Merge pull request #235 from vshn/fix_broken_buckets

Improve PostgreSQL ordering, reduce issues

apis/v1/objectstorage_types.go

@@ -18,7 +18,6 @@ const (
 type BucketDeletionPolicy string
 
 //go:generate yq -i e ../generated/appcat.vshn.io_objectbuckets.yaml --expression "with(.spec.versions[]; .schema.openAPIV3Schema.properties.spec.properties.parameters.properties.security.default={})"
-
 // +kubebuilder:object:root=true
 // +kubebuilder:printcolumn:name="Bucket Name",type="string",JSONPath=".spec.parameters.bucketName"
 // +kubebuilder:printcolumn:name="Region",type="string",JSONPath=".spec.parameters.region"

pkg/comp-functions/functions/vshnpostgres/postgresql_deploy.go

@@ -480,6 +480,16 @@ func createObjectBucket(comp *vshnv1.VSHNPostgreSQL, svc *runtime.ServiceRuntime
 
 func createSgObjectStorage(comp *vshnv1.VSHNPostgreSQL, svc *runtime.ServiceRuntime) error {
 
+	sgBackupExists, err := svc.WaitForObservedDependenciesWithConnectionDetails("sgbackup-"+comp.GetName(), map[string][]string{
+		"pg-bucket": {"AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY"},
+	})
+
+	certificateExists := svc.WaitForObservedDependencies("sgbackup-"+comp.GetName(), "certificate")
+
+	if err != nil || !sgBackupExists || !certificateExists {
+		return fmt.Errorf("waiting for dependencies: %w", err)
+	}
+
 	sgObjectStorage := &sgv1beta1.SGObjectStorage{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      "sgbackup-" + comp.GetName(),
@@ -507,9 +517,9 @@ func createSgObjectStorage(comp *vshnv1.VSHNPostgreSQL, svc *runtime.ServiceRunt
 			},
 		},
 	}
-	err := svc.SetDesiredKubeObjectWithName(sgObjectStorage, comp.GetName()+"-object-storage", "sg-backup")
+	err = svc.SetDesiredKubeObjectWithName(sgObjectStorage, comp.GetName()+"-object-storage", "sg-backup")
 	if err != nil {
-		err = fmt.Errorf("cannot create xObjectBucket: %w", err)
+		err = fmt.Errorf("cannot create sgBackup: %w", err)
 		return err
 	}
 
@@ -559,7 +569,7 @@ func createPodMonitor(comp *vshnv1.VSHNPostgreSQL, svc *runtime.ServiceRuntime)
 
 	err = svc.SetDesiredKubeObjectWithName(podMonitor, comp.GetName()+"-podmonitor", "podmonitor")
 	if err != nil {
-		err = fmt.Errorf("cannot create xObjectBucket: %w", err)
+		err = fmt.Errorf("cannot create podMonitor: %w", err)
 		return err
 	}
 	return nil
@@ -610,7 +620,7 @@ func createCopyJob(comp *vshnv1.VSHNPostgreSQL, svc *runtime.ServiceRuntime) err
 
 	err := svc.SetDesiredKubeObjectWithName(copyJob, comp.GetName()+"-copyjob", "copy-job")
 	if err != nil {
-		err = fmt.Errorf("cannot create xObjectBucket: %w", err)
+		err = fmt.Errorf("cannot create copyJob: %w", err)
 		return err
 	}
 

pkg/comp-functions/functions/vshnpostgres/postgresql_deploy_test.go

@@ -27,11 +27,9 @@ func TestPostgreSqlDeploy(t *testing.T) {
 
 	assert.Nil(t, DeployPostgreSQL(ctx, &vshnv1.VSHNPostgreSQL{}, svc))
 	assert.Nil(t, addSchedules(ctx, &vshnv1.VSHNPostgreSQL{}, svc))
-
 	ns := &corev1.Namespace{}
 	assert.NoError(t, svc.GetDesiredKubeObject(ns, "namespace-conditions"))
 	assert.Equal(t, string("vshn"), ns.GetLabels()[utils.OrgLabelName])
-
 	roleBinding := &rbacv1.RoleBinding{}
 	assert.NoError(t, svc.GetDesiredKubeObject(roleBinding, "namespace-permissions"))
 

test/functions/vshn-postgres/deploy/01_default.yaml

@@ -27,7 +27,41 @@ desired:
         writeConnectionSecretToRef: {}
       status:
         instanceNamespace: vshn-postgresql-pgsql-gc9x4
-
+  "pg-bucket":   
+    resource:
+      apiVersion: appcat.vshn.io/v1
+      kind: XObjectBucket
+      metadata:
+        name: pgsql-gc9x4
+        labels:
+          appuio.io/organization: vshn
+          crossplane.io/claim-name: pgsql
+          crossplane.io/claim-namespace: unit-test
+          crossplane.io/composite: pgsql-gc9x4
+      spec:
+        parameters:
+          bucketName: pgsql-gc9x4
+          providerRef:
+            name: s3
+          region: ch-gva-2
+          security:
+            deletionProtection: false
+            allowAllNamespaces: false
+        writeConnectionSecretToRef:
+          name: pgsql-gc9x4
+          namespace: vshn-postgresql-pgsql-gc9x4
+      status:
+        conditions:
+        - lastTransitionTime: "2024-09-27T08:06:34Z"
+          reason: ReconcileSuccess
+          status: "True"
+          type: Synced
+        - lastTransitionTime: "2024-09-26T14:37:37Z"
+          reason: Available
+          status: "True"
+          type: Ready
+        connectionDetails:
+          lastPublishedTime: "2024-09-26T14:37:37Z"
 input:
   apiVersion: v1
   data:
@@ -120,7 +154,51 @@ observed:
             timeOfDay: '12:34:56'
       status:
         instanceNamespace: vshn-postgresql-pgsql-gc9x4
+        #here
   resources:
+    "pg-bucket":
+      connection_details:
+        AWS_ACCESS_KEY_ID: whatever
+        AWS_REGION: whatever
+        AWS_SECRET_ACCESS_KEY: whatever
+        BUCKET_NAME: whatever
+        ENDPOINT: whatever
+        ENDPOINT_URL: whatever    
+      resource:
+        apiVersion: appcat.vshn.io/v1
+        kind: XObjectBucket
+        metadata:
+          name: pgsql-gc9x4
+          labels:
+            appuio.io/organization: vshn
+            crossplane.io/claim-name: pgsql
+            crossplane.io/claim-namespace: unit-test
+            crossplane.io/composite: pgsql-gc9x4
+        spec:
+          parameters:
+            bucketName: pgsql-gc9x4
+            providerRef:
+              name: s3
+            region: ch-gva-2
+            security:
+              deletionProtection: false
+              allowAllNamespaces: false
+          writeConnectionSecretToRef:
+            name: pgsql-gc9x4
+            namespace: vshn-postgresql-pgsql-gc9x4
+        status:
+          conditions:
+          - lastTransitionTime: "2024-09-27T08:06:34Z"
+            reason: ReconcileSuccess
+            status: "True"
+            type: Synced
+          - lastTransitionTime: "2024-09-26T14:37:37Z"
+            reason: Available
+            status: "True"
+            type: Ready
+          connectionDetails:
+            lastPublishedTime: "2024-09-26T14:37:37Z"
+
     namespace-conditions:
       resource:
         apiVersion: kubernetes.crossplane.io/v1alpha2
@@ -298,4 +376,94 @@ observed:
                   pendingRestart: false
                   primary: true
                   replicationGroup: 0
-
+    certificate:
+      resource:
+        apiVersion: kubernetes.crossplane.io/v1alpha2
+        kind: Object
+        metadata:
+          annotations:
+            crossplane.io/composition-resource-name: certificate
+            crossplane.io/external-create-pending: "2024-09-26T14:37:32Z"
+            crossplane.io/external-create-succeeded: "2024-09-26T14:37:32Z"
+            crossplane.io/external-name: pgsql-gc9x4-certificate
+          creationTimestamp: "2024-09-26T14:37:32Z"
+          finalizers:
+          - finalizer.managedresource.crossplane.io
+          generateName: pgsql-gc9x4-
+          generation: 38
+          labels:
+            appcat.vshn.io/ownerapiversion: v1
+            appcat.vshn.io/ownergroup: vshn.appcat.vshn.io
+            appcat.vshn.io/ownerkind: XVSHNPostgreSQL
+            crossplane.io/claim-name: postgresql-widera-test3
+            crossplane.io/claim-namespace: widera-testing
+            crossplane.io/composite: pgsql-gc9x4
+            manager: crossplane-kubernetes-provider
+            operation: Update
+            subresource: status
+            time: "2024-09-26T14:37:34Z"
+          name: pgsql-gc9x4-certificate
+          ownerReferences:
+          - apiVersion: vshn.appcat.vshn.io/v1
+            blockOwnerDeletion: true
+            controller: true
+            kind: XVSHNPostgreSQL
+            name: pgsql-gc9x4
+            uid: 4d072f13-029d-4d9d-bc24-0e4f622a9d3a
+          resourceVersion: "531293"
+          uid: 1ffeef69-4add-4d17-98ae-5c210cdd0503
+        spec:
+          deletionPolicy: Delete
+          forProvider:
+            manifest:
+              apiVersion: cert-manager.io/v1
+              kind: Certificate
+              metadata:
+                annotations:
+                  appcat.vshn.io/forward-events-to: vshn.appcat.vshn.io/v1/VSHNPostgreSQL/widera-testing/postgresql-widera-test3
+                labels:
+                  appcat.vshn.io/ownerapiversion: v1
+                  appcat.vshn.io/ownergroup: vshn.appcat.vshn.io
+                  appcat.vshn.io/ownerkind: XVSHNPostgreSQL
+                  crossplane.io/composite: pgsql-gc9x4
+                name: pgsql-gc9x4
+                namespace: vshn-postgresql-pgsql-gc9x4
+              spec:
+                dnsNames:
+                - pgsql-gc9x4.vshn-postgresql-pgsql-gc9x4.svc.cluster.local
+                - pgsql-gc9x4.vshn-postgresql-pgsql-gc9x4.svc
+                duration: 87600h0m0s
+                issuerRef:
+                  group: cert-manager.io
+                  kind: Issuer
+                  name: pgsql-gc9x4
+                privateKey:
+                  algorithm: RSA
+                  encoding: PKCS1
+                  size: 4096
+                renewBefore: 2400h0m0s
+                secretName: tls-certificate
+                subject:
+                  organizations:
+                  - vshn-appcat
+                usages:
+                - server auth
+                - client auth
+              status: {}
+          managementPolicies:
+          - '*'
+          providerConfigRef:
+            name: kubernetes
+          readiness:
+            policy: SuccessfulCreate
+          watch: false
+        status:
+          conditions:
+          - lastTransitionTime: "2024-09-26T14:37:33Z"
+            reason: Available
+            status: "True"
+            type: Ready
+          - lastTransitionTime: "2024-09-26T14:37:32Z"
+            reason: ReconcileSuccess
+            status: "True"
+            type: Synced

test/functions/vshn-postgres/deploy/02_with_pg_config.yaml

@@ -125,6 +125,140 @@ observed:
       status:
         instanceNamespace: vshn-postgresql-pgsql-gc9x4
   resources:
+    certificate:
+      resource:
+        apiVersion: kubernetes.crossplane.io/v1alpha2
+        kind: Object
+        metadata:
+          annotations:
+            crossplane.io/composition-resource-name: certificate
+            crossplane.io/external-create-pending: "2024-09-26T14:37:32Z"
+            crossplane.io/external-create-succeeded: "2024-09-26T14:37:32Z"
+            crossplane.io/external-name: pgsql-gc9x4-certificate
+          creationTimestamp: "2024-09-26T14:37:32Z"
+          finalizers:
+          - finalizer.managedresource.crossplane.io
+          generateName: pgsql-gc9x4-
+          generation: 38
+          labels:
+            appcat.vshn.io/ownerapiversion: v1
+            appcat.vshn.io/ownergroup: vshn.appcat.vshn.io
+            appcat.vshn.io/ownerkind: XVSHNPostgreSQL
+            crossplane.io/claim-name: postgresql-widera-test3
+            crossplane.io/claim-namespace: widera-testing
+            crossplane.io/composite: pgsql-gc9x4
+            manager: crossplane-kubernetes-provider
+            operation: Update
+            subresource: status
+            time: "2024-09-26T14:37:34Z"
+          name: pgsql-gc9x4-certificate
+          ownerReferences:
+          - apiVersion: vshn.appcat.vshn.io/v1
+            blockOwnerDeletion: true
+            controller: true
+            kind: XVSHNPostgreSQL
+            name: pgsql-gc9x4
+            uid: 4d072f13-029d-4d9d-bc24-0e4f622a9d3a
+          resourceVersion: "531293"
+          uid: 1ffeef69-4add-4d17-98ae-5c210cdd0503
+        spec:
+          deletionPolicy: Delete
+          forProvider:
+            manifest:
+              apiVersion: cert-manager.io/v1
+              kind: Certificate
+              metadata:
+                annotations:
+                  appcat.vshn.io/forward-events-to: vshn.appcat.vshn.io/v1/VSHNPostgreSQL/widera-testing/postgresql-widera-test3
+                labels:
+                  appcat.vshn.io/ownerapiversion: v1
+                  appcat.vshn.io/ownergroup: vshn.appcat.vshn.io
+                  appcat.vshn.io/ownerkind: XVSHNPostgreSQL
+                  crossplane.io/composite: pgsql-gc9x4
+                name: pgsql-gc9x4
+                namespace: vshn-postgresql-pgsql-gc9x4
+              spec:
+                dnsNames:
+                - pgsql-gc9x4.vshn-postgresql-pgsql-gc9x4.svc.cluster.local
+                - pgsql-gc9x4.vshn-postgresql-pgsql-gc9x4.svc
+                duration: 87600h0m0s
+                issuerRef:
+                  group: cert-manager.io
+                  kind: Issuer
+                  name: pgsql-gc9x4
+                privateKey:
+                  algorithm: RSA
+                  encoding: PKCS1
+                  size: 4096
+                renewBefore: 2400h0m0s
+                secretName: tls-certificate
+                subject:
+                  organizations:
+                  - vshn-appcat
+                usages:
+                - server auth
+                - client auth
+              status: {}
+          managementPolicies:
+          - '*'
+          providerConfigRef:
+            name: kubernetes
+          readiness:
+            policy: SuccessfulCreate
+          watch: false
+        status:
+          conditions:
+          - lastTransitionTime: "2024-09-26T14:37:33Z"
+            reason: Available
+            status: "True"
+            type: Ready
+          - lastTransitionTime: "2024-09-26T14:37:32Z"
+            reason: ReconcileSuccess
+            status: "True"
+            type: Synced
+
+    "pg-bucket":
+      connection_details:
+        AWS_ACCESS_KEY_ID: whatever
+        AWS_REGION: whatever
+        AWS_SECRET_ACCESS_KEY: whatever
+        BUCKET_NAME: whatever
+        ENDPOINT: whatever
+        ENDPOINT_URL: whatever    
+      resource:
+        apiVersion: appcat.vshn.io/v1
+        kind: XObjectBucket
+        metadata:
+          name: pgsql-gc9x4
+          labels:
+            appuio.io/organization: vshn
+            crossplane.io/claim-name: pgsql
+            crossplane.io/claim-namespace: unit-test
+            crossplane.io/composite: pgsql-gc9x4
+        spec:
+          parameters:
+            bucketName: pgsql-gc9x4
+            providerRef:
+              name: s3
+            region: ch-gva-2
+            security:
+              deletionProtection: false
+              allowAllNamespaces: false
+          writeConnectionSecretToRef:
+            name: pgsql-gc9x4
+            namespace: vshn-postgresql-pgsql-gc9x4
+        status:
+          conditions:
+          - lastTransitionTime: "2024-09-27T08:06:34Z"
+            reason: ReconcileSuccess
+            status: "True"
+            type: Synced
+          - lastTransitionTime: "2024-09-26T14:37:37Z"
+            reason: Available
+            status: "True"
+            type: Ready
+          connectionDetails:
+            lastPublishedTime: "2024-09-26T14:37:37Z"
     namespace-conditions:
       resource:
         apiVersion: kubernetes.crossplane.io/v1alpha2