feat: Add CloudStorage config and region fallback to BSL

kaovilai · claude · kaovilai · commit 345b34239d14 · 2025-09-05T13:49:01.000-05:00
When a DataProtectionApplication references a CloudStorage CR, the BSL now inherits configuration values from the CloudStorage CR as fallback, similar to the credential fallback mechanism. Changes: - BSL now uses CloudStorage CR's Config field as base configuration - CloudStorage CR's Region field is automatically added to BSL config - DPA's CloudStorageLocation.Config values override CloudStorage values - Added comprehensive test coverage for config fallback behavior This enhancement allows users to define provider-specific settings once in the CloudStorage CR without needing to duplicate them in the DPA, while still maintaining the ability to override specific values at the DPA level when needed. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/internal/controller/bsl.go b/internal/controller/bsl.go
@@ -175,7 +175,32 @@ func (r *DataProtectionApplicationReconciler) ReconcileBackupStorageLocations(lo
 					return err
 				}
 				bsl.Spec.BackupSyncPeriod = bslSpec.CloudStorage.BackupSyncPeriod
-				bsl.Spec.Config = bslSpec.CloudStorage.Config
+
+				// Start with CloudStorage CR's config as base (fallback)
+				if bucket.Spec.Config != nil {
+					bsl.Spec.Config = make(map[string]string)
+					for k, v := range bucket.Spec.Config {
+						bsl.Spec.Config[k] = v
+					}
+				}
+
+				// Add region from CloudStorage CR if specified
+				if bucket.Spec.Region != "" && bsl.Spec.Config == nil {
+					bsl.Spec.Config = make(map[string]string)
+				}
+				if bucket.Spec.Region != "" {
+					bsl.Spec.Config["region"] = bucket.Spec.Region
+				}
+
+				// Override with DPA's CloudStorageLocation config (higher priority)
+				for k, v := range bslSpec.CloudStorage.Config {
+					if bsl.Spec.Config == nil {
+						bsl.Spec.Config = make(map[string]string)
+					}
+					bsl.Spec.Config[k] = v
+				}
+
+				// Handle enableSharedConfig from CloudStorage CR
 				if bucket.Spec.EnableSharedConfig != nil && *bucket.Spec.EnableSharedConfig {
 					if bsl.Spec.Config == nil {
 						bsl.Spec.Config = map[string]string{}
diff --git a/internal/controller/bsl_test.go b/internal/controller/bsl_test.go
@@ -2953,6 +2953,7 @@ func TestDPAReconciler_ReconcileBackupStorageLocations(t *testing.T) {
 				},
 				Spec: velerov1.BackupStorageLocationSpec{
 					Provider: "aws",
+					Config:   map[string]string{"region": "test-region"},
 					StorageType: velerov1.StorageType{
 						ObjectStorage: &velerov1.ObjectStorageLocation{
 							Bucket: "test-bucket",
@@ -3027,6 +3028,7 @@ func TestDPAReconciler_ReconcileBackupStorageLocations(t *testing.T) {
 					Provider: "aws",
 					Config: map[string]string{
 						"enableSharedConfig": "true",
+						"region":             "us-east-1",
 					},
 					StorageType: velerov1.StorageType{
 						ObjectStorage: &velerov1.ObjectStorageLocation{
@@ -3043,6 +3045,88 @@ func TestDPAReconciler_ReconcileBackupStorageLocations(t *testing.T) {
 				},
 			},
 		},
+		{
+			name: "CloudStorage with config and region fallback",
+			objects: []client.Object{
+				&oadpv1alpha1.DataProtectionApplication{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "test-dpa",
+						Namespace: "test-ns",
+					},
+					Spec: oadpv1alpha1.DataProtectionApplicationSpec{
+						BackupLocations: []oadpv1alpha1.BackupLocation{
+							{
+								CloudStorage: &oadpv1alpha1.CloudStorageLocation{
+									CloudStorageRef: corev1.LocalObjectReference{
+										Name: "config-fallback-cs",
+									},
+									Credential: &corev1.SecretKeySelector{
+										LocalObjectReference: corev1.LocalObjectReference{
+											Name: "cloud-credentials",
+										},
+										Key: "credentials",
+									},
+									Config: map[string]string{
+										"profile": "custom-profile", // This should override CloudStorage's config
+									},
+								},
+							},
+						},
+					},
+				},
+				&corev1.Secret{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "cloud-credentials",
+						Namespace: "test-ns",
+					},
+					Data: map[string][]byte{"credentials": {}},
+				},
+				&oadpv1alpha1.CloudStorage{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "config-fallback-cs",
+						Namespace: "test-ns",
+					},
+					Spec: oadpv1alpha1.CloudStorageSpec{
+						Provider: oadpv1alpha1.AWSBucketProvider,
+						Name:     "config-test-bucket",
+						Region:   "us-west-2",
+						Config: map[string]string{
+							"profile":              "default",
+							"s3ForcePathStyle":     "true",
+							"serverSideEncryption": "AES256",
+						},
+					},
+				},
+			},
+			want:    true,
+			wantErr: false,
+			wantBSL: velerov1.BackupStorageLocation{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test-dpa-1",
+					Namespace: "test-ns",
+				},
+				Spec: velerov1.BackupStorageLocationSpec{
+					Provider: "aws",
+					Config: map[string]string{
+						"region":               "us-west-2",      // From CloudStorage CR
+						"profile":              "custom-profile", // Overridden by DPA
+						"s3ForcePathStyle":     "true",           // From CloudStorage CR
+						"serverSideEncryption": "AES256",         // From CloudStorage CR
+					},
+					StorageType: velerov1.StorageType{
+						ObjectStorage: &velerov1.ObjectStorageLocation{
+							Bucket: "config-test-bucket",
+						},
+					},
+					Credential: &corev1.SecretKeySelector{
+						LocalObjectReference: corev1.LocalObjectReference{
+							Name: "cloud-credentials",
+						},
+						Key: "credentials",
+					},
+				},
+			},
+		},
 		{
 			name: "CloudStorage with Azure provider",
 			objects: []client.Object{
@@ -3105,6 +3189,7 @@ func TestDPAReconciler_ReconcileBackupStorageLocations(t *testing.T) {
 					Config: map[string]string{
 						"storageAccount": "mystorageaccount",
 						"resourceGroup":  "myresourcegroup",
+						"region":         "eastus",
 					},
 					StorageType: velerov1.StorageType{
 						ObjectStorage: &velerov1.ObjectStorageLocation{
@@ -3282,7 +3367,7 @@ func TestDPAReconciler_ReconcileBackupStorageLocations(t *testing.T) {
 				},
 				Spec: velerov1.BackupStorageLocationSpec{
 					Provider: "aws",
-					Config:   map[string]string(nil),
+					Config:   map[string]string{"region": "us-west-2"},
 					StorageType: velerov1.StorageType{
 						ObjectStorage: &velerov1.ObjectStorageLocation{
 							Bucket: "aws-bucket-1",
@@ -3355,7 +3440,7 @@ func TestDPAReconciler_ReconcileBackupStorageLocations(t *testing.T) {
 				},
 				Spec: velerov1.BackupStorageLocationSpec{
 					Provider: "aws",
-					Config:   map[string]string(nil),
+					Config:   map[string]string{"region": "eu-west-1"},
 					StorageType: velerov1.StorageType{
 						ObjectStorage: &velerov1.ObjectStorageLocation{
 							Bucket: "sync-test-bucket",
