-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
None
-
Quality / Stability / Reliability
-
3
-
False
-
-
False
-
ToDo
-
-
-
0
-
Very Likely
-
0
-
None
-
Unset
-
Unknown
-
None
Description of problem:
There are a number of issues being observed when provider value is provided alongwith the "velero.io" prefix in the DPA spec.
Issue #1: Default secret name (lets say cloud-credentials for AWS) cannot be fetched when provider in BSL is using prefix "velero.io" example: velero.io/aws
$ oc get dpa -o yaml
apiVersion: v1
items:
- apiVersion: oadp.openshift.io/v1alpha1
kind: DataProtectionApplication
metadata:
creationTimestamp: "2024-10-15T17:17:53Z"
generation: 1
name: ts-dpa
namespace: openshift-adp
resourceVersion: "243406"
uid: 982c85ca-a24e-440f-a335-beaf4890f9d1
spec:
backupLocations:
- velero:
config:
insecureSkipTLSVerify: "true"
profile: default
region: us-east-2
default: true
objectStorage:
bucket: oadp98931dx2l5
prefix: velero
provider: velero.io/aws
configuration:
velero:
defaultPlugins:
- aws
- openshift
status:
conditions:
- lastTransitionTime: "2024-10-15T17:17:53Z"
message: Secret "" not found
reason: Error
status: "False"
type: Reconciled
kind: List
Issue #2:
Second one, VSL provider value is also considered invalid, when provider in VSL using prefix, "velero.io" example: velero.io/aws
4s Warning VSL provider is invalid volumesnapshotlocation/ts-dpa-1 VSL provider velero.io/aws is invalid, might be a misconfiguration
Note for this scenario: Earlier when "velero.io" prefix was used in VSL spec provider, it used to report a warning. After the bug https://issues.redhat.com/browse/OADP-5044 is fixed, it is supposed to report DPA error.
Issue #3:
Registry secret fails to get created when BSL is using prefix, "velero.io" example: velero.io/aws
apiVersion: v1
items:
- apiVersion: oadp.openshift.io/v1alpha1
kind: DataProtectionApplication
metadata:
creationTimestamp: "2024-10-15T17:17:53Z"
generation: 4
name: ts-dpa
namespace: openshift-adp
resourceVersion: "245993"
uid: 982c85ca-a24e-440f-a335-beaf4890f9d1
spec:
backupLocations:
- velero:
config:
insecureSkipTLSVerify: "true"
profile: default
region: us-east-2
credential:
key: cloud
name: cloud-credentials
default: true
objectStorage:
bucket: oadp98931dx2l5
prefix: velero
provider: velero.io/aws
configuration:
velero:
defaultPlugins:
- aws
- openshift
status:
conditions:
- lastTransitionTime: "2024-10-15T17:24:41Z"
message: 'Secret "oadp-ts-dpa-1-velero.io/aws-registry-secret" is invalid: metadata.name:
Invalid value: "oadp-ts-dpa-1-velero.io/aws-registry-secret": a lowercase
RFC 1123 subdomain must consist of lower case alphanumeric characters, ''-''
or ''.'', and must start and end with an alphanumeric character (e.g. ''example.com'',
regex used for validation is ''[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*'')'
reason: Error
status: "False"
type: Reconciled
Version-Release number of selected component (if applicable):
1.4.1
How reproducible:
Always
Actual results:
As shown above.
Expected results:
The velero.io/provider OR provider, should be respected the same way.
Additional info:
NOTE: The reason these issues are being reported together is because the root cause is same, and that is the trimming of provider string at certain places in the codebase.
Proposed fix (if we want to support "velero.io/<cloud provider>" format) :
https://github.com/openshift/oadp-operator/blob/master/controllers/registry.go#L211
https://github.com/openshift/oadp-operator/blob/master/controllers/registry.go#L262
https://github.com/openshift/oadp-operator/blob/master/controllers/vsl.go#L111
At these places (more or less), we need to add trimPrefix for provider.
