[cherry-pick] Use username/password as keys in Postgres secret (#270) (#276)

1gtm · tamalsaha · web-flow · commit 8179b10f9814 · 2020-10-08T17:23:26.000Z
/cherry-pick

Signed-off-by: Tamal Saha &lt;tamal@appscode.com&gt;

Co-authored-by: Tamal Saha &lt;tamal@appscode.com&gt;
diff --git a/docs/examples/backup/appbinding.yaml b/docs/examples/backup/appbinding.yaml
@@ -23,12 +23,5 @@ spec:
       scheme: postgresql
   secret:
     name: sample-postgres-auth
-  secretTransforms:
-  - renameKey:
-      from: POSTGRES_USER
-      to: username
-  - renameKey:
-      from: POSTGRES_PASSWORD
-      to: password
   type: kubedb.com/postgres
   version: "11.9"
diff --git a/docs/standalone.md b/docs/standalone.md
@@ -148,13 +148,6 @@ spec:
       scheme: postgresql
   secret:
     name: sample-postgres-auth
-  secretTransforms:
-  - renameKey:
-      from: POSTGRES_USER
-      to: username
-  - renameKey:
-      from: POSTGRES_PASSWORD
-      to: password
   type: kubedb.com/postgres
   version: "11.9"
 ```
diff --git a/go.mod b/go.mod
@@ -18,7 +18,7 @@ require (
 	k8s.io/client-go v12.0.0+incompatible
 	k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6
 	k8s.io/kubernetes v1.18.9 // indirect
-	kmodules.xyz/client-go v0.0.0-20201007024140-3223988adf40
+	kmodules.xyz/client-go v0.0.0-20201008164401-74d81f261ec5
 	kmodules.xyz/crd-schema-fuzz v0.0.0-20200922204806-c1426cd7fcf4
 	kmodules.xyz/custom-resources v0.0.0-20201008012351-6d8090f759d4
 	kmodules.xyz/objectstore-api v0.0.0-20200922210707-59bab27e5d41 // indirect
diff --git a/go.sum b/go.sum
@@ -955,8 +955,8 @@ kmodules.xyz/client-go v0.0.0-20200818143024-600fef263e03/go.mod h1:sY/eoe4ktxZE
 kmodules.xyz/client-go v0.0.0-20200915091229-7df16c29f4e8 h1:C6+M9aTLhPCmsJ8dmhPvkr7Qe2MN+iiY3kZvbonhS9E=
 kmodules.xyz/client-go v0.0.0-20200915091229-7df16c29f4e8/go.mod h1:sY/eoe4ktxZEoHpr5NpAQ5s22VSwTE8psJtKVeVgLRY=
 kmodules.xyz/client-go v0.0.0-20200922200830-63d86b6e5b63/go.mod h1:JZN34jqk6ZlR+QOnBPpnUVBab4rmfamqxfSvLaulBMY=
-kmodules.xyz/client-go v0.0.0-20201007024140-3223988adf40 h1:XQLn2whq+TYbGxVloiyopxSM9jsqjqvWQjltXFKd+aA=
-kmodules.xyz/client-go v0.0.0-20201007024140-3223988adf40/go.mod h1:pnRh7gtJ6ErPJQBkQeRlpD95KRtxhD4eGrYagZEU8RM=
+kmodules.xyz/client-go v0.0.0-20201008164401-74d81f261ec5 h1:mGySTT2dC8u2FQDUFbDLcOt7GM+IkXqlH2xzATyddKg=
+kmodules.xyz/client-go v0.0.0-20201008164401-74d81f261ec5/go.mod h1:pnRh7gtJ6ErPJQBkQeRlpD95KRtxhD4eGrYagZEU8RM=
 kmodules.xyz/constants v0.0.0-20200506032633-a21e58ceec72/go.mod h1:DbiFk1bJ1KEO94t1SlAn7tzc+Zz95rSXgyUKa2nzPmY=
 kmodules.xyz/crd-schema-fuzz v0.0.0-20200521005638-2433a187de95 h1:v0S/+ftzL6Xrs9XevgchAOJyPKlRQXPiZf87xotj3X4=
 kmodules.xyz/crd-schema-fuzz v0.0.0-20200521005638-2433a187de95/go.mod h1:jpu8xFsDKd6kAWUAKk8oTu/GQGBWqhrcaDeOJdaCJnk=
diff --git a/pkg/backup.go b/pkg/backup.go
@@ -30,9 +30,11 @@ import (
 	"github.com/appscode/go/flags"
 	"github.com/spf13/cobra"
 	license "go.bytebuilders.dev/license-verifier/kubernetes"
+	core "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
+	meta_util "kmodules.xyz/client-go/meta"
 	appcatalog "kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1"
 	appcatalog_cs "kmodules.xyz/custom-resources/client/clientset/versioned"
 	v1 "kmodules.xyz/offshoot-api/api/v1"
@@ -210,12 +212,12 @@ func (opt *postgresOptions) backupPostgreSQL(targetRef api_v1beta1.TargetRef) (*
 	}
 
 	// set env for pg_dump/pg_dumpall
-	resticWrapper.SetEnv(EnvPgPassword, string(appBindingSecret.Data[PostgresPassword]))
+	resticWrapper.SetEnv(EnvPgPassword, must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthPasswordKey, envPostgresPassword)))
 	// setup pipe command
 	opt.backupOptions.StdinPipeCommand = restic.Command{
 		Name: pgBackupCMD,
 		Args: []interface{}{
-			"-U", string(appBindingSecret.Data[PostgresUser]),
+			"-U", must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthUsernameKey, envPostgresUser)),
 			"-h", appBinding.Spec.ClientConfig.Service.Name,
 		},
 	}
diff --git a/pkg/restore.go b/pkg/restore.go
@@ -27,9 +27,11 @@ import (
 	"github.com/appscode/go/flags"
 	"github.com/spf13/cobra"
 	license "go.bytebuilders.dev/license-verifier/kubernetes"
+	core "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
+	meta_util "kmodules.xyz/client-go/meta"
 	appcatalog "kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1"
 	appcatalog_cs "kmodules.xyz/custom-resources/client/clientset/versioned"
 	v1 "kmodules.xyz/offshoot-api/api/v1"
@@ -171,12 +173,12 @@ func (opt *postgresOptions) restorePostgreSQL(targetRef api_v1beta1.TargetRef) (
 	}
 
 	// set env for psql
-	resticWrapper.SetEnv(EnvPgPassword, string(appBindingSecret.Data[PostgresPassword]))
+	resticWrapper.SetEnv(EnvPgPassword, must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthPasswordKey, envPostgresPassword)))
 	// setup pipe command
 	opt.dumpOptions.StdoutPipeCommand = restic.Command{
 		Name: PgRestoreCMD,
 		Args: []interface{}{
-			"-U", string(appBindingSecret.Data[PostgresUser]),
+			"-U", must(meta_util.GetBytesForKeys(appBindingSecret.Data, core.BasicAuthUsernameKey, envPostgresUser)),
 			"-h", appBinding.Spec.ClientConfig.Service.Name,
 		},
 	}
diff --git a/pkg/util.go b/pkg/util.go
@@ -26,18 +26,22 @@ import (
 	"github.com/codeskyblue/go-sh"
 	core "k8s.io/api/core/v1"
 	"k8s.io/client-go/kubernetes"
+	meta_util "kmodules.xyz/client-go/meta"
 	"kmodules.xyz/custom-resources/apis/appcatalog/v1alpha1"
 	appcatalog_cs "kmodules.xyz/custom-resources/client/clientset/versioned"
 )
 
 const (
-	PostgresUser     = "POSTGRES_USER"
-	PostgresPassword = "POSTGRES_PASSWORD"
-	EnvPgPassword    = "PGPASSWORD"
-	PgDumpFile       = "dumpfile.sql"
-	PgDumpCMD        = "pg_dump"
-	PgDumpallCMD     = "pg_dumpall"
-	PgRestoreCMD     = "psql"
+	EnvPgPassword = "PGPASSWORD"
+	PgDumpFile    = "dumpfile.sql"
+	PgDumpCMD     = "pg_dump"
+	PgDumpallCMD  = "pg_dumpall"
+	PgRestoreCMD  = "psql"
+
+	// Deprecated
+	envPostgresUser = "POSTGRES_USER"
+	// Deprecated
+	envPostgresPassword = "POSTGRES_PASSWORD"
 )
 
 type postgresOptions struct {
@@ -58,14 +62,21 @@ type postgresOptions struct {
 	dumpOptions   restic.DumpOptions
 }
 
+func must(v []byte, err error) string {
+	if err != nil {
+		panic(err)
+	}
+	return string(v)
+}
+
 func waitForDBReady(appBinding *v1alpha1.AppBinding, secret *core.Secret, waitTimeout int32) error {
 	log.Infoln("Waiting for the database to be ready.....")
 	shell := sh.NewSession()
-	shell.SetEnv(EnvPgPassword, string(secret.Data[PostgresPassword]))
+	shell.SetEnv(EnvPgPassword, must(meta_util.GetBytesForKeys(secret.Data, core.BasicAuthPasswordKey, envPostgresPassword)))
 	args := []interface{}{
 		fmt.Sprintf("--host=%s", appBinding.Spec.ClientConfig.Service.Name),
 		fmt.Sprintf("--port=%d", appBinding.Spec.ClientConfig.Service.Port),
-		fmt.Sprintf("--username=%s", secret.Data[PostgresUser]),
+		fmt.Sprintf("--username=%s", must(meta_util.GetBytesForKeys(secret.Data, core.BasicAuthUsernameKey, envPostgresUser))),
 		fmt.Sprintf("--timeout=%d", waitTimeout),
 	}
 	return shell.Command("pg_isready", args...).Run()
diff --git a/vendor/kmodules.xyz/client-go/meta/annotations.go b/vendor/kmodules.xyz/client-go/meta/annotations.go
@@ -187,3 +187,16 @@ func GetStringValueForKeys(m map[string]string, key string, alts ...string) (str
 	}
 	return "", kutil.ErrNotFound
 }
+
+func GetBytesForKeys(m map[string][]byte, key string, alts ...string) ([]byte, error) {
+	if m == nil {
+		return nil, kutil.ErrNotFound
+	}
+	keys := append([]string{key}, alts...)
+	for _, k := range keys {
+		if v, ok := m[k]; ok {
+			return v, nil
+		}
+	}
+	return nil, kutil.ErrNotFound
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
@@ -843,7 +843,7 @@ k8s.io/utils/net
 k8s.io/utils/path
 k8s.io/utils/pointer
 k8s.io/utils/trace
-# kmodules.xyz/client-go v0.0.0-20201007024140-3223988adf40
+# kmodules.xyz/client-go v0.0.0-20201008164401-74d81f261ec5
 kmodules.xyz/client-go
 kmodules.xyz/client-go/api/v1
 kmodules.xyz/client-go/apiextensions
