Skip to content

Commit

Permalink
Create a new postgres configuration secret when restoring a new insta…
Browse files Browse the repository at this point in the history
…nce (#1733)

- This will avoid the operator changing the host value of the original
  deployments postgres_configuration_secret. As it was, restores broke
  the original deployment if it was still around before this change.

Signed-off-by: Christian M. Adams <[email protected]>
  • Loading branch information
rooftopcellist authored Mar 11, 2024
1 parent b5d81b8 commit ed6ac1a
Showing 1 changed file with 20 additions and 2 deletions.
22 changes: 20 additions & 2 deletions roles/restore/tasks/secrets.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,18 @@
include_vars: "{{ tmp_secrets.path }}"
no_log: "{{ no_log }}"

- name: If deployment is managed, set the new postgres_configuration_secret name
block:
- name: Set new postgres_configuration_secret name
set_fact:
_generated_pg_secret_name: "{{ deployment_name }}-postgres-configuration"

- name: Override postgres_configuration_secret
set_fact:
spec:
"{{ spec | combine({'postgres_configuration_secret': _generated_pg_secret_name}, recursive=True) }}"
when: secrets['postgresConfigurationSecret']['data']['type'] | b64decode == 'managed'

- name: If deployment is managed, set the database_host in the pg config secret
block:
- name: Set new database host

Check warning on line 36 in roles/restore/tasks/secrets.yml

View workflow job for this annotation

GitHub Actions / molecule (--skip-tags=replicas)

36:5 [indentation] wrong indentation: expected 2 but found 4

Check warning on line 36 in roles/restore/tasks/secrets.yml

View workflow job for this annotation

GitHub Actions / molecule (-t replicas)

36:5 [indentation] wrong indentation: expected 2 but found 4
Expand All @@ -31,12 +43,18 @@
_pg_secret: "{{ secrets['postgresConfigurationSecret'] }}"
no_log: "{{ no_log }}"

- name: Change postgres host value
- name: Change postgres host and name value
set_fact:
_pg_data: "{{ _pg_secret['data'] | combine({'host': database_host | b64encode }) }}"
_pg_secret_name: "{{ deployment_name }}-postgres-configuration"
no_log: "{{ no_log }}"

- name: Override postgres secret name
set_fact:
_pg_secret: "{{ _pg_secret | combine({'name': _pg_secret_name}) }}"
no_log: "{{ no_log }}"

- name: Create a postgres secret with the new host value
- name: Override postgres secret host with new Postgres service
set_fact:
_pg_secret: "{{ _pg_secret | combine({'data': _pg_data}) }}"
no_log: "{{ no_log }}"
Expand Down

0 comments on commit ed6ac1a

Please sign in to comment.