feat: support set BackupStorageLocation(BSL) CA certificate (#3167)

* Rename --cacert-file to --cacert in the CLI design doc Signed-off-by: JenTing Hsiao <jenting.hsiao@suse.com> * Add a new flag --cacert under `velero backup-location set` Signed-off-by: JenTing Hsiao <jenting.hsiao@suse.com> * Add changelog Signed-off-by: JenTing Hsiao <jenting.hsiao@suse.com> * Changelog rewording Signed-off-by: JenTing Hsiao <jenting.hsiao@suse.com> * Revert CLI design doc Signed-off-by: JenTing Hsiao <jenting.hsiao@suse.com>
2026-01-05 13:05:17 +00:00 · 2021-02-09 02:28:47 +08:00
parent 529e05d6b2
commit e115949d9b
2 changed files with 18 additions and 0 deletions
--- a/pkg/cmd/cli/backuplocation/set.go
+++ b/pkg/cmd/cli/backuplocation/set.go
@@ -19,6 +19,8 @@ package backuplocation
 import (
 	"context"
 	"fmt"
+	"io/ioutil"
+	"path/filepath"

 	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
@@ -51,6 +53,7 @@ func NewSetCommand(f client.Factory, use string) *cobra.Command {

 type SetOptions struct {
 	Name                         string
+	CACertFile                   string
 	DefaultBackupStorageLocation bool
 }

@@ -59,6 +62,7 @@ func NewSetOptions() *SetOptions {
 }

 func (o *SetOptions) BindFlags(flags *pflag.FlagSet) {
+	flags.StringVar(&o.CACertFile, "cacert", o.CACertFile, "File containing a certificate bundle to use when verifying TLS connections to the object store. Optional.")
 	flags.BoolVar(&o.DefaultBackupStorageLocation, "default", o.DefaultBackupStorageLocation, "Sets this new location to be the new default backup storage location. Optional.")
 }

@@ -82,6 +86,18 @@ func (o *SetOptions) Run(c *cobra.Command, f client.Factory) error {
 		return errors.WithStack(err)
 	}

+	var caCertData []byte
+	if o.CACertFile != "" {
+		realPath, err := filepath.Abs(o.CACertFile)
+		if err != nil {
+			return err
+		}
+		caCertData, err = ioutil.ReadFile(realPath)
+		if err != nil {
+			return err
+		}
+	}
+
 	if o.DefaultBackupStorageLocation {
 		// There is one and only one default backup storage location.
 		// Disable the origin default backup storage location.
@@ -106,6 +122,7 @@ func (o *SetOptions) Run(c *cobra.Command, f client.Factory) error {
 	}

 	location.Spec.Default = o.DefaultBackupStorageLocation
+	location.Spec.StorageType.ObjectStorage.CACert = caCertData
 	if err := kbClient.Update(context.Background(), location, &kbclient.UpdateOptions{}); err != nil {
 		return errors.WithStack(err)
 	}