Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support for caCert in VolumeSnapshotLocation
Browse files Browse the repository at this point in the history
Signed-off-by: Ayush Rangwala <[email protected]>
Ayush Rangwala committed Feb 24, 2021
1 parent f9fe40b commit c14db6a
Showing 6 changed files with 21 additions and 3 deletions.
4 changes: 4 additions & 0 deletions pkg/apis/velero/v1/volume_snapshot_location.go
Original file line number Diff line number Diff line change
@@ -57,6 +57,10 @@ type VolumeSnapshotLocationSpec struct {
// Provider is the provider of the volume storage.
Provider string `json:"provider"`

// CACert defines a CA bundle to use when verifying TLS connections to the provider.
// +optional
CACert []byte `json:"caCert,omitempty"`

// Config is for provider-specific configuration fields.
// +optional
Config map[string]string `json:"config,omitempty"`
4 changes: 4 additions & 0 deletions pkg/backup/item_backupper.go
Original file line number Diff line number Diff line change
@@ -377,6 +377,10 @@ func (ib *itemBackupper) volumeSnapshotter(snapshotLocation *velerov1api.VolumeS
return nil, err
}

if snapshotLocation.Spec.CACert != nil {
snapshotLocation.Spec.Config["caCert"] = string(snapshotLocation.Spec.CACert)
}

if err := bs.Init(snapshotLocation.Spec.Config); err != nil {
return nil, err
}
4 changes: 4 additions & 0 deletions pkg/controller/backup_deletion_controller.go
Original file line number Diff line number Diff line change
@@ -462,6 +462,10 @@ func volumeSnapshotterForSnapshotLocation(
return nil, errors.Wrapf(err, "error getting volume snapshotter for provider %s", snapshotLocation.Spec.Provider)
}

if snapshotLocation.Spec.CACert != nil {
snapshotLocation.Spec.Config["caCert"] = string(snapshotLocation.Spec.CACert)
}

if err = volumeSnapshotter.Init(snapshotLocation.Spec.Config); err != nil {
return nil, errors.Wrapf(err, "error initializing volume snapshotter for volume snapshot location %s", snapshotLocationName)
}
5 changes: 3 additions & 2 deletions pkg/install/resources.go
Original file line number Diff line number Diff line change
@@ -165,7 +165,7 @@ func BackupStorageLocation(namespace, provider, bucket, prefix string, config ma
}
}

func VolumeSnapshotLocation(namespace, provider string, config map[string]string) *velerov1api.VolumeSnapshotLocation {
func VolumeSnapshotLocation(namespace, provider string, config map[string]string, caCert []byte) *velerov1api.VolumeSnapshotLocation {
return &velerov1api.VolumeSnapshotLocation{
ObjectMeta: objectMeta(namespace, "default"),
TypeMeta: metav1.TypeMeta{
@@ -174,6 +174,7 @@ func VolumeSnapshotLocation(namespace, provider string, config map[string]string
},
Spec: velerov1api.VolumeSnapshotLocationSpec{
Provider: provider,
CACert: caCert,
Config: config,
},
}
@@ -269,7 +270,7 @@ func AllResources(o *VeleroOptions) (*unstructured.UnstructuredList, error) {

// A snapshot location may not be desirable for users relying on restic
if o.UseVolumeSnapshots {
vsl := VolumeSnapshotLocation(o.Namespace, o.ProviderName, o.VSLConfig)
vsl := VolumeSnapshotLocation(o.Namespace, o.ProviderName, o.VSLConfig, o.CACertData)
appendUnstructured(resources, vsl)
}

3 changes: 2 additions & 1 deletion pkg/install/resources_test.go
Original file line number Diff line number Diff line change
@@ -31,11 +31,12 @@ func TestResources(t *testing.T) {
assert.Equal(t, make(map[string]string), bsl.Spec.Config)
assert.Equal(t, []byte("test"), bsl.Spec.ObjectStorage.CACert)

vsl := VolumeSnapshotLocation(DefaultVeleroNamespace, "test", make(map[string]string))
vsl := VolumeSnapshotLocation(DefaultVeleroNamespace, "test", make(map[string]string), []byte("test"))

assert.Equal(t, "velero", vsl.ObjectMeta.Namespace)
assert.Equal(t, "test", vsl.Spec.Provider)
assert.Equal(t, make(map[string]string), vsl.Spec.Config)
assert.Equal(t, []byte("test"), vsl.Spec.CACert)

ns := Namespace("velero")

4 changes: 4 additions & 0 deletions pkg/restore/pv_restorer.go
Original file line number Diff line number Diff line change
@@ -73,6 +73,10 @@ func (r *pvRestorer) executePVAction(obj *unstructured.Unstructured) (*unstructu
return nil, errors.WithStack(err)
}

if snapshotInfo.location.Spec.CACert != nil {
snapshotInfo.location.Spec.Config["caCert"] = string(snapshotInfo.location.Spec.CACert)
}

if err := volumeSnapshotter.Init(snapshotInfo.location.Spec.Config); err != nil {
return nil, errors.WithStack(err)
}

0 comments on commit c14db6a

Please sign in to comment.