Fix backups absent permissions

api/v1alpha1/backup_types.go

@@ -22,22 +22,8 @@ import (
 
 // BackupSpec defines the desired state of Backup
 type BackupSpec struct {
-	// +kubebuilder:default="0 */6 * * *"
-
-	// Schedule is a Cron expression defining when to run the Backup.
-	// A shortcut instead of filling the .customSchedule field up.
-	// Default value is to backup every 6 hours.
-	// If both this field and the .customSchedule field
-	// are given, the schedule from the latter will be utilized.
-	Schedule string `json:"schedule"`
-
 	// Oneshot indicates whether the Backup should not be scheduled
 	// and rather created immediately and only once.
-	// If set to true, the .schedule field is ignored.
-	// If set to true and the .customSchedule field is given,
-	// the .spec.template from the latter will be utilized,
-	// the HMC-required options still might override or precede the options
-	// from the field.
 	Oneshot bool `json:"oneshot,omitempty"`
 }
 
@@ -46,8 +32,12 @@ type BackupStatus struct {
 	// Reference to the underlying Velero object being managed.
 	// Might be either Velero Backup or Schedule.
 	Reference *corev1.ObjectReference `json:"reference,omitempty"`
-	// Status of the Velero Schedule if .spec.oneshot is set to false.
+	// Status of the Velero Schedule for the Management scheduled backups.
+	// Always absent for the Backups with the .spec.oneshot set to true.
 	Schedule *velerov1.ScheduleStatus `json:"schedule,omitempty"`
+	// NextAttempt indicates the time when the next scheduled backup will be performed.
+	// Always absent for the Backups with the .spec.oneshot set to true.
+	NextAttempt *metav1.Time `json:"nextAttempt,omitempty"`
 	// Last Velero Backup that has been created.
 	LastBackup *velerov1.BackupStatus `json:"lastBackup,omitempty"`
 }

api/v1alpha1/management_types.go

@@ -57,6 +57,12 @@ type Core struct {
 
 // ManagementBackup enables a feature to backup HMC objects into a cloud.
 type ManagementBackup struct {
+	// +kubebuilder:default="0 */6 * * *"
+
+	// Schedule is a Cron expression defining when to run the scheduled Backup.
+	// Default value is to backup every 6 hours.
+	Schedule string `json:"schedule,omitempty"`
+
 	// +kubebuilder:default=false
 
 	// Flag to indicate whether the backup feature is enabled.

cmd/main.go

@@ -302,13 +302,14 @@ func main() {
 		setupLog.Error(err, "unable to create controller", "controller", "MultiClusterService")
 		os.Exit(1)
 	}
-	if err = (&controller.BackupReconciler{
-		Client: mgr.GetClient(),
-		Scheme: mgr.GetScheme(),
-	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "Backup")
-		os.Exit(1)
-	}
+	// TODO (zerospiel): disabled until the #605
+	// if err = (&controller.BackupReconciler{
+	// 	Client: mgr.GetClient(),
+	// 	Scheme: mgr.GetScheme(),
+	// }).SetupWithManager(mgr); err != nil {
+	// 	setupLog.Error(err, "unable to create controller", "controller", "Backup")
+	// 	os.Exit(1)
+	// }
 	// +kubebuilder:scaffold:builder
 
 	if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {

templates/provider/hmc/templates/crds/hmc.mirantis.com_backups.yaml

@@ -43,23 +43,7 @@ spec:
                 description: |-
                   Oneshot indicates whether the Backup should not be scheduled
                   and rather created immediately and only once.
-                  If set to true, the .schedule field is ignored.
-                  If set to true and the .customSchedule field is given,
-                  the .spec.template from the latter will be utilized,
-                  the HMC-required options still might override or precede the options
-                  from the field.
                 type: boolean
-              schedule:
-                default: 0 */6 * * *
-                description: |-
-                  Schedule is a Cron expression defining when to run the Backup.
-                  A shortcut instead of filling the .customSchedule field up.
-                  Default value is to backup every 6 hours.
-                  If both this field and the .customSchedule field
-                  are given, the schedule from the latter will be utilized.
-                type: string
-            required:
-            - schedule
             type: object
           status:
             description: BackupStatus defines the observed state of Backup
@@ -210,6 +194,12 @@ spec:
                       file in object storage.
                     type: integer
                 type: object
+              nextAttempt:
+                description: |-
+                  NextAttempt indicates the time when the next scheduled backup will be performed.
+                  Always absent for the Backups with the .spec.oneshot set to true.
+                format: date-time
+                type: string
               reference:
                 description: |-
                   Reference to the underlying Velero object being managed.
@@ -256,8 +246,9 @@ spec:
                 type: object
                 x-kubernetes-map-type: atomic
               schedule:
-                description: Status of the Velero Schedule if .spec.oneshot is set
-                  to false.
+                description: |-
+                  Status of the Velero Schedule for the Management scheduled backups.
+                  Always absent for the Backups with the .spec.oneshot set to true.
                 properties:
                   lastBackup:
                     description: |-

templates/provider/hmc/templates/crds/hmc.mirantis.com_managements.yaml

@@ -55,6 +55,12 @@ spec:
 
                       [Velero]: https://velero.io
                     type: boolean
+                  schedule:
+                    default: 0 */6 * * *
+                    description: |-
+                      Schedule is a Cron expression defining when to run the scheduled Backup.
+                      Default value is to backup every 6 hours.
+                    type: string
                 required:
                 - enabled
                 type: object

templates/provider/hmc/templates/rbac/controller/roles.yaml

@@ -215,6 +215,25 @@ rules:
   resources:
   - secrets
   verbs: {{ include "rbac.viewerVerbs" . | nindent 4 }}
+- apiGroups:
+  - hmc.mirantis.com
+  resources:
+  - backups
+  verbs: {{ include "rbac.editorVerbs" . | nindent 4 }}
+- apiGroups:
+  - hmc.mirantis.com
+  resources:
+  - backups/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - hmc.mirantis.com
+  resources:
+  - backups/status
+  verbs:
+  - get
+  - patch
+  - update
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role