6197 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
lyndon-li	40025fbbe1	Merge pull request #9817 from Lyndon-Li/metadata-operator-for-kopia-repo ... Metadata operation for kopia repo	2026-05-22 14:49:12 +08:00
lyndon-li	4dc6f2cc64	Merge pull request #9791 from christian-schlichtherle/fix/dataupload-delete-foreign-backup ... Fix DataUploadDeleteAction creating CMs for foreign DataUploads	2026-05-22 14:41:44 +08:00
lyndon-li	c1fc6540fb	Merge pull request #9807 from Lyndon-Li/uploader-interface-fo-block-data-mover ... Uploader interface for block data mover	2026-05-22 14:33:17 +08:00
Adam Zhang	cb9339d85e	Merge pull request #9821 from adam-jian-zhang/enhance-backup-filters-interface ... extend backup resource policy	2026-05-22 14:08:21 +08:00
Daniel Jiang	e0ef8d7690	Merge pull request #9796 from reasonerjt/cncf-footer ... Update website post CNCF donation	2026-05-22 14:00:28 +08:00
Adam Zhang	348f9227aa	Update internal/resourcepolicies/resource_policies.go ... Co-authored-by: Tiger Kaovilai <passawit.kaovilai@gmail.com> Signed-off-by: Adam Zhang <adam.zhang@broadcom.com>	2026-05-22 13:20:53 +08:00
Lyndon-Li	9f0194d8fe	Uploader interface fo block data mover ... Signed-off-by: Lyndon-Li <lyonghui@vmware.com>	2026-05-22 12:26:00 +08:00
Tiger Kaovilai	b91d34065b	Add changelog for unreleased version 9791 ... Signed-off-by: Tiger Kaovilai <tkaovila@redhat.com>	2026-05-21 22:05:40 -04:00
Daniel Jiang	440b473ca2	Update website post CNCF donation ... 1. Add LF footer. 2. Make necessary changes following CNCF guideline. Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com>	2026-05-21 19:09:51 +08:00
Christian Schlichtherle	1e1eb0b4ec	Merge branch 'main' into fix/dataupload-delete-foreign-backup	2026-05-21 11:53:20 +02:00
Christian Schlichtherle	2f19c3158b	Also skip snapshot-info CM when DataUpload has no owner label ... Per review feedback on #9791, the previous revision still let a DataUpload with an empty velero.io/backup-name label fall through to genConfigmap, creating a ConfigMap that deleteMovedSnapshots can never match back to a snapshot. The CM is useless and only adds etcd churn. Treat the missing-label case the same way as the foreign-owner case: warn and skip the ConfigMap creation. Use a distinct warn message so operators can tell the two misconfiguration classes apart in logs (missing-label vs. owner mismatch from a captured velero namespace). Test for the missing-label case is updated to assert no ConfigMap is created and a warn is emitted. The warn assertion is generalized to match the per-case message substring instead of a fixed string. Signed-off-by: Christian Schlichtherle <christian@schlichtherle.de>	2026-05-21 11:50:21 +02:00
Adam Zhang	b0e72333a0	extend backup resource policy ... - added ClusterScopedFilterPolicy/NamespacedFilterPolicy - added run time data structure, ResolvedResourceFilter and ResolvedNamespaceFilter Signed-off-by: Adam Zhang <adam.zhang@broadcom.com>	2026-05-21 15:36:51 +08:00
Lyndon-Li	343ed95a5e	metadata operation for Kopia repo ... Signed-off-by: Lyndon-Li <lyonghui@vmware.com>	2026-05-21 14:22:36 +08:00
Lyndon-Li	3103318c9b	Merge branch 'main' into metadata-operator-for-kopia-repo	2026-05-21 13:52:41 +08:00
Lyndon-Li	d756df874f	Merge branch 'main' into uploader-interface-fo-block-data-mover	2026-05-21 13:21:14 +08:00
Xun Jiang/Bruce Jiang	f70e339fd0	Merge pull request #9736 from Lyndon-Li/cbt-bitmap-implementation ... CBT bitmap implementation	2026-05-21 13:19:42 +08:00
Lyndon-Li	6bf73dc7ac	Merge branch 'main' into cbt-bitmap-implementation	2026-05-21 09:22:45 +08:00
Lyndon-Li	1d03217661	add CBT bitmap implementation ... Signed-off-by: Lyndon-Li <lyonghui@vmware.com>	2026-05-21 09:20:24 +08:00
Daniel Jiang	d30d389b56	Merge pull request #9801 from reasonerjt/fix-netlify-err ... Fix the site deployment problem	2026-05-20 16:00:22 +08:00
Daniel Jiang	30381a60e4	Fix the site deployment problem ... The netlify error analysis: The problem is that base = "site/" makes the build run from the site subdirectory, and publish = "site/public" is resolved relative to the repo root as site/site/public — but Hugo outputs to site/public. Since the base is already site/, the publish path should just be public (relative to the base directory). Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com>	2026-05-20 15:28:06 +08:00
Xun Jiang/Bruce Jiang	a26dd817b6	Merge pull request #9783 from adam-jian-zhang/backup-filter-design ... backup filter enhancement design	2026-05-20 10:20:09 +08:00
Xun Jiang/Bruce Jiang	7472e37d16	Merge pull request #9797 from blackpiglet/jxun/main/update_base_image ... Update the Linux's base image from Ubuntu jammy to noble.	2026-05-19 11:44:30 +08:00
Adam Zhang	bbbff59eed	address review comments ... - rename FineGrainedGlobalFilterPolicy to ClusterScopedFilterPolicy - add warning message in several places to help debug - cleanup conflicting validations Signed-off-by: Adam Zhang <adam.zhang@broadcom.com>	2026-05-19 00:02:17 +08:00
Xun Jiang	174d76c197	Update the Linux's base image from Ubuntu jammy to noble. ... Signed-off-by: Xun Jiang <xun.jiang@broadcom.com>	2026-05-18 17:42:02 +08:00
Adam Zhang	8ef7e36054	Update design/backup-filter-enhancement/fine-grained-backup-filters-design.md ... Co-authored-by: Tiger Kaovilai <passawit.kaovilai@gmail.com> Signed-off-by: Adam Zhang <adam.zhang@broadcom.com>	2026-05-15 23:34:17 +08:00
Christian Schlichtherle	8f6c563c4d	Warn instead of silently skipping foreign DataUploads ... Velero does not support self-protection: the velero namespace must never be captured in a backup tarball. When it is, the tarball can contain DataUpload CRs belonging to other backups, and the previous revision of this change silently swallowed that case in the DataUploadDeleteAction. Per maintainer feedback, the action should make the misconfiguration detectable rather than silent. Emit a warn-level log naming the DataUpload, its owning backup-name label, and the executing backup, and call out that the velero namespace should be excluded from schedules. Continue to skip the snapshot-info ConfigMap creation so that a mislabeled CM does not mask the real owning backup's snapshot on deletion. The test for the foreign-backup case now also asserts the warn is emitted via a logrus test hook. Signed-off-by: Christian Schlichtherle <cs@bsure-analytics.de>	2026-05-15 08:10:19 +02:00
Christian Schlichtherle	fb3f94bc88	Fix DataUploadDeleteAction creating CMs for foreign DataUploads ... When a backup tarball incidentally contains DataUpload CRs that belong to a different backup (common when a schedule includes the velero namespace where DataUploads live), DataUploadDeleteAction.Execute used to create a "<du-name>-info" ConfigMap labeled with the *executing* backup's name instead of the DataUpload's true owning backup. The ConfigMap is created with Create-only semantics, so the wrong label is never corrected. deleteMovedSnapshots in the backup-deletion controller looks up these ConfigMaps by velero.io/backup-name to discover which Kopia snapshots to delete. With the wrong label, the real owning backup's expiry pass finds no ConfigMaps for its DataUploads and silently leaves their Kopia snapshots in object storage, leaking data over time. Fix: in DataUploadDeleteAction.Execute, compare the DataUpload's velero.io/backup-name label against input.Backup.Name (using label.GetValidName to handle DNS-1035 truncation for long backup names). If the label is present and differs, skip the DataUpload entirely; this prevents the over-eager creation of misnamed ConfigMaps without changing behavior for DataUploads that legitimately belong to the executing backup, or for legacy DataUploads with no backup-name label. Refs: #9472 Signed-off-by: Christian Schlichtherle <cs@bsure-analytics.de>	2026-05-14 19:03:20 +02:00
Lyndon-Li	2346314729	call block uploader provider creation ... Signed-off-by: Lyndon-Li <lyonghui@vmware.com>	2026-05-14 16:17:51 +08:00
Adam Zhang	68fa6f4ee9	backup filter enhancement ... enhance backup filter with resource policies, extend resource policies with fine-grained control for backup resources, both cluster scoped resources and namespace scoped resources, with labels, names include/exclude support with glob patterns. Signed-off-by: Adam Zhang <adam.zhang@broadcom.com>	2026-05-12 15:18:56 +08:00
lyndon-li	0c2efb6da3	Merge pull request #9785 from Lyndon-Li/bump-up-kopia-1.23.0 ... Bump up kopia 1.23.0	2026-05-12 14:19:17 +08:00
Lyndon-Li	e78ec18870	bump up kopia 1.23.0 ... Signed-off-by: Lyndon-Li <lyonghui@vmware.com>	2026-05-12 11:31:40 +08:00
Wenkai Yin(尹文开)	57ff25eaf0	Merge pull request #9784 from blackpiglet/jxun/main/fix_unstable_uts ... Fix unstable UT in pvc_action_test.go's TestExectue().	2026-05-11 17:48:10 +08:00
Lyndon-Li	0be9fc7d09	add block uploader provider ... Signed-off-by: Lyndon-Li <lyonghui@vmware.com>	2026-05-11 17:31:40 +08:00
Xun Jiang	35e1e1f988	Fix unstable UT in pvc_action_test.go's TestExectue(). ... * Move the error assert out of goroutine. * Create the VSC before patching VS status to ReadyToUse. Signed-off-by: Xun Jiang <xun.jiang@broadcom.com>	2026-05-11 11:33:08 +08:00
Shubham Pampattiwar	038d780576	Merge pull request #9776 from shubham-pampattiwar/fix-prow-action-permissions ... Fix prow-action workflow permissions for issue commands	2026-05-09 11:25:43 +08:00
Xun Jiang/Bruce Jiang	3a01767ad1	Merge pull request #9778 from blackpiglet/xj014661/main/bump_deps ... Bump Velero dependencies to latest version.	2026-05-08 18:17:16 +08:00
Xun Jiang	5afe5df122	Bump Velero dependencies to latest version. ... * Fix UT failures caused by client-go version bump. * Some modifications to enhance the UT stability. * Fix UT errors: non-constant format string in call to ... * Fix linter issues. Signed-off-by: Xun Jiang <xun.jiang@broadcom.com>	2026-05-08 17:38:42 +08:00
Daniel Jiang	7314eab582	Update CODE OF CONDUCT for CNCF compliance (#9779) ... Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com>	2026-05-07 13:34:24 -04:00
Xun Jiang/Bruce Jiang	e6d928cdfe	Some updates for actions on main branch. (#9775) ... * Add Windows dockerfile in the Dockerfile change action. * Update Bitnami MinIO Dockerfile directory. Signed-off-by: Xun Jiang <xun.jiang@broadcom.com>	2026-05-06 12:10:23 -04:00
Joseph Antony Vaikath	360095a2e7	Merge pull request #9558 from Joeavaikath/wildcard-ns-bugfix ... Wildcard namespaces: Log warning on empty resolution	2026-05-06 16:30:36 +08:00
lyndon-li	7aab742041	Merge pull request #9763 from Lyndon-Li/fix-docker-hub-push-error ... Fix docker hub push error	2026-04-30 14:45:53 +08:00
Lyndon-Li	7918cb35dd	fix docker hub push error ... Signed-off-by: Lyndon-Li <lyonghui@vmware.com>	2026-04-30 14:30:53 +08:00
dependabot[bot]	f72c57b185	Bump github.com/moby/spdystream from 0.5.0 to 0.5.1 (#9734) ... * Bump github.com/moby/spdystream from 0.5.0 to 0.5.1 Bumps [github.com/moby/spdystream](https://github.com/moby/spdystream) from 0.5.0 to 0.5.1. - [Release notes](https://github.com/moby/spdystream/releases) - [Commits](https://github.com/moby/spdystream/compare/v0.5.0...v0.5.1) --- updated-dependencies: - dependency-name: github.com/moby/spdystream dependency-version: 0.5.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * fix: run go mod tidy to update module files Agent-Logs-Url: https://github.com/velero-io/velero/sessions/3537c5cb-5e31-405c-a79f-878bd146efa8 Co-authored-by: blackpiglet <59276555+blackpiglet@users.noreply.github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Xun Jiang/Bruce Jiang <59276555+blackpiglet@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daniel Jiang <daniel.jiang@broadcom.com> Co-authored-by: Xun Jiang/Bruce Jiang <59276555+blackpiglet@users.noreply.github.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>	2026-04-29 22:39:18 -04:00
Lyndon-Li	44ab9a6a1a	add metadata operations for kopia repo ... Signed-off-by: Lyndon-Li <lyonghui@vmware.com>	2026-04-28 15:58:28 +08:00
Nolan Emirot	76197d7892	fix: lint permission issue (#9740) ... * fix: lint permission issue Signed-off-by: emirot <emirot.nolan@gmail.com> * fix: lint permission issue Signed-off-by: emirot <emirot.nolan@gmail.com> * Set permissions to the actions This commit update the actions "Auto Assign Author", "Auto Label PRs", and "Auto Request Review" Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> Signed-off-by: emirot <emirot.nolan@gmail.com> * Fix wildcard expansion when includes is empty and excludes has wildcards (#9684) * Fix wildcard expansion when includes is empty and excludes has wildcards When a Backup CR is applied via kubectl with empty includedNamespaces and a wildcard in excludedNamespaces, ShouldExpandWildcards triggers expansion. The empty includes expands to nil, but wildcardExpanded is set to true, causing ShouldInclude to return false for all namespaces. Populate expanded includes with all active namespaces when the original includes was empty (meaning "include all") so that the wildcardExpanded check does not falsely reject everything. Signed-off-by: Joseph <jvaikath@redhat.com> * Changelog Signed-off-by: Joseph <jvaikath@redhat.com> * Normalize empty includes to * instead of active namespaces list This ensures consistent behavior between CLI and kubectl-apply paths for Namespace CR inclusion when excludes contain wildcards. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Joseph <jvaikath@redhat.com> * Move empty includes normalization to backup controller Instead of normalizing empty IncludedNamespaces to ["*"] in the collections layer's ExpandIncludesExcludes, do it earlier in prepareBackupRequest. This ensures the spec is correct before any downstream processing. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Joseph <jvaikath@redhat.com> * Update TestProcessBackupCompletions for wildcard normalization Add IncludedNamespaces: []string{"*"} to all expected BackupSpec structs, reflecting the new prepareBackupRequest normalization. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Joseph <jvaikath@redhat.com> * Add checks around empty includenamespaces Signed-off-by: Joseph <jvaikath@redhat.com> * gofmt Signed-off-by: Joseph <jvaikath@redhat.com> --------- Signed-off-by: Joseph <jvaikath@redhat.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: emirot <emirot.nolan@gmail.com> * update hashicorp/go-hclog and go-plugin to current version (#9613) Signed-off-by: Peter Woodman <peter@shortbus.org> Signed-off-by: emirot <emirot.nolan@gmail.com> * fix: honor -stderrthreshold when -logtostderr is true (default) klog v2 defaults -logtostderr to true, which silently ignores the -stderrthreshold flag — all log levels are unconditionally sent to stderr. This makes it impossible for log-aggregation systems to filter by severity. Bump klog to v2.140.0 and opt into the fixed behavior by setting legacy_stderr_threshold_behavior=false and stderrthreshold=INFO (which preserves current output while letting users override via CLI flags). Ref: kubernetes/klog#212, kubernetes/klog#432 Signed-off-by: Pierluigi Lenoci <pierluigilenoci@gmail.com> Signed-off-by: emirot <emirot.nolan@gmail.com> * fix: add changelog and nolint explanation for CI Add missing changelog entry for PR 9654 (fixes Changelog Check). Add explanation to //nolint:errcheck directives (fixes nolintlint). Signed-off-by: Pierluigi Lenoci <pierluigilenoci@gmail.com> Signed-off-by: emirot <emirot.nolan@gmail.com> * Remove Restic code path from PodVolumeRestore. Signed-off-by: Xun Jiang <xun.jiang@broadcom.com> Signed-off-by: emirot <emirot.nolan@gmail.com> * Bump go.opentelemetry.io/otel from 1.40.0 to 1.41.0 Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.40.0 to 1.41.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.40.0...v1.41.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel dependency-version: 1.41.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: emirot <emirot.nolan@gmail.com> * Fix error in auto-request-review action Per action.yml of the action, the token is required. e89da1a8cd/action.yml (L8) Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> Signed-off-by: emirot <emirot.nolan@gmail.com> * fix go-releaser upload error Signed-off-by: Lyndon-Li <lyonghui@vmware.com> Signed-off-by: emirot <emirot.nolan@gmail.com> * add concurrency limit to go-releaser Signed-off-by: Lyndon-Li <lyonghui@vmware.com> Signed-off-by: emirot <emirot.nolan@gmail.com> * Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 (#9692) Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.40.0 to 1.43.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.40.0...v1.43.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk dependency-version: 1.43.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: emirot <emirot.nolan@gmail.com> * fix(lint): fix lint local Signed-off-by: emirot <emirot.nolan@gmail.com> * Apply suggestion from @blackpiglet https://github.com/velero-io/velero/pull/9740/changes#r3151366281 Signed-off-by: Tiger Kaovilai <passawit.kaovilai@gmail.com> --------- Signed-off-by: emirot <emirot.nolan@gmail.com> Signed-off-by: Daniel Jiang <daniel.jiang@broadcom.com> Signed-off-by: Joseph <jvaikath@redhat.com> Signed-off-by: Peter Woodman <peter@shortbus.org> Signed-off-by: Pierluigi Lenoci <pierluigilenoci@gmail.com> Signed-off-by: Xun Jiang <xun.jiang@broadcom.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Lyndon-Li <lyonghui@vmware.com> Signed-off-by: Tiger Kaovilai <passawit.kaovilai@gmail.com> Co-authored-by: Daniel Jiang <daniel.jiang@broadcom.com> Co-authored-by: Joseph Antony Vaikath <jvaikath@redhat.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Co-authored-by: peter woodman <peter@shortbus.org> Co-authored-by: Pierluigi Lenoci <pierluigilenoci@gmail.com> Co-authored-by: Xun Jiang <xun.jiang@broadcom.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lyndon-Li <lyonghui@vmware.com> Co-authored-by: Tiger Kaovilai <passawit.kaovilai@gmail.com>	2026-04-28 03:11:49 -04:00
Daniel Jiang	1056305ca6	Merge pull request #9565 from hollycai05/add-e2e-tests-for-PR9452 ... Add e2e test case for PR 9452	2026-04-28 14:01:26 +08:00
Daniel Jiang	ca41757ef1	Merge pull request #9567 from hollycai05/add-e2e-tests-for-issue7725 ... Add e2e test case for issue 7725	2026-04-28 14:01:18 +08:00
dependabot[bot]	79faa5ff96	Bump go.opentelemetry.io/otel/sdk from 1.40.0 to 1.43.0 (#9692) ... Bumps [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) from 1.40.0 to 1.43.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.40.0...v1.43.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/sdk dependency-version: 1.43.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-27 11:58:24 -04:00
lyndon-li	3f0c221119	Merge pull request #9759 from Lyndon-Li/fix-go-releaser-upload-issue ... Fix go-releaser upload error	2026-04-27 23:34:33 +08:00
lyndon-li	b635035d79	Merge branch 'main' into fix-go-releaser-upload-issue	2026-04-27 22:50:02 +08:00