feat: Add Non Admin Restore controller

Makefile

@@ -48,6 +48,7 @@ help: ## Display this help.
 .PHONY: manifests
 manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
 	$(CONTROLLER_GEN) rbac:roleName=non-admin-controller-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases
+	sed -i 's/Velero backup/NonAdminBackup/' ./config/crd/bases/nac.oadp.openshift.io_nonadminrestores.yaml
 
 .PHONY: generate
 generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.

PROJECT

@@ -17,4 +17,13 @@ resources:
   kind: NonAdminBackup
   path: github.com/migtools/oadp-non-admin/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: oadp.openshift.io
+  group: nac
+  kind: NonAdminRestore
+  path: github.com/migtools/oadp-non-admin/api/v1alpha1
+  version: v1alpha1
 version: "3"

README.md

@@ -38,6 +38,8 @@ To use NAC functionality:
         ```
 
         Check the application was successful deployed by accessing its route.
+
+        Create and update items in application UI, to later check if application was successfully restored.
     - create NonAdminBackup
 
         For example, use one of the sample NonAdminBackup available in `hack/samples/backups/` folder, by running
@@ -47,7 +49,28 @@ To use NAC functionality:
             | oc create -f -
         ```
         <!-- TODO how to track status -->
-    - TODO NonAdminRestore
+    - delete sample application
+
+        For example, delete one of the sample applications available in `hack/samples/apps/` folder, by running
+        ```sh
+        oc process -f ./hack/samples/apps/<name> \
+            -p NAMESPACE=<non-admin-user-namespace> \
+            | oc delete -f -
+        ```
+
+        Check that application was successful deleted by accessing its route.
+    - create NonAdminRestore
+
+        For example, use one of the sample NonAdminRestore available in `hack/samples/restores/` folder, by running
+        ```sh
+        oc process -f ./hack/samples/restores/<type> \
+            -p NAMESPACE=<non-admin-user-namespace> \
+            -p NAME=<NonAdminBackup-name> \
+            | oc create -f -
+        ```
+        <!-- TODO how to track status -->
+
+        After NonAdminRestore completes, check if the application was successful restored by accessing its route and seeing its items in application UI.
 
 ## Contributing
 

api/v1alpha1/nonadminbackup_types.go

@@ -21,17 +21,17 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
-// NonAdminBackupPhase is a simple one high-level summary of the lifecycle of an NonAdminBackup.
+// NonAdminPhase is a simple one high-level summary of the lifecycle of a non admin object.
 // +kubebuilder:validation:Enum=New;BackingOff;Created
-type NonAdminBackupPhase string
+type NonAdminPhase string
 
 const (
-	// NonAdminBackupPhaseNew - NonAdminBackup resource was accepted by the OpenShift cluster, but it has not yet been processed by the NonAdminController
-	NonAdminBackupPhaseNew NonAdminBackupPhase = "New"
-	// NonAdminBackupPhaseBackingOff - Velero Backup object was not created due to NonAdminBackup error (configuration or similar)
-	NonAdminBackupPhaseBackingOff NonAdminBackupPhase = "BackingOff"
-	// NonAdminBackupPhaseCreated - Velero Backup was created. The Phase will not have additional informations about the Backup.
-	NonAdminBackupPhaseCreated NonAdminBackupPhase = "Created"
+	// NonAdminPhaseNew - non admin resource was accepted by the OpenShift cluster, but it has not yet been processed by the NonAdminController
+	NonAdminPhaseNew NonAdminPhase = "New"
+	// NonAdminPhaseBackingOff - Velero object was not created due to error in non admin object (configuration or similar)
+	NonAdminPhaseBackingOff NonAdminPhase = "BackingOff"
+	// NonAdminPhaseCreated - Velero object was created. The Phase will not have additional information about the Velero object.
+	NonAdminPhaseCreated NonAdminPhase = "Created"
 )
 
 // NonAdminBackupSpec defines the desired state of NonAdminBackup
@@ -60,8 +60,8 @@ type NonAdminBackupStatus struct {
 	// +optional
 	VeleroBackupStatus *velerov1api.BackupStatus `json:"veleroBackupStatus,omitempty"`
 
-	Phase      NonAdminBackupPhase `json:"phase,omitempty"`
-	Conditions []metav1.Condition  `json:"conditions,omitempty"`
+	Phase      NonAdminPhase      `json:"phase,omitempty"`
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
 }
 
 // +kubebuilder:object:root=true

api/v1alpha1/nonadminrestore_types.go

@@ -0,0 +1,75 @@
+/*
+Copyright 2024.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	velerov1api "github.com/vmware-tanzu/velero/pkg/apis/velero/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// NonAdminRestoreSpec defines the desired state of NonAdminRestore
+type NonAdminRestoreSpec struct {
+	// Specification for a Velero restore.
+	RestoreSpec *velerov1api.RestoreSpec `json:"restoreSpec"`
+	// TODO need to investigate restoreSpec.namespaceMapping, depends on how NAC tracks the namespace access per user
+
+	// TODO NonAdminRestore log level, by default TODO.
+	// +optional
+	// +kubebuilder:validation:Enum=trace;debug;info;warning;error;fatal;panic
+	LogLevel string `json:"logLevel,omitempty"`
+	// TODO ALSO ADD TEST FOR DIFFERENT LOG LEVELS
+}
+
+// NonAdminRestoreStatus defines the observed state of NonAdminRestore
+type NonAdminRestoreStatus struct {
+	// Related Velero Restore name.
+	// +optional
+	VeleroRestoreName string `json:"veleroRestoreName,omitempty"`
+
+	// Related Velero Restore status.
+	// +optional
+	VeleroRestoreStatus *velerov1api.RestoreStatus `json:"veleroRestoreStatus,omitempty"`
+
+	Phase      NonAdminPhase      `json:"phase,omitempty"`
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+// +kubebuilder:resource:path=nonadminrestores,shortName=nar
+
+// NonAdminRestore is the Schema for the nonadminrestores API
+type NonAdminRestore struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   NonAdminRestoreSpec   `json:"spec,omitempty"`
+	Status NonAdminRestoreStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// NonAdminRestoreList contains a list of NonAdminRestore
+type NonAdminRestoreList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []NonAdminRestore `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&NonAdminRestore{}, &NonAdminRestoreList{})
+}

cmd/main.go

@@ -98,7 +98,8 @@ func main() {
 		TLSOpts: tlsOpts,
 	})
 
-	if len(constant.OadpNamespace) == 0 {
+	// TODO create get function in common :question:
+	if len(os.Getenv(constant.NamespaceEnvVar)) == 0 {
 		setupLog.Error(fmt.Errorf("%v environment variable is empty", constant.NamespaceEnvVar), "environment variable must be set")
 		os.Exit(1)
 	}
@@ -138,6 +139,13 @@ func main() {
 		setupLog.Error(err, "unable to create controller", "controller", "NonAdminBackup")
 		os.Exit(1)
 	}
+	if err = (&controller.NonAdminRestoreReconciler{
+		Client: mgr.GetClient(),
+		Scheme: mgr.GetScheme(),
+	}).SetupWithManager(mgr); err != nil {
+		setupLog.Error(err, "unable to create controller", "controller", "NonAdminRestore")
+		os.Exit(1)
+	}
 	// +kubebuilder:scaffold:builder
 
 	if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {

config/crd/bases/nac.oadp.openshift.io_nonadminbackups.yaml

@@ -591,8 +591,8 @@ spec:
                   type: object
                 type: array
               phase:
-                description: NonAdminBackupPhase is a simple one high-level summary
-                  of the lifecycle of an NonAdminBackup.
+                description: NonAdminPhase is a simple one high-level summary of the
+                  lifecycle of a non admin object.
                 enum:
                 - New
                 - BackingOff