Оновлення Платформи та реєстрів до версії 1.9.5: спеціальні кроки

apiVersion: v1
kind: ConfigMap
metadata:
  name: {{ include "bucket-replication.fullname" . }}
  namespace: {{ .Release.Namespace }}
  labels:
    {{- include "bucket-replication.labels" . | nindent 4 }}
data:
  bucket-replication.sh: |
    #!/usr/bin/env bash

    rook_s3_endpoint=$(oc get cephobjectstore/mdtuddm -n openshift-storage -o=jsonpath='{.status.info.endpoint}')
    bucket=$(oc get objectbucketclaim/"${OBJECT_BUCKET_CLAIM}" -n ${REGISTRY_NAMESPACE} -o=jsonpath="{.spec.bucketName}")
    access_key_rook=$(oc get secret/"${OBJECT_BUCKET_CLAIM}" -n "${REGISTRY_NAMESPACE}" -o jsonpath='{.data.AWS_ACCESS_KEY_ID}' | base64 -d)
    access_secret_key_rook=$(oc get secret/"${OBJECT_BUCKET_CLAIM}" -n "${REGISTRY_NAMESPACE}" -o jsonpath='{.data.AWS_SECRET_ACCESS_KEY}' | base64 -d)

    mkdir -p ~/.config/rclone
    echo "
    ["${BACKUP_BUCKET}"]
    type = s3
    provider = Other
    endpoint = ${S3_ENDPOINT}
    env_auth = true
    region = eu-central-1
    acl = private
    bucket_acl = private

    [rook]
    type = s3
    provider = Ceph
    env_auth = false
    access_key_id = ${access_key_rook}
    secret_access_key = ${access_secret_key_rook}
    endpoint = ${rook_s3_endpoint}
    acl = bucket-owner-full-control
    bucket_acl = authenticated-read" > ~/.config/rclone/rclone.conf
    # append only bucket - data bucket strategy (by label) - copy / other sync

{{- if eq .Values.registryBackup.obc.action "replication" }}
    rclone_command="rclone copy -P --no-traverse --metadata"

    if [[ -z $(rclone lsd ${BACKUP_BUCKET}:${BACKUP_BUCKET}/obc-backups/${REGISTRY_NAMESPACE} | grep ${OBJECT_BUCKET_CLAIM}) ]]; then
       echo "[INFO] Destination folder empty, copy full bucket to destination"
    else
       echo "[INFO] Destination folder exists, copy bucket data for ${MAX_AGE}"
       rclone_command="${rclone_command} --max-age ${MAX_AGE}"
    fi

    function replication() {
      set +o pipefail
      $rclone_command rook:${bucket} ${BACKUP_BUCKET}:/${BACKUP_BUCKET}/obc-backups/${REGISTRY_NAMESPACE}/${OBJECT_BUCKET_CLAIM}/ -v  > /tmp/rcloneout 2> /tmp/rcloneerror
      return 0
    }

    function error_response(){
        return 1
    }

    replication

    if grep -q 'failed to open source object: NoSuchKey' /tmp/rcloneerror;then
      echo "[WARN] False positive error with NoSuchKey. Ignore"
    elif  [ -s /tmp/rcloneout ];then
      echo "[INFO] Replication completed with no errors."
    else
      if [ ! -z ${DEBUG} ]; then
        echo "[ERROR][DEBUG]Debug flag set to true"
        cat /tmp/rcloneerror
      else
        echo "[ERROR]Please run job in debug mode. Add to enviromnet variable DEBUG with value "true" to return logs to stout"
      fi
      error_response
    fi
{{- else }}
    rclone -M -v sync ${BACKUP_BUCKET}:/${BACKUP_BUCKET}/obc-backups/${REGISTRY_NAMESPACE}/${OBJECT_BUCKET_CLAIM} rook:${bucket}
{{- end }}