From 7841b85892a72eb290d0008604c9d0064f58fb50 Mon Sep 17 00:00:00 2001
From: Oleksii Kliukin <oleksii.kliukin@zalando.de>
Date: Fri, 7 Apr 2017 15:59:38 +0200
Subject: [PATCH] Add configuration to support running WAL-E.

- Set WAL_S3_BUCKET to point WAL-E where to fetch/store WAL files
- Set annotations/iam.amazonaws.com/role to set the role to access AWS"

The new env vairables are PGOP_WAL_S3_BUCKET and PGOP_KUBE_IAM_ROLE.
---
 pkg/cluster/k8sres.go           | 6 ++++++
 pkg/util/config/config.go       | 2 ++
 pkg/util/constants/constants.go | 1 +
 3 files changed, 9 insertions(+)

diff --git a/pkg/cluster/k8sres.go b/pkg/cluster/k8sres.go
index 968495f0b..6fc51a603 100644
--- a/pkg/cluster/k8sres.go
+++ b/pkg/cluster/k8sres.go
@@ -105,6 +105,9 @@ bootstrap:
   - hostssl   all all all md5`, pgVersion, c.OpConfig.PamRoleName, c.OpConfig.PamRoleName),
 		},
 	}
+	if c.OpConfig.WALES3Bucket != "" {
+		envVars = append(envVars, v1.EnvVar{Name:  "WAL_S3_BUCKET", Value: c.OpConfig.WALES3Bucket})
+	}
 	privilegedMode := bool(true)
 	container := v1.Container{
 		Name:            c.Metadata.Name,
@@ -153,6 +156,9 @@ bootstrap:
 		},
 		Spec: podSpec,
 	}
+	if c.OpConfig.KubeIAMRole != "" {
+		template.Annotations = map[string]string{constants.KubeIAmAnnotation: c.OpConfig.KubeIAMRole}
+	}
 
 	return &template
 }
diff --git a/pkg/util/config/config.go b/pkg/util/config/config.go
index 0f2932bb6..bfd7644db 100644
--- a/pkg/util/config/config.go
+++ b/pkg/util/config/config.go
@@ -41,6 +41,8 @@ type Config struct {
 	ServiceAccountName string `split_words:"true" default:"operator"`
 	DbHostedZone       string `split_words:"true" default:"db.example.com"`
 	EtcdScope          string `split_words:"true" default:"service"`
+	WALES3Bucket       string `envconfig: "wale_s3_bucket"`
+	KubeIAMRole  	   string `envconfig: "kube_iam_role"`
 	DebugLogging       bool   `split_words:"true" default:"false"`
 }
 
diff --git a/pkg/util/constants/constants.go b/pkg/util/constants/constants.go
index 935fdab36..fab99de3c 100644
--- a/pkg/util/constants/constants.go
+++ b/pkg/util/constants/constants.go
@@ -10,5 +10,6 @@ const (
 	PasswordLength           = 64
 	UserSecretTemplate       = "%s.%s.credentials.%s.%s" // Username, ClusterName, TPRName, TPRVendor
 	ZalandoDnsNameAnnotation = "zalando.org/dnsname"
+	KubeIAmAnnotation 		 = "iam.amazonaws.com/role"
 	ResourceName             = TPRName + "s"
 )