Feature/fix up rename

Makefile

@@ -207,12 +207,12 @@ endef
 
 .PHONY: bundle
 bundle: manifests kustomize ## Generate bundle manifests and metadata, then validate generated files.
-	operator-sdk generate kustomize manifests -q
-	cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG)
-	$(KUSTOMIZE) build config/manifests | operator-sdk generate bundle -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS)
+	# operator-sdk generate kustomize manifests -q
+	#cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG)
+	# $(KUSTOMIZE) build config/manifests | operator-sdk generate bundle -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS)
 	# Copy updated bundle.Dockerfile to CI's Dockerfile.bundle
 	# TODO: update CI to use generated one
-	cp bundle.Dockerfile build/Dockerfile.bundle
+	# cp bundle.Dockerfile build/Dockerfile.bundle
 	operator-sdk bundle validate ./bundle
 
 .PHONY: bundle-build

api/v1alpha1/cloud_storage_types.go

@@ -16,10 +16,10 @@ type CloudStorage struct {
 	Status CloudStorageStatus `json:"status,omitempty"`
 }
 
-type BucketProvider string
+type CloudStorageProvider string
 
 const (
-	AWSBucketProvider BucketProvider = "AWS"
+	AWSBucketProvider CloudStorageProvider = "aws"
 )
 
 type CloudStorageSpec struct {
@@ -34,8 +34,8 @@ type CloudStorageSpec struct {
 	Tags map[string]string `json:"tags,omitempty"`
 	// Region for the bucket to be in, will be us-east-1 if not set.
 	Region string `json:"region,omitempty"`
-	// +kubebuilder:validation:Enum=AWS
-	Provider BucketProvider `json:"provider"`
+	// +kubebuilder:validation:Enum=aws
+	Provider CloudStorageProvider `json:"provider"`
 }
 
 type CloudStorageStatus struct {

api/v1alpha1/oadp_types.go

@@ -108,8 +108,8 @@ type ApplicationConfig struct {
 	Restic *ResticConfig `json:"restic,omitempty"`
 }
 
-type BucketBackupLocation struct {
-	BucketRef corev1.LocalObjectReference `json:"bucketRef"`
+type CloudStorageLocation struct {
+	CloudStorageRef corev1.LocalObjectReference `json:"cloudStorageRef"`
 
 	// Config is for provider-specific configuration fields.
 	// +optional
@@ -135,7 +135,7 @@ type BackupLocation struct {
 	// +optional
 	Velero *velero.BackupStorageLocationSpec `json:"velero,omitempty"`
 	// +optional
-	Bucket *BucketBackupLocation `json:"bucket,omitempty"`
+	CloudStorage *CloudStorageLocation `json:"bucket,omitempty"`
 }
 
 // SnapshotLocation defines the configuration for the DPA snapshot store

bundle/manifests/oadp-operator.clusterserviceversion.yaml

@@ -266,6 +266,23 @@ spec:
   install:
     spec:
       clusterPermissions:
+      - rules:
+        - apiGroups:
+          - '*'
+          resources:
+          - '*'
+          verbs:
+          - '*'
+        - apiGroups:
+          - security.openshift.io
+          resourceNames:
+          - privileged
+          - velero-privileged
+          resources:
+          - securitycontextconstraints
+          verbs:
+          - use
+        serviceAccountName: velero
       - rules:
         - apiGroups:
           - oadp.openshift.io
@@ -438,10 +455,6 @@ spec:
                 - --v=10
                 image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0
                 name: kube-rbac-proxy
-                volumeMounts:
-                - mountPath: /var/run/secrets/openshift/serviceaccount
-                  name: bound-sa-token
-                  readOnly: true
                 ports:
                 - containerPort: 8443
                   name: https
@@ -527,6 +540,10 @@ spec:
                     path: /healthz
                     port: 8081
                   periodSeconds: 10
+                volumeMounts:
+                - mountPath: /var/run/secrets/openshift/serviceaccount
+                  name: bound-sa-token
+                  readOnly: true
               securityContext:
                 runAsNonRoot: true
               serviceAccountName: openshift-adp-controller-manager
@@ -536,9 +553,9 @@ spec:
                 projected:
                   sources:
                   - serviceAccountToken:
-                      path: token
-                      expirationSeconds: 3600
                       audience: openshift
+                      expirationSeconds: 3600
+                      path: token
       permissions:
       - rules:
         - apiGroups:

bundle/manifests/oadp.openshift.io_cloudstorages.yaml

@@ -59,7 +59,7 @@ spec:
                 type: string
               provider:
                 enum:
-                - AWS
+                - aws
                 type: string
               region:
                 description: Region for the bucket to be in, will be us-east-1 if

bundle/manifests/oadp.openshift.io_dataprotectionapplications.yaml

@@ -56,7 +56,7 @@ spec:
                             0 disables sync.
                           nullable: true
                           type: string
-                        bucketRef:
+                        cloudStorageRef:
                           description: LocalObjectReference contains enough information
                             to let you locate the referenced object inside the same
                             namespace.
@@ -96,7 +96,7 @@ spec:
                             backup storage location.
                           type: boolean
                       required:
-                      - bucketRef
+                      - cloudStorageRef
                       type: object
                     velero:
                       description: 'TODO: Add name/annotations/labels support'

config/crd/bases/oadp.openshift.io_cloudstorages.yaml

@@ -61,7 +61,7 @@ spec:
                 type: string
               provider:
                 enum:
-                - AWS
+                - aws
                 type: string
               region:
                 description: Region for the bucket to be in, will be us-east-1 if

config/crd/bases/oadp.openshift.io_dataprotectionapplications.yaml

@@ -58,7 +58,7 @@ spec:
                             0 disables sync.
                           nullable: true
                           type: string
-                        bucketRef:
+                        cloudStorageRef:
                           description: LocalObjectReference contains enough information
                             to let you locate the referenced object inside the same
                             namespace.
@@ -98,7 +98,7 @@ spec:
                             backup storage location.
                           type: boolean
                       required:
-                      - bucketRef
+                      - cloudStorageRef
                       type: object
                     velero:
                       description: 'TODO: Add name/annotations/labels support'

config/manager/manager.yaml

@@ -27,6 +27,10 @@ spec:
       containers:
       - command:
         - /manager
+        volumeMounts:
+          - mountPath: /var/run/secrets/openshift/serviceaccount
+            name: bound-sa-token
+            readOnly: true
         env:
           - name: WATCH_NAMESPACE
             valueFrom:
@@ -105,4 +109,12 @@ spec:
             cpu: 500m
             memory: 128Mi
       serviceAccountName: controller-manager
+      volumes:
+      - name: bound-sa-token
+        projected:
+          sources:
+          - serviceAccountToken:
+              path: token
+              expirationSeconds: 3600
+              audience: openshift
       terminationGracePeriodSeconds: 10

controllers/bsl.go

@@ -61,16 +61,16 @@ func (r *DPAReconciler) ValidateBackupStorageLocations(log logr.Logger) (bool, e
 				return false, fmt.Errorf("invalid provider")
 			}
 		}
-		if bslSpec.Bucket != nil {
+		if bslSpec.CloudStorage != nil {
 			// Make sure credentials are specified.
-			if bslSpec.Bucket.Credential == nil {
+			if bslSpec.CloudStorage.Credential == nil {
 				return false, fmt.Errorf("must provide a valid credential secret")
 			}
-			if bslSpec.Bucket.Credential.LocalObjectReference.Name == "" {
+			if bslSpec.CloudStorage.Credential.LocalObjectReference.Name == "" {
 				return false, fmt.Errorf("must provide a valid credential secret name")
 			}
 		}
-		if bslSpec.Bucket != nil && bslSpec.Velero != nil {
+		if bslSpec.CloudStorage != nil && bslSpec.Velero != nil {
 			return false, fmt.Errorf("must choose one of bucket or velero")
 		}
 	}
@@ -107,22 +107,22 @@ func (r *DPAReconciler) ReconcileBackupStorageLocations(log logr.Logger) (bool,
 
 				return err
 			}
-			if bslSpec.Bucket != nil {
+			if bslSpec.CloudStorage != nil {
 				bucket := &oadpv1alpha1.CloudStorage{}
-				err := r.Get(r.Context, client.ObjectKey{Namespace: dpa.Namespace, Name: bslSpec.Bucket.BucketRef.Name}, bucket)
+				err := r.Get(r.Context, client.ObjectKey{Namespace: dpa.Namespace, Name: bslSpec.CloudStorage.CloudStorageRef.Name}, bucket)
 				if err != nil {
 					return err
 				}
-				bsl.Spec.BackupSyncPeriod = bslSpec.Bucket.BackupSyncPeriod
-				bsl.Spec.Config = bslSpec.Bucket.Config
+				bsl.Spec.BackupSyncPeriod = bslSpec.CloudStorage.BackupSyncPeriod
+				bsl.Spec.Config = bslSpec.CloudStorage.Config
 				if bucket.Spec.EnableSharedConfig != nil && *bucket.Spec.EnableSharedConfig {
 					if bsl.Spec.Config == nil {
 						bsl.Spec.Config = map[string]string{}
 					}
 					bsl.Spec.Config["enableSharedConfig"] = "true"
 				}
-				bsl.Spec.Credential = bslSpec.Bucket.Credential
-				bsl.Spec.Default = bslSpec.Bucket.Default
+				bsl.Spec.Credential = bslSpec.CloudStorage.Credential
+				bsl.Spec.Default = bslSpec.CloudStorage.Default
 				bsl.Spec.Provider = AWSProvider
 				bsl.Spec.ObjectStorage = &velerov1.ObjectStorageLocation{
 					Bucket: bucket.Spec.Name,
@@ -275,7 +275,7 @@ func (r *DPAReconciler) ensureBSLProviderMapping(dpa *oadpv1alpha1.DataProtectio
 
 	providerBSLMap := map[string]int{}
 	for _, bsl := range dpa.Spec.BackupLocations {
-		if bsl.Bucket == nil && bsl.Velero == nil {
+		if bsl.CloudStorage == nil && bsl.Velero == nil {
 			return fmt.Errorf("no bucket or BSL provided for backupstoragelocations")
 		}
 		if bsl.Velero != nil {
@@ -290,7 +290,7 @@ func (r *DPAReconciler) ensureBSLProviderMapping(dpa *oadpv1alpha1.DataProtectio
 				}
 			}
 		}
-		if bsl.Bucket != nil && bsl.Velero != nil {
+		if bsl.CloudStorage != nil && bsl.Velero != nil {
 			return fmt.Errorf("more than one of backupstoragelocations and bucket provided for a single StorageLocation")
 		}
 	}