Add GVK in additional resource backup (#380)

This patch adds GVK into the bootstrap secret resources during backup, so that they can be recreated successfully during the restore. It appears that the Decoder used for getting K8s core resources clears the GVK info (see kubernetes/kubernetes#80609 for more details). - CloudInit with inlined secret data ``` $ govc vm.info -e "test-ubuntu-impish-inlined-cloud-config" | grep "vmservice.virtualmachine.additional.resources.yaml" | awk '{print $2}' | base64 -d | gunzip apiVersion: v1 kind: Secret ... ``` - Sysprep with inlined secret data ``` $ govc vm.info -e "test-windows-inlined-sysprep" | grep "vmservice.virtualmachine.additional.resources.yaml" | awk '{print $2}' | base64 -d | gunzip apiVersion: v1 kind: Secret ...
vmware-tanzu · Feb 3, 2024 · c605f64 · c605f64
1 parent b7ee931
commit c605f64
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 15 deletions.
diff --git a/pkg/vmprovider/providers/vsphere2/vmprovider_vm_utils.go b/pkg/vmprovider/providers/vsphere2/vmprovider_vm_utils.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2022-2023 VMware, Inc. All Rights Reserved.
+// Copyright (c) 2022-2024 VMware, Inc. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
 package vsphere
@@ -12,7 +12,6 @@ import (
 	"github.com/vmware/govmomi/vim25/types"
 	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	ctrlclient "sigs.k8s.io/controller-runtime/pkg/client"
 
 	vmopv1 "github.com/vmware-tanzu/vm-operator/api/v1alpha2"
@@ -434,6 +433,11 @@ func GetAdditionalResourcesForBackup(
 				if err != nil {
 					return nil, err
 				}
+				// GVK is dropped when getting a core K8s resource from client.
+				// Add it in backup so that the resource can be applied successfully during restore.
+				for i := range out {
+					out[i].GetObjectKind().SetGroupVersionKind(corev1.SchemeGroupVersion.WithKind("Secret"))
+				}
 				objects = append(objects, out...)
 			} else if raw := v.RawCloudConfig; raw != nil {
 				obj, err := getSecretOrConfigMapObject(vmCtx, k8sClient, raw.Name, true)
@@ -448,6 +452,11 @@ func GetAdditionalResourcesForBackup(
 				if err != nil {
 					return nil, err
 				}
+				// GVK is dropped when getting a K8s core resource from client.
+				// Add it in backup so that the resource can be applied successfully during restore.
+				for i := range out {
+					out[i].GetObjectKind().SetGroupVersionKind(corev1.SchemeGroupVersion.WithKind("Secret"))
+				}
 				objects = append(objects, out...)
 			} else if raw := v.RawSysprep; raw != nil {
 				obj, err := getSecretOrConfigMapObject(vmCtx, k8sClient, raw.Name, true)
@@ -505,25 +514,19 @@ func getSecretOrConfigMapObject(
 		// supports Secrets.
 		if configMapFallback && apierrors.IsNotFound(err) {
 			if k8sClient.Get(vmCtx, key, configMap) == nil {
-				// The typeMeta may not be populated when getting the resource from client.
-				// We need to populate it here so that the resource can be serialized in backup.
-				configMap.TypeMeta = metav1.TypeMeta{
-					Kind:       "ConfigMap",
-					APIVersion: "v1",
-				}
+				// GVK is dropped when getting a core K8s resource from client.
+				// Add it in backup so that the resource can be applied successfully during restore.
+				configMap.SetGroupVersionKind(corev1.SchemeGroupVersion.WithKind("ConfigMap"))
 				err = nil
 			}
 		}
 
 		return configMap, err
 	}
 
-	// The typeMeta may not be populated when getting the resource from client.
-	// We need to populate it here so that the resource can be serialized in backup.
-	secret.TypeMeta = metav1.TypeMeta{
-		Kind:       "Secret",
-		APIVersion: "v1",
-	}
+	// GVK is dropped when getting a core K8s resource from client.
+	// Add it in backup so that the resource can be applied successfully during restore.
+	secret.SetGroupVersionKind(corev1.SchemeGroupVersion.WithKind("Secret"))
 
 	return secret, err
 }
diff --git a/pkg/vmprovider/providers/vsphere2/vmprovider_vm_utils_test.go b/pkg/vmprovider/providers/vsphere2/vmprovider_vm_utils_test.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2022-2023 VMware, Inc. All Rights Reserved.
+// Copyright (c) 2022-2024 VMware, Inc. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
 package vsphere_test
@@ -873,6 +873,7 @@ func vmUtilTests() {
 				Expect(err).ToNot(HaveOccurred())
 				Expect(objects).To(HaveLen(1))
 				Expect(objects[0].GetName()).To(Equal("dummy-cloud-config-secret"))
+				Expect(objects[0].GetObjectKind().GroupVersionKind()).To(Equal(corev1.SchemeGroupVersion.WithKind("Secret")))
 			})
 		})
 
@@ -899,6 +900,7 @@ func vmUtilTests() {
 				Expect(err).ToNot(HaveOccurred())
 				Expect(objects).To(HaveLen(1))
 				Expect(objects[0].GetName()).To(Equal("dummy-raw-cloud-secret"))
+				Expect(objects[0].GetObjectKind().GroupVersionKind()).To(Equal(corev1.SchemeGroupVersion.WithKind("Secret")))
 			})
 		})
 
@@ -925,6 +927,7 @@ func vmUtilTests() {
 				Expect(err).ToNot(HaveOccurred())
 				Expect(objects).To(HaveLen(1))
 				Expect(objects[0].GetName()).To(Equal("dummy-raw-cloud-config-map"))
+				Expect(objects[0].GetObjectKind().GroupVersionKind()).To(Equal(corev1.SchemeGroupVersion.WithKind("ConfigMap")))
 			})
 		})
 
@@ -955,6 +958,7 @@ func vmUtilTests() {
 				Expect(err).ToNot(HaveOccurred())
 				Expect(objects).To(HaveLen(1))
 				Expect(objects[0].GetName()).To(Equal("dummy-sysprep-secret"))
+				Expect(objects[0].GetObjectKind().GroupVersionKind()).To(Equal(corev1.SchemeGroupVersion.WithKind("Secret")))
 			})
 		})
 
@@ -981,6 +985,7 @@ func vmUtilTests() {
 				Expect(err).ToNot(HaveOccurred())
 				Expect(objects).To(HaveLen(1))
 				Expect(objects[0].GetName()).To(Equal("dummy-raw-sysprep-secret"))
+				Expect(objects[0].GetObjectKind().GroupVersionKind()).To(Equal(corev1.SchemeGroupVersion.WithKind("Secret")))
 			})
 		})
 
@@ -1007,6 +1012,7 @@ func vmUtilTests() {
 				Expect(err).ToNot(HaveOccurred())
 				Expect(objects).To(HaveLen(1))
 				Expect(objects[0].GetName()).To(Equal("dummy-raw-sysprep-config-map"))
+				Expect(objects[0].GetObjectKind().GroupVersionKind()).To(Equal(corev1.SchemeGroupVersion.WithKind("ConfigMap")))
 			})
 		})
 
@@ -1048,6 +1054,7 @@ func vmUtilTests() {
 				Expect(err).ToNot(HaveOccurred())
 				Expect(objects).To(HaveLen(1))
 				Expect(objects[0].GetName()).To(Equal("dummy-vapp-config-property-secret"))
+				Expect(objects[0].GetObjectKind().GroupVersionKind()).To(Equal(corev1.SchemeGroupVersion.WithKind("Secret")))
 			})
 		})
 
@@ -1072,6 +1079,7 @@ func vmUtilTests() {
 				Expect(err).ToNot(HaveOccurred())
 				Expect(objects).To(HaveLen(1))
 				Expect(objects[0].GetName()).To(Equal("dummy-raw-vapp-config-secret"))
+				Expect(objects[0].GetObjectKind().GroupVersionKind()).To(Equal(corev1.SchemeGroupVersion.WithKind("Secret")))
 			})
 		})
 
@@ -1096,6 +1104,7 @@ func vmUtilTests() {
 				Expect(err).ToNot(HaveOccurred())
 				Expect(objects).To(HaveLen(1))
 				Expect(objects[0].GetName()).To(Equal("dummy-raw-vapp-config-config-map"))
+				Expect(objects[0].GetObjectKind().GroupVersionKind()).To(Equal(corev1.SchemeGroupVersion.WithKind("ConfigMap")))
 			})
 		})
 	})