Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 2218316: Pass-through CA certificates to Velero #114

Merged
merged 1 commit into from
Jul 6, 2023
Merged

Bug 2218316: Pass-through CA certificates to Velero #114

merged 1 commit into from
Jul 6, 2023

Conversation

ShyamsundarR
Copy link

Problem

An S3 store specified in a VRG's profiles has a certificate signed by a non-trusted authority and Kube object/resource protection is enabled but unable to store or retrieve data from it. See issue RamenDR#921.

Proposed solution

Velero and OADP provide ways to specify CA certificates; both eventually specify them in a BackupStorageLocation. Provide a caCertificates input in each S3 profile and pass it through to corresponding BackupStorageLocation.

Make s3StoreAccessor an S3StoreProfile to avoid field duplication

Test results

End-to-end shio-demo failover and failback completed successfully with caCertificates field omitted from s3StoreProfiles

@hatfieldbrian @ShyamsundarR
kubeobjects: Pass-through CA certificates to Velero
d4648f7 
Signed-off-by: hatfieldbrian <[email protected]>
(cherry picked from commit 5127005)
@openshift-ci
Copy link

openshift-ci bot commented Jul 4, 2023

@ShyamsundarR: This pull request references Bugzilla bug 2218316, which is invalid:

  • expected the bug to target the "ODF 4.13.1" release, but it targets "---" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

Bug 2218316: Pass-through CA certificates to Velero

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@kseegerrh
Copy link

/bugzilla refresh

@openshift-ci
Copy link

openshift-ci bot commented Jul 6, 2023

@kseegerrh: This pull request references Bugzilla bug 2218316, which is valid.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target release (ODF 4.13.1) matches configured target release for branch (ODF 4.13.1)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @keesturam

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci
Copy link

openshift-ci bot commented Jul 6, 2023

@openshift-ci[bot]: GitHub didn't allow me to request PR reviews from the following users: keesturam.

Note that only red-hat-storage members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

@kseegerrh: This pull request references Bugzilla bug 2218316, which is valid.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target release (ODF 4.13.1) matches configured target release for branch (ODF 4.13.1)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @keesturam

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@kseegerrh
Copy link

/bugzilla-refresh

@rakeshgm
Copy link
Member

rakeshgm commented Jul 6, 2023

/bugzilla refresh

@openshift-ci
Copy link

openshift-ci bot commented Jul 6, 2023

@rakeshgm: This pull request references Bugzilla bug 2218316, which is valid.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target release (ODF 4.13.1) matches configured target release for branch (ODF 4.13.1)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @keesturam

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci
Copy link

openshift-ci bot commented Jul 6, 2023

@openshift-ci[bot]: GitHub didn't allow me to request PR reviews from the following users: keesturam.

Note that only red-hat-storage members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

@rakeshgm: This pull request references Bugzilla bug 2218316, which is valid.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target release (ODF 4.13.1) matches configured target release for branch (ODF 4.13.1)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @keesturam

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci openshift-ci bot added the lgtm label Jul 6, 2023
@openshift-ci
Copy link

openshift-ci bot commented Jul 6, 2023

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: raghavendra-talur, ShyamsundarR

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@raghavendra-talur raghavendra-talur merged commit 68de3ba into red-hat-storage:release-4.13 Jul 6, 2023
7 of 8 checks passed
@openshift-ci
Copy link

openshift-ci bot commented Jul 6, 2023

@ShyamsundarR: All pull requests linked via external trackers have merged:

Bugzilla bug 2218316 has been moved to the MODIFIED state.

In response to this:

Bug 2218316: Pass-through CA certificates to Velero

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@ShyamsundarR ShyamsundarR deleted the bz2218316 branch July 10, 2023 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@raghavendra-talur raghavendra-talur raghavendra-talur approved these changes

@BenamarMk BenamarMk Awaiting requested review from BenamarMk

Assignees

@raghavendra-talur raghavendra-talur

Labels
bugzilla/severity-high bugzilla/valid-bug lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@ShyamsundarR @kseegerrh @rakeshgm @raghavendra-talur @hatfieldbrian