cronjob.yaml 4.97 KB

Raw Blame History Permalink

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: {{ include "postgresql-backup-s3.fullname" . }}
spec:
  storageClassName: {{ .Values.backup.pvc.storageClassName }}
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: {{ .Values.backup.pvc.size }}
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ include "postgresql-backup-s3.fullname" . }}-local
data:
  POSTGRES_DB: |-
  {{- range $database := .Values.postgresql.databases }}
    {{ $database }}
  {{- end }}{{ .Values.local.postgresDb | quote }}
  BACKUP_KEEP_DAYS: {{ .Values.local.backupKeepDays | quote }}
---
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "postgresql-backup-s3.fullname" . }}-auth
stringData:
  POSTGRES_USER: {{ .Values.postgresql.auth.postgresqlUser }}
  POSTGRES_PASSWORD: {{ .Values.postgresql.auth.postgresqlPassword }}
---
{{- if .Values.rclone.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ include "postgresql-backup-s3.fullname" . }}-rclone
data:
  {{ .Values.rclone.config | toYaml | nindent 2 }}
{{- end }}
---
{{- if .Values.rclone.enabled }}
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "postgresql-backup-s3.fullname" . }}-rclone
stringData:
  {{ .Values.rclone.secret | toYaml | nindent 2 }}
{{- end }}
---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: {{ include "postgresql-backup-s3.fullname" . }}
  labels:
    {{- include "postgresql-backup-s3.labels" . | nindent 4 }}
spec:
  schedule: {{ .Values.backup.schedule }}
  startingDeadlineSeconds: 3600
  concurrencyPolicy: Forbid
  successfulJobsHistoryLimit: 10
  failedJobsHistoryLimit: 10
  jobTemplate:
    spec:
      template:
        spec:
          restartPolicy: OnFailure
          imagePullSecrets:
            {{- toYaml .Values.imagePullSecrets | nindent 12 }}
          volumes:
            - name: dbdumps
              persistentVolumeClaim:
                claimName: {{ include "postgresql-backup-s3.fullname" . }}
            - name: postgresql-auth
              secret:
                secretName: {{ include "postgresql-backup-s3.fullname" . }}-auth
            - name: local-config
              configMap:
                name: {{ include "postgresql-backup-s3.fullname" . }}-local
            {{- if .Values.rclone.enabled }}
            - name: rclone-auth
              secret:
                secretName: {{ include "postgresql-backup-s3.fullname" . }}-rclone
            - name: rclone-config
              configMap:
                name: {{ include "postgresql-backup-s3.fullname" . }}-rclone
            {{- end }}
          initContainers:
          - name: dump-databases
            image: "{{ .Values.local.image.repository }}:{{ .Values.local.image.tag }}"
            imagePullPolicy: {{ .Values.local.image.pullPolicy }}
            volumeMounts:
              - name: dbdumps
                mountPath: /backups
              - name: local-config
                mountPath: /config
              - name: postgresql-auth
                mountPath: /secret
            env:
              - name: BACKUP_KEEP_DAYS
                valueFrom:
                  configMapKeyRef:
                    name: {{ include "postgresql-backup-s3.fullname" . }}-local
                    key: BACKUP_KEEP_DAYS
              - name: BACKUP_DIR
                value: /backups
              - name: POSTGRES_HOST
                value: {{ .Values.postgresql.host }}
              - name: POSTGRES_DB_FILE
                value: /config/POSTGRES_DB
              - name: POSTGRES_USER_FILE
                value: /secret/POSTGRES_USER
              - name: POSTGRES_PASSWORD_FILE
                value: /secret/POSTGRES_PASSWORD
            command: ["/backup.sh"]
          {{- if .Values.rclone.enabled }}
          - name: rclone
            image: "{{ .Values.rclone.image.repository }}:{{ .Values.rclone.image.tag }}"
            imagePullPolicy: {{ .Values.rclone.image.pullPolicy }}
            volumeMounts:
              - name: dbdumps
                mountPath: /backups
              - name: rclone-config
                mountPath: /config
              - name: rclone-auth
                mountPath: /secret
            envFrom:
              - configMapRef:
                  name: {{ include "postgresql-backup-s3.fullname" . }}-rclone
              - secretRef:
                  name: {{ include "postgresql-backup-s3.fullname" . }}-rclone
            {{- if .Values.rclone.crypt.enabled }}
            env:
              - name: RCLONE_CRYPT_REMOTE
                value: ":s3:$(S3_BUCKET)/$(S3_PREFIX)/"
            {{- end }}
            {{- if .Values.rclone.crypt.enabled }}
            args: ["copy", "/backups/", ":crypt:"]
            {{- else }}
            args: ["copy", "/backups/", ":s3:$(S3_BUCKET)/$(S3_PREFIX)/"]
            {{- end }}
          {{- end }}
          containers:
          - name: show-dumps
            image: bash
            volumeMounts:
              - name: dbdumps
                mountPath: /backups
            command: ["ls"]
            args: ["-alR", "/backups"]