* Add use_db_compression option for backup database dumps
Enable optional pg_dump compression (-Z 9) via use_db_compression
boolean flag. Restore auto-detects compressed (.db.gz) or
uncompressed (.db) backups for backward compatibility.
Authored By: Christian M. Adams <chadams@redhat.com>
Assisted By: Claude
* Add CRD field, CSV descriptor, and restore auto-detection for use_db_compression
Authored By: Christian M. Adams <chadams@redhat.com>
Assisted By: Claude
Quote {{ now }} in firstTimestamp and lastTimestamp to prevent
YAML parser from converting the value to a datetime object.
Assisted-by: Claude
Signed-off-by: Lucas Benedito <lbenedit@redhat.com>
Use backup_pvc for custom backup PVC name in templates
When backup_pvc is specified with create_backup_pvc: true, the PVC
template and ownerReference removal used the hardcoded default name
(deployment_name-backup-claim) instead of the user-specified name.
This caused the management pod to reference a PVC that didn't exist.
Replace backup_claim variable with backup_pvc throughout the backup
role so the resolved PVC name is used consistently in all templates.
Authored By: Adam Knochowski <aknochow@redhat.com>
Assisted By: Claude
When users specify a custom backup_pvc name, the operator now
automatically creates the PVC instead of failing with
"does not exist, please create this pvc first."
Changes:
- Add create_backup_pvc variable (default: true) to backup defaults
- Update error condition to check create_backup_pvc before failing
- Update PVC creation condition to include create_backup_pvc
- Add create_backup_pvc field to AWXBackup CRD
Users who want the previous behavior can set create_backup_pvc: false.
* updating task descriptions in backup and restore roles
* Revert "Run import_auth_config_to_gateway when public_url is defined (#2064)"
This reverts commit 54293a0efb.
Update secrets.yml
We need to specify a container in environments that use sidecar injection, like in the case of istio service mesh. If the container is not specified, and a side car is injected so there are multiple containers running in the pod, this task will fail because a container was not specified in a pod with multiple containers.
The default paramater from the jinja map filter has been added in the
2.11.0 release.
However, the downstream ansible operator is still using ansible 2.9
with jinja 2.10.x so using the default parameter leads to the
following error:
TASK [Dump ingress tls secret names from awx spec and data into file]
********************************
The error was: jinja2.exceptions.FilterArgumentError: Unexpected
keyword argument 'default'
fatal: [localhost]: FAILED! => {
"msg": "Unexpected failure during module execution.",
"stdout": ""
}
Rather than using the default parameter with the map filter then add the
selectattr filter to get only the items with tls_secret defined and then
get the tls_secret attribute with the map filter.
This also gets rid of the when statement since we always get an empty
list when no tls_secret are present in ingress_hosts so the loop statement
will be skipped on the empty list.
Finally this changes the default value from the ingress_hosts field because
it's a list rather than a string.
https://jinja.palletsprojects.com/en/latest/templates/#jinja-filters.map
Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
* Upgrading to postgres:15
* Changing image from postgres to sclorg
* Handle scenario where upgrade status is not defined & correct pg tag
* Rework the upgrade logic to be more resiliant for multiple upgrades
---------
Co-authored-by: john-westcott-iv <john-westcott-iv@users.noreply.github.com>
Co-authored-by: Christian M. Adams <chadams@redhat.com>
* Replace api version for deployment kind to apps/v1
* Add new multiple ingress spec and deprecate hostname and ingress_tls_secret
* Manage new ingress_hosts.tls_secret backup separately
* Fix ci molecule lint warnings and error
* Fix documentation
* Fix ingress_hosts tls_secret key being optional
* Remove fieldDependency:ingress_type:Ingress for Ingress Hosts
* Fix scenario when neither hostname or ingress_hosts is defined
---------
Co-authored-by: Guillaume Lefevre <guillaume.lefevre@agoda.com>
Co-authored-by: Seth Foster <fosterseth@users.noreply.github.com>
Co-authored-by: Christian Adams <chadams@redhat.com>
* Move label templates into `common` role
So that there is single source of labels management, and labels are
unified across the other roles
* Introduce `additional_labels`
* Fix paths for labels templates
* Return `additional_labels_items` as list
* Add molecule tests
* Bump Postgresql, Nginx and Redis versions
* pg12 --> pg13 upgrade path
* Set supported pg version as a variable to remain DRY
* Make deleting the old db data pvc after upgrade configurable
* Use labels to find the postgres pod
* backup/restore: fix postgres label selector value
We need to use the deployment_name variable for the postgres instance
name.
Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
* backup/restore: add missing default supported_pg_version variable
Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
* restore: update database_host fact with pg suffix
Signed-off-by: Dimitri Savineau <dsavinea@redhat.com>
Co-authored-by: Dimitri Savineau <dsavinea@redhat.com>
- Removes backup_pvc_namespace field from OLM forms
- This field has created confusion for users and there is no strong
case for needing this functionality
- Users will still be able to add it to the yaml for the CR if they
want to use it with the cluster-scoped AWX operator
- Remove unneeded advanced descriptors to avoid empty Advanced
configuration expander
fixes AAP-1176
When there are e.g. multiple authenticated container registries used
we need to be able to add multiple imagePullSecrets to the k8s resource
Co-authored-by: Maximilian Meister <maximilian.meister@pm.me>
* Only use them if user did not set an image, or RELATED_IMAGES_ var
is not set
Signed-off-by: Christian M. Adams <chadams@redhat.com>
(cherry picked from commit bb957be9e6)
