Update with new pipelinerun for mas-backup

Author: whitfiea

src/mas/devops/tekton.py

@@ -262,7 +262,7 @@ def updateTektonDefinitions(namespace: str, yamlFile: str) -> None:
         logger.debug(line)
 
 
-def preparePipelinesNamespace(dynClient: DynamicClient, instanceId: str = None, storageClass: str = None, accessMode: str = None, waitForBind: bool = True, configureRBAC: bool = True):
+def preparePipelinesNamespace(dynClient: DynamicClient, instanceId: str = None, storageClass: str = None, accessMode: str = None, waitForBind: bool = True, configureRBAC: bool = True, createBackupPVC: bool = False, backupStorageSize: str = "20Gi"):
     """
     Prepare a namespace for MAS pipelines by creating RBAC and PVC resources.
 
@@ -276,6 +276,8 @@ def preparePipelinesNamespace(dynClient: DynamicClient, instanceId: str = None,
         accessMode (str, optional): Access mode for the PVC. Defaults to None.
         waitForBind (bool, optional): Whether to wait for PVC to bind. Defaults to True.
         configureRBAC (bool, optional): Whether to configure RBAC. Defaults to True.
+        createBackupPVC (bool, optional): Whether to create backup PVC. Defaults to False.
+        backupStorageSize (str, optional): Size of the backup PVC storage. Defaults to "20Gi".
 
     Returns:
         None
@@ -304,6 +306,9 @@ def preparePipelinesNamespace(dynClient: DynamicClient, instanceId: str = None,
 
     # Create PVC (instanceId namespace only)
     if instanceId is not None:
+        pvcAPI = dynClient.resources.get(api_version="v1", kind="PersistentVolumeClaim")
+
+        # Create config PVC
         template = env.get_template("pipelines-pvc.yml.j2")
         renderedTemplate = template.render(
             mas_instance_id=instanceId,
@@ -312,24 +317,51 @@ def preparePipelinesNamespace(dynClient: DynamicClient, instanceId: str = None,
         )
         logger.debug(renderedTemplate)
         pvc = yaml.safe_load(renderedTemplate)
-        pvcAPI = dynClient.resources.get(api_version="v1", kind="PersistentVolumeClaim")
         pvcAPI.apply(body=pvc, namespace=namespace)
+
         # Automatically determine if we should wait for PVC binding based on storage class
         volumeBindingMode = getStorageClassVolumeBindingMode(dynClient, storageClass)
         waitForBind = (volumeBindingMode == "Immediate")
         if waitForBind:
-            logger.info(f"Storage class {storageClass} uses volumeBindingMode={volumeBindingMode}, waiting for PVC to bind")
+            logger.info(f"Storage class {storageClass} uses volumeBindingMode={volumeBindingMode}, waiting for config PVC to bind")
             pvcIsBound = False
             while not pvcIsBound:
                 configPVC = pvcAPI.get(name="config-pvc", namespace=namespace)
                 if configPVC.status.phase == "Bound":
                     pvcIsBound = True
                 else:
-                    logger.debug("Waiting 15s before checking status of PVC again")
+                    logger.debug("Waiting 15s before checking status of config PVC again")
                     logger.debug(configPVC)
                     sleep(15)
         else:
-            logger.info(f"Storage class {storageClass} uses volumeBindingMode={volumeBindingMode}, skipping PVC bind wait")
+            logger.info(f"Storage class {storageClass} uses volumeBindingMode={volumeBindingMode}, skipping config PVC bind wait")
+
+        # Create backup PVC if requested
+        if createBackupPVC:
+            logger.info("Creating backup PVC")
+            backupTemplate = env.get_template("pipelines-backup-pvc.yml.j2")
+            renderedBackupTemplate = backupTemplate.render(
+                mas_instance_id=instanceId,
+                pipeline_storage_class=storageClass,
+                pipeline_storage_accessmode=accessMode
+            )
+            logger.debug(renderedBackupTemplate)
+            backupPvc = yaml.safe_load(renderedBackupTemplate)
+            pvcAPI.apply(body=backupPvc, namespace=namespace)
+
+            if waitForBind:
+                logger.info(f"Storage class {storageClass} uses volumeBindingMode={volumeBindingMode}, waiting for backup PVC to bind")
+                backupPvcIsBound = False
+                while not backupPvcIsBound:
+                    backupPVC = pvcAPI.get(name="backup-pvc", namespace=namespace)
+                    if backupPVC.status.phase == "Bound":
+                        backupPvcIsBound = True
+                    else:
+                        logger.debug("Waiting 15s before checking status of backup PVC again")
+                        logger.debug(backupPVC)
+                        sleep(15)
+            else:
+                logger.info(f"Storage class {storageClass} uses volumeBindingMode={volumeBindingMode}, skipping backup PVC bind wait")
 
 
 def prepareAiServicePipelinesNamespace(dynClient: DynamicClient, instanceId: str = None, storageClass: str = None, accessMode: str = None, waitForBind: bool = True, configureRBAC: bool = True):
@@ -697,6 +729,28 @@ def launchUpdatePipeline(dynClient: DynamicClient, params: dict) -> str:
     return pipelineURL
 
 
+def launchBackupPipeline(dynClient: DynamicClient, params: dict) -> str:
+    """
+    Create a PipelineRun to backup a MAS instance.
+
+    Parameters:
+        dynClient (DynamicClient): OpenShift Dynamic Client
+        params (dict): Backup parameters including instance ID and configuration
+
+    Returns:
+        str: URL to the PipelineRun in the OpenShift console
+
+    Raises:
+        NotFoundError: If resources cannot be created
+    """
+    instanceId = params["mas_instance_id"]
+    namespace = f"mas-{instanceId}-pipelines"
+    timestamp = launchPipelineRun(dynClient, namespace, "pipelinerun-backup", params)
+
+    pipelineURL = f"{getConsoleURL(dynClient)}/k8s/ns/mas-{instanceId}-pipelines/tekton.dev~v1beta1~PipelineRun/{instanceId}-backup-{timestamp}"
+    return pipelineURL
+
+
 def launchAiServiceUpgradePipeline(dynClient: DynamicClient,
                                    aiserviceInstanceId: str,
                                    skipPreCheck: bool = False,

src/mas/devops/templates/pipelinerun-backup.yml.j2

@@ -0,0 +1,100 @@
+---
+apiVersion: tekton.dev/v1beta1
+kind: PipelineRun
+metadata:
+  generateName: {{ mas_instance_id }}-backup-{{ backup_version }}-
+  labels:
+    mas.ibm.com/instanceId: "{{ mas_instance_id }}"
+spec:
+  pipelineRef:
+    name: mas-backup
+  serviceAccountName: pipeline
+  workspaces:
+    - name: shared-configs
+      persistentVolumeClaim:
+        claimName: config-pvc
+    - name: shared-backups
+      persistentVolumeClaim:
+        claimName: backup-pvc
+  params:
+    # Common Parameters
+    - name: image_pull_policy
+      value: IfNotPresent
+    - name: mas_instance_id
+      value: "{{ mas_instance_id }}"
+
+    # Backup Configuration
+    - name: backup_version
+      value: "{{ backup_version }}"
+
+    # Component Flags
+    {% if include_sls is defined and include_sls != "" %}
+    - name: include_sls
+      value: "{{ include_sls }}"
+    {% endif %}
+
+    # MongoDB Configuration
+    {% if mongodb_namespace is defined and mongodb_namespace != "" %}
+    - name: mongodb_namespace
+      value: "{{ mongodb_namespace }}"
+    {% endif %}
+    {% if mongodb_instance_name is defined and mongodb_instance_name != "" %}
+    - name: mongodb_instance_name
+      value: "{{ mongodb_instance_name }}"
+    {% endif %}
+    {% if mongodb_provider is defined and mongodb_provider != "" %}
+    - name: mongodb_provider
+      value: "{{ mongodb_provider }}"
+    {% endif %}
+
+    # SLS Configuration
+    {% if sls_namespace is defined and sls_namespace != "" %}
+    - name: sls_namespace
+      value: "{{ sls_namespace }}"
+    {% endif %}
+
+    # Certificate Manager Configuration
+    {% if cert_manager_provider is defined and cert_manager_provider != "" %}
+    - name: cert_manager_provider
+      value: "{{ cert_manager_provider }}"
+    {% endif %}
+
+    # Development Build Support
+    {% if artifactory_username is defined and artifactory_username != "" %}
+    - name: artifactory_username
+      value: "{{ artifactory_username }}"
+    {% endif %}
+    {% if artifactory_token is defined and artifactory_token != "" %}
+    - name: artifactory_token
+      value: "{{ artifactory_token }}"
+    {% endif %}
+
+    # Upload Configuration
+    {% if upload_backup is defined and upload_backup != "" %}
+    - name: upload_backup
+      value: "{{ upload_backup }}"
+    {% endif %}
+    {% if aws_access_key_id is defined and aws_access_key_id != "" %}
+    - name: aws_access_key_id
+      value: "{{ aws_access_key_id }}"
+    {% endif %}
+    {% if aws_secret_access_key is defined and aws_secret_access_key != "" %}
+    - name: aws_secret_access_key
+      value: "{{ aws_secret_access_key }}"
+    {% endif %}
+    {% if s3_bucket_name is defined and s3_bucket_name != "" %}
+    - name: s3_bucket_name
+      value: "{{ s3_bucket_name }}"
+    {% endif %}
+    {% if s3_region is defined and s3_region != "" %}
+    - name: s3_region
+      value: "{{ s3_region }}"
+    {% endif %}
+    {% if artifactory_url is defined and artifactory_url != "" %}
+    - name: artifactory_url
+      value: "{{ artifactory_url }}"
+    {% endif %}
+    {% if artifactory_repository is defined and artifactory_repository != "" %}
+    - name: artifactory_repository
+      value: "{{ artifactory_repository }}"
+    {% endif %}

src/mas/devops/templates/pipelines-backup-pvc.yml.j2

@@ -0,0 +1,15 @@
+---
+# PVC for backup storage
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: backup-pvc
+  namespace: mas-{{ mas_instance_id }}-pipelines
+spec:
+  accessModes:
+    - {{ pipeline_storage_accessmode }}
+  volumeMode: Filesystem
+  storageClassName: {{ pipeline_storage_class }}
+  resources:
+    requests:
+      storage: {{ backup_storage_size }}