Skip to content

Commit

Permalink
Fix backups absent permissions
Browse files Browse the repository at this point in the history
* added required permission to the mgr role
* disabled ctrl until the actual implementation
* fixes to the API regarding discussion

Closes #759
  • Loading branch information
zerospiel committed Dec 10, 2024
1 parent baaa41c commit ff7f88d
Show file tree
Hide file tree
Showing 7 changed files with 61 additions and 40 deletions.
20 changes: 5 additions & 15 deletions api/v1alpha1/backup_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,22 +22,8 @@ import (

// BackupSpec defines the desired state of Backup
type BackupSpec struct {
// +kubebuilder:default="0 */6 * * *"

// Schedule is a Cron expression defining when to run the Backup.
// A shortcut instead of filling the .customSchedule field up.
// Default value is to backup every 6 hours.
// If both this field and the .customSchedule field
// are given, the schedule from the latter will be utilized.
Schedule string `json:"schedule"`

// Oneshot indicates whether the Backup should not be scheduled
// and rather created immediately and only once.
// If set to true, the .schedule field is ignored.
// If set to true and the .customSchedule field is given,
// the .spec.template from the latter will be utilized,
// the HMC-required options still might override or precede the options
// from the field.
Oneshot bool `json:"oneshot,omitempty"`
}

Expand All @@ -46,8 +32,12 @@ type BackupStatus struct {
// Reference to the underlying Velero object being managed.
// Might be either Velero Backup or Schedule.
Reference *corev1.ObjectReference `json:"reference,omitempty"`
// Status of the Velero Schedule if .spec.oneshot is set to false.
// Status of the Velero Schedule for the Management scheduled backups.
// Always absent for the Backups with the .spec.oneshot set to true.
Schedule *velerov1.ScheduleStatus `json:"schedule,omitempty"`
// NextAttempt indicates the time when the next scheduled backup will be performed.
// Always absent for the Backups with the .spec.oneshot set to true.
NextAttempt *metav1.Time `json:"nextAttempt,omitempty"`
// Last Velero Backup that has been created.
LastBackup *velerov1.BackupStatus `json:"lastBackup,omitempty"`
}
Expand Down
7 changes: 7 additions & 0 deletions api/v1alpha1/management_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,13 @@ type Core struct {

// ManagementBackup enables a feature to backup HMC objects into a cloud.
type ManagementBackup struct {
// +kubebuilder:default="0 */6 * * *"

// Schedule is a Cron expression defining when to run the scheduled Backup.
// A shortcut instead of filling the .customSchedule field up.
// Default value is to backup every 6 hours.
Schedule string `json:"schedule,omitempty"`

// +kubebuilder:default=false

// Flag to indicate whether the backup feature is enabled.
Expand Down
4 changes: 4 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

15 changes: 8 additions & 7 deletions cmd/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -302,13 +302,14 @@ func main() {
setupLog.Error(err, "unable to create controller", "controller", "MultiClusterService")
os.Exit(1)
}
if err = (&controller.BackupReconciler{
Client: mgr.GetClient(),
Scheme: mgr.GetScheme(),
}).SetupWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create controller", "controller", "Backup")
os.Exit(1)
}
// TODO (zerospiel): disabled until the #605
// if err = (&controller.BackupReconciler{
// Client: mgr.GetClient(),
// Scheme: mgr.GetScheme(),
// }).SetupWithManager(mgr); err != nil {
// setupLog.Error(err, "unable to create controller", "controller", "Backup")
// os.Exit(1)
// }
// +kubebuilder:scaffold:builder

if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -43,23 +43,7 @@ spec:
description: |-
Oneshot indicates whether the Backup should not be scheduled
and rather created immediately and only once.
If set to true, the .schedule field is ignored.
If set to true and the .customSchedule field is given,
the .spec.template from the latter will be utilized,
the HMC-required options still might override or precede the options
from the field.
type: boolean
schedule:
default: 0 */6 * * *
description: |-
Schedule is a Cron expression defining when to run the Backup.
A shortcut instead of filling the .customSchedule field up.
Default value is to backup every 6 hours.
If both this field and the .customSchedule field
are given, the schedule from the latter will be utilized.
type: string
required:
- schedule
type: object
status:
description: BackupStatus defines the observed state of Backup
Expand Down Expand Up @@ -210,6 +194,12 @@ spec:
file in object storage.
type: integer
type: object
nextAttempt:
description: |-
NextAttempt indicates the time when the next scheduled backup will be performed.
Always absent for the Backups with the .spec.oneshot set to true.
format: date-time
type: string
reference:
description: |-
Reference to the underlying Velero object being managed.
Expand Down Expand Up @@ -256,8 +246,9 @@ spec:
type: object
x-kubernetes-map-type: atomic
schedule:
description: Status of the Velero Schedule if .spec.oneshot is set
to false.
description: |-
Status of the Velero Schedule for the Management scheduled backups.
Always absent for the Backups with the .spec.oneshot set to true.
properties:
lastBackup:
description: |-
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,15 @@ spec:
[Velero]: https://velero.io
type: boolean
schedule:
default: 0 */6 * * *
description: |-
Schedule is a Cron expression defining when to run the Backup.
A shortcut instead of filling the .customSchedule field up.
Default value is to backup every 6 hours.
If both this field and the .customSchedule field
are given, the schedule from the latter will be utilized.
type: string
required:
- enabled
type: object
Expand Down
19 changes: 19 additions & 0 deletions templates/provider/hmc/templates/rbac/controller/roles.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -215,6 +215,25 @@ rules:
resources:
- secrets
verbs: {{ include "rbac.viewerVerbs" . | nindent 4 }}
- apiGroups:
- hmc.mirantis.com
resources:
- backups
verbs: {{ include "rbac.editorVerbs" . | nindent 4 }}
- apiGroups:
- hmc.mirantis.com
resources:
- backups/finalizers
verbs:
- update
- apiGroups:
- hmc.mirantis.com
resources:
- backups/status
verbs:
- get
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
Expand Down

0 comments on commit ff7f88d

Please sign in to comment.