Skip to content

Commit

Permalink
Use BasicAuth Keys for reading credentials from secret (#543)
Browse files Browse the repository at this point in the history
/cherry-pick

Signed-off-by: Emruz Hossain <[email protected]>
  • Loading branch information
hossainemruz authored and 1gtm committed Jan 16, 2021
1 parent 5cb8af6 commit fb724d3
Show file tree
Hide file tree
Showing 6 changed files with 28 additions and 6 deletions.
3 changes: 1 addition & 2 deletions Dockerfile.dbg
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,7 @@ LABEL org.opencontainers.image.source https://github.com/stashed/elasticsearch
RUN set -x \
&& apk add --update --no-cache bash ca-certificates curl

RUN npm config set unsafe-perm true \
&& npm install [email protected] -g
RUN npm install [email protected] -g

COPY --from=0 restic /bin/restic
COPY bin/{ARG_OS}_{ARG_ARCH}/{ARG_BIN} /{ARG_BIN}
Expand Down
3 changes: 1 addition & 2 deletions Dockerfile.in
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,7 @@ LABEL org.opencontainers.image.source https://github.com/stashed/elasticsearch
RUN set -x \
&& apk add --update --no-cache bash ca-certificates curl

RUN npm config set unsafe-perm true \
&& npm install [email protected] -g
RUN npm install [email protected] -g

COPY --from=0 /restic /bin/restic
COPY bin/{ARG_OS}_{ARG_ARCH}/{ARG_BIN} /{ARG_BIN}
Expand Down
1 change: 1 addition & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ require (
github.com/spf13/cobra v1.1.1
go.bytebuilders.dev/license-verifier/kubernetes v0.5.1
gomodules.xyz/x v0.0.0-20201105065653-91c568df6331
k8s.io/api v0.18.9
k8s.io/apimachinery v0.18.9
k8s.io/client-go v0.18.9
kmodules.xyz/client-go v0.0.0-20210108092221-c3812eb92bd0
Expand Down
10 changes: 9 additions & 1 deletion pkg/backup.go
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,11 @@ import (
license "go.bytebuilders.dev/license-verifier/kubernetes"
"gomodules.xyz/x/flags"
"gomodules.xyz/x/log"
core "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/tools/clientcmd"
meta_util "kmodules.xyz/client-go/meta"
appcatalog "kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1"
appcatalog_cs "kmodules.xyz/custom-resources/client/clientset/versioned"
v1 "kmodules.xyz/offshoot-api/api/v1"
Expand Down Expand Up @@ -215,7 +217,13 @@ func (opt *esOptions) backupElasticsearch(targetRef api_v1beta1.TargetRef) (*res
}

appSVC := appBinding.Spec.ClientConfig.Service
esURL := fmt.Sprintf("%v://%s:%s@%s:%d", appSVC.Scheme, appBindingSecret.Data[ESUser], appBindingSecret.Data[ESPassword], appSVC.Name, appSVC.Port) // TODO: authplugin: none
esURL := fmt.Sprintf("%v://%s:%s@%s:%d",
appSVC.Scheme,
must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthUsernameKey, ESUser)),
must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthPasswordKey, ESPassword)),
appSVC.Name,
appSVC.Port,
) // TODO: support backup without authentication

// wait for DB ready
waitForDBReady(appBinding.Spec.ClientConfig.Service.Name, appBinding.Spec.ClientConfig.Service.Port, opt.waitTimeout)
Expand Down
10 changes: 9 additions & 1 deletion pkg/restore.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,11 @@ import (
license "go.bytebuilders.dev/license-verifier/kubernetes"
"gomodules.xyz/x/flags"
"gomodules.xyz/x/log"
core "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/tools/clientcmd"
meta_util "kmodules.xyz/client-go/meta"
appcatalog "kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1"
appcatalog_cs "kmodules.xyz/custom-resources/client/clientset/versioned"
v1 "kmodules.xyz/offshoot-api/api/v1"
Expand Down Expand Up @@ -182,7 +184,13 @@ func (opt *esOptions) restoreElasticsearch(targetRef api_v1beta1.TargetRef) (*re
}

appSVC := appBinding.Spec.ClientConfig.Service
esURL := fmt.Sprintf("%v://%s:%s@%s:%d", appSVC.Scheme, appBindingSecret.Data[ESUser], appBindingSecret.Data[ESPassword], appSVC.Name, appSVC.Port) // TODO: support for authplugin: none
esURL := fmt.Sprintf("%v://%s:%s@%s:%d",
appSVC.Scheme,
must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthUsernameKey, ESUser)),
must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthPasswordKey, ESPassword)),
appSVC.Name,
appSVC.Port,
) // TODO: support backup without authentication

// wait for DB ready
waitForDBReady(appBinding.Spec.ClientConfig.Service.Name, appBinding.Spec.ClientConfig.Service.Port, opt.waitTimeout)
Expand Down
7 changes: 7 additions & 0 deletions pkg/utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,3 +72,10 @@ func clearDir(dir string) error {
}
return os.MkdirAll(dir, os.ModePerm)
}

func must(v []byte, err error) string {
if err != nil {
panic(err)
}
return string(v)
}

0 comments on commit fb724d3

Please sign in to comment.