Skip to content

Commit 41e6385

Browse files
mprycclaude
andcommitted
Fix OADP-7562: handle wildcard in scoped excluded cluster resources
When a user sets excludedClusterScopedResources or excludedNamespaceScopedResources to '*', skip appending default resources to avoid Velero FailedValidation. add VolumeGroupSnapshotLabelKey to enforced backup spec tests to allow tests passing. Co-Authored-By: Claude <noreply@anthropic.com> Signed-off-by: Michal Pryc <mpryc@redhat.com>
1 parent 31a3bfc commit 41e6385

File tree

3 files changed

+56
-7
lines changed

3 files changed

+56
-7
lines changed

internal/controller/nonadminbackup_controller.go

Lines changed: 13 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ import (
2121
"context"
2222
"errors"
2323
"reflect"
24+
"slices"
2425

2526
"github.com/go-logr/logr"
2627
velerov1 "github.com/vmware-tanzu/velero/pkg/apis/velero/v1"
@@ -705,11 +706,18 @@ func (r *NonAdminBackupReconciler) createVeleroBackupAndSyncWithNonAdminBackup(c
705706

706707
if haveNewResourceFilterParameters {
707708
// Use the new-style exclusion list
708-
backupSpec.ExcludedNamespaceScopedResources = append(backupSpec.ExcludedNamespaceScopedResources,
709-
alwaysExcludedNamespacedResources...)
710-
backupSpec.ExcludedClusterScopedResources = append(backupSpec.ExcludedClusterScopedResources,
711-
alwaysExcludedClusterResources...)
712-
} else {
709+
// Skip appending when wildcard '*' is already present, as it already
710+
// excludes everything and mixing '*' with specific items causes Velero
711+
// FailedValidation.
712+
if !slices.Contains(backupSpec.ExcludedNamespaceScopedResources, "*") {
713+
backupSpec.ExcludedNamespaceScopedResources = append(backupSpec.ExcludedNamespaceScopedResources,
714+
alwaysExcludedNamespacedResources...)
715+
}
716+
if !slices.Contains(backupSpec.ExcludedClusterScopedResources, "*") {
717+
backupSpec.ExcludedClusterScopedResources = append(backupSpec.ExcludedClusterScopedResources,
718+
alwaysExcludedClusterResources...)
719+
}
720+
} else if !slices.Contains(backupSpec.ExcludedResources, "*") {
713721
// Fallback to the old-style exclusion list
714722
backupSpec.ExcludedResources = append(backupSpec.ExcludedResources,
715723
alwaysExcludedNamespacedResources...)

internal/controller/nonadminbackup_controller_test.go

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1546,6 +1546,44 @@ var _ = ginkgo.Describe("Test full reconcile loop of NonAdminBackup Controller",
15461546
},
15471547
addSyncLabel: true,
15481548
}),
1549+
ginkgo.Entry("Should not append default excluded resources when wildcard is used in excludedClusterScopedResources", nonAdminBackupFullReconcileScenario{
1550+
spec: nacv1alpha1.NonAdminBackupSpec{
1551+
BackupSpec: &velerov1.BackupSpec{
1552+
ExcludedClusterScopedResources: []string{"*"},
1553+
IncludedNamespaceScopedResources: []string{"pvc"},
1554+
},
1555+
},
1556+
status: nacv1alpha1.NonAdminBackupStatus{
1557+
Phase: nacv1alpha1.NonAdminPhaseCreated,
1558+
VeleroBackup: &nacv1alpha1.VeleroBackup{
1559+
Namespace: oadpNamespace,
1560+
Status: nil,
1561+
Spec: &velerov1.BackupSpec{
1562+
ExcludedClusterScopedResources: []string{"*"},
1563+
IncludedNamespaceScopedResources: []string{"pvc"},
1564+
ExcludedNamespaceScopedResources: []string{
1565+
nacv1alpha1.NonAdminBackups,
1566+
nacv1alpha1.NonAdminRestores,
1567+
nacv1alpha1.NonAdminBackupStorageLocations,
1568+
},
1569+
},
1570+
},
1571+
Conditions: []metav1.Condition{
1572+
{
1573+
Type: "Accepted",
1574+
Status: metav1.ConditionTrue,
1575+
Reason: "BackupAccepted",
1576+
Message: "backup accepted",
1577+
},
1578+
{
1579+
Type: "Queued",
1580+
Status: metav1.ConditionTrue,
1581+
Reason: "BackupScheduled",
1582+
Message: "Created Velero Backup object",
1583+
},
1584+
},
1585+
},
1586+
}),
15491587
)
15501588

15511589
ginkgo.DescribeTable("Reconcile triggered by NonAdminBackup sync event",

internal/controller/nonadminrestore_controller.go

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ import (
2020
"context"
2121
"errors"
2222
"reflect"
23+
"slices"
2324

2425
"github.com/go-logr/logr"
2526
velerov1 "github.com/vmware-tanzu/velero/pkg/apis/velero/v1"
@@ -348,8 +349,10 @@ func (r *NonAdminRestoreReconciler) createVeleroRestore(ctx context.Context, log
348349
}
349350
}
350351

351-
restoreSpec.ExcludedResources = append(restoreSpec.ExcludedResources,
352-
"volumesnapshotclasses")
352+
if !slices.Contains(restoreSpec.ExcludedResources, "*") {
353+
restoreSpec.ExcludedResources = append(restoreSpec.ExcludedResources,
354+
"volumesnapshotclasses")
355+
}
353356

354357
veleroRestore = &velerov1.Restore{
355358
ObjectMeta: metav1.ObjectMeta{

0 commit comments

Comments
 (0)