Skip to content

OADP-6765: docs: add CA Certificate Bundle documentation for ImageStream backups #1974

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Oct 2, 2025
Merged

OADP-6765: docs: add CA Certificate Bundle documentation for ImageStream backups #1974

merged 8 commits into from
Oct 2, 2025

Conversation

@kaovilai
Copy link
Member

Signed-off-by: Tiger Kaovilai [email protected]

Why the changes were made

How to test the changes made

@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Sep 30, 2025
@openshift-ci
Copy link

openshift-ci bot commented Sep 30, 2025

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 30, 2025
kaovilai
kaovilai commented Sep 30, 2025
View reviewed changes
docs/config/ca-certificate-bundle-for-imagestream-backups.md
- ❌ Toggling `backupImages` setting
- ❌ Adding/removing DPA `spec.backupLocations` unnecessarily

**Future improvement**: OADP may implement a watch on all BSLs in the namespace (not just owned ones) to automatically detect Non-DPA BSL changes, eliminating the need for manual triggering. Currently, `Owns(&velerov1.BackupStorageLocation{})` only watches OADP-created BSLs.
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is an enhancement that we can do now as immediate follow up if necessary.. or later follow up.

@kaovilai kaovilai marked this pull request as ready for review September 30, 2025 21:09
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Sep 30, 2025
@kaovilai kaovilai changed the title docs: add CA Certificate Bundle documentation for ImageStream backups OADP-6765: docs: add CA Certificate Bundle documentation for ImageStream backups Sep 30, 2025
@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Sep 30, 2025
@openshift-ci-robot
Copy link

openshift-ci-robot commented Sep 30, 2025
edited by openshift-ci bot
Loading

@kaovilai: This pull request references OADP-6765 which is a valid jira issue.

In response to this:

Signed-off-by: Tiger Kaovilai [email protected]

Why the changes were made

How to test the changes made

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

weshayutin
weshayutin previously approved these changes Oct 1, 2025
View reviewed changes
Copy link
Contributor

@weshayutin weshayutin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve /LGTM

@kaovilai
docs: enhance clarity and formatting in CA Certificate Bundle documen…
6668eca 
…tation for ImageStream backups

Signed-off-by: Tiger Kaovilai <[email protected]>
@kaovilai
docs: add detailed component relationship and flow for ImageStream ba…
7d3e245 
…ckups

Signed-off-by: Tiger Kaovilai <[email protected]>
@kaovilai
docs: clarify the distinction between Velero BSL spec and S3 driver p…
155c4a3 
…arameters for CA certificate handling

Signed-off-by: Tiger Kaovilai <[email protected]>
@kaovilai
docs: clarify distinction between Velero BSL spec and S3 driver param…
f20c229 
…eters for CA certificate handling

Signed-off-by: Tiger Kaovilai <[email protected]>
@shubham-pampattiwar
Copy link
Member

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Oct 1, 2025
weshayutin
weshayutin requested changes Oct 1, 2025
View reviewed changes
Copy link
Contributor

@weshayutin weshayutin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to see some doc referencing the need for

backupstoragelocations.velero.io minio app.kubernetes.io/component=bsl

@kaovilai
Copy link
Member Author

kaovilai commented Oct 1, 2025

Waiting for clarification https://redhat.enterprise.slack.com/archives/C039LRSDC8Z/p1759341965347129?thread_ts=1759339122.801729&cid=C039LRSDC8Z

@kaovilai
Copy link
Member Author

kaovilai commented Oct 1, 2025

Will update with current label behavior leaving room for enhancements

@kaovilai
docs: enhance documentation on external BSLs for ImageStream backups …
cb3383b 
…and CA certificate collection process

Signed-off-by: Tiger Kaovilai <[email protected]>
@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Oct 2, 2025
mpryc
mpryc reviewed Oct 2, 2025
View reviewed changes
docs/config/ca-certificate-bundle-for-imagestream-backups.md

From `tests/e2e/backup_restore_suite_test.go`:

**When `backupImages=true`** (line 638-649):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this reference outdated? The tests/e2e/backup_restore_suite_test.go has 469 lines of code...

Also avoid using lines here when referencing file that is not permanent link.

oadp-operator/tests/e2e/backup_restore_suite_test.go

Line 469 in ab5b96f

})

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will follow up

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#1977

mpryc
mpryc approved these changes Oct 2, 2025
View reviewed changes
Copy link
Contributor

@mpryc mpryc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

One nit in the code pointing to a file from different branch? but it's ok as is - very clear and informative.

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Oct 2, 2025
@openshift-ci-robot
Copy link

/retest-required

Remaining retests: 0 against base HEAD ab5b96f and 2 for PR HEAD cb3383b in total

@openshift-ci
Copy link

openshift-ci bot commented Oct 2, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kaovilai, mpryc, shubham-pampattiwar, weshayutin

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [kaovilai,mpryc,shubham-pampattiwar]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@kaovilai
Copy link
Member Author

kaovilai commented Oct 2, 2025

/override ci/prow/4.19-images ci/prow/4.20-ci-index ci/prow/4.20-images ci/prow/images ci/prow/unit-test

@openshift-ci
Copy link

openshift-ci bot commented Oct 2, 2025

@kaovilai: Overrode contexts on behalf of kaovilai: ci/prow/4.19-images, ci/prow/4.20-ci-index, ci/prow/4.20-images, ci/prow/images, ci/prow/unit-test

In response to this:

/override ci/prow/4.19-images ci/prow/4.20-ci-index ci/prow/4.20-images ci/prow/images ci/prow/unit-test

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-ci
Copy link

openshift-ci bot commented Oct 2, 2025

@kaovilai: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@openshift-merge-bot openshift-merge-bot bot merged commit 3d65157 into openshift:oadp-dev Oct 2, 2025
7 checks passed
@kaovilai kaovilai mentioned this pull request Oct 2, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@weshayutin weshayutin weshayutin approved these changes

@mpryc mpryc mpryc approved these changes

@shubham-pampattiwar shubham-pampattiwar shubham-pampattiwar approved these changes

@sseago sseago Awaiting requested review from sseago

Assignees

@mpryc mpryc

@shubham-pampattiwar shubham-pampattiwar

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@kaovilai @openshift-ci-robot @shubham-pampattiwar @weshayutin @mpryc