{{/*
Copyright 2017 The Openstack-Helm Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

   http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}

{{- if .Values.manifests.cron_job_postgresql_backup }}
{{- $envAll := . }}

{{- $serviceAccountName := "postgresql-backup" }}
{{ tuple $envAll "postgresql_account" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
  name: postgresql-backup
  annotations:
    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
spec:
  schedule: {{ .Values.jobs.backup_postgresql.cron | quote }}
  successfulJobsHistoryLimit: {{ .Values.jobs.backup_postgresql.history.success }}
  failedJobsHistoryLimit: {{ .Values.jobs.backup_postgresql.history.failed }}
  concurrencyPolicy: Forbid
  jobTemplate:
    metadata:
      labels:
{{ tuple $envAll "postgresql-backup" "backup" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
    spec:
      template:
        metadata:
          labels:
{{ tuple $envAll "postgresql-backup" "backup" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
        spec:
          serviceAccountName: {{ $serviceAccountName }}
          restartPolicy: OnFailure
          nodeSelector:
            {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
          containers:
            - name: postgresql-backup
{{ tuple $envAll "postgresql_backup" | include "helm-toolkit.snippets.image" | indent 14 }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.postgresql_backup | include "helm-toolkit.snippets.kubernetes_resources" | indent 14 }}
              command:
                - /tmp/backup_postgresql.sh
              env:
                - name: POSTGRESQL_BACKUP_PASSWORD
                  valueFrom:
                    secretKeyRef:
                      key: POSTGRES_PASSWORD
                      name: postgresql-admin
                - name: POSTGRESQL_BACKUP_USER
                  valueFrom:
                    secretKeyRef:
                      key: POSTGRES_USER
                      name: postgresql-admin
                - name: POSTGRESQL_BACKUP_BASE_DIR
                  value: {{ .Values.conf.backup.base_path }}
                - name: POSTGRESQL_BACKUP_PG_DUMPALL_OPTIONS
                  value: {{ .Values.conf.backup.pg_dumpall_options }}
                - name: POSTGRESQL_BACKUP_DAYS_TO_KEEP
                  value: "{{ .Values.conf.backup.days_of_backup_to_keep }}"
                - name: POSTGRESQL_POD_NAMESPACE
                  valueFrom:
                    fieldRef:
                      fieldPath: metadata.namespace
              volumeMounts:
                - name: pod-tmp
                  mountPath: /tmp
                - mountPath: /tmp/backup_postgresql.sh
                  name: postgresql-bin
                  readOnly: true
                  subPath: backup_postgresql.sh
                - mountPath: {{ .Values.conf.backup.base_path }}
                  name: postgresql-backup-dir
                - name: postgresql-secrets
                  mountPath: /etc/postgresql/admin_user.conf
                  subPath: admin_user.conf
                  readOnly: true
          restartPolicy: OnFailure
          securityContext: {}
          serviceAccount: {{ $serviceAccountName }}
          serviceAccountName: {{ $serviceAccountName }}
          volumes:
            - name: pod-tmp
              emptyDir: {}
            - name: postgresql-secrets
              secret:
                secretName: postgresql-secrets
                defaultMode: 0600
            - name: postgresql-bin
              secret:
                secretName: postgresql-bin
                defaultMode: 365
            {{- if and .Values.volume.backup.enabled  .Values.manifests.pvc_backup }}
            - name: postgresql-backup-dir
              persistentVolumeClaim:
                claimName: postgresql-backup-data
            {{- else }}
            - hostPath:
                path: {{ .Values.conf.backup.base_path }}
                type: DirectoryOrCreate
              name: postgresql-backup-dir
            {{- end }}
{{- end }}