Add snapshot sync controller

Makefile

@@ -239,7 +239,7 @@ generate-manifests-api: controller-gen ## Generate ClusterRole and CustomResourc
 
 .PHONY: generate-exp-etcdrestore-manifests-api
 generate-exp-etcdrestore-manifests-api: controller-gen ## Generate ClusterRole and CustomResourceDefinition objects for experimental API.
-	$(CONTROLLER_GEN) rbac:roleName=manager-role crd paths="./exp/etcdrestore/api/..." \
+	$(CONTROLLER_GEN) rbac:roleName=manager-role crd paths="./exp/etcdrestore/api/v1alpha1/..." \
 			paths=./exp/etcdrestore/controllers/... \
 			paths=./exp/etcdrestore/webhooks/... \
 			output:crd:artifacts:config=./exp/etcdrestore/config/crd/bases \

PROJECT

@@ -35,4 +35,13 @@ resources:
   kind: EtcdSnapshotRestore
   path: github.com/rancher/turtles/exp/etcdrestore/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: cattle.io
+  group: turtles-capi
+  kind: RKE2EtcdMachineSnapshotConfig
+  path: github.com/rancher/turtles/exp/etcdrestore/api/v1alpha1
+  version: v1alpha1
 version: "3"

api/rancher/k3s/v1/etcdsnapshotfile.go

@@ -36,6 +36,17 @@ type ETCDSnapshotSpec struct {
 	NodeName     string            `json:"nodeName"`
 	Location     string            `json:"location"`
 	Metadata     map[string]string `json:"metadata,omitempty"`
+	S3           *ETCDSnapshotS3   `json:"s3,omitempty"`
+}
+
+// ETCDSnapshotS3 is the struct representing a k3s ETCDSnapshotFile S3.
+type ETCDSnapshotS3 struct {
+	Endpoint      string `json:"endpoint,omitempty"`
+	EndpointCA    string `json:"endpointCA,omitempty"`
+	SkipSSLVerify bool   `json:"skipSSLVerify,omitempty"`
+	Bucket        string `json:"bucket,omitempty"`
+	Region        string `json:"region,omitempty"`
+	Insecure      bool   `json:"insecure,omitempty"`
 }
 
 // ETCDSnapshotStatus is the status of the k3s ETCDSnapshotFile.

charts/rancher-turtles/templates/rancher-turtles-exp-etcdrestore-components.yaml

@@ -47,71 +47,26 @@ spec:
                 type: string
               configRef:
                 description: |-
-                  ObjectReference contains enough information to let you inspect or modify the referred object.
-                  ---
-                  New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.
-                   1. Ignored fields.  It includes many fields which are not generally honored.  For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.
-                   2. Invalid usage help.  It is impossible to add specific help for individual usage.  In most embedded usages, there are particular
-                      restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted".
-                      Those cannot be well described when embedded.
-                   3. Inconsistent validation.  Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.
-                   4. The fields are both imprecise and overly precise.  Kind is not a precise mapping to a URL. This can produce ambiguity
-                      during interpretation and require a REST mapping.  In most cases, the dependency is on the group,resource tuple
-                      and the version of the actual struct is irrelevant.
-                   5. We cannot easily change it.  Because this type is embedded in many locations, updates to this type
-                      will affect numerous schemas.  Don't make new APIs embed an underspecified API type they do not control.
-
-
-                  Instead of using this type, create a locally provided and used type that is well-focused on your reference.
-                  For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 .
+                  LocalObjectReference contains enough information to let you locate the
+                  referenced object inside the same namespace.
                 properties:
-                  apiVersion:
-                    description: API version of the referent.
-                    type: string
-                  fieldPath:
-                    description: |-
-                      If referring to a piece of an object instead of an entire object, this string
-                      should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
-                      For example, if the object reference is to a container within a pod, this would take on a value like:
-                      "spec.containers{name}" (where "name" refers to the name of the container that triggered
-                      the event) or if no container name is specified "spec.containers[2]" (container with
-                      index 2 in this pod). This syntax is chosen only to have some well-defined way of
-                      referencing a part of an object.
-                      TODO: this design is not final and this field is subject to change in the future.
-                    type: string
-                  kind:
-                    description: |-
-                      Kind of the referent.
-                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
-                    type: string
                   name:
                     description: |-
                       Name of the referent.
                       More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
-                    type: string
-                  namespace:
-                    description: |-
-                      Namespace of the referent.
-                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
-                    type: string
-                  resourceVersion:
-                    description: |-
-                      Specific resourceVersion to which this reference is made, if any.
-                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
-                    type: string
-                  uid:
-                    description: |-
-                      UID of the referent.
-                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+                      TODO: Add other useful fields. apiVersion, kind, uid?
                     type: string
                 type: object
                 x-kubernetes-map-type: atomic
               machineName:
                 type: string
+              manual:
+                type: boolean
             required:
             - clusterName
             - configRef
             - machineName
+            - manual
             type: object
           status:
             default: {}
@@ -352,6 +307,111 @@ spec:
     subresources:
       status: {}
 ---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: rancher-turtles-system/rancher-turtles-etcdsnapshotrestore-serving-cert
+    controller-gen.kubebuilder.io/version: v0.14.0
+  labels:
+    turtles-capi.cattle.io: etcd-restore
+  name: rke2etcdmachinesnapshotconfigs.turtles-capi.cattle.io
+spec:
+  group: turtles-capi.cattle.io
+  names:
+    kind: RKE2EtcdMachineSnapshotConfig
+    listKind: RKE2EtcdMachineSnapshotConfigList
+    plural: rke2etcdmachinesnapshotconfigs
+    singular: rke2etcdmachinesnapshotconfig
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: RKE2EtcdMachineSnapshotConfig is the config for the RKE2EtcdMachineSnapshotConfig
+          API
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: RKE2EtcdMachineSnapshotConfigSpec defines the desired state
+              of RKE2EtcdMachineSnapshotConfig
+            properties:
+              local:
+                properties:
+                  dataDir:
+                    type: string
+                required:
+                - dataDir
+                type: object
+              s3:
+                properties:
+                  bucket:
+                    type: string
+                  endpoint:
+                    type: string
+                  endpointCAsecret:
+                    description: |-
+                      LocalObjectReference contains enough information to let you locate the
+                      referenced object inside the same namespace.
+                    properties:
+                      name:
+                        description: |-
+                          Name of the referent.
+                          More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          TODO: Add other useful fields. apiVersion, kind, uid?
+                        type: string
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  folder:
+                    type: string
+                  insecure:
+                    type: boolean
+                  location:
+                    type: string
+                  region:
+                    type: string
+                  s3CredentialSecret:
+                    description: |-
+                      LocalObjectReference contains enough information to let you locate the
+                      referenced object inside the same namespace.
+                    properties:
+                      name:
+                        description: |-
+                          Name of the referent.
+                          More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                          TODO: Add other useful fields. apiVersion, kind, uid?
+                        type: string
+                    type: object
+                    x-kubernetes-map-type: atomic
+                  skipSSLVerify:
+                    type: boolean
+                type: object
+            required:
+            - local
+            - s3
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -563,6 +623,32 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - turtles-capi.cattle.io
+  resources:
+  - rke2etcdmachinesnapshotconfigs
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - turtles-capi.cattle.io
+  resources:
+  - rke2etcdmachinesnapshotconfigs/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - turtles-capi.cattle.io
+  resources:
+  - rke2etcdmachinesnapshotconfigs/status
+  verbs:
+  - get
+  - patch
+  - update
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding

exp/etcdrestore/api/v1alpha1/etcdmachinesnapshot_types.go

@@ -42,9 +42,10 @@ const (
 
 // EtcdMachineSnapshotSpec defines the desired state of EtcdMachineSnapshot
 type EtcdMachineSnapshotSpec struct {
-	ClusterName string                 `json:"clusterName"`
-	MachineName string                 `json:"machineName"`
-	ConfigRef   corev1.ObjectReference `json:"configRef"`
+	ClusterName string                      `json:"clusterName"`
+	MachineName string                      `json:"machineName"`
+	ConfigRef   corev1.LocalObjectReference `json:"configRef"`
+	Manual      bool                        `json:"manual"`
 }
 
 // EtcdSnapshotRestoreStatus defines observed state of EtcdSnapshotRestore

exp/etcdrestore/api/v1alpha1/etcdmachinesnapshotconfig_types.go

@@ -23,23 +23,24 @@ import (
 
 // RKE2EtcdMachineSnapshotConfigSpec defines the desired state of RKE2EtcdMachineSnapshotConfig
 type RKE2EtcdMachineSnapshotConfigSpec struct {
-	Manual bool        `json:"manual"`
-	S3     S3Config    `json:"s3"`
-	Local  LocalConfig `json:"local"`
+	S3    S3Config    `json:"s3"`
+	Local LocalConfig `json:"local"`
 }
 
 type LocalConfig struct {
 	DataDir string `json:"dataDir"`
 }
 
 type S3Config struct {
-	Endpoint           string                  `json:"endpoint"`
-	EndpointCASecret   *corev1.ObjectReference `json:"endpointCAsecret,omitempty"`
-	EnforceSSLVerify   bool                    `json:"enforceSslVerify,omitempty"`
-	S3CredentialSecret corev1.ObjectReference  `json:"s3CredentialSecret"`
-	Bucket             string                  `json:"bucket,omitempty"`
-	Region             string                  `json:"region,omitempty"`
-	Folder             string                  `json:"folder,omitempty"`
+	Endpoint           string                       `json:"endpoint,omitempty"`
+	EndpointCASecret   *corev1.LocalObjectReference `json:"endpointCAsecret,omitempty"`
+	SkipSSLVerify      bool                         `json:"skipSSLVerify,omitempty"`
+	S3CredentialSecret *corev1.LocalObjectReference `json:"s3CredentialSecret,omitempty"`
+	Bucket             string                       `json:"bucket,omitempty"`
+	Region             string                       `json:"region,omitempty"`
+	Folder             string                       `json:"folder,omitempty"`
+	Insecure           bool                         `json:"insecure,omitempty"`
+	Location           string                       `json:"location,omitempty"`
 }
 
 // RKE2EtcdMachineSnapshotConfig is the schema for the snapshot config.