@@ -366,7 +366,7 @@ func DatabaseStatefulSetHelper(mdb databaseStatefulSetSource, stsOpts *DatabaseS
366366 extraEnvs = append (extraEnvs , ReadDatabaseProxyVarsFromEnv ()... )
367367 stsOpts .ExtraEnvs = extraEnvs
368368
369- templateFunc := buildMongoDBPodTemplateSpec (* stsOpts , mdb )
369+ templateFunc := buildMongoDBPodTemplateSpec (* stsOpts , mdb , log )
370370 return statefulset .New (buildDatabaseStatefulSetConfigurationFunction (mdb , templateFunc , * stsOpts , log ))
371371}
372372
@@ -414,7 +414,7 @@ func buildDatabaseStatefulSetConfigurationFunction(mdb databaseStatefulSetSource
414414 PodAntiAffinityLabelKey : opts .Name ,
415415 }
416416
417- configurePodSpecSecurityContext , configureContainerSecurityContext := podtemplatespec .WithDefaultSecurityContextsModifications ()
417+ configurePodSpecSecurityContext , _ := podtemplatespec .WithDefaultSecurityContextsModifications ()
418418
419419 configureImagePullSecrets := podtemplatespec .NOOP ()
420420 name , found := env .Read (util .ImagePullSecrets ) // nolint:forbidigo
@@ -423,24 +423,7 @@ func buildDatabaseStatefulSetConfigurationFunction(mdb databaseStatefulSetSource
423423 }
424424
425425 secretsToInject := buildVaultDatabaseSecretsToInject (mdb , opts )
426- volumes , volumeMounts := getVolumesAndVolumeMounts (mdb , opts , secretsToInject .AgentCerts , secretsToInject .InternalClusterAuth )
427-
428- allSources := getAllMongoDBVolumeSources (mdb , opts , log )
429- for _ , source := range allSources {
430- if source .ShouldBeAdded () {
431- volumes = append (volumes , source .GetVolumes ()... )
432- volumeMounts = append (volumeMounts , source .GetVolumeMounts ()... )
433- }
434- }
435-
436- var mounts []corev1.VolumeMount
437- var pvcFuncs map [string ]persistentvolumeclaim.Modification
438- if opts .Persistent == nil || * opts .Persistent {
439- pvcFuncs , mounts = buildPersistentVolumeClaimsFuncs (opts )
440- volumeMounts = append (volumeMounts , mounts ... )
441- } else {
442- volumes , volumeMounts = GetNonPersistentMongoDBVolumeMounts (volumes , volumeMounts )
443- }
426+ volumes , _ , pvcFuncs := getVolumesAndPVCs (mdb , opts , secretsToInject , log )
444427
445428 volumesFunc := func (spec * corev1.PodTemplateSpec ) {
446429 for _ , v := range volumes {
@@ -490,17 +473,8 @@ func buildDatabaseStatefulSetConfigurationFunction(mdb databaseStatefulSetSource
490473
491474 if architectures .IsRunningStaticArchitecture (mdb .GetAnnotations ()) {
492475 shareProcessNs = func (sts * appsv1.StatefulSet ) {
493- a := true
494- sts .Spec .Template .Spec .ShareProcessNamespace = & a
476+ sts .Spec .Template .Spec .ShareProcessNamespace = ptr .To (true )
495477 }
496- secondContainerModification = podtemplatespec .WithContainerByIndex (1 , container .WithVolumeMounts (volumeMounts ))
497- }
498-
499- var databaseImage string
500- if architectures .IsRunningStaticArchitecture (mdb .GetAnnotations ()) {
501- databaseImage = opts .AgentImage
502- } else {
503- databaseImage = opts .DatabaseNonStaticImage
504478 }
505479
506480 return statefulset .Apply (
@@ -519,7 +493,6 @@ func buildDatabaseStatefulSetConfigurationFunction(mdb databaseStatefulSetSource
519493 podtemplatespec .WithAffinity (podAffinity , PodAntiAffinityLabelKey , 100 ),
520494 podtemplatespec .WithTerminationGracePeriodSeconds (util .DefaultPodTerminationPeriodSeconds ),
521495 podtemplatespec .WithPodLabels (podLabels ),
522- podtemplatespec .WithContainerByIndex (0 , sharedDatabaseContainerFunc (databaseImage , * opts .PodSpec , volumeMounts , configureContainerSecurityContext , opts .ServicePort )),
523496 secondContainerModification ,
524497 volumesFunc ,
525498 configurePodSpecSecurityContext ,
@@ -529,6 +502,28 @@ func buildDatabaseStatefulSetConfigurationFunction(mdb databaseStatefulSetSource
529502 )
530503}
531504
505+ func getVolumesAndPVCs (mdb databaseStatefulSetSource , opts DatabaseStatefulSetOptions , secretsToInject vault.DatabaseSecretsToInject , log * zap.SugaredLogger ) ([]corev1.Volume , []corev1.VolumeMount , map [string ]persistentvolumeclaim.Modification ) {
506+ volumes , volumeMounts := getVolumesAndVolumeMounts (mdb , opts , secretsToInject .AgentCerts , secretsToInject .InternalClusterAuth )
507+
508+ allSources := getAllMongoDBVolumeSources (mdb , opts , log )
509+ for _ , source := range allSources {
510+ if source .ShouldBeAdded () {
511+ volumes = append (volumes , source .GetVolumes ()... )
512+ volumeMounts = append (volumeMounts , source .GetVolumeMounts ()... )
513+ }
514+ }
515+
516+ var mounts []corev1.VolumeMount
517+ var pvcFuncs map [string ]persistentvolumeclaim.Modification
518+ if opts .Persistent == nil || * opts .Persistent {
519+ pvcFuncs , mounts = buildPersistentVolumeClaimsFuncs (opts )
520+ volumeMounts = append (volumeMounts , mounts ... )
521+ } else {
522+ volumes , volumeMounts = GetNonPersistentMongoDBVolumeMounts (volumes , volumeMounts )
523+ }
524+ return volumes , volumeMounts , pvcFuncs
525+ }
526+
532527func buildPersistentVolumeClaimsFuncs (opts DatabaseStatefulSetOptions ) (map [string ]persistentvolumeclaim.Modification , []corev1.VolumeMount ) {
533528 var claims map [string ]persistentvolumeclaim.Modification
534529 var mounts []corev1.VolumeMount
@@ -559,7 +554,6 @@ func sharedDatabaseContainerFunc(databaseImage string, podSpecWrapper mdbv1.PodS
559554 container .WithResourceRequirements (buildRequirementsFromPodSpec (podSpecWrapper )),
560555 container .WithPorts ([]corev1.ContainerPort {{ContainerPort : port }}),
561556 container .WithImagePullPolicy (corev1 .PullPolicy (env .ReadOrPanic (util .AutomationAgentImagePullPolicy ))), // nolint:forbidigo
562- container .WithVolumeMounts (volumeMounts ),
563557 container .WithImage (databaseImage ),
564558 container .WithLivenessProbe (DatabaseLivenessProbe ()),
565559 container .WithReadinessProbe (DatabaseReadinessProbe ()),
@@ -655,27 +649,29 @@ func getVolumesAndVolumeMounts(mdb databaseStatefulSetSource, databaseOpts Datab
655649 volumesToAdd = append (volumesToAdd , internalClusterAuthVolume )
656650 }
657651
652+ // Add agent volume mounts first (to match test expectations)
653+ volumesToAdd , volumeMounts = GetNonPersistentAgentVolumeMounts (volumesToAdd , volumeMounts )
654+
655+ // Then add agent-api-key volume mount
658656 if ! vault .IsVaultSecretBackend () {
659657 volumesToAdd = append (volumesToAdd , statefulset .CreateVolumeFromSecret (AgentAPIKeyVolumeName , agents .ApiKeySecretName (databaseOpts .PodVars .ProjectID )))
660658 volumeMounts = append (volumeMounts , statefulset .CreateVolumeMount (AgentAPIKeyVolumeName , AgentAPIKeySecretPath ))
661659 }
662660
663- volumesToAdd , volumeMounts = GetNonPersistentAgentVolumeMounts (volumesToAdd , volumeMounts )
664-
665661 return volumesToAdd , volumeMounts
666662}
667663
668664// buildMongoDBPodTemplateSpec constructs the podTemplateSpec for the MongoDB resource
669- func buildMongoDBPodTemplateSpec (opts DatabaseStatefulSetOptions , mdb databaseStatefulSetSource ) podtemplatespec.Modification {
665+ func buildMongoDBPodTemplateSpec (opts DatabaseStatefulSetOptions , mdb databaseStatefulSetSource , log * zap. SugaredLogger ) podtemplatespec.Modification {
670666 serviceAccountName := getServiceAccountName (opts )
671667
672668 // scripts volume is shared by the init container and the AppDB, so the startup
673669 // script can be copied over
674670 scriptsVolume := statefulset .CreateVolumeFromEmptyDir ("database-scripts" )
675- databaseScriptsVolumeMount := databaseScriptsVolumeMount (true )
676671
677672 volumes := []corev1.Volume {scriptsVolume }
678- volumeMounts := []corev1.VolumeMount {databaseScriptsVolumeMount }
673+ secretsToInject := buildVaultDatabaseSecretsToInject (mdb , opts )
674+ _ , volumeMounts , _ := getVolumesAndPVCs (mdb , opts , secretsToInject , log )
679675
680676 // Add hostname override volume if specified
681677 if opts .HostNameOverrideConfigmapName != "" {
@@ -707,7 +703,7 @@ func buildContainers(opts DatabaseStatefulSetOptions, mdb databaseStatefulSetSou
707703 isStaticArchitecture := architectures .IsRunningStaticArchitecture (mdb .GetAnnotations ())
708704
709705 if isStaticArchitecture {
710- buildStaticArchitectureContainers (podTemplateSpec , opts , mdb )
706+ buildStaticArchitectureContainers (podTemplateSpec , opts , mdb , volumeMounts )
711707 } else {
712708 buildNonStaticArchitectureContainers (podTemplateSpec , opts , volumeMounts )
713709 }
@@ -720,11 +716,14 @@ func buildContainers(opts DatabaseStatefulSetOptions, mdb databaseStatefulSetSou
720716}
721717
722718// buildStaticArchitectureContainers creates containers for static architecture
723- func buildStaticArchitectureContainers (podTemplateSpec * corev1.PodTemplateSpec , opts DatabaseStatefulSetOptions , mdb databaseStatefulSetSource ) {
719+ func buildStaticArchitectureContainers (podTemplateSpec * corev1.PodTemplateSpec , opts DatabaseStatefulSetOptions , mdb databaseStatefulSetSource , volumeMounts []corev1. VolumeMount ) {
724720 podTemplateSpec .Spec .Containers = make ([]corev1.Container , 3 )
725721 podTemplateSpec .Spec .Containers [0 ] = createAgentContainer (opts , mdb )
726722 podTemplateSpec .Spec .Containers [1 ] = createMongodBinaryHolderContainer (opts )
727723 podTemplateSpec .Spec .Containers [2 ] = createAgentUtilitiesHolderContainer ()
724+ container .WithVolumeMounts (volumeMounts )(& podTemplateSpec .Spec .Containers [0 ])
725+ container .WithVolumeMounts (volumeMounts )(& podTemplateSpec .Spec .Containers [1 ])
726+ container .WithVolumeMounts (volumeMounts )(& podTemplateSpec .Spec .Containers [2 ])
728727
729728 // Apply common configurations to all containers
730729 applyCommonStaticConfigurations (podTemplateSpec .Spec .Containers , opts )
@@ -818,7 +817,8 @@ func createDatabaseContainer(opts DatabaseStatefulSetOptions, volumeMounts []cor
818817 DatabaseLivenessProbe ()(c .LivenessProbe )
819818
820819 _ , containerSecurityContext := podtemplatespec .WithDefaultSecurityContextsModifications ()
821- containerSecurityContext (& c )
820+
821+ sharedDatabaseContainerFunc ( opts .DatabaseNonStaticImage , * opts .PodSpec , volumeMounts , containerSecurityContext , opts .ServicePort )(& c )
822822
823823 return c
824824}
@@ -1135,13 +1135,14 @@ func GetNonPersistentMongoDBVolumeMounts(volumes []corev1.Volume, volumeMounts [
11351135func GetNonPersistentAgentVolumeMounts (volumes []corev1.Volume , volumeMounts []corev1.VolumeMount ) ([]corev1.Volume , []corev1.VolumeMount ) {
11361136 volumes = append (volumes , statefulset .CreateVolumeFromEmptyDir (util .PvMms ))
11371137
1138- // The agent reads and writes into its own directory. It also contains a subdirectory called downloads.
1139- // This one is published by the Dockerfile
1140- volumeMounts = append (volumeMounts , statefulset .CreateVolumeMount (util .PvMms , util .PvcMmsMountPath , statefulset .WithSubPath (util .PvcMms )))
1141-
11421138 // Runtime data for MMS
11431139 volumeMounts = append (volumeMounts , statefulset .CreateVolumeMount (util .PvMms , util .PvcMmsHomeMountPath , statefulset .WithSubPath (util .PvcMmsHome )))
11441140
11451141 volumeMounts = append (volumeMounts , statefulset .CreateVolumeMount (util .PvMms , util .PvcMountPathTmp , statefulset .WithSubPath (util .PvcNameTmp )))
1142+
1143+ // The agent reads and writes into its own directory. It also contains a subdirectory called downloads.
1144+ // This one is published by the Dockerfile
1145+ volumeMounts = append (volumeMounts , statefulset .CreateVolumeMount (util .PvMms , util .PvcMmsMountPath , statefulset .WithSubPath (util .PvcMms )))
1146+
11461147 return volumes , volumeMounts
11471148}
0 commit comments