From 41fc6412981a9e0984bb5c91f0aa85fdbc9cd7b2 Mon Sep 17 00:00:00 2001 From: Xun Jiang Date: Mon, 31 Oct 2022 16:25:50 +0800 Subject: [PATCH] Add credential file store in the backup deletion controller. Signed-off-by: Xun Jiang --- changelogs/unreleased/5521-blackpiglet | 1 + go.mod | 2 +- pkg/cmd/server/server.go | 1 + pkg/controller/backup_deletion_controller.go | 21 ++++++++++++++----- .../backup_deletion_controller_test.go | 1 + 5 files changed, 20 insertions(+), 6 deletions(-) create mode 100644 changelogs/unreleased/5521-blackpiglet diff --git a/changelogs/unreleased/5521-blackpiglet b/changelogs/unreleased/5521-blackpiglet new file mode 100644 index 000000000..93c0b5941 --- /dev/null +++ b/changelogs/unreleased/5521-blackpiglet @@ -0,0 +1 @@ +Add credential store in backup deletion controller to support VSL credential. \ No newline at end of file diff --git a/go.mod b/go.mod index e91150f26..c69d4c2ed 100644 --- a/go.mod +++ b/go.mod @@ -49,6 +49,7 @@ require ( k8s.io/client-go v0.24.1 k8s.io/klog/v2 v2.60.1 k8s.io/kube-aggregator v0.19.12 + k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 sigs.k8s.io/controller-runtime v0.12.1 sigs.k8s.io/yaml v1.3.0 ) @@ -147,7 +148,6 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/component-base v0.24.1 // indirect k8s.io/kube-openapi v0.0.0-20220614142933-1062c7ade5f8 // indirect - k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 // indirect sigs.k8s.io/json v0.0.0-20220525155127-227cbc7cc124 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect ) diff --git a/pkg/cmd/server/server.go b/pkg/cmd/server/server.go index 0a794a706..8e24affca 100644 --- a/pkg/cmd/server/server.go +++ b/pkg/cmd/server/server.go @@ -805,6 +805,7 @@ func (s *server) runControllers(defaultVolumeSnapshotLocations map[string]string s.discoveryHelper, newPluginManager, backupStoreGetter, + s.credentialFileStore, ).SetupWithManager(s.mgr); err != nil { s.logger.Fatal(err, "unable to create controller", "controller", controller.BackupDeletion) } diff --git a/pkg/controller/backup_deletion_controller.go b/pkg/controller/backup_deletion_controller.go index 76c39c8c8..1c75dad6e 100644 --- a/pkg/controller/backup_deletion_controller.go +++ b/pkg/controller/backup_deletion_controller.go @@ -28,10 +28,11 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/util/clock" kubeerrs "k8s.io/apimachinery/pkg/util/errors" + "k8s.io/utils/clock" ctrl "sigs.k8s.io/controller-runtime" + "github.com/vmware-tanzu/velero/internal/credentials" "github.com/vmware-tanzu/velero/internal/delete" velerov1api "github.com/vmware-tanzu/velero/pkg/apis/velero/v1" "github.com/vmware-tanzu/velero/pkg/discovery" @@ -43,6 +44,7 @@ import ( "github.com/vmware-tanzu/velero/pkg/repository" "github.com/vmware-tanzu/velero/pkg/util/filesystem" "github.com/vmware-tanzu/velero/pkg/util/kube" + "github.com/vmware-tanzu/velero/pkg/volume" "sigs.k8s.io/controller-runtime/pkg/client" @@ -64,6 +66,7 @@ type backupDeletionReconciler struct { discoveryHelper discovery.Helper newPluginManager func(logrus.FieldLogger) clientmgmt.Manager backupStoreGetter persistence.ObjectBackupStoreGetter + credentialStore credentials.FileStore } // NewBackupDeletionReconciler creates a new backup deletion reconciler. @@ -76,6 +79,7 @@ func NewBackupDeletionReconciler( helper discovery.Helper, newPluginManager func(logrus.FieldLogger) clientmgmt.Manager, backupStoreGetter persistence.ObjectBackupStoreGetter, + credentialStore credentials.FileStore, ) *backupDeletionReconciler { return &backupDeletionReconciler{ Client: client, @@ -87,6 +91,7 @@ func NewBackupDeletionReconciler( discoveryHelper: helper, newPluginManager: newPluginManager, backupStoreGetter: backupStoreGetter, + credentialStore: credentialStore, } } @@ -289,7 +294,7 @@ func (r *backupDeletionReconciler) Reconcile(ctx context.Context, req ctrl.Reque volumeSnapshotter, ok := volumeSnapshotters[snapshot.Spec.Location] if !ok { - if volumeSnapshotter, err = volumeSnapshottersForVSL(ctx, backup.Namespace, snapshot.Spec.Location, r.Client, pluginManager); err != nil { + if volumeSnapshotter, err = r.volumeSnapshottersForVSL(ctx, backup.Namespace, snapshot.Spec.Location, pluginManager); err != nil { errs = append(errs, err.Error()) continue } @@ -387,19 +392,25 @@ func (r *backupDeletionReconciler) Reconcile(ctx context.Context, req ctrl.Reque return ctrl.Result{}, nil } -func volumeSnapshottersForVSL( +func (r *backupDeletionReconciler) volumeSnapshottersForVSL( ctx context.Context, namespace, vslName string, - client client.Client, pluginManager clientmgmt.Manager, ) (vsv1.VolumeSnapshotter, error) { vsl := &velerov1api.VolumeSnapshotLocation{} - if err := client.Get(ctx, types.NamespacedName{ + if err := r.Client.Get(ctx, types.NamespacedName{ Namespace: namespace, Name: vslName, }, vsl); err != nil { return nil, errors.Wrapf(err, "error getting volume snapshot location %s", vslName) } + + // add credential to config + err := volume.UpdateVolumeSnapshotLocationWithCredentialConfig(vsl, r.credentialStore, r.logger) + if err != nil { + return nil, errors.WithStack(err) + } + volumeSnapshotter, err := pluginManager.GetVolumeSnapshotter(vsl.Spec.Provider) if err != nil { return nil, errors.Wrapf(err, "error getting volume snapshotter for provider %s", vsl.Spec.Provider) diff --git a/pkg/controller/backup_deletion_controller_test.go b/pkg/controller/backup_deletion_controller_test.go index 62be34b0d..c193f7819 100644 --- a/pkg/controller/backup_deletion_controller_test.go +++ b/pkg/controller/backup_deletion_controller_test.go @@ -96,6 +96,7 @@ func setupBackupDeletionControllerTest(t *testing.T, req *velerov1api.DeleteBack nil, // discovery helper func(logrus.FieldLogger) clientmgmt.Manager { return pluginManager }, NewFakeSingleObjectBackupStoreGetter(backupStore), + velerotest.NewFakeCredentialsFileStore("", nil), ), req: ctrl.Request{NamespacedName: types.NamespacedName{Namespace: req.Namespace, Name: req.Name}}, }