From 6fc06f03f73fdfaf61054c0464373de0a3960f85 Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Tue, 19 Nov 2024 14:35:35 +0200 Subject: [PATCH 01/13] K8SPSMDB-1172: fix special chars in backup user/password https://perconadev.atlassian.net/browse/K8SPSMDB-1172 --- e2e-tests/conf/secrets.yml | 4 +-- e2e-tests/conf/secrets_with_tls.yml | 4 +-- .../custom-replset-name/conf/some-name.yml | 2 +- .../compare/statefulset_some-name-cfg-oc.yml | 4 +-- .../compare/statefulset_some-name-cfg.yml | 4 +-- .../compare/statefulset_some-name-rs0-oc.yml | 4 +-- .../compare/statefulset_some-name-rs0.yml | 4 +-- .../statefulset_my-cluster-name-cfg-oc.yml | 4 +-- .../statefulset_my-cluster-name-cfg.yml | 4 +-- .../statefulset_my-cluster-name-rs0-oc.yml | 4 +-- .../statefulset_my-cluster-name-rs0.yml | 4 +-- .../compare/statefulset_some-name-rs0.yml | 4 +-- .../compare/statefulset_some-name-rs0.yml | 4 +-- ...ulset_some-name-rs0_restore_sharded-oc.yml | 4 +-- ...tefulset_some-name-rs0_restore_sharded.yml | 4 +-- ...et_some-name-rs0_restore-arbiter-nv-oc.yml | 4 +-- ...ulset_some-name-rs0_restore-arbiter-nv.yml | 4 +-- .../statefulset_some-name-rs0_restore-oc.yml | 4 +-- .../statefulset_some-name-rs0_restore.yml | 4 +-- .../statefulset_some-name-cfg-4-oc.yml | 4 +-- .../compare/statefulset_some-name-cfg-oc.yml | 4 +-- .../compare/statefulset_some-name-cfg.yml | 4 +-- .../statefulset_some-name-rs0-4-oc.yml | 4 +-- .../compare/statefulset_some-name-rs0-oc.yml | 4 +-- .../compare/statefulset_some-name-rs0.yml | 4 +-- .../compare/statefulset_some-name-rs1-oc.yml | 4 +-- .../compare/statefulset_some-name-rs1.yml | 4 +-- .../compare/statefulset_some-name-rs2-oc.yml | 4 +-- .../compare/statefulset_some-name-rs2.yml | 4 +-- .../compare/statefulset_some-name-rs0-oc.yml | 4 +-- .../compare/statefulset_some-name-rs0.yml | 4 +-- e2e-tests/functions | 6 +++- .../statefulset_liveness-rs0-changed-oc.yml | 4 +-- .../statefulset_liveness-rs0-changed.yml | 4 +-- .../compare/statefulset_one-pod-rs0-oc.yml | 4 +-- .../statefulset_one-pod-rs0-secret-oc.yml | 4 +-- .../statefulset_one-pod-rs0-secret.yml | 4 +-- .../compare/statefulset_one-pod-rs0.yml | 4 +-- .../statefulset_some-name-cfg-4-oc.yml | 4 +-- .../compare/statefulset_some-name-cfg-oc.yml | 4 +-- .../compare/statefulset_some-name-cfg.yml | 4 +-- .../statefulset_some-name-rs0-4-oc.yml | 4 +-- .../compare/statefulset_some-name-rs0-oc.yml | 4 +-- .../compare/statefulset_some-name-rs0.yml | 4 +-- .../statefulset_some-name-rs1-4-oc.yml | 4 +-- .../compare/statefulset_some-name-rs1-oc.yml | 4 +-- .../compare/statefulset_some-name-rs1.yml | 4 +-- .../statefulset_some-name-rs2-4-oc.yml | 4 +-- .../compare/statefulset_some-name-rs2-oc.yml | 4 +-- .../compare/statefulset_some-name-rs2.yml | 4 +-- .../statefulset_some-name-cfg-4-oc.yml | 4 +-- .../compare/statefulset_some-name-cfg-oc.yml | 4 +-- .../compare/statefulset_some-name-cfg.yml | 4 +-- .../statefulset_some-name-rs0-4-oc.yml | 4 +-- .../compare/statefulset_some-name-rs0-oc.yml | 4 +-- .../compare/statefulset_some-name-rs0.yml | 4 +-- .../statefulset_some-name-rs1-4-oc.yml | 4 +-- .../compare/statefulset_some-name-rs1-oc.yml | 4 +-- .../compare/statefulset_some-name-rs1.yml | 4 +-- .../statefulset_some-name-rs2-4-oc.yml | 4 +-- .../compare/statefulset_some-name-rs2-oc.yml | 4 +-- .../compare/statefulset_some-name-rs2.yml | 4 +-- .../compare/statefulset_some-name-rs0-oc.yml | 4 +-- .../compare/statefulset_some-name-rs0.yml | 4 +-- .../compare/statefulset_some-name-rs0-oc.yml | 4 +-- .../compare/statefulset_some-name-rs0.yml | 4 +-- .../statefulset_sec-context-rs0-changed.yml | 4 +-- .../compare/statefulset_cluster-ip-rs0-oc.yml | 4 +-- .../compare/statefulset_cluster-ip-rs0.yml | 4 +-- .../statefulset_local-balancer-rs0-oc.yml | 4 +-- .../statefulset_local-balancer-rs0.yml | 4 +-- .../compare/statefulset_node-port-rs0-oc.yml | 4 +-- .../compare/statefulset_node-port-rs0.yml | 4 +-- e2e-tests/users/run | 36 +++++++++++-------- pkg/controller/perconaservermongodb/users.go | 35 ++++++++++++------ pkg/psmdb/statefulset.go | 8 +++-- 76 files changed, 199 insertions(+), 172 deletions(-) diff --git a/e2e-tests/conf/secrets.yml b/e2e-tests/conf/secrets.yml index 47ae5012ff..df4f20924b 100644 --- a/e2e-tests/conf/secrets.yml +++ b/e2e-tests/conf/secrets.yml @@ -4,8 +4,8 @@ metadata: name: some-users type: Opaque data: - MONGODB_BACKUP_USER: YmFja3Vw - MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2 + MONGODB_BACKUP_USER: YmFja3VwJCMl + MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2Iw== MONGODB_DATABASE_ADMIN_USER: ZGF0YWJhc2VBZG1pbg== MONGODB_DATABASE_ADMIN_PASSWORD: ZGF0YWJhc2VBZG1pbjEyMzQ1Ng== MONGODB_USER_ADMIN_USER: dXNlckFkbWlu diff --git a/e2e-tests/conf/secrets_with_tls.yml b/e2e-tests/conf/secrets_with_tls.yml index 773fe60249..51e33e9747 100644 --- a/e2e-tests/conf/secrets_with_tls.yml +++ b/e2e-tests/conf/secrets_with_tls.yml @@ -4,8 +4,8 @@ metadata: name: some-users type: Opaque data: - MONGODB_BACKUP_USER: YmFja3Vw - MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2 + MONGODB_BACKUP_USER: YmFja3VwJCMl + MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2Iw== MONGODB_DATABASE_ADMIN_USER: ZGF0YWJhc2VBZG1pbg== MONGODB_DATABASE_ADMIN_PASSWORD: ZGF0YWJhc2VBZG1pbjEyMzQ1Ng== MONGODB_USER_ADMIN_USER: dXNlckFkbWlu diff --git a/e2e-tests/custom-replset-name/conf/some-name.yml b/e2e-tests/custom-replset-name/conf/some-name.yml index 9dd2b04398..c34b9de33d 100644 --- a/e2e-tests/custom-replset-name/conf/some-name.yml +++ b/e2e-tests/custom-replset-name/conf/some-name.yml @@ -3,7 +3,7 @@ kind: PerconaServerMongoDB metadata: name: some-name spec: - crVersion: 1.16.0 + crVersion: 1.18.0 backup: enabled: true image: percona/percona-backup-mongodb:2.0.4 diff --git a/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-cfg-oc.yml b/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-cfg-oc.yml index b7b8b72f86..6e5ddd977d 100644 --- a/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-cfg-oc.yml +++ b/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-cfg-oc.yml @@ -141,13 +141,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-cfg.yml b/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-cfg.yml index 6935997d8b..c4efd8c751 100644 --- a/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-cfg.yml +++ b/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-cfg.yml @@ -142,13 +142,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-rs0-oc.yml b/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-rs0-oc.yml index 851fb27e0d..25743202d7 100644 --- a/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-rs0-oc.yml +++ b/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-rs0-oc.yml @@ -148,13 +148,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-rs0.yml b/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-rs0.yml index 307da430d1..518c9fc0d2 100644 --- a/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-rs0.yml +++ b/e2e-tests/data-at-rest-encryption/compare/statefulset_some-name-rs0.yml @@ -149,13 +149,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/default-cr/compare/statefulset_my-cluster-name-cfg-oc.yml b/e2e-tests/default-cr/compare/statefulset_my-cluster-name-cfg-oc.yml index d2b4a54067..a28ae0aaf4 100644 --- a/e2e-tests/default-cr/compare/statefulset_my-cluster-name-cfg-oc.yml +++ b/e2e-tests/default-cr/compare/statefulset_my-cluster-name-cfg-oc.yml @@ -147,13 +147,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-my-cluster-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-my-cluster-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/default-cr/compare/statefulset_my-cluster-name-cfg.yml b/e2e-tests/default-cr/compare/statefulset_my-cluster-name-cfg.yml index a12630b6c2..ac2fbeb261 100644 --- a/e2e-tests/default-cr/compare/statefulset_my-cluster-name-cfg.yml +++ b/e2e-tests/default-cr/compare/statefulset_my-cluster-name-cfg.yml @@ -148,13 +148,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-my-cluster-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-my-cluster-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/default-cr/compare/statefulset_my-cluster-name-rs0-oc.yml b/e2e-tests/default-cr/compare/statefulset_my-cluster-name-rs0-oc.yml index 198c7abe0f..60442d6d9e 100644 --- a/e2e-tests/default-cr/compare/statefulset_my-cluster-name-rs0-oc.yml +++ b/e2e-tests/default-cr/compare/statefulset_my-cluster-name-rs0-oc.yml @@ -147,13 +147,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-my-cluster-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-my-cluster-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/default-cr/compare/statefulset_my-cluster-name-rs0.yml b/e2e-tests/default-cr/compare/statefulset_my-cluster-name-rs0.yml index 18b7dbf1e4..fd1e706733 100644 --- a/e2e-tests/default-cr/compare/statefulset_my-cluster-name-rs0.yml +++ b/e2e-tests/default-cr/compare/statefulset_my-cluster-name-rs0.yml @@ -148,13 +148,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-my-cluster-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-my-cluster-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-eks-credentials/compare/statefulset_some-name-rs0.yml b/e2e-tests/demand-backup-eks-credentials/compare/statefulset_some-name-rs0.yml index 7d0ed280db..0f781ccac0 100644 --- a/e2e-tests/demand-backup-eks-credentials/compare/statefulset_some-name-rs0.yml +++ b/e2e-tests/demand-backup-eks-credentials/compare/statefulset_some-name-rs0.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-fs/compare/statefulset_some-name-rs0.yml b/e2e-tests/demand-backup-fs/compare/statefulset_some-name-rs0.yml index 15b556f506..6dbd4992bb 100644 --- a/e2e-tests/demand-backup-fs/compare/statefulset_some-name-rs0.yml +++ b/e2e-tests/demand-backup-fs/compare/statefulset_some-name-rs0.yml @@ -159,13 +159,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded-oc.yml b/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded-oc.yml index da0c8c96c4..5431ad1471 100644 --- a/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded-oc.yml +++ b/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded-oc.yml @@ -71,12 +71,12 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: some-users - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: some-users - name: POD_NAME valueFrom: diff --git a/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded.yml b/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded.yml index 7b9bd4007c..35aa9fd878 100644 --- a/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded.yml +++ b/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded.yml @@ -71,12 +71,12 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: some-users - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: some-users - name: POD_NAME valueFrom: diff --git a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv-oc.yml b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv-oc.yml index 67124caaec..9fd417d0c1 100644 --- a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv-oc.yml +++ b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv-oc.yml @@ -70,12 +70,12 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: some-users - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: some-users - name: POD_NAME valueFrom: diff --git a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv.yml b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv.yml index 89ca6ec396..be01c45779 100644 --- a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv.yml +++ b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv.yml @@ -70,12 +70,12 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: some-users - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: some-users - name: POD_NAME valueFrom: diff --git a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-oc.yml b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-oc.yml index 9725456cc9..530110fb30 100644 --- a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-oc.yml +++ b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-oc.yml @@ -70,12 +70,12 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: some-users - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: some-users - name: POD_NAME valueFrom: diff --git a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore.yml b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore.yml index f5a3db62f8..6d7310f9a4 100644 --- a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore.yml +++ b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore.yml @@ -70,12 +70,12 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: some-users - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: some-users - name: POD_NAME valueFrom: diff --git a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg-4-oc.yml b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg-4-oc.yml index 3af5d4247e..45b359662f 100644 --- a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg-4-oc.yml +++ b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg-4-oc.yml @@ -162,13 +162,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg-oc.yml b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg-oc.yml index 8cdb41c8c2..c883f54598 100644 --- a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg-oc.yml +++ b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg-oc.yml @@ -162,13 +162,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg.yml b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg.yml index 468ac78982..c461a21ab0 100644 --- a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg.yml +++ b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-cfg.yml @@ -163,13 +163,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0-4-oc.yml b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0-4-oc.yml index ea31b859d8..3635363d53 100644 --- a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0-4-oc.yml +++ b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0-4-oc.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0-oc.yml b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0-oc.yml index 198b29fa59..7f01ca26ca 100644 --- a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0-oc.yml +++ b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0-oc.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0.yml b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0.yml index 24ffe9ab28..3b81ccfc22 100644 --- a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0.yml +++ b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs0.yml @@ -151,13 +151,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs1-oc.yml b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs1-oc.yml index 84bd8fea48..3838034b9f 100644 --- a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs1-oc.yml +++ b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs1-oc.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs1.yml b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs1.yml index 4d7284b8e5..dda4712463 100644 --- a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs1.yml +++ b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs1.yml @@ -151,13 +151,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs2-oc.yml b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs2-oc.yml index ad1563ceee..984320a552 100644 --- a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs2-oc.yml +++ b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs2-oc.yml @@ -160,13 +160,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs2.yml b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs2.yml index 2245d41cf8..02599deb4a 100644 --- a/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs2.yml +++ b/e2e-tests/demand-backup-sharded/compare/statefulset_some-name-rs2.yml @@ -161,13 +161,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup/compare/statefulset_some-name-rs0-oc.yml b/e2e-tests/demand-backup/compare/statefulset_some-name-rs0-oc.yml index 0da2b27db3..b4fb0d75df 100644 --- a/e2e-tests/demand-backup/compare/statefulset_some-name-rs0-oc.yml +++ b/e2e-tests/demand-backup/compare/statefulset_some-name-rs0-oc.yml @@ -149,13 +149,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/demand-backup/compare/statefulset_some-name-rs0.yml b/e2e-tests/demand-backup/compare/statefulset_some-name-rs0.yml index 7d0ed280db..0f781ccac0 100644 --- a/e2e-tests/demand-backup/compare/statefulset_some-name-rs0.yml +++ b/e2e-tests/demand-backup/compare/statefulset_some-name-rs0.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/functions b/e2e-tests/functions index 90921a8444..b01d0206cc 100755 --- a/e2e-tests/functions +++ b/e2e-tests/functions @@ -262,7 +262,6 @@ wait_for_pbm_operations() { set_debug } - run_restore() { local backup_name=$1 @@ -1607,3 +1606,8 @@ wait_for_cluster_state() { done echo } + +function urlencode { + uri="$1" + echo -n "$uri" | jq -s -R -r @uri +} diff --git a/e2e-tests/liveness/compare/statefulset_liveness-rs0-changed-oc.yml b/e2e-tests/liveness/compare/statefulset_liveness-rs0-changed-oc.yml index ed56332cbd..ba90fcdf20 100644 --- a/e2e-tests/liveness/compare/statefulset_liveness-rs0-changed-oc.yml +++ b/e2e-tests/liveness/compare/statefulset_liveness-rs0-changed-oc.yml @@ -144,13 +144,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-liveness-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-liveness-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/liveness/compare/statefulset_liveness-rs0-changed.yml b/e2e-tests/liveness/compare/statefulset_liveness-rs0-changed.yml index 2b864fe03f..d4e53c0894 100644 --- a/e2e-tests/liveness/compare/statefulset_liveness-rs0-changed.yml +++ b/e2e-tests/liveness/compare/statefulset_liveness-rs0-changed.yml @@ -145,13 +145,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-liveness-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-liveness-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-oc.yml b/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-oc.yml index 38bf6d3d57..ff3937b7cf 100644 --- a/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-oc.yml +++ b/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-oc.yml @@ -155,13 +155,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-one-pod-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-one-pod-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-secret-oc.yml b/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-secret-oc.yml index b99c291809..80c3b60076 100644 --- a/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-secret-oc.yml +++ b/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-secret-oc.yml @@ -155,13 +155,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-one-pod-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-one-pod-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-secret.yml b/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-secret.yml index dc3169a016..73f9b9a9b2 100644 --- a/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-secret.yml +++ b/e2e-tests/one-pod/compare/statefulset_one-pod-rs0-secret.yml @@ -156,13 +156,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-one-pod-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-one-pod-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/one-pod/compare/statefulset_one-pod-rs0.yml b/e2e-tests/one-pod/compare/statefulset_one-pod-rs0.yml index 888e3e1b56..1180803aee 100644 --- a/e2e-tests/one-pod/compare/statefulset_one-pod-rs0.yml +++ b/e2e-tests/one-pod/compare/statefulset_one-pod-rs0.yml @@ -156,13 +156,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-one-pod-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-one-pod-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg-4-oc.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg-4-oc.yml index 41d891a44e..d5c5e37208 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg-4-oc.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg-4-oc.yml @@ -161,13 +161,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg-oc.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg-oc.yml index 41d891a44e..d5c5e37208 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg-oc.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg-oc.yml @@ -161,13 +161,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg.yml index 1704dd4295..0001be7d67 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-cfg.yml @@ -162,13 +162,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0-4-oc.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0-4-oc.yml index 198b29fa59..7f01ca26ca 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0-4-oc.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0-4-oc.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0-oc.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0-oc.yml index 198b29fa59..7f01ca26ca 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0-oc.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0-oc.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0.yml index 4682000eab..0e07add8cf 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs0.yml @@ -151,13 +151,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1-4-oc.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1-4-oc.yml index 84bd8fea48..3838034b9f 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1-4-oc.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1-4-oc.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1-oc.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1-oc.yml index baeff78d95..2771671f2a 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1-oc.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1-oc.yml @@ -148,13 +148,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1.yml index 4d7284b8e5..dda4712463 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs1.yml @@ -151,13 +151,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2-4-oc.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2-4-oc.yml index ad1563ceee..984320a552 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2-4-oc.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2-4-oc.yml @@ -160,13 +160,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2-oc.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2-oc.yml index 47f062d5cb..9346ce17f0 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2-oc.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2-oc.yml @@ -158,13 +158,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2.yml b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2.yml index 2245d41cf8..02599deb4a 100644 --- a/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2.yml +++ b/e2e-tests/pitr-physical/compare/statefulset_some-name-rs2.yml @@ -161,13 +161,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg-4-oc.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg-4-oc.yml index 3af5d4247e..45b359662f 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg-4-oc.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg-4-oc.yml @@ -162,13 +162,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg-oc.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg-oc.yml index 8cdb41c8c2..c883f54598 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg-oc.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg-oc.yml @@ -162,13 +162,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg.yml index 468ac78982..c461a21ab0 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-cfg.yml @@ -163,13 +163,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0-4-oc.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0-4-oc.yml index ea31b859d8..3635363d53 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0-4-oc.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0-4-oc.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0-oc.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0-oc.yml index 198b29fa59..7f01ca26ca 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0-oc.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0-oc.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0.yml index 24ffe9ab28..3b81ccfc22 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs0.yml @@ -151,13 +151,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1-4-oc.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1-4-oc.yml index 84bd8fea48..3838034b9f 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1-4-oc.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1-4-oc.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1-oc.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1-oc.yml index baeff78d95..2771671f2a 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1-oc.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1-oc.yml @@ -148,13 +148,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1.yml index 4d7284b8e5..dda4712463 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs1.yml @@ -151,13 +151,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2-4-oc.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2-4-oc.yml index ad1563ceee..984320a552 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2-4-oc.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2-4-oc.yml @@ -160,13 +160,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2-oc.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2-oc.yml index 47f062d5cb..9346ce17f0 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2-oc.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2-oc.yml @@ -158,13 +158,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2.yml b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2.yml index 2245d41cf8..02599deb4a 100644 --- a/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2.yml +++ b/e2e-tests/pitr-sharded/compare/statefulset_some-name-rs2.yml @@ -161,13 +161,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr/compare/statefulset_some-name-rs0-oc.yml b/e2e-tests/pitr/compare/statefulset_some-name-rs0-oc.yml index 0da2b27db3..b4fb0d75df 100644 --- a/e2e-tests/pitr/compare/statefulset_some-name-rs0-oc.yml +++ b/e2e-tests/pitr/compare/statefulset_some-name-rs0-oc.yml @@ -149,13 +149,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/pitr/compare/statefulset_some-name-rs0.yml b/e2e-tests/pitr/compare/statefulset_some-name-rs0.yml index 7d0ed280db..0f781ccac0 100644 --- a/e2e-tests/pitr/compare/statefulset_some-name-rs0.yml +++ b/e2e-tests/pitr/compare/statefulset_some-name-rs0.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/scheduled-backup/compare/statefulset_some-name-rs0-oc.yml b/e2e-tests/scheduled-backup/compare/statefulset_some-name-rs0-oc.yml index 4c2b4ef8a4..53da082309 100644 --- a/e2e-tests/scheduled-backup/compare/statefulset_some-name-rs0-oc.yml +++ b/e2e-tests/scheduled-backup/compare/statefulset_some-name-rs0-oc.yml @@ -149,13 +149,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/scheduled-backup/compare/statefulset_some-name-rs0.yml b/e2e-tests/scheduled-backup/compare/statefulset_some-name-rs0.yml index 945ec3743c..49832e53a9 100644 --- a/e2e-tests/scheduled-backup/compare/statefulset_some-name-rs0.yml +++ b/e2e-tests/scheduled-backup/compare/statefulset_some-name-rs0.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/security-context/compare/statefulset_sec-context-rs0-changed.yml b/e2e-tests/security-context/compare/statefulset_sec-context-rs0-changed.yml index 83f217fa8c..30118519ff 100644 --- a/e2e-tests/security-context/compare/statefulset_sec-context-rs0-changed.yml +++ b/e2e-tests/security-context/compare/statefulset_sec-context-rs0-changed.yml @@ -150,13 +150,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-sec-context-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-sec-context-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/service-per-pod/compare/statefulset_cluster-ip-rs0-oc.yml b/e2e-tests/service-per-pod/compare/statefulset_cluster-ip-rs0-oc.yml index c8cbb6ac4f..c5cbf500c5 100644 --- a/e2e-tests/service-per-pod/compare/statefulset_cluster-ip-rs0-oc.yml +++ b/e2e-tests/service-per-pod/compare/statefulset_cluster-ip-rs0-oc.yml @@ -142,13 +142,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-cluster-ip-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-cluster-ip-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/service-per-pod/compare/statefulset_cluster-ip-rs0.yml b/e2e-tests/service-per-pod/compare/statefulset_cluster-ip-rs0.yml index df36e2eee6..65b85632ef 100644 --- a/e2e-tests/service-per-pod/compare/statefulset_cluster-ip-rs0.yml +++ b/e2e-tests/service-per-pod/compare/statefulset_cluster-ip-rs0.yml @@ -143,13 +143,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-cluster-ip-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-cluster-ip-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/service-per-pod/compare/statefulset_local-balancer-rs0-oc.yml b/e2e-tests/service-per-pod/compare/statefulset_local-balancer-rs0-oc.yml index 673b027cff..f666bd0ed1 100644 --- a/e2e-tests/service-per-pod/compare/statefulset_local-balancer-rs0-oc.yml +++ b/e2e-tests/service-per-pod/compare/statefulset_local-balancer-rs0-oc.yml @@ -142,13 +142,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-local-balancer-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-local-balancer-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/service-per-pod/compare/statefulset_local-balancer-rs0.yml b/e2e-tests/service-per-pod/compare/statefulset_local-balancer-rs0.yml index 976052c5c0..073476605e 100644 --- a/e2e-tests/service-per-pod/compare/statefulset_local-balancer-rs0.yml +++ b/e2e-tests/service-per-pod/compare/statefulset_local-balancer-rs0.yml @@ -143,13 +143,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-local-balancer-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-local-balancer-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/service-per-pod/compare/statefulset_node-port-rs0-oc.yml b/e2e-tests/service-per-pod/compare/statefulset_node-port-rs0-oc.yml index 0092629b13..593e9768f7 100644 --- a/e2e-tests/service-per-pod/compare/statefulset_node-port-rs0-oc.yml +++ b/e2e-tests/service-per-pod/compare/statefulset_node-port-rs0-oc.yml @@ -142,13 +142,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-node-port-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-node-port-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/service-per-pod/compare/statefulset_node-port-rs0.yml b/e2e-tests/service-per-pod/compare/statefulset_node-port-rs0.yml index ecbfd0f053..f6ebbc1a70 100644 --- a/e2e-tests/service-per-pod/compare/statefulset_node-port-rs0.yml +++ b/e2e-tests/service-per-pod/compare/statefulset_node-port-rs0.yml @@ -143,13 +143,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-node-port-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-node-port-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/users/run b/e2e-tests/users/run index bb61bd132c..7e80170afc 100755 --- a/e2e-tests/users/run +++ b/e2e-tests/users/run @@ -34,7 +34,13 @@ psmdb="some-name" wait_cluster_consistency $psmdb sleep 15 -user=$(getSecretData "some-users" "MONGODB_DATABASE_ADMIN_USER") +getUserData() { + local secretName=$1 + local dataKey=$2 + urlencode "$(getSecretData "$secretName" "$dataKey")" +} + +user=$(getUserData "some-users" "MONGODB_DATABASE_ADMIN_USER") check_mongo_auth "$user:$newpass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-2.$cluster.$namespace" @@ -44,7 +50,7 @@ patch_secret "some-users" "MONGODB_BACKUP_PASSWORD" "$newpassencrypted" sleep 25 wait_cluster_consistency $psmdb sleep 15 -user=$(getSecretData "some-users" "MONGODB_BACKUP_USER") +user=$(getUserData "some-users" "MONGODB_BACKUP_USER") check_mongo_auth "$user:$newpass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-2.$cluster.$namespace" @@ -56,7 +62,7 @@ sleep 25 wait_cluster_consistency $psmdb sleep 15 -user=$(getSecretData "some-users" "MONGODB_BACKUP_USER") +user=$(getUserData "some-users" "MONGODB_BACKUP_USER") check_mongo_auth "$user:$newpass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-2.$cluster.$namespace" @@ -70,7 +76,7 @@ patch_secret "some-users" "MONGODB_USER_ADMIN_PASSWORD" "$newpassencrypted" sleep 25 wait_cluster_consistency $psmdb sleep 15 -user=$(getSecretData "some-users" "MONGODB_USER_ADMIN_USER") +user=$(getUserData "some-users" "MONGODB_USER_ADMIN_USER") check_mongo_auth "$user:$newpass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-2.$cluster.$namespace" @@ -81,7 +87,7 @@ patch_secret "some-users" "MONGODB_USER_ADMIN_USER" "$newnameencrypted" sleep 25 wait_cluster_consistency $psmdb sleep 15 -user=$(getSecretData "some-users" "MONGODB_USER_ADMIN_USER") +user=$(getUserData "some-users" "MONGODB_USER_ADMIN_USER") check_mongo_auth "$user:$newpass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-2.$cluster.$namespace" @@ -91,7 +97,7 @@ patch_secret "some-users" "MONGODB_CLUSTER_ADMIN_PASSWORD" "$newpassencrypted" sleep 25 wait_cluster_consistency $psmdb sleep 15 -user=$(getSecretData "some-users" "MONGODB_CLUSTER_ADMIN_USER") +user=$(getUserData "some-users" "MONGODB_CLUSTER_ADMIN_USER") check_mongo_auth "$user:$newpass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-2.$cluster.$namespace" @@ -101,7 +107,7 @@ patch_secret "some-users" "MONGODB_CLUSTER_MONITOR_PASSWORD" "$newpassencrypted" sleep 25 wait_cluster_consistency $psmdb sleep 15 -user=$(getSecretData "some-users" "MONGODB_CLUSTER_MONITOR_USER") +user=$(getUserData "some-users" "MONGODB_CLUSTER_MONITOR_USER") check_mongo_auth "$user:$newpass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-2.$cluster.$namespace" @@ -111,8 +117,8 @@ kubectl_bin delete secret some-users sleep 35 wait_cluster_consistency $psmdb sleep 15 -user=$(getSecretData "some-users" "MONGODB_USER_ADMIN_USER") -pass=$(getSecretData "some-users" "MONGODB_USER_ADMIN_PASSWORD") +user=$(getUserData "some-users" "MONGODB_USER_ADMIN_USER") +pass=$(getUserData "some-users" "MONGODB_USER_ADMIN_PASSWORD") check_mongo_auth "$user:$pass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-2.$cluster.$namespace" @@ -122,8 +128,8 @@ kubectl_bin apply -f "${conf_dir}/secrets.yml" sleep 35 wait_cluster_consistency $psmdb sleep 15 -user=$(getSecretData "some-users" "MONGODB_USER_ADMIN_USER") -pass=$(getSecretData "some-users" "MONGODB_USER_ADMIN_PASSWORD") +user=$(getUserData "some-users" "MONGODB_USER_ADMIN_USER") +pass=$(getUserData "some-users" "MONGODB_USER_ADMIN_PASSWORD") check_mongo_auth "$user:$pass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-2.$cluster.$namespace" @@ -133,8 +139,8 @@ patch_secret "some-users" "MONGODB_CLUSTER_MONITOR_USER" "$(echo -n "$newmonitor sleep 35 wait_cluster_consistency $psmdb sleep 15 -user=$(getSecretData "some-users" "MONGODB_CLUSTER_MONITOR_USER") -pass=$(getSecretData "some-users" "MONGODB_CLUSTER_MONITOR_PASSWORD") +user=$(getUserData "some-users" "MONGODB_CLUSTER_MONITOR_USER") +pass=$(getUserData "some-users" "MONGODB_CLUSTER_MONITOR_PASSWORD") check_mongo_auth "$user:$pass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-2.$cluster.$namespace" @@ -142,8 +148,8 @@ check_mongo_auth "$user:$pass@$cluster-2.$cluster.$namespace" desc 'secret without userAdmin' kubectl_bin apply -f "${test_dir}/conf/secrets.yml" sleep 25 -user=$(getSecretData "some-users" "MONGODB_USER_ADMIN_USER") -pass=$(getSecretData "some-users" "MONGODB_USER_ADMIN_PASSWORD") +user=$(getUserData "some-users" "MONGODB_USER_ADMIN_USER") +pass=$(getUserData "some-users" "MONGODB_USER_ADMIN_PASSWORD") check_mongo_auth "$user:$pass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-2.$cluster.$namespace" diff --git a/pkg/controller/perconaservermongodb/users.go b/pkg/controller/perconaservermongodb/users.go index c4ea9006ac..f713b42b53 100644 --- a/pkg/controller/perconaservermongodb/users.go +++ b/pkg/controller/perconaservermongodb/users.go @@ -6,6 +6,7 @@ import ( "crypto/sha256" "encoding/json" "fmt" + "net/url" "github.com/pkg/errors" "golang.org/x/sync/errgroup" @@ -22,6 +23,14 @@ import ( "github.com/percona/percona-server-mongodb-operator/pkg/psmdb/mongo" ) +func getInternalSecretData(secret *corev1.Secret) map[string][]byte { + m := secret.DeepCopy().Data + for k, v := range secret.Data { + m[k+"_ESCAPED"] = []byte(url.QueryEscape(string(v))) + } + return m +} + func (r *ReconcilePerconaServerMongoDB) reconcileUsers(ctx context.Context, cr *api.PerconaServerMongoDB, repls []*api.ReplsetSpec) error { log := logf.FromContext(ctx) @@ -68,6 +77,9 @@ func (r *ReconcilePerconaServerMongoDB) reconcileUsers(ctx context.Context, cr * if cr.CompareVersion("1.17.0") < 0 { internalSysUsersSecret.Labels = nil } + if cr.CompareVersion("1.18.0") >= 0 { + internalSysUsersSecret.Data = getInternalSecretData(&sysUsersSecretObj) + } err = r.client.Create(ctx, internalSysUsersSecret) if err != nil { return errors.Wrap(err, "create internal sys users secret") @@ -80,13 +92,7 @@ func (r *ReconcilePerconaServerMongoDB) reconcileUsers(ctx context.Context, cr * return nil } - newSysData, err := json.Marshal(sysUsersSecretObj.Data) - if err != nil { - return errors.Wrap(err, "marshal sys secret data") - } - - newSecretDataHash := sha256Hash(newSysData) - dataChanged, err := sysUsersSecretDataChanged(newSecretDataHash, &internalSysSecretObj) + dataChanged, err := sysUsersSecretDataChanged(&sysUsersSecretObj, &internalSysSecretObj) if err != nil { return errors.Wrap(err, "check sys users data changes") } @@ -134,7 +140,7 @@ func (r *ReconcilePerconaServerMongoDB) reconcileUsers(ctx context.Context, cr * } } - internalSysSecretObj.Data = sysUsersSecretObj.Data + internalSysSecretObj.Data = getInternalSecretData(&sysUsersSecretObj) err = r.client.Update(ctx, &internalSysSecretObj) if err != nil { return errors.Wrap(err, "update internal sys users secret") @@ -341,12 +347,19 @@ func (u *systemUser) updateMongo(ctx context.Context, c mongo.Client) error { return errors.Wrapf(err, "update user %s -> %s", u.currName, u.name) } -func sysUsersSecretDataChanged(newHash string, usersSecret *corev1.Secret) (bool, error) { - secretData, err := json.Marshal(usersSecret.Data) +func sysUsersSecretDataChanged(usersSecret *corev1.Secret, internalSecret *corev1.Secret) (bool, error) { + newData := getInternalSecretData(usersSecret) + newDataJSON, err := json.Marshal(newData) + if err != nil { + return false, err + } + newHash := sha256Hash(newDataJSON) + + oldDataJSON, err := json.Marshal(internalSecret.Data) if err != nil { return false, err } - oldHash := sha256Hash(secretData) + oldHash := sha256Hash(oldDataJSON) return oldHash != newHash, nil } diff --git a/pkg/psmdb/statefulset.go b/pkg/psmdb/statefulset.go index 2c9df7c502..83d945f11d 100644 --- a/pkg/psmdb/statefulset.go +++ b/pkg/psmdb/statefulset.go @@ -336,7 +336,7 @@ func backupAgentContainer(cr *api.PerconaServerMongoDB, replsetName string, tlsE Name: "PBM_AGENT_MONGODB_USERNAME", ValueFrom: &corev1.EnvVarSource{ SecretKeyRef: &corev1.SecretKeySelector{ - Key: "MONGODB_BACKUP_USER", + Key: "MONGODB_BACKUP_USER_ESCAPED", LocalObjectReference: corev1.LocalObjectReference{ Name: usersSecretName, }, @@ -348,7 +348,7 @@ func backupAgentContainer(cr *api.PerconaServerMongoDB, replsetName string, tlsE Name: "PBM_AGENT_MONGODB_PASSWORD", ValueFrom: &corev1.EnvVarSource{ SecretKeyRef: &corev1.SecretKeySelector{ - Key: "MONGODB_BACKUP_PASSWORD", + Key: "MONGODB_BACKUP_PASSWORD_ESCAPED", LocalObjectReference: corev1.LocalObjectReference{ Name: usersSecretName, }, @@ -368,6 +368,10 @@ func backupAgentContainer(cr *api.PerconaServerMongoDB, replsetName string, tlsE SecurityContext: cr.Spec.Backup.ContainerSecurityContext, Resources: cr.Spec.Backup.Resources, } + if cr.CompareVersion("1.18.0") < 0 { + c.Env[0].ValueFrom.SecretKeyRef.Key = "MONGODB_BACKUP_USER" + c.Env[1].ValueFrom.SecretKeyRef.Key = "MONGODB_BACKUP_PASSWORD" + } if cr.CompareVersion("1.13.0") >= 0 { c.Command = []string{BinMountPath + "/pbm-entry.sh"} From 179d17f854fd6412fcdfed566517aa88147885f7 Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Tue, 19 Nov 2024 14:58:36 +0200 Subject: [PATCH 02/13] fix users test --- e2e-tests/users/conf/secrets.yml | 4 ++-- e2e-tests/users/run | 11 ++++++----- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/e2e-tests/users/conf/secrets.yml b/e2e-tests/users/conf/secrets.yml index 0afab1b238..ebc5399bfb 100644 --- a/e2e-tests/users/conf/secrets.yml +++ b/e2e-tests/users/conf/secrets.yml @@ -4,8 +4,8 @@ metadata: name: some-users type: Opaque data: - MONGODB_BACKUP_USER: YmFja3Vw - MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2 + MONGODB_BACKUP_USER: YmFja3VwJCMl + MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2Iw== MONGODB_CLUSTER_ADMIN_USER: Y2x1c3RlckFkbWlu MONGODB_CLUSTER_ADMIN_PASSWORD: Y2x1c3RlckFkbWluMTIzNDU2 MONGODB_CLUSTER_MONITOR_USER: Y2x1c3Rlck1vbml0b3I= diff --git a/e2e-tests/users/run b/e2e-tests/users/run index 7e80170afc..d3c15be80a 100755 --- a/e2e-tests/users/run +++ b/e2e-tests/users/run @@ -2,14 +2,14 @@ set -o errexit -test_dir=$(realpath $(dirname $0)) -. ${test_dir}/../functions +test_dir=$(realpath "$(dirname "$0")") +. "${test_dir}/../functions" set_debug newpass="test-password" newpassencrypted=$(echo -n "$newpass" | base64) -create_infra $namespace +create_infra "$namespace" deploy_minio @@ -20,7 +20,7 @@ kubectl_bin apply -f "${conf_dir}/client.yml" \ cluster="some-name-rs0" desc "create first PSMDB cluster $cluster" -apply_cluster $test_dir/conf/$cluster.yml +apply_cluster "$test_dir/conf/$cluster.yml" desc 'Check if all 3 Pods started' wait_for_running $cluster 3 @@ -134,6 +134,7 @@ check_mongo_auth "$user:$pass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-2.$cluster.$namespace" +newmonitorusername="newmonitorusername" desc 'update monitor user username' patch_secret "some-users" "MONGODB_CLUSTER_MONITOR_USER" "$(echo -n "$newmonitorusername" | base64)" sleep 35 @@ -154,6 +155,6 @@ check_mongo_auth "$user:$pass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-2.$cluster.$namespace" -destroy $namespace +destroy "$namespace" desc 'test passed' From 1a5bdf3b654f2074ffca0919ce09370101ee518d Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Tue, 19 Nov 2024 18:31:37 +0200 Subject: [PATCH 03/13] fix unit-tests --- .../testdata/reconcile-statefulset/cfg-arbiter.yaml | 4 ++-- .../testdata/reconcile-statefulset/cfg-mongod.yaml | 4 ++-- .../testdata/reconcile-statefulset/cfg-nv.yaml | 4 ++-- .../testdata/reconcile-statefulset/rs0-mongod.yaml | 4 ++-- .../testdata/reconcile-statefulset/rs0-nv.yaml | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-arbiter.yaml b/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-arbiter.yaml index 87d5e275a1..60c68d24a3 100644 --- a/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-arbiter.yaml +++ b/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-arbiter.yaml @@ -158,13 +158,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-reconcile-statefulset-cr-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-reconcile-statefulset-cr-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-mongod.yaml b/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-mongod.yaml index 87d5e275a1..60c68d24a3 100644 --- a/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-mongod.yaml +++ b/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-mongod.yaml @@ -158,13 +158,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-reconcile-statefulset-cr-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-reconcile-statefulset-cr-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-nv.yaml b/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-nv.yaml index 87d5e275a1..60c68d24a3 100644 --- a/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-nv.yaml +++ b/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/cfg-nv.yaml @@ -158,13 +158,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-reconcile-statefulset-cr-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-reconcile-statefulset-cr-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-mongod.yaml b/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-mongod.yaml index 5822610e51..910717fd8c 100644 --- a/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-mongod.yaml +++ b/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-mongod.yaml @@ -158,13 +158,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-reconcile-statefulset-cr-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-reconcile-statefulset-cr-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-nv.yaml b/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-nv.yaml index 9c884dfb84..fab7d6e615 100644 --- a/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-nv.yaml +++ b/pkg/controller/perconaservermongodb/testdata/reconcile-statefulset/rs0-nv.yaml @@ -157,13 +157,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-reconcile-statefulset-cr-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-reconcile-statefulset-cr-users optional: false - name: PBM_MONGODB_REPLSET From 8b7e13cb01ea9896ebed88ebc9ef6febb5a91103 Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Wed, 20 Nov 2024 16:05:48 +0200 Subject: [PATCH 04/13] fix tests --- ...ulset_some-name-rs0_restore_sharded-oc.yml | 6 +++-- ...tefulset_some-name-rs0_restore_sharded.yml | 6 +++-- ...et_some-name-rs0_restore-arbiter-nv-oc.yml | 6 +++-- ...ulset_some-name-rs0_restore-arbiter-nv.yml | 6 +++-- .../statefulset_some-name-rs0_restore-oc.yml | 6 +++-- .../statefulset_some-name-rs0_restore.yml | 6 +++-- .../perconaservermongodbrestore/physical.go | 25 +++++++++++++++---- 7 files changed, 44 insertions(+), 17 deletions(-) diff --git a/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded-oc.yml b/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded-oc.yml index 5431ad1471..51f828c6d0 100644 --- a/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded-oc.yml +++ b/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded-oc.yml @@ -72,12 +72,14 @@ spec: valueFrom: secretKeyRef: key: MONGODB_BACKUP_USER_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: key: MONGODB_BACKUP_PASSWORD_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: POD_NAME valueFrom: fieldRef: diff --git a/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded.yml b/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded.yml index 35aa9fd878..c0e5b709ef 100644 --- a/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded.yml +++ b/e2e-tests/demand-backup-physical-sharded/compare/statefulset_some-name-rs0_restore_sharded.yml @@ -72,12 +72,14 @@ spec: valueFrom: secretKeyRef: key: MONGODB_BACKUP_USER_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: key: MONGODB_BACKUP_PASSWORD_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: POD_NAME valueFrom: fieldRef: diff --git a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv-oc.yml b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv-oc.yml index 9fd417d0c1..7b0c84cc31 100644 --- a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv-oc.yml +++ b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv-oc.yml @@ -71,12 +71,14 @@ spec: valueFrom: secretKeyRef: key: MONGODB_BACKUP_USER_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: key: MONGODB_BACKUP_PASSWORD_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: POD_NAME valueFrom: fieldRef: diff --git a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv.yml b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv.yml index be01c45779..1e4b12c1dc 100644 --- a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv.yml +++ b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-arbiter-nv.yml @@ -71,12 +71,14 @@ spec: valueFrom: secretKeyRef: key: MONGODB_BACKUP_USER_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: key: MONGODB_BACKUP_PASSWORD_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: POD_NAME valueFrom: fieldRef: diff --git a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-oc.yml b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-oc.yml index 530110fb30..5e0ae393a5 100644 --- a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-oc.yml +++ b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore-oc.yml @@ -71,12 +71,14 @@ spec: valueFrom: secretKeyRef: key: MONGODB_BACKUP_USER_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: key: MONGODB_BACKUP_PASSWORD_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: POD_NAME valueFrom: fieldRef: diff --git a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore.yml b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore.yml index 6d7310f9a4..3b082946a8 100644 --- a/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore.yml +++ b/e2e-tests/demand-backup-physical/compare/statefulset_some-name-rs0_restore.yml @@ -71,12 +71,14 @@ spec: valueFrom: secretKeyRef: key: MONGODB_BACKUP_USER_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: key: MONGODB_BACKUP_PASSWORD_ESCAPED - name: some-users + name: internal-some-name-users + optional: false - name: POD_NAME valueFrom: fieldRef: diff --git a/pkg/controller/perconaservermongodbrestore/physical.go b/pkg/controller/perconaservermongodbrestore/physical.go index ac8ef3d443..0a1cc4e8bd 100644 --- a/pkg/controller/perconaservermongodbrestore/physical.go +++ b/pkg/controller/perconaservermongodbrestore/physical.go @@ -22,6 +22,7 @@ import ( "github.com/percona/percona-backup-mongodb/pbm/defs" + api "github.com/percona/percona-server-mongodb-operator/pkg/apis/psmdb/v1" psmdbv1 "github.com/percona/percona-server-mongodb-operator/pkg/apis/psmdb/v1" "github.com/percona/percona-server-mongodb-operator/pkg/naming" "github.com/percona/percona-server-mongodb-operator/pkg/psmdb" @@ -398,15 +399,18 @@ func (r *ReconcilePerconaServerMongoDBRestore) updateStatefulSetForPhysicalResto }) sts.Spec.Template.Spec.Containers[0].VolumeMounts = append(sts.Spec.Template.Spec.Containers[0].VolumeMounts, cluster.Spec.Backup.VolumeMounts...) sts.Spec.Template.Spec.Containers[0].Command = []string{"/opt/percona/physical-restore-ps-entry.sh"} - sts.Spec.Template.Spec.Containers[0].Env = append(sts.Spec.Template.Spec.Containers[0].Env, []corev1.EnvVar{ + + f := false + pbmEnvVars := []corev1.EnvVar{ { Name: "PBM_AGENT_MONGODB_USERNAME", ValueFrom: &corev1.EnvVarSource{ SecretKeyRef: &corev1.SecretKeySelector{ - Key: "MONGODB_BACKUP_USER", + Key: "MONGODB_BACKUP_USER_ESCAPED", LocalObjectReference: corev1.LocalObjectReference{ - Name: cluster.Spec.Secrets.Users, + Name: api.UserSecretName(cluster), }, + Optional: &f, }, }, }, @@ -414,13 +418,24 @@ func (r *ReconcilePerconaServerMongoDBRestore) updateStatefulSetForPhysicalResto Name: "PBM_AGENT_MONGODB_PASSWORD", ValueFrom: &corev1.EnvVarSource{ SecretKeyRef: &corev1.SecretKeySelector{ - Key: "MONGODB_BACKUP_PASSWORD", + Key: "MONGODB_BACKUP_PASSWORD_ESCAPED", LocalObjectReference: corev1.LocalObjectReference{ - Name: cluster.Spec.Secrets.Users, + Name: api.UserSecretName(cluster), }, + Optional: &f, }, }, }, + } + if cluster.CompareVersion("1.18.0") < 0 { + for i, v := range pbmEnvVars { + pbmEnvVars[i].ValueFrom.SecretKeyRef.Key = strings.TrimSuffix(v.ValueFrom.SecretKeyRef.Key, "_ESCAPED") + pbmEnvVars[i].ValueFrom.SecretKeyRef.LocalObjectReference.Name = cluster.Spec.Secrets.Users + pbmEnvVars[i].ValueFrom.SecretKeyRef.Optional = nil + } + } + sts.Spec.Template.Spec.Containers[0].Env = append(sts.Spec.Template.Spec.Containers[0].Env, pbmEnvVars...) + sts.Spec.Template.Spec.Containers[0].Env = append(sts.Spec.Template.Spec.Containers[0].Env, []corev1.EnvVar{ { Name: "POD_NAME", ValueFrom: &corev1.EnvVarSource{ From 7ba8bd3c0a57c7d94f774dd27e6b609b91eafff5 Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Thu, 21 Nov 2024 14:18:59 +0200 Subject: [PATCH 05/13] fix tests --- e2e-tests/conf/secrets.yml | 4 +-- e2e-tests/conf/secrets_with_tls.yml | 4 +-- .../demand-backup-fs/conf/some-name.yaml | 1 - .../demand-backup-physical/conf/secrets.yml | 16 +++++++++ e2e-tests/demand-backup-physical/run | 18 +++++----- e2e-tests/demand-backup/conf/secrets.yml | 16 +++++++++ e2e-tests/demand-backup/run | 2 +- e2e-tests/functions | 10 ++++-- .../init-deploy/conf/secrets_with_tls.yml | 36 +++++++++++++++++++ e2e-tests/init-deploy/run | 27 ++++++++++---- .../conf/some-name-overridden.yml | 1 - .../conf/some-name-override-priority.yml | 1 - .../replset-overrides/conf/some-name.yml | 1 - e2e-tests/users/run | 8 +---- pkg/controller/perconaservermongodb/users.go | 2 +- .../perconaservermongodbrestore/physical.go | 2 +- pkg/psmdb/statefulset.go | 2 +- 17 files changed, 115 insertions(+), 36 deletions(-) create mode 100644 e2e-tests/demand-backup-physical/conf/secrets.yml create mode 100644 e2e-tests/demand-backup/conf/secrets.yml create mode 100644 e2e-tests/init-deploy/conf/secrets_with_tls.yml diff --git a/e2e-tests/conf/secrets.yml b/e2e-tests/conf/secrets.yml index df4f20924b..47ae5012ff 100644 --- a/e2e-tests/conf/secrets.yml +++ b/e2e-tests/conf/secrets.yml @@ -4,8 +4,8 @@ metadata: name: some-users type: Opaque data: - MONGODB_BACKUP_USER: YmFja3VwJCMl - MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2Iw== + MONGODB_BACKUP_USER: YmFja3Vw + MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2 MONGODB_DATABASE_ADMIN_USER: ZGF0YWJhc2VBZG1pbg== MONGODB_DATABASE_ADMIN_PASSWORD: ZGF0YWJhc2VBZG1pbjEyMzQ1Ng== MONGODB_USER_ADMIN_USER: dXNlckFkbWlu diff --git a/e2e-tests/conf/secrets_with_tls.yml b/e2e-tests/conf/secrets_with_tls.yml index 51e33e9747..773fe60249 100644 --- a/e2e-tests/conf/secrets_with_tls.yml +++ b/e2e-tests/conf/secrets_with_tls.yml @@ -4,8 +4,8 @@ metadata: name: some-users type: Opaque data: - MONGODB_BACKUP_USER: YmFja3VwJCMl - MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2Iw== + MONGODB_BACKUP_USER: YmFja3Vw + MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2 MONGODB_DATABASE_ADMIN_USER: ZGF0YWJhc2VBZG1pbg== MONGODB_DATABASE_ADMIN_PASSWORD: ZGF0YWJhc2VBZG1pbjEyMzQ1Ng== MONGODB_USER_ADMIN_USER: dXNlckFkbWlu diff --git a/e2e-tests/demand-backup-fs/conf/some-name.yaml b/e2e-tests/demand-backup-fs/conf/some-name.yaml index a418cec330..70c81f3cf9 100644 --- a/e2e-tests/demand-backup-fs/conf/some-name.yaml +++ b/e2e-tests/demand-backup-fs/conf/some-name.yaml @@ -22,7 +22,6 @@ spec: volumeMounts: - mountPath: /mnt/nfs/ name: backup-nfs - crVersion: 1.18.0 image: perconalab/percona-server-mongodb-operator:main-mongod7.0 imagePullPolicy: Always pmm: diff --git a/e2e-tests/demand-backup-physical/conf/secrets.yml b/e2e-tests/demand-backup-physical/conf/secrets.yml new file mode 100644 index 0000000000..df4f20924b --- /dev/null +++ b/e2e-tests/demand-backup-physical/conf/secrets.yml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Secret +metadata: + name: some-users +type: Opaque +data: + MONGODB_BACKUP_USER: YmFja3VwJCMl + MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2Iw== + MONGODB_DATABASE_ADMIN_USER: ZGF0YWJhc2VBZG1pbg== + MONGODB_DATABASE_ADMIN_PASSWORD: ZGF0YWJhc2VBZG1pbjEyMzQ1Ng== + MONGODB_USER_ADMIN_USER: dXNlckFkbWlu + MONGODB_USER_ADMIN_PASSWORD: dXNlckFkbWluMTIzNDU2 + MONGODB_CLUSTER_ADMIN_USER: Y2x1c3RlckFkbWlu + MONGODB_CLUSTER_ADMIN_PASSWORD: Y2x1c3RlckFkbWluMTIzNDU2 + MONGODB_CLUSTER_MONITOR_USER: Y2x1c3Rlck1vbml0b3I= + MONGODB_CLUSTER_MONITOR_PASSWORD: Y2x1c3Rlck1vbml0b3IxMjM0NTY= diff --git a/e2e-tests/demand-backup-physical/run b/e2e-tests/demand-backup-physical/run index 2c1a1cbedc..e7142b85a0 100755 --- a/e2e-tests/demand-backup-physical/run +++ b/e2e-tests/demand-backup-physical/run @@ -10,19 +10,19 @@ run_backup() { local storage=$1 local backup_name=$2 - cat $test_dir/conf/backup.yml | - $sed -e "s/name:/name: ${backup_name}/" | - $sed -e "s/storageName:/storageName: ${storage}/" | - kubectl_bin apply -f - + cat $test_dir/conf/backup.yml \ + | $sed -e "s/name:/name: ${backup_name}/" \ + | $sed -e "s/storageName:/storageName: ${storage}/" \ + | kubectl_bin apply -f - } run_restore() { local backup_name=$1 - cat $test_dir/conf/restore.yml | - $sed -e "s/name:/name: restore-${backup_name}/" | - $sed -e "s/backupName:/backupName: ${backup_name}/" | - kubectl_bin apply -f - + cat $test_dir/conf/restore.yml \ + | $sed -e "s/name:/name: restore-${backup_name}/" \ + | $sed -e "s/backupName:/backupName: ${backup_name}/" \ + | kubectl_bin apply -f - } run_recovery_check() { @@ -60,7 +60,7 @@ desc 'Testing on not sharded cluster' echo "Creating PSMDB cluster" cluster="some-name" -kubectl_bin apply -f "${conf_dir}/secrets.yml" +kubectl_bin apply -f "${test_dir}/conf/${secrets}.yml" apply_cluster "${test_dir}/conf/${cluster}.yml" kubectl_bin apply -f "${conf_dir}/client_with_tls.yml" diff --git a/e2e-tests/demand-backup/conf/secrets.yml b/e2e-tests/demand-backup/conf/secrets.yml new file mode 100644 index 0000000000..df4f20924b --- /dev/null +++ b/e2e-tests/demand-backup/conf/secrets.yml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Secret +metadata: + name: some-users +type: Opaque +data: + MONGODB_BACKUP_USER: YmFja3VwJCMl + MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2Iw== + MONGODB_DATABASE_ADMIN_USER: ZGF0YWJhc2VBZG1pbg== + MONGODB_DATABASE_ADMIN_PASSWORD: ZGF0YWJhc2VBZG1pbjEyMzQ1Ng== + MONGODB_USER_ADMIN_USER: dXNlckFkbWlu + MONGODB_USER_ADMIN_PASSWORD: dXNlckFkbWluMTIzNDU2 + MONGODB_CLUSTER_ADMIN_USER: Y2x1c3RlckFkbWlu + MONGODB_CLUSTER_ADMIN_PASSWORD: Y2x1c3RlckFkbWluMTIzNDU2 + MONGODB_CLUSTER_MONITOR_USER: Y2x1c3Rlck1vbml0b3I= + MONGODB_CLUSTER_MONITOR_PASSWORD: Y2x1c3Rlck1vbml0b3IxMjM0NTY= diff --git a/e2e-tests/demand-backup/run b/e2e-tests/demand-backup/run index 4c8e810e89..82d852eace 100755 --- a/e2e-tests/demand-backup/run +++ b/e2e-tests/demand-backup/run @@ -119,7 +119,7 @@ deploy_minio desc 'create secrets and start client' cluster="some-name-rs0" kubectl_bin apply \ - -f "$conf_dir/secrets.yml" \ + -f "$test_dir/conf/secrets.yml" \ -f "$conf_dir/client.yml" apply_s3_storage_secrets diff --git a/e2e-tests/functions b/e2e-tests/functions index b01d0206cc..c540035679 100755 --- a/e2e-tests/functions +++ b/e2e-tests/functions @@ -868,7 +868,7 @@ get_mongo_primary() { compare_mongo_user() { local uri="$1" - local user=$(echo $uri | cut -d : -f 1) + local user="$2" local expected_result=${test_dir}/compare/$user.json if [[ $IMAGE_MONGOD =~ 4\.0 ]] && [ -f ${test_dir}/compare/$user-40.json ]; then @@ -1607,7 +1607,13 @@ wait_for_cluster_state() { echo } -function urlencode { +urlencode() { uri="$1" echo -n "$uri" | jq -s -R -r @uri } + +getUserData() { + local secretName=$1 + local dataKey=$2 + urlencode "$(getSecretData "$secretName" "$dataKey")" +} diff --git a/e2e-tests/init-deploy/conf/secrets_with_tls.yml b/e2e-tests/init-deploy/conf/secrets_with_tls.yml new file mode 100644 index 0000000000..d7d08c2d21 --- /dev/null +++ b/e2e-tests/init-deploy/conf/secrets_with_tls.yml @@ -0,0 +1,36 @@ +apiVersion: v1 +kind: Secret +metadata: + name: some-users +type: Opaque +data: + MONGODB_BACKUP_USER: YmFja3Vw + MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2Iw== + MONGODB_DATABASE_ADMIN_USER: ZGF0YWJhc2VBZG1pbg== + MONGODB_DATABASE_ADMIN_PASSWORD: ZGF0YWJhc2VBZG1pbjEyMzQ1Ng== + MONGODB_USER_ADMIN_USER: dXNlckFkbWlu + MONGODB_USER_ADMIN_PASSWORD: dXNlckFkbWluMTIzNDU2 + MONGODB_CLUSTER_ADMIN_USER: Y2x1c3RlckFkbWlu + MONGODB_CLUSTER_ADMIN_PASSWORD: Y2x1c3RlckFkbWluMTIzNDU2 + MONGODB_CLUSTER_MONITOR_USER: Y2x1c3Rlck1vbml0b3I= + MONGODB_CLUSTER_MONITOR_PASSWORD: Y2x1c3Rlck1vbml0b3IxMjM0NTY= +--- +apiVersion: v1 +kind: Secret +metadata: + name: some-name-ssl +type: kubernetes.io/tls +data: + ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvVENDQWVXZ0F3SUJBZ0lSQUpsRVBzREdoeTBFZjJ0d0dJeFZ3ejh3RFFZSktvWklodmNOQVFFTEJRQXcKRWpFUU1BNEdBMVVFQ2hNSFVtOXZkQ0JEUVRBZ0Z3MHhPVEEyTWpBeE9URXlNemhhR0E4NU9UazVNVEl6TVRJegpOVGsxT1Zvd0VqRVFNQTRHQTFVRUNoTUhVbTl2ZENCRFFUQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQCkFEQ0NBUW9DZ2dFQkFPYmdsZ0tkOGw2OWl0c2NFeGVzcDRFQWk5emxqcldKOGhrQkxvQWh1ZXhadnVOUlJ6bmoKUVl3NXN2MW5QVWtmdFlWbnpsV0YxWEs0cEkxdUZ2aHIzOUpjdnhkUkltL1ozMGtlVVFzODBoZVZLeVZtRmdkagoyMlRRMTFhRHNQL1RwUUZqVGlJaHlaejJDVldKSlZVVFcvUXkxaGdwNm1ZZEZxZ3QzaVJwZEh1alZIV1JTbmlTCmtMY0xOMHdpS3c4b3ZGZlkyWVViTStLVzVhbW53M0k4cDJJUHdBejlBWSt6c2toY1FhUXZLZ2FrVGgwb1EzMEQKRGVvVTJrT3pMQ1hGSSttSW8vVVNUemYzcmpPbGFRRUdTT01aVVBSVnc2U2FuZ01SY05pVEcvV3ZtajhYR3JERApWQloreEZ6SFlQcHhqNlJsdkFQeW9FNE9EV2U4NVU0ZFVaTUNBd0VBQWFOTU1Fb3dEZ1lEVlIwUEFRSC9CQVFECkFnSWtNQ2NHQTFVZEpRUWdNQjRHQ0NzR0FRVUZCd01CQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdNd0R3WUQKVlIwVEFRSC9CQVV3QXdFQi96QU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUFKWWNUS09XdWJoTmlLQ0RTaU5vUwpvU0tOQ2RJTmZwL01hTDA5V3pocXJBN1I2OUdFSEswL3AvN2VicEF4bHpSeXFEZ3FuRTM1RmVnRVlKVnZrd0lwCnJXREtvenhkK2UyVnlEZUVrNU1KeElNZlJDVkFBKzI0Ny9UZHVsWTBOblFKdWhvbEZrRlNGdTYxNnZWMEU5MGsKOHNIMGYvZThxRHZpTnFPcTU0KzhxaFQvVFBGVjNZc1dGdWgyZ051dHZhdjh3cFJra3RhemJhMEQ5QW42RkZQcQpiQmZVd2VheWVtalRpMU16aXRPWGk5dy9iSXNCRGpzVk11SHpNSW12VWp1RThleWpwR0g5Sm5raTY0VjNDeG5LCm9ETnVoQi9NOEtOcWloNlBNRXdQbkJUcVRCNHFzZWZ5bDZrdGdhV29GUVlIVjE3bksyWlBnRGsrb2ZLbHlLWSsKclE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURJVENDQWdtZ0F3SUJBZ0lRTlVKL2h3YVRXT3Z5UzhtV0xwbmdOekFOQmdrcWhraUc5dzBCQVFzRkFEQVMKTVJBd0RnWURWUVFLRXdkU2IyOTBJRU5CTUNBWERURTVNRFl5TURFNU1USXpPRm9ZRHprNU9Ua3hNak14TWpNMQpPVFU1V2pBT01Rd3dDZ1lEVlFRS0V3TlFXRU13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUNkakF6VWZYb2ovMnRkNHBITjNFMUtJQU90UmZOd2NRclZQTkxxalovZGNYelVTKyt4Si9IWEdXMGcKcW9ORSt0aVZCZ0xZd2YyckFXS1hjR3hMNkFNZG1yclJCNXp4a0gxb1RHVUpOY2FnTGNoY1JVelRraXlZUE5vSApVcjcyWmtrUjcyWTUxbm5oRnpGenFZYWRpNWFudjZJempwVnlHK3BFU1NSNWpuNUFFNFE5Rnd4eExqMm9rT2ZGCmRKQkc3YTBSbXZNdmk3ZHhsKzVzZXBMWU16bWxRYUw4SXV4T281UTVZSW5SWmc1Z2lwWGhyZzVCRG1XT2ZHNlQKUDI5NzBRVzVtaHE3L1ZSajgrT21yeXZNKzdMOUZNWUFtQk9QWmdNcFVCKzRSRmJ0UHVMMnltcXhYWVQ2MlZHbgo3RS81bURkbEtXcEFmNy9MUDhQOFBxZ2Z5L29OQWdNQkFBR2pkVEJ6TUE0R0ExVWREd0VCL3dRRUF3SUZvREFkCkJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjREFRWUlLd1lCQlFVSEF3SXdEQVlEVlIwVEFRSC9CQUl3QURBMEJnTlYKSFJFRUxUQXJnZ2xzYjJOaGJHaHZjM1NDRFhOdmJXVXRibUZ0WlMxeWN6Q0NEeW91YzI5dFpTMXVZVzFsTFhKegpNREFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBQWZTY1pSVlNRLzM5cVBFNDZvNVd0VWd6dkMzZXJDQW9ILzB3CjhCZE9wc3B2LzFlNkJoeTdaSXVPQWYvNWVwV1F5MkQ0MjZVTk00OEZQejcwelhlRUp2ejd0alNjaTFSdk14cFIKMVdxZnlqdGpGM1JOYVpONFExS1FnV2tCL2EwVVNXWTIwY1JOcEZPWFVPRTg2YjF0MTMwNmFsZ1l2RWFoNXNmcwprTlNnVU0ycnFjdU1sS0V3Qk5tU3BhUncxaGdvTDFTNG01cEpOeWJDM0pSNlgzY2RhZkFHTm1lS1I2S3Yvd3N5CnpVbXBWVWdhQWlWYmdMSmtIMVgwdW9XYUo5SG9vcFhObUxqZWVFc1psUjBLTDcvT3I4TDBJd2gvUTEzQVpWTGYKbTlVejhsM3ArVFJYV0VtUmtWYTU5eWxtaWk3ZHRsNWJUYzh4dDFmS1ViaGhibXdIUlE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFb2dJQkFBS0NBUUVBbll3TTFIMTZJLzlyWGVLUnpkeE5TaUFEclVYemNIRUsxVHpTNm8yZjNYRjgxRXZ2CnNTZngxeGx0SUtxRFJQcllsUVlDMk1IOXF3RmlsM0JzUytnREhacTYwUWVjOFpCOWFFeGxDVFhHb0MzSVhFVk0KMDVJc21EemFCMUsrOW1aSkVlOW1PZFo1NFJjeGM2bUduWXVXcDcraU00NlZjaHZxUkVra2VZNStRQk9FUFJjTQpjUzQ5cUpEbnhYU1FSdTJ0RVpyekw0dTNjWmZ1YkhxUzJETTVwVUdpL0NMc1RxT1VPV0NKMFdZT1lJcVY0YTRPClFRNWxqbnh1a3o5dmU5RUZ1Wm9hdS8xVVkvUGpwcThyelB1eS9SVEdBSmdUajJZREtWQWZ1RVJXN1Q3aTlzcHEKc1YyRSt0bFJwK3hQK1pnM1pTbHFRSCsveXovRC9ENm9IOHY2RFFJREFRQUJBb0lCQUV4ck8ybnl0MFV3eHJhUwppT0RQQkZwNUx1OWtaOUhaczBSOXJWMENkMUhsazRReWxVQmNQTTEyVXQydWQrQUV3UHVBSCs5ZUlacEtJTFdPClhhbHdEOXJUUzl6S2taRUc0aDJ1T0svLytxbUZxNU0rTmliRjE0Vzh0cEVvek9JZCtVR08yd29oQTV0d01aZUYKMm5zZTAyUG82MWVReU9MQnNaK1B6dlo3YkxmTlBNVDU0UllCM3k5aitiWEhnWEpWcGFZa2pZWmJTL0lYeFpmWgpJbmZiK2dQcG5mc0hXZ3VMK2dWZkpZVW03Tk5hOXRJNTZwd3ljUXFGUStDL0c5TEtlUGNLTFlGMEFGRFBYQUFICklRajhuMFFaTmRZWERlVG1HaTJIYTJjQm90WU5LbndaQnFKTExDZnRlZjlpLzdxUUFrWWFIYlFVTGJYZlVHeFoKV3JINmxxMENnWUVBenRLWWgra3dmaHRuajMydHc0WWZ0Q2ZSL1UzcG42bjcvZTFTRWxaR0ZRdW5YUmxUV1cyUAovMWEwcFJFY3RNTEY1TnBjc2pqZHlLTTVIN2JwK3lZcDJuQmczNnZBblNyU3h1WUxtUFErV0N0bFdxeUR6TDhWCmM5d2FCL21uZ3VJdGFKVk85Mm11OVdKMm9IQnJiTVB6MFBrNkRzUXkrRmdVeCtXL3R5WWZJZU1DZ1lFQXd3SUcKTUJJN0pzNWZ6Skd4dVJqSXNJcXRINk11eldITjJ1YS9WNURML1VjUndmaVRZRkNLRGVGbDBQeUZKdzZCWDgyeApJdWNDdlpjNThuZWxZSG40V0tjdm5HVnJOVWVreGlObXNSR3BaN3IrN1pPczZEcitmNEVmOUpDeGlzbGxMWHJICjdMbnFxbWM1YTdRYjd0VnRCUzMybHpLZGNNNWdpeU5ISmluUWQwOENnWUJONFJNNnFsNXVQaGVDK3NwQncvR1EKUHlaZGdjY2xMamNMYVIvc2M3dzBGSTFUQzBSTmVtb3N0aE9Uekp2SW5VY3pZOTVmNWZYdHBUalBibXN3L1MvcApaME96TmROejJ6by9WMFNxdGQzOENXdEM5NDh4dkFweDlFR0JHMHN1aDhpZGh3dVRNcUtGR0N5ZlFYWFNJUDlnCmcxaVBVdVgyaWdSWk9YUTFuUTlBRFFLQmdDRWhNT2Z0MFByUXlObTZUdFZCYnFiL2lGWDlwUy9qVTlQQ3EvTTIKZUZGNVIzMEt2QTc2MzlsbjE2SmZwRWQwWVdwalNackNZR2JSVUZqdkZydURQVHZpZTJZNG5MUWFqZFhUb2RpbgpSWDZIK0ZOb2FWR3k1QlhKWENKeWlwY25pL2JrQ3g4ZW5zMkFaL0x5VUdTTkFjNkZkb1ZOWmc0S0ljREJwNDdHClA5SmxBb0dBY1B4TVNERk1NQVdTREJMYkRMcm1ueXdRUmk5MFhDbUdteUtETjJFT3JYWTVPOGZ2TXVtQmw5SjIKSWNWT2ZGbDBsQ1dTYzVjOFRmb0hmcEorOGVodWxOVlRES3pSVDc0Q2ZEMmpIUTRsWEExbldkdE9NUmZ3d25RMwowendBU2d3NjdPS1h6ekZpRHdzbHY2dzN3WWJWYUtRdEJqdkZOZzVGRFJUclVKRnFJbWs9Ci0tLS0tRU5EIFJTQSBQUklWQVRFIEtFWS0tLS0tCg== +--- +apiVersion: v1 +kind: Secret +metadata: + name: some-name-ssl-internal +type: kubernetes.io/tls +data: + ca.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvRENDQWVTZ0F3SUJBZ0lRZUQzd2ZnUG0rZXRnNDd6c05oOW9oREFOQmdrcWhraUc5dzBCQVFzRkFEQVMKTVJBd0RnWURWUVFLRXdkU2IyOTBJRU5CTUNBWERURTVNRFl5TURFNU1USXpPRm9ZRHprNU9Ua3hNak14TWpNMQpPVFU1V2pBU01SQXdEZ1lEVlFRS0V3ZFNiMjkwSUVOQk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBCk1JSUJDZ0tDQVFFQXI3bk93Tytocm03QkxGSkJveVNyb2piWUJVeE9ramg0cllSbk5PbTFpZjhqcWFtclo2azEKaGYyeGNuQXVhbFdHVmE2L0lyZU9MOHc3KzNjNGhHUytXZWNTNU53NzA3d2NLQTRMNzJlMWhSamVVd2owUC9MQQpNRFhERDFlYlZ5VDBwVGlJLzlXQ3kvU0w3dWF4Z3F3Q3VBV3FZRmdjd3Jud1FBQUhmYVdwbzZGcWZtMzVNckhoCk5laGxZbXYvV255VzBXVnFRL2d4T0syU05nUnBJMkdkUUNrcjhVVEh1Wng4dEp4QjNsSGFhZmdqOWtNSHVLcEQKZThZZmduTlhEQTJGWXUyZnYyUjF2eUN3bU5WOEpESXgrMC9Id3ZPc0ZUOG92KzNGT2VsU21zM0VlUVNjT1UzMAp6eGVGa29DNGZsdmc3aDY4YVlwSVFrYmJSYUlyWHl3SE13SURBUUFCbzB3d1NqQU9CZ05WSFE4QkFmOEVCQU1DCkFpUXdKd1lEVlIwbEJDQXdIZ1lJS3dZQkJRVUhBd0VHQ0NzR0FRVUZCd01DQmdnckJnRUZCUWNEQXpBUEJnTlYKSFJNQkFmOEVCVEFEQVFIL01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQU9tWURncWRvSkozb0xvWGpmd3MxYQpXM3NySHE0QS9EOXRhSHk1a0RLTU1KZ2FxQW1DUTVaVFpXazZtSUR4dWxkOHdRR0pVUUpEWE55UmtPZk9MMWJPCnBQeEJYeS96RDUxM1Y0VE9OcUFTdmUrZkRnS0R6T3ZtZy93MjRxMlc2SGZyWVVYVmphTWJZcXJNQ3RXb1k3eWwKb2VkckZwWC9ONXdPNGxMeWYxMVZUa3dXSzZ3K3V5VzZscmFXL0xvQmhuUC9QaU4vc1EzT0RUYTlTL1ZDL2FaYwp0THZIRWFRb3lqdmxQdmVFQzhBZ2d5UWNZZjhoSWJHVkh0NmtRVWFUZVo4OUxZbE5lWTZlV3J2anlTTjRxc2pkCmMraFkwS2d6WDdEYXVOYzlSazltb2RNSEszektIL3lkSHN0MEdpWFZKcE9SYzlrRXZJNjZoZVJwZlQwUmRpU1cKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo= + tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURJVENDQWdtZ0F3SUJBZ0lRSGd3UzFFWWgrZ2ZRTk9YOFI0blhLakFOQmdrcWhraUc5dzBCQVFzRkFEQVMKTVJBd0RnWURWUVFLRXdkU2IyOTBJRU5CTUNBWERURTVNRFl5TURFNU1USXpPRm9ZRHprNU9Ua3hNak14TWpNMQpPVFU1V2pBT01Rd3dDZ1lEVlFRS0V3TlFXRU13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUUREMEJyNDRaaS8zZ1FWbS9xWHVHc1ZSKzY5UGtwckV5NmRONmttaEtKaURlZ040M1FYSzJjenUwV1kKZlZJZkdrbTd5eHRoT20wcTRVeElsYldrTWdSMWgwakQvWnN1V0diVWR5bkhWM3NOZXJwRVlNNzdyaFUwUEorWAprSWRoRmY1WUs0MitDU0tYa3piVXM0WUdRa013d2pqeHdjTHBYajBwUjNpT1lFTVEyMklvZmEyMmg4VWt2czJMCnhFK1hGN0hrRXlCSUFhRmU4YnF5cjRLUTFIWTExdEVmRTR1THhpaHFhSkhJVXVSTkU3eTN0WEFlbzVwM01NNmYKTVhPYysxcHBta3RTRU0xVXVmcGgzWW5Ga0dZdXBJd1lSTk41VUkxaUcrVXFJRmMxNkRDYkJQMGlIeVArSFZpdgpIMElDalRJbVJhNXN3ZXN1T2VsYzQ3V04wU0lOQWdNQkFBR2pkVEJ6TUE0R0ExVWREd0VCL3dRRUF3SUZvREFkCkJnTlZIU1VFRmpBVUJnZ3JCZ0VGQlFjREFRWUlLd1lCQlFVSEF3SXdEQVlEVlIwVEFRSC9CQUl3QURBMEJnTlYKSFJFRUxUQXJnZ2xzYjJOaGJHaHZjM1NDRFhOdmJXVXRibUZ0WlMxeWN6Q0NEeW91YzI5dFpTMXVZVzFsTFhKegpNREFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBZ0pDdFBNbnVFcFl0V0FmUWpCSWpZODhXN3l2UlVSZTNTcU5HCjY4V1RzeFEvcmJMSTZ2TVUzb1FOMU5BMGhkc0wyTXppZm1rZldTSW9KU2swMUUxendoOUIzaWhlQ3FEamdBcmQKb1FLY0VETE44M3dpZndlVHJqODI4enh3L2JkN1E5b0RvSlh5UWxDZFZta0NGckV1OEloOXJGRTVPb2RZUXhrbwpvb1NnVm10RDVUdFlRWlFjVjhyaFp1Tjh0T1IyVFI1Q0pGWUF6TWFUV2I2SmRuQ2FjY0Y4SlhPcTFneTNFTjFoCjhrUzBScCtlK0Eza0RneUxhQjMwOG5NL1R0Q1BBWThNOFloM3JubmhVRTJYbmJIUW14RnVteVBnNDhlbkc1UksKSjA3Zks1Ri9vdFlTYmhEU3ZpamVibnQxN3FNc25VSk9qQnV3ZDBJUXdzRVA3MjZVZ0E9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBdzlBYStPR1l2OTRFRlp2Nmw3aHJGVWZ1dlQ1S2F4TXVuVGVwSm9TaVlnM29EZU4wCkZ5dG5NN3RGbUgxU0h4cEp1OHNiWVRwdEt1Rk1TSlcxcERJRWRZZEl3LzJiTGxobTFIY3B4MWQ3RFhxNlJHRE8KKzY0Vk5EeWZsNUNIWVJYK1dDdU52Z2tpbDVNMjFMT0dCa0pETU1JNDhjSEM2VjQ5S1VkNGptQkRFTnRpS0gydAp0b2ZGSkw3Tmk4UlBseGV4NUJNZ1NBR2hYdkc2c3ErQ2tOUjJOZGJSSHhPTGk4WW9hbWlSeUZMa1RSTzh0N1Z3CkhxT2FkekRPbnpGem5QdGFhWnBMVWhETlZMbjZZZDJKeFpCbUxxU01HRVRUZVZDTllodmxLaUJYTmVnd213VDkKSWg4ai9oMVlyeDlDQW8weUprV3ViTUhyTGpucFhPTzFqZEVpRFFJREFRQUJBb0lCQUJVOEJTREdQaTFZWXpNQQp0ajByeDVrSU12Q2N4Njh5NWxRd1RBeWNSNHZBbkZDZFFPS2VWMU81MUVORUc5cTVuQk5jWkR5My9FeXhIL2VqCkhJNlF5Z0VBeWJoUFVUdkdaR2hYLzlUWlBNUHFjamFtRk93Z0piYURlSDhVTWtvcCsyb09WeEdycGUrd0REc20KdUxzSEJvaE1GNmJINzE0bFZSYWI1SXYwRG5IT1dCUlh4TVh2TDNlL05JUy90MXl3SURwR0M4ajJvbjdxNzhMWQplYjI5VmxYaDM5MU5zRGh0S0s5bzF6a2V6alAvTkRGbk90RWU2NWlSdTlraUlOVzRFSkprU1owTk1OUFU3UXFUCitDb2JISXloL3k5NUJic04wTnJiOXdQQWs4Y0pwdS9Tc1lHUWdvQzNiVzBoeXlyMm53U1YxeUp0SEJKZHZKZFQKaHVJNW5lRUNnWUVBMmtIbXRESko2V1htVnMvY1JEekh5TDVoRFJoS1pwNnJwY3Iyb0NPcVpNZlMwREFoQlJPVwp4aklNZVJnbW83Nzl5R1ZRSkpJQ0w0aVNIQnBybzdkYjlKY09ZZUU5eEcwTi9jaVFkUUkySWFEQ3h0ZHpFQ0crCkpUMkFQR3k3QktKYU9HNFRBMGt4Z2VkOE9FS1BHQjA3THFQbWMxUkxpTW5VdlUxYlJ4ejN0YWtDZ1lFQTVheWEKQ0VLQlQ1ZEZQTFRFRGpoS2VZRWJTaWRoT3pNT2VpR3IwdVRKWXE5UVYwVFdUVllZZ2FWVy9xV0NlWEJqMHhhNgozMmIyVkRpcXRwZ0NPRnprSnFsWUFYUlRUeTVJRWN3RW5kSFNzcVNnbllxVklmZE4rSFJCcndTRC9rUDRGbk8wCkZKREhLUllYY3k0RjU2bUlqTWIxODdxTUgzdis2UmgvZEdTbi84VUNnWUVBbGJhYzVVQ1Z1TGRBY0k0MjNzdisKa3pJY2Fwb2Q5eFNpVTZETTJmNTlGSktKaG10dFN3a3I1SnBTT2dLYUJycXRaUGd5S0ZQTGtnV1JqQnVIZUk3LwpVZUVJYVpYVEE5bDJ2bjRFc1c2cDZSbFlZb05KbDJnK0FWZVZqbDFiVUF0NTdibDc2MFlhNHF3Q1pxa3BkUFlnCk1aY1dMa2hGWS9obXFNL1diQXB2MUxrQ2dZQWVkRDZRYmRFYnJxRTlwWEtCdURFWDMyaXc4bnZRRDdzUnNybEgKNDVKWWhZcVBwODhLdmluTnR4REwvMEpIdkFGZ2toa0JXbk83UXpCUHVlUkJlUCsvcUtERXdKbnpXOTJ1am5EbQpSRlk5M2RwMlNWUHhCd3ZOc0F5dG1sbXVNM0VIK1J1ZHhuekNFKzNVRmZ3dWRhcG5rRkk0bVRuUFN1L0lGTG1CCnczOExTUUtCZ1FEQTJROEtneTVTR2JwQ0svQmhZUEtDMkZPcU1QZTdMSXlZbjd1TUJLU0dZbEF6TnNhaWJRdVcKakJVWGNIcTVsakk2eWFlSXlYOWJCWkMrVHZJYmN0MHdtOTh6SmpCRmJLcTgwdUhRSzBhcitYVjFhUGFhdGplawpHMU44bG1IYk10U284UDFSamZlTkdrSjNER2tTZHpFaVJtYmtBMkdUQ1duZU5tVXlpN0h0Z0E9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo= diff --git a/e2e-tests/init-deploy/run b/e2e-tests/init-deploy/run index 7520d936c3..3f35490638 100755 --- a/e2e-tests/init-deploy/run +++ b/e2e-tests/init-deploy/run @@ -12,8 +12,8 @@ create_infra $namespace desc 'create secrets and start client' kubectl_bin apply \ - -f $conf_dir/secrets_with_tls.yml \ - -f $conf_dir/client.yml + -f "$test_dir/conf/secrets_with_tls.yml" \ + -f "$conf_dir/client.yml" desc 'create custom RuntimeClass' if version_gt "1.19" && [ $EKS -ne 1 ]; then @@ -36,10 +36,25 @@ compare_kubectl statefulset/$cluster compare_kubectl service/$cluster desc 'check if users created' -compare_mongo_user "userAdmin:userAdmin123456@$cluster.$namespace" -compare_mongo_user "backup:backup123456@$cluster.$namespace" -compare_mongo_user "clusterAdmin:clusterAdmin123456@$cluster.$namespace" -compare_mongo_user "clusterMonitor:clusterMonitor123456@$cluster.$namespace" + +secret_name="some-users" + +user=$(getUserData "$secret_name" "MONGODB_USER_ADMIN_USER") +pass=$(getUserData "$secret_name" "MONGODB_USER_ADMIN_PASSWORD") +compare_mongo_user "$user:$pass@$cluster.$namespace" "userAdmin" + +user=$(getUserData "$secret_name" "MONGODB_BACKUP_USER") +pass=$(getUserData "$secret_name" "MONGODB_BACKUP_PASSWORD") +compare_mongo_user "$user:$pass@$cluster.$namespace" "backup" + +user=$(getUserData "$secret_name" "MONGODB_CLUSTER_ADMIN_USER") +pass=$(getUserData "$secret_name" "MONGODB_CLUSTER_ADMIN_PASSWORD") +compare_mongo_user "$user:$pass@$cluster.$namespace" "clusterAdmin" + +user=$(getUserData "$secret_name" "MONGODB_CLUSTER_MONITOR_USER") +pass=$(getUserData "$secret_name" "MONGODB_CLUSTER_MONITOR_PASSWORD") +compare_mongo_user "$user:$pass@$cluster.$namespace" "clusterMonitor" + # check that test user don't have access (run_mongo 'db.runCommand({connectionStatus:1,showPrivileges:true})' "test:test@$cluster.$namespace" || :) 2>&1 \ | grep 'Authentication failed' diff --git a/e2e-tests/replset-overrides/conf/some-name-overridden.yml b/e2e-tests/replset-overrides/conf/some-name-overridden.yml index f38b41ee3a..f477c9fbdc 100644 --- a/e2e-tests/replset-overrides/conf/some-name-overridden.yml +++ b/e2e-tests/replset-overrides/conf/some-name-overridden.yml @@ -5,7 +5,6 @@ metadata: - percona.com/delete-psmdb-pvc name: some-name spec: - crVersion: 1.17.0 image: perconalab/percona-server-mongodb-operator:main-mongod7.0 imagePullPolicy: Always backup: diff --git a/e2e-tests/replset-overrides/conf/some-name-override-priority.yml b/e2e-tests/replset-overrides/conf/some-name-override-priority.yml index 6195c97b9f..71779a0c39 100644 --- a/e2e-tests/replset-overrides/conf/some-name-override-priority.yml +++ b/e2e-tests/replset-overrides/conf/some-name-override-priority.yml @@ -5,7 +5,6 @@ metadata: - percona.com/delete-psmdb-pvc name: some-name spec: - crVersion: 1.17.0 image: perconalab/percona-server-mongodb-operator:main-mongod7.0 imagePullPolicy: Always backup: diff --git a/e2e-tests/replset-overrides/conf/some-name.yml b/e2e-tests/replset-overrides/conf/some-name.yml index 287f40f49b..393a5e35b4 100644 --- a/e2e-tests/replset-overrides/conf/some-name.yml +++ b/e2e-tests/replset-overrides/conf/some-name.yml @@ -5,7 +5,6 @@ metadata: - percona.com/delete-psmdb-pvc name: some-name spec: - crVersion: 1.17.0 image: perconalab/percona-server-mongodb-operator:main-mongod7.0 imagePullPolicy: Always backup: diff --git a/e2e-tests/users/run b/e2e-tests/users/run index d3c15be80a..34db03f636 100755 --- a/e2e-tests/users/run +++ b/e2e-tests/users/run @@ -15,7 +15,7 @@ deploy_minio desc 'create secrets and start client' kubectl_bin apply -f "${conf_dir}/client.yml" \ - -f "${conf_dir}/secrets.yml" \ + -f "${test_dir}/conf/secrets.yml" \ -f "${conf_dir}/minio-secret.yml" cluster="some-name-rs0" @@ -34,12 +34,6 @@ psmdb="some-name" wait_cluster_consistency $psmdb sleep 15 -getUserData() { - local secretName=$1 - local dataKey=$2 - urlencode "$(getSecretData "$secretName" "$dataKey")" -} - user=$(getUserData "some-users" "MONGODB_DATABASE_ADMIN_USER") check_mongo_auth "$user:$newpass@$cluster-0.$cluster.$namespace" check_mongo_auth "$user:$newpass@$cluster-1.$cluster.$namespace" diff --git a/pkg/controller/perconaservermongodb/users.go b/pkg/controller/perconaservermongodb/users.go index f713b42b53..b508be0c41 100644 --- a/pkg/controller/perconaservermongodb/users.go +++ b/pkg/controller/perconaservermongodb/users.go @@ -77,7 +77,7 @@ func (r *ReconcilePerconaServerMongoDB) reconcileUsers(ctx context.Context, cr * if cr.CompareVersion("1.17.0") < 0 { internalSysUsersSecret.Labels = nil } - if cr.CompareVersion("1.18.0") >= 0 { + if cr.CompareVersion("1.19.0") >= 0 { internalSysUsersSecret.Data = getInternalSecretData(&sysUsersSecretObj) } err = r.client.Create(ctx, internalSysUsersSecret) diff --git a/pkg/controller/perconaservermongodbrestore/physical.go b/pkg/controller/perconaservermongodbrestore/physical.go index 0a1cc4e8bd..0daa088ca5 100644 --- a/pkg/controller/perconaservermongodbrestore/physical.go +++ b/pkg/controller/perconaservermongodbrestore/physical.go @@ -427,7 +427,7 @@ func (r *ReconcilePerconaServerMongoDBRestore) updateStatefulSetForPhysicalResto }, }, } - if cluster.CompareVersion("1.18.0") < 0 { + if cluster.CompareVersion("1.19.0") < 0 { for i, v := range pbmEnvVars { pbmEnvVars[i].ValueFrom.SecretKeyRef.Key = strings.TrimSuffix(v.ValueFrom.SecretKeyRef.Key, "_ESCAPED") pbmEnvVars[i].ValueFrom.SecretKeyRef.LocalObjectReference.Name = cluster.Spec.Secrets.Users diff --git a/pkg/psmdb/statefulset.go b/pkg/psmdb/statefulset.go index 83d945f11d..9568b93603 100644 --- a/pkg/psmdb/statefulset.go +++ b/pkg/psmdb/statefulset.go @@ -368,7 +368,7 @@ func backupAgentContainer(cr *api.PerconaServerMongoDB, replsetName string, tlsE SecurityContext: cr.Spec.Backup.ContainerSecurityContext, Resources: cr.Spec.Backup.Resources, } - if cr.CompareVersion("1.18.0") < 0 { + if cr.CompareVersion("1.19.0") < 0 { c.Env[0].ValueFrom.SecretKeyRef.Key = "MONGODB_BACKUP_USER" c.Env[1].ValueFrom.SecretKeyRef.Key = "MONGODB_BACKUP_PASSWORD" } From 4cd83494fa371be5921cfa38ac490b83b6b99841 Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Thu, 21 Nov 2024 19:07:21 +0200 Subject: [PATCH 06/13] fix test --- e2e-tests/demand-backup-physical/run | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/e2e-tests/demand-backup-physical/run b/e2e-tests/demand-backup-physical/run index e7142b85a0..ac5e6d6e33 100755 --- a/e2e-tests/demand-backup-physical/run +++ b/e2e-tests/demand-backup-physical/run @@ -60,7 +60,7 @@ desc 'Testing on not sharded cluster' echo "Creating PSMDB cluster" cluster="some-name" -kubectl_bin apply -f "${test_dir}/conf/${secrets}.yml" +kubectl_bin apply -f "${test_dir}/conf/secrets.yml" apply_cluster "${test_dir}/conf/${cluster}.yml" kubectl_bin apply -f "${conf_dir}/client_with_tls.yml" From f42a6389c2deac4588f4e09a1334f457b50ec6f0 Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Thu, 21 Nov 2024 19:17:05 +0200 Subject: [PATCH 07/13] fix test --- e2e-tests/users/conf/secrets.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/e2e-tests/users/conf/secrets.yml b/e2e-tests/users/conf/secrets.yml index ebc5399bfb..4956583692 100644 --- a/e2e-tests/users/conf/secrets.yml +++ b/e2e-tests/users/conf/secrets.yml @@ -10,3 +10,7 @@ data: MONGODB_CLUSTER_ADMIN_PASSWORD: Y2x1c3RlckFkbWluMTIzNDU2 MONGODB_CLUSTER_MONITOR_USER: Y2x1c3Rlck1vbml0b3I= MONGODB_CLUSTER_MONITOR_PASSWORD: Y2x1c3Rlck1vbml0b3IxMjM0NTY= + MONGODB_DATABASE_ADMIN_USER: ZGF0YWJhc2VBZG1pbg== + MONGODB_DATABASE_ADMIN_PASSWORD: ZGF0YWJhc2VBZG1pbjEyMzQ1Ng== + MONGODB_USER_ADMIN_USER: dXNlckFkbWlu + MONGODB_USER_ADMIN_PASSWORD: dXNlckFkbWluMTIzNDU2 From b0ae6027345b82afbe460ded109d2539ccc810cc Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Thu, 21 Nov 2024 19:35:13 +0200 Subject: [PATCH 08/13] fix users test --- e2e-tests/users/conf/secrets-2.yml | 14 ++++++++++++++ e2e-tests/users/run | 4 +++- 2 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 e2e-tests/users/conf/secrets-2.yml diff --git a/e2e-tests/users/conf/secrets-2.yml b/e2e-tests/users/conf/secrets-2.yml new file mode 100644 index 0000000000..71487b4ac8 --- /dev/null +++ b/e2e-tests/users/conf/secrets-2.yml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Secret +metadata: + name: some-users +type: Opaque +data: + MONGODB_BACKUP_USER: YmFja3VwJCMl + MONGODB_BACKUP_PASSWORD: YmFja3VwMTIzNDU2Iw== + MONGODB_CLUSTER_ADMIN_USER: Y2x1c3RlckFkbWlu + MONGODB_CLUSTER_ADMIN_PASSWORD: Y2x1c3RlckFkbWluMTIzNDU2 + MONGODB_CLUSTER_MONITOR_USER: Y2x1c3Rlck1vbml0b3I= + MONGODB_CLUSTER_MONITOR_PASSWORD: Y2x1c3Rlck1vbml0b3IxMjM0NTY= + MONGODB_DATABASE_ADMIN_USER: ZGF0YWJhc2VBZG1pbg== + MONGODB_DATABASE_ADMIN_PASSWORD: ZGF0YWJhc2VBZG1pbjEyMzQ1Ng== diff --git a/e2e-tests/users/run b/e2e-tests/users/run index 34db03f636..39d32fe91d 100755 --- a/e2e-tests/users/run +++ b/e2e-tests/users/run @@ -141,8 +141,10 @@ check_mongo_auth "$user:$pass@$cluster-1.$cluster.$namespace" check_mongo_auth "$user:$pass@$cluster-2.$cluster.$namespace" desc 'secret without userAdmin' -kubectl_bin apply -f "${test_dir}/conf/secrets.yml" +kubectl_bin apply -f "${test_dir}/conf/secrets-2.yml" sleep 25 +wait_cluster_consistency $psmdb +sleep 15 user=$(getUserData "some-users" "MONGODB_USER_ADMIN_USER") pass=$(getUserData "some-users" "MONGODB_USER_ADMIN_PASSWORD") check_mongo_auth "$user:$pass@$cluster-0.$cluster.$namespace" From 0a65f401d16165008dff9c32da0adf7ec9a4ff67 Mon Sep 17 00:00:00 2001 From: Andrii Dema Date: Fri, 22 Nov 2024 14:13:09 +0200 Subject: [PATCH 09/13] add 1.19.0 check --- pkg/controller/perconaservermongodb/users.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkg/controller/perconaservermongodb/users.go b/pkg/controller/perconaservermongodb/users.go index b508be0c41..517441d1fd 100644 --- a/pkg/controller/perconaservermongodb/users.go +++ b/pkg/controller/perconaservermongodb/users.go @@ -140,7 +140,10 @@ func (r *ReconcilePerconaServerMongoDB) reconcileUsers(ctx context.Context, cr * } } - internalSysSecretObj.Data = getInternalSecretData(&sysUsersSecretObj) + internalSysSecretObj.Data = sysUsersSecretObj.Data + if cr.CompareVersion("1.19.0") >= 0 { + internalSysSecretObj.Data = getInternalSecretData(&sysUsersSecretObj) + } err = r.client.Update(ctx, &internalSysSecretObj) if err != nil { return errors.Wrap(err, "update internal sys users secret") From 60691b312ccc577b58cd5f7e9974faf552903dac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ege=20G=C3=BCne=C5=9F?= Date: Mon, 9 Dec 2024 14:14:43 +0300 Subject: [PATCH 10/13] K8SPSMDB-1212: Don't stop balancer before restore --- e2e-tests/balancer/conf/backup-minio.yml | 9 ++ e2e-tests/balancer/conf/restore.yml | 7 ++ e2e-tests/balancer/conf/some-name-rs0.yml | 12 +- e2e-tests/balancer/run | 108 +++++++++--------- e2e-tests/conf/client-70.yml | 23 ++++ e2e-tests/functions | 20 +++- e2e-tests/service-per-pod/conf/sharded.yml | 51 +++++++++ e2e-tests/service-per-pod/run | 49 +++++++- pkg/apis/psmdb/v1/psmdb_types.go | 5 + pkg/controller/perconaservermongodb/backup.go | 11 +- .../perconaservermongodb/balancer.go | 20 +++- .../perconaservermongodb/psmdb_controller.go | 31 ----- .../perconaservermongodb/version.go | 2 +- .../perconaservermongodbbackup/backup.go | 7 +- .../perconaservermongodbbackup_controller.go | 7 +- .../perconaservermongodbrestore_controller.go | 18 +++ pkg/psmdb/getters.go | 6 + 17 files changed, 286 insertions(+), 100 deletions(-) create mode 100644 e2e-tests/balancer/conf/backup-minio.yml create mode 100644 e2e-tests/balancer/conf/restore.yml create mode 100644 e2e-tests/conf/client-70.yml create mode 100644 e2e-tests/service-per-pod/conf/sharded.yml diff --git a/e2e-tests/balancer/conf/backup-minio.yml b/e2e-tests/balancer/conf/backup-minio.yml new file mode 100644 index 0000000000..42dfbf7ae0 --- /dev/null +++ b/e2e-tests/balancer/conf/backup-minio.yml @@ -0,0 +1,9 @@ +apiVersion: psmdb.percona.com/v1 +kind: PerconaServerMongoDBBackup +metadata: + finalizers: + - percona.com/delete-backup + name: backup-minio +spec: + clusterName: some-name + storageName: minio diff --git a/e2e-tests/balancer/conf/restore.yml b/e2e-tests/balancer/conf/restore.yml new file mode 100644 index 0000000000..32ab3c4b9a --- /dev/null +++ b/e2e-tests/balancer/conf/restore.yml @@ -0,0 +1,7 @@ +apiVersion: psmdb.percona.com/v1 +kind: PerconaServerMongoDBRestore +metadata: + name: +spec: + clusterName: some-name + backupName: diff --git a/e2e-tests/balancer/conf/some-name-rs0.yml b/e2e-tests/balancer/conf/some-name-rs0.yml index 6916a28055..ee76b26259 100644 --- a/e2e-tests/balancer/conf/some-name-rs0.yml +++ b/e2e-tests/balancer/conf/some-name-rs0.yml @@ -7,7 +7,17 @@ spec: image: imagePullPolicy: Always backup: - enabled: false + enabled: true + image: perconalab/percona-server-mongodb-operator:1.1.0-backup + storages: + minio: + type: s3 + s3: + credentialsSecret: minio-secret + region: us-east-1 + bucket: operator-testing + endpointUrl: http://minio-service:9000/ + insecureSkipTLSVerify: false sharding: enabled: true configsvrReplSet: diff --git a/e2e-tests/balancer/run b/e2e-tests/balancer/run index 94e03cfcc5..d989f73562 100755 --- a/e2e-tests/balancer/run +++ b/e2e-tests/balancer/run @@ -1,63 +1,77 @@ #!/bin/bash set -o errexit -set -o xtrace test_dir=$(realpath "$(dirname "$0")") . "${test_dir}/../functions" set_debug -check_balancer() { - local expected=$1 # should be "full" (running balancer) or "off" (disabled balancer) +log() { + echo "[$(date +%Y-%m-%dT%H:%M:%S%z)]" $* +} +check_balancer() { + local cluster=$1 + local expected=$2 # should be "true" (enabled) or "false" (disabled) + local delay=${3:-"0"} local balancer_running - balancer_running=$(run_mongos 'db.adminCommand({balancerStatus: 1}).mode' "clusterAdmin:clusterAdmin123456@$cluster-mongos.$namespace" \ - | grep -E -v "Percona Server for MongoDB|connecting to:|Implicit session:|versions do not match|Error saving history file:|bye") + log "sleeping for ${delay} seconds..." + sleep ${delay} + + balancer_running=$(run_mongosh 'sh.getBalancerState()' "clusterAdmin:clusterAdmin123456@${cluster}-cfg.${namespace}" \ + | grep -E -v 'Warning|cfg' | grep -E 'true|false') + + echo -n "checking if balancer status is ${expected}..." if [[ $balancer_running != "$expected" ]]; then - echo "Unexpected output from \"db.adminCommand({balancerStatus: 1}).mode\": $balancer_running" - echo "Expected $expected" + echo + log "Unexpected output from \"sh.getBalancerState()\": $balancer_running" + log "Expected: $expected" exit 1 fi + echo "OK" } -check_service() { - state=$1 - svc_name=$2 - if [ $state = "present" ]; then - echo -n "check that $svc_name was created" - local timeout=0 - until kubectl_bin get service/$svc_name -o 'jsonpath={.spec.type}' 2>&1 | grep -vq NotFound; do - sleep 1 - timeout=$((timeout + 1)) - echo -n '.' - if [[ ${timeout} -gt 900 ]]; then - echo "Waiting timeout has been reached. Service $svc_name is not present. Exiting..." - exit 1 - fi - done - echo ".OK" - elif [ $state = "removed" ]; then - echo -n "check that $svc_name was removed" - if [[ -z $(kubectl_bin get service/$svc_name -o 'jsonpath={.spec.type}' 2>&1 | grep NotFound) ]]; then - echo "$svc_name was not removed." - exit 1 - else - echo ".OK" - fi - else - echo "unknown state $state" - fi +check_backup_and_restore() { + local cluster=$1 + local backup_suffix=$2 + local balancer_end_state=$3 + local backup_name="backup-minio-${backup_suffix}" + + log "running backup: ${backup_name}" + run_backup "minio" "${backup_name}" + wait_backup "${backup_name}" "requested" + + log "checking if balancer is disabled" + check_balancer ${cluster} "false" + + wait_backup "${backup_name}" "ready" + + log "checking if balancer is ${balancer_end_state} after backup" + check_balancer ${cluster} ${balancer_end_state} 10 + + log "running restore: restore-${backup_name}" + run_restore "${backup_name}" + log "checking if balancer status is not changed" + check_balancer ${cluster} "${balancer_end_state}" 4 + + wait_restore ${backup_name} ${cluster} "ready" + + log "checking if balancer is ${balancer_end_state} after restore" + check_balancer ${cluster} ${balancer_end_state} 10 } main() { create_infra "$namespace" + deploy_minio + apply_s3_storage_secrets + desc 'create first PSMDB cluster' cluster="some-name" kubectl_bin apply \ -f "$conf_dir/secrets.yml" \ - -f "$conf_dir/client.yml" + -f "$conf_dir/client-70.yml" if version_gt "1.19" && [ $EKS -ne 1 ]; then $sed 's/docker/runc/g' "$conf_dir/container-rc.yaml" | kubectl_bin apply -f - @@ -70,30 +84,22 @@ main() { apply_cluster "$test_dir/conf/$cluster-rs0.yml" desc 'check if all 3 Pods started' - wait_for_running $cluster-rs0 3 + wait_for_running $cluster-rs0 3 "false" wait_for_running $cluster-cfg 3 "false" wait_for_running $cluster-mongos 3 - sleep 20 - check_balancer "full" + check_balancer ${cluster} "true" 10 + + check_backup_and_restore ${cluster} "0" "true" desc 'disabling balancer' kubectl patch psmdb some-name --type=merge -p '{"spec":{"sharding":{"balancer":{"enabled":false}}}}' - sleep 20 - check_balancer "off" + check_balancer ${cluster} "false" 10 + + check_backup_and_restore ${cluster} "1" "false" desc 'enabling balancer' kubectl patch psmdb some-name --type=merge -p '{"spec":{"sharding":{"balancer":{"enabled":true}}}}' - sleep 20 - check_balancer "full" - - # Add check that servicePerPod creates 3 services for the running cluster - desc 'enabling servicePerPod for mongos' - kubectl patch psmdb some-name --type=merge -p '{"spec":{"sharding":{"mongos":{"expose":{"servicePerPod":true}}}}}' - wait_for_running $cluster-mongos 3 - check_service present $cluster-mongos-0 - check_service present $cluster-mongos-1 - check_service present $cluster-mongos-2 - check_service removed $cluster-mongos + check_balancer ${cluster} "true" 10 destroy "$namespace" } diff --git a/e2e-tests/conf/client-70.yml b/e2e-tests/conf/client-70.yml new file mode 100644 index 0000000000..b72cfa3b0a --- /dev/null +++ b/e2e-tests/conf/client-70.yml @@ -0,0 +1,23 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: psmdb-client +spec: + replicas: 1 + selector: + matchLabels: + name: psmdb-client + template: + metadata: + labels: + name: psmdb-client + spec: + terminationGracePeriodSeconds: 10 + containers: + - name: psmdb-client + image: percona/percona-server-mongodb:7.0 + imagePullPolicy: Always + command: + - sleep + args: + - "100500" diff --git a/e2e-tests/functions b/e2e-tests/functions index ad78834815..c1052708f8 100755 --- a/e2e-tests/functions +++ b/e2e-tests/functions @@ -218,12 +218,13 @@ wait_backup_agent() { wait_backup() { local backup_name=$1 + local target_state=${2:-"ready"} set +o xtrace retry=0 - echo -n $backup_name + echo -n "waiting for ${backup_name} to reach ${target_state} state" local current_status= - until [[ ${current_status} == "ready" ]]; do + until [[ ${current_status} == ${target_state} ]]; do sleep 1 echo -n . let retry+=1 @@ -345,7 +346,7 @@ wait_restore() { set +o xtrace retry=0 - echo -n "waiting psmdb-restore/${backup_name} to reach ${target_state} state" + echo -n "waiting psmdb-restore/restore-${backup_name} to reach ${target_state} state" local current_state= until [[ ${current_state} == ${target_state} ]]; do sleep 1 @@ -734,9 +735,22 @@ run_mongo() { [[ $uri == *cfg* ]] && replica_set='cfg' || replica_set='rs0' kubectl_bin exec ${client_container} -- \ bash -c "printf '$command\n' | mongo $driver://$uri$suffix/admin?ssl=false\&replicaSet=$replica_set $mongo_flag" +} + +run_mongosh() { + local command="$1" + local uri="$2" + local driver=${3:-"mongodb+srv"} + local suffix=${4:-".svc.cluster.local"} + local mongo_flag="$5" + local client_container=$(kubectl_bin get pods --selector=name=psmdb-client -o 'jsonpath={.items[].metadata.name}') + [[ $uri == *cfg* ]] && replica_set='cfg' || replica_set='rs0' + kubectl_bin exec ${client_container} -- \ + bash -c "printf '$command\n' | mongosh --quiet $driver://$uri$suffix/admin?ssl=false\&replicaSet=$replica_set $mongo_flag" } + run_mongo_tls() { local command="$1" local uri="$2" diff --git a/e2e-tests/service-per-pod/conf/sharded.yml b/e2e-tests/service-per-pod/conf/sharded.yml new file mode 100644 index 0000000000..2f4ea03adc --- /dev/null +++ b/e2e-tests/service-per-pod/conf/sharded.yml @@ -0,0 +1,51 @@ +apiVersion: psmdb.percona.com/v1 +kind: PerconaServerMongoDB +metadata: + name: some-name +spec: + #platform: openshift + image: + imagePullPolicy: Always + backup: + enabled: false + sharding: + enabled: true + configsvrReplSet: + size: 3 + volumeSpec: + persistentVolumeClaim: + resources: + requests: + storage: 3Gi + expose: + enabled: false + + mongos: + size: 3 + configuration: | + replication: + localPingThresholdMs: 15 + expose: + type: ClusterIP + + replsets: + - name: rs0 + affinity: + antiAffinityTopologyKey: none + expose: + enabled: false + resources: + limits: + cpu: 500m + memory: 1G + requests: + cpu: 100m + memory: 0.1G + volumeSpec: + persistentVolumeClaim: + resources: + requests: + storage: 1Gi + size: 3 + secrets: + users: some-users diff --git a/e2e-tests/service-per-pod/run b/e2e-tests/service-per-pod/run index 9a785a393f..382270c410 100755 --- a/e2e-tests/service-per-pod/run +++ b/e2e-tests/service-per-pod/run @@ -9,7 +9,7 @@ set_debug check_cr_config() { local cluster="$1" - desc "create first PSMDB cluster $cluster" + desc "create PSMDB cluster $cluster" apply_cluster $test_dir/conf/$cluster.yml desc 'check if all 3 Pods started' @@ -40,8 +40,8 @@ check_cr_config() { compare_mongo_cmd "find" "myApp:myPass@$(get_service_ip $cluster-1)" "" ":27017" compare_mongo_cmd "find" "myApp:myPass@$(get_service_ip $cluster-2)" "" ":27017" - desc 'add service-per-pod lebel and annotation' if [[ $cluster == "node-port-rs0" ]]; then + desc 'add service-per-pod label and annotation' old_node_port=$(kubectl_bin get svc node-port-rs0-0 -o 'jsonpath={.spec.ports[0].nodePort}') kubectl_bin patch psmdb node-port --type=json --patch '[ { @@ -74,6 +74,36 @@ check_cr_config() { -f $test_dir/conf/$cluster.yml } +check_service() { + state=$1 + svc_name=$2 + if [ $state = "present" ]; then + echo -n "check that $svc_name was created" + local timeout=0 + until kubectl_bin get service/$svc_name -o 'jsonpath={.spec.type}' 2>&1 | grep -vq NotFound; do + sleep 1 + timeout=$((timeout + 1)) + echo -n '.' + if [[ ${timeout} -gt 900 ]]; then + echo "Waiting timeout has been reached. Service $svc_name is not present. Exiting..." + exit 1 + fi + done + echo ".OK" + elif [ $state = "removed" ]; then + echo -n "check that $svc_name was removed" + if [[ -z $(kubectl_bin get service/$svc_name -o 'jsonpath={.spec.type}' 2>&1 | grep NotFound) ]]; then + echo "$svc_name was not removed." + exit 1 + else + echo ".OK" + fi + else + echo "unknown state $state" + fi +} + + main() { create_infra $namespace deploy_cert_manager @@ -92,6 +122,21 @@ main() { desc 'check NodePort' check_cr_config "node-port-rs0" + desc 'check Mongos in sharded cluster' + local cluster=some-name + apply_cluster "$test_dir/conf/sharded.yml" + wait_for_running $cluster-rs0 3 + wait_for_running $cluster-cfg 3 "false" + wait_for_running $cluster-mongos 3 + + desc 'enabling servicePerPod for mongos' + kubectl patch psmdb some-name --type=merge -p '{"spec":{"sharding":{"mongos":{"expose":{"servicePerPod":true}}}}}' + wait_for_running $cluster-mongos 3 + check_service present $cluster-mongos-0 + check_service present $cluster-mongos-1 + check_service present $cluster-mongos-2 + check_service removed $cluster-mongos + destroy $namespace desc 'test passed' diff --git a/pkg/apis/psmdb/v1/psmdb_types.go b/pkg/apis/psmdb/v1/psmdb_types.go index af15a26d89..4e935f74d7 100644 --- a/pkg/apis/psmdb/v1/psmdb_types.go +++ b/pkg/apis/psmdb/v1/psmdb_types.go @@ -217,6 +217,10 @@ type BalancerSpec struct { Enabled *bool `json:"enabled,omitempty"` } +func (b *BalancerSpec) IsEnabled() bool { + return b.Enabled == nil || *b.Enabled +} + type UpgradeOptions struct { VersionServiceEndpoint string `json:"versionServiceEndpoint,omitempty"` Apply UpgradeStrategy `json:"apply,omitempty"` @@ -1211,6 +1215,7 @@ func (s *PerconaServerMongoDBStatus) AddCondition(c ClusterCondition) { continue } s.Conditions[i] = c + return } s.Conditions = append(s.Conditions, c) } diff --git a/pkg/controller/perconaservermongodb/backup.go b/pkg/controller/perconaservermongodb/backup.go index 46608e175d..09ba736838 100644 --- a/pkg/controller/perconaservermongodb/backup.go +++ b/pkg/controller/perconaservermongodb/backup.go @@ -278,10 +278,15 @@ func (r *ReconcilePerconaServerMongoDB) isRestoreRunning(ctx context.Context, cr } for _, rst := range restores.Items { - if rst.Status.State != api.RestoreStateReady && rst.Status.State != api.RestoreStateNew && rst.Status.State != api.RestoreStateError && - rst.Spec.ClusterName == cr.Name { - return true, nil + if rst.Spec.ClusterName != cr.Name { + continue + } + + if rst.Status.State == api.RestoreStateReady || rst.Status.State == api.RestoreStateError { + continue } + + return true, nil } return false, nil diff --git a/pkg/controller/perconaservermongodb/balancer.go b/pkg/controller/perconaservermongodb/balancer.go index dc2dd6c7e9..65aa7159ce 100644 --- a/pkg/controller/perconaservermongodb/balancer.go +++ b/pkg/controller/perconaservermongodb/balancer.go @@ -17,7 +17,13 @@ import ( func (r *ReconcilePerconaServerMongoDB) enableBalancerIfNeeded(ctx context.Context, cr *api.PerconaServerMongoDB) error { log := logf.FromContext(ctx) - if s := cr.Spec.Sharding; !s.Enabled || s.Mongos.Size == 0 || cr.Spec.Unmanaged || (s.Balancer.Enabled != nil && !*s.Balancer.Enabled) || cr.DeletionTimestamp != nil || cr.Spec.Pause { + if s := cr.Spec.Sharding; !s.Enabled || + s.Mongos.Size == 0 || + !s.Balancer.IsEnabled() || + cr.Spec.Unmanaged || + cr.DeletionTimestamp != nil || + cr.Spec.Pause { + return nil } @@ -26,12 +32,17 @@ func (r *ReconcilePerconaServerMongoDB) enableBalancerIfNeeded(ctx context.Conte return errors.Wrap(err, "failed to check if all sfs are up to date") } + bcpRunning, err := r.isBackupRunning(ctx, cr) + if err != nil { + return errors.Wrap(err, "failed to check running backups") + } + rstRunning, err := r.isRestoreRunning(ctx, cr) if err != nil { return errors.Wrap(err, "failed to check running restores") } - if !uptodate || rstRunning { + if !uptodate || bcpRunning || rstRunning { return nil } @@ -104,7 +115,10 @@ func (r *ReconcilePerconaServerMongoDB) enableBalancerIfNeeded(ctx context.Conte } func (r *ReconcilePerconaServerMongoDB) disableBalancerIfNeeded(ctx context.Context, cr *api.PerconaServerMongoDB) error { - if s := cr.Spec.Sharding; !s.Enabled || s.Mongos.Size == 0 || cr.Spec.Unmanaged || s.Balancer.Enabled == nil || *s.Balancer.Enabled { + if s := cr.Spec.Sharding; !s.Enabled || + s.Mongos.Size == 0 || + s.Balancer.IsEnabled() || + cr.Spec.Unmanaged { return nil } return r.disableBalancer(ctx, cr) diff --git a/pkg/controller/perconaservermongodb/psmdb_controller.go b/pkg/controller/perconaservermongodb/psmdb_controller.go index 8f2b3d649e..53ab4c3bff 100644 --- a/pkg/controller/perconaservermongodb/psmdb_controller.go +++ b/pkg/controller/perconaservermongodb/psmdb_controller.go @@ -931,33 +931,6 @@ func (r *ReconcilePerconaServerMongoDB) deleteCfgIfNeeded(ctx context.Context, c return nil } -func (r *ReconcilePerconaServerMongoDB) stopMongosInCaseOfRestore(ctx context.Context, cr *api.PerconaServerMongoDB) error { - if !cr.Spec.Sharding.Enabled { - return nil - } - - rstRunning, err := r.isRestoreRunning(ctx, cr) - if err != nil { - return errors.Wrap(err, "failed to check running restores") - } - - if !rstRunning { - return nil - } - - err = r.disableBalancer(ctx, cr) - if err != nil { - return errors.Wrap(err, "failed to disable balancer") - } - - err = r.deleteMongos(ctx, cr) - if err != nil { - return errors.Wrap(err, "failed to delete mongos") - } - - return nil -} - func (r *ReconcilePerconaServerMongoDB) upgradeFCVIfNeeded(ctx context.Context, cr *api.PerconaServerMongoDB, newFCV string) error { if !cr.Spec.UpgradeOptions.SetFCV || newFCV == "" { return nil @@ -1180,10 +1153,6 @@ func (r *ReconcilePerconaServerMongoDB) createOrUpdateConfigMap(ctx context.Cont } func (r *ReconcilePerconaServerMongoDB) reconcileMongos(ctx context.Context, cr *api.PerconaServerMongoDB) error { - if err := r.stopMongosInCaseOfRestore(ctx, cr); err != nil { - return errors.Wrap(err, "on restore") - } - if err := r.reconcileMongosStatefulset(ctx, cr); err != nil { return errors.Wrap(err, "reconcile mongos") } diff --git a/pkg/controller/perconaservermongodb/version.go b/pkg/controller/perconaservermongodb/version.go index 35a511f273..70298ebcc8 100644 --- a/pkg/controller/perconaservermongodb/version.go +++ b/pkg/controller/perconaservermongodb/version.go @@ -440,7 +440,7 @@ func (r *ReconcilePerconaServerMongoDB) scheduleTelemetryRequests(ctx context.Co return } - err = localCr.CheckNSetDefaults(r.serverVersion.Platform, log) + err = localCr.CheckNSetDefaults(ctx, r.serverVersion.Platform) if err != nil { log.Error(err, "failed to set defaults for CR") return diff --git a/pkg/controller/perconaservermongodbbackup/backup.go b/pkg/controller/perconaservermongodbbackup/backup.go index 23043b7a39..c40296597c 100644 --- a/pkg/controller/perconaservermongodbbackup/backup.go +++ b/pkg/controller/perconaservermongodbbackup/backup.go @@ -44,8 +44,9 @@ func (r *ReconcilePerconaServerMongoDBBackup) newBackup(ctx context.Context, clu // Start requests backup on PBM func (b *Backup) Start(ctx context.Context, k8sclient client.Client, cluster *api.PerconaServerMongoDB, cr *api.PerconaServerMongoDBBackup) (api.PerconaServerMongoDBBackupStatus, error) { - log := logf.FromContext(ctx) - log.Info("Starting backup", "backup", cr.Name, "storage", cr.Spec.StorageName) + log := logf.FromContext(ctx).WithValues("backup", cr.Name, "storage", cr.Spec.StorageName) + + log.Info("Starting backup") var status api.PerconaServerMongoDBBackupStatus @@ -56,7 +57,7 @@ func (b *Backup) Start(ctx context.Context, k8sclient client.Client, cluster *ap err := b.pbm.GetNSetConfig(ctx, k8sclient, cluster, stg) if err != nil { - return api.PerconaServerMongoDBBackupStatus{}, errors.Wrapf(err, "set backup config with storage %s", cr.Spec.StorageName) + return status, errors.Wrapf(err, "set backup config with storage %s", cr.Spec.StorageName) } name := time.Now().UTC().Format(time.RFC3339) diff --git a/pkg/controller/perconaservermongodbbackup/perconaservermongodbbackup_controller.go b/pkg/controller/perconaservermongodbbackup/perconaservermongodbbackup_controller.go index 2196b253d7..5440027340 100644 --- a/pkg/controller/perconaservermongodbbackup/perconaservermongodbbackup_controller.go +++ b/pkg/controller/perconaservermongodbbackup/perconaservermongodbbackup_controller.go @@ -133,6 +133,7 @@ func (r *ReconcilePerconaServerMongoDBBackup) Reconcile(ctx context.Context, req log.Error(err, "failed to make backup", "backup", cr.Name) } if cr.Status.State != status.State || cr.Status.Error != status.Error { + log.Info("Backup state changed", "previous", cr.Status.State, "current", status.State) cr.Status = status uerr := r.updateStatus(ctx, cr) if uerr != nil { @@ -384,7 +385,7 @@ func (r *ReconcilePerconaServerMongoDBBackup) deleteBackupFinalizer(ctx context. return nil } - log := logf.FromContext(ctx).WithName("deleteBackup").WithValues("backup", cr.Name, "pbmName", cr.Status.PBMname) + log := logf.FromContext(ctx).WithName("deleteBackup").WithValues("backup", cr.Name, "namespace", cr.Namespace, "pbmName", cr.Status.PBMname) var meta *backup.BackupMeta var err error @@ -452,7 +453,7 @@ func (r *ReconcilePerconaServerMongoDBBackup) deleteBackupFinalizer(ctx context. } func (r *ReconcilePerconaServerMongoDBBackup) deleteFilesystemBackup(ctx context.Context, cluster *psmdbv1.PerconaServerMongoDB, bcp *psmdbv1.PerconaServerMongoDBBackup) error { - log := logf.FromContext(ctx) + log := logf.FromContext(ctx).WithName("deleteBackup").WithValues("backup", bcp.Name, "namespace", bcp.Namespace, "pbmName", bcp.Status.PBMname) rsName := bcp.Status.ReplsetNames[0] rsPods, err := psmdb.GetRSPods(ctx, r.client, cluster, rsName) @@ -478,6 +479,8 @@ func (r *ReconcilePerconaServerMongoDBBackup) deleteFilesystemBackup(ctx context return errors.Wrap(err, "exec delete-backup") } + log.Info("Backup deleted") + return nil } diff --git a/pkg/controller/perconaservermongodbrestore/perconaservermongodbrestore_controller.go b/pkg/controller/perconaservermongodbrestore/perconaservermongodbrestore_controller.go index 4a35f999cb..38b6a59bee 100644 --- a/pkg/controller/perconaservermongodbrestore/perconaservermongodbrestore_controller.go +++ b/pkg/controller/perconaservermongodbrestore/perconaservermongodbrestore_controller.go @@ -24,6 +24,7 @@ import ( "github.com/percona/percona-server-mongodb-operator/clientcmd" psmdbv1 "github.com/percona/percona-server-mongodb-operator/pkg/apis/psmdb/v1" + "github.com/percona/percona-server-mongodb-operator/pkg/psmdb" "github.com/percona/percona-server-mongodb-operator/pkg/psmdb/backup" "github.com/percona/percona-server-mongodb-operator/pkg/util" "github.com/percona/percona-server-mongodb-operator/version" @@ -179,6 +180,23 @@ func (r *ReconcilePerconaServerMongoDBRestore) Reconcile(ctx context.Context, re } if cr.Status.State == psmdbv1.RestoreStateNew { + if cluster.Spec.Sharding.Enabled { + _, err := psmdb.GetMongosSts(ctx, r.client, cluster) + if client.IgnoreNotFound(err) != nil { + return rr, errors.Wrap(err, "get mongos statefulset") + } + + if err == nil { + log.Info("Terminating mongos pods") + err = r.client.Delete(ctx, psmdb.MongosStatefulset(cluster)) + if err != nil && !k8serrors.IsNotFound(err) { + return rr, errors.Wrap(err, "failed to delete mongos statefulset") + } + + return rr, nil + } + } + err = r.validate(ctx, cr, cluster) if err != nil { if errors.Is(err, errWaitingPBM) || errors.Is(err, errWaitingRestore) { diff --git a/pkg/psmdb/getters.go b/pkg/psmdb/getters.go index f2ae58cdc3..b0cc784883 100644 --- a/pkg/psmdb/getters.go +++ b/pkg/psmdb/getters.go @@ -102,6 +102,12 @@ func GetPrimaryPod(ctx context.Context, mgoClient mongo.Client) (string, error) return status.Primary().Name, nil } +func GetMongosSts(ctx context.Context, cl client.Client, cr *api.PerconaServerMongoDB) (*appsv1.StatefulSet, error) { + sts := MongosStatefulset(cr) + err := cl.Get(ctx, client.ObjectKeyFromObject(sts), sts) + return sts, err +} + func GetMongosPods(ctx context.Context, cl client.Client, cr *api.PerconaServerMongoDB) (corev1.PodList, error) { pods := corev1.PodList{} err := cl.List(ctx, From 5d38499883f36d01055a27ea73e8c2233efe2a04 Mon Sep 17 00:00:00 2001 From: Sergey Pronin Date: Mon, 9 Dec 2024 21:10:14 +0300 Subject: [PATCH 11/13] [CLOUD-878] minor fixes and links from README (#1750) --- README.md | 57 +++++++++++++++++++------------------------------------ 1 file changed, 19 insertions(+), 38 deletions(-) diff --git a/README.md b/README.md index a46b99aabf..26459e72dc 100644 --- a/README.md +++ b/README.md @@ -9,25 +9,22 @@ ![GitHub go.mod Go version](https://img.shields.io/github/go-mod/go-version/percona/percona-server-mongodb-operator) [![Go Report Card](https://goreportcard.com/badge/github.com/percona/percona-server-mongodb-operator)](https://goreportcard.com/report/github.com/percona/percona-server-mongodb-operator) -[Percona Operator for MongoDB](https://github.com/percona/percona-server-mongodb-operator) automates the creation, modification, or deletion of items in your Percona Server for MongoDB environment. The Operator contains the necessary Kubernetes settings to maintain a consistent Percona Server for MongoDB instance, be it a replica set or a sharded cluster. +[Percona Operator for MongoDB](https://github.com/percona/percona-server-mongodb-operator) deploys and manages Percona Server for MongoDB on Kubernetes with ease. Automate deployments, scaling, and day-to-day operations for both replica sets and sharded clusters. Deploy with confidence and focus on your applications, not your database. -Based on our best practices for deployment and configuration, Percona Operator for MongoDB contains everything you need to quickly and consistently deploy and scale Percona Server for MongoDB instances into a Kubernetes cluster on-premises or in the cloud. It provides the following features to keep your Percona Server for MongoDB deployment healthy: +- Automated workflows for simplified management +- High availability with no single point of failure +- Easy sharding and scaling +- Integrated backups and monitoring +- Automated updates and password rotation +- Support for private container registries -- Easy deployment with no single point of failure -- Sharding support -- Scheduled and manual backups -- Integrated monitoring with [Percona Monitoring and Management](https://www.percona.com/software/database-tools/percona-monitoring-and-management) -- Smart update to keep your database software up to date automatically -- Automated password rotation – use the standard Kubernetes API to enforce password rotation policies for system user -- Private container image registries - -You interact with Percona Operator mostly via the command line tool. If you feel more comfortable with operating the Operator and database clusters via the web interface, there is [Percona Everest](https://docs.percona.com/everest/index.html) - an open-source web-based database provisioning tool available for you. It automates day-to-day database management operations for you, reducing the overall administrative overhead. [Get started with Percona Everest](https://docs.percona.com/everest/quickstart-guide/quick-install.html). +While the Percona Operator is primarily managed through the command line, you can also use **[Percona Everest](https://docs.percona.com/everest/index.html)** for a web-based user interface. This open-source tool provides a streamlined experience for provisioning and managing your databases, simplifying day-to-day tasks and reducing administrative overhead. Learn more about Percona Everest in the [documentation](https://docs.percona.com/everest/index.html) or jump right in with the [quickstart guide](https://docs.percona.com/everest/quickstart-guide/quick-install.html). # Architecture Percona Operators are based on the [Operator SDK](https://github.com/operator-framework/operator-sdk) and leverage Kubernetes primitives to follow best [CNCF](https://www.cncf.io/) practices. - Learn more about [architecture and design decisions](https://www.percona.com/doc/kubernetes-operator-for-psmongodb/architecture.html). +Learn more about [architecture and design decisions](https://www.percona.com/doc/kubernetes-operator-for-psmongodb/architecture.html). ## Documentation @@ -53,41 +50,25 @@ kubectl apply --server-side -f https://raw.githubusercontent.com/percona/percona kubectl apply -f https://raw.githubusercontent.com/percona/percona-server-mongodb-operator/main/deploy/cr-minimal.yaml ``` +# Need help? + + +**Commercial Support** | **Community Support** | +:-: | :-: | +|
Enterprise-grade assistance for your mission-critical MongoDB deployments with the Percona Operator for MongoDB. Get expert guidance for complex tasks like multi-cloud replication, database migration and building platforms.

|
Connect with our engineers and fellow users for general questions, troubleshooting, and sharing feedback and ideas.

| +| **[Get Percona Support](https://hubs.ly/Q02ZTH830)** | **[Visit our Forum](https://forums.percona.com/c/mongodb/percona-kubernetes-operator-for-mongodb/29)** | + # Contributing Percona welcomes and encourages community contributions to help improve Percona Kubernetes Operator for Percona Server for MongoDB. See the [Contribution Guide](CONTRIBUTING.md) and [Building and Testing Guide](e2e-tests/README.md) for more information on how you can contribute. -## Communication - -We would love to hear from you! Reach out to us on [Forum](https://forums.percona.com/c/mongodb/percona-kubernetes-operator-for-mongodb/29) with your questions, feedback and ideas - -# Join Percona Kubernetes Squad! -``` - % _____ - %%% | __ \ - ###%%%%%%%%%%%%* | |__) |__ _ __ ___ ___ _ __ __ _ - ### ##%% %%%% | ___/ _ \ '__/ __/ _ \| '_ \ / _` | - #### ##% %%%% | | | __/ | | (_| (_) | | | | (_| | - ### #### %%% |_| \___|_| \___\___/|_| |_|\__,_| - ,((### ### %%% _ _ _____ _ - (((( (### #### %%%% | | / _ \ / ____| | | - ((( ((# ###### | | _| (_) |___ | (___ __ _ _ _ __ _ __| | - (((( (((# #### | |/ /> _ Date: Mon, 9 Dec 2024 18:59:19 +0300 Subject: [PATCH 12/13] K8SPSMDB-675: Fix constantly updated status conditions --- e2e-tests/run-pr.csv | 1 + e2e-tests/run-release.csv | 1 + .../conf/some-name.yml | 74 +++++++++++++++++++ e2e-tests/stable-resource-version/run | 39 ++++++++++ pkg/apis/psmdb/v1/psmdb_types.go | 28 +++++-- .../perconaservermongodb/psmdb_controller.go | 16 +++- .../perconaservermongodb/version.go | 2 +- 7 files changed, 154 insertions(+), 7 deletions(-) create mode 100644 e2e-tests/stable-resource-version/conf/some-name.yml create mode 100755 e2e-tests/stable-resource-version/run diff --git a/e2e-tests/run-pr.csv b/e2e-tests/run-pr.csv index 8b3b46e4e6..fe55ed9ff9 100644 --- a/e2e-tests/run-pr.csv +++ b/e2e-tests/run-pr.csv @@ -43,6 +43,7 @@ service-per-pod serviceless-external-nodes smart-update split-horizon +stable-resource-version storage tls-issue-cert-manager upgrade diff --git a/e2e-tests/run-release.csv b/e2e-tests/run-release.csv index dcf177adee..8165ad96b7 100644 --- a/e2e-tests/run-release.csv +++ b/e2e-tests/run-release.csv @@ -44,6 +44,7 @@ service-per-pod serviceless-external-nodes smart-update split-horizon +stable-resource-version storage tls-issue-cert-manager upgrade diff --git a/e2e-tests/stable-resource-version/conf/some-name.yml b/e2e-tests/stable-resource-version/conf/some-name.yml new file mode 100644 index 0000000000..3a8b5773d2 --- /dev/null +++ b/e2e-tests/stable-resource-version/conf/some-name.yml @@ -0,0 +1,74 @@ +apiVersion: psmdb.percona.com/v1 +kind: PerconaServerMongoDB +metadata: + name: some-name +spec: + #platform: openshift + image: + imagePullPolicy: Always + + tls: + mode: requireTLS + + sharding: + enabled: true + + configsvrReplSet: + size: 3 + affinity: + antiAffinityTopologyKey: none + volumeSpec: + persistentVolumeClaim: + resources: + requests: + storage: 3Gi + + mongos: + size: 3 + affinity: + antiAffinityTopologyKey: none + expose: + type: ClusterIP + + replsets: + + - name: rs0 + affinity: + antiAffinityTopologyKey: none + resources: + limits: + cpu: 500m + memory: 1G + requests: + cpu: 100m + memory: 0.1G + volumeSpec: + persistentVolumeClaim: + resources: + requests: + storage: 1Gi + size: 3 + configuration: | + operationProfiling: + mode: slowOp + slowOpThresholdMs: 100 + security: + enableEncryption: true + redactClientLogData: false + setParameter: + ttlMonitorSleepSecs: 60 + wiredTigerConcurrentReadTransactions: 128 + wiredTigerConcurrentWriteTransactions: 128 + storage: + engine: wiredTiger + wiredTiger: + collectionConfig: + blockCompressor: snappy + engineConfig: + directoryForIndexes: false + journalCompressor: snappy + indexConfig: + prefixCompression: true + + secrets: + users: some-users diff --git a/e2e-tests/stable-resource-version/run b/e2e-tests/stable-resource-version/run new file mode 100755 index 0000000000..76fdf412e9 --- /dev/null +++ b/e2e-tests/stable-resource-version/run @@ -0,0 +1,39 @@ +#!/bin/bash + +set -o errexit + +test_dir=$(realpath $(dirname $0)) +. ${test_dir}/../functions +set_debug + +cluster="some-name" + +create_infra ${namespace} + +desc "create PSMDB cluster ${cluster}" +apply_cluster ${test_dir}/conf/${cluster}.yml + +desc 'check if all pods started' +wait_for_running ${cluster}-rs0 3 "false" +wait_for_running ${cluster}-cfg 3 "false" +wait_for_running ${cluster}-mongos 3 "false" + +wait_cluster_consistency ${cluster} + +desc 'check if .metadata.resourceVersion is stable' + +initial_resource_version=$(kubectl_bin get psmdb ${cluster} -o jsonpath={.metadata.resourceVersion}) +for i in $(seq 1 5); do + sleep 7 # wait for a reconciliation loop + echo -n "check ${i}: expected resourceVersion is ${initial_resource_version}" + resource_version=$(kubectl_bin get psmdb ${cluster} -o jsonpath={.metadata.resourceVersion}) + if [[ ${initial_resource_version} != ${resource_version} ]]; then + echo "...FAIL! .metadata.resourceVersion is ${resource_version}" + exit 1 + fi + echo "...OK" +done + +desc 'test passed' + +exit 0 diff --git a/pkg/apis/psmdb/v1/psmdb_types.go b/pkg/apis/psmdb/v1/psmdb_types.go index af15a26d89..2011848b18 100644 --- a/pkg/apis/psmdb/v1/psmdb_types.go +++ b/pkg/apis/psmdb/v1/psmdb_types.go @@ -6,6 +6,7 @@ import ( "os" "strconv" "strings" + "time" cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" "github.com/go-logr/logr" @@ -1206,13 +1207,30 @@ func (cr *PerconaServerMongoDB) CanRestore(ctx context.Context) error { } func (s *PerconaServerMongoDBStatus) AddCondition(c ClusterCondition) { - for i, cond := range s.Conditions { - if cond.Type != c.Type { - continue + existingCondition := s.FindCondition(c.Type) + if existingCondition == nil { + if c.LastTransitionTime.IsZero() { + c.LastTransitionTime = metav1.NewTime(time.Now()) + } + s.Conditions = append(s.Conditions, c) + return + } + + if existingCondition.Status != c.Status { + existingCondition.Status = c.Status + if !c.LastTransitionTime.IsZero() { + existingCondition.LastTransitionTime = c.LastTransitionTime + } else { + existingCondition.LastTransitionTime = metav1.NewTime(time.Now()) } - s.Conditions[i] = c } - s.Conditions = append(s.Conditions, c) + + if existingCondition.Reason != c.Reason { + existingCondition.Reason = c.Reason + } + if existingCondition.Message != c.Message { + existingCondition.Message = c.Message + } } // GetExternalNodes returns all external nodes for all replsets diff --git a/pkg/controller/perconaservermongodb/psmdb_controller.go b/pkg/controller/perconaservermongodb/psmdb_controller.go index 8f2b3d649e..babe41a993 100644 --- a/pkg/controller/perconaservermongodb/psmdb_controller.go +++ b/pkg/controller/perconaservermongodb/psmdb_controller.go @@ -1473,7 +1473,21 @@ func (r *ReconcilePerconaServerMongoDB) reconcilePDB(ctx context.Context, cr *ap } func (r *ReconcilePerconaServerMongoDB) createOrUpdate(ctx context.Context, obj client.Object) error { - _, err := util.Apply(ctx, r.client, obj) + log := logf.FromContext(ctx).WithValues( + "name", obj.GetName(), + "kind", obj.GetObjectKind(), + "generation", obj.GetGeneration(), + "resourceVersion", obj.GetResourceVersion(), + ) + + status, err := util.Apply(ctx, r.client, obj) + + switch status { + case util.ApplyStatusCreated: + log.V(1).Info("Object created") + case util.ApplyStatusUpdated: + log.V(1).Info("Object updated") + } return err } diff --git a/pkg/controller/perconaservermongodb/version.go b/pkg/controller/perconaservermongodb/version.go index 35a511f273..70298ebcc8 100644 --- a/pkg/controller/perconaservermongodb/version.go +++ b/pkg/controller/perconaservermongodb/version.go @@ -440,7 +440,7 @@ func (r *ReconcilePerconaServerMongoDB) scheduleTelemetryRequests(ctx context.Co return } - err = localCr.CheckNSetDefaults(r.serverVersion.Platform, log) + err = localCr.CheckNSetDefaults(ctx, r.serverVersion.Platform) if err != nil { log.Error(err, "failed to set defaults for CR") return From 6f64e036affc7bda9e3ce01ea7b05df567f5b607 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ege=20G=C3=BCne=C5=9F?= Date: Tue, 10 Dec 2024 18:32:14 +0300 Subject: [PATCH 13/13] fix expose-sharded --- .../expose-sharded/compare/statefulset_some-name-cfg-4-oc.yml | 4 ++-- .../expose-sharded/compare/statefulset_some-name-cfg-oc.yml | 4 ++-- .../expose-sharded/compare/statefulset_some-name-cfg.yml | 4 ++-- .../expose-sharded/compare/statefulset_some-name-rs0-4-oc.yml | 4 ++-- .../expose-sharded/compare/statefulset_some-name-rs0-oc.yml | 4 ++-- .../statefulset_some-name-rs0-sharding-disabled-oc.yml | 4 ++-- .../compare/statefulset_some-name-rs0-sharding-disabled.yml | 4 ++-- .../compare/statefulset_some-name-rs0-sharding-enabled-oc.yml | 4 ++-- .../compare/statefulset_some-name-rs0-sharding-enabled.yml | 4 ++-- .../expose-sharded/compare/statefulset_some-name-rs0.yml | 4 ++-- 10 files changed, 20 insertions(+), 20 deletions(-) diff --git a/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg-4-oc.yml b/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg-4-oc.yml index 3af5d4247e..45b359662f 100644 --- a/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg-4-oc.yml +++ b/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg-4-oc.yml @@ -162,13 +162,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg-oc.yml b/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg-oc.yml index 8cdb41c8c2..c883f54598 100644 --- a/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg-oc.yml +++ b/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg-oc.yml @@ -162,13 +162,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg.yml b/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg.yml index 468ac78982..c461a21ab0 100644 --- a/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg.yml +++ b/e2e-tests/expose-sharded/compare/statefulset_some-name-cfg.yml @@ -163,13 +163,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-4-oc.yml b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-4-oc.yml index 80c6f3babc..23f09200f0 100644 --- a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-4-oc.yml +++ b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-4-oc.yml @@ -160,13 +160,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-oc.yml b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-oc.yml index f211760e87..e0c84917f7 100644 --- a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-oc.yml +++ b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-oc.yml @@ -160,13 +160,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-disabled-oc.yml b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-disabled-oc.yml index 074bc9bb8c..82bc8868c1 100644 --- a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-disabled-oc.yml +++ b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-disabled-oc.yml @@ -159,13 +159,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-disabled.yml b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-disabled.yml index 75cccf327a..599510d3e9 100644 --- a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-disabled.yml +++ b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-disabled.yml @@ -160,13 +160,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-enabled-oc.yml b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-enabled-oc.yml index 5db5fa04e9..f7267c6795 100644 --- a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-enabled-oc.yml +++ b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-enabled-oc.yml @@ -160,13 +160,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-enabled.yml b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-enabled.yml index 63ee9ef096..92721accb9 100644 --- a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-enabled.yml +++ b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0-sharding-enabled.yml @@ -161,13 +161,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET diff --git a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0.yml b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0.yml index ceb05fe744..b048e56140 100644 --- a/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0.yml +++ b/e2e-tests/expose-sharded/compare/statefulset_some-name-rs0.yml @@ -161,13 +161,13 @@ spec: - name: PBM_AGENT_MONGODB_USERNAME valueFrom: secretKeyRef: - key: MONGODB_BACKUP_USER + key: MONGODB_BACKUP_USER_ESCAPED name: internal-some-name-users optional: false - name: PBM_AGENT_MONGODB_PASSWORD valueFrom: secretKeyRef: - key: MONGODB_BACKUP_PASSWORD + key: MONGODB_BACKUP_PASSWORD_ESCAPED name: internal-some-name-users optional: false - name: PBM_MONGODB_REPLSET