The ClusterBootstrap validation webhook causes Velero restore of mgmt cluster failed

[ywk253100]

Create a backup for the mgmt cluster with Velero and the backup contains ClusterBootstrap and its referenced resources KappControllerConfig, VSphereCSIConfig, etc. If ClusterBootstrap is restored before its referenced resources, the restore will fail with following error:

error restoring clusterbootstraps.run.tanzu.vmware.com/default/tkg-vc-antrea: admission webhook "clusterbootstrap.validating.vmware.com" denied the request: ClusterBootstrap.run.tanzu.vmware.com "tkg-vc-antrea" is invalid: [spec.kapp.valuesFrom.ProviderRef: Invalid value: v1.TypedLocalObjectReference{APIGroup:(*string)(0xc001d7a010), Kind:"KappControllerConfig", Name:"tkg-vc-antrea-kapp-controller-package"}: kappcontrollerconfigs.run.tanzu.vmware.com "tkg-vc-antrea-kapp-controller-package" not found, spec.cpi.valuesFrom.ProviderRef: Invalid value: v1.TypedLocalObjectReference{APIGroup:(*string)(0xc001ac7ff0), Kind:"VSphereCPIConfig", Name:"tkg-vc-antrea"}: vspherecpiconfigs.cpi.tanzu.vmware.com "tkg-vc-antrea" not found]

As ClusterBootstrap is extensible, it can reference any kind of resources, Velero cannot gurantee all its refereced resources be restored first, the validation for the references should be removed and the controller should be responsible for reconcile the resource in the next loop of reconciling if its references don't exist.

[github-actions[bot]]

Hey @ywk253100! Thanks for opening your first issue. We appreciate your contribution and welcome you to our community! We are glad to have you here and to have your input on Tanzu Framework.