openshift
diff --git a/‎api/v1alpha1/oadp_types.go
Lines changed: 3 additions & 0 deletions b/‎api/v1alpha1/oadp_types.go
Lines changed: 3 additions & 0 deletions
diff --git a/‎controllers/validator.go
Lines changed: 9 additions & 1 deletion b/‎controllers/validator.go
Lines changed: 9 additions & 1 deletion
diff --git a/‎controllers/validator_test.go
Lines changed: 86 additions & 2 deletions b/‎controllers/validator_test.go
Lines changed: 86 additions & 2 deletions
diff --git a/‎controllers/velero.go
Lines changed: 7 additions & 2 deletions b/‎controllers/velero.go
Lines changed: 7 additions & 2 deletions
@@ -56,6 +56,9 @@ const CSIPluginImageKey UnsupportedImageKey = "csiPluginImageFqin"
 const ResticRestoreImageKey UnsupportedImageKey = "resticRestoreImageFqin"
 const RegistryImageKey UnsupportedImageKey = "registryImageFqin"
 const KubeVirtPluginImageKey UnsupportedImageKey = "kubevirtPluginImageFqin"
+const OperatorTypeKey UnsupportedImageKey = "operator-type"
+
+const OperatorTypeMTC = "mtc"
 
 type VeleroConfig struct {
 	// FeatureFlags defines the list of features to enable for Velero instance
 
@@ -28,6 +28,10 @@ func (r *DPAReconciler) ValidateDataProtectionCR(log logr.Logger) (bool, error)
 		}
 	}
 
+	if dpa.Spec.Configuration.Velero.NoDefaultBackupLocation && dpa.BackupImages() {
+		return false, errors.New("backupImages needs to be set to false when noDefaultLocationBackupLocation is set")
+	}
+
 	if len(dpa.Spec.BackupLocations) > 0 {
 		for _, location := range dpa.Spec.BackupLocations {
 			// check for velero BSL config or cloud storage config
@@ -45,6 +49,10 @@ func (r *DPAReconciler) ValidateDataProtectionCR(log logr.Logger) (bool, error)
 		}
 	}
 
+	if val, found := dpa.Spec.UnsupportedOverrides[oadpv1alpha1.OperatorTypeKey]; found && val != oadpv1alpha1.OperatorTypeMTC {
+		return false, errors.New("only mtc operator type override is supported")
+	}
+
 	if _, err := r.ValidateVeleroPlugins(r.Log); err != nil {
 		return false, err
 	}
@@ -76,7 +84,7 @@ func (r *DPAReconciler) ValidateVeleroPlugins(log logr.Logger) (bool, error) {
 			pluginNeedsCheck = true
 		}
 
-		if ok && pluginSpecificMap.IsCloudProvider && pluginNeedsCheck {
+		if ok && pluginSpecificMap.IsCloudProvider && pluginNeedsCheck && !dpa.Spec.Configuration.Velero.NoDefaultBackupLocation {
 			secretName := pluginSpecificMap.SecretName
 			_, err := r.getProviderSecret(secretName)
 			if err != nil {
 
@@ -10,6 +10,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/client-go/tools/record"
+	"k8s.io/utils/pointer"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -22,7 +23,7 @@ func TestDPAReconciler_ValidateDataProtectionCR(t *testing.T) {
 		wantErr bool
 	}{
 		{
-			name: "given valid DPA CR, no error case",
+			name: "given valid DPA CR, no default backup location, no backup images, no error case",
 			dpa: &oadpv1alpha1.DataProtectionApplication{
 				ObjectMeta: metav1.ObjectMeta{
 					Name:      "test-DPA-CR",
@@ -37,6 +38,33 @@ func TestDPAReconciler_ValidateDataProtectionCR(t *testing.T) {
 							NoDefaultBackupLocation: true,
 						},
 					},
+					BackupImages: pointer.Bool(false),
+				},
+			},
+			objects: []client.Object{},
+			wantErr: false,
+			want:    true,
+		},
+		{
+			name: "given valid DPA CR, no default backup location, no backup images, MTC type override, no error case",
+			dpa: &oadpv1alpha1.DataProtectionApplication{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test-DPA-CR",
+					Namespace: "test-ns",
+				},
+				Spec: oadpv1alpha1.DataProtectionApplicationSpec{
+					Configuration: &oadpv1alpha1.ApplicationConfig{
+						Velero: &oadpv1alpha1.VeleroConfig{
+							DefaultPlugins: []oadpv1alpha1.DefaultPlugin{
+								oadpv1alpha1.DefaultPluginAWS,
+							},
+							NoDefaultBackupLocation: true,
+						},
+					},
+					BackupImages: pointer.Bool(false),
+					UnsupportedOverrides: map[oadpv1alpha1.UnsupportedImageKey]string{
+						oadpv1alpha1.OperatorTypeKey: oadpv1alpha1.OperatorTypeMTC,
+					},
 				},
 			},
 			objects: []client.Object{
@@ -51,7 +79,62 @@ func TestDPAReconciler_ValidateDataProtectionCR(t *testing.T) {
 			want:    true,
 		},
 		{
-			name: "given valid DPA CR, error case",
+			name: "given valid DPA CR, no default backup location, no backup images, notMTC type override, error case",
+			dpa: &oadpv1alpha1.DataProtectionApplication{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test-DPA-CR",
+					Namespace: "test-ns",
+				},
+				Spec: oadpv1alpha1.DataProtectionApplicationSpec{
+					Configuration: &oadpv1alpha1.ApplicationConfig{
+						Velero: &oadpv1alpha1.VeleroConfig{
+							DefaultPlugins: []oadpv1alpha1.DefaultPlugin{
+								oadpv1alpha1.DefaultPluginAWS,
+							},
+							NoDefaultBackupLocation: true,
+						},
+					},
+					BackupImages: pointer.Bool(false),
+					UnsupportedOverrides: map[oadpv1alpha1.UnsupportedImageKey]string{
+						oadpv1alpha1.OperatorTypeKey: "not" + oadpv1alpha1.OperatorTypeMTC,
+					},
+				},
+			},
+			objects: []client.Object{
+				&corev1.Secret{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "cloud-credentials",
+						Namespace: "test-ns",
+					},
+				},
+			},
+			wantErr: true,
+			want:    false,
+		},
+		{
+			name: "given valid DPA CR, no default backup location, backup images cannot be nil, error case",
+			dpa: &oadpv1alpha1.DataProtectionApplication{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test-DPA-CR",
+					Namespace: "test-ns",
+				},
+				Spec: oadpv1alpha1.DataProtectionApplicationSpec{
+					Configuration: &oadpv1alpha1.ApplicationConfig{
+						Velero: &oadpv1alpha1.VeleroConfig{
+							DefaultPlugins: []oadpv1alpha1.DefaultPlugin{
+								oadpv1alpha1.DefaultPluginAWS,
+							},
+							NoDefaultBackupLocation: true,
+						},
+					},
+				},
+			},
+			objects: []client.Object{},
+			wantErr: true,
+			want:    false,
+		},
+		{
+			name: "given valid DPA CR, no default backup location, backup images cannot be true, error case",
 			dpa: &oadpv1alpha1.DataProtectionApplication{
 				ObjectMeta: metav1.ObjectMeta{
 					Name:      "test-DPA-CR",
@@ -66,6 +149,7 @@ func TestDPAReconciler_ValidateDataProtectionCR(t *testing.T) {
 							NoDefaultBackupLocation: true,
 						},
 					},
+					BackupImages: pointer.Bool(true),
 				},
 			},
 			objects: []client.Object{},
 
@@ -713,10 +713,16 @@ func (r DPAReconciler) noDefaultCredentials(dpa oadpv1alpha1.DataProtectionAppli
 	providerNeedsDefaultCreds := map[string]bool{}
 	hasCloudStorage := false
 	if dpa.Spec.Configuration.Velero.NoDefaultBackupLocation {
+		needDefaultCred := false
+
+		if dpa.Spec.UnsupportedOverrides[oadpv1alpha1.OperatorTypeKey] == oadpv1alpha1.OperatorTypeMTC {
+			// MTC requires default credentials
+			needDefaultCred = true
+		}
 		// go through cloudprovider plugins and mark providerNeedsDefaultCreds to false
 		for _, provider := range dpa.Spec.Configuration.Velero.DefaultPlugins {
 			if psf, ok := credentials.PluginSpecificFields[provider]; ok && psf.IsCloudProvider {
-				providerNeedsDefaultCreds[psf.PluginName] = false
+				providerNeedsDefaultCreds[psf.PluginName] = needDefaultCred
 			}
 		}
 	} else {
@@ -761,4 +767,3 @@ func (r DPAReconciler) noDefaultCredentials(dpa oadpv1alpha1.DataProtectionAppli
 	return providerNeedsDefaultCreds, hasCloudStorage, nil
 
 }
-
Original file line number	Diff line number	Diff line change
`@@ -28,6 +28,10 @@ func (r *DPAReconciler) ValidateDataProtectionCR(log logr.Logger) (bool, error)`
`28`	`28`	`}`
`29`	`29`	`}`
`30`	`30`
	`31`	`+ if dpa.Spec.Configuration.Velero.NoDefaultBackupLocation && dpa.BackupImages() {`
	`32`	`+ return false, errors.New("backupImages needs to be set to false when noDefaultLocationBackupLocation is set")`
	`33`	`+ }`
	`34`	`+`
`31`	`35`	`if len(dpa.Spec.BackupLocations) > 0 {`
`32`	`36`	`for _, location := range dpa.Spec.BackupLocations {`
`33`	`37`	`// check for velero BSL config or cloud storage config`
`@@ -45,6 +49,10 @@ func (r *DPAReconciler) ValidateDataProtectionCR(log logr.Logger) (bool, error)`
`45`	`49`	`}`
`46`	`50`	`}`
`47`	`51`
	`52`	`+ if val, found := dpa.Spec.UnsupportedOverrides[oadpv1alpha1.OperatorTypeKey]; found && val != oadpv1alpha1.OperatorTypeMTC {`
	`53`	`+ return false, errors.New("only mtc operator type override is supported")`
	`54`	`+ }`
	`55`	`+`
`48`	`56`	`if _, err := r.ValidateVeleroPlugins(r.Log); err != nil {`
`49`	`57`	`return false, err`
`50`	`58`	`}`
`@@ -76,7 +84,7 @@ func (r *DPAReconciler) ValidateVeleroPlugins(log logr.Logger) (bool, error) {`
`76`	`84`	`pluginNeedsCheck = true`
`77`	`85`	`}`
`78`	`86`
`79`		`- if ok && pluginSpecificMap.IsCloudProvider && pluginNeedsCheck {`
	`87`	`+ if ok && pluginSpecificMap.IsCloudProvider && pluginNeedsCheck && !dpa.Spec.Configuration.Velero.NoDefaultBackupLocation {`
`80`	`88`	`secretName := pluginSpecificMap.SecretName`
`81`	`89`	`_, err := r.getProviderSecret(secretName)`
`82`	`90`	`if err != nil {`