feat: SpaceBackup API

Signed-off-by: Philippe Scorsolini <[email protected]>
upbound · Oct 7, 2024 · 5f26278 · 5f26278
1 parent 775e6eb
commit 5f26278
Show file tree

Hide file tree

Showing 13 changed files with 868 additions and 11 deletions.
diff --git a/apis/admin/doc.go b/apis/admin/doc.go
@@ -0,0 +1,16 @@
+// Copyright 2024 Upbound Inc
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package admin contains admin.spaces.upbound.io API versions.
+package admin
diff --git a/apis/admin/v1alpha1/doc.go b/apis/admin/v1alpha1/doc.go
@@ -0,0 +1,16 @@
+// Copyright 2024 Upbound Inc
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package v1alpha1 contains v1alpha1 admin resources.
+package v1alpha1
diff --git a/apis/admin/v1alpha1/groupversion_info.go b/apis/admin/v1alpha1/groupversion_info.go
@@ -0,0 +1,40 @@
+// Copyright 2023 Upbound Inc
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// +kubebuilder:object:generate=true
+// +groupName=admin.spaces.upbound.io
+// +versionName=v1alpha1
+package v1alpha1
+
+import (
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"sigs.k8s.io/controller-runtime/pkg/scheme"
+)
+
+// Package type metadata.
+const (
+	Group   = "admin.spaces.upbound.io"
+	Version = "v1alpha1"
+)
+
+var (
+	// SchemeGroupVersion is group version used to register these objects
+	SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: Version}
+
+	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
+	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
+
+	// AddToScheme adds the types in this group-version to the given scheme.
+	AddToScheme = SchemeBuilder.AddToScheme
+)
diff --git a/apis/admin/v1alpha1/spacebackup_types.go b/apis/admin/v1alpha1/spacebackup_types.go
@@ -0,0 +1,153 @@
+// Copyright 2024 Upbound Inc
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package v1alpha1
+
+import (
+	"reflect"
+
+	xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
+	"github.com/upbound/up-sdk-go/apis/common"
+	spacesv1alpha1 "github.com/upbound/up-sdk-go/apis/spaces/v1alpha1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// +kubebuilder:object:root=true
+// +kubebuilder:storageversion
+// +kubebuilder:subresource:status
+// +kubebuilder:printcolumn:name="Phase",type="string",JSONPath=".status.phase"
+// +kubebuilder:printcolumn:name="Retries",type="integer",JSONPath=".status.retries"
+// +kubebuilder:printcolumn:name="TTL",type="string",JSONPath=".spec.ttl"
+// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
+// +kubebuilder:resource:scope=Cluster,categories=spaces
+
+// SpaceBackup represents a single backup of a ControlPlane.
+type SpaceBackup struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   SpaceBackupSpec   `json:"spec"`
+	Status SpaceBackupStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// SpaceBackupList contains a list of SpaceBackups.
+type SpaceBackupList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []SpaceBackup `json:"items"`
+}
+
+// SpaceBackupSpec defines a backup over a set of Match.
+type SpaceBackupSpec struct {
+	SpaceBackupDefinition `json:",inline"`
+}
+
+// SpaceBackupDefinition defines all the parameters for a space backup.
+type SpaceBackupDefinition struct {
+	// ConfigRef is a reference to the backup configuration.
+	// ApiGroup is optional and defaults to "spaces.upbound.io".
+	// Kind is required, and the only supported value is "SharedBackupConfig" at
+	// the moment.
+	// Name is required.
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:XValidation:rule="(!has(self.apiGroup) || self.apiGroup == 'admin.spaces.upbound.io') && self.kind == 'SpaceBackupConfig'",message="backup config ref must be a reference to a SpaceBackupConfig"
+	// +kubebuilder:validation:XValidation:rule="size(self.name) > 0",message="backup config ref must have a name"
+	ConfigRef common.TypedLocalObjectReference `json:"configRef"`
+
+	// TTL is the time to live for the backup. After this time, the backup
+	// will be eligible for garbage collection. If not set, the backup will
+	// not be garbage collected.
+	// +optional
+	TTL *metav1.Duration `json:"ttl,omitempty"`
+
+	// DeletionPolicy is the policy for the backup.
+	// +kube:validation:Enum=Orphan;Delete
+	// +kubebuilder:default=Orphan
+	DeletionPolicy xpv1.DeletionPolicy `json:"deletionPolicy,omitempty"`
+
+	// Match is the selector for resources that should be included in the backup.
+	Match SpaceBackupResourceSelector `json:"match,omitempty"`
+
+	// Exclude is the selector for resources that should be excluded from the backup.
+	// If both Match and Exclude are specified, the Exclude selector will be applied
+	// after the Match selector.
+	Exclude SpaceBackupResourceSelector `json:"exclude,omitempty"`
+
+	// ControlPlaneBackups is the definition of the control plane backups,
+	// +kubebuilder:validation:XValidation:rule="(!has(self.excludedResources) && !has(oldSelf.excludedResources)) || self.excludedResources == oldSelf.excludedResources",message="backup excluded resources can not be changed after creation"
+	ControlPlaneBackups spacesv1alpha1.ControlPlaneBackupConfig `json:"controlPlaneBackups,omitempty"`
+}
+
+// SpaceBackupResourceSelector represents a selector for Groups and ControlPlanes.
+// An object is going to be matched if any of the provided group selectors
+// matches object's group AND any of provided control plane selectors
+// matches.
+type SpaceBackupResourceSelector struct {
+	// Groups specifies the groups selected.
+	// A group is matched if any of the group selectors matches, if not specified
+	// any group is matched. Group selector is ANDed with all other selectors, so no resource in
+	// a group not matching the group selector will be included in the backup.
+	// +optional
+	Groups *spacesv1alpha1.ResourceSelector `json:"groups,omitempty"`
+
+	// ControlPlanes specifies the control planes selected.
+	// A control plane is matched if any of the control plane selectors matches, if not specified
+	// any control plane in the selected groups is matched.
+	// +optional
+	ControlPlanes *spacesv1alpha1.ResourceSelector `json:"controlPlanes,omitempty"`
+
+	// Spaces specifies the spaces selected.
+	// +optional
+	Secrets *spacesv1alpha1.ResourceSelector `json:"secrets,omitempty"`
+
+	// Extras specifies the extra resources selected.
+	// +optional
+	Extras []GenericSpaceBackupResourceSelector `json:"extras,omitempty"`
+}
+
+// GenericSpaceBackupResourceSelector represents a generic resource selector.
+type GenericSpaceBackupResourceSelector struct {
+	// APIVersion is the API version of the resource.
+	APIVersion string `json:"apiVersion,omitempty"`
+	// Kind is the kind of the resource.
+	Kind string `json:"kind,omitempty"`
+	// Namespaces is the namespaces of the resource.
+	spacesv1alpha1.ResourceSelector `json:",inline"`
+}
+
+// SpaceBackupStatus represents the observed state of a Backup.
+type SpaceBackupStatus struct {
+	xpv1.ResourceStatus `json:",inline"`
+
+	// Phase is the current phase of the backup.
+	// +kubebuilder:validation:Enum=Pending;InProgress;Failed;Completed;Deleted
+	// +kubebuilder:default=Pending
+	Phase spacesv1alpha1.BackupPhase `json:"phase,omitempty"`
+
+	// Retries is the number of times the backup has been retried.
+	Retries int32 `json:"retries,omitempty"`
+}
+
+var (
+	// SpaceBackupKind is the kind of a SpaceBackup.
+	SpaceBackupKind = reflect.TypeOf(SpaceBackup{}).Name()
+	// SpaceBackupListKind is the kind of a SpaceBackupList.
+	SpaceBackupListKind = reflect.TypeOf(SpaceBackupList{}).Name()
+)
+
+func init() {
+	SchemeBuilder.Register(&SpaceBackup{}, &SpaceBackupList{})
+}
diff --git a/apis/admin/v1alpha1/spacebackupconfig_types.go b/apis/admin/v1alpha1/spacebackupconfig_types.go
@@ -0,0 +1,90 @@
+// Copyright 2024 Upbound Inc
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package v1alpha1
+
+import (
+	"reflect"
+
+	xpv1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
+	spacesv1alpha1 "github.com/upbound/up-sdk-go/apis/spaces/v1alpha1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// +kubebuilder:object:root=true
+// +kubebuilder:storageversion
+// +kubebuilder:subresource:status
+// +kubebuilder:printcolumn:name="Provider",type="string",JSONPath=".spec.objectStorage.provider"
+// +kubebuilder:printcolumn:name="Bucket",type="string",JSONPath=".spec.objectStorage.bucket"
+// +kubebuilder:printcolumn:name="Auth",type="string",JSONPath=".spec.objectStorage.credentials.source"
+// +kubebuilder:printcolumn:name="Secret",type=string,JSONPath=`.metadata.annotations.spacebackupconfig\.admin\.internal\.spaces\.upbound\.io/secret`
+// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
+// +kubebuilder:resource:scope=Cluster,categories=spaces
+
+// SpaceBackupConfig defines the configuration to backup a Space.
+type SpaceBackupConfig struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec SpaceBackupConfigSpec `json:"spec"`
+}
+
+// +kubebuilder:object:root=true
+
+// SpaceBackupConfigList contains a list of SpaceBackupConfig.
+type SpaceBackupConfigList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []SpaceBackupConfig `json:"items"`
+}
+
+// A SpaceBackupConfigSpec represents the configuration to backup or restore
+// a Space.
+type SpaceBackupConfigSpec struct {
+	// ObjectStorage specifies the object storage configuration for the given provider.
+	// +kubebuilder:validation:Required
+	ObjectStorage SpaceBackupObjectStorage `json:"objectStorage"`
+}
+
+// SpaceBackupObjectStorage specifies the object storage configuration for the given provider.
+type SpaceBackupObjectStorage struct {
+	spacesv1alpha1.BackupObjectStorage `json:",inline"`
+
+	// Credentials specifies the credentials to access the object storage.
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:XValidation:rule="self.source != 'Secret' || (has(self.secretRef) && has(self.secretRef.name) && has(self.secretRef.namespace))",message="secretRef.name and namespace must be set when source is Secret"
+	// +kubebuilder:validation:XValidation:rule="self.source != 'Environment' || (has(self.environment) && has(self.environment.name))",message="environment.name must be set when source is Environment"
+	Credentials SpaceBackupCredentials `json:"credentials"`
+}
+
+// SpaceBackupCredentials specifies the credentials to access the object storage.
+type SpaceBackupCredentials struct {
+	// Source of the credentials.
+	// Source "Secret" requires "get" permissions on the referenced Secret.
+	// +kubebuilder:validation:Enum=Secret;InjectedIdentity;Environment
+	Source xpv1.CredentialsSource `json:"source"`
+
+	// CommonCredentialSelectors provides common selectors for extracting
+	// credentials.
+	xpv1.CommonCredentialSelectors `json:",inline"`
+}
+
+var (
+	// SpaceBackupConfigKind is the kind of a SpaceBackupConfig.
+	SpaceBackupConfigKind = reflect.TypeOf(SpaceBackupConfig{}).Name()
+)
+
+func init() {
+	SchemeBuilder.Register(&SpaceBackupConfig{}, &SpaceBackupConfigList{})
+}