mirror of
https://github.com/vmware-tanzu/velero.git
synced 2026-05-22 23:21:33 +00:00
8f6c563c4d
Velero does not support self-protection: the velero namespace must never be captured in a backup tarball. When it is, the tarball can contain DataUpload CRs belonging to other backups, and the previous revision of this change silently swallowed that case in the DataUploadDeleteAction. Per maintainer feedback, the action should make the misconfiguration detectable rather than silent. Emit a warn-level log naming the DataUpload, its owning backup-name label, and the executing backup, and call out that the velero namespace should be excluded from schedules. Continue to skip the snapshot-info ConfigMap creation so that a mislabeled CM does not mask the real owning backup's snapshot on deletion. The test for the foreign-backup case now also asserts the warn is emitted via a logrus test hook. Signed-off-by: Christian Schlichtherle <cs@bsure-analytics.de>