adding RestorePlan to Backup for GKE

mmv1/templates/terraform/examples/gkebackup_restoreplan_all_cluster_resources.tf.erb

@@ -0,0 +1,39 @@
+resource "google_container_cluster" "primary" {
+  name               = "<%= ctx[:vars]['name'] %>-cluster"
+  location           = "us-central1"
+  initial_node_count = 1
+  workload_identity_config {
+    workload_pool = "<%= ctx[:test_env_vars]['project'] %>.svc.id.goog"
+  }
+  addons_config {
+    gke_backup_agent_config {
+      enabled = true
+    }
+  }
+}
+
+resource "google_gke_backup_backup_plan" "basic" {
+  name = "<%= ctx[:vars]['name'] %>"
+  cluster = google_container_cluster.primary.id
+  location = "us-central1"
+  backup_config {
+    include_volume_data = true
+    include_secrets = true
+    all_namespaces = true
+  }
+}
+
+resource "google_gke_backup_restore_plan" "all_cluster_resources" {
+  name = "<%= ctx[:vars]['name'] %>-rp"
+  location = "us-central1"
+  backup_plan = google_gke_backup_backup_plan.basic.id
+  cluster = google_container_cluster.primary.id
+  restore_config {
+    no_namespaces = true
+    namespaced_resource_restore_mode = "FAIL_ON_CONFLICT"
+    cluster_resource_restore_scope {
+      all_group_kinds = true
+    }
+    cluster_resource_conflict_policy = "USE_EXISTING_VERSION"
+  }
+}

mmv1/templates/terraform/examples/gkebackup_restoreplan_all_namespaces.tf.erb

@@ -0,0 +1,40 @@
+resource "google_container_cluster" "primary" {
+  name               = "<%= ctx[:vars]['name'] %>-cluster"
+  location           = "us-central1"
+  initial_node_count = 1
+  workload_identity_config {
+    workload_pool = "<%= ctx[:test_env_vars]['project'] %>.svc.id.goog"
+  }
+  addons_config {
+    gke_backup_agent_config {
+      enabled = true
+    }
+  }
+}
+
+resource "google_gke_backup_backup_plan" "basic" {
+  name = "<%= ctx[:vars]['name'] %>"
+  cluster = google_container_cluster.primary.id
+  location = "us-central1"
+  backup_config {
+    include_volume_data = true
+    include_secrets = true
+    all_namespaces = true
+  }
+}
+
+resource "google_gke_backup_restore_plan" "all_ns" {
+  name = "<%= ctx[:vars]['name'] %>"
+  location = "us-central1"
+  backup_plan = google_gke_backup_backup_plan.basic.id
+  cluster = google_container_cluster.primary.id
+  restore_config {
+    all_namespaces = true
+    namespaced_resource_restore_mode = "FAIL_ON_CONFLICT"
+    volume_data_restore_policy = "RESTORE_VOLUME_DATA_FROM_BACKUP"
+    cluster_resource_restore_scope {
+      all_group_kinds = true
+    }
+    cluster_resource_conflict_policy = "USE_EXISTING_VERSION"
+  }
+}

mmv1/templates/terraform/examples/gkebackup_restoreplan_protected_application.tf.erb

@@ -0,0 +1,44 @@
+resource "google_container_cluster" "primary" {
+  name               = "<%= ctx[:vars]['name'] %>-cluster"
+  location           = "us-central1"
+  initial_node_count = 1
+  workload_identity_config {
+    workload_pool = "<%= ctx[:test_env_vars]['project'] %>.svc.id.goog"
+  }
+  addons_config {
+    gke_backup_agent_config {
+      enabled = true
+    }
+  }
+}
+
+resource "google_gke_backup_backup_plan" "basic" {
+  name = "<%= ctx[:vars]['name'] %>"
+  cluster = google_container_cluster.primary.id
+  location = "us-central1"
+  backup_config {
+    include_volume_data = true
+    include_secrets = true
+    all_namespaces = true
+  }
+}
+
+resource "google_gke_backup_restore_plan" "rollback_app" {
+  name = "<%= ctx[:vars]['name'] %>-rp"
+  location = "us-central1"
+  backup_plan = google_gke_backup_backup_plan.basic.id
+  cluster = google_container_cluster.primary.id
+  restore_config {
+    selected_applications {
+      namespaced_names {
+        name = "my-app"
+        namespace = "my-ns"
+      }
+    }
+    namespaced_resource_restore_mode = "DELETE_AND_RESTORE"
+    volume_data_restore_policy = "REUSE_VOLUME_HANDLE_FROM_BACKUP"
+    cluster_resource_restore_scope {
+      no_group_kinds = true
+    }
+  }
+}

mmv1/templates/terraform/examples/gkebackup_restoreplan_rename_namespace.tf.erb

@@ -0,0 +1,66 @@
+resource "google_container_cluster" "primary" {
+  name               = "<%= ctx[:vars]['name'] %>-cluster"
+  location           = "us-central1"
+  initial_node_count = 1
+  workload_identity_config {
+    workload_pool = "<%= ctx[:test_env_vars]['project'] %>.svc.id.goog"
+  }
+  addons_config {
+    gke_backup_agent_config {
+      enabled = true
+    }
+  }
+}
+
+resource "google_gke_backup_backup_plan" "basic" {
+  name = "<%= ctx[:vars]['name'] %>"
+  cluster = google_container_cluster.primary.id
+  location = "us-central1"
+  backup_config {
+    include_volume_data = true
+    include_secrets = true
+    all_namespaces = true
+  }
+}
+
+resource "google_gke_backup_restore_plan" "rename_ns" {
+  name = "<%= ctx[:vars]['name'] %>-rp"
+  location = "us-central1"
+  backup_plan = google_gke_backup_backup_plan.basic.id
+  cluster = google_container_cluster.primary.id
+  restore_config {
+    selected_namespaces {
+      namespaces = ["ns1"]
+    }
+    namespaced_resource_restore_mode = "FAIL_ON_CONFLICT"
+    volume_data_restore_policy = "REUSE_VOLUME_HANDLE_FROM_BACKUP"
+    cluster_resource_restore_scope {
+      no_group_kinds = true
+    }
+    transformation_rules {
+      description = "rename namespace from ns1 to ns2"
+      resource_filter {
+        group_kinds {
+          resource_kind = "Namespace"
+        }
+        json_path = ".metadata[?(@.name == 'ns1')]"
+      }
+      field_actions {
+        op = "REPLACE"
+        path = "/metadata/name"
+        value = "ns2"
+      }
+    }
+    transformation_rules {
+      description = "move all resources from ns1 to ns2"
+      resource_filter {
+        namespaces = ["ns1"]
+      }
+      field_actions {
+        op = "REPLACE"
+        path = "/metadata/namespace"
+        value = "ns2"
+      }
+    }
+  }
+}

mmv1/templates/terraform/examples/gkebackup_restoreplan_rollback_namespace.tf.erb

@@ -0,0 +1,49 @@
+resource "google_container_cluster" "primary" {
+  name               = "<%= ctx[:vars]['name'] %>-cluster"
+  location           = "us-central1"
+  initial_node_count = 1
+  workload_identity_config {
+    workload_pool = "<%= ctx[:test_env_vars]['project'] %>.svc.id.goog"
+  }
+  addons_config {
+    gke_backup_agent_config {
+      enabled = true
+    }
+  }
+}
+
+resource "google_gke_backup_backup_plan" "basic" {
+  name = "<%= ctx[:vars]['name'] %>"
+  cluster = google_container_cluster.primary.id
+  location = "us-central1"
+  backup_config {
+    include_volume_data = true
+    include_secrets = true
+    all_namespaces = true
+  }
+}
+
+resource "google_gke_backup_restore_plan" "rollback_ns" {
+  name = "<%= ctx[:vars]['name'] %>-rp"
+  location = "us-central1"
+  backup_plan = google_gke_backup_backup_plan.basic.id
+  cluster = google_container_cluster.primary.id
+  restore_config {
+    selected_namespaces {
+      namespaces = ["my-ns"]
+    }
+    namespaced_resource_restore_mode = "DELETE_AND_RESTORE"
+    volume_data_restore_policy = "RESTORE_VOLUME_DATA_FROM_BACKUP"
+    cluster_resource_restore_scope {
+      selected_group_kinds {
+        resource_group = "apiextension.k8s.io"
+        resource_kind = "CustomResourceDefinition"
+      }
+      selected_group_kinds {
+        resource_group = "storage.k8s.io"
+        resource_kind = "StorageClass"
+      }
+    }
+    cluster_resource_conflict_policy = "USE_EXISTING_VERSION"
+  }
+}

mmv1/templates/terraform/examples/gkebackup_restoreplan_second_transformation.tf.erb

@@ -0,0 +1,64 @@
+resource "google_container_cluster" "primary" {
+  name               = "<%= ctx[:vars]['name'] %>-cluster"
+  location           = "us-central1"
+  initial_node_count = 1
+  workload_identity_config {
+    workload_pool = "<%= ctx[:test_env_vars]['project'] %>.svc.id.goog"
+  }
+  addons_config {
+    gke_backup_agent_config {
+      enabled = true
+    }
+  }
+}
+
+resource "google_gke_backup_backup_plan" "basic" {
+  name = "<%= ctx[:vars]['name'] %>"
+  cluster = google_container_cluster.primary.id
+  location = "us-central1"
+  backup_config {
+    include_volume_data = true
+    include_secrets = true
+    all_namespaces = true
+  }
+}
+
+resource "google_gke_backup_restore_plan" "transform_rule" {
+  name = "<%= ctx[:vars]['name'] %>-rp"
+  description = "copy nginx env variables"
+  labels = {
+    "app" = "nginx"
+  }
+  location = "us-central1"
+  backup_plan = google_gke_backup_backup_plan.basic.id
+  cluster = google_container_cluster.primary.id
+  restore_config {
+    excluded_namespaces {
+      namespaces = ["my-ns"]
+    }
+    namespaced_resource_restore_mode = "DELETE_AND_RESTORE"
+    volume_data_restore_policy = "RESTORE_VOLUME_DATA_FROM_BACKUP"
+    cluster_resource_restore_scope {
+      excluded_group_kinds {
+        resource_group = "apiextension.k8s.io"
+        resource_kind = "CustomResourceDefinition"
+      }
+    }
+    cluster_resource_conflict_policy = "USE_EXISTING_VERSION"
+    transformation_rules {
+      description = "Copy environment variables from the nginx container to the install init container."
+      resource_filter {
+        group_kinds {
+          resource_kind = "Pod"
+          resource_group = ""
+        }
+        json_path = ".metadata[?(@.name == 'nginx')]"
+      }
+      field_actions {
+        op = "COPY"
+        path = "/spec/initContainers/0/env"
+        from_path = "/spec/containers/0/env"
+      }
+    }
+  }
+}