use deployment for manual backup restore

README.md

@@ -33,7 +33,7 @@ target/graalvm/c4k-jira src/test/resources/valid-config.edn src/test/resources/v
 
 ## Documentation
 * [Example Setup on Hetzner](doc/SetupOnHetzner.md)
-* [Backup and Restore](doc/BackupAndResotre.md)
+* [Backup and Restore](doc/BackupAndRestore.md)
 
 ## License
 

doc/BackupAndRestore.md

@@ -10,40 +10,40 @@
 ## Manual init the restic repository for the first time
 
 1. apply backup-and-restore pod:   
-   `kubectl apply -f src/main/resources/backup/backup-restore.yaml`
-1. exec into pod and execute restore pod   
-   `kubectl exec -it backup-restore -- /usr/local/bin/init.sh`
+   `kubectl scale deployment backup-restore --replicas=1`
+1. exec into pod and execute restore pod (press tab to get your exact pod name)   
+   `kubectl exec -it backup-restore-... -- /usr/local/bin/init.sh`
 1. remove backup-and-restore pod:   
-   `kubectl delete pod backup-restore
+   `kubectl scale deployment backup-restore --replicas=0`
 
 
 ## Manual backup the restic repository for the first time
 
 1.Create a jira export:    
   Jira > Settings > System -> Backup system
-1. Choose a filename `backup-filename.xml`. Your file will be stored to `/var/backup/export`.
+1. Choose a filename `backup-filename.zip`. Your file will be stored to `/var/backup/export`.
 1. apply backup-and-restore pod:   
-  `kubectl apply -f src/main/resources/backup/backup-restore.yaml`
-1. exec into pod and execute restore pod   
-   `kubectl exec -it backup-restore -- /usr/local/bin/backup.sh`
+  `kubectl scale deployment backup-restore --replicas=1`
+1. exec into pod and execute restore pod (press tab to get your exact pod name)   
+   `kubectl exec -it backup-restore-... -- /usr/local/bin/backup.sh`
 1. remove backup-and-restore pod:   
-   `kubectl delete pod backup-restore`
+   `kubectl scale deployment backup-restore --replicas=0`
 
 
 ## Manual restore
 
 1. apply backup-and-restore pod:   
-  `kubectl apply -f src/main/resources/backup/backup-restore.yaml`
-1. exec into pod and execute restore pod   
-   `kubectl exec -it backup-restore -- /usr/local/bin/restore.sh`
+  `kubectl scale deployment backup-restore --replicas=1`
+1. exec into pod and execute restore pod (press tab to get your exact pod name)   
+   `kubectl exec -it backup-restore-... -- /usr/local/bin/restore.sh`
 1. In case of already set up server:
    1. Import one of Jira exportet backups:   
       Jira > Settings > System > Restore System
-   1. Choose one of your bakcuped files located at `/var/jira/restic-restore/export/`.   
-      E.g. `/var/jira/restic-restore/export/backup-filename.xml`.
+   1. Choose one of your backuped files located at `/var/jira/import/`.   
+      E.g. `backup-filename.zip`.
 1. In case of installation wizzard:
    1. Choose restore from backup
-   1. Choose one of your bakcuped files located at `/var/jira/restic-restore/export/`.   
-      E.g. `/var/jira/restic-restore/export/backup-filename.xml`
+   1. Choose one of your backuped files located at `/var/jira/import/`.   
+      E.g. `backup-filename.zip`
 1. remove backup-and-restore pod:   
-   `kubectl delete pod backup-restore`
+   `kubectl scale deployment backup-restore --replicas=0`

infrastructure/docker-backup/image/resources/backup.sh

@@ -7,8 +7,7 @@ function main() {
     file_env AWS_SECRET_ACCESS_KEY
     file_env RESTIC_DAYS_TO_KEEP 14
 
-    backup-roles ""
-    backup-fs-from-directory '/var/backups/' 'data/'
+    backup-fs-from-directory '/var/backups/' 'export/'
 }
 
 source /usr/local/lib/functions.sh

infrastructure/docker-backup/image/resources/restore.sh

@@ -7,15 +7,12 @@ function main() {
     file_env AWS_ACCESS_KEY_ID
     file_env AWS_SECRET_ACCESS_KEY
 
-    # Restore latest snapshot into /var/backups/restic-restore
-    rm -rf /var/backups/restic-restore
-    restore-directory '/var/backups/restic-restore'
+    # Restore latest snapshot into /var/backups/restore
+    rm -rf /var/backups/restore
+    restore-directory '/var/backups/restore'
 
-    # Restore data dir backup
-    rm -rf /var/backups/data/*
-    cp -a /var/backups/restic-restore/data/* /var/backups/data
-
-    # /opt/atlassian-jira-software-standalone/bin/start-jira.sh
+    cp /var/backups/restore/export/*.zip /var/backups/import/
+    chown 901:901 /var/backups/import/*.zip
 }
 
 source /usr/local/lib/functions.sh

infrastructure/docker-backup/test/Dockerfile

@@ -1,5 +1,8 @@
 FROM c4k-jira-backup
 
+RUN apt update
+RUN apt -yqq --no-install-recommends --yes install curl default-jre-headless
+
 RUN curl -L -o /tmp/serverspec.jar \
     https://github.com/DomainDrivenArchitecture/dda-serverspec-crate/releases/download/2.0.0/dda-serverspec-standalone.jar
 

src/main/cljc/dda/c4k_jira/backup.cljc

@@ -4,12 +4,13 @@
   #?(:cljs [shadow.resource :as rc])
   [dda.c4k-common.yaml :as yaml]
   [dda.c4k-common.base64 :as b64]
-  [dda.c4k-common.common :as cm]))
+  [dda.c4k-common.common :as cm]
+  [dda.c4k-common.prefixes :as pf]))
 
-(s/def ::aws-access-key-id cm/bash-env-string?)
-(s/def ::aws-secret-access-key cm/bash-env-string?)
-(s/def ::restic-password cm/bash-env-string?)
-(s/def ::restic-repository cm/bash-env-string?)
+(s/def ::aws-access-key-id pf/bash-env-string?)
+(s/def ::aws-secret-access-key pf/bash-env-string?)
+(s/def ::restic-password pf/bash-env-string?)
+(s/def ::restic-repository pf/bash-env-string?)
 
 #?(:cljs
    (defmethod yaml/load-resource :backup [resource-name]
@@ -17,6 +18,7 @@
        "backup/config.yaml" (rc/inline "backup/config.yaml")
        "backup/cron.yaml" (rc/inline "backup/cron.yaml")
        "backup/secret.yaml" (rc/inline "backup/secret.yaml")
+       "backup/backup-restore-deployment.yaml" (rc/inline "backup/backup-restore-deployment.yaml")
        (throw (js/Error. "Undefined Resource!")))))
 
 (defn generate-config [my-conf]
@@ -28,6 +30,9 @@
 (defn generate-cron []
    (yaml/from-string (yaml/load-resource "backup/cron.yaml")))
 
+(defn generate-backup-restore-deployment []
+  (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml")))
+
 (defn generate-secret [my-auth]
   (let [{:keys [aws-access-key-id aws-secret-access-key restic-password]} my-auth]
     (->

src/main/cljc/dda/c4k_jira/core.cljc

@@ -39,7 +39,8 @@
            (when (contains? config :restic-repository)
              [(yaml/to-string (backup/generate-config config))
               (yaml/to-string (backup/generate-secret config))
-              (yaml/to-string (backup/generate-cron))]))))
+              (yaml/to-string (backup/generate-cron))
+              (yaml/to-string (backup/generate-backup-restore-deployment))]))))
 
 (defn-spec generate any?
   [my-config config?

src/main/cljs/dda/c4k_jira/browser.cljs

@@ -15,11 +15,11 @@
                                             (br/generate-input-field "restic-repository" "(Optional) Your restic-repository:" "restic-repository" "dda.c4k_jira.browser")
                                             (br/generate-input-field "issuer" "(Optional) Your issuer prod/staging:" "" "dda.c4k_jira.browser")
                                             [(br/generate-br)]
-                                            (br/generate-text-area "auth" "Your auth.edn:" "{:postgres-db-user \" jira \"
-         :postgres-db-password \" jira-db-password \"
-         :aws-access-key-id \" aws-id \"
-         :aws-secret-access-key \" aws-secret \"
-         :restic-password \" restic-password \"}"
+                                            (br/generate-text-area "auth" "Your auth.edn:" "{:postgres-db-user \"jira\"
+         :postgres-db-password \"jira-db-password\"
+         :aws-access-key-id \"aws-id\"
+         :aws-secret-access-key \"aws-secret\"
+         :restic-password \"restic-password\"}"
                                                                    "5" "dda.c4k_jira.browser")
                                             [(br/generate-br)]
                                             (br/generate-button "generate-button" "Generate c4k yaml"))))]

src/main/resources/backup/backup-restore-deployment.yaml

@@ -0,0 +1,50 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: backup-restore
+spec:
+  replicas: 0
+  selector:
+    matchLabels:
+      app: backup-restore
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: backup-restore
+        app.kubernetes.io/name: backup-restore
+        app.kubernetes.io/part-of: jira
+    spec:
+      containers:
+      - image: domaindrivenarchitecture/c4k-jira-backup
+        name: backup-app
+        imagePullPolicy: IfNotPresent
+        command: ["/entrypoint-start-and-wait.sh"]
+        env:
+        - name: AWS_DEFAULT_REGION
+          value: eu-central-1
+        - name: AWS_ACCESS_KEY_ID_FILE
+          value: /var/run/secrets/backup-secrets/aws-access-key-id
+        - name: AWS_SECRET_ACCESS_KEY_FILE
+          value: /var/run/secrets/backup-secrets/aws-secret-access-key
+        - name: RESTIC_REPOSITORY
+          valueFrom:
+            configMapKeyRef:
+              name: backup-config
+              key: restic-repository
+        - name: RESTIC_PASSWORD_FILE
+          value: /var/run/secrets/backup-secrets/restic-password
+        volumeMounts:
+        - name: jira-data-volume
+          mountPath: /var/backups
+        - name: backup-secret-volume
+          mountPath: /var/run/secrets/backup-secrets
+          readOnly: true
+      volumes:
+      - name: jira-data-volume
+        persistentVolumeClaim:
+          claimName: jira-pvc
+      - name: backup-secret-volume
+        secret:
+          secretName: backup-secret

src/main/resources/backup/backup-restore.yaml

@@ -1,41 +0,0 @@
-kind: Pod
-apiVersion: v1
-metadata:
-  name: backup-restore
-  labels:
-    app.kubernetes.io/name: backup-restore
-    app.kubernetes.io/part-of: jira
-spec:
-  containers:
-  - name: backup-app
-    image: domaindrivenarchitecture/c4k-jira-backup
-    imagePullPolicy: IfNotPresent
-    command: ["/entrypoint-start-and-wait.sh"]
-    env:
-    - name: AWS_DEFAULT_REGION
-      value: eu-central-1
-    - name: AWS_ACCESS_KEY_ID_FILE
-      value: /var/run/secrets/backup-secrets/aws-access-key-id
-    - name: AWS_SECRET_ACCESS_KEY_FILE
-      value: /var/run/secrets/backup-secrets/aws-secret-access-key
-    - name: RESTIC_REPOSITORY
-      valueFrom:
-        configMapKeyRef:
-          name: backup-config
-          key: restic-repository
-    - name: RESTIC_PASSWORD_FILE
-      value: /var/run/secrets/backup-secrets/restic-password
-    volumeMounts:
-    - name: jira-data-volume
-      mountPath: /var/backups
-    - name: backup-secret-volume
-      mountPath: /var/run/secrets/backup-secrets
-      readOnly: true
-  volumes:
-  - name: jira-data-volume
-    persistentVolumeClaim:
-      claimName: jira-pvc
-  - name: backup-secret-volume
-    secret:
-      secretName: backup-secret
-  restartPolicy: OnFailure

src/test/cljc/dda/c4k_jira/core_test.cljc

@@ -5,7 +5,7 @@
    [dda.c4k-jira.core :as cut]))
 
 (deftest should-k8s-objects
-  (is (= 15
+  (is (= 16
          (count (cut/k8s-objects {:fqdn "jira-neu.prod.meissa-gmbh.de"
                                   :postgres-db-user "jira"
                                   :postgres-db-password "jira-db-password"
@@ -16,7 +16,7 @@
                                   :aws-secret-access-key "aws-secret"
                                   :restic-password "restic-pw"
                                   :restic-repository "restic-repository"}))))
-  (is (= 13
+  (is (= 14
          (count (cut/k8s-objects {:fqdn "jira-neu.prod.meissa-gmbh.de"
                                   :postgres-db-user "jira"
                                   :postgres-db-password "jira-db-password"