From cb0dcf4104d562ecfe20ab62637ce269a82b8109 Mon Sep 17 00:00:00 2001
From: Jonas Kaninda <jonaskaninda@gmail.com>
Date: Sun, 11 Aug 2024 09:49:41 +0200
Subject: [PATCH 1/4] Update docs

---
 README.md     | 2 +-
 docs/index.md | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index db4a4ef..70fae0d 100644
--- a/README.md
+++ b/README.md
@@ -52,7 +52,7 @@ Alternatively, pass a `--env-file` in order to use a full config as described be
 
 ```yaml
  docker run --rm --network your_network_name \
- --env-file your-env-file
+ --env-file your-env-file \
  -v $PWD/backup:/backup/ \
  jkaninda/mysql-bkup backup -d database_name
 ```
diff --git a/docs/index.md b/docs/index.md
index c5a69cb..a73deff 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -47,7 +47,7 @@ Alternatively, pass a `--env-file` in order to use a full config as described be
 
 ```yaml
  docker run --rm --network your_network_name \
- --env-file your-env-file
+ --env-file your-env-file \
  -v $PWD/backup:/backup/ \
  jkaninda/mysql-bkup backup -d database_name
 ```

From 243e25f4fb36e87e2cb8a9c9f81cf5b1e317246d Mon Sep 17 00:00:00 2001
From: Jonas Kaninda <jonaskaninda@gmail.com>
Date: Wed, 14 Aug 2024 22:19:02 +0200
Subject: [PATCH 2/4] Fix encryption permission issue on Openshift

---
 Makefile                             |  2 +-
 README.md                            | 76 ++++++++++++----------------
 docker/Dockerfile                    | 27 ++++++++--
 docs/how-tos/deploy-on-kubernetes.md | 60 +++++++++++++++++++++-
 pkg/backup.go                        |  4 +-
 pkg/scripts.go                       |  2 +-
 6 files changed, 116 insertions(+), 55 deletions(-)

diff --git a/Makefile b/Makefile
index 6516d7c..2433f0a 100644
--- a/Makefile
+++ b/Makefile
@@ -18,7 +18,7 @@ compile:
 docker-build:
 	docker build -f docker/Dockerfile  -t jkaninda/mysql-bkup:latest .
 
-docker-run: #docker-build
+docker-run: docker-build
 	docker run --rm --network web --name mysql-bkup -v "./backup:/backup" -e "DB_HOST=${DB_HOST}" -e "DB_NAME=${DB_NAME}" -e "DB_USERNAME=${DB_USERNAME}" -e "DB_PASSWORD=${DB_PASSWORD}" -e "GPG_PASSPHRASE=${GPG_PASSPHRASE}" ${IMAGE_NAME} backup --prune --keep-last 2
 docker-restore: docker-build
 	docker run --rm --network web --name mysql-bkup -v "./backup:/backup" -e "DB_HOST=${DB_HOST}" -e "DB_NAME=${DB_NAME}" -e "DB_USERNAME=${DB_USERNAME}" -e "DB_PASSWORD=${DB_PASSWORD}"  -e "GPG_PASSPHRASE=${GPG_PASSPHRASE}" ${IMAGE_NAME} restore -f ${FILE_NAME}
diff --git a/README.md b/README.md
index 70fae0d..ce67294 100644
--- a/README.md
+++ b/README.md
@@ -85,57 +85,45 @@ networks:
 ```
 ## Deploy on Kubernetes
 
-For Kubernetes, you don't need to run it in scheduled mode. You can deploy it as CronJob.
+For Kubernetes, you don't need to run it in scheduled mode. You can deploy it as Job or CronJob.
 
-### Simple Kubernetes CronJob usage:
+### Simple Kubernetes backup Job :
 
 ```yaml
 apiVersion: batch/v1
-kind: CronJob
+kind: Job
 metadata:
-  name: bkup-job
+  name: backup
 spec:
-  schedule: "0 1 * * *"
-  jobTemplate:
+  template:
     spec:
-      template:
-        spec:
-          containers:
-          - name: mysql-bkup
-            # In production, it is advised to lock your image tag to a proper
-            # release version instead of using `latest`.
-            # Check https://github.com/jkaninda/mysql-bkup/releases
-            # for a list of available releases.
-            image: jkaninda/mysql-bkup
-            command:
-            - /bin/sh
-            - -c
-            - mysql-bkup backup -s s3 --path /custom_path
-            env:
-              - name: DB_PORT
-                value: "5432" 
-              - name: DB_HOST
-                value: ""
-              - name: DB_NAME
-                value: ""
-              - name: DB_USERNAME
-                value: ""
-              # Please use secret!
-              - name: DB_PASSWORD
-                value: ""
-              - name: AWS_S3_ENDPOINT
-                value: "https://s3.amazonaws.com"
-              - name: AWS_S3_BUCKET_NAME
-                value: "xxx"
-              - name: AWS_REGION
-                value: "us-west-2"    
-              - name: AWS_ACCESS_KEY
-                value: "xxxx"        
-              - name: AWS_SECRET_KEY
-                value: "xxxx"    
-              - name: AWS_DISABLE_SSL
-                value: "false"
-          restartPolicy: Never
+      containers:
+        - name: mysql-bkup
+          # In production, it is advised to lock your image tag to a proper
+          # release version instead of using `latest`.
+          # Check https://github.com/jkaninda/mysql-bkup/releases
+          # for a list of available releases.
+          image: jkaninda/mysql-bkup
+          command:
+            - bkup
+            - backup
+          resources:
+            limits:
+              memory: "128Mi"
+              cpu: "500m"
+          env:
+            - name: DB_PORT
+              value: "3306"
+            - name: DB_HOST
+              value: ""
+            - name: DB_NAME
+              value: "dbname"
+            - name: DB_USERNAME
+              value: "username"
+            # Please use secret!
+            - name: DB_PASSWORD
+              value: ""
+      restartPolicy: Never
 ```
 ## Available image registries
 
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 65f894c..5ac701a 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -31,7 +31,9 @@ ENV SSH_HOST_NAME=""
 ENV SSH_IDENTIFY_FILE=""
 ENV SSH_PORT="22"
 ARG DEBIAN_FRONTEND=noninteractive
-ENV VERSION="v1.2.1"
+ENV VERSION="v1.2.2"
+ENV BACKUP_CRON_EXPRESSION=""
+ENV GNUPGHOME="/tmp/gnupg"
 ARG WORKDIR="/app"
 ARG BACKUPDIR="/backup"
 ARG BACKUP_TMP_DIR="/tmp/backup"
@@ -40,7 +42,6 @@ ARG BACKUP_CRON_SCRIPT="/usr/local/bin/backup_cron.sh"
 LABEL author="Jonas Kaninda"
 
 RUN apt-get update -qq
-#RUN apt-get install build-essential libcurl4-openssl-dev libxml2-dev mime-support -y
 RUN apt install mysql-client supervisor cron gnupg -y
 
 # Clear cache
@@ -48,14 +49,16 @@ RUN apt-get clean && rm -rf /var/lib/apt/lists/*
 
 RUN mkdir $WORKDIR
 RUN mkdir $BACKUPDIR
-RUN mkdir -p $BACKUP_TMP_DIR
+RUN mkdir -p $BACKUP_TMP_DIR && \
+    mkdir -p $GNUPGHOME
 RUN chmod 777 $WORKDIR
 RUN chmod 777 $BACKUPDIR
 RUN chmod 777 $BACKUP_TMP_DIR
 RUN touch $BACKUP_CRON && \
     touch $BACKUP_CRON_SCRIPT && \
     chmod 777 $BACKUP_CRON && \
-    chmod 777 $BACKUP_CRON_SCRIPT
+    chmod 777 $BACKUP_CRON_SCRIPT && \
+    chmod 777 $GNUPGHOME
 
 COPY --from=build /app/mysql-bkup /usr/local/bin/mysql-bkup
 RUN chmod +x /usr/local/bin/mysql-bkup
@@ -65,4 +68,18 @@ RUN ln -s /usr/local/bin/mysql-bkup /usr/local/bin/bkup
 ADD docker/supervisord.conf /etc/supervisor/supervisord.conf
 
 WORKDIR $WORKDIR
-ENTRYPOINT ["/usr/local/bin/mysql-bkup"]
+# Create backup shell script
+COPY <<EOF /usr/local/bin/backup
+#!/bin/sh
+# shellcheck disable=SC2068
+/usr/local/bin/mysql-bkup backup $@
+EOF
+# Create restore shell script
+COPY <<EOF /usr/local/bin/restore
+#!/bin/sh
+# shellcheck disable=SC2068
+/usr/local/bin/mysql-bkup restore $@
+EOF
+RUN chmod +x /usr/local/bin/backup && \
+    chmod +x /usr/local/bin/restore
+#ENTRYPOINT ["/usr/local/bin/mysql-bkup"]
diff --git a/docs/how-tos/deploy-on-kubernetes.md b/docs/how-tos/deploy-on-kubernetes.md
index 5cd97a0..fad8f3c 100644
--- a/docs/how-tos/deploy-on-kubernetes.md
+++ b/docs/how-tos/deploy-on-kubernetes.md
@@ -10,7 +10,60 @@ nav_order: 8
 To deploy MySQL Backup on Kubernetes, you can use Job to backup or Restore your database.
 For recurring backup you can use CronJob, you don't need to run it in scheduled mode. as described bellow.
 
-## Backup Job
+## Backup to S3 storage
+
+```yaml
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: backup
+spec:
+  template:
+    spec:
+      containers:
+        - name: mysql-bkup
+          # In production, it is advised to lock your image tag to a proper
+          # release version instead of using `latest`.
+          # Check https://github.com/jkaninda/mysql-bkup/releases
+          # for a list of available releases.
+          image: jkaninda/mysql-bkup
+          command:
+            - bkup
+            - backup
+            - --storage
+            - s3
+          resources:
+            limits:
+              memory: "128Mi"
+              cpu: "500m"
+          env:
+            - name: DB_PORT
+              value: "3306"
+            - name: DB_HOST
+              value: ""
+            - name: DB_NAME
+              value: "dbname"
+            - name: DB_USERNAME
+              value: "username"
+            # Please use secret!
+            - name: DB_PASSWORD
+              value: ""
+            - name: AWS_S3_ENDPOINT
+              value: "https://s3.amazonaws.com"
+            - name: AWS_S3_BUCKET_NAME
+              value: "xxx"
+            - name: AWS_REGION
+              value: "us-west-2"
+            - name: AWS_ACCESS_KEY
+              value: "xxxx"
+            - name: AWS_SECRET_KEY
+              value: "xxxx"
+            - name: AWS_DISABLE_SSL
+              value: "false"
+      restartPolicy: Never
+```
+
+## Backup Job to SSH remote server
 
 ```yaml
 apiVersion: batch/v1
@@ -177,7 +230,10 @@ spec:
 ```
 
 ## Kubernetes Rootless
-    
+
+This image also supports Kubernetes security context, you can run it in Rootless environment.
+It has been tested on Openshift, it works well.
+Deployment on Openshift is supported, you need to remove `securityContext` section on your yaml file.
 
 ```yaml
 apiVersion: batch/v1
diff --git a/pkg/backup.go b/pkg/backup.go
index 0762903..a86b8f7 100644
--- a/pkg/backup.go
+++ b/pkg/backup.go
@@ -22,7 +22,7 @@ func StartBackup(cmd *cobra.Command) {
 	utils.SetEnv("STORAGE_PATH", storagePath)
 	utils.GetEnv(cmd, "dbname", "DB_NAME")
 	utils.GetEnv(cmd, "port", "DB_PORT")
-	utils.GetEnv(cmd, "period", "SCHEDULE_PERIOD")
+	utils.GetEnv(cmd, "period", "BACKUP_CRON_EXPRESSION")
 
 	//Get flag value and set env
 	remotePath := utils.GetEnv(cmd, "path", "SSH_REMOTE_PATH")
@@ -77,7 +77,7 @@ func scheduledMode(storage string) {
 	fmt.Println("     Starting MySQL Bkup...       ")
 	fmt.Println("***********************************")
 	utils.Info("Running in Scheduled mode")
-	utils.Info("Execution period  %s", os.Getenv("SCHEDULE_PERIOD"))
+	utils.Info("Execution period  %s", os.Getenv("BACKUP_CRON_EXPRESSION"))
 	utils.Info("Storage type %s ", storage)
 
 	//Test database connexion
diff --git a/pkg/scripts.go b/pkg/scripts.go
index 98870bb..4e25a22 100644
--- a/pkg/scripts.go
+++ b/pkg/scripts.go
@@ -54,7 +54,7 @@ set -e
 	}
 
 	cronContent := fmt.Sprintf(`%s root exec /bin/bash -c ". /run/supervisord.env; /usr/local/bin/backup_cron.sh >> %s"
-`, os.Getenv("SCHEDULE_PERIOD"), cronLogFile)
+`, os.Getenv("BACKUP_CRON_EXPRESSION"), cronLogFile)
 
 	if err := utils.WriteToFile(cronJob, cronContent); err != nil {
 		utils.Fatal("Error writing to %s: %v\n", cronJob, err)

From a70a893c11f8c304810a02f5194579e67bbc376a Mon Sep 17 00:00:00 2001
From: Jonas Kaninda <jonaskaninda@gmail.com>
Date: Wed, 14 Aug 2024 22:19:35 +0200
Subject: [PATCH 3/4] Fix encryption permission issue on Openshift

---
 docker/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 5ac701a..e34fccd 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -82,4 +82,4 @@ COPY <<EOF /usr/local/bin/restore
 EOF
 RUN chmod +x /usr/local/bin/backup && \
     chmod +x /usr/local/bin/restore
-#ENTRYPOINT ["/usr/local/bin/mysql-bkup"]
+ENTRYPOINT ["/usr/local/bin/mysql-bkup"]

From b1c9abf9315c3c4c70772229a45eab8c56f2116d Mon Sep 17 00:00:00 2001
From: Jonas Kaninda <jonaskaninda@gmail.com>
Date: Wed, 14 Aug 2024 22:28:16 +0200
Subject: [PATCH 4/4] Clean up

---
 scripts/backup_script.sh | 8 --------
 1 file changed, 8 deletions(-)
 delete mode 100755 scripts/backup_script.sh

diff --git a/scripts/backup_script.sh b/scripts/backup_script.sh
deleted file mode 100755
index a4be9a7..0000000
--- a/scripts/backup_script.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/sh
-DB_USERNAME='db_username'
-DB_PASSWORD='password'
-DB_HOST='db_hostname'
-DB_NAME='db_name'
-BACKUP_DIR="$PWD/backup"
-
-docker run --rm --name mysql-bkup -v $BACKUP_DIR:/backup/ -e "DB_HOST=$DB_HOST" -e "DB_USERNAME=$DB_USERNAME" -e "DB_PASSWORD=$DB_PASSWORD" jkaninda/mysql-bkup:latest backup -d $DB_NAME
\ No newline at end of file