Add credential file store in the backup deletion controller.

Signed-off-by: Xun Jiang <blackpiglet@gmail.com>
2026-01-03 11:45:20 +00:00 · 2022-10-31 16:25:50 +08:00
parent 150570feec
commit 41fc641298
5 changed files with 20 additions and 6 deletions
--- a/changelogs/unreleased/5521-blackpiglet
+++ b/changelogs/unreleased/5521-blackpiglet
@@ -0,0 +1 @@
+Add credential store in backup deletion controller to support VSL credential.
--- a/go.mod
+++ b/go.mod
@@ -49,6 +49,7 @@ require (
 	k8s.io/client-go v0.24.1
 	k8s.io/klog/v2 v2.60.1
 	k8s.io/kube-aggregator v0.19.12
+	k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9
 	sigs.k8s.io/controller-runtime v0.12.1
 	sigs.k8s.io/yaml v1.3.0
 )
@@ -147,7 +148,6 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/component-base v0.24.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20220614142933-1062c7ade5f8 // indirect
-	k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 // indirect
 	sigs.k8s.io/json v0.0.0-20220525155127-227cbc7cc124 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect
 )
--- a/pkg/cmd/server/server.go
+++ b/pkg/cmd/server/server.go
@@ -805,6 +805,7 @@ func (s *server) runControllers(defaultVolumeSnapshotLocations map[string]string
 			s.discoveryHelper,
 			newPluginManager,
 			backupStoreGetter,
+			s.credentialFileStore,
 		).SetupWithManager(s.mgr); err != nil {
 			s.logger.Fatal(err, "unable to create controller", "controller", controller.BackupDeletion)
 		}
--- a/pkg/controller/backup_deletion_controller.go
+++ b/pkg/controller/backup_deletion_controller.go
@@ -28,10 +28,11 @@ import (
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/labels"
 	"k8s.io/apimachinery/pkg/types"
-	"k8s.io/apimachinery/pkg/util/clock"
 	kubeerrs "k8s.io/apimachinery/pkg/util/errors"
+	"k8s.io/utils/clock"
 	ctrl "sigs.k8s.io/controller-runtime"

+	"github.com/vmware-tanzu/velero/internal/credentials"
 	"github.com/vmware-tanzu/velero/internal/delete"
 	velerov1api "github.com/vmware-tanzu/velero/pkg/apis/velero/v1"
 	"github.com/vmware-tanzu/velero/pkg/discovery"
@@ -43,6 +44,7 @@ import (
 	"github.com/vmware-tanzu/velero/pkg/repository"
 	"github.com/vmware-tanzu/velero/pkg/util/filesystem"
 	"github.com/vmware-tanzu/velero/pkg/util/kube"
+	"github.com/vmware-tanzu/velero/pkg/volume"

 	"sigs.k8s.io/controller-runtime/pkg/client"

@@ -64,6 +66,7 @@ type backupDeletionReconciler struct {
 	discoveryHelper   discovery.Helper
 	newPluginManager  func(logrus.FieldLogger) clientmgmt.Manager
 	backupStoreGetter persistence.ObjectBackupStoreGetter
+	credentialStore   credentials.FileStore
 }

 // NewBackupDeletionReconciler creates a new backup deletion reconciler.
@@ -76,6 +79,7 @@ func NewBackupDeletionReconciler(
 	helper discovery.Helper,
 	newPluginManager func(logrus.FieldLogger) clientmgmt.Manager,
 	backupStoreGetter persistence.ObjectBackupStoreGetter,
+	credentialStore credentials.FileStore,
 ) *backupDeletionReconciler {
 	return &backupDeletionReconciler{
 		Client:            client,
@@ -87,6 +91,7 @@ func NewBackupDeletionReconciler(
 		discoveryHelper:   helper,
 		newPluginManager:  newPluginManager,
 		backupStoreGetter: backupStoreGetter,
+		credentialStore:   credentialStore,
 	}
 }

@@ -289,7 +294,7 @@ func (r *backupDeletionReconciler) Reconcile(ctx context.Context, req ctrl.Reque

 				volumeSnapshotter, ok := volumeSnapshotters[snapshot.Spec.Location]
 				if !ok {
-					if volumeSnapshotter, err = volumeSnapshottersForVSL(ctx, backup.Namespace, snapshot.Spec.Location, r.Client, pluginManager); err != nil {
+					if volumeSnapshotter, err = r.volumeSnapshottersForVSL(ctx, backup.Namespace, snapshot.Spec.Location, pluginManager); err != nil {
 						errs = append(errs, err.Error())
 						continue
 					}
@@ -387,19 +392,25 @@ func (r *backupDeletionReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 	return ctrl.Result{}, nil
 }

-func volumeSnapshottersForVSL(
+func (r *backupDeletionReconciler) volumeSnapshottersForVSL(
 	ctx context.Context,
 	namespace, vslName string,
-	client client.Client,
 	pluginManager clientmgmt.Manager,
 ) (vsv1.VolumeSnapshotter, error) {
 	vsl := &velerov1api.VolumeSnapshotLocation{}
-	if err := client.Get(ctx, types.NamespacedName{
+	if err := r.Client.Get(ctx, types.NamespacedName{
 		Namespace: namespace,
 		Name:      vslName,
 	}, vsl); err != nil {
 		return nil, errors.Wrapf(err, "error getting volume snapshot location %s", vslName)
 	}
+
+	// add credential to config
+	err := volume.UpdateVolumeSnapshotLocationWithCredentialConfig(vsl, r.credentialStore, r.logger)
+	if err != nil {
+		return nil, errors.WithStack(err)
+	}
+
 	volumeSnapshotter, err := pluginManager.GetVolumeSnapshotter(vsl.Spec.Provider)
 	if err != nil {
 		return nil, errors.Wrapf(err, "error getting volume snapshotter for provider %s", vsl.Spec.Provider)
--- a/pkg/controller/backup_deletion_controller_test.go
+++ b/pkg/controller/backup_deletion_controller_test.go
@@ -96,6 +96,7 @@ func setupBackupDeletionControllerTest(t *testing.T, req *velerov1api.DeleteBack
 			nil, // discovery helper
 			func(logrus.FieldLogger) clientmgmt.Manager { return pluginManager },
 			NewFakeSingleObjectBackupStoreGetter(backupStore),
+			velerotest.NewFakeCredentialsFileStore("", nil),
 		),
 		req: ctrl.Request{NamespacedName: types.NamespacedName{Namespace: req.Namespace, Name: req.Name}},
 	}
				`@@ -0,0 +1 @@`
				`Add credential store in backup deletion controller to support VSL credential.`