diff --git a/library/common-test/tests/veleroVolumeSnapshotLocation/spec_test.yaml b/library/common-test/tests/veleroVolumeSnapshotLocation/spec_test.yaml index dce51536..fad02143 100644 --- a/library/common-test/tests/veleroVolumeSnapshotLocation/spec_test.yaml +++ b/library/common-test/tests/veleroVolumeSnapshotLocation/spec_test.yaml @@ -26,7 +26,7 @@ tests: equal: path: spec value: - provider: aws + provider: velero.io/aws credential: name: vsl-test-release-name-common-test-my-snap1 key: cloud @@ -83,7 +83,7 @@ tests: equal: path: spec value: - provider: aws + provider: velero.io/aws credential: name: vsl-test-release-name-common-test-my-snap1 key: cloud @@ -139,3 +139,29 @@ tests: asserts: - failedTemplate: errorMessage: Volume Snapshot Location - Expected non-empty [credential.key] + + - it: should fail without credential.aws.id with provider aws + set: + volumeSnapshotLocation: + - enabled: true + name: my-snap1 + provider: aws + credential: + aws: + key: my-key + asserts: + - failedTemplate: + errorMessage: Volume Snapshot Location - Expected non-empty [credential.aws.id] for [aws] provider + + - it: should fail without credential.aws.key with provider aws + set: + volumeSnapshotLocation: + - enabled: true + name: my-snap1 + provider: aws + credential: + aws: + id: my-id + asserts: + - failedTemplate: + errorMessage: Volume Snapshot Location - Expected non-empty [credential.aws.key] for [aws] provider diff --git a/library/common/templates/lib/velero/_providerSecret.tpl b/library/common/templates/lib/velero/_providerSecret.tpl index 8dafe0c5..407f8ce4 100644 --- a/library/common/templates/lib/velero/_providerSecret.tpl +++ b/library/common/templates/lib/velero/_providerSecret.tpl @@ -3,9 +3,14 @@ {{- $objectData := .objectData -}} {{- $creds := "" -}} {{/* We can add additinal providers here, and only create the template for the data */}} - {{/* TODO: Provider should probably be velero.io/aws or we should map it */}} - {{- if and (eq ($objectData.provider | toString) "aws") $objectData.credential.aws -}} + + {{/* Make sure provider is a string */}} + {{- $provider := $objectData.provider | toString -}} + + {{- if and (eq $provider "aws") $objectData.credential.aws -}} {{- $creds = (include "tc.v1.common.lib.velero.provider.aws.secret" (dict "creds" $objectData.credential.aws) | fromYaml).data -}} + {{/* Map provider */}} + {{- $_ := set $objectData "provider" "velero.io/aws" -}} {{- end -}} {{/* If we matched a provider, create the secret */}} @@ -23,6 +28,7 @@ {{/* Update the credential object with the name and key */}} {{- $_ := set $objectData.credential "name" (printf "vsl-%s" $objectData.name) -}} {{- $_ := set $objectData.credential "key" "cloud" -}} + {{- end -}} {{- end -}} diff --git a/library/common/templates/lib/velero/secretData/_aws.tpl b/library/common/templates/lib/velero/secretData/_aws.tpl index 24513f8e..2b89e64b 100644 --- a/library/common/templates/lib/velero/secretData/_aws.tpl +++ b/library/common/templates/lib/velero/secretData/_aws.tpl @@ -1,5 +1,12 @@ {{- define "tc.v1.common.lib.velero.provider.aws.secret" -}} - {{- $creds := .creds }} + {{- $creds := .creds -}} + + {{- $reqKeys := list "id" "key" -}} + {{- range $k := $reqKeys -}} + {{- if not (get $creds $k) -}} + {{- fail (printf "Volume Snapshot Location - Expected non-empty [credential.aws.%s] for [aws] provider" $k) -}} + {{- end -}} + {{- end }} data: | [default] aws_access_key_id={{ $creds.id }}