Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat/backup script #2604

Merged
merged 31 commits into from
Aug 14, 2024
Merged

Feat/backup script #2604

merged 31 commits into from
Aug 14, 2024

Conversation

ajoaugustine
Copy link
Contributor

install mount-s3

emalinowski
emalinowski previously approved these changes Aug 9, 2024
View reviewed changes
jawadqur
jawadqur reviewed Aug 12, 2024
View reviewed changes
gen3/bin/dbbackup.sh Outdated
create_or_get_kms_key
create_s3_bucket $bucket_name $kms_key_arn
create_s3_bucket $bucket_name_encrypted $kms_key_arn
setup_csi_driver
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ideally this should be a separate script or terraform. Then we can call that separate script or terraform from within this script.

gen3/bin/dbbackup.sh Outdated

gen3_log_info "policy_name: $policy_name"
gen3_log_info "account_id: $account_id"
gen3_log_info "vpc_name: $vpc_name"
gen3_log_info "namespace: $namespace"
gen3_log_info "sa_name: $sa_name"
gen3_log_info "bucket_name: $bucket_name"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should not need a unencrypted bucket, we should only allow an encrypted bucket.

gen3/bin/dbbackup.sh Outdated
}

# Create policy for Mountpoint for Amazon S3 CSI driver
create_s3_csi_policy() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same thing for all these other functions related to csi driver. These should go into a kube-setup-s3-csi or similar script, and then this script can call that other script, we need to make sure the other script is idempotent as well.

@ajoaugustine
Update kube-setup-s3-csi-driver fix tmp file name
a3bd2f4 
fix tmp file name
@ajoaugustine
Update dbbackup.sh
a6c3029 
added service account creation
@ajoaugustine
Update kube-setup-s3-csi-driver.sh
8d5f42d 
Add all oidc_url's to the trust plicy
@ajoaugustine
Update kube-setup-s3-csi-driver.sh
487de9b 
separate policies, roles per cluster
@ajoaugustine ajoaugustine merged commit d7ffd04 into master Aug 14, 2024
4 of 5 checks passed
@ajoaugustine ajoaugustine deleted the feat/backup-script branch August 14, 2024 21:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emalinowski emalinowski emalinowski approved these changes

@jawadqur jawadqur Awaiting requested review from jawadqur

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ajoaugustine @emalinowski @jawadqur