OADP-1057: AWS STS Creds support for internal image backup

[kaovilai]

• add support for aws sts creds for registry
• remove image-spec replace breaking build, previously there for CVE.. now the dep is much newer..
• OADP-1057: STS creds support for internal image backup
• remove kopia dependency by removing podvolume package also available as a separate PR. #200 but it is required here to build.. so can rebase after that merged or vice versa.

⏯️ Testing instructions 🏈

TODO:

• [x] remove replace github.com/vmware-tanzu/velero v1.11.0 => github.com/kaovilai/velero v0000- // TODO: remove when https://github.com/openshift/velero/pull/279 is merged https://github.com/openshift/velero/pull/279
• [x] Update secret handling to support new field

test image

ghcr.io/kaovilai/openshift-velero-plugin:sts

dpa

apiVersion: oadp.openshift.io/v1alpha1
kind: DataProtectionApplication
metadata:
  name: dpa-sample
spec:
  unsupportedOverrides:
    openshiftPluginImageFqin: ghcr.io/kaovilai/openshift-velero-plugin:sts

[openshift-ci[bot]]

Skipping CI for Draft Pull Request. If you want CI signal for your change, please convert it to an actual PR. You can still manually trigger a test run with /test all

[kaovilai]

/test all

[kaovilai]

Did some sanity testing. The changes work as intended. Marking ready for review.

[openshift-ci-robot]

@kaovilai: This pull request references OADP-1057 which is a valid jira issue.

In response to [this](https://github.com/openshift/openshift-velero-plugin/pull/199): >- add support for aws sts creds for registry >- remove image-spec replace breaking build, previously there for CVE.. now the dep is much newer.. >- [OADP-1057](https://issues.redhat.com//browse/OADP-1057): STS creds support for internal image backup >- [remove kopia dependency by removing podvolume package](https://github.com/openshift/openshift-velero-plugin/pull/200) also available as a separate PR. #200 but it is required here to build.. so can rebase after that merged or vice versa. > >TODO: >- [ ] remove `replace github.com/vmware-tanzu/velero v1.11.0 => github.com/kaovilai/velero v0000- // TODO: remove when https://github.com/openshift/velero/pull/279 is merged >` >- [x] Update secret handling to support new field > >test image >``` >ghcr.io/kaovilai/openshift-velero-plugin:sts >``` > >dpa >``` >apiVersion: oadp.openshift.io/v1alpha1 >kind: DataProtectionApplication >metadata: > name: dpa-sample >spec: > unsupportedOverrides: > openshiftPluginImageFqin: ghcr.io/kaovilai/openshift-velero-plugin:sts >``` Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[weshayutin]

w/ backupImages: true w/ patch:

https://termbin.com/0h91

[whayutin@thinkdoe ROSA]$ velero backup get hello-world-patch2 
NAME                 STATUS      ERRORS   WARNINGS   CREATED                         EXPIRES   STORAGE LOCATION     SELECTOR
hello-world-patch2   Completed   0        0          2023-07-24 18:38:14 +0000 UTC   29d       wdh07052023d-dpa-1   <none>
[whayutin@thinkdoe ROSA]$ oc get dpa -o yaml | grep -i image
    backupImages: true
      openshiftPluginImageFqin: ghcr.io/kaovilai/openshift-velero-plugin:sts

[kaovilai]

/hold for 1.2.2

[openshift-ci-robot]

@kaovilai: This pull request references OADP-1057 which is a valid jira issue.

In response to [this](https://github.com/openshift/openshift-velero-plugin/pull/199): >- add support for aws sts creds for registry >- remove image-spec replace breaking build, previously there for CVE.. now the dep is much newer.. >- [OADP-1057](https://issues.redhat.com//browse/OADP-1057): STS creds support for internal image backup >- [remove kopia dependency by removing podvolume package](https://github.com/openshift/openshift-velero-plugin/pull/200) also available as a separate PR. #200 but it is required here to build.. so can rebase after that merged or vice versa. > >#### [Testing instructions](https://github.com/openshift/oadp-operator/pull/1126#:~:text=Testing%20instructions) > > >TODO: >- [ ] remove `replace github.com/vmware-tanzu/velero v1.11.0 => github.com/kaovilai/velero v0000- // TODO: remove when https://github.com/openshift/velero/pull/279 is merged >` >- [x] Update secret handling to support new field > >test image >``` >ghcr.io/kaovilai/openshift-velero-plugin:sts >``` > >dpa >``` >apiVersion: oadp.openshift.io/v1alpha1 >kind: DataProtectionApplication >metadata: > name: dpa-sample >spec: > unsupportedOverrides: > openshiftPluginImageFqin: ghcr.io/kaovilai/openshift-velero-plugin:sts >``` Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[openshift-ci-robot]

@kaovilai: This pull request references OADP-1057 which is a valid jira issue.

In response to [this](https://github.com/openshift/openshift-velero-plugin/pull/199): >- add support for aws sts creds for registry >- remove image-spec replace breaking build, previously there for CVE.. now the dep is much newer.. >- [OADP-1057](https://issues.redhat.com//browse/OADP-1057): STS creds support for internal image backup >- [remove kopia dependency by removing podvolume package](https://github.com/openshift/openshift-velero-plugin/pull/200) also available as a separate PR. #200 but it is required here to build.. so can rebase after that merged or vice versa. > >#### ⏯️ [Testing instructions](https://github.com/openshift/oadp-operator/pull/1126#:~:text=Testing%20instructions) 🏈 > > >TODO: >- [ ] remove `replace github.com/vmware-tanzu/velero v1.11.0 => github.com/kaovilai/velero v0000- // TODO: remove when https://github.com/openshift/velero/pull/279 is merged >` >- [x] Update secret handling to support new field > >test image >``` >ghcr.io/kaovilai/openshift-velero-plugin:sts >``` > >dpa >``` >apiVersion: oadp.openshift.io/v1alpha1 >kind: DataProtectionApplication >metadata: > name: dpa-sample >spec: > unsupportedOverrides: > openshiftPluginImageFqin: ghcr.io/kaovilai/openshift-velero-plugin:sts >``` Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[openshift-ci-robot]

@kaovilai: This pull request references OADP-1057 which is a valid jira issue.

In response to [this](https://github.com/openshift/openshift-velero-plugin/pull/199): >- add support for aws sts creds for registry >- remove image-spec replace breaking build, previously there for CVE.. now the dep is much newer.. >- [OADP-1057](https://issues.redhat.com//browse/OADP-1057): STS creds support for internal image backup >- [remove kopia dependency by removing podvolume package](https://github.com/openshift/openshift-velero-plugin/pull/200) also available as a separate PR. #200 but it is required here to build.. so can rebase after that merged or vice versa. > >#### ⏯️ [Testing instructions](https://github.com/openshift/oadp-operator/pull/1126#:~:text=Testing%20instructions) 🏈 > > >TODO: >- [ ] remove `replace github.com/vmware-tanzu/velero v1.11.0 => github.com/kaovilai/velero v0000- // TODO: remove when https://github.com/openshift/velero/pull/279 is merged` https://github.com/openshift/velero/pull/279 >- [x] Update secret handling to support new field > >test image >``` >ghcr.io/kaovilai/openshift-velero-plugin:sts >``` > >dpa >``` >apiVersion: oadp.openshift.io/v1alpha1 >kind: DataProtectionApplication >metadata: > name: dpa-sample >spec: > unsupportedOverrides: > openshiftPluginImageFqin: ghcr.io/kaovilai/openshift-velero-plugin:sts >``` Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[openshift-ci-robot]

@kaovilai: This pull request references OADP-1057 which is a valid jira issue.

In response to [this](https://github.com/openshift/openshift-velero-plugin/pull/199): >- add support for aws sts creds for registry >- remove image-spec replace breaking build, previously there for CVE.. now the dep is much newer.. >- [OADP-1057](https://issues.redhat.com//browse/OADP-1057): STS creds support for internal image backup >- [remove kopia dependency by removing podvolume package](https://github.com/openshift/openshift-velero-plugin/pull/200) also available as a separate PR. #200 but it is required here to build.. so can rebase after that merged or vice versa. > >#### ⏯️ [Testing instructions](https://github.com/openshift/oadp-operator/pull/1126#:~:text=Testing%20instructions) 🏈 > > >TODO: >- [x] remove `replace github.com/vmware-tanzu/velero v1.11.0 => github.com/kaovilai/velero v0000- // TODO: remove when https://github.com/openshift/velero/pull/279 is merged` https://github.com/openshift/velero/pull/279 >- [x] Update secret handling to support new field > >test image >``` >ghcr.io/kaovilai/openshift-velero-plugin:sts >``` > >dpa >``` >apiVersion: oadp.openshift.io/v1alpha1 >kind: DataProtectionApplication >metadata: > name: dpa-sample >spec: > unsupportedOverrides: > openshiftPluginImageFqin: ghcr.io/kaovilai/openshift-velero-plugin:sts >``` Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[kaovilai]

/unhold

[kaovilai]

/cherry-pick oadp-1.2

[openshift-cherrypick-robot]

@kaovilai: once the present PR merges, I will cherry-pick it on top of oadp-1.2 in a new PR and assign it to you.

In response to [this](https://github.com/openshift/openshift-velero-plugin/pull/199#issuecomment-1686953712): >/cherry-pick oadp-1.2 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[openshift-ci[bot]]

@kaovilai: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).

[sseago]

/lgtm

[openshift-ci[bot]]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kaovilai, sseago

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openshift/openshift-velero-plugin/blob/master/OWNERS)~~ [kaovilai,sseago] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[openshift-cherrypick-robot]

@kaovilai: new pull request created: #202

In response to [this](https://github.com/openshift/openshift-velero-plugin/pull/199#issuecomment-1686953712): >/cherry-pick oadp-1.2 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.