Fixed backup/restore docker images

README.md

@@ -116,6 +116,7 @@ Security scanning is graciously provided by Prowler. Proowler is the leading ful
 
 | Name | Source | Version |
 |------|--------|---------|
+| <a name="module_backup_restore"></a> [backup\_restore](#module\_backup\_restore) | ./modules/db-backup-restore | n/a |
 | <a name="module_cw_sns_slack"></a> [cw\_sns\_slack](#module\_cw\_sns\_slack) | ./lambda | n/a |
 | <a name="module_db"></a> [db](#module\_db) | terraform-aws-modules/rds/aws | 6.1.0 |
 | <a name="module_db_replica"></a> [db\_replica](#module\_db\_replica) | terraform-aws-modules/rds/aws | 6.1.0 |
@@ -152,9 +153,12 @@ Security scanning is graciously provided by Prowler. Proowler is the leading ful
 | <a name="input_availability_zone"></a> [availability\_zone](#input\_availability\_zone) | The Availability Zone of the RDS instance | `string` | `null` | no |
 | <a name="input_backup_retention_period"></a> [backup\_retention\_period](#input\_backup\_retention\_period) | The number of days to retain backups for | `number` | `5` | no |
 | <a name="input_backup_window"></a> [backup\_window](#input\_backup\_window) | The time window during which database backups are performed | `string` | `"03:00-06:00"` | no |
+| <a name="input_bucket_provider_type"></a> [bucket\_provider\_type](#input\_bucket\_provider\_type) | Choose what type of provider you want (s3, gcs) | `string` | `"s3"` | no |
 | <a name="input_cloudwatch_log_group_retention_in_days"></a> [cloudwatch\_log\_group\_retention\_in\_days](#input\_cloudwatch\_log\_group\_retention\_in\_days) | The number of days to retain CloudWatch logs for the database instance | `number` | `7` | no |
 | <a name="input_cloudwatch_metric_alarms_enabled"></a> [cloudwatch\_metric\_alarms\_enabled](#input\_cloudwatch\_metric\_alarms\_enabled) | Boolean flag to enable/disable CloudWatch metrics alarms | `bool` | `false` | no |
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Specifies the name of the EKS cluster to deploy the MySQL application on. | `string` | `""` | no |
 | <a name="input_create_db_subnet_group"></a> [create\_db\_subnet\_group](#input\_create\_db\_subnet\_group) | Whether to create a database subnet group | `bool` | `true` | no |
+| <a name="input_create_namespace"></a> [create\_namespace](#input\_create\_namespace) | Specify whether or not to create the namespace if it does not already exist. Set it to true to create the namespace. | `string` | `false` | no |
 | <a name="input_create_random_password"></a> [create\_random\_password](#input\_create\_random\_password) | Whether to create a random password for the primary database cluster | `bool` | `false` | no |
 | <a name="input_custom_user_password"></a> [custom\_user\_password](#input\_custom\_user\_password) | Custom password for the RDS master user | `string` | `""` | no |
 | <a name="input_cw_sns_topic_arn"></a> [cw\_sns\_topic\_arn](#input\_cw\_sns\_topic\_arn) | The username to use when sending notifications to Slack. | `string` | `""` | no |
@@ -177,7 +181,12 @@ Security scanning is graciously provided by Prowler. Proowler is the leading ful
 | <a name="input_master_username"></a> [master\_username](#input\_master\_username) | The username for the RDS primary cluster | `string` | `""` | no |
 | <a name="input_max_allocated_storage"></a> [max\_allocated\_storage](#input\_max\_allocated\_storage) | The Maximum storage capacity for the database value after autoscaling | `number` | `null` | no |
 | <a name="input_multi_az"></a> [multi\_az](#input\_multi\_az) | Enables multi-AZ for disaster recovery | `bool` | `false` | no |
+| <a name="input_mysqldb_backup_config"></a> [mysqldb\_backup\_config](#input\_mysqldb\_backup\_config) | configuration options for MySQL database backups. It includes properties such as the S3 bucket URI, the S3 bucket region, and the cron expression for full backups. | `map(string)` | <pre>{<br/>  "bucket_uri": "",<br/>  "cron_for_full_backup": "",<br/>  "mysql_database_name": "",<br/>  "s3_bucket_region": ""<br/>}</pre> | no |
+| <a name="input_mysqldb_backup_enabled"></a> [mysqldb\_backup\_enabled](#input\_mysqldb\_backup\_enabled) | Specifies whether to enable backups for MySQL database. | `bool` | `false` | no |
+| <a name="input_mysqldb_restore_config"></a> [mysqldb\_restore\_config](#input\_mysqldb\_restore\_config) | Configuration options for restoring dump to the MySQL database. | `any` | <pre>{<br/>  "bucket_uri": "",<br/>  "file_name": "",<br/>  "s3_bucket_region": ""<br/>}</pre> | no |
+| <a name="input_mysqldb_restore_enabled"></a> [mysqldb\_restore\_enabled](#input\_mysqldb\_restore\_enabled) | Specifies whether to enable restoring dump to the MySQL database. | `bool` | `false` | no |
 | <a name="input_name"></a> [name](#input\_name) | The name of the RDS instance | `string` | `""` | no |
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | Name of the Kubernetes namespace where the MYSQL deployment will be deployed. | `string` | `"mysqldb"` | no |
 | <a name="input_ok_actions"></a> [ok\_actions](#input\_ok\_actions) | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Number (ARN) | `list(string)` | `[]` | no |
 | <a name="input_port"></a> [port](#input\_port) | The port for the database | `number` | `3306` | no |
 | <a name="input_publicly_accessible"></a> [publicly\_accessible](#input\_publicly\_accessible) | Specifies whether the database is publicly accessible over the internet | `bool` | `false` | no |

examples/complete-mysql/README.md

@@ -26,14 +26,16 @@ This example will be very useful for users who are new to a module and want to q
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_kms"></a> [kms](#module\_kms) | terraform-aws-modules/kms/aws | n/a |
-| <a name="module_rds-mysql"></a> [rds-mysql](#module\_rds-mysql) | terraform-aws-modules/rds/aws | n/a |
+| <a name="module_rds-mysql"></a> [rds-mysql](#module\_rds-mysql) | squareops/rds-mysql/aws | 1.1.7 |
 | <a name="module_vpc"></a> [vpc](#module\_vpc) | squareops/vpc/aws | n/a |
 
 ## Resources
 
 | Name | Type |
 |------|------|
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_eks_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |
+| [aws_eks_cluster_auth.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster_auth) | data source |
 | [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
 ## Inputs

examples/complete-mysql/helm/values.yaml

@@ -45,4 +45,4 @@ restorejob:
       cpu: 50m
     limits:
       memory: 200Mi
-      cpu: 100m
+      cpu: 100m

examples/complete-mysql/main.tf

@@ -9,7 +9,8 @@ locals {
   mysql_instance_class       = "db.t3.micro"
   mysql_engine_version       = "8.0.32"
   major_engine_version       = "8.0"
-  allowed_security_groups    = ["sg-xxxxxxxxxxxxxx"]
+  cluster_name               = ""
+  allowed_security_groups    = ["sg-xxxxxxxxxxx"]
   vpc_cidr                   = "10.10.0.0/16"
   current_identity           = data.aws_caller_identity.current.arn
   custom_user_password       = ""
@@ -101,6 +102,7 @@ module "vpc" {
 
 module "rds-mysql" {
   source                           = "squareops/rds-mysql/aws"
+  version                          = "1.1.7"
   name                             = local.name
   vpc_id                           = module.vpc.vpc_id
   family                           = local.family
@@ -134,21 +136,19 @@ module "rds-mysql" {
   slack_channel                    = "mysql-notification"
   slack_webhook_url                = "https://hooks/xxxxxxxx"
   custom_user_password             = local.custom_user_password
-  cluster_name                     = "" # cluster name
-  namespace                        = local.namespace
-  create_namespace                 = local.create_namespace
+  cluster_name                     = local.cluster_name     # cluster name
+  namespace                        = local.namespace        # namespace
+  create_namespace                 = local.create_namespace # create namespace
   mysqldb_backup_enabled           = false
   bucket_provider_type             = "s3"
   mysqldb_backup_config = {
-    mysql_database_name  = ""
-    s3_bucket_region     = "us-west-1"
-    cron_for_full_backup = "0 */6 * * *"
-    bucket_uri           = "s3://mysql-rds-backup-store/"
+    mysql_database_name  = ""                                # If you want to backup all databases, leave it empty or specify the database name
+    cron_for_full_backup = "*/2 * * * *"                     # Cron expression for full backup
+    bucket_uri           = "s3://my-backup-dumps-databases/" # S3 bucket URI
   }
   mysqldb_restore_enabled = false
   mysqldb_restore_config = {
-    bucket_uri       = "s3://mysql-rds-backup-store/mysqldump_20240723_074237.zip"
-    file_name        = "mysqldump_20240723_074237.zip"
-    s3_bucket_region = "us-west-1"
+    bucket_uri = "s3://my-backup-dumps-databases/mysqldump_20250303_141601.zip" # S3 bucket URI with the backup file
+    file_name  = "mysqldump_20250303_141601.zip"                                # Backup file name
   }
 }

helm/values/backup/values.yaml

@@ -1,7 +1,6 @@
 ## Enable Full backup
 backup:
   bucket_uri: ${bucket_uri}
-  aws_default_region: ${s3_bucket_region}
   cron_for_full_backup: "${cron_for_full_backup}"
   database_name: "${mysql_database_name}"
   database_endpoint: "${db_endpoint}"

helm/values/restore/values.yaml

@@ -1,11 +1,10 @@
 restore:
   file_name: ${file_name}
   bucket_uri: ${bucket_uri}
-  aws_default_region: ${s3_bucket_region}
-  bucket_provider : ${bucket_provider_type}
   database_endpoint: "${db_endpoint}"
   database_password: "${db_password}"
   database_user: "${db_username}"
+  provider: "${bucket_provider_type}"
 
 auth:
   username: "${custom_user_username}"

main.tf

@@ -327,19 +327,17 @@ module "backup_restore" {
     db_username          = module.db.db_instance_username
     db_password          = var.custom_user_password != "" ? var.custom_user_password : nonsensitive(random_password.master[0].result)
     mysql_database_name  = var.mysqldb_backup_config.mysql_database_name
-    s3_bucket_region     = var.mysqldb_backup_config.s3_bucket_region
     cron_for_full_backup = var.mysqldb_backup_config.cron_for_full_backup
     bucket_uri           = var.mysqldb_backup_config.bucket_uri
     db_endpoint          = replace(module.db.db_instance_endpoint, ":3306", "")
   }
 
   mysqldb_restore_enabled = var.mysqldb_restore_enabled
   mysqldb_restore_config = {
-    db_endpoint      = replace(module.db.db_instance_endpoint, ":3306", "")
-    db_username      = module.db.db_instance_username
-    db_password      = var.custom_user_password != "" ? var.custom_user_password : nonsensitive(random_password.master[0].result)
-    bucket_uri       = var.mysqldb_restore_config.bucket_uri
-    file_name        = var.mysqldb_restore_config.file_name
-    s3_bucket_region = var.mysqldb_restore_config.s3_bucket_region
+    db_endpoint = replace(module.db.db_instance_endpoint, ":3306", "")
+    db_username = module.db.db_instance_username
+    db_password = var.custom_user_password != "" ? var.custom_user_password : nonsensitive(random_password.master[0].result)
+    bucket_uri  = var.mysqldb_restore_config.bucket_uri
+    file_name   = var.mysqldb_restore_config.file_name
   }
 }

modules/db-backup-restore/README.md

@@ -0,0 +1,57 @@
+# db-backup-restore
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+No requirements.
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+| <a name="provider_helm"></a> [helm](#provider\_helm) | n/a |
+| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_iam_role.mysql_backup_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role.mysql_restore_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [helm_release.mysqldb_backup](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [helm_release.mysqldb_restore](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [kubernetes_namespace.mysqldb](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_eks_cluster.kubernetes_cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_azure_container_name"></a> [azure\_container\_name](#input\_azure\_container\_name) | Azure container name | `string` | `""` | no |
+| <a name="input_azure_storage_account_key"></a> [azure\_storage\_account\_key](#input\_azure\_storage\_account\_key) | Azure storage account key | `string` | `""` | no |
+| <a name="input_azure_storage_account_name"></a> [azure\_storage\_account\_name](#input\_azure\_storage\_account\_name) | Azure storage account name | `string` | `""` | no |
+| <a name="input_bucket_provider_type"></a> [bucket\_provider\_type](#input\_bucket\_provider\_type) | Choose what type of provider you want (s3, gcs) | `string` | `"s3"` | no |
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Specifies the name of the EKS cluster to deploy the MySQL application on. | `string` | `""` | no |
+| <a name="input_create_namespace"></a> [create\_namespace](#input\_create\_namespace) | Specify whether or not to create the namespace if it does not already exist. Set it to true to create the namespace. | `string` | `false` | no |
+| <a name="input_iam_role_arn_backup"></a> [iam\_role\_arn\_backup](#input\_iam\_role\_arn\_backup) | IAM role ARN for backup (AWS) | `string` | `""` | no |
+| <a name="input_iam_role_arn_restore"></a> [iam\_role\_arn\_restore](#input\_iam\_role\_arn\_restore) | IAM role ARN for restore (AWS) | `string` | `""` | no |
+| <a name="input_mysqldb_backup_config"></a> [mysqldb\_backup\_config](#input\_mysqldb\_backup\_config) | configuration options for MySQL database backups. It includes properties such as the S3 bucket URI, the S3 bucket region, and the cron expression for full backups. | `map(string)` | <pre>{<br/>  "bucket_uri": "",<br/>  "cron_for_full_backup": "",<br/>  "mysql_database_name": "",<br/>  "s3_bucket_region": ""<br/>}</pre> | no |
+| <a name="input_mysqldb_backup_enabled"></a> [mysqldb\_backup\_enabled](#input\_mysqldb\_backup\_enabled) | Specifies whether to enable backups for MySQL database. | `bool` | `false` | no |
+| <a name="input_mysqldb_permission"></a> [mysqldb\_permission](#input\_mysqldb\_permission) | access | `bool` | `false` | no |
+| <a name="input_mysqldb_restore_config"></a> [mysqldb\_restore\_config](#input\_mysqldb\_restore\_config) | Configuration options for restoring dump to the MySQL database. | `any` | <pre>{<br/>  "bucket_uri": "",<br/>  "file_name": "",<br/>  "s3_bucket_region": ""<br/>}</pre> | no |
+| <a name="input_mysqldb_restore_enabled"></a> [mysqldb\_restore\_enabled](#input\_mysqldb\_restore\_enabled) | Specifies whether to enable restoring dump to the MySQL database. | `bool` | `false` | no |
+| <a name="input_name"></a> [name](#input\_name) | Name identifier for module to be added as suffix to resources | `string` | `"test"` | no |
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | Name of the Kubernetes namespace where the MYSQL deployment will be deployed. | `string` | `"mysqldb"` | no |
+| <a name="input_service_account_backup"></a> [service\_account\_backup](#input\_service\_account\_backup) | Service account for backup (GCP) | `string` | `""` | no |
+| <a name="input_service_account_restore"></a> [service\_account\_restore](#input\_service\_account\_restore) | Service account for restore (GCP) | `string` | `""` | no |
+
+## Outputs
+
+No outputs.
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

modules/db-backup-restore/backup/templates/cronjob.yaml

@@ -20,7 +20,7 @@ spec:
           serviceAccountName: sa-mysql-backup
           containers:
           - name: backup-mysqldb
-            image: amanmall/mysqldb-backup:v1
+            image: squareops01/rds-mysql-backup:v1
             imagePullPolicy: Always
             env:
             - name: MYSQL_HOST
@@ -34,7 +34,5 @@ spec:
             - name: MYSQL_BUCKET_URI
               value: {{ .Values.backup.bucket_uri }}
             - name: BUCKET_PROVIDER
-              value:  {{ .Values.backup.provider }}
-            - name: AWS_DEFAULT_REGION
-              value: {{ .Values.backup.aws_default_region}}
+              value: {{ .Values.backup.provider }}
             resources: {{ .Values.backupjob.resources | toYaml | nindent 12 }}

modules/db-backup-restore/main.tf

@@ -20,7 +20,6 @@ resource "helm_release" "mysqldb_backup" {
       db_endpoint                = var.bucket_provider_type == "s3" ? var.mysqldb_backup_config.db_endpoint : "",
       db_password                = var.bucket_provider_type == "s3" ? var.mysqldb_backup_config.db_password : "",
       db_username                = var.bucket_provider_type == "s3" ? var.mysqldb_backup_config.db_username : "",
-      s3_bucket_region           = var.bucket_provider_type == "s3" ? var.mysqldb_backup_config.s3_bucket_region : "",
       cron_for_full_backup       = var.mysqldb_backup_config.cron_for_full_backup,
       custom_user_username       = "admin",
       bucket_provider_type       = var.bucket_provider_type,
@@ -45,7 +44,6 @@ resource "helm_release" "mysqldb_restore" {
     templatefile("${path.module}/../../helm/values/restore/values.yaml", {
       bucket_uri                 = var.mysqldb_restore_config.bucket_uri,
       file_name                  = var.mysqldb_restore_config.file_name,
-      s3_bucket_region           = var.bucket_provider_type == "s3" ? var.mysqldb_restore_config.s3_bucket_region : "",
       db_endpoint                = var.bucket_provider_type == "s3" ? var.mysqldb_restore_config.db_endpoint : "",
       db_password                = var.bucket_provider_type == "s3" ? var.mysqldb_restore_config.db_password : "",
       db_username                = var.bucket_provider_type == "s3" ? var.mysqldb_restore_config.db_username : "",
@@ -58,7 +56,3 @@ resource "helm_release" "mysqldb_restore" {
     })
   ]
 }
-
-
-
-

modules/db-backup-restore/restore/templates/job.yaml

@@ -9,7 +9,7 @@ spec:
       serviceAccountName: sa-mysql-restore
       containers:
         - name: restore-mysqldb
-          image: squareops/mysqldb-restore:v5
+          image: squareops01/rds-mysql-restore:v1
           imagePullPolicy: Always
           env:
             - name: MYSQL_HOST
@@ -28,9 +28,7 @@ spec:
             - name: RESTORE_FILE_NAME
               value: {{ .Values.restore.file_name}}
             - name: RESTORE_FROM
-              value: {{ .Values.restore.bucket_provider}}
-            - name: AWS_DEFAULT_REGION
-              value: {{ .Values.restore.aws_default_region}}
+              value: {{ .Values.restore.provider }}
           resources: {{ .Values.restorejob.resources | toYaml | nindent 12 }}
       initContainers:
         - name: grant-system-variable-admin