Skip to content

Commit c958d77

Browse files
committed
up
1 parent c6dc294 commit c958d77

4 files changed

Lines changed: 79 additions & 8 deletions

File tree

infrastructure/controllers/kyverno/kustomization.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ namespace: kyverno
44
resources:
55
- namespace.yaml
66
- volsync-clusterpolicy.yaml
7+
- volsync-restore-mutate.yaml
78
helmCharts:
89
- name: kyverno
910
repo: https://kyverno.github.io/kyverno
Lines changed: 78 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,78 @@
1+
apiVersion: kyverno.io/v1
2+
kind: ClusterPolicy
3+
metadata:
4+
name: add-volsync-restore-datasource
5+
annotations:
6+
argocd.argoproj.io/sync-wave: "2"
7+
policies.kyverno.io/title: Add VolSync dataSourceRef for Automatic Restore
8+
policies.kyverno.io/description: >-
9+
Automatically adds dataSourceRef to PVCs with backup labels when a corresponding
10+
ReplicationDestination exists with latestImage. This enables automatic disaster
11+
recovery - if a PVC is deleted and recreated, it will restore from the latest backup.
12+
spec:
13+
rules:
14+
- name: add-datasource-for-hourly-backups
15+
match:
16+
any:
17+
- resources:
18+
kinds:
19+
- PersistentVolumeClaim
20+
selector:
21+
matchLabels:
22+
backup: "hourly"
23+
# Only mutate if ReplicationDestination exists and has latestImage
24+
preconditions:
25+
all:
26+
- key: "{{request.operation}}"
27+
operator: Equals
28+
value: "CREATE"
29+
- key: "{{request.object.spec.dataSourceRef || 'null'}}"
30+
operator: Equals
31+
value: "null"
32+
context:
33+
- name: replicationdest
34+
apiCall:
35+
urlPath: "/apis/volsync.backube/v1alpha1/namespaces/{{request.namespace}}/replicationdestinations/{{request.object.metadata.name}}-restore"
36+
jmesPath: "status.latestImage || 'null'"
37+
mutate:
38+
patchStrategicMerge:
39+
spec:
40+
dataSourceRef:
41+
apiGroup: volsync.backube
42+
kind: ReplicationDestination
43+
name: "{{request.object.metadata.name}}-restore"
44+
# Only apply if latestImage exists
45+
+(dataSourceRef): "{{ replicationdest != 'null' }}"
46+
47+
- name: add-datasource-for-daily-backups
48+
match:
49+
any:
50+
- resources:
51+
kinds:
52+
- PersistentVolumeClaim
53+
selector:
54+
matchLabels:
55+
backup: "daily"
56+
# Only mutate if ReplicationDestination exists and has latestImage
57+
preconditions:
58+
all:
59+
- key: "{{request.operation}}"
60+
operator: Equals
61+
value: "CREATE"
62+
- key: "{{request.object.spec.dataSourceRef || 'null'}}"
63+
operator: Equals
64+
value: "null"
65+
context:
66+
- name: replicationdest
67+
apiCall:
68+
urlPath: "/apis/volsync.backube/v1alpha1/namespaces/{{request.namespace}}/replicationdestinations/{{request.object.metadata.name}}-restore"
69+
jmesPath: "status.latestImage || 'null'"
70+
mutate:
71+
patchStrategicMerge:
72+
spec:
73+
dataSourceRef:
74+
apiGroup: volsync.backube
75+
kind: ReplicationDestination
76+
name: "{{request.object.metadata.name}}-restore"
77+
# Only apply if latestImage exists
78+
+(dataSourceRef): "{{ replicationdest != 'null' }}"

my-apps/media/karakeep/karakeep/pvc-data.yaml

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -16,8 +16,4 @@ spec:
1616
requests:
1717
storage: 10Gi
1818
storageClassName: longhorn
19-
dataSourceRef:
20-
kind: ReplicationDestination
21-
apiGroup: volsync.backube
22-
name: data-pvc-restore
2319

my-apps/media/karakeep/meilisearch/pvc-meilisearch.yaml

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,3 @@ spec:
1616
requests:
1717
storage: 10Gi
1818
storageClassName: longhorn
19-
dataSourceRef:
20-
kind: ReplicationDestination
21-
apiGroup: volsync.backube
22-
name: meilisearch-pvc-restore

0 commit comments

Comments
 (0)