dell · atye · Sep 21, 2022 · Nov 17, 2022 · Dec 13, 2022
@@ -6,13 +6,13 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0
+version: 0.2.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.1.0"
+appVersion: "0.2.0"
 
 dependencies:
 - name: cert-manager

@@ -0,0 +1,233 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.7.0
+  creationTimestamp: null
+  name: schedules.mobility.storage.dell.com
+spec:
+  group: mobility.storage.dell.com
+  names:
+    kind: Schedule
+    listKind: ScheduleList
+    plural: schedules
+    singular: schedule
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.phase
+      name: Status
+      type: string
+    - jsonPath: .spec.paused
+      name: Paused
+      type: boolean
+    - jsonPath: .spec.schedule
+      name: Schedule
+      type: string
+    - jsonPath: .status.lastBackupTime
+      name: lastBackupTime
+      type: date
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: Schedule is the Schema for the schedules API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: ScheduleSpec defines the desired state of Schedule
+            properties:
+              backupSpec:
+                description: BackupSpec is the spec of the Backup to be created on
+                  the specified Schedule.
+                properties:
+                  backupLocation:
+                    description: Velero Storage location where k8s resources and application
+                      data will be backed up to. Default value is "default"
+                    nullable: true
+                    type: string
+                  clones:
+                    description: Clones is the list of targets where this backup will
+                      be cloned to.
+                    items:
+                      properties:
+                        namespaceMapping:
+                          additionalProperties:
+                            type: string
+                          description: NamespaceMapping is a map of source namespace
+                            names to target namespace names to restore into. Any source
+                            namespaces not included in the map will be restored into
+                            namespaces of the same name.
+                          type: object
+                        restoreOnceAvailable:
+                          description: Optionally, specify whether the backup is to
+                            be restored to TargetCluster once available. Default value
+                            is false. Setting this to true causes the backup to be
+                            restored as soon as it is available.
+                          nullable: true
+                          type: boolean
+                        targetCluster:
+                          description: Optionally, specify the targetCluster to restore
+                            the backup to.
+                          nullable: true
+                          type: string
+                      type: object
+                    nullable: true
+                    type: array
+                  datamover:
+                    description: Default datamover is Restic
+                    nullable: true
+                    type: string
+                  excludedNamespaces:
+                    description: ExcludedNamespaces contains a list of namespaces
+                      that are not included in the backup.
+                    items:
+                      type: string
+                    nullable: true
+                    type: array
+                  excludedResources:
+                    description: ExcludedResources is a slice of resource names that
+                      are not included in the backup.
+                    items:
+                      type: string
+                    nullable: true
+                    type: array
+                  includeClusterResources:
+                    description: IncludeClusterResources specifies whether cluster-scoped
+                      resources should be included for consideration in the backup.
+                    nullable: true
+                    type: boolean
+                  includedNamespaces:
+                    description: IncludedNamespaces is a slice of namespace names
+                      to include objects from. If empty, all namespaces are included.
+                    items:
+                      type: string
+                    nullable: true
+                    type: array
+                  includedResources:
+                    description: IncludedResources is a slice of resource names to
+                      include in the backup. If empty, all resources are included.
+                    items:
+                      type: string
+                    nullable: true
+                    type: array
+                  labelSelector:
+                    description: LabelSelector is a metav1.LabelSelector to filter
+                      with when adding individual objects to the backup. If empty
+                      or nil, all objects are included. Optional.
+                    nullable: true
+                    properties:
+                      matchExpressions:
+                        description: matchExpressions is a list of label selector
+                          requirements. The requirements are ANDed.
+                        items:
+                          description: A label selector requirement is a selector
+                            that contains values, a key, and an operator that relates
+                            the key and values.
+                          properties:
+                            key:
+                              description: key is the label key that the selector
+                                applies to.
+                              type: string
+                            operator:
+                              description: operator represents a key's relationship
+                                to a set of values. Valid operators are In, NotIn,
+                                Exists and DoesNotExist.
+                              type: string
+                            values:
+                              description: values is an array of string values. If
+                                the operator is In or NotIn, the values array must
+                                be non-empty. If the operator is Exists or DoesNotExist,
+                                the values array must be empty. This array is replaced
+                                during a strategic merge patch.
+                              items:
+                                type: string
+                              type: array
+                          required:
+                          - key
+                          - operator
+                          type: object
+                        type: array
+                      matchLabels:
+                        additionalProperties:
+                          type: string
+                        description: matchLabels is a map of {key,value} pairs. A
+                          single {key,value} in the matchLabels map is equivalent
+                          to an element of matchExpressions, whose key field is "key",
+                          the operator is "In", and the values array contains only
+                          "value". The requirements are ANDed.
+                        type: object
+                    type: object
+                  podVolumeBackups:
+                    items:
+                      type: string
+                    nullable: true
+                    type: array
+                  ttl:
+                    description: TTL the Dell Backup retention period
+                    type: string
+                  veleroBackup:
+                    nullable: true
+                    type: string
+                type: object
+              paused:
+                description: Paused specifies whether the schedule is paused or not
+                type: boolean
+              schedule:
+                description: Schedule is the cron expression representing when to
+                  create the Backup.
+                type: string
+              setOwnerReferencesInBackup:
+                description: SetOwnerReferencesInBackup specifies whether to set OwnerReferences
+                  on Backups created by this Schedule.
+                nullable: true
+                type: boolean
+            required:
+            - backupSpec
+            - schedule
+            type: object
+          status:
+            description: ScheduleStatus defines the observed state of Schedule
+            properties:
+              lastBackupTime:
+                description: LastBackupTime is the last time when a backup was created
+                  successfully from this schedule.
+                format: date-time
+                nullable: true
+                type: string
+              phase:
+                description: Phase is the current phase of the schdule.
+                enum:
+                - New
+                - Enabled
+                - FailedValidation
+                type: string
+              validationErrors:
+                description: ValidationErrors is a list of validation errors, if any
+                items:
+                  type: string
+                type: array
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
@@ -258,6 +258,12 @@ rules:
   - list
   - patch
   - update
+- apiGroups:
+  - velero.io
+  resources:
+  - backups/finalizers
+  verbs:
+  - update
 - apiGroups:
   - velero.io
   resources:
@@ -354,4 +360,23 @@ rules:
   - patch
   - update
   - watch
-
+- apiGroups:
+    - mobility.storage.dell.com
+  resources:
+    - schedules
+  verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+- apiGroups:
+    - mobility.storage.dell.com
+  resources:
+    - schedules/status
+  verbs:
+    - get
+    - patch
+    - update
@@ -8,7 +8,7 @@ image:
   pullPolicy: IfNotPresent
 
 controller:
-  image: dellemc/csm-application-mobility-controller:v0.1.0
+  image: dellemc/csm-application-mobility-controller:v0.2.0
 
 # csm-application-mobility requires cert-manager. If cert-manager is not already present in cluster, set enabled to true to install it too.
 cert-manager:
@@ -31,6 +31,9 @@ velero:
   use-volume-snapshots: false
   deployRestic: true
   cleanUpCRDs: true
+  restic:
+    # Set to true if installing on OpenShift
+    privileged: false
 
   credentials:
 #    Optionally, specify the name of the pre-created secret in the release namespace that holds the object store credentials. Either this or secretContents should be specified.
@@ -67,7 +70,7 @@ velero:
 
   initContainers:
   - name: dell-custom-velero-plugin
-    image: dellemc/csm-application-mobility-velero-plugin:v0.1.0
+    image: dellemc/csm-application-mobility-velero-plugin:v0.2.0
     volumeMounts:
     - mountPath: /target
       name: plugins

@@ -1,7 +1,7 @@
 apiVersion: v2
 name: csm-authorization
-version: 1.3.0
-appVersion: 1.3.0
+version: 1.5.0
+appVersion: 1.5.0
 type: application
 description: CSM for Authorization is part of the [Container Storage Modules](https://github.com/dell/csm) open source suite of Kubernetes storage enablers for Dell EMC storage products. CSM for Authorization provides storage and Kubernetes administrators the ability to apply RBAC for Dell CSI Drivers.
 dependencies:

@@ -33,7 +33,7 @@ allowlist = [
 		"POST /api/instances/Volume::[a-f0-9]+/action/removeVolume/"
 ]
 
-default allow = false
+default allow = true
 allow {
 	regex.match(allowlist[_], sprintf("%s %s", [input.method, input.url]))
 }
@@ -68,7 +68,7 @@ metadata:
   name: powerscale-volumes-create
   namespace: {{ .Release.Namespace }}
 data:
-  {{- (.Files.Glob "policies/volumes-powerscale-create.rego").AsConfig | nindent 2 }}3
+  {{- (.Files.Glob "policies/volumes-powerscale-create.rego").AsConfig | nindent 2 }}
 ---
 apiVersion: v1
 kind: ConfigMap

@@ -36,7 +36,7 @@ roleRef:
   apiGroup: rbac.authorization.k8s.io
 subjects:
 - kind: Group
-  name: system:serviceaccounts:karavi
+  name: system:serviceaccounts:{{ .Release.Namespace }}
   apiGroup: rbac.authorization.k8s.io
 ---
 apiVersion: apps/v1