && err != queries.ErrNotFound { return errors.Wrapf(err, "get current replication sources for channel %s", channel.Name) } - replicationStatus, err := primaryDB.ReplicationStatus(channel.Name) + replicationStatus, err := primaryDB.ReplicationStatus(ctx, channel.Name) if err != nil { return errors.Wrap(err, "failed to check replication status") } if !isSourcesChanged(channel.SourcesList, currentSources) { if replicationStatus == queries.ReplicationStatusError { - log.Info("Replication for channel is not running. Please, check the replication status", "channel", channel.Name) + statusMap, err := primaryDB.ShowReplicaStatus(ctx, channel.Name) + if err != nil { + return errors.Wrap(err, "failed to get replica status") + } + log.Info("Replication for channel is not running. Please, check the replication status", "channel", channel.Name, "Last_IO_Error", statusMap["Last_IO_Error"]) return nil } @@ -461,7 +464,7 @@ func (r *ReconcilePerconaXtraDBCluster) removePxcPodServices(cr *api.PerconaXtra return nil } - //needed for labels + // needed for labels svc := NewExposedPXCService("", cr) svcList := &corev1.ServiceList{} diff --git a/pkg/pxc/queries/queries.go b/pkg/pxc/queries/queries.go index 59c5aaa817..9af4b6f3e3 100644 --- a/pkg/pxc/queries/queries.go +++ b/pkg/pxc/queries/queries.go @@ -151,35 +151,54 @@ func (p *Database) ChangeChannelPassword(channel, password string) error { return tx.Commit() } -func (p *Database) ReplicationStatus(channel string) (ReplicationStatus, error) { +func (p *Database) ShowReplicaStatus(ctx context.Context, channel string) (map[string]string, error) { rows, err := p.db.Query(`SHOW REPLICA STATUS FOR CHANNEL ?`, channel) if err != nil { - if strings.HasSuffix(err.Error(), "does not exist.") || errors.Is(err, sql.ErrNoRows) { - return ReplicationStatusNotInitiated, nil - } - return ReplicationStatusError, errors.Wrap(err, "get current replica status") + return nil, err } - defer rows.Close() - cols, err := rows.Columns() + columns, err := rows.Columns() if err != nil { - return ReplicationStatusError, errors.Wrap(err, "get columns") + return nil, err } - vals := make([]interface{}, len(cols)) - for i := range cols { - vals[i] = new(sql.RawBytes) + ok := rows.Next() + if !ok { + return make(map[string]string), nil } - for rows.Next() { - err = rows.Scan(vals...) - if err != nil { - return ReplicationStatusError, errors.Wrap(err, "scan replication status") + values := make([]any, 0, len(columns)) + for range columns { + values = append(values, new([]byte)) + } + status := make(map[string]string, len(columns)) + + if err := rows.Scan(values...); err != nil { + return nil, err + } + + for i, name := range columns { + ptr, ok := values[i].(*[]byte) + if !ok { + return nil, errors.Errorf("failed to convert %T to *[]byte: %s", values[i], name) + } + status[name] = string(*ptr) + } + + return status, nil +} + +func (p *Database) ReplicationStatus(ctx context.Context, channel string) (ReplicationStatus, error) { + statusMap, err := p.ShowReplicaStatus(ctx, channel) + if err != nil { + if strings.HasSuffix(err.Error(), "does not exist.") || errors.Is(err, sql.ErrNoRows) { + return ReplicationStatusNotInitiated, nil } + return ReplicationStatusError, errors.Wrap(err, "get current replica status") } - IORunning := string(*vals[10].(*sql.RawBytes)) - SQLRunning := string(*vals[11].(*sql.RawBytes)) - LastErrNo := string(*vals[18].(*sql.RawBytes)) + IORunning := statusMap["Replica_IO_Running"] + SQLRunning := statusMap["Replica_SQL_Running"] + LastErrNo := statusMap["Last_Errno"] if IORunning == "Yes" && SQLRunning == "Yes" { return ReplicationStatusActive, nil } @@ -283,7 +302,6 @@ func (p *Database) StartReplication(replicaPass string, config ReplicationConfig _, err = p.db.Exec(`START REPLICA FOR CHANNEL ?`, config.Source.Name) return errors.Wrapf(err, "start replica for source %s", config.Source.Name) - } func (p *Database) DeleteReplicationSource(name, host string, port int) error { From c30c8b991a1a01e9af626a024b44349084fb07c6 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Mon, 11 Dec 2023 09:46:49 +0100 Subject: [PATCH 05/25] K8SPXC-1288 make schedule backup fields mandatory (#1545) * K8SPXC-1288 make schedule backup fields mandatory * Update pkg/apis/pxc/v1/pxc_types.go Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * fix quotes --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Viacheslav Sarzhan --- .../crd/bases/pxc.percona.com_perconaxtradbclusters.yaml | 4 ++++ deploy/bundle.yaml | 4 ++++ deploy/crd.yaml | 4 ++++ deploy/cw-bundle.yaml | 4 ++++ pkg/apis/pxc/v1/pxc_types.go | 9 ++++++--- 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml b/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml index 1e71c56a01..2cb6f43f49 100644 --- a/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml +++ b/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml @@ -129,6 +129,10 @@ spec: type: string storageName: type: string + required: + - name + - schedule + - storageName type: object type: array serviceAccountName: diff --git a/deploy/bundle.yaml b/deploy/bundle.yaml index 32b9b924e4..33f413a3e5 100644 --- a/deploy/bundle.yaml +++ b/deploy/bundle.yaml @@ -1022,6 +1022,10 @@ spec: type: string storageName: type: string + required: + - name + - schedule + - storageName type: object type: array serviceAccountName: diff --git a/deploy/crd.yaml b/deploy/crd.yaml index 389dd25b74..bdaea4fc40 100644 --- a/deploy/crd.yaml +++ b/deploy/crd.yaml @@ -1022,6 +1022,10 @@ spec: type: string storageName: type: string + required: + - name + - schedule + - storageName type: object type: array serviceAccountName: diff --git a/deploy/cw-bundle.yaml b/deploy/cw-bundle.yaml index a0097dc398..6f2c3dccae 100644 --- a/deploy/cw-bundle.yaml +++ b/deploy/cw-bundle.yaml @@ -1022,6 +1022,10 @@ spec: type: string storageName: type: string + required: + - name + - schedule + - storageName type: object type: array serviceAccountName: diff --git a/pkg/apis/pxc/v1/pxc_types.go b/pkg/apis/pxc/v1/pxc_types.go index 1aad867c13..1611dbd415 100644 --- a/pkg/apis/pxc/v1/pxc_types.go +++ b/pkg/apis/pxc/v1/pxc_types.go @@ -153,9 +153,12 @@ type PITRSpec struct { } type PXCScheduledBackupSchedule struct { - Name string `json:"name,omitempty"` - Schedule string `json:"schedule,omitempty"` - Keep int `json:"keep,omitempty"` + // +kubebuilder:validation:Required + Name string `json:"name,omitempty"` + // +kubebuilder:validation:Required + Schedule string `json:"schedule,omitempty"` + Keep int `json:"keep,omitempty"` + // +kubebuilder:validation:Required StorageName string `json:"storageName,omitempty"` } type AppState string From d6a18b4a8e75895b0fcdcc9ba1af5d56a9fdcaea Mon Sep 17 00:00:00 2001 From: Inel Pandzic Date: Mon, 11 Dec 2023 14:12:35 +0100 Subject: [PATCH 06/25] Handle users if the cluster state is error but the reason is invalid (#1543) user password applied. Co-authored-by: Viacheslav Sarzhan --- pkg/controller/pxc/users.go | 29 +++++++++++++++++++------- pkg/controller/pxc/users_without_dp.go | 16 +++++++------- 2 files changed, 29 insertions(+), 16 deletions(-) diff --git a/pkg/controller/pxc/users.go b/pkg/controller/pxc/users.go index f3df49dc03..fd22e18dd3 100644 --- a/pkg/controller/pxc/users.go +++ b/pkg/controller/pxc/users.go @@ -7,6 +7,7 @@ import ( "encoding/json" "fmt" "strconv" + "strings" "github.com/hashicorp/go-version" "github.com/pkg/errors" @@ -201,7 +202,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleRootUser(ctx context.Context, cr * Hosts: []string{"localhost", "%"}, } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -278,7 +279,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleOperatorUser(ctx context.Context, } } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -435,7 +436,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleMonitorUser(ctx context.Context, c } } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -594,7 +595,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleClustercheckUser(ctx context.Conte } } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -669,7 +670,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleXtrabackupUser(ctx context.Context } } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -775,7 +776,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleReplicationUser(ctx context.Contex } } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -889,7 +890,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleProxyadminUser(ctx context.Context return nil } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -948,7 +949,7 @@ func (r *ReconcilePerconaXtraDBCluster) handlePMMUser(ctx context.Context, cr *a return nil } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -1212,3 +1213,15 @@ func (r *ReconcilePerconaXtraDBCluster) updateUserPassExpirationPolicy(ctx conte return nil } + +func (r *ReconcilePerconaXtraDBCluster) invalidPasswordApplied(status api.PerconaXtraDBClusterStatus) bool { + if len(status.Messages) == 0 { + return false + } + + if strings.Contains(status.Messages[0], "password does not satisfy the current policy") { + return true + } + + return false +} diff --git a/pkg/controller/pxc/users_without_dp.go b/pkg/controller/pxc/users_without_dp.go index a03a5dafd3..a3e7887737 100644 --- a/pkg/controller/pxc/users_without_dp.go +++ b/pkg/controller/pxc/users_without_dp.go @@ -62,7 +62,7 @@ func (r *ReconcilePerconaXtraDBCluster) updateUsersWithoutDP(ctx context.Context return res, nil } func (r *ReconcilePerconaXtraDBCluster) handleRootUserWithoutDP(ctx context.Context, cr *api.PerconaXtraDBCluster, secrets, internalSecrets *corev1.Secret, actions *userUpdateActions) error { - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -126,7 +126,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleOperatorUserWithoutDP(ctx context. } } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -209,7 +209,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleMonitorUserWithoutDP(ctx context.C } } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -297,7 +297,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleClustercheckUserWithoutDP(ctx cont } } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -351,7 +351,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleXtrabackupUserWithoutDP(ctx contex } } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -386,7 +386,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleReplicationUserWithoutDP(ctx conte return nil } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -407,7 +407,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleReplicationUserWithoutDP(ctx conte } } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } @@ -451,7 +451,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleProxyadminUserWithoutDP(ctx contex return nil } - if cr.Status.Status != api.AppStateReady { + if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { return nil } From f957c538746917edba95b06b41e979540513af76 Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Mon, 11 Dec 2023 18:20:01 +0200 Subject: [PATCH 07/25] K8SPXC-345: add `topologySpreadConstraints` (#1516) * K8SPXC-345: add `topologySpreadConstraints` https://jira.percona.com/browse/K8SPXC-345 * refactor * add test * update defaults --------- Co-authored-by: Viacheslav Sarzhan --- ...pxc.percona.com_perconaxtradbclusters.yaml | 204 ++++++++++++++++++ deploy/bundle.yaml | 204 ++++++++++++++++++ deploy/cr.yaml | 35 +++ deploy/crd.yaml | 204 ++++++++++++++++++ deploy/cw-bundle.yaml | 204 ++++++++++++++++++ ...store-job-restore-pvc-sec-context-k127.yml | 4 + ...ch_restore-job-restore-pvc-sec-context.yml | 4 + ...estore-job-restore-s3-sec-context-k127.yml | 4 + ...tch_restore-job-restore-s3-sec-context.yml | 4 + .../job.batch_xb-on-demand-backup-s3.yml | 10 + ...lset_sec-context-proxysql-changes-k127.yml | 11 + ...atefulset_sec-context-proxysql-changes.yml | 11 + ...atefulset_sec-context-pxc-changes-k127.yml | 11 + .../statefulset_sec-context-pxc-changes.yml | 11 + .../conf/sec-context-changes.yml | 12 ++ pkg/apis/pxc/v1/pxc_types.go | 44 ++-- pkg/apis/pxc/v1/pxc_types_test.go | 4 +- pkg/apis/pxc/v1/zz_generated.deepcopy.go | 14 ++ pkg/controller/pxc/upgrade.go | 1 + pkg/pxc/app/deployment/binlog-collector.go | 20 +- pkg/pxc/backup/job.go | 14 +- pkg/pxc/backup/restore.go | 37 ++-- pkg/pxc/statefulset.go | 29 ++- 23 files changed, 1039 insertions(+), 57 deletions(-) diff --git a/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml b/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml index 2cb6f43f49..2ba75a45bc 100644 --- a/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml +++ b/config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml @@ -784,6 +784,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array type: type: string verifyTLS: @@ -3203,6 +3254,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: @@ -5876,6 +5978,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: @@ -8331,6 +8484,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: diff --git a/deploy/bundle.yaml b/deploy/bundle.yaml index 33f413a3e5..761630acbe 100644 --- a/deploy/bundle.yaml +++ b/deploy/bundle.yaml @@ -1677,6 +1677,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array type: type: string verifyTLS: @@ -4096,6 +4147,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: @@ -6769,6 +6871,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: @@ -9224,6 +9377,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: diff --git a/deploy/cr.yaml b/deploy/cr.yaml index 11c97fb0f7..88e94e6288 100644 --- a/deploy/cr.yaml +++ b/deploy/cr.yaml @@ -143,6 +143,13 @@ spec: # ephemeral-storage: 1G # nodeSelector: # disktype: ssd +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-xtradb-cluster-operator +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule affinity: antiAffinityTopologyKey: "kubernetes.io/hostname" # advanced: @@ -307,6 +314,13 @@ spec: # runAsGroup: 1001 # supplementalGroups: [1001] # serviceAccountName: percona-xtradb-cluster-operator-workload +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-xtradb-cluster-operator +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule affinity: antiAffinityTopologyKey: "kubernetes.io/hostname" # advanced: @@ -436,6 +450,13 @@ spec: # runAsGroup: 1001 # supplementalGroups: [1001] # serviceAccountName: percona-xtradb-cluster-operator-workload +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-xtradb-cluster-operator +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule affinity: antiAffinityTopologyKey: "kubernetes.io/hostname" # advanced: @@ -530,6 +551,13 @@ spec: # requests: # memory: 1G # cpu: 600m +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-xtradb-cluster-operator +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule # affinity: # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: @@ -586,6 +614,13 @@ spec: # requests: # memory: 1G # cpu: 600m +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: percona-xtradb-cluster-operator +# maxSkew: 1 +# topologyKey: kubernetes.io/hostname +# whenUnsatisfiable: DoNotSchedule # affinity: # nodeAffinity: # requiredDuringSchedulingIgnoredDuringExecution: diff --git a/deploy/crd.yaml b/deploy/crd.yaml index bdaea4fc40..0915addaf2 100644 --- a/deploy/crd.yaml +++ b/deploy/crd.yaml @@ -1677,6 +1677,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array type: type: string verifyTLS: @@ -4096,6 +4147,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: @@ -6769,6 +6871,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: @@ -9224,6 +9377,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: diff --git a/deploy/cw-bundle.yaml b/deploy/cw-bundle.yaml index 6f2c3dccae..341c16ac6c 100644 --- a/deploy/cw-bundle.yaml +++ b/deploy/cw-bundle.yaml @@ -1677,6 +1677,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array type: type: string verifyTLS: @@ -4096,6 +4147,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: @@ -6769,6 +6871,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: @@ -9224,6 +9377,57 @@ spec: type: string type: object type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + maxSkew: + format: int32 + type: integer + minDomains: + format: int32 + type: integer + nodeAffinityPolicy: + type: string + nodeTaintsPolicy: + type: string + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array vaultSecretName: type: string volumeSpec: diff --git a/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k127.yml b/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k127.yml index 1cf7b4b739..1e16daa186 100644 --- a/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k127.yml +++ b/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context-k127.yml @@ -61,6 +61,10 @@ spec: serviceAccount: percona-xtradb-cluster-operator-workload serviceAccountName: percona-xtradb-cluster-operator-workload terminationGracePeriodSeconds: 30 + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway volumes: - name: datadir persistentVolumeClaim: diff --git a/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context.yml b/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context.yml index 8df4ff8eec..444b2c8977 100644 --- a/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context.yml +++ b/e2e-tests/security-context/compare/job.batch_restore-job-restore-pvc-sec-context.yml @@ -59,6 +59,10 @@ spec: serviceAccount: percona-xtradb-cluster-operator-workload serviceAccountName: percona-xtradb-cluster-operator-workload terminationGracePeriodSeconds: 30 + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway volumes: - name: datadir persistentVolumeClaim: diff --git a/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k127.yml b/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k127.yml index c35a9b756c..36a54f9012 100644 --- a/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k127.yml +++ b/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context-k127.yml @@ -80,6 +80,10 @@ spec: serviceAccount: percona-xtradb-cluster-operator-workload serviceAccountName: percona-xtradb-cluster-operator-workload terminationGracePeriodSeconds: 30 + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway volumes: - name: datadir persistentVolumeClaim: diff --git a/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context.yml b/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context.yml index 071d48ec6c..d040d45d8e 100644 --- a/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context.yml +++ b/e2e-tests/security-context/compare/job.batch_restore-job-restore-s3-sec-context.yml @@ -78,6 +78,10 @@ spec: serviceAccount: percona-xtradb-cluster-operator-workload serviceAccountName: percona-xtradb-cluster-operator-workload terminationGracePeriodSeconds: 30 + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway volumes: - name: datadir persistentVolumeClaim: diff --git a/e2e-tests/security-context/compare/job.batch_xb-on-demand-backup-s3.yml b/e2e-tests/security-context/compare/job.batch_xb-on-demand-backup-s3.yml index 7ebb0826b9..88765f89a9 100644 --- a/e2e-tests/security-context/compare/job.batch_xb-on-demand-backup-s3.yml +++ b/e2e-tests/security-context/compare/job.batch_xb-on-demand-backup-s3.yml @@ -95,6 +95,16 @@ spec: serviceAccount: percona-xtradb-cluster-operator-workload serviceAccountName: percona-xtradb-cluster-operator-workload terminationGracePeriodSeconds: 30 + topologySpreadConstraints: + - labelSelector: + matchLabels: + backup-name: on-demand-backup-s3 + cluster: sec-context + job-name: xb-on-demand-backup-s3 + type: xtrabackup + maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway volumes: - name: ssl secret: diff --git a/e2e-tests/security-context/compare/statefulset_sec-context-proxysql-changes-k127.yml b/e2e-tests/security-context/compare/statefulset_sec-context-proxysql-changes-k127.yml index 6af7639c7d..28a155f3aa 100644 --- a/e2e-tests/security-context/compare/statefulset_sec-context-proxysql-changes-k127.yml +++ b/e2e-tests/security-context/compare/statefulset_sec-context-proxysql-changes-k127.yml @@ -173,6 +173,17 @@ spec: serviceAccount: percona-xtradb-cluster-operator-workload serviceAccountName: percona-xtradb-cluster-operator-workload terminationGracePeriodSeconds: 30 + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: proxysql + app.kubernetes.io/instance: sec-context + app.kubernetes.io/managed-by: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster + app.kubernetes.io/part-of: percona-xtradb-cluster + maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway volumes: - name: ssl-internal secret: diff --git a/e2e-tests/security-context/compare/statefulset_sec-context-proxysql-changes.yml b/e2e-tests/security-context/compare/statefulset_sec-context-proxysql-changes.yml index 7db679a961..97948bc3d5 100644 --- a/e2e-tests/security-context/compare/statefulset_sec-context-proxysql-changes.yml +++ b/e2e-tests/security-context/compare/statefulset_sec-context-proxysql-changes.yml @@ -170,6 +170,17 @@ spec: serviceAccount: percona-xtradb-cluster-operator-workload serviceAccountName: percona-xtradb-cluster-operator-workload terminationGracePeriodSeconds: 30 + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: proxysql + app.kubernetes.io/instance: sec-context + app.kubernetes.io/managed-by: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster + app.kubernetes.io/part-of: percona-xtradb-cluster + maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway volumes: - name: ssl-internal secret: diff --git a/e2e-tests/security-context/compare/statefulset_sec-context-pxc-changes-k127.yml b/e2e-tests/security-context/compare/statefulset_sec-context-pxc-changes-k127.yml index 4dc84faadd..48eebae336 100644 --- a/e2e-tests/security-context/compare/statefulset_sec-context-pxc-changes-k127.yml +++ b/e2e-tests/security-context/compare/statefulset_sec-context-pxc-changes-k127.yml @@ -178,6 +178,17 @@ spec: serviceAccount: percona-xtradb-cluster-operator-workload serviceAccountName: percona-xtradb-cluster-operator-workload terminationGracePeriodSeconds: 600 + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: pxc + app.kubernetes.io/instance: sec-context + app.kubernetes.io/managed-by: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster + app.kubernetes.io/part-of: percona-xtradb-cluster + maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway volumes: - emptyDir: {} name: tmp diff --git a/e2e-tests/security-context/compare/statefulset_sec-context-pxc-changes.yml b/e2e-tests/security-context/compare/statefulset_sec-context-pxc-changes.yml index 3532d0f4a7..8899297bff 100644 --- a/e2e-tests/security-context/compare/statefulset_sec-context-pxc-changes.yml +++ b/e2e-tests/security-context/compare/statefulset_sec-context-pxc-changes.yml @@ -175,6 +175,17 @@ spec: serviceAccount: percona-xtradb-cluster-operator-workload serviceAccountName: percona-xtradb-cluster-operator-workload terminationGracePeriodSeconds: 600 + topologySpreadConstraints: + - labelSelector: + matchLabels: + app.kubernetes.io/component: pxc + app.kubernetes.io/instance: sec-context + app.kubernetes.io/managed-by: percona-xtradb-cluster-operator + app.kubernetes.io/name: percona-xtradb-cluster + app.kubernetes.io/part-of: percona-xtradb-cluster + maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: ScheduleAnyway volumes: - emptyDir: {} name: tmp diff --git a/e2e-tests/security-context/conf/sec-context-changes.yml b/e2e-tests/security-context/conf/sec-context-changes.yml index 5359921553..a51cc53707 100644 --- a/e2e-tests/security-context/conf/sec-context-changes.yml +++ b/e2e-tests/security-context/conf/sec-context-changes.yml @@ -17,6 +17,10 @@ spec: runAsUser: 1001 fsGroup: 1001 supplementalGroups: [1001] + topologySpreadConstraints: + - whenUnsatisfiable: ScheduleAnyway + maxSkew: 0 + topologyKey: "" size: 3 image: -pxc serviceAccountName: percona-xtradb-cluster-operator-workload @@ -35,6 +39,10 @@ spec: affinity: antiAffinityTopologyKey: "kubernetes.io/hostname" proxysql: + topologySpreadConstraints: + - whenUnsatisfiable: ScheduleAnyway + maxSkew: 0 + topologyKey: "" enabled: true containerSecurityContext: privileged: true @@ -83,6 +91,10 @@ spec: podSecurityContext: fsGroup: 1001 supplementalGroups: [1001, 1002, 1003] + topologySpreadConstraints: + - whenUnsatisfiable: ScheduleAnyway + maxSkew: 0 + topologyKey: "" type: s3 s3: credentialsSecret: minio-secret diff --git a/pkg/apis/pxc/v1/pxc_types.go b/pkg/apis/pxc/v1/pxc_types.go index 1611dbd415..087e5949d7 100644 --- a/pkg/apis/pxc/v1/pxc_types.go +++ b/pkg/apis/pxc/v1/pxc_types.go @@ -448,6 +448,7 @@ type PodSpec struct { SidecarPVCs []corev1.PersistentVolumeClaim `json:"sidecarPVCs,omitempty"` RuntimeClassName *string `json:"runtimeClassName,omitempty"` HookScript string `json:"hookScript,omitempty"` + TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` } type HAProxySpec struct { @@ -514,23 +515,24 @@ func (spec *PMMSpec) UseAPI(secret *corev1.Secret) bool { } type BackupStorageSpec struct { - Type BackupStorageType `json:"type"` - S3 *BackupStorageS3Spec `json:"s3,omitempty"` - Azure *BackupStorageAzureSpec `json:"azure,omitempty"` - Volume *VolumeSpec `json:"volume,omitempty"` - NodeSelector map[string]string `json:"nodeSelector,omitempty"` - Resources corev1.ResourceRequirements `json:"resources,omitempty"` - Affinity *corev1.Affinity `json:"affinity,omitempty"` - Tolerations []corev1.Toleration `json:"tolerations,omitempty"` - Annotations map[string]string `json:"annotations,omitempty"` - Labels map[string]string `json:"labels,omitempty"` - SchedulerName string `json:"schedulerName,omitempty"` - PriorityClassName string `json:"priorityClassName,omitempty"` - PodSecurityContext *corev1.PodSecurityContext `json:"podSecurityContext,omitempty"` - ContainerSecurityContext *corev1.SecurityContext `json:"containerSecurityContext,omitempty"` - RuntimeClassName *string `json:"runtimeClassName,omitempty"` - VerifyTLS *bool `json:"verifyTLS,omitempty"` - ContainerOptions *BackupContainerOptions `json:"containerOptions,omitempty"` + Type BackupStorageType `json:"type"` + S3 *BackupStorageS3Spec `json:"s3,omitempty"` + Azure *BackupStorageAzureSpec `json:"azure,omitempty"` + Volume *VolumeSpec `json:"volume,omitempty"` + NodeSelector map[string]string `json:"nodeSelector,omitempty"` + Resources corev1.ResourceRequirements `json:"resources,omitempty"` + Affinity *corev1.Affinity `json:"affinity,omitempty"` + TopologySpreadConstraints []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"` + Tolerations []corev1.Toleration `json:"tolerations,omitempty"` + Annotations map[string]string `json:"annotations,omitempty"` + Labels map[string]string `json:"labels,omitempty"` + SchedulerName string `json:"schedulerName,omitempty"` + PriorityClassName string `json:"priorityClassName,omitempty"` + PodSecurityContext *corev1.PodSecurityContext `json:"podSecurityContext,omitempty"` + ContainerSecurityContext *corev1.SecurityContext `json:"containerSecurityContext,omitempty"` + RuntimeClassName *string `json:"runtimeClassName,omitempty"` + VerifyTLS *bool `json:"verifyTLS,omitempty"` + ContainerOptions *BackupContainerOptions `json:"containerOptions,omitempty"` } type BackupContainerOptions struct { @@ -1143,7 +1145,7 @@ var affinityValidTopologyKeys = map[string]struct{}{ "topology.kubernetes.io/region": {}, } -var defaultAffinityTopologyKey = "kubernetes.io/hostname" +var DefaultAffinityTopologyKey = "kubernetes.io/hostname" // reconcileAffinityOpts ensures that the affinity is set to the valid values. // - if the affinity doesn't set at all - set topology key to `defaultAffinityTopologyKey` @@ -1154,18 +1156,18 @@ func (p *PodSpec) reconcileAffinityOpts() { switch { case p.Affinity == nil: p.Affinity = &PodAffinity{ - TopologyKey: &defaultAffinityTopologyKey, + TopologyKey: &DefaultAffinityTopologyKey, } case p.Affinity.TopologyKey == nil: - p.Affinity.TopologyKey = &defaultAffinityTopologyKey + p.Affinity.TopologyKey = &DefaultAffinityTopologyKey case p.Affinity.Advanced != nil: p.Affinity.TopologyKey = nil case p.Affinity != nil && p.Affinity.TopologyKey != nil: if _, ok := affinityValidTopologyKeys[*p.Affinity.TopologyKey]; !ok { - p.Affinity.TopologyKey = &defaultAffinityTopologyKey + p.Affinity.TopologyKey = &DefaultAffinityTopologyKey } } } diff --git a/pkg/apis/pxc/v1/pxc_types_test.go b/pkg/apis/pxc/v1/pxc_types_test.go index 9c00f7fa11..b9c73d2754 100644 --- a/pkg/apis/pxc/v1/pxc_types_test.go +++ b/pkg/apis/pxc/v1/pxc_types_test.go @@ -18,7 +18,7 @@ func TestReconcileAffinity(t *testing.T) { pod: &PodSpec{}, desiered: &PodSpec{ Affinity: &PodAffinity{ - TopologyKey: &defaultAffinityTopologyKey, + TopologyKey: &DefaultAffinityTopologyKey, }, }, }, @@ -31,7 +31,7 @@ func TestReconcileAffinity(t *testing.T) { }, desiered: &PodSpec{ Affinity: &PodAffinity{ - TopologyKey: &defaultAffinityTopologyKey, + TopologyKey: &DefaultAffinityTopologyKey, }, }, }, diff --git a/pkg/apis/pxc/v1/zz_generated.deepcopy.go b/pkg/apis/pxc/v1/zz_generated.deepcopy.go index 58b130db4c..0bf8967869 100644 --- a/pkg/apis/pxc/v1/zz_generated.deepcopy.go +++ b/pkg/apis/pxc/v1/zz_generated.deepcopy.go @@ -143,6 +143,13 @@ func (in *BackupStorageSpec) DeepCopyInto(out *BackupStorageSpec) { *out = new(corev1.Affinity) (*in).DeepCopyInto(*out) } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]corev1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } if in.Tolerations != nil { in, out := &in.Tolerations, &out.Tolerations *out = make([]corev1.Toleration, len(*in)) @@ -1062,6 +1069,13 @@ func (in *PodSpec) DeepCopyInto(out *PodSpec) { *out = new(string) **out = **in } + if in.TopologySpreadConstraints != nil { + in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints + *out = make([]corev1.TopologySpreadConstraint, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSpec. diff --git a/pkg/controller/pxc/upgrade.go b/pkg/controller/pxc/upgrade.go index fed8e7ddc6..8f7c369f2f 100644 --- a/pkg/controller/pxc/upgrade.go +++ b/pkg/controller/pxc/upgrade.go @@ -205,6 +205,7 @@ func (r *ReconcilePerconaXtraDBCluster) updatePod(ctx context.Context, sfs api.S currentSet.Spec.Template.Spec.Containers = newContainers currentSet.Spec.Template.Spec.InitContainers = newInitContainers currentSet.Spec.Template.Spec.Affinity = pxc.PodAffinity(podSpec.Affinity, sfs) + currentSet.Spec.Template.Spec.TopologySpreadConstraints = pxc.PodTopologySpreadConstraints(podSpec.TopologySpreadConstraints, sfs.Labels()) if sfsVolume != nil && sfsVolume.Volumes != nil { currentSet.Spec.Template.Spec.Volumes = sfsVolume.Volumes } diff --git a/pkg/pxc/app/deployment/binlog-collector.go b/pkg/pxc/app/deployment/binlog-collector.go index 65b0664dd0..63073c6e09 100644 --- a/pkg/pxc/app/deployment/binlog-collector.go +++ b/pkg/pxc/app/deployment/binlog-collector.go @@ -17,6 +17,7 @@ import ( "github.com/percona/percona-xtradb-cluster-operator/clientcmd" api "github.com/percona/percona-xtradb-cluster-operator/pkg/apis/pxc/v1" + "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/app" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/users" ) @@ -118,15 +119,16 @@ func GetBinlogCollectorDeployment(cr *api.PerconaXtraDBCluster) (appsv1.Deployme Annotations: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].Annotations, }, Spec: corev1.PodSpec{ - Containers: []corev1.Container{container}, - ImagePullSecrets: cr.Spec.Backup.ImagePullSecrets, - ServiceAccountName: cr.Spec.Backup.ServiceAccountName, - SecurityContext: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].PodSecurityContext, - Affinity: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].Affinity, - Tolerations: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].Tolerations, - NodeSelector: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].NodeSelector, - SchedulerName: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].SchedulerName, - PriorityClassName: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].PriorityClassName, + Containers: []corev1.Container{container}, + ImagePullSecrets: cr.Spec.Backup.ImagePullSecrets, + ServiceAccountName: cr.Spec.Backup.ServiceAccountName, + SecurityContext: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].PodSecurityContext, + Affinity: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].Affinity, + TopologySpreadConstraints: pxc.PodTopologySpreadConstraints(cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].TopologySpreadConstraints, labels), + Tolerations: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].Tolerations, + NodeSelector: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].NodeSelector, + SchedulerName: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].SchedulerName, + PriorityClassName: cr.Spec.Backup.Storages[cr.Spec.Backup.PITR.StorageName].PriorityClassName, Volumes: []corev1.Volume{ app.GetSecretVolumes("mysql-users-secret-file", "internal-"+cr.Name, false), }, diff --git a/pkg/pxc/backup/job.go b/pkg/pxc/backup/job.go index 17feaf0df3..35ce4a0cc3 100644 --- a/pkg/pxc/backup/job.go +++ b/pkg/pxc/backup/job.go @@ -11,6 +11,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" api "github.com/percona/percona-xtradb-cluster-operator/pkg/apis/pxc/v1" + "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/app" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/users" "github.com/percona/percona-xtradb-cluster-operator/pkg/util" @@ -101,12 +102,13 @@ func (bcp *Backup) JobSpec(spec api.PXCBackupSpec, cluster *api.PerconaXtraDBClu Resources: storage.Resources, }, }, - Affinity: storage.Affinity, - Tolerations: storage.Tolerations, - NodeSelector: storage.NodeSelector, - SchedulerName: storage.SchedulerName, - PriorityClassName: storage.PriorityClassName, - RuntimeClassName: storage.RuntimeClassName, + Affinity: storage.Affinity, + TopologySpreadConstraints: pxc.PodTopologySpreadConstraints(storage.TopologySpreadConstraints, job.Labels), + Tolerations: storage.Tolerations, + NodeSelector: storage.NodeSelector, + SchedulerName: storage.SchedulerName, + PriorityClassName: storage.PriorityClassName, + RuntimeClassName: storage.RuntimeClassName, }, }, }, nil diff --git a/pkg/pxc/backup/restore.go b/pkg/pxc/backup/restore.go index 69a6170bd0..588ad2fbf2 100644 --- a/pkg/pxc/backup/restore.go +++ b/pkg/pxc/backup/restore.go @@ -12,6 +12,7 @@ import ( logf "sigs.k8s.io/controller-runtime/pkg/log" api "github.com/percona/percona-xtradb-cluster-operator/pkg/apis/pxc/v1" + "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/app" "github.com/percona/percona-xtradb-cluster-operator/pkg/pxc/users" "github.com/percona/percona-xtradb-cluster-operator/pkg/util" @@ -121,14 +122,15 @@ func PVCRestorePod(cr *api.PerconaXtraDBClusterRestore, bcpStorageName, pvcName app.GetSecretVolumes("ssl", cluster.Spec.PXC.SSLSecretName, cluster.Spec.AllowUnsafeConfig), app.GetSecretVolumes("vault-keyring-secret", cluster.Spec.PXC.VaultSecretName, true), }, - RestartPolicy: corev1.RestartPolicyAlways, - NodeSelector: cluster.Spec.Backup.Storages[bcpStorageName].NodeSelector, - Affinity: cluster.Spec.Backup.Storages[bcpStorageName].Affinity, - Tolerations: cluster.Spec.Backup.Storages[bcpStorageName].Tolerations, - SchedulerName: cluster.Spec.Backup.Storages[bcpStorageName].SchedulerName, - PriorityClassName: cluster.Spec.Backup.Storages[bcpStorageName].PriorityClassName, - ServiceAccountName: cluster.Spec.PXC.ServiceAccountName, - RuntimeClassName: cluster.Spec.Backup.Storages[bcpStorageName].RuntimeClassName, + RestartPolicy: corev1.RestartPolicyAlways, + NodeSelector: cluster.Spec.Backup.Storages[bcpStorageName].NodeSelector, + Affinity: cluster.Spec.Backup.Storages[bcpStorageName].Affinity, + TopologySpreadConstraints: pxc.PodTopologySpreadConstraints(cluster.Spec.Backup.Storages[bcpStorageName].TopologySpreadConstraints, labels), + Tolerations: cluster.Spec.Backup.Storages[bcpStorageName].Tolerations, + SchedulerName: cluster.Spec.Backup.Storages[bcpStorageName].SchedulerName, + PriorityClassName: cluster.Spec.Backup.Storages[bcpStorageName].PriorityClassName, + ServiceAccountName: cluster.Spec.PXC.ServiceAccountName, + RuntimeClassName: cluster.Spec.Backup.Storages[bcpStorageName].RuntimeClassName, }, }, nil } @@ -233,15 +235,16 @@ func RestoreJob(cr *api.PerconaXtraDBClusterRestore, bcp *api.PerconaXtraDBClust Containers: []corev1.Container{ xtrabackupContainer(cr, cluster, command, volumeMounts, envs), }, - RestartPolicy: corev1.RestartPolicyNever, - Volumes: jobPVCs, - NodeSelector: cluster.Spec.PXC.NodeSelector, - Affinity: cluster.Spec.PXC.Affinity.Advanced, - Tolerations: cluster.Spec.PXC.Tolerations, - SchedulerName: cluster.Spec.PXC.SchedulerName, - PriorityClassName: cluster.Spec.PXC.PriorityClassName, - ServiceAccountName: cluster.Spec.PXC.ServiceAccountName, - RuntimeClassName: cluster.Spec.PXC.RuntimeClassName, + RestartPolicy: corev1.RestartPolicyNever, + Volumes: jobPVCs, + NodeSelector: cluster.Spec.PXC.NodeSelector, + Affinity: cluster.Spec.PXC.Affinity.Advanced, + TopologySpreadConstraints: pxc.PodTopologySpreadConstraints(cluster.Spec.PXC.TopologySpreadConstraints, cluster.Spec.PXC.Labels), + Tolerations: cluster.Spec.PXC.Tolerations, + SchedulerName: cluster.Spec.PXC.SchedulerName, + PriorityClassName: cluster.Spec.PXC.PriorityClassName, + ServiceAccountName: cluster.Spec.PXC.ServiceAccountName, + RuntimeClassName: cluster.Spec.PXC.RuntimeClassName, }, }, BackoffLimit: func(i int32) *int32 { return &i }(4), diff --git a/pkg/pxc/statefulset.go b/pkg/pxc/statefulset.go index e69b5046c0..ea2852b75f 100644 --- a/pkg/pxc/statefulset.go +++ b/pkg/pxc/statefulset.go @@ -15,8 +15,8 @@ import ( // StatefulSet returns StatefulSet according for app to podSpec func StatefulSet(sfs api.StatefulApp, podSpec *api.PodSpec, cr *api.PerconaXtraDBCluster, secret *corev1.Secret, - initContainers []corev1.Container, log logr.Logger, vg api.CustomVolumeGetter) (*appsv1.StatefulSet, error) { - + initContainers []corev1.Container, log logr.Logger, vg api.CustomVolumeGetter, +) (*appsv1.StatefulSet, error) { pod := corev1.PodSpec{ SecurityContext: podSpec.PodSecurityContext, NodeSelector: podSpec.NodeSelector, @@ -32,6 +32,7 @@ func StatefulSet(sfs api.StatefulApp, podSpec *api.PodSpec, cr *api.PerconaXtraD } secrets := secret.Name pod.Affinity = PodAffinity(podSpec.Affinity, sfs) + pod.TopologySpreadConstraints = PodTopologySpreadConstraints(podSpec.TopologySpreadConstraints, sfs.Labels()) if sfs.Labels()["app.kubernetes.io/component"] == "haproxy" && cr.CompareVersionWith("1.7.0") == -1 { t := true @@ -168,6 +169,30 @@ func PodAffinity(af *api.PodAffinity, app api.App) *corev1.Affinity { return nil } +func PodTopologySpreadConstraints(tscs []corev1.TopologySpreadConstraint, ls map[string]string) []corev1.TopologySpreadConstraint { + result := make([]corev1.TopologySpreadConstraint, 0, len(tscs)) + + for _, tsc := range tscs { + if tsc.LabelSelector == nil && tsc.MatchLabelKeys == nil && len(ls) > 0 { + tsc.LabelSelector = &metav1.LabelSelector{ + MatchLabels: ls, + } + } + if tsc.MaxSkew == 0 { + tsc.MaxSkew = 1 + } + if tsc.TopologyKey == "" { + tsc.TopologyKey = api.DefaultAffinityTopologyKey + } + if tsc.WhenUnsatisfiable == "" { + tsc.WhenUnsatisfiable = corev1.ScheduleAnyway + } + + result = append(result, tsc) + } + return result +} + func MergeTemplateAnnotations(sfs *appsv1.StatefulSet, annotations map[string]string) { if len(annotations) == 0 { return From 445e046ee47b754522ae507758e25e842a52bc50 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 18:23:40 +0200 Subject: [PATCH 08/25] CLOUD-727: Bump github.com/minio/minio-go/v7 from 7.0.63 to 7.0.65 (#1540) Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.63 to 7.0.65. - [Release notes](https://github.com/minio/minio-go/releases) - [Commits](https://github.com/minio/minio-go/compare/v7.0.63...v7.0.65) --- updated-dependencies: - dependency-name: github.com/minio/minio-go/v7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index d1ed8a0b41..9061b84058 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/go-sql-driver/mysql v1.7.1 github.com/google/go-cmp v0.6.0 github.com/hashicorp/go-version v1.6.0 - github.com/minio/minio-go/v7 v7.0.63 + github.com/minio/minio-go/v7 v7.0.65 github.com/onsi/ginkgo/v2 v2.13.0 github.com/onsi/gomega v1.29.0 github.com/pkg/errors v0.9.1 diff --git a/go.sum b/go.sum index d29c91a56e..1f4fefdcb2 100644 --- a/go.sum +++ b/go.sum @@ -192,8 +192,8 @@ github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zk github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34= github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM= -github.com/minio/minio-go/v7 v7.0.63 h1:GbZ2oCvaUdgT5640WJOpyDhhDxvknAJU2/T3yurwcbQ= -github.com/minio/minio-go/v7 v7.0.63/go.mod h1:Q6X7Qjb7WMhvG65qKf4gUgA5XaiSox74kR1uAEjxRS4= +github.com/minio/minio-go/v7 v7.0.65 h1:sOlB8T3nQK+TApTpuN3k4WD5KasvZIE3vVFzyyCa0go= +github.com/minio/minio-go/v7 v7.0.65/go.mod h1:R4WVUR6ZTedlCcGwZRauLMIKjgyaWxhs4Mqi/OMPmEc= github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM= github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8= github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= From bb2542a3fc1f21f30e03bc4818c63777edfc3955 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 18:26:33 +0200 Subject: [PATCH 09/25] CLOUD-727: Bump k8s.io/klog/v2 from 2.100.1 to 2.110.1 (#1528) Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.100.1 to 2.110.1. - [Release notes](https://github.com/kubernetes/klog/releases) - [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md) - [Commits](https://github.com/kubernetes/klog/compare/v2.100.1...v2.110.1) --- updated-dependencies: - dependency-name: k8s.io/klog/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 9061b84058..8f7d04bd2a 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/cert-manager/cert-manager v1.12.1 github.com/flosch/pongo2/v6 v6.0.0 github.com/go-ini/ini v1.67.0 - github.com/go-logr/logr v1.2.4 + github.com/go-logr/logr v1.3.0 github.com/go-logr/zapr v1.2.4 github.com/go-openapi/errors v0.20.4 github.com/go-openapi/runtime v0.26.0 @@ -29,7 +29,7 @@ require ( k8s.io/api v0.28.4 k8s.io/apimachinery v0.28.4 k8s.io/client-go v0.28.4 - k8s.io/klog/v2 v2.100.1 + k8s.io/klog/v2 v2.110.1 sigs.k8s.io/controller-runtime v0.15.0 ) diff --git a/go.sum b/go.sum index 1f4fefdcb2..f645c59a74 100644 --- a/go.sum +++ b/go.sum @@ -48,10 +48,10 @@ github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A= github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= +github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= @@ -418,8 +418,8 @@ k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY= k8s.io/client-go v0.28.4/go.mod h1:0VDZFpgoZfelyP5Wqu0/r/TRYcLYuJ2U1KEeoaPa1N4= k8s.io/component-base v0.27.2 h1:neju+7s/r5O4x4/txeUONNTS9r1HsPbyoPBAtHsDCpo= k8s.io/component-base v0.27.2/go.mod h1:5UPk7EjfgrfgRIuDBFtsEFAe4DAvP3U+M8RTzoSJkpo= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= +k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU= From 1dd9aca8524001863c445697189074c5bb22c1a8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 18:28:35 +0200 Subject: [PATCH 10/25] CLOUD-727: Bump golang.org/x/sync from 0.3.0 to 0.5.0 (#1534) Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.3.0 to 0.5.0. - [Commits](https://github.com/golang/sync/compare/v0.3.0...v0.5.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 8f7d04bd2a..cf4a584590 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( github.com/pkg/errors v0.9.1 github.com/robfig/cron/v3 v3.0.1 go.uber.org/zap v1.26.0 - golang.org/x/sync v0.3.0 + golang.org/x/sync v0.5.0 k8s.io/api v0.28.4 k8s.io/apimachinery v0.28.4 k8s.io/client-go v0.28.4 diff --git a/go.sum b/go.sum index f645c59a74..8005c2329b 100644 --- a/go.sum +++ b/go.sum @@ -328,8 +328,8 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= From eb4a3babbb9e711b539e4bff0766071746245668 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 18:33:17 +0200 Subject: [PATCH 11/25] CLOUD-727: Bump github.com/go-logr/zapr from 1.2.4 to 1.3.0 (#1533) Bumps [github.com/go-logr/zapr](https://github.com/go-logr/zapr) from 1.2.4 to 1.3.0. - [Release notes](https://github.com/go-logr/zapr/releases) - [Commits](https://github.com/go-logr/zapr/compare/v1.2.4...v1.3.0) --- updated-dependencies: - dependency-name: github.com/go-logr/zapr dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 20 +++----------------- 2 files changed, 4 insertions(+), 18 deletions(-) diff --git a/go.mod b/go.mod index cf4a584590..cbe55e602a 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/flosch/pongo2/v6 v6.0.0 github.com/go-ini/ini v1.67.0 github.com/go-logr/logr v1.3.0 - github.com/go-logr/zapr v1.2.4 + github.com/go-logr/zapr v1.3.0 github.com/go-openapi/errors v0.20.4 github.com/go-openapi/runtime v0.26.0 github.com/go-openapi/strfmt v0.21.7 diff --git a/go.sum b/go.sum index 8005c2329b..ab9fa268af 100644 --- a/go.sum +++ b/go.sum @@ -17,7 +17,6 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/caarlos0/env v3.5.0+incompatible h1:Yy0UN8o9Wtr/jGHZDpCBLpNrzcFLLM2yixi/rBrKyJs= @@ -49,13 +48,12 @@ github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbS github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A= github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/analysis v0.21.2/go.mod h1:HZwRk4RRisyG8vx2Oe6aqeSQcoxRp47Xkp3+K6q+LdY= github.com/go-openapi/analysis v0.21.4 h1:ZDFLvSNxpDaomuCueM0BlSXxpANBlFYiBvr+GXrvIHc= github.com/go-openapi/analysis v0.21.4/go.mod h1:4zQ35W4neeZTqh3ol0rv/O8JBbka9QyAgQRPp9y3pfo= @@ -263,7 +261,7 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= @@ -274,7 +272,6 @@ github.com/xdg-go/stringprep v1.0.3/go.mod h1:W3f5j4i+9rC0kuIEJL0ky1VpHXQU3ocBgk github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8= @@ -285,13 +282,9 @@ go.opentelemetry.io/otel v1.15.0/go.mod h1:qfwLEbWhLPk5gyWrne4XnF0lC8wtywbuJbgfA go.opentelemetry.io/otel/sdk v1.15.0 h1:jZTCkRRd08nxD6w7rIaZeDNGZGGQstH3SfLQ3ZsKICk= go.opentelemetry.io/otel/trace v1.15.0 h1:5Fwje4O2ooOxkfyqI/kJwxWotggDLix4BSAvpE1wlpo= go.opentelemetry.io/otel/trace v1.15.0/go.mod h1:CUsmE2Ht1CRkvE8OsMESvraoZrrcgD1J2W8GV1ev0Y4= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ= go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -303,10 +296,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -314,7 +305,6 @@ golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= @@ -340,10 +330,8 @@ golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -364,7 +352,6 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190329151228-23e29df326fe/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190416151739-9c9e1878f421/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190420181800-aa740d480789/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= @@ -372,7 +359,6 @@ golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From d537170a7b7a7f28faacb571ab9993355750153c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 18:36:34 +0200 Subject: [PATCH 12/25] CLOUD-727: Bump github.com/onsi/gomega from 1.29.0 to 1.30.0 (#1532) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.29.0 to 1.30.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.29.0...v1.30.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index cbe55e602a..d08d9aaaf9 100644 --- a/go.mod +++ b/go.mod @@ -21,7 +21,7 @@ require ( github.com/hashicorp/go-version v1.6.0 github.com/minio/minio-go/v7 v7.0.65 github.com/onsi/ginkgo/v2 v2.13.0 - github.com/onsi/gomega v1.29.0 + github.com/onsi/gomega v1.30.0 github.com/pkg/errors v0.9.1 github.com/robfig/cron/v3 v3.0.1 go.uber.org/zap v1.26.0 diff --git a/go.sum b/go.sum index ab9fa268af..e92f3d3678 100644 --- a/go.sum +++ b/go.sum @@ -213,8 +213,8 @@ github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4= github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= -github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= -github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= +github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= From 2be476f4d45bf0c5b919fc053587b88d405d159e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 18:39:12 +0200 Subject: [PATCH 13/25] CLOUD-727: Bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.2 (#1529) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.13.0 to 2.13.2. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v2.13.0...v2.13.2) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 6 +++--- go.sum | 14 +++++++------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/go.mod b/go.mod index d08d9aaaf9..a68f365d7f 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/google/go-cmp v0.6.0 github.com/hashicorp/go-version v1.6.0 github.com/minio/minio-go/v7 v7.0.65 - github.com/onsi/ginkgo/v2 v2.13.0 + github.com/onsi/ginkgo/v2 v2.13.2 github.com/onsi/gomega v1.30.0 github.com/pkg/errors v0.9.1 github.com/robfig/cron/v3 v3.0.1 @@ -89,11 +89,11 @@ require ( golang.org/x/crypto v0.14.0 // indirect golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.8.0 // indirect - golang.org/x/sys v0.13.0 // indirect + golang.org/x/sys v0.14.0 // indirect golang.org/x/term v0.13.0 // indirect golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.12.0 // indirect + golang.org/x/tools v0.14.0 // indirect gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/protobuf v1.31.0 // indirect diff --git a/go.sum b/go.sum index e92f3d3678..fd8075ea82 100644 --- a/go.sum +++ b/go.sum @@ -211,8 +211,8 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8m github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4= -github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= +github.com/onsi/ginkgo/v2 v2.13.2 h1:Bi2gGVkfn6gQcjNjZJVO8Gf0FHzMPf2phUei9tejVMs= +github.com/onsi/ginkgo/v2 v2.13.2/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= @@ -298,7 +298,7 @@ golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= +golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= @@ -336,8 +336,8 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= +golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= @@ -359,8 +359,8 @@ golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= -golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= +golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= +golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From 97240d09f7d4f362119327d7028d8488b47029bb Mon Sep 17 00:00:00 2001 From: Inel Pandzic Date: Tue, 12 Dec 2023 13:48:43 +0100 Subject: [PATCH 14/25] K8SPXC-878: Remove clustercheck user (#1542) * Remove clustercheck user. * Return clustercheck user for 1.4.0, 1.5.0, 1.6.0, 1.7.0 and 1.8.0 manifests. * Refactor --- build/pxc-entrypoint.sh | 8 -- deploy/secrets.yaml | 1 - e2e-tests/conf/secrets.yml | 1 - e2e-tests/conf/secrets_without_tls.yml | 1 - .../init-deploy/compare/clustercheck-80.sql | 2 - .../init-deploy/compare/clustercheck.sql | 1 - e2e-tests/init-deploy/run | 1 - e2e-tests/monitoring-2-0/conf/secrets.yaml | 1 - .../upgrade-consistency/conf/secrets.yml | 1 - e2e-tests/users/conf/secrets.yml | 1 - e2e-tests/users/run | 6 - pkg/controller/pxc/secrets.go | 3 +- pkg/controller/pxc/users.go | 108 +----------------- pkg/controller/pxc/users_without_dp.go | 81 +------------ pkg/pxc/users/users.go | 21 +--- 15 files changed, 12 insertions(+), 225 deletions(-) delete mode 100644 e2e-tests/init-deploy/compare/clustercheck-80.sql delete mode 100644 e2e-tests/init-deploy/compare/clustercheck.sql diff --git a/build/pxc-entrypoint.sh b/build/pxc-entrypoint.sh index f734eb3d9b..48ece1297f 100755 --- a/build/pxc-entrypoint.sh +++ b/build/pxc-entrypoint.sh @@ -226,7 +226,6 @@ else fi file_env 'XTRABACKUP_PASSWORD' 'xtrabackup' 'xtrabackup' -file_env 'CLUSTERCHECK_PASSWORD' '' 'clustercheck' NODE_NAME=$(hostname -f) NODE_PORT=3306 @@ -269,9 +268,6 @@ elif [ -n "$DISCOVERY_SERVICE" ]; then { set +x; } 2>/dev/null sed -r "s|^[#]?wsrep_sst_auth=.*$|wsrep_sst_auth='xtrabackup:${XTRABACKUP_PASSWORD}'|" "${CFG}" 1<>"${CFG}" - /usr/bin/clustercheckcron clustercheck "${CLUSTERCHECK_PASSWORD}" 1 /var/lib/mysql/clustercheck.log 1 & - set -x - else : checking incoming cluster parameters NODE_IP=$(hostname -I | awk ' { print $1 } ') @@ -396,7 +392,6 @@ if [ -z "$CLUSTER_JOIN" ] && [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then if [[ $MYSQL_VERSION == "8.0" ]] && ((MYSQL_PATCH_VERSION >= 16)); then read -r -d '' systemUserGrant <<-EOSQL || true GRANT SYSTEM_USER ON *.* TO 'monitor'@'${MONITOR_HOST}'; - GRANT SYSTEM_USER ON *.* TO 'clustercheck'@'localhost'; EOSQL fi @@ -422,9 +417,6 @@ if [ -z "$CLUSTER_JOIN" ] && [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then GRANT SELECT ON performance_schema.* TO 'monitor'@'${MONITOR_HOST}'; ${monitorConnectGrant} - CREATE USER 'clustercheck'@'localhost' IDENTIFIED BY '$(escape_special "${CLUSTERCHECK_PASSWORD}")' PASSWORD EXPIRE NEVER; - GRANT PROCESS ON *.* TO 'clustercheck'@'localhost'; - ${systemUserGrant} CREATE USER 'replication'@'%' IDENTIFIED BY '$(escape_special "${REPLICATION_PASSWORD}")' PASSWORD EXPIRE NEVER; diff --git a/deploy/secrets.yaml b/deploy/secrets.yaml index 19353f4607..5bffc0b520 100644 --- a/deploy/secrets.yaml +++ b/deploy/secrets.yaml @@ -7,7 +7,6 @@ stringData: root: root_password xtrabackup: backup_password monitor: monitory - clustercheck: clustercheckpassword proxyadmin: admin_password # pmmserverkey: my_pmm_server_key operator: operatoradmin diff --git a/e2e-tests/conf/secrets.yml b/e2e-tests/conf/secrets.yml index 9ff21ee71e..f2017fb182 100644 --- a/e2e-tests/conf/secrets.yml +++ b/e2e-tests/conf/secrets.yml @@ -7,7 +7,6 @@ data: root: cm9vdF9wYXNzd29yZA== xtrabackup: YmFja3VwX3Bhc3N3b3Jk monitor: bW9uaXRvcl9wYXNzd29yZA== - clustercheck: Y2x1c3RlcmNoZWNrcGFzc3dvcmQ= proxyadmin: YWRtaW5fcGFzc3dvcmQ= pmmserver: cG1tc2VydmVyX3Bhc3N3b3Jk operator: b3BlcmF0b3JhZG1pbg== diff --git a/e2e-tests/conf/secrets_without_tls.yml b/e2e-tests/conf/secrets_without_tls.yml index 9a7c1b18a4..61cb00ed83 100644 --- a/e2e-tests/conf/secrets_without_tls.yml +++ b/e2e-tests/conf/secrets_without_tls.yml @@ -7,7 +7,6 @@ data: root: cm9vdF9wYXNzd29yZA== xtrabackup: YmFja3VwX3Bhc3N3b3Jk monitor: bW9uaXRvcl9wYXNzd29yZA== - clustercheck: Y2x1c3RlcmNoZWNrcGFzc3dvcmQ= proxyadmin: YWRtaW5fcGFzc3dvcmQ= pmmserver: cG1tc2VydmVyX3Bhc3N3b3Jk operator: b3BlcmF0b3JhZG1pbg== diff --git a/e2e-tests/init-deploy/compare/clustercheck-80.sql b/e2e-tests/init-deploy/compare/clustercheck-80.sql deleted file mode 100644 index 15c828dc62..0000000000 --- a/e2e-tests/init-deploy/compare/clustercheck-80.sql +++ /dev/null @@ -1,2 +0,0 @@ -GRANT PROCESS ON *.* TO `clustercheck`@`localhost` -GRANT SYSTEM_USER ON *.* TO `clustercheck`@`localhost` diff --git a/e2e-tests/init-deploy/compare/clustercheck.sql b/e2e-tests/init-deploy/compare/clustercheck.sql deleted file mode 100644 index ebe8fcf66d..0000000000 --- a/e2e-tests/init-deploy/compare/clustercheck.sql +++ /dev/null @@ -1 +0,0 @@ -GRANT PROCESS ON *.* TO 'clustercheck'@'localhost' diff --git a/e2e-tests/init-deploy/run b/e2e-tests/init-deploy/run index f349028c5d..be9e501a66 100755 --- a/e2e-tests/init-deploy/run +++ b/e2e-tests/init-deploy/run @@ -36,7 +36,6 @@ compare_mysql_user "-h $cluster-pxc -uroot -proot_password" compare_mysql_user "-h $cluster-pxc -umonitor -pmonitor_password" compare_mysql_user "-h $cluster-pxc -uproxyuser -ps3cret" compare_mysql_user_local "-uxtrabackup -pbackup_password" "$cluster-pxc-0" "" "pxc" -compare_mysql_user_local "-uclustercheck -pclustercheckpassword" "$cluster-pxc-0" "" "pxc" desc "check that pmm server user don't have access" compare_mysql_user "-h $cluster-pxc -upmmserver -ppmmserver_password" diff --git a/e2e-tests/monitoring-2-0/conf/secrets.yaml b/e2e-tests/monitoring-2-0/conf/secrets.yaml index 9f5932242d..79013fbe20 100644 --- a/e2e-tests/monitoring-2-0/conf/secrets.yaml +++ b/e2e-tests/monitoring-2-0/conf/secrets.yaml @@ -7,7 +7,6 @@ stringData: root: root_password xtrabackup: backup_password monitor: f1+eA353oPW,9 0 { - if err := r.updateUserPassExpirationPolicy(ctx, cr, internalSecrets, user); err != nil { - return err - } - - if cr.CompareVersionWith("1.10.0") >= 0 { - mysqlVersion := cr.Status.PXC.Version - if mysqlVersion == "" { - var err error - mysqlVersion, err = r.mysqlVersion(ctx, cr, statefulset.NewNode(cr)) - if err != nil { - if errors.Is(err, versionNotReadyErr) { - return nil - } - return errors.Wrap(err, "retrieving pxc version") - } - } - - if mysqlVersion != "" { - ver, err := version.NewVersion(mysqlVersion) - if err != nil { - return errors.Wrap(err, "invalid pxc version") - } - - if !ver.LessThan(privSystemUserAddedIn) { - um, err := getUserManager(cr, internalSecrets) - if err != nil { - return err - } - defer um.Close() - - if err := r.grantSystemUserPrivilege(ctx, cr, internalSecrets, user, um); err != nil { - return errors.Wrap(err, "clustercheck user grant system privilege") - } - } - } - } - } - - if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { - return nil - } - - passDiscarded, err := r.isOldPasswordDiscarded(cr, internalSecrets, user) - if err != nil { - return err - } - - if bytes.Equal(secrets.Data[user.Name], internalSecrets.Data[user.Name]) && passDiscarded { - return nil - } - - if bytes.Equal(secrets.Data[user.Name], internalSecrets.Data[user.Name]) && !passDiscarded { - err = r.discardOldPassword(cr, secrets, internalSecrets, user) - if err != nil { - return errors.Wrap(err, "discard old pass") - } - log.Info("Old password discarded", "user", user.Name) - - return nil - } - - log.Info("Password changed, updating user", "user", user.Name) - - err = r.updateUserPassWithRetention(cr, secrets, internalSecrets, user) - if err != nil { - return errors.Wrap(err, "update clustercheck users pass") - } - log.Info("Password updated", "user", user.Name) - - orig := internalSecrets.DeepCopy() - internalSecrets.Data[user.Name] = secrets.Data[user.Name] - err = r.client.Patch(context.TODO(), internalSecrets, client.MergeFrom(orig)) - if err != nil { - return errors.Wrap(err, "update internal users secrets clustercheck user password") - } - log.Info("Internal secrets updated", "user", user.Name) - - err = r.discardOldPassword(cr, secrets, internalSecrets, user) - if err != nil { - return errors.Wrap(err, "discard clustercheck old pass") - } - log.Info("Old password discarded", "user", user.Name) - - return nil -} - func (r *ReconcilePerconaXtraDBCluster) handleXtrabackupUser(ctx context.Context, cr *api.PerconaXtraDBCluster, secrets, internalSecrets *corev1.Secret, actions *userUpdateActions) error { log := logf.FromContext(ctx) @@ -1128,7 +1028,7 @@ func (r *ReconcilePerconaXtraDBCluster) updateProxyUser(cr *api.PerconaXtraDBClu return nil } -func (r *ReconcilePerconaXtraDBCluster) grantSystemUserPrivilege(ctx context.Context, cr *api.PerconaXtraDBCluster, internalSysSecretObj *corev1.Secret, user *users.SysUser, um *users.Manager) error { +func (r *ReconcilePerconaXtraDBCluster) grantMonitorUserPrivilege(ctx context.Context, cr *api.PerconaXtraDBCluster, internalSysSecretObj *corev1.Secret, um *users.Manager) error { log := logf.FromContext(ctx) annotationName := "grant-for-1.10.0-system-privilege" @@ -1136,7 +1036,7 @@ func (r *ReconcilePerconaXtraDBCluster) grantSystemUserPrivilege(ctx context.Con return nil } - if err := um.Update1100SystemUserPrivilege(user); err != nil { + if err := um.Update1100MonitorUserPrivilege(); err != nil { return errors.Wrap(err, "grant system user privilege") } @@ -1150,7 +1050,7 @@ func (r *ReconcilePerconaXtraDBCluster) grantSystemUserPrivilege(ctx context.Con return errors.Wrap(err, "update internal sys users secret annotation") } - log.Info("System user privileges granted", "user", user.Name) + log.Info("monitor user privileges granted") return nil } diff --git a/pkg/controller/pxc/users_without_dp.go b/pkg/controller/pxc/users_without_dp.go index a3e7887737..ab4df241d5 100644 --- a/pkg/controller/pxc/users_without_dp.go +++ b/pkg/controller/pxc/users_without_dp.go @@ -36,10 +36,6 @@ func (r *ReconcilePerconaXtraDBCluster) updateUsersWithoutDP(ctx context.Context if err := r.handleMonitorUserWithoutDP(ctx, cr, secrets, internalSecrets, res); err != nil { return res, err } - case users.Clustercheck: - if err := r.handleClustercheckUserWithoutDP(ctx, cr, secrets, internalSecrets, res); err != nil { - return res, err - } case users.Xtrabackup: if err := r.handleXtrabackupUserWithoutDP(ctx, cr, secrets, internalSecrets, res); err != nil { return res, err @@ -201,7 +197,7 @@ func (r *ReconcilePerconaXtraDBCluster) handleMonitorUserWithoutDP(ctx context.C } if !ver.LessThan(privSystemUserAddedIn) { - if err := r.grantSystemUserPrivilege(ctx, cr, internalSecrets, user, um); err != nil { + if err := r.grantMonitorUserPrivilege(ctx, cr, internalSecrets, um); err != nil { return errors.Wrap(err, "monitor user grant system privilege") } } @@ -249,81 +245,6 @@ func (r *ReconcilePerconaXtraDBCluster) handleMonitorUserWithoutDP(ctx context.C return nil } -func (r *ReconcilePerconaXtraDBCluster) handleClustercheckUserWithoutDP(ctx context.Context, cr *api.PerconaXtraDBCluster, secrets, internalSecrets *corev1.Secret, actions *userUpdateActions) error { - log := logf.FromContext(ctx) - - user := &users.SysUser{ - Name: users.Clustercheck, - Pass: string(secrets.Data[users.Clustercheck]), - Hosts: []string{"localhost"}, - } - - if cr.Status.PXC.Ready > 0 { - if err := r.updateUserPassExpirationPolicy(ctx, cr, internalSecrets, user); err != nil { - return err - } - - if cr.CompareVersionWith("1.10.0") >= 0 { - mysqlVersion := cr.Status.PXC.Version - if mysqlVersion == "" { - var err error - mysqlVersion, err = r.mysqlVersion(ctx, cr, statefulset.NewNode(cr)) - if err != nil { - if errors.Is(err, versionNotReadyErr) { - return nil - } - return errors.Wrap(err, "retrieving pxc version") - } - } - - if mysqlVersion != "" { - ver, err := version.NewVersion(mysqlVersion) - if err != nil { - return errors.Wrap(err, "invalid pxc version") - } - - if !ver.LessThan(privSystemUserAddedIn) { - um, err := getUserManager(cr, internalSecrets) - if err != nil { - return err - } - defer um.Close() - - if err := r.grantSystemUserPrivilege(ctx, cr, internalSecrets, user, um); err != nil { - return errors.Wrap(err, "clustercheck user grant system privilege") - } - } - } - } - } - - if cr.Status.Status != api.AppStateReady && !r.invalidPasswordApplied(cr.Status) { - return nil - } - - if bytes.Equal(secrets.Data[user.Name], internalSecrets.Data[user.Name]) { - return nil - } - - log.Info("Password changed, updating user", "user", user.Name) - - err := r.updateUserPassWithoutDP(cr, secrets, internalSecrets, user) - if err != nil { - return errors.Wrap(err, "update clustercheck users pass") - } - log.Info("User password updated", "user", user.Name) - - orig := internalSecrets.DeepCopy() - internalSecrets.Data[user.Name] = secrets.Data[user.Name] - err = r.client.Patch(context.TODO(), internalSecrets, client.MergeFrom(orig)) - if err != nil { - return errors.Wrap(err, "update internal users secrets clustercheck user password") - } - log.Info("Internal secrets updated", "user", user.Name) - - return nil -} - func (r *ReconcilePerconaXtraDBCluster) handleXtrabackupUserWithoutDP(ctx context.Context, cr *api.PerconaXtraDBCluster, secrets, internalSecrets *corev1.Secret, actions *userUpdateActions) error { log := logf.FromContext(ctx) diff --git a/pkg/pxc/users/users.go b/pkg/pxc/users/users.go index c41a4d5eed..ce5392a9f5 100644 --- a/pkg/pxc/users/users.go +++ b/pkg/pxc/users/users.go @@ -17,12 +17,10 @@ const ( ProxyAdmin = "proxyadmin" PMMServer = "pmmserver" PMMServerKey = "pmmserverkey" - Clustercheck = "clustercheck" ) -var UserNames = []string{Root, Operator, Monitor, - Xtrabackup, Replication, ProxyAdmin, - Clustercheck, PMMServer, PMMServerKey} +var UserNames = []string{Root, Operator, Monitor, Xtrabackup, + Replication, ProxyAdmin, PMMServer, PMMServerKey} type Manager struct { db *sql.DB @@ -257,17 +255,10 @@ func (u *Manager) Update170XtrabackupUser(pass string) (err error) { return nil } -// Update1100SystemUserPrivilege grants system_user privilege for monitor and clustercheck users -func (u *Manager) Update1100SystemUserPrivilege(user *SysUser) (err error) { - switch user.Name { - case Monitor: - if _, err := u.db.Exec("GRANT SYSTEM_USER ON *.* TO 'monitor'@'%'"); err != nil { - return errors.Wrap(err, "monitor user") - } - case Clustercheck: - if _, err := u.db.Exec("GRANT SYSTEM_USER ON *.* TO 'clustercheck'@'localhost'"); err != nil { - return errors.Wrap(err, "clustercheck user") - } +// Update1100MonitorUserPrivilege grants system_user privilege for monitor +func (u *Manager) Update1100MonitorUserPrivilege() (err error) { + if _, err := u.db.Exec("GRANT SYSTEM_USER ON *.* TO 'monitor'@'%'"); err != nil { + return errors.Wrap(err, "monitor user") } return nil From e8a89bb49f0e812e3e804487c8001e25e652f15f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ege=20G=C3=BCne=C5=9F?= Date: Tue, 12 Dec 2023 17:00:43 +0300 Subject: [PATCH 15/25] K8SPXC-1333: Include namespace to scheduled backup prefix (#1549) Co-authored-by: Viacheslav Sarzhan --- pkg/controller/pxc/backup.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/controller/pxc/backup.go b/pkg/controller/pxc/backup.go index 7e3c7f11c7..720c18221d 100644 --- a/pkg/controller/pxc/backup.go +++ b/pkg/controller/pxc/backup.go @@ -34,7 +34,7 @@ func (r *ReconcilePerconaXtraDBCluster) reconcileBackups(ctx context.Context, cr log := logf.FromContext(ctx) backups := make(map[string]api.PXCScheduledBackupSchedule) - backupNamePrefix := backupJobClusterPrefix(cr.Name) + backupNamePrefix := backupJobClusterPrefix(cr.Namespace + "-" + cr.Name) if cr.Spec.Backup != nil { restoreRunning, err := r.isRestoreRunning(cr.Name, cr.Namespace) From d16c1eced630716dcf66d1e5ce34a7cb8d57be56 Mon Sep 17 00:00:00 2001 From: Viacheslav Sarzhan Date: Wed, 13 Dec 2023 13:51:06 +0200 Subject: [PATCH 16/25] CLOUD-727 set day and time for all packages (#1494) --- .github/dependabot.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index a530def430..bff5df7461 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -4,6 +4,8 @@ updates: directory: / schedule: interval: monthly + day: "thursday" + time: "01:00" reviewers: - hors - egegunes @@ -41,3 +43,5 @@ updates: - "dependencies" schedule: interval: monthly + day: "thursday" + time: "01:00" From c9a58f7390f70a8df5d310e5e7229ff4d085c7ca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Dec 2023 13:53:39 +0200 Subject: [PATCH 17/25] CLOUD-727: Bump aquasecurity/trivy-action from 0.14.0 to 0.16.0 (#1551) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.14.0 to 0.16.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.14.0...0.16.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index bd65638fdd..13a2af0539 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -14,7 +14,7 @@ jobs: export DOCKER_SQUASH=0 ./e2e-tests/build - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.14.0 + uses: aquasecurity/trivy-action@0.16.0 with: image-ref: 'docker.io/perconalab/percona-xtradb-cluster-operator:${{ github.sha }}' format: 'table' From 4e0ee97954105a41da40c1a13519bc507a3cbadb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Dec 2023 13:59:00 +0200 Subject: [PATCH 18/25] CLOUD-727: Bump actions/setup-go from 4 to 5 (#1552) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/reviewdog.yml | 4 ++-- .github/workflows/test.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index 38a596ed19..67f485498c 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -6,7 +6,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: '^1.19' - name: golangci-lint @@ -32,7 +32,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: '^1.19' - run: go install mvdan.cc/sh/v3/cmd/shfmt@latest diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4a87ba2ece..a7d03cba78 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -5,7 +5,7 @@ jobs: name: Test runs-on: ubuntu-latest steps: - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: '^1.19' - uses: actions/checkout@v4 From a82e0aea678475f671ef4ab6fd0d1d56245d4d52 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Dec 2023 17:06:20 +0200 Subject: [PATCH 19/25] CLOUD-727: Bump github.com/go-openapi/runtime from 0.26.0 to 0.26.2 (#1555) Bumps [github.com/go-openapi/runtime](https://github.com/go-openapi/runtime) from 0.26.0 to 0.26.2. - [Release notes](https://github.com/go-openapi/runtime/releases) - [Commits](https://github.com/go-openapi/runtime/compare/v0.26.0...v0.26.2) --- updated-dependencies: - dependency-name: github.com/go-openapi/runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Viacheslav Sarzhan --- go.mod | 17 ++++---- go.sum | 132 +++++++++++++++------------------------------------------ 2 files changed, 43 insertions(+), 106 deletions(-) diff --git a/go.mod b/go.mod index a68f365d7f..b5a6df6b23 100644 --- a/go.mod +++ b/go.mod @@ -12,10 +12,10 @@ require ( github.com/go-logr/logr v1.3.0 github.com/go-logr/zapr v1.3.0 github.com/go-openapi/errors v0.20.4 - github.com/go-openapi/runtime v0.26.0 - github.com/go-openapi/strfmt v0.21.7 + github.com/go-openapi/runtime v0.26.2 + github.com/go-openapi/strfmt v0.21.8 github.com/go-openapi/swag v0.22.4 - github.com/go-openapi/validate v0.22.1 + github.com/go-openapi/validate v0.22.3 github.com/go-sql-driver/mysql v1.7.1 github.com/google/go-cmp v0.6.0 github.com/hashicorp/go-version v1.6.0 @@ -47,10 +47,10 @@ require ( github.com/fsnotify/fsnotify v1.6.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/analysis v0.21.4 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonpointer v0.20.0 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect github.com/go-openapi/loads v0.21.2 // indirect - github.com/go-openapi/spec v0.20.8 // indirect + github.com/go-openapi/spec v0.20.11 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -82,9 +82,10 @@ require ( github.com/rs/xid v1.5.0 // indirect github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/pflag v1.0.5 // indirect - go.mongodb.org/mongo-driver v1.11.3 // indirect - go.opentelemetry.io/otel v1.15.0 // indirect - go.opentelemetry.io/otel/trace v1.15.0 // indirect + go.mongodb.org/mongo-driver v1.13.1 // indirect + go.opentelemetry.io/otel v1.17.0 // indirect + go.opentelemetry.io/otel/metric v1.17.0 // indirect + go.opentelemetry.io/otel/trace v1.17.0 // indirect go.uber.org/multierr v1.10.0 // indirect golang.org/x/crypto v0.14.0 // indirect golang.org/x/net v0.17.0 // indirect diff --git a/go.sum b/go.sum index fd8075ea82..b09b5b416a 100644 --- a/go.sum +++ b/go.sum @@ -8,11 +8,8 @@ github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.2.0 github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.0 h1:gggzg0SUMs6SQbEw+3LoSsYf9YMjkupeAnHMX8O9mmY= github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.0/go.mod h1:+6KLcKIVgxoBDMqMO/Nvy7bZ9a0nbU3I1DtFQK3YvB4= github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 h1:OBhqkivkhkMqLPymWEppkm7vgPQY2XsHoEkaMQ0AdZY= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/Percona-Lab/percona-version-service/api v0.0.0-20201216104127-a39f2dded3cc h1:Teed8lKNzSXdHZCd8HhOJVNptRyShOdsul5w6656IVE= github.com/Percona-Lab/percona-version-service/api v0.0.0-20201216104127-a39f2dded3cc/go.mod h1:QDbZ+DHh0CkTHN6LRkMQd1pEl3b30EaNZ9FA97Mb3TA= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= @@ -54,73 +51,41 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-openapi/analysis v0.21.2/go.mod h1:HZwRk4RRisyG8vx2Oe6aqeSQcoxRp47Xkp3+K6q+LdY= github.com/go-openapi/analysis v0.21.4 h1:ZDFLvSNxpDaomuCueM0BlSXxpANBlFYiBvr+GXrvIHc= github.com/go-openapi/analysis v0.21.4/go.mod h1:4zQ35W4neeZTqh3ol0rv/O8JBbka9QyAgQRPp9y3pfo= -github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= -github.com/go-openapi/errors v0.19.9/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= github.com/go-openapi/errors v0.20.4 h1:unTcVm6PispJsMECE3zWgvG4xTiKda1LIR5rCRWLG6M= github.com/go-openapi/errors v0.20.4/go.mod h1:Z3FlZ4I8jEGxjUK+bugx3on2mIAk4txuAOhlsB1FSgk= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns= +github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= +github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/loads v0.21.1/go.mod h1:/DtAMXXneXFjbQMGEtbamCZb+4x7eGwkvZCvBmwUG+g= github.com/go-openapi/loads v0.21.2 h1:r2a/xFIYeZ4Qd2TnGpWDIQNcP80dIaZgf704za8enro= github.com/go-openapi/loads v0.21.2/go.mod h1:Jq58Os6SSGz0rzh62ptiu8Z31I+OTHqmULx5e/gJbNw= -github.com/go-openapi/runtime v0.26.0 h1:HYOFtG00FM1UvqrcxbEJg/SwvDRvYLQKGhw2zaQjTcc= -github.com/go-openapi/runtime v0.26.0/go.mod h1:QgRGeZwrUcSHdeh4Ka9Glvo0ug1LC5WyE+EV88plZrQ= -github.com/go-openapi/spec v0.20.4/go.mod h1:faYFR1CvsJZ0mNsmsphTMSoRrNV3TEDoAM7FOEWeq8I= +github.com/go-openapi/runtime v0.26.2 h1:elWyB9MacRzvIVgAZCBJmqTi7hBzU0hlKD4IvfX0Zl0= +github.com/go-openapi/runtime v0.26.2/go.mod h1:O034jyRZ557uJKzngbMDJXkcKJVzXJiymdSfgejrcRw= github.com/go-openapi/spec v0.20.6/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA= -github.com/go-openapi/spec v0.20.8 h1:ubHmXNY3FCIOinT8RNrrPfGc9t7I1qhPtdOGoG2AxRU= -github.com/go-openapi/spec v0.20.8/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA= -github.com/go-openapi/strfmt v0.21.0/go.mod h1:ZRQ409bWMj+SOgXofQAGTIo2Ebu72Gs+WaRADcS5iNg= -github.com/go-openapi/strfmt v0.21.1/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= +github.com/go-openapi/spec v0.20.11 h1:J/TzFDLTt4Rcl/l1PmyErvkqlJDncGvPTMnCI39I4gY= +github.com/go-openapi/spec v0.20.11/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA= github.com/go-openapi/strfmt v0.21.3/go.mod h1:k+RzNO0Da+k3FrrynSNN8F7n/peCmQQqbbXjtDfvmGg= -github.com/go-openapi/strfmt v0.21.7 h1:rspiXgNWgeUzhjo1YU01do6qsahtJNByjLVbPLNHb8k= -github.com/go-openapi/strfmt v0.21.7/go.mod h1:adeGTkxE44sPyLk0JV235VQAO/ZXUr8KAzYjclFs3ew= +github.com/go-openapi/strfmt v0.21.8 h1:VYBUoKYRLAlgKDrIxR/I0lKrztDQ0tuTDrbhLVP8Erg= +github.com/go-openapi/strfmt v0.21.8/go.mod h1:adeGTkxE44sPyLk0JV235VQAO/ZXUr8KAzYjclFs3ew= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-openapi/validate v0.22.1 h1:G+c2ub6q47kfX1sOBLwIQwzBVt8qmOAARyo/9Fqs9NU= -github.com/go-openapi/validate v0.22.1/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= +github.com/go-openapi/validate v0.22.3 h1:KxG9mu5HBRYbecRb37KRCihvGGtND2aXziBAv0NNfyI= +github.com/go-openapi/validate v0.22.3/go.mod h1:kVxh31KbfsxU8ZyoHaDbLBWU5CnMdqBUEtadQ2G4d5M= github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= -github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= -github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= -github.com/gobuffalo/depgen v0.1.0/go.mod h1:+ifsuy7fhi15RWncXQQKjWS9JPkdah5sZvtHc2RXGlg= -github.com/gobuffalo/envy v1.6.15/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= -github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= -github.com/gobuffalo/flect v0.1.0/go.mod h1:d2ehjJqGOH/Kjqcoz+F7jHTBbmDb38yXA598Hb50EGs= -github.com/gobuffalo/flect v0.1.1/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= -github.com/gobuffalo/flect v0.1.3/go.mod h1:8JCgGVbRjJhVgD6399mQr4fx5rRfGKVzFjbj6RE/9UI= -github.com/gobuffalo/genny v0.0.0-20190329151137-27723ad26ef9/go.mod h1:rWs4Z12d1Zbf19rlsn0nurr75KqhYp52EAGGxTbBhNk= -github.com/gobuffalo/genny v0.0.0-20190403191548-3ca520ef0d9e/go.mod h1:80lIj3kVJWwOrXWWMRzzdhW3DsrdjILVil/SFKBzF28= -github.com/gobuffalo/genny v0.1.0/go.mod h1:XidbUqzak3lHdS//TPu2OgiFB+51Ur5f7CSnXZ/JDvo= -github.com/gobuffalo/genny v0.1.1/go.mod h1:5TExbEyY48pfunL4QSXxlDOmdsD44RRq4mVZ0Ex28Xk= -github.com/gobuffalo/gitgen v0.0.0-20190315122116-cc086187d211/go.mod h1:vEHJk/E9DmhejeLeNt7UVvlSGv3ziL+djtTr3yyzcOw= -github.com/gobuffalo/gogen v0.0.0-20190315121717-8f38393713f5/go.mod h1:V9QVDIxsgKNZs6L2IYiGR8datgMhB577vzTDqypH360= -github.com/gobuffalo/gogen v0.1.0/go.mod h1:8NTelM5qd8RZ15VjQTFkAW6qOMx5wBbW4dSCS3BY8gg= -github.com/gobuffalo/gogen v0.1.1/go.mod h1:y8iBtmHmGc4qa3urIyo1shvOD8JftTtfcKi+71xfDNE= -github.com/gobuffalo/logger v0.0.0-20190315122211-86e12af44bc2/go.mod h1:QdxcLw541hSGtBnhUc4gaNIXRjiDppFGaDqzbrBd3v8= -github.com/gobuffalo/mapi v1.0.1/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= -github.com/gobuffalo/mapi v1.0.2/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= -github.com/gobuffalo/packd v0.0.0-20190315124812-a385830c7fc0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= -github.com/gobuffalo/packd v0.1.0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= -github.com/gobuffalo/packr/v2 v2.0.9/go.mod h1:emmyGweYTm6Kdper+iywB6YK5YzuKchGtJQZ0Odn4pQ= -github.com/gobuffalo/packr/v2 v2.2.0/go.mod h1:CaAwI0GPIAv+5wKLtv8Afwl+Cm78K/I/VCm/3ptBN+0= -github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY95UYwwW3uSASeV7vtgYkT2t16hJgV3AEPUpw= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= @@ -152,15 +117,11 @@ github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09 github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= -github.com/karrick/godirwalk v1.8.0/go.mod h1:H5KPZjojv4lE+QYImBI8xVtrBRgYrIVsaRPx4tDPEn4= -github.com/karrick/godirwalk v1.10.3/go.mod h1:RoGL9dQei4vP9ilrpETWE8CLOZ1kiN0LhBygSwrAsHA= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= @@ -169,8 +130,6 @@ github.com/klauspost/compress v1.16.7/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQs github.com/klauspost/cpuid/v2 v2.0.1/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= @@ -184,8 +143,6 @@ github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= -github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34= @@ -217,9 +174,7 @@ github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= -github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE= github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -235,26 +190,16 @@ github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJf github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY= github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= -github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/rs/xid v1.5.0 h1:mKX4bl4iPYJtEIxp6CYiUuLQ/8DYMoz0PUdtGgMFRVc= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= -github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= @@ -262,103 +207,96 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= -github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs= github.com/xdg-go/scram v1.1.1/go.mod h1:RaEWvsqvNKKvBPvcKeFjrG2cJqOkHTiyTpzz23ni57g= -github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM= +github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3kKLN4= github.com/xdg-go/stringprep v1.0.3/go.mod h1:W3f5j4i+9rC0kuIEJL0ky1VpHXQU3ocBgklLGvcBnW8= +github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM= github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= -go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8= -go.mongodb.org/mongo-driver v1.11.3 h1:Ql6K6qYHEzB6xvu4+AU0BoRoqf9vFPcc4o7MUIdPW8Y= -go.mongodb.org/mongo-driver v1.11.3/go.mod h1:PTSz5yu21bkT/wXpkS7WR5f0ddqw5quethTUn9WM+2g= -go.opentelemetry.io/otel v1.15.0 h1:NIl24d4eiLJPM0vKn4HjLYM+UZf6gSfi9Z+NmCxkWbk= -go.opentelemetry.io/otel v1.15.0/go.mod h1:qfwLEbWhLPk5gyWrne4XnF0lC8wtywbuJbgfAE3zbek= -go.opentelemetry.io/otel/sdk v1.15.0 h1:jZTCkRRd08nxD6w7rIaZeDNGZGGQstH3SfLQ3ZsKICk= -go.opentelemetry.io/otel/trace v1.15.0 h1:5Fwje4O2ooOxkfyqI/kJwxWotggDLix4BSAvpE1wlpo= -go.opentelemetry.io/otel/trace v1.15.0/go.mod h1:CUsmE2Ht1CRkvE8OsMESvraoZrrcgD1J2W8GV1ev0Y4= +go.mongodb.org/mongo-driver v1.13.1 h1:YIc7HTYsKndGK4RFzJ3covLz1byri52x0IoMB0Pt/vk= +go.mongodb.org/mongo-driver v1.13.1/go.mod h1:wcDf1JBCXy2mOW0bWHwO/IOYqdca1MPCwDtFu/Z9+eo= +go.opentelemetry.io/otel v1.17.0 h1:MW+phZ6WZ5/uk2nd93ANk/6yJ+dVrvNWUjGhnnFU5jM= +go.opentelemetry.io/otel v1.17.0/go.mod h1:I2vmBGtFaODIVMBSTPVDlJSzBDNf93k60E6Ft0nyjo0= +go.opentelemetry.io/otel/metric v1.17.0 h1:iG6LGVz5Gh+IuO0jmgvpTB6YVrCGngi8QGm+pMd8Pdc= +go.opentelemetry.io/otel/metric v1.17.0/go.mod h1:h4skoxdZI17AxwITdmdZjjYJQH5nzijUUjm+wtPph5o= +go.opentelemetry.io/otel/sdk v1.17.0 h1:FLN2X66Ke/k5Sg3V623Q7h7nt3cHXaW1FOvKKrW0IpE= +go.opentelemetry.io/otel/trace v1.17.0 h1:/SWhSRHmDPOImIAetP1QAeMnZYiQXrTy4fMMYOdSKWQ= +go.opentelemetry.io/otel/trace v1.17.0/go.mod h1:I/4vKTgFclIsXRVucpH25X0mpFSczM7aHeaz0ZBLWjY= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ= go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190412183630-56d357773e84/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190419153524-e8e3143a4f4a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190329151228-23e29df326fe/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190416151739-9c9e1878f421/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190420181800-aa740d480789/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190531172133-b3315ee88b7d/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -378,7 +316,6 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= @@ -391,7 +328,6 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY= From 1829a45eadcfbd0c7b3e8a7b390b2d832bf19150 Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Thu, 14 Dec 2023 09:02:00 +0100 Subject: [PATCH 20/25] PMM-12778 update agents check (#1557) --- e2e-tests/monitoring-2-0/compare/agents-list.json | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/e2e-tests/monitoring-2-0/compare/agents-list.json b/e2e-tests/monitoring-2-0/compare/agents-list.json index 118aff3171..e8050ec8e7 100644 --- a/e2e-tests/monitoring-2-0/compare/agents-list.json +++ b/e2e-tests/monitoring-2-0/compare/agents-list.json @@ -5,8 +5,7 @@ "cluster": "monitoring", "agents": [ { - "agent_type": "external-exporter", - "status": "DONE" + "agent_type": "external-exporter" }, { "agent_type": "pmm-agent", @@ -25,8 +24,7 @@ "cluster": "monitoring", "agents": [ { - "agent_type": "external-exporter", - "status": "DONE" + "agent_type": "external-exporter" }, { "agent_type": "pmm-agent", From 25ad952931b3760ba22f082aa827fecb0e48162e Mon Sep 17 00:00:00 2001 From: Viacheslav Sarzhan Date: Thu, 14 Dec 2023 16:54:18 +0200 Subject: [PATCH 21/25] K8SPXC-1309 add multi architecture build support (#1550) * update go to 1.21 --- .github/workflows/reviewdog.yml | 4 +-- .github/workflows/scan.yml | 43 ++++++++++++++++++++++++++++++--- .github/workflows/test.yml | 2 +- Jenkinsfile | 5 ++-- build/Dockerfile | 5 ++-- e2e-tests/build | 14 +++++++---- go.mod | 6 ++--- 7 files changed, 59 insertions(+), 20 deletions(-) diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index 67f485498c..4d249138d2 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -8,7 +8,7 @@ jobs: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: - go-version: '^1.19' + go-version: '^1.21' - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: @@ -34,7 +34,7 @@ jobs: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: - go-version: '^1.19' + go-version: '^1.21' - run: go install mvdan.cc/sh/v3/cmd/shfmt@latest - run: $(go env GOPATH)/bin/shfmt -f . | grep -v 'vendor' | xargs $(go env GOPATH)/bin/shfmt -bn -ci -s -w - name: suggester / shfmt diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index 13a2af0539..98af47e2ba 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -1,5 +1,13 @@ name: Scan docker on: [pull_request] + +env: + # Use docker.io for Docker Hub if empty + REGISTRY: docker.io + + # github.repository as / + IMAGE_NAME: perconalab/percona-xtradb-cluster-operator + jobs: build: name: Build @@ -7,16 +15,43 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 - - name: Build an image from Dockerfile + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build an image from Dockerfile (linux/arm64) run: | - export IMAGE=perconalab/percona-xtradb-cluster-operator:${{ github.sha }} + export IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-arm64 export DOCKER_PUSH=0 export DOCKER_SQUASH=0 + export DOCKER_DEFAULT_PLATFORM='linux/arm64' ./e2e-tests/build - - name: Run Trivy vulnerability scanner + + - name: Run Trivy vulnerability scanner image (linux/arm64) uses: aquasecurity/trivy-action@0.16.0 with: - image-ref: 'docker.io/perconalab/percona-xtradb-cluster-operator:${{ github.sha }}' + image-ref: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-arm64' + format: 'table' + exit-code: '1' + ignore-unfixed: true + vuln-type: 'os,library' + severity: 'CRITICAL,HIGH' + + - name: Build an image from Dockerfile (linux/amd64) + run: | + export IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-amd64 + export DOCKER_PUSH=0 + export DOCKER_SQUASH=0 + export DOCKER_DEFAULT_PLATFORM='linux/amd64' + ./e2e-tests/build + + - name: Run Trivy vulnerability scanner image (linux/amd64) + uses: aquasecurity/trivy-action@0.14.0 + with: + image-ref: '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.sha }}-amd64' format: 'table' exit-code: '1' ignore-unfixed: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a7d03cba78..21dd7dc03c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -7,7 +7,7 @@ jobs: steps: - uses: actions/setup-go@v5 with: - go-version: '^1.19' + go-version: '^1.21' - uses: actions/checkout@v4 - name: go test run: make test diff --git a/Jenkinsfile b/Jenkinsfile index b83c12dbab..431c2d28ee 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -339,6 +339,7 @@ EOF docker login -u '${USER}' -p '${PASS}' export RELEASE=0 export IMAGE=\$DOCKER_TAG + docker buildx create --use ./e2e-tests/build docker logout " @@ -364,7 +365,7 @@ EOF --rm \ -v $WORKSPACE/src/github.com/percona/percona-xtradb-cluster-operator:/go/src/github.com/percona/percona-xtradb-cluster-operator \ -w /go/src/github.com/percona/percona-xtradb-cluster-operator \ - golang:1.19 sh -c ' + golang:1.21 sh -c ' go install -mod=readonly github.com/google/go-licenses@latest; /go/bin/go-licenses csv github.com/percona/percona-xtradb-cluster-operator/cmd/manager \ | cut -d , -f 3 \ @@ -393,7 +394,7 @@ EOF -w /go/src/github.com/percona/percona-xtradb-cluster-operator \ -e GO111MODULE=on \ -e GOFLAGS='-buildvcs=false' \ - golang:1.19 sh -c 'go build -v -o percona-xtradb-cluster-operator github.com/percona/percona-xtradb-cluster-operator/cmd/manager' + golang:1.21 sh -c 'go build -v -o percona-xtradb-cluster-operator github.com/percona/percona-xtradb-cluster-operator/cmd/manager' " ''' diff --git a/build/Dockerfile b/build/Dockerfile index fb0a8a070d..3e89fb564b 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.19 AS go_builder +FROM golang:1.21 AS go_builder WORKDIR /go/src/github.com/percona/percona-xtradb-cluster-operator COPY . . @@ -8,12 +8,11 @@ ARG GIT_BRANCH ARG BUILD_TIME ARG GO_LDFLAGS ARG GOOS=linux -ARG GOARCH=amd64 ARG CGO_ENABLED=0 RUN go mod download \ && mkdir -p build/_output/bin \ - && GOOS=$GOOS GOARCH=$GOARCH CGO_ENABLED=$CGO_ENABLED GO_LDFLAGS=$GO_LDFLAGS \ + && GOOS=$GOOS CGO_ENABLED=$CGO_ENABLED GO_LDFLAGS=$GO_LDFLAGS \ go build -ldflags "-w -s -X main.GitCommit=$GIT_COMMIT -X main.GitBranch=$GIT_BRANCH -X main.BuildTime=$BUILD_TIME" \ -o build/_output/bin/percona-xtradb-cluster-operator \ cmd/manager/main.go \ diff --git a/e2e-tests/build b/e2e-tests/build index dc7f66c370..23033dcf1a 100755 --- a/e2e-tests/build +++ b/e2e-tests/build @@ -17,28 +17,32 @@ if [[ ${DOCKER_SQUASH:-1} == 1 ]]; then squash="--squash" fi +if [[ ${DOCKER_PUSH:-1} == 1 ]]; then + imgresult="--push=true" +else + imgresult="--load" +fi + build_operator() { if [ "${RELEASE:-1}" = 0 ]; then GO_LDFLAGS="-race" fi export IMAGE - export DOCKER_DEFAULT_PLATFORM=${DOCKER_DEFAULT_PLATFORM:-linux/amd64} + export DOCKER_DEFAULT_PLATFORM=${DOCKER_DEFAULT_PLATFORM:-"linux/amd64,linux/arm64"} export GO_LDFLAGS="-w -s -trimpath $GO_LDFLAGS" pushd ${src_dir} - docker build \ + docker buildx build \ --build-arg GIT_COMMIT=$GIT_COMMIT \ --build-arg GIT_BRANCH=$GIT_BRANCH \ --build-arg BUILD_TIME=$BUILD_TIME \ --build-arg GO_LDFLAGS="$GO_LDFLAGS" \ + $imgresult \ $squash \ $no_cache \ -t "${IMAGE}" -f build/Dockerfile . popd - if [ "${DOCKER_PUSH:-1}" = 1 ]; then - docker push ${IMAGE} - fi } if [[ $BUILD == "0" ]]; then diff --git a/go.mod b/go.mod index b5a6df6b23..0469dcbba1 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/percona/percona-xtradb-cluster-operator -go 1.18 +go 1.21 require ( github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.0 @@ -135,10 +135,10 @@ exclude ( go.mongodb.org/mongo-driver v1.3.5 go.mongodb.org/mongo-driver v1.3.6 go.mongodb.org/mongo-driver v1.3.7 - go.mongodb.org/mongo-driver v1.4.0 go.mongodb.org/mongo-driver v1.4.0-beta1 go.mongodb.org/mongo-driver v1.4.0-beta2 go.mongodb.org/mongo-driver v1.4.0-rc0 + go.mongodb.org/mongo-driver v1.4.0 go.mongodb.org/mongo-driver v1.4.1 go.mongodb.org/mongo-driver v1.4.2 go.mongodb.org/mongo-driver v1.4.3 @@ -146,6 +146,6 @@ exclude ( go.mongodb.org/mongo-driver v1.4.5 go.mongodb.org/mongo-driver v1.4.6 go.mongodb.org/mongo-driver v1.4.7 - go.mongodb.org/mongo-driver v1.5.0 go.mongodb.org/mongo-driver v1.5.0-beta1 + go.mongodb.org/mongo-driver v1.5.0 ) From a2d42b310a181f17c108319da66d667754fa9d72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ege=20G=C3=BCne=C5=9F?= Date: Sun, 17 Dec 2023 00:30:12 +0300 Subject: [PATCH 22/25] K8SPXC-1281: Fix cross-site test (#1559) * K8SPXC-1281: Fix cross-site test * fix cross-site test --------- Co-authored-by: Viacheslav Sarzhan --- .../cross-site/conf/backup-minio-replica.yml | 14 ++++++ .../cross-site/conf/backup-minio-source.yml | 14 ++++++ .../cross-site/conf/cross-site-replica.yml | 12 ++++- .../cross-site/conf/cross-site-source.yml | 12 ++++- .../cross-site/conf/restore-backup-minio.yml | 29 +++++++++++ e2e-tests/cross-site/run | 49 ++++++++++++++++--- e2e-tests/functions | 3 ++ 7 files changed, 123 insertions(+), 10 deletions(-) create mode 100644 e2e-tests/cross-site/conf/backup-minio-replica.yml create mode 100644 e2e-tests/cross-site/conf/backup-minio-source.yml create mode 100644 e2e-tests/cross-site/conf/restore-backup-minio.yml diff --git a/e2e-tests/cross-site/conf/backup-minio-replica.yml b/e2e-tests/cross-site/conf/backup-minio-replica.yml new file mode 100644 index 0000000000..c931d5eecd --- /dev/null +++ b/e2e-tests/cross-site/conf/backup-minio-replica.yml @@ -0,0 +1,14 @@ +apiVersion: pxc.percona.com/v1 +kind: PerconaXtraDBClusterBackup +metadata: + name: backup-minio-replica +spec: + pxcCluster: cross-site-replica + storageName: minio + containerOptions: + args: + xbstream: + - '--parallel=2' + xbcloud: + - '--parallel=2' + - '--curl-retriable-errors=8' diff --git a/e2e-tests/cross-site/conf/backup-minio-source.yml b/e2e-tests/cross-site/conf/backup-minio-source.yml new file mode 100644 index 0000000000..15c51df6b3 --- /dev/null +++ b/e2e-tests/cross-site/conf/backup-minio-source.yml @@ -0,0 +1,14 @@ +apiVersion: pxc.percona.com/v1 +kind: PerconaXtraDBClusterBackup +metadata: + name: backup-minio-source +spec: + pxcCluster: cross-site-source + storageName: minio + containerOptions: + args: + xbstream: + - '--parallel=2' + xbcloud: + - '--parallel=2' + - '--curl-retriable-errors=8' diff --git a/e2e-tests/cross-site/conf/cross-site-replica.yml b/e2e-tests/cross-site/conf/cross-site-replica.yml index 811ffe5b2c..0306e2c81f 100644 --- a/e2e-tests/cross-site/conf/cross-site-replica.yml +++ b/e2e-tests/cross-site/conf/cross-site-replica.yml @@ -8,6 +8,16 @@ spec: secretsName: my-cluster-secrets vaultSecretName: some-name-vault pause: false + backup: + image: -backup + storages: + minio: + type: s3 + s3: + credentialsSecret: minio-secret + region: us-east-1 + bucket: operator-testing + endpointUrl: http://minio-service.#namespace:9000/ pxc: size: 3 image: -pxc @@ -30,7 +40,7 @@ spec: antiAffinityTopologyKey: none haproxy: enabled: true - size: 1 + size: 2 image: -haproxy resources: requests: diff --git a/e2e-tests/cross-site/conf/cross-site-source.yml b/e2e-tests/cross-site/conf/cross-site-source.yml index c5cb0544fe..601a51f550 100644 --- a/e2e-tests/cross-site/conf/cross-site-source.yml +++ b/e2e-tests/cross-site/conf/cross-site-source.yml @@ -8,6 +8,16 @@ spec: secretsName: my-cluster-secrets vaultSecretName: some-name-vault pause: false + backup: + image: -backup + storages: + minio: + type: s3 + s3: + credentialsSecret: minio-secret + region: us-east-1 + bucket: operator-testing + endpointUrl: http://minio-service.#namespace:9000/ pxc: size: 3 image: -pxc @@ -30,7 +40,7 @@ spec: antiAffinityTopologyKey: "kubernetes.io/hostname" haproxy: enabled: true - size: 1 + size: 2 image: -haproxy resources: requests: diff --git a/e2e-tests/cross-site/conf/restore-backup-minio.yml b/e2e-tests/cross-site/conf/restore-backup-minio.yml new file mode 100644 index 0000000000..33b14fef61 --- /dev/null +++ b/e2e-tests/cross-site/conf/restore-backup-minio.yml @@ -0,0 +1,29 @@ +apiVersion: pxc.percona.com/v1 +kind: PerconaXtraDBClusterRestore +metadata: + name: backup-minio +spec: + pxcCluster: #cluster + containerOptions: + args: + xbstream: + - '--parallel=3' + xbcloud: + - '--parallel=3' + xtrabackup: + - '--parallel=3' + resources: + requests: + memory: 0.5G + cpu: 500m + limits: + memory: "2G" + cpu: "1" + backupSource: + verifyTLS: false + destination: #destination + s3: + bucket: operator-testing + credentialsSecret: minio-secret + endpointUrl: http://minio-service.#namespace:9000/ + region: us-east-1 diff --git a/e2e-tests/cross-site/run b/e2e-tests/cross-site/run index 2f7bfe29f4..230fb8bdf5 100755 --- a/e2e-tests/cross-site/run +++ b/e2e-tests/cross-site/run @@ -15,11 +15,10 @@ fi main() { local source_cluster="cross-site-source" local replica_cluster="cross-site-replica" - unset OPERATOR_NS desc "Create source cluster" - create_namespace $namespace - deploy_operator + create_infra ${namespace} + start_minio apply_secrets spinup_pxc "$source_cluster" "$test_dir/conf/$source_cluster.yml" sleep 60 @@ -47,6 +46,9 @@ main() { kubectl_bin get secrets cross-site-source-ssl-internal -o yaml | yq 'del(.metadata)' - | yq '.metadata={"name": "cross-site-replica-ssl-internal"}' - >${tmp_dir}/replica-ssl-internal.yaml + desc "take backup of source cluster" + run_backup "$source_cluster" "backup-minio-source" + desc "create replica cluster" create_namespace $replica_namespace 0 @@ -56,6 +58,15 @@ main() { spinup_pxc "$replica_cluster" "$test_dir/conf/$replica_cluster.yml" sleep 60 + desc "restore backup from source cluster" + destination=$(kubectl_bin get -n "${namespace}" pxc-backup backup-minio-source -o jsonpath='{.status.destination}') + cat "${test_dir}/conf/restore-backup-minio.yml" \ + | $sed -e "s~#cluster~${replica_cluster}~" \ + | $sed -e "s~#destination~${destination}~" \ + | $sed -e "s~minio-service.#namespace~minio-service.${namespace}~" \ + | kubectl_bin apply -f - + wait_cluster_consistency "$replica_cluster" 3 2 + desc "get replica cluster services endpoints" replica_endpoint0=$(get_service_ip ${replica_cluster}-pxc-0) replica_endpoint1=$(get_service_ip ${replica_cluster}-pxc-1) @@ -76,13 +87,25 @@ main() { sleep 15 wait_cluster_consistency "$replica_cluster" 3 2 - desc "Check replication source-> replica works on" + desc "Check replication works between source -> replica" compare_mysql_cmd "select-2" "SELECT * from myApp.testSourceReplica;" "-h $replica_endpoint0 -uroot -proot_password" compare_mysql_cmd "select-2" "SELECT * from myApp.testSourceReplica;" "-h $replica_endpoint1 -uroot -proot_password" compare_mysql_cmd "select-2" "SELECT * from myApp.testSourceReplica;" "-h $replica_endpoint2 -uroot -proot_password" + run_backup "$replica_cluster" "backup-minio-replica" + desc "Switch clusters over" kubectl_bin config set-context $(kubectl_bin config current-context) --namespace="$namespace" + + desc "rebuild source cluster" + destination=$(kubectl_bin get -n "${replica_namespace}" pxc-backup backup-minio-replica -o jsonpath='{.status.destination}') + cat "${test_dir}/conf/restore-backup-minio.yml" \ + | $sed -e "s~#cluster~${source_cluster}~" \ + | $sed -e "s~#destination~${destination}~" \ + | $sed -e "s~minio-service.#namespace~minio-service.${namespace}~" \ + | kubectl_bin apply -f - + wait_cluster_consistency "$source_cluster" 3 2 + run_mysql \ 'DELETE FROM myApp.myApp WHERE id=100500' \ "-h $source_primary_endpoint -uroot -proot_password" @@ -91,11 +114,21 @@ main() { 'DELETE FROM myApp.testSourceReplica WHERE id=100700' \ "-h $source_primary_endpoint -uroot -proot_password" - kubectl_bin patch pxc $source_cluster --type=merge --patch '{"spec": {"pxc": {"replicationChannels":[{"name": "source_to_replica", "isSource": false, "configuration": {"ssl": true, "sslSkipVerify": true, "ca": "/etc/mysql/ssl-internal/ca.crt"}, "sourcesList": [{"host": "'${replica_endpoint0}'", "port": 3306, "weight": 100},{"host": "'${replica_endpoint1}'", "port": 3306, "weight": 100},{"host": "'${replica_endpoint2}'", "port": 3306, "weight": 100}]}]}}}' + desc "configure old replica as source" + kubectl patch pxc ${replica_cluster} -n ${replica_namespace} --type=json -p="[{'op': 'remove', 'path': '/spec/pxc/replicationChannels/0'}]" + kubectl_bin patch pxc ${replica_cluster} \ + -n ${replica_namespace} \ + --type=merge \ + --patch '{"spec": {"pxc": {"replicationChannels":[{"name": "replica_to_source", "isSource": true}]}}}' - kubectl_bin config set-context $(kubectl_bin config current-context) --namespace="$replica_namespace" - kubectl_bin patch pxc $replica_cluster --type=merge --patch '{"spec": {"pxc": {"replicationChannels":[{"name": "source_to_replica", "isSource": true, "sourcesList": [{"host": "'${source_endpoint0}'", "port": 3306, "weight": 100},{"host": "'${source_endpoint1}'", "port": 3306, "weight": 100},{"host": "'${source_endpoint2}'", "port": 3306, "weight": 100}]}]}}}' + desc "configure old source as replica" + kubectl patch pxc ${source_cluster} -n ${namespace} --type=json -p="[{'op': 'remove', 'path': '/spec/pxc/replicationChannels/0'}]" + kubectl_bin patch pxc ${source_cluster} \ + -n ${namespace} \ + --type=merge \ + --patch '{"spec": {"pxc": {"replicationChannels":[{"name": "replica_to_source", "isSource": false, "configuration": {"ssl": true, "sslSkipVerify": true, "ca": "/etc/mysql/ssl-internal/ca.crt"}, "sourcesList": [{"host": "'${replica_endpoint0}'", "port": 3306, "weight": 100},{"host": "'${replica_endpoint1}'", "port": 3306, "weight": 100},{"host": "'${replica_endpoint2}'", "port": 3306, "weight": 100}]}]}}}' + kubectl_bin config set-context $(kubectl_bin config current-context) --namespace="$replica_namespace" desc "Write data to replica cluster" run_mysql \ 'CREATE DATABASE IF NOT EXISTS myApp; use myApp; CREATE TABLE IF NOT EXISTS testReplicaSource (id int PRIMARY KEY);' \ @@ -106,7 +139,7 @@ main() { sleep 15 - desc "Check replication replica -> source works on" + desc "Check replication works between replica -> source" kubectl_bin config set-context $(kubectl_bin config current-context) --namespace="$namespace" compare_mysql_cmd "select-3" "SELECT * from myApp.testReplicaSource;" "-h $source_endpoint0 -uroot -proot_password" compare_mysql_cmd "select-3" "SELECT * from myApp.testReplicaSource;" "-h $source_endpoint1 -uroot -proot_password" diff --git a/e2e-tests/functions b/e2e-tests/functions index 0af8c715ea..a94cd5cc83 100755 --- a/e2e-tests/functions +++ b/e2e-tests/functions @@ -286,6 +286,7 @@ deploy_operator() { | sed -e "s^image: .*^image: ${IMAGE}^" \ | sed -e "s^failureThreshold: .*^failureThreshold: 10^" \ | yq eval '(select(.kind == "Deployment").spec.template.spec.containers[] | select(.name == "percona-xtradb-cluster-operator").env[] | select(.name == "DISABLE_TELEMETRY").value) = "true"' - \ + | yq eval '(select(.kind == "Deployment").spec.template.spec.containers[] | select(.name == "percona-xtradb-cluster-operator").env[] | select(.name == "LOG_LEVEL").value) = "DEBUG"' - \ | kubectl_bin apply -f - else apply_rbac rbac @@ -293,6 +294,7 @@ deploy_operator() { | sed -e "s^image: .*^image: ${IMAGE}^" \ | sed -e "s^failureThreshold: .*^failureThreshold: 10^" \ | yq eval '(select(.kind == "Deployment").spec.template.spec.containers[] | select(.name == "percona-xtradb-cluster-operator").env[] | select(.name == "DISABLE_TELEMETRY").value) = "true"' - \ + | yq eval '(select(.kind == "Deployment").spec.template.spec.containers[] | select(.name == "percona-xtradb-cluster-operator").env[] | select(.name == "LOG_LEVEL").value) = "DEBUG"' - \ | kubectl_bin apply -f - fi @@ -1408,6 +1410,7 @@ function deploy_operator_gh() { cat "${tmp_dir}/${operator_yaml}_${git_tag}.yaml" \ | sed -e "s^image: .*^image: ${IMAGE}^" \ | yq eval '(select(.kind == "Deployment").spec.template.spec.containers[] | select(.name == "percona-xtradb-cluster-operator").env[] | select(.name == "DISABLE_TELEMETRY").value) = "true"' \ + | yq eval '(select(.kind == "Deployment").spec.template.spec.containers[] | select(.name == "percona-xtradb-cluster-operator").env[] | select(.name == "LOG_LEVEL").value) = "DEBUG"' \ | kubectl_bin apply ${OPERATOR_NS:+-n $OPERATOR_NS} -f - sleep 2 From 502fe68e89fca3c447fc847184669584c9ff3e6e Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Mon, 18 Dec 2023 14:55:20 +0200 Subject: [PATCH 23/25] K8SPXC-1329: add `PMM_AGENT_PATHS_TEMPDIR` to pmm-agent sidecar (#1558) * K8SPXC-1329: add `PMM_AGENT_PATHS_TEMPDIR` to pmm-agent sidecar https://jira.percona.com/browse/K8SPXC-1329 * fix tests --------- Co-authored-by: Viacheslav Sarzhan --- ...tefulset_no-limits-proxysql-increased-k127.yml | 2 ++ ...tatefulset_no-limits-proxysql-increased-oc.yml | 2 ++ .../statefulset_no-limits-proxysql-increased.yml | 2 ++ .../statefulset_no-limits-proxysql-k127.yml | 2 ++ .../compare/statefulset_no-limits-proxysql-oc.yml | 2 ++ .../compare/statefulset_no-limits-proxysql.yml | 2 ++ .../statefulset_no-limits-pxc-increased-k127.yml | 2 ++ .../statefulset_no-limits-pxc-increased-oc.yml | 2 ++ .../statefulset_no-limits-pxc-increased.yml | 2 ++ .../compare/statefulset_no-limits-pxc-k127.yml | 2 ++ .../compare/statefulset_no-limits-pxc-oc.yml | 2 ++ .../limits/compare/statefulset_no-limits-pxc.yml | 2 ++ .../statefulset_monitoring-haproxy-k127.yml | 2 ++ .../compare/statefulset_monitoring-haproxy.yml | 2 ++ .../compare/statefulset_monitoring-pxc-k127.yml | 2 ++ .../compare/statefulset_monitoring-pxc-oc.yml | 2 ++ .../compare/statefulset_monitoring-pxc.yml | 2 ++ pkg/pxc/app/statefulset/haproxy.go | 15 ++++++++++++++- pkg/pxc/app/statefulset/node.go | 12 ++++++++++++ pkg/pxc/app/statefulset/proxysql.go | 15 ++++++++++++++- 20 files changed, 74 insertions(+), 2 deletions(-) diff --git a/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased-k127.yml b/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased-k127.yml index 29fe3a7ab6..e8dfc1c5d2 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased-k127.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased-k127.yml @@ -120,6 +120,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-proxysql diff --git a/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased-oc.yml b/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased-oc.yml index ec211babc2..f8065eec5d 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased-oc.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased-oc.yml @@ -117,6 +117,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-proxysql diff --git a/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased.yml b/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased.yml index 7b2e01bc69..1a67e85949 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-proxysql-increased.yml @@ -117,6 +117,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-proxysql diff --git a/e2e-tests/limits/compare/statefulset_no-limits-proxysql-k127.yml b/e2e-tests/limits/compare/statefulset_no-limits-proxysql-k127.yml index ff7a8753b2..6e4816c229 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-proxysql-k127.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-proxysql-k127.yml @@ -120,6 +120,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-proxysql diff --git a/e2e-tests/limits/compare/statefulset_no-limits-proxysql-oc.yml b/e2e-tests/limits/compare/statefulset_no-limits-proxysql-oc.yml index cfe7bbf07e..297f5ec769 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-proxysql-oc.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-proxysql-oc.yml @@ -117,6 +117,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-proxysql diff --git a/e2e-tests/limits/compare/statefulset_no-limits-proxysql.yml b/e2e-tests/limits/compare/statefulset_no-limits-proxysql.yml index 35788e5d21..f5921bf17e 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-proxysql.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-proxysql.yml @@ -117,6 +117,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-proxysql diff --git a/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased-k127.yml b/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased-k127.yml index 5c826b10ce..b7b24e4303 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased-k127.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased-k127.yml @@ -115,6 +115,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-pxc diff --git a/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased-oc.yml b/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased-oc.yml index 0467b4d0bb..1b5c0a4247 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased-oc.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased-oc.yml @@ -112,6 +112,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-pxc diff --git a/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased.yml b/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased.yml index a6f2b50be4..709bce41b6 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-pxc-increased.yml @@ -112,6 +112,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-pxc diff --git a/e2e-tests/limits/compare/statefulset_no-limits-pxc-k127.yml b/e2e-tests/limits/compare/statefulset_no-limits-pxc-k127.yml index 51c563fe1c..cee769e2ea 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-pxc-k127.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-pxc-k127.yml @@ -115,6 +115,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-pxc diff --git a/e2e-tests/limits/compare/statefulset_no-limits-pxc-oc.yml b/e2e-tests/limits/compare/statefulset_no-limits-pxc-oc.yml index d0927aa0a3..7366bb3cac 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-pxc-oc.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-pxc-oc.yml @@ -112,6 +112,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-pxc diff --git a/e2e-tests/limits/compare/statefulset_no-limits-pxc.yml b/e2e-tests/limits/compare/statefulset_no-limits-pxc.yml index 9a92baa21d..caa12da6b4 100644 --- a/e2e-tests/limits/compare/statefulset_no-limits-pxc.yml +++ b/e2e-tests/limits/compare/statefulset_no-limits-pxc.yml @@ -112,6 +112,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: no-limits-env-vars-pxc diff --git a/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-haproxy-k127.yml b/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-haproxy-k127.yml index f3e68671ef..f0cd181977 100644 --- a/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-haproxy-k127.yml +++ b/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-haproxy-k127.yml @@ -121,6 +121,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp imagePullPolicy: Always lifecycle: preStop: diff --git a/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-haproxy.yml b/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-haproxy.yml index e80a2fa31e..35093b196d 100644 --- a/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-haproxy.yml +++ b/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-haproxy.yml @@ -118,6 +118,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp imagePullPolicy: Always lifecycle: preStop: diff --git a/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc-k127.yml b/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc-k127.yml index 3cbe5bacac..4f8660bd3c 100644 --- a/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc-k127.yml +++ b/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc-k127.yml @@ -116,6 +116,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: monitoring-env-vars-pxc diff --git a/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc-oc.yml b/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc-oc.yml index 7db8b0d0f9..5ede3988d5 100644 --- a/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc-oc.yml +++ b/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc-oc.yml @@ -113,6 +113,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: monitoring-env-vars-pxc diff --git a/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc.yml b/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc.yml index 25a57ca830..f5d1b245c5 100644 --- a/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc.yml +++ b/e2e-tests/monitoring-2-0/compare/statefulset_monitoring-pxc.yml @@ -113,6 +113,8 @@ spec: value: "true" - name: PMM_AGENT_SIDECAR_SLEEP value: "5" + - name: PMM_AGENT_PATHS_TEMPDIR + value: /tmp envFrom: - secretRef: name: monitoring-env-vars-pxc diff --git a/pkg/pxc/app/statefulset/haproxy.go b/pkg/pxc/app/statefulset/haproxy.go index 8b8e213007..6632ef8a47 100644 --- a/pkg/pxc/app/statefulset/haproxy.go +++ b/pkg/pxc/app/statefulset/haproxy.go @@ -59,7 +59,8 @@ func (c *HAProxy) Name() string { } func (c *HAProxy) AppContainer(spec *api.PodSpec, secrets string, cr *api.PerconaXtraDBCluster, - _ []corev1.Volume) (corev1.Container, error) { + _ []corev1.Volume, +) (corev1.Container, error) { appc := corev1.Container{ Name: haproxyName, Image: spec.Image, @@ -364,6 +365,18 @@ func (c *HAProxy) PMMContainer(spec *api.PMMSpec, secret *corev1.Secret, cr *api ct.Env = append(ct.Env, sidecarEnvs...) } + if cr.CompareVersionWith("1.14.0") >= 0 { + // PMM team moved temp directory to /usr/local/percona/pmm2/tmp + // but it doesn't work on OpenShift so we set it back to /tmp + sidecarEnvs := []corev1.EnvVar{ + { + Name: "PMM_AGENT_PATHS_TEMPDIR", + Value: "/tmp", + }, + } + ct.Env = append(ct.Env, sidecarEnvs...) + } + ct.Resources = spec.Resources return &ct, nil diff --git a/pkg/pxc/app/statefulset/node.go b/pkg/pxc/app/statefulset/node.go index f79382338c..8e3560d64d 100644 --- a/pkg/pxc/app/statefulset/node.go +++ b/pkg/pxc/app/statefulset/node.go @@ -456,6 +456,18 @@ func (c *Node) PMMContainer(spec *api.PMMSpec, secret *corev1.Secret, cr *api.Pe ct.Env = append(ct.Env, sidecarEnvs...) } + if cr.CompareVersionWith("1.14.0") >= 0 { + // PMM team moved temp directory to /usr/local/percona/pmm2/tmp + // but it doesn't work on OpenShift so we set it back to /tmp + sidecarEnvs := []corev1.EnvVar{ + { + Name: "PMM_AGENT_PATHS_TEMPDIR", + Value: "/tmp", + }, + } + ct.Env = append(ct.Env, sidecarEnvs...) + } + ct.VolumeMounts = []corev1.VolumeMount{ { Name: app.DataVolumeName, diff --git a/pkg/pxc/app/statefulset/proxysql.go b/pkg/pxc/app/statefulset/proxysql.go index ae74e7b130..a6b44eee72 100644 --- a/pkg/pxc/app/statefulset/proxysql.go +++ b/pkg/pxc/app/statefulset/proxysql.go @@ -56,7 +56,8 @@ func (c *Proxy) Name() string { } func (c *Proxy) AppContainer(spec *api.PodSpec, secrets string, cr *api.PerconaXtraDBCluster, - availableVolumes []corev1.Volume) (corev1.Container, error) { + availableVolumes []corev1.Volume, +) (corev1.Container, error) { appc := corev1.Container{ Name: proxyName, Image: spec.Image, @@ -388,6 +389,18 @@ func (c *Proxy) PMMContainer(spec *api.PMMSpec, secret *corev1.Secret, cr *api.P ct.Env = append(ct.Env, sidecarEnvs...) } + if cr.CompareVersionWith("1.14.0") >= 0 { + // PMM team moved temp directory to /usr/local/percona/pmm2/tmp + // but it doesn't work on OpenShift so we set it back to /tmp + sidecarEnvs := []corev1.EnvVar{ + { + Name: "PMM_AGENT_PATHS_TEMPDIR", + Value: "/tmp", + }, + } + ct.Env = append(ct.Env, sidecarEnvs...) + } + return &ct, nil } From 45cce3beeed9f8534bd5fb0bfbed331cd839240e Mon Sep 17 00:00:00 2001 From: Natalia Marukovich Date: Mon, 18 Dec 2023 17:22:52 +0400 Subject: [PATCH 24/25] K8SPXC-1269 add possibility to switch from haproxy to proxysql in 5.7 (#1560) * K8SPXC-1269 add possibility to switch from haproxy to proxysql in 5.7 * fix test * Update pkg/controller/pxc/controller.go Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Viacheslav Sarzhan --- pkg/controller/pxc/controller.go | 4 ++-- pkg/controller/pxc/controller_test.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/controller/pxc/controller.go b/pkg/controller/pxc/controller.go index fed25d5493..2f596e098e 100644 --- a/pkg/controller/pxc/controller.go +++ b/pkg/controller/pxc/controller.go @@ -266,8 +266,8 @@ func (r *ReconcilePerconaXtraDBCluster) Reconcile(ctx context.Context, request r }, } err = r.client.Get(ctx, client.ObjectKeyFromObject(&haproxySts), &haproxySts) - if err == nil { - return reconcile.Result{}, errors.Errorf("failed to enable ProxySQL: you can't switch from HAProxy to ProxySQL on the fly") + if err == nil && !strings.HasPrefix(o.Status.PXC.Version, "5.7") { + return reconcile.Result{}, errors.Errorf("failed to enable ProxySQL: for mysql version 8.0 you can't switch from HAProxy to ProxySQL") } } diff --git a/pkg/controller/pxc/controller_test.go b/pkg/controller/pxc/controller_test.go index 7b5db24018..378bbe7bf5 100644 --- a/pkg/controller/pxc/controller_test.go +++ b/pkg/controller/pxc/controller_test.go @@ -671,7 +671,7 @@ var _ = Describe("Authentication policy", Ordered, func() { It("should NOT reconcile", func() { _, err := reconciler().Reconcile(ctx, ctrl.Request{NamespacedName: crNamespacedName}) - Expect(err).To(MatchError("failed to enable ProxySQL: you can't switch from HAProxy to ProxySQL on the fly")) + Expect(err).To(MatchError("failed to enable ProxySQL: for mysql version 8.0 you can't switch from HAProxy to ProxySQL")) }) }) }) From 16a4e676cb10f5e4c681f37d00812696966da4c4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Dec 2023 16:40:44 +0200 Subject: [PATCH 25/25] CLOUD-727: Bump github.com/cert-manager/cert-manager from 1.12.1 to 1.13.3 (#1548) * CLOUD-727: Bump github.com/cert-manager/cert-manager Bumps [github.com/cert-manager/cert-manager](https://github.com/cert-manager/cert-manager) from 1.12.1 to 1.13.3. - [Release notes](https://github.com/cert-manager/cert-manager/releases) - [Commits](https://github.com/cert-manager/cert-manager/compare/v1.12.1...v1.13.3) --- updated-dependencies: - dependency-name: github.com/cert-manager/cert-manager dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] * fix --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andrii Dema Co-authored-by: Viacheslav Sarzhan --- cmd/manager/main.go | 22 +++++++--- go.mod | 41 +++++++++--------- go.sum | 103 ++++++++++++++++++++++++++------------------ 3 files changed, 97 insertions(+), 69 deletions(-) diff --git a/cmd/manager/main.go b/cmd/manager/main.go index 0bb0796f1f..c3af90e9a6 100644 --- a/cmd/manager/main.go +++ b/cmd/manager/main.go @@ -20,6 +20,8 @@ import ( "sigs.k8s.io/controller-runtime/pkg/cache" "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" + metricsServer "sigs.k8s.io/controller-runtime/pkg/metrics/server" + ctrlWebhook "sigs.k8s.io/controller-runtime/pkg/webhook" _ "github.com/Percona-Lab/percona-version-service/api" "github.com/percona/percona-xtradb-cluster-operator/pkg/apis" @@ -84,19 +86,25 @@ func main() { } options := ctrl.Options{ - Scheme: scheme, - MetricsBindAddress: metricsAddr, - Port: 9443, + Scheme: scheme, + Metrics: metricsServer.Options{ + BindAddress: metricsAddr, + }, HealthProbeBindAddress: probeAddr, LeaderElection: enableLeaderElection, - LeaderElectionID: "08db1feb.percona.com", - Namespace: namespace, + LeaderElectionID: "08db0feb.percona.com", + WebhookServer: ctrlWebhook.NewServer(ctrlWebhook.Options{ + Port: 9443, + }), } // Add support for MultiNamespace set in WATCH_NAMESPACE if len(namespace) > 0 { - options.Namespace = "" - options.NewCache = cache.MultiNamespacedCacheBuilder(append(strings.Split(namespace, ","), operatorNamespace)) + namespaces := make(map[string]cache.Config) + for _, ns := range append(strings.Split(namespace, ","), operatorNamespace) { + namespaces[ns] = cache.Config{} + } + options.Cache.DefaultNamespaces = namespaces } // Get a config to talk to the apiserver diff --git a/go.mod b/go.mod index 0469dcbba1..eee0d0c9b0 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.0 github.com/Percona-Lab/percona-version-service/api v0.0.0-20201216104127-a39f2dded3cc github.com/caarlos0/env v3.5.0+incompatible - github.com/cert-manager/cert-manager v1.12.1 + github.com/cert-manager/cert-manager v1.13.3 github.com/flosch/pongo2/v6 v6.0.0 github.com/go-ini/ini v1.67.0 github.com/go-logr/logr v1.3.0 @@ -30,7 +30,7 @@ require ( k8s.io/apimachinery v0.28.4 k8s.io/client-go v0.28.4 k8s.io/klog/v2 v2.110.1 - sigs.k8s.io/controller-runtime v0.15.0 + sigs.k8s.io/controller-runtime v0.16.1 ) require ( @@ -39,9 +39,9 @@ require ( github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dustin/go-humanize v1.0.1 // indirect - github.com/emicklei/go-restful/v3 v3.9.0 // indirect + github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect @@ -58,7 +58,7 @@ require ( github.com/google/gnostic-models v0.6.8 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect - github.com/google/uuid v1.3.0 // indirect + github.com/google/uuid v1.3.1 // indirect github.com/imdario/mergo v0.3.12 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect @@ -75,40 +75,41 @@ require ( github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/oklog/ulid v1.3.1 // indirect github.com/opentracing/opentracing-go v1.2.0 // indirect - github.com/prometheus/client_golang v1.15.1 // indirect + github.com/prometheus/client_golang v1.16.0 // indirect github.com/prometheus/client_model v0.4.0 // indirect - github.com/prometheus/common v0.42.0 // indirect - github.com/prometheus/procfs v0.9.0 // indirect + github.com/prometheus/common v0.44.0 // indirect + github.com/prometheus/procfs v0.10.1 // indirect github.com/rs/xid v1.5.0 // indirect github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/pflag v1.0.5 // indirect go.mongodb.org/mongo-driver v1.13.1 // indirect - go.opentelemetry.io/otel v1.17.0 // indirect - go.opentelemetry.io/otel/metric v1.17.0 // indirect - go.opentelemetry.io/otel/trace v1.17.0 // indirect - go.uber.org/multierr v1.10.0 // indirect + go.opentelemetry.io/otel v1.20.0 // indirect + go.opentelemetry.io/otel/metric v1.20.0 // indirect + go.opentelemetry.io/otel/trace v1.20.0 // indirect + go.uber.org/multierr v1.11.0 // indirect golang.org/x/crypto v0.14.0 // indirect + golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect golang.org/x/net v0.17.0 // indirect - golang.org/x/oauth2 v0.8.0 // indirect + golang.org/x/oauth2 v0.12.0 // indirect golang.org/x/sys v0.14.0 // indirect golang.org/x/term v0.13.0 // indirect golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.14.0 // indirect - gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect + gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/protobuf v1.31.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.27.2 // indirect - k8s.io/component-base v0.27.2 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect - k8s.io/utils v0.0.0-20230505201702-9f6742963106 // indirect - sigs.k8s.io/gateway-api v0.7.0 // indirect + k8s.io/apiextensions-apiserver v0.28.1 // indirect + k8s.io/component-base v0.28.1 // indirect + k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f // indirect + k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + sigs.k8s.io/gateway-api v0.8.0 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.3.0 // indirect sigs.k8s.io/yaml v1.3.0 // indirect ) diff --git a/go.sum b/go.sum index b09b5b416a..132aa4f00a 100644 --- a/go.sum +++ b/go.sum @@ -1,16 +1,20 @@ -github.com/Azure/azure-sdk-for-go v67.3.0+incompatible h1:QEvenaO+Y9ShPeCWsSAtolzVUcb0T0tPeek5TDsovuM= +github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.7.0 h1:8q4SaHjFsClSvuVne0ID/5Ka8u3fcIHyqkLjcFpNRHQ= github.com/Azure/azure-sdk-for-go/sdk/azcore v1.7.0/go.mod h1:bjGvMhVMb+EEm3VRNQawDMUyMMjo+S5ewNjflkep/0Q= github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0 h1:vcYCAze6p19qBW7MhZybIsqD8sMV8js0NyQM8JDnVtg= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0/go.mod h1:OQeznEEkTZ9OrhHJoDD8ZDq51FHgXjqtP9z6bEwBq9U= github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 h1:sXr+ck84g/ZlZUOZiNELInmMgOsuGwdjjVkEIde0OtY= github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.2.0 h1:Ma67P/GGprNwsslzEH6+Kb8nybI8jpDTm4Wmzu2ReK8= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.2.0/go.mod h1:c+Lifp3EDEamAkPVzMooRNOK6CZjNSdEnf1A7jsI9u4= github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.0 h1:gggzg0SUMs6SQbEw+3LoSsYf9YMjkupeAnHMX8O9mmY= github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.2.0/go.mod h1:+6KLcKIVgxoBDMqMO/Nvy7bZ9a0nbU3I1DtFQK3YvB4= github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 h1:OBhqkivkhkMqLPymWEppkm7vgPQY2XsHoEkaMQ0AdZY= +github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0/go.mod h1:kgDmCTgBzIEPFElEF+FK0SdjAor06dRq2Go927dnQ6o= github.com/Percona-Lab/percona-version-service/api v0.0.0-20201216104127-a39f2dded3cc h1:Teed8lKNzSXdHZCd8HhOJVNptRyShOdsul5w6656IVE= github.com/Percona-Lab/percona-version-service/api v0.0.0-20201216104127-a39f2dded3cc/go.mod h1:QDbZ+DHh0CkTHN6LRkMQd1pEl3b30EaNZ9FA97Mb3TA= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= @@ -18,8 +22,8 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/caarlos0/env v3.5.0+incompatible h1:Yy0UN8o9Wtr/jGHZDpCBLpNrzcFLLM2yixi/rBrKyJs= github.com/caarlos0/env v3.5.0+incompatible/go.mod h1:tdCsowwCzMLdkqRYDlHpZCp2UooDD3MspDBjZ2AD02Y= -github.com/cert-manager/cert-manager v1.12.1 h1:QA8/diGdInzBRhqiyTITPC+wI9FaXbgOAAT3Dwe9KZE= -github.com/cert-manager/cert-manager v1.12.1/go.mod h1:ql0msU88JCcQSceN+PFjEY8U+AMe13y06vO2klJk8bs= +github.com/cert-manager/cert-manager v1.13.3 h1:3R4G0RI7K0OkTZhWlVOC5SGZMYa2NwqmQJoyKydrz/M= +github.com/cert-manager/cert-manager v1.13.3/go.mod h1:BM2+Pt/NmSv1Zr25/MHv6BgIEF9IUxA1xAjp80qkxgc= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= @@ -27,13 +31,15 @@ github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5P github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= +github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= -github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= -github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= +github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= @@ -89,6 +95,7 @@ github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= +github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -101,6 +108,7 @@ github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvR github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -109,8 +117,8 @@ github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/ github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= +github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= @@ -133,11 +141,13 @@ github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZY github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= @@ -175,22 +185,25 @@ github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8P github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= +github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.15.1 h1:8tXpTmJbyH5lydzFPoxSIJ0J46jdh3tylbvM1xCv0LI= -github.com/prometheus/client_golang v1.15.1/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= +github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= -github.com/prometheus/common v0.42.0 h1:EKsfXEYo4JpWMHH5cg+KOUWeuJSov1Id8zGR8eeI1YM= -github.com/prometheus/common v0.42.0/go.mod h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc= -github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI= -github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY= +github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= +github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= +github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= +github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/rs/xid v1.5.0 h1:mKX4bl4iPYJtEIxp6CYiUuLQ/8DYMoz0PUdtGgMFRVc= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= @@ -207,6 +220,7 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= github.com/xdg-go/scram v1.1.1/go.mod h1:RaEWvsqvNKKvBPvcKeFjrG2cJqOkHTiyTpzz23ni57g= @@ -220,16 +234,18 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8= go.mongodb.org/mongo-driver v1.13.1 h1:YIc7HTYsKndGK4RFzJ3covLz1byri52x0IoMB0Pt/vk= go.mongodb.org/mongo-driver v1.13.1/go.mod h1:wcDf1JBCXy2mOW0bWHwO/IOYqdca1MPCwDtFu/Z9+eo= -go.opentelemetry.io/otel v1.17.0 h1:MW+phZ6WZ5/uk2nd93ANk/6yJ+dVrvNWUjGhnnFU5jM= -go.opentelemetry.io/otel v1.17.0/go.mod h1:I2vmBGtFaODIVMBSTPVDlJSzBDNf93k60E6Ft0nyjo0= -go.opentelemetry.io/otel/metric v1.17.0 h1:iG6LGVz5Gh+IuO0jmgvpTB6YVrCGngi8QGm+pMd8Pdc= -go.opentelemetry.io/otel/metric v1.17.0/go.mod h1:h4skoxdZI17AxwITdmdZjjYJQH5nzijUUjm+wtPph5o= -go.opentelemetry.io/otel/sdk v1.17.0 h1:FLN2X66Ke/k5Sg3V623Q7h7nt3cHXaW1FOvKKrW0IpE= -go.opentelemetry.io/otel/trace v1.17.0 h1:/SWhSRHmDPOImIAetP1QAeMnZYiQXrTy4fMMYOdSKWQ= -go.opentelemetry.io/otel/trace v1.17.0/go.mod h1:I/4vKTgFclIsXRVucpH25X0mpFSczM7aHeaz0ZBLWjY= +go.opentelemetry.io/otel v1.20.0 h1:vsb/ggIY+hUjD/zCAQHpzTmndPqv/ml2ArbsbfBYTAc= +go.opentelemetry.io/otel v1.20.0/go.mod h1:oUIGj3D77RwJdM6PPZImDpSZGDvkD9fhesHny69JFrs= +go.opentelemetry.io/otel/metric v1.20.0 h1:ZlrO8Hu9+GAhnepmRGhSU7/VkpjrNowxRN9GyKR4wzA= +go.opentelemetry.io/otel/metric v1.20.0/go.mod h1:90DRw3nfK4D7Sm/75yQ00gTJxtkBxX+wu6YaNymbpVM= +go.opentelemetry.io/otel/sdk v1.20.0 h1:5Jf6imeFZlZtKv9Qbo6qt2ZkmWtdWx/wzcCbNUlAWGM= +go.opentelemetry.io/otel/sdk v1.20.0/go.mod h1:rmkSx1cZCm/tn16iWDn1GQbLtsW/LvsdEEFzCSRM6V0= +go.opentelemetry.io/otel/trace v1.20.0 h1:+yxVAPZPbQhbC3OfAkeIVTky6iTFpcr4SiY9om7mXSQ= +go.opentelemetry.io/otel/trace v1.20.0/go.mod h1:HJSK7F/hA5RlzpZ0zKDCHCDHm556LCDtKaAo6JmBFUU= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ= -go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= @@ -239,10 +255,13 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= +golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= +golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= +golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -253,8 +272,8 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= -golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= +golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4= +golang.org/x/oauth2 v0.12.0/go.mod h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -303,8 +322,8 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.3.0 h1:8NFhfS6gzxNqjLIYnZxg319wZ5Qjnx4m/CcX+Klzazc= -gomodules.xyz/jsonpatch/v2 v2.3.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= +gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= +gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= @@ -332,27 +351,27 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY= k8s.io/api v0.28.4/go.mod h1:axWTGrY88s/5YE+JSt4uUi6NMM+gur1en2REMR7IRj0= -k8s.io/apiextensions-apiserver v0.27.2 h1:iwhyoeS4xj9Y7v8YExhUwbVuBhMr3Q4bd/laClBV6Bo= -k8s.io/apiextensions-apiserver v0.27.2/go.mod h1:Oz9UdvGguL3ULgRdY9QMUzL2RZImotgxvGjdWRq6ZXQ= +k8s.io/apiextensions-apiserver v0.28.1 h1:l2ThkBRjrWpw4f24uq0Da2HaEgqJZ7pcgiEUTKSmQZw= +k8s.io/apiextensions-apiserver v0.28.1/go.mod h1:sVvrI+P4vxh2YBBcm8n2ThjNyzU4BQGilCQ/JAY5kGs= k8s.io/apimachinery v0.28.4 h1:zOSJe1mc+GxuMnFzD4Z/U1wst50X28ZNsn5bhgIIao8= k8s.io/apimachinery v0.28.4/go.mod h1:wI37ncBvfAoswfq626yPTe6Bz1c22L7uaJ8dho83mgg= k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY= k8s.io/client-go v0.28.4/go.mod h1:0VDZFpgoZfelyP5Wqu0/r/TRYcLYuJ2U1KEeoaPa1N4= -k8s.io/component-base v0.27.2 h1:neju+7s/r5O4x4/txeUONNTS9r1HsPbyoPBAtHsDCpo= -k8s.io/component-base v0.27.2/go.mod h1:5UPk7EjfgrfgRIuDBFtsEFAe4DAvP3U+M8RTzoSJkpo= +k8s.io/component-base v0.28.1 h1:LA4AujMlK2mr0tZbQDZkjWbdhTV5bRyEyAFe0TJxlWg= +k8s.io/component-base v0.28.1/go.mod h1:jI11OyhbX21Qtbav7JkhehyBsIRfnO8oEgoAR12ArIU= k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= -k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU= -k8s.io/utils v0.0.0-20230505201702-9f6742963106/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.15.0 h1:ML+5Adt3qZnMSYxZ7gAverBLNPSMQEibtzAgp0UPojU= -sigs.k8s.io/controller-runtime v0.15.0/go.mod h1:7ngYvp1MLT+9GeZ+6lH3LOlcHkp/+tzA/fmHa4iq9kk= -sigs.k8s.io/gateway-api v0.7.0 h1:/mG8yyJNBifqvuVLW5gwlI4CQs0NR/5q4BKUlf1bVdY= -sigs.k8s.io/gateway-api v0.7.0/go.mod h1:Xv0+ZMxX0lu1nSSDIIPEfbVztgNZ+3cfiYrJsa2Ooso= +k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f h1:eeEUOoGYWhOz7EyXqhlR2zHKNw2mNJ9vzJmub6YN6kk= +k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.16.1 h1:+15lzrmHsE0s2kNl0Dl8cTchI5Cs8qofo5PGcPrV9z0= +sigs.k8s.io/controller-runtime v0.16.1/go.mod h1:vpMu3LpI5sYWtujJOa2uPK61nB5rbwlN7BAB8aSLvGU= +sigs.k8s.io/gateway-api v0.8.0 h1:isQQ3Jx2qFP7vaA3ls0846F0Amp9Eq14P08xbSwVbQg= +sigs.k8s.io/gateway-api v0.8.0/go.mod h1:okOnjPNBFbIS/Rw9kAhuIUaIkLhTKEu+ARIuXk2dgaM= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= +sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk= +sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=