Skip to content

Commit

Permalink
add insecure flag in the backend CDR
Browse files Browse the repository at this point in the history
  • Loading branch information
eunames committed Apr 1, 2024
1 parent 970e98b commit 46edd86
Show file tree
Hide file tree
Showing 12 changed files with 68 additions and 8 deletions.
17 changes: 9 additions & 8 deletions api/v1/backend.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,15 @@ type (
// RepoPasswordSecretRef references a secret key to look up the restic repository password
RepoPasswordSecretRef *corev1.SecretKeySelector `json:"repoPasswordSecretRef,omitempty"`
// EnvFrom adds all environment variables from a an external source to the Restic job.
EnvFrom []corev1.EnvFromSource `json:"envFrom,omitempty"`
Local *LocalSpec `json:"local,omitempty"`
S3 *S3Spec `json:"s3,omitempty"`
GCS *GCSSpec `json:"gcs,omitempty"`
Azure *AzureSpec `json:"azure,omitempty"`
Swift *SwiftSpec `json:"swift,omitempty"`
B2 *B2Spec `json:"b2,omitempty"`
Rest *RestServerSpec `json:"rest,omitempty"`
EnvFrom []corev1.EnvFromSource `json:"envFrom,omitempty"`
Local *LocalSpec `json:"local,omitempty"`
S3 *S3Spec `json:"s3,omitempty"`
GCS *GCSSpec `json:"gcs,omitempty"`
Azure *AzureSpec `json:"azure,omitempty"`
Swift *SwiftSpec `json:"swift,omitempty"`
B2 *B2Spec `json:"b2,omitempty"`
Rest *RestServerSpec `json:"rest,omitempty"`
InsecureTLS bool `json:"insecureTLS,omitempty"`
}

// +k8s:deepcopy-gen=false
Expand Down
2 changes: 2 additions & 0 deletions config/crd/apiextensions.k8s.io/v1/k8up.io_archives.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -247,6 +247,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down
2 changes: 2 additions & 0 deletions config/crd/apiextensions.k8s.io/v1/k8up.io_backups.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -254,6 +254,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down
2 changes: 2 additions & 0 deletions config/crd/apiextensions.k8s.io/v1/k8up.io_checks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down
2 changes: 2 additions & 0 deletions config/crd/apiextensions.k8s.io/v1/k8up.io_prunes.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down
2 changes: 2 additions & 0 deletions config/crd/apiextensions.k8s.io/v1/k8up.io_restores.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down
12 changes: 12 additions & 0 deletions config/crd/apiextensions.k8s.io/v1/k8up.io_schedules.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -240,6 +240,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down Expand Up @@ -897,6 +899,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down Expand Up @@ -1229,6 +1233,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down Expand Up @@ -1832,6 +1838,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down Expand Up @@ -2610,6 +2618,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down Expand Up @@ -3287,6 +3297,8 @@ spec:
type: object
x-kubernetes-map-type: atomic
type: object
insecureTLS:
type: boolean
local:
properties:
mountPath:
Expand Down
7 changes: 7 additions & 0 deletions operator/archivecontroller/executor.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,13 @@ func (a *ArchiveExecutor) Execute(ctx context.Context) error {
return mutateErr
}

if archive.Spec.Backend.InsecureTLS {
batchJob.Spec.Template.Spec.Containers[0].Env = append(batchJob.Spec.Template.Spec.Containers[0].Env, corev1.EnvVar{
Name: "SET_INSECURE_TLS_FLAG",
Value: "true",
})
}

batchJob.Spec.Template.Spec.Containers[0].Env = a.setupEnvVars(ctx, archive)
archive.Spec.AppendEnvFromToContainer(&batchJob.Spec.Template.Spec.Containers[0])
batchJob.Spec.Template.Spec.Containers[0].Args = a.setupArgs(archive)
Expand Down
7 changes: 7 additions & 0 deletions operator/backupcontroller/executor.go
Original file line number Diff line number Diff line change
Expand Up @@ -269,6 +269,13 @@ func (b *BackupExecutor) startBackup(ctx context.Context) error {
batchJob.job.Spec.Template.Spec.Volumes = batchJob.volumes
batchJob.job.Spec.Template.Spec.Containers[0].VolumeMounts = b.newVolumeMounts(batchJob.job.Spec.Template.Spec.Volumes)

if b.backup.Spec.Backend.InsecureTLS {
batchJob.job.Spec.Template.Spec.Containers[0].Env = append(batchJob.job.Spec.Template.Spec.Containers[0].Env, corev1.EnvVar{
Name: "SET_INSECURE_TLS_FLAG",
Value: "true",
})
}

index++
return nil
})
Expand Down
7 changes: 7 additions & 0 deletions operator/checkcontroller/executor.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,13 @@ func (c *CheckExecutor) Execute(ctx context.Context) error {
return mutateErr
}

if c.check.Spec.Backend.InsecureTLS {
batchJob.Spec.Template.Spec.Containers[0].Env = append(batchJob.Spec.Template.Spec.Containers[0].Env, corev1.EnvVar{
Name: "SET_INSECURE_TLS_FLAG",
Value: "true",
})
}

batchJob.Spec.Template.Spec.Containers[0].Env = c.setupEnvVars(ctx)
c.check.Spec.AppendEnvFromToContainer(&batchJob.Spec.Template.Spec.Containers[0])
batchJob.Spec.Template.Spec.Containers[0].Args = []string{"-check"}
Expand Down
7 changes: 7 additions & 0 deletions operator/prunecontroller/executor.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,13 @@ func (p *PruneExecutor) Execute(ctx context.Context) error {
return mutateErr
}

if p.prune.Spec.Backend.InsecureTLS {
batchJob.Spec.Template.Spec.Containers[0].Env = append(batchJob.Spec.Template.Spec.Containers[0].Env, corev1.EnvVar{
Name: "SET_INSECURE_TLS_FLAG",
Value: "true",
})
}

batchJob.Spec.Template.Spec.Containers[0].Env = p.setupEnvVars(ctx, p.prune)
batchJob.Spec.Template.Spec.ServiceAccountName = cfg.Config.ServiceAccount
p.prune.Spec.AppendEnvFromToContainer(&batchJob.Spec.Template.Spec.Containers[0])
Expand Down
9 changes: 9 additions & 0 deletions operator/restorecontroller/executor.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ const restorePath = "/restore"

type RestoreExecutor struct {
executor.Generic
restore *k8upv1.Restore
}

// NewRestoreExecutor will return a new executor for Restore jobs.
Expand Down Expand Up @@ -67,6 +68,14 @@ func (r *RestoreExecutor) createRestoreObject(ctx context.Context, restore *k8up
if mutateErr != nil {
return mutateErr
}

if r.restore.Spec.Backend.InsecureTLS {
batchJob.Spec.Template.Spec.Containers[0].Env = append(batchJob.Spec.Template.Spec.Containers[0].Env, corev1.EnvVar{
Name: "SET_INSECURE_TLS_FLAG",
Value: "true",
})
}

batchJob.Labels[job.K8upExclusive] = "true"
batchJob.Spec.Template.Spec.Containers[0].Env = r.setupEnvVars(ctx, restore)
restore.Spec.AppendEnvFromToContainer(&batchJob.Spec.Template.Spec.Containers[0])
Expand Down

0 comments on commit 46edd86

Please sign in to comment.