Default URI Style for S3 Bootstrap

andrewlecuyer · cbandy · commit 639324a46e28 · 2020-08-12T16:10:01.000-05:00
The proper default S3 URI style is now set when generating the pgBackRest S3 environment variables for a bootstrap Job (i.e. a Job created to bootstrap a cluster from an existing backup, such as when using the '--restore-from' flag with the 'pgo' client). Specifically, if an empty string is detected in the 's3-uri-style' annotation for the pgBackRest repo secret for the cluster being bootstrapped/restored from, a proper default value of 'host' is now set. This ensures there is never an empty value for the PGBACKREST_REPO1_S3_URI_STYLE environment variable in a bootstrap Pod, which can lead to problems when running various pgBackRest commands. Additionally, tests have been created to verify the output of the GetPgbackrestBootstrapS3EnvVars function that is utilized to populate the proper S3 environment variables for a bootstrap Job (specifically using the pgBackRest repo secret from the cluster being bootstrapped from). This includes ensuring the proper default URI style is set when the 's3-uri-style' annotation is empty, as well as ensuring all annotation values are properly reflected in the final S3 environment variable output. In support of these tests, a NewFakePGOClient function has also been created in the 'fake' package (underneath 'kubeapi'). This is needed to create a fake client containing the proper resources (i.e. a mock 'pgo-config' ConfigMap) as need to initialize the Operator and therefore the various templates needed to properly call the GetPgbackrestBootstrapS3EnvVars function for these tests (PGOROOT must be properly set in the environment when running tests so that the proper default template files and pgo.yaml file can be found as needed to create the mock 'pgo-config' ConfigMap). Issue: [ch8915] See: c503b9d
diff --git a/internal/operator/backrest/repo.go b/internal/operator/backrest/repo.go
@@ -191,8 +191,8 @@ func setBootstrapRepoOverrides(clientset kubernetes.Interface, cluster *crv1.Pgc
 	s3Restore := S3RepoTypeCLIOptionExists(cluster.Spec.PGDataSource.RestoreOpts)
 	if s3Restore {
 		// Now override any backrest S3 env vars for the bootstrap job
-		repoFields.PgbackrestS3EnvVars = operator.GetPgbackrestBootstrapS3EnvVars(cluster,
-			restoreFromSecret)
+		repoFields.PgbackrestS3EnvVars = operator.GetPgbackrestBootstrapS3EnvVars(
+			cluster.Spec.PGDataSource.RestoreFrom, restoreFromSecret)
 	} else {
 		repoFields.PgbackrestS3EnvVars = ""
 	}
diff --git a/internal/operator/cluster/clusterlogic.go b/internal/operator/cluster/clusterlogic.go
@@ -246,8 +246,8 @@ func getBootstrapJobFields(clientset kubernetes.Interface, client *rest.RESTClie
 	s3Restore := backrest.S3RepoTypeCLIOptionExists(cluster.Spec.PGDataSource.RestoreOpts)
 	if s3Restore {
 		// Now override any backrest S3 env vars for the bootstrap job
-		bootstrapFields.PgbackrestS3EnvVars = operator.GetPgbackrestBootstrapS3EnvVars(cluster,
-			restoreFromSecret)
+		bootstrapFields.PgbackrestS3EnvVars = operator.GetPgbackrestBootstrapS3EnvVars(
+			cluster.Spec.PGDataSource.RestoreFrom, restoreFromSecret)
 	} else {
 		bootstrapFields.PgbackrestS3EnvVars = ""
 	}
diff --git a/internal/operator/clusterutilities.go b/internal/operator/clusterutilities.go
@@ -57,6 +57,10 @@ const (
 	PGHAConfigReplicaBootstrapRepoType = "replica-bootstrap-repo-type"
 )
 
+// defaultPGBackRestS3URIStyle is the default pgBackRest S3 URI style to use if a specific style is
+// not provided
+const defaultPGBackRestS3URIStyle = "host"
+
 // affinityType represents the two affinity types provided by Kubernetes, specifically
 // either preferredDuringSchedulingIgnoredDuringExecution or
 // requiredDuringSchedulingIgnoredDuringExecution
@@ -779,7 +783,7 @@ func GetPgbackrestS3EnvVars(cluster crv1.Pgcluster, clientset kubernetes.Interfa
 
 	// if the URI style is not configured, set to the default value
 	if s3EnvVars.PgbackrestS3URIStyle == "" {
-		s3EnvVars.PgbackrestS3URIStyle = "host"
+		s3EnvVars.PgbackrestS3URIStyle = defaultPGBackRestS3URIStyle
 	}
 	// if set, pgBackRest URI style must be set to either 'path' or 'host'. If it is neither,
 	// log an error and stop the cluster from being created.
@@ -828,18 +832,23 @@ func GetS3VerifyTLSSetting(cluster *crv1.Pgcluster) string {
 // pgBackRest environment variables required to enable S3 support for the boostrap job.  After
 // the template has been executed with the proper values, the result is then returned a string
 // for inclusion in the PG and pgBackRest deployments.
-func GetPgbackrestBootstrapS3EnvVars(cluster *crv1.Pgcluster, restoreFromSecret *v1.Secret) string {
+func GetPgbackrestBootstrapS3EnvVars(pgDataSourceRestoreFrom string,
+	restoreFromSecret *v1.Secret) string {
 
 	s3EnvVars := PgbackrestS3EnvVarsTemplateFields{
-		PgbackrestS3Key:       util.BackRestRepoSecretKeyAWSS3KeyAWSS3Key,
-		PgbackrestS3KeySecret: util.BackRestRepoSecretKeyAWSS3KeyAWSS3KeySecret,
-		PgbackrestS3Bucket:    restoreFromSecret.Annotations[config.ANNOTATION_S3_BUCKET],
-		PgbackrestS3Endpoint:  restoreFromSecret.Annotations[config.ANNOTATION_S3_ENDPOINT],
-		PgbackrestS3Region:    restoreFromSecret.Annotations[config.ANNOTATION_S3_REGION],
-		PgbackrestS3URIStyle:  restoreFromSecret.Annotations[config.ANNOTATION_S3_URI_STYLE],
-		PgbackrestS3VerifyTLS: restoreFromSecret.Annotations[config.ANNOTATION_S3_VERIFY_TLS],
-		PgbackrestS3SecretName: fmt.Sprintf(util.BackrestRepoSecretName,
-			cluster.Spec.PGDataSource.RestoreFrom),
+		PgbackrestS3Key:        util.BackRestRepoSecretKeyAWSS3KeyAWSS3Key,
+		PgbackrestS3KeySecret:  util.BackRestRepoSecretKeyAWSS3KeyAWSS3KeySecret,
+		PgbackrestS3Bucket:     restoreFromSecret.Annotations[config.ANNOTATION_S3_BUCKET],
+		PgbackrestS3Endpoint:   restoreFromSecret.Annotations[config.ANNOTATION_S3_ENDPOINT],
+		PgbackrestS3Region:     restoreFromSecret.Annotations[config.ANNOTATION_S3_REGION],
+		PgbackrestS3SecretName: fmt.Sprintf(util.BackrestRepoSecretName, pgDataSourceRestoreFrom),
+	}
+
+	// if the URI style annotation is empty then set the proper default
+	if restoreFromSecret.Annotations[config.ANNOTATION_S3_URI_STYLE] != "" {
+		s3EnvVars.PgbackrestS3URIStyle = restoreFromSecret.Annotations[config.ANNOTATION_S3_URI_STYLE]
+	} else {
+		s3EnvVars.PgbackrestS3URIStyle = defaultPGBackRestS3URIStyle
 	}
 
 	verifyTLS := restoreFromSecret.Annotations[config.ANNOTATION_S3_VERIFY_TLS]
