apiVersion: v1 kind: ConfigMap metadata: name: {{ include "bucket-replication.fullname" . }} namespace: {{ .Release.Namespace }} labels: {{- include "bucket-replication.labels" . | nindent 4 }} data: bucket-replication.sh: | #!/usr/bin/env bash rook_s3_endpoint=$(oc get cephobjectstore/mdtuddm -n openshift-storage -o=jsonpath='{.status.info.endpoint}') bucket=$(oc get objectbucketclaim/"${OBJECT_BUCKET_CLAIM}" -n ${REGISTRY_NAMESPACE} -o=jsonpath="{.spec.bucketName}") access_key_rook=$(oc get secret/"${OBJECT_BUCKET_CLAIM}" -n "${REGISTRY_NAMESPACE}" -o jsonpath='{.data.AWS_ACCESS_KEY_ID}' | base64 -d) access_secret_key_rook=$(oc get secret/"${OBJECT_BUCKET_CLAIM}" -n "${REGISTRY_NAMESPACE}" -o jsonpath='{.data.AWS_SECRET_ACCESS_KEY}' | base64 -d) mkdir -p ~/.config/rclone echo " ["${BACKUP_BUCKET}"] type = s3 provider = Other endpoint = ${S3_ENDPOINT} env_auth = true region = eu-central-1 acl = private bucket_acl = private [rook] type = s3 provider = Ceph env_auth = false access_key_id = ${access_key_rook} secret_access_key = ${access_secret_key_rook} endpoint = ${rook_s3_endpoint} acl = bucket-owner-full-control bucket_acl = authenticated-read" > ~/.config/rclone/rclone.conf # append only bucket - data bucket strategy (by label) - copy / other sync {{- if eq .Values.registryBackup.obc.action "replication" }} rclone_command="rclone copy -P --no-traverse --metadata" if [[ -z $(rclone lsd ${BACKUP_BUCKET}:${BACKUP_BUCKET}/obc-backups/${REGISTRY_NAMESPACE} | grep ${OBJECT_BUCKET_CLAIM}) ]]; then echo "[INFO] Destination folder empty, copy full bucket to destination" else echo "[INFO] Destination folder exists, copy bucket data for ${MAX_AGE}" rclone_command="${rclone_command} --max-age ${MAX_AGE}" fi function replication() { set +o pipefail $rclone_command rook:${bucket} ${BACKUP_BUCKET}:/${BACKUP_BUCKET}/obc-backups/${REGISTRY_NAMESPACE}/${OBJECT_BUCKET_CLAIM}/ -v > /tmp/rcloneout 2> /tmp/rcloneerror return 0 } function error_response(){ return 1 } replication if grep -q 'failed to open source object: NoSuchKey' /tmp/rcloneerror;then echo "[WARN] False positive error with NoSuchKey. Ignore" elif [ -s /tmp/rcloneout ];then echo "[INFO] Replication completed with no errors." else if [ ! -z ${DEBUG} ]; then echo "[ERROR][DEBUG]Debug flag set to true" cat /tmp/rcloneerror else echo "[ERROR]Please run job in debug mode. Add to enviromnet variable DEBUG with value "true" to return logs to stout" fi error_response fi {{- else }} rclone -M -v sync ${BACKUP_BUCKET}:/${BACKUP_BUCKET}/obc-backups/${REGISTRY_NAMESPACE}/${OBJECT_BUCKET_CLAIM} rook:${bucket} {{- end }}