From 455abeb43923115b4f2f2f521e454c326ca724b5 Mon Sep 17 00:00:00 2001 From: Jason Montleon Date: Mon, 22 Jul 2024 11:58:52 -0400 Subject: [PATCH 1/2] :bug: Use postgresql modules for migration Signed-off-by: Jason Montleon --- Dockerfile | 2 +- roles/tackle/tasks/main.yml | 56 +++++++++++++++++++++++++++++-------- 2 files changed, 45 insertions(+), 13 deletions(-) diff --git a/Dockerfile b/Dockerfile index a0f9118..ed1242a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ RUN echo -e "[almalinux8-appstream]" \ "\nbaseurl = https://repo.almalinux.org/almalinux/8/AppStream/\$basearch/os/" \ "\nenabled = 1" \ "\ngpgcheck = 0" > /etc/yum.repos.d/almalinux.repo -RUN dnf -y module enable postgresql:15 && dnf -y install postgresql && dnf clean all +RUN dnf -y module enable postgresql:15 && dnf -y install postgresql python38-psycopg2 && dnf clean all USER 1001 COPY requirements.yml ${HOME}/requirements.yml diff --git a/roles/tackle/tasks/main.yml b/roles/tackle/tasks/main.yml index 3f2de49..0b93423 100644 --- a/roles/tackle/tasks/main.yml +++ b/roles/tackle/tasks/main.yml @@ -241,18 +241,50 @@ dbm_user: "{{ pgsql_secret.resources[0].data['database-user'] | b64decode }}" dbm_pass: "{{ pgsql_secret.resources[0].data['database-password'] | b64decode }}" - - name: "Generate DB URLs" - set_fact: - dbm_src: postgresql://{{ dbm_user }}:{{ dbm_pass }}@{{ keycloak_database_service_k8s_resource_name }}/{{ keycloak_database_db_name }} - dbm_dst: postgresql://{{ dbm_user }}:{{ dbm_pass }}@{{ keycloak_database_service_k8s_resource_name }}-migration/{{ keycloak_database_db_name }} - - - name: "Perform the DB upgrade" - shell: | - set -euo pipefail - until pg_isready -U {{ dbm_user }} -h {{ keycloak_database_service_k8s_resource_name }} -d {{ keycloak_database_db_name }}; do sleep 10; done - until pg_isready -U {{ dbm_user }} -h {{ keycloak_database_service_k8s_resource_name }}-migration -d {{ keycloak_database_db_name }}; do sleep 10; done - pg_dump {{ dbm_src }} | psql {{ dbm_dst }} - changed_when: false + - name: ping source database + postgresql_ping: + db: "{{ keycloak_database_db_name }}" + login_host: "{{ keycloak_database_service_k8s_resource_name }}" + login_user: "{{ dbm_user }}" + login_password: "{{ dbm_pass }}" + register: src_ping + retries: 12 + until: src_ping.is_available + delay: 10 + + - name: ping destination database + postgresql_ping: + db: "{{ keycloak_database_db_name }}" + login_host: "{{ keycloak_database_service_k8s_resource_name }}-migration" + login_user: "{{ dbm_user }}" + login_password: "{{ dbm_pass }}" + register: dst_ping + retries: 12 + until: dst_ping.is_available + delay: 10 + + - name: Dump database + postgresql_db: + state: dump + name: "{{ keycloak_database_db_name }}" + target: /tmp/keycloak.sql + login_host: "{{ keycloak_database_service_k8s_resource_name }}" + login_user: "{{ dbm_user }}" + login_password: "{{ dbm_pass }}" + + - name: Restore database + postgresql_db: + state: restore + name: "{{ keycloak_database_db_name }}" + target: /tmp/keycloak.sql + login_host: "{{ keycloak_database_service_k8s_resource_name }}-migration" + login_user: "{{ dbm_user }}" + login_password: "{{ dbm_pass }}" + + - name: Clean up database dump file + file: + state: absent + path: /tmp/keycloak.sql - name: "Remove the temporary migration service" k8s: From bbb016225b485ecdeba6e43c7d0ed38b6b32826d Mon Sep 17 00:00:00 2001 From: Jason Montleon Date: Mon, 22 Jul 2024 12:15:38 -0400 Subject: [PATCH 2/2] :bug: Use postgresql modules for migration Signed-off-by: Jason Montleon --- roles/tackle/tasks/main.yml | 8 ++++---- .../templates/deployment-keycloak-postgresql.yml.j2 | 6 +++--- .../service-keycloak-postgresql-migration.yml.j2 | 2 +- roles/tackle/templates/service-keycloak-postgresql.yml.j2 | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/tackle/tasks/main.yml b/roles/tackle/tasks/main.yml index 0b93423..6336cab 100644 --- a/roles/tackle/tasks/main.yml +++ b/roles/tackle/tasks/main.yml @@ -241,7 +241,7 @@ dbm_user: "{{ pgsql_secret.resources[0].data['database-user'] | b64decode }}" dbm_pass: "{{ pgsql_secret.resources[0].data['database-password'] | b64decode }}" - - name: ping source database + - name: Ping source database postgresql_ping: db: "{{ keycloak_database_db_name }}" login_host: "{{ keycloak_database_service_k8s_resource_name }}" @@ -249,10 +249,10 @@ login_password: "{{ dbm_pass }}" register: src_ping retries: 12 - until: src_ping.is_available + until: src_ping.is_available and src_ping.server_version.major == 12 delay: 10 - - name: ping destination database + - name: Ping destination database postgresql_ping: db: "{{ keycloak_database_db_name }}" login_host: "{{ keycloak_database_service_k8s_resource_name }}-migration" @@ -260,7 +260,7 @@ login_password: "{{ dbm_pass }}" register: dst_ping retries: 12 - until: dst_ping.is_available + until: dst_ping.is_available and dst_ping.server_version.major == 15 delay: 10 - name: Dump database diff --git a/roles/tackle/templates/deployment-keycloak-postgresql.yml.j2 b/roles/tackle/templates/deployment-keycloak-postgresql.yml.j2 index 42526f7..768b509 100644 --- a/roles/tackle/templates/deployment-keycloak-postgresql.yml.j2 +++ b/roles/tackle/templates/deployment-keycloak-postgresql.yml.j2 @@ -5,7 +5,7 @@ metadata: name: {{ keycloak_database_deployment_name }}-{{ keycloak_database_db_version }} namespace: {{ app_namespace }} labels: - app.kubernetes.io/name: {{ keycloak_database_service_name }} + app.kubernetes.io/name: {{ keycloak_database_service_name }}-{{ keycloak_database_db_version }} app.kubernetes.io/component: {{ keycloak_database_component_name }} app.kubernetes.io/part-of: {{ app_name }} version: "{{ keycloak_database_db_version }}" @@ -13,7 +13,7 @@ spec: replicas: {{ keycloak_database_deployment_replicas }} selector: matchLabels: - app.kubernetes.io/name: {{ keycloak_database_service_name }} + app.kubernetes.io/name: {{ keycloak_database_service_name }}-{{ keycloak_database_db_version }} app.kubernetes.io/component: {{ keycloak_database_component_name }} app.kubernetes.io/part-of: {{ app_name }} version: "{{ keycloak_database_db_version }}" @@ -24,7 +24,7 @@ spec: template: metadata: labels: - app.kubernetes.io/name: {{ keycloak_database_service_name }} + app.kubernetes.io/name: {{ keycloak_database_service_name }}-{{ keycloak_database_db_version }} app.kubernetes.io/component: {{ keycloak_database_component_name }} app.kubernetes.io/part-of: {{ app_name }} app: {{ app_name }} diff --git a/roles/tackle/templates/service-keycloak-postgresql-migration.yml.j2 b/roles/tackle/templates/service-keycloak-postgresql-migration.yml.j2 index 25a184c..c3aa624 100644 --- a/roles/tackle/templates/service-keycloak-postgresql-migration.yml.j2 +++ b/roles/tackle/templates/service-keycloak-postgresql-migration.yml.j2 @@ -15,7 +15,7 @@ spec: targetPort: 5432 protocol: TCP selector: - app.kubernetes.io/name: {{ keycloak_database_service_name }} + app.kubernetes.io/name: {{ keycloak_database_service_name }}-{{ keycloak_database_db_version }} app.kubernetes.io/component: {{ keycloak_database_component_name }} app.kubernetes.io/part-of: {{ app_name }} version: "{{ keycloak_database_db_version }}" diff --git a/roles/tackle/templates/service-keycloak-postgresql.yml.j2 b/roles/tackle/templates/service-keycloak-postgresql.yml.j2 index 081e1e2..acd0805 100644 --- a/roles/tackle/templates/service-keycloak-postgresql.yml.j2 +++ b/roles/tackle/templates/service-keycloak-postgresql.yml.j2 @@ -15,7 +15,7 @@ spec: targetPort: 5432 protocol: TCP selector: - app.kubernetes.io/name: {{ keycloak_database_service_name }} + app.kubernetes.io/name: {{ keycloak_database_service_name }}-{{ keycloak_database_db_version }} app.kubernetes.io/component: {{ keycloak_database_component_name }} app.kubernetes.io/part-of: {{ app_name }} version: "{{ keycloak_database_db_version }}"