From 03ae83690bfccfbae3c591584258959eb6af2e9d Mon Sep 17 00:00:00 2001 From: lgtm <1gtm@users.noreply.github.com> Date: Thu, 1 Feb 2024 08:28:51 -0800 Subject: [PATCH] Prepare for release v0.3.0 (#20) ProductLine: KubeStash Release: v2024.1.31 Release-tracker: https://github.com/kubestash/CHANGELOG/pull/9 Signed-off-by: 1gtm <1gtm@appscode.com> --- go.mod | 2 +- go.sum | 4 ++-- .../apis/addons/v1alpha1/zz_generated.deepcopy.go | 1 + .../apis/config/v1alpha1/zz_generated.deepcopy.go | 1 + .../kubestash.dev/apimachinery/apis/constant.go | 12 ++++++------ .../apis/core/v1alpha1/zz_generated.deepcopy.go | 1 + .../apimachinery/apis/storage/v1alpha1/types.go | 8 ++++++++ .../storage/v1alpha1/zz_generated.deepcopy.go | 1 + .../apimachinery/apis/zz_generated.deepcopy.go | 1 + .../storage.kubestash.com_backupstorages.yaml | 10 ++++++++++ .../apimachinery/pkg/restic/commands.go | 15 +++++++++++++++ .../apimachinery/pkg/restic/config.go | 8 ++++++++ .../apimachinery/pkg/restic/setup.go | 1 + vendor/modules.txt | 2 +- 14 files changed, 57 insertions(+), 10 deletions(-) diff --git a/go.mod b/go.mod index 07347828..ae5878ec 100644 --- a/go.mod +++ b/go.mod @@ -21,7 +21,7 @@ require ( k8s.io/utils v0.0.0-20230726121419-3b25d923346b kmodules.xyz/client-go v0.29.6 kmodules.xyz/offshoot-api v0.29.0 - kubestash.dev/apimachinery v0.4.0-rc.2 + kubestash.dev/apimachinery v0.4.0 sigs.k8s.io/controller-runtime v0.17.0 ) diff --git a/go.sum b/go.sum index 99a1afd4..e166b643 100644 --- a/go.sum +++ b/go.sum @@ -738,8 +738,8 @@ kmodules.xyz/offshoot-api v0.29.0 h1:GHLhxxT9jU1N8+FvOCCeJNyU5g0duYS46UGrs6AHNLY kmodules.xyz/offshoot-api v0.29.0/go.mod h1:5NxhBblXoDHWStx9HCDJR2KFTwYjEZ7i1Id3jelIunw= kmodules.xyz/prober v0.29.0 h1:Ex7m4F9rH7uWNNJlLgP63ROOM+nUATJkC2L5OQ7nwMg= kmodules.xyz/prober v0.29.0/go.mod h1:UtK+HKyI1lFLEKX+HFLyOCVju6TO93zv3kwGpzqmKOo= -kubestash.dev/apimachinery v0.4.0-rc.2 h1:BSThxK1vQ0wp4JtO5HCVLvEqTP0TJuTqmEmeQOyK738= -kubestash.dev/apimachinery v0.4.0-rc.2/go.mod h1:ysktK/jLtv5SnFgyxmBZmSFDZmD03lFwEF/8bG/VoF8= +kubestash.dev/apimachinery v0.4.0 h1:FH4gS7hWwGeY0MdWyMwAZYF43xXj3q/dNlMApiVYPz4= +kubestash.dev/apimachinery v0.4.0/go.mod h1:ysktK/jLtv5SnFgyxmBZmSFDZmD03lFwEF/8bG/VoF8= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= diff --git a/vendor/kubestash.dev/apimachinery/apis/addons/v1alpha1/zz_generated.deepcopy.go b/vendor/kubestash.dev/apimachinery/apis/addons/v1alpha1/zz_generated.deepcopy.go index 9c81f70b..970e34a2 100644 --- a/vendor/kubestash.dev/apimachinery/apis/addons/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/kubestash.dev/apimachinery/apis/addons/v1alpha1/zz_generated.deepcopy.go @@ -1,4 +1,5 @@ //go:build !ignore_autogenerated +// +build !ignore_autogenerated /* Copyright AppsCode Inc. and Contributors diff --git a/vendor/kubestash.dev/apimachinery/apis/config/v1alpha1/zz_generated.deepcopy.go b/vendor/kubestash.dev/apimachinery/apis/config/v1alpha1/zz_generated.deepcopy.go index 3ef4a956..cb7105df 100644 --- a/vendor/kubestash.dev/apimachinery/apis/config/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/kubestash.dev/apimachinery/apis/config/v1alpha1/zz_generated.deepcopy.go @@ -1,4 +1,5 @@ //go:build !ignore_autogenerated +// +build !ignore_autogenerated /* Copyright AppsCode Inc. and Contributors diff --git a/vendor/kubestash.dev/apimachinery/apis/constant.go b/vendor/kubestash.dev/apimachinery/apis/constant.go index dc9f0f6d..4636a98d 100644 --- a/vendor/kubestash.dev/apimachinery/apis/constant.go +++ b/vendor/kubestash.dev/apimachinery/apis/constant.go @@ -97,12 +97,12 @@ const ( // RBAC related const ( - KubeStashBackupJobClusterRole = "kubestash-backup-job" - KubeStashRestoreJobClusterRole = "kubestash-restore-job" - KubeStashCronJobClusterRole = "kubestash-cron-job" - KubeStashBackendJobClusterRole = "kubestash-backend-job" - KubeStashBackendAccessorClusterRole = "kubestash-backend-accessor" - KubeStashPopulatorJobRole = "kubestash-populator-job" + KubeStashBackupJobClusterRole = "kubestash-backup-job" + KubeStashRestoreJobClusterRole = "kubestash-restore-job" + KubeStashCronJobClusterRole = "kubestash-cron-job" + KubeStashBackendJobClusterRole = "kubestash-backend-job" + KubeStashStorageInitializerClusterRole = "kubestash-storage-initializer-job" + KubeStashPopulatorJobClusterRole = "kubestash-populator-job" ) // Reconciliation related diff --git a/vendor/kubestash.dev/apimachinery/apis/core/v1alpha1/zz_generated.deepcopy.go b/vendor/kubestash.dev/apimachinery/apis/core/v1alpha1/zz_generated.deepcopy.go index 0cddc5b0..979cada8 100644 --- a/vendor/kubestash.dev/apimachinery/apis/core/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/kubestash.dev/apimachinery/apis/core/v1alpha1/zz_generated.deepcopy.go @@ -1,4 +1,5 @@ //go:build !ignore_autogenerated +// +build !ignore_autogenerated /* Copyright AppsCode Inc. and Contributors diff --git a/vendor/kubestash.dev/apimachinery/apis/storage/v1alpha1/types.go b/vendor/kubestash.dev/apimachinery/apis/storage/v1alpha1/types.go index 86230705..807ac03d 100644 --- a/vendor/kubestash.dev/apimachinery/apis/storage/v1alpha1/types.go +++ b/vendor/kubestash.dev/apimachinery/apis/storage/v1alpha1/types.go @@ -107,6 +107,14 @@ type S3Spec struct { // SecretName specifies the name of the Secret that contains the access credential for this storage. // +optional SecretName string `json:"secretName,omitempty"` + + // InsecureTLS controls whether a client should skip TLS certificate verification. + // Setting this field to true disables verification, which might be necessary in cases + // where the server uses self-signed certificates or certificates from an untrusted CA. + // Use this option with caution, as it can expose the client to man-in-the-middle attacks + // and other security risks. Only use it when absolutely necessary. + // +optional + InsecureTLS bool `json:"insecureTLS,omitempty"` } type GCSSpec struct { diff --git a/vendor/kubestash.dev/apimachinery/apis/storage/v1alpha1/zz_generated.deepcopy.go b/vendor/kubestash.dev/apimachinery/apis/storage/v1alpha1/zz_generated.deepcopy.go index 117a5ffa..912fb20c 100644 --- a/vendor/kubestash.dev/apimachinery/apis/storage/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/kubestash.dev/apimachinery/apis/storage/v1alpha1/zz_generated.deepcopy.go @@ -1,4 +1,5 @@ //go:build !ignore_autogenerated +// +build !ignore_autogenerated /* Copyright AppsCode Inc. and Contributors diff --git a/vendor/kubestash.dev/apimachinery/apis/zz_generated.deepcopy.go b/vendor/kubestash.dev/apimachinery/apis/zz_generated.deepcopy.go index 40d4e350..6ee74efd 100644 --- a/vendor/kubestash.dev/apimachinery/apis/zz_generated.deepcopy.go +++ b/vendor/kubestash.dev/apimachinery/apis/zz_generated.deepcopy.go @@ -1,4 +1,5 @@ //go:build !ignore_autogenerated +// +build !ignore_autogenerated /* Copyright AppsCode Inc. and Contributors diff --git a/vendor/kubestash.dev/apimachinery/crds/storage.kubestash.com_backupstorages.yaml b/vendor/kubestash.dev/apimachinery/crds/storage.kubestash.com_backupstorages.yaml index f1497225..e35657ff 100644 --- a/vendor/kubestash.dev/apimachinery/crds/storage.kubestash.com_backupstorages.yaml +++ b/vendor/kubestash.dev/apimachinery/crds/storage.kubestash.com_backupstorages.yaml @@ -4488,6 +4488,16 @@ spec: description: Endpoint specifies the URL of the S3 or S3 compatible storage bucket. type: string + insecureTLS: + description: InsecureTLS controls whether a client should + skip TLS certificate verification. Setting this field to + true disables verification, which might be necessary in + cases where the server uses self-signed certificates or + certificates from an untrusted CA. Use this option with + caution, as it can expose the client to man-in-the-middle + attacks and other security risks. Only use it when absolutely + necessary. + type: boolean prefix: description: Prefix specifies a directory inside the bucket/container where the data for this backend will be stored. diff --git a/vendor/kubestash.dev/apimachinery/pkg/restic/commands.go b/vendor/kubestash.dev/apimachinery/pkg/restic/commands.go index def966ec..a9c1a0a2 100644 --- a/vendor/kubestash.dev/apimachinery/pkg/restic/commands.go +++ b/vendor/kubestash.dev/apimachinery/pkg/restic/commands.go @@ -79,6 +79,7 @@ func (w *ResticWrapper) listSnapshots(snapshotIDs []string) ([]Snapshot, error) result := make([]Snapshot, 0) args := w.appendCacheDirFlag([]interface{}{"snapshots", "--json", "--quiet", "--no-lock"}) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) args = w.appendMaxConnectionsFlag(args) for _, id := range snapshotIDs { args = append(args, id) @@ -94,6 +95,7 @@ func (w *ResticWrapper) listSnapshots(snapshotIDs []string) ([]Snapshot, error) func (w *ResticWrapper) tryDeleteSnapshots(snapshotIDs []string) ([]byte, error) { args := w.appendCacheDirFlag([]interface{}{"forget", "--quiet", "--prune"}) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) args = w.appendMaxConnectionsFlag(args) for _, id := range snapshotIDs { args = append(args, id) @@ -118,6 +120,7 @@ func (w *ResticWrapper) repositoryExist() bool { klog.Infoln("Checking whether the backend repository exist or not....") args := w.appendCacheDirFlag([]interface{}{"snapshots", "--json", "--no-lock"}) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) args = w.appendMaxConnectionsFlag(args) if _, err := w.run(Command{Name: ResticCMD, Args: args}); err == nil { return true @@ -133,6 +136,7 @@ func (w *ResticWrapper) initRepository() error { args := w.appendCacheDirFlag([]interface{}{"init"}) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) args = w.appendMaxConnectionsFlag(args) _, err := w.run(Command{Name: ResticCMD, Args: args}) return err @@ -169,6 +173,7 @@ func (w *ResticWrapper) backup(params backupParams) ([]byte, error) { args = w.appendCacheDirFlag(args) args = w.appendCleanupCacheFlag(args) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) args = w.appendMaxConnectionsFlag(args) return w.run(Command{Name: ResticCMD, Args: args}) @@ -192,6 +197,7 @@ func (w *ResticWrapper) backupFromStdin(options BackupOptions) ([]byte, error) { args = w.appendCacheDirFlag(args) args = w.appendCleanupCacheFlag(args) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) args = w.appendMaxConnectionsFlag(args) commands = append(commands, Command{Name: ResticCMD, Args: args}) @@ -237,6 +243,7 @@ func (w *ResticWrapper) restore(params restoreParams) ([]byte, error) { } args = w.appendCacheDirFlag(args) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) args = w.appendMaxConnectionsFlag(args) return w.run(Command{Name: ResticCMD, Args: args}) @@ -268,6 +275,7 @@ func (w *ResticWrapper) DumpOnce(dumpOptions DumpOptions) ([]byte, error) { args = w.appendCacheDirFlag(args) args = w.appendCaCertFlag(args) args = w.appendMaxConnectionsFlag(args) + args = w.appendInsecureTLSFlag(args) // first add restic command, then add StdoutPipeCommands commands := []Command{ @@ -282,6 +290,7 @@ func (w *ResticWrapper) check() ([]byte, error) { args := w.appendCacheDirFlag([]interface{}{"check", "--no-lock"}) args = w.appendCaCertFlag(args) args = w.appendMaxConnectionsFlag(args) + args = w.appendInsecureTLSFlag(args) return w.run(Command{Name: ResticCMD, Args: args}) } @@ -295,6 +304,7 @@ func (w *ResticWrapper) stats(snapshotID string) ([]byte, error) { args = w.appendMaxConnectionsFlag(args) args = append(args, "--quiet", "--json", "--mode", "raw-data", "--no-lock") args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) return w.run(Command{Name: ResticCMD, Args: args}) } @@ -304,6 +314,7 @@ func (w *ResticWrapper) unlock() ([]byte, error) { args := w.appendCacheDirFlag([]interface{}{"unlock", "--remove-all"}) args = w.appendMaxConnectionsFlag(args) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) return w.run(Command{Name: ResticCMD, Args: args}) } @@ -457,6 +468,7 @@ func (w *ResticWrapper) addKey(params keyParams) ([]byte, error) { args = w.appendCacheDirFlag(args) args = w.appendMaxConnectionsFlag(args) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) return w.run(Command{Name: ResticCMD, Args: args}) } @@ -469,6 +481,7 @@ func (w *ResticWrapper) listKey() ([]byte, error) { args = w.appendCacheDirFlag(args) args = w.appendMaxConnectionsFlag(args) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) return w.run(Command{Name: ResticCMD, Args: args}) } @@ -485,6 +498,7 @@ func (w *ResticWrapper) updateKey(params keyParams) ([]byte, error) { args = w.appendCacheDirFlag(args) args = w.appendMaxConnectionsFlag(args) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) return w.run(Command{Name: ResticCMD, Args: args}) } @@ -497,6 +511,7 @@ func (w *ResticWrapper) removeKey(params keyParams) ([]byte, error) { args = w.appendCacheDirFlag(args) args = w.appendMaxConnectionsFlag(args) args = w.appendCaCertFlag(args) + args = w.appendInsecureTLSFlag(args) return w.run(Command{Name: ResticCMD, Args: args}) } diff --git a/vendor/kubestash.dev/apimachinery/pkg/restic/config.go b/vendor/kubestash.dev/apimachinery/pkg/restic/config.go index da02f7e6..6bf9617b 100644 --- a/vendor/kubestash.dev/apimachinery/pkg/restic/config.go +++ b/vendor/kubestash.dev/apimachinery/pkg/restic/config.go @@ -84,6 +84,7 @@ type backend struct { bucket string endpoint string region string + insecureTLS bool path string storageAccount string } @@ -225,3 +226,10 @@ func (w *ResticWrapper) Copy() *ResticWrapper { out.config = w.config return out } + +func (w *ResticWrapper) appendInsecureTLSFlag(args []interface{}) []interface{} { + if w.config.insecureTLS { + return append(args, "--insecure-tls") + } + return args +} diff --git a/vendor/kubestash.dev/apimachinery/pkg/restic/setup.go b/vendor/kubestash.dev/apimachinery/pkg/restic/setup.go index 5ea7fc4a..574284f4 100644 --- a/vendor/kubestash.dev/apimachinery/pkg/restic/setup.go +++ b/vendor/kubestash.dev/apimachinery/pkg/restic/setup.go @@ -377,6 +377,7 @@ func (w *ResticWrapper) setBackupStorageVariables() error { w.config.bucket = s3.Bucket w.config.endpoint = s3.Endpoint w.config.path = s3.Prefix + w.config.insecureTLS = s3.InsecureTLS secret = s3.SecretName } diff --git a/vendor/modules.txt b/vendor/modules.txt index 6cd60745..4164f09f 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -823,7 +823,7 @@ kmodules.xyz/offshoot-api/api/v1 # kmodules.xyz/prober v0.29.0 ## explicit; go 1.21.5 kmodules.xyz/prober/api/v1 -# kubestash.dev/apimachinery v0.4.0-rc.2 +# kubestash.dev/apimachinery v0.4.0 ## explicit; go 1.21.5 kubestash.dev/apimachinery/apis kubestash.dev/apimachinery/apis/addons/v1alpha1