Make resources to block list configurable

[xinyanw409]

What this PR does / why we need it: Currently we hardcode the skip list as a map constant. If we want to edit skip crd resources list we need to build a new image every time. To make it more flexible, we're going to create a configmap for the skip list during backup-driver installation so we can add or delete skip list after plugin is deployed. Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer: Tests done:	Test case	Result
Install velero vsphere plugin	ConfigMap velero-vsphere-plugin-block-list is created.
Edit configmap, then reboot velero pod	No new configmap created, the previous one keeps unchanged.
Delete configmap, then reboot velero pod	New configmap will be created from the default blocking list.
Delete configmap, then only reboot backup-driver pod	No new configmap created.
Backup without configmap	Succeed.
Restore using backup which created without configmap	Completed, but with 10 Warnings.
Backup with configmap, excluded resource velero backup create test-0208-03 --include-namespaces=test-namespace-mapping-1 --exclude-resources=namespacenetworkinfos.nsx.vmware.com,contentsourcebindings.vmoperator.vmware.com,kubeadmconfigtemplates.bootstrap.cluster.x-k8s.io,clusterclasses.cluster.x-k8s.io,cnscsisvfeaturestates.cns.vmware.com --snapshot-volumes	Succeed.
Restore using backup which created with configmap	Complete with 4 warnings.
Backup with configmap, not exclude resource velero backup create test-0208-02 --include-namespaces=test-skip-list	PartiallyFailed. 5 Errors.

# kubectl get configmap velero-vsphere-plugin-block-list -n velero -o yaml
apiVersion: v1
data:
  agentinstalls.installers.tmc.cloud.vmware.com: "true"
  availabilityzones.topology.tanzu.vmware.com: "true"
  aviloadbalancerconfigs.netoperator.vmware.com: "true"
  backuprepositories.backupdriver.cnsdp.vmware.com: "true"
  backuprepositoryclaims.backupdriver.cnsdp.vmware.com: "true"
  blockaffinities.crd.projectcalico.org: "true"
  ccsplugins.appplatform.wcp.vmware.com: "true"
  certificaterequests.cert-manager.io: "true"
  certificates.cert-manager.io: "true"
  challenges.acme.cert-manager.io: "true"
  clonefromsnapshots.backupdriver.cnsdp.vmware.com: "true"
  clusterclasses.cluster.x-k8s.io: "true"
  clusterissuers.cert-manager.io: "true"
  clusternetworkinfos.nsx.vmware.com: "true"
  clusterresourcesetbindings.addons.cluster.x-k8s.io: "true"
  clusterresourcesets.addons.cluster.x-k8s.io: "true"
  clusters.cluster.x-k8s.io: "true"
  cnscsisvfeaturestates.cns.vmware.com: "true"
  cnsfileaccessconfigs.cns.vmware.com: "true"
  cnsfilevolumeclients.cns.vmware.com: "true"
  cnsnodevmattachments.cns.vmware.com: "true"
  cnsregistervolumes.cns.vmware.com: "true"
  cnsvolumemetadatas.cns.vmware.com: "true"
  compatibilities.run.tanzu.vmware.com: "true"
  contentlibraryproviders.vmoperator.vmware.com: "true"
  contentsourcebindings.vmoperator.vmware.com: "true"
  contentsources.vmoperator.vmware.com: "true"
  deletesnapshots.backupdriver.cnsdp.vmware.com: "true"
  downloads.datamover.cnsdp.vmware.com: "true"
  drainrequests.psp.wcp.vmware.com: "true"
  gatewayclasses.networking.x-k8s.io: "true"
  gateways.networking.x-k8s.io: "true"
  haproxyloadbalancerconfigs.netoperator.vmware.com: "true"
  httproutes.networking.x-k8s.io: "true"
  imagedisks.imagecontroller.vmware.com: "true"
  installoptions.appplatform.wcp.vmware.com: "true"
  installrequirements.appplatform.wcp.vmware.com: "true"
  ipamblocks.crd.projectcalico.org: "true"
  ipamconfigs.crd.projectcalico.org: "true"
  ipamhandles.crd.projectcalico.org: "true"
  ippools.crd.projectcalico.org: "true"
  ippools.netoperator.vmware.com: "true"
  ippools.nsx.vmware.com: "true"
  issuers.cert-manager.io: "true"
  kubeadmconfigs.bootstrap.cluster.x-k8s.io: "true"
  kubeadmconfigtemplates.bootstrap.cluster.x-k8s.io: "true"
  kubeadmcontrolplanes.controlplane.cluster.x-k8s.io: "true"
  kuberneteslicenses.licenseoperator.vmware.com: "true"
  loadbalancerconfigs.netoperator.vmware.com: "true"
  loadbalancers.vmware.com: "true"
  machinedeployments.cluster.x-k8s.io: "true"
  machinehealthchecks.cluster.x-k8s.io: "true"
  machinepools.exp.cluster.x-k8s.io: "true"
  machines.cluster.x-k8s.io: "true"
  machinesets.cluster.x-k8s.io: "true"
  members.registryagent.vmware.com: "true"
  namespacenetworkinfos.nsx.vmware.com: "true"
  ncpconfigs.nsx.vmware.com: "true"
  networkinterfaces.netoperator.vmware.com: "true"
  networks.netoperator.vmware.com: "true"
  nsxerrors.nsx.vmware.com: "true"
  nsxlocks.nsx.vmware.com: "true"
  nsxnetworkconfigurations.nsx.vmware.com: "true"
  nsxnetworkinterfaces.nsx.vmware.com: "true"
  orders.acme.cert-manager.io: "true"
  persistenceinstanceinfoes.psp.wcp.vmware.com: "true"
  persistenceserviceconfigurations.psp.wcp.vmware.com: "true"
  projects.registryagent.vmware.com: "true"
  providerserviceaccounts.run.tanzu.vmware.com: "true"
  psprecencyrequests.psp.wcp.vmware.com: "true"
  pvcdisruptionbudgets.psp.wcp.vmware.com: "true"
  registries.registryagent.vmware.com: "true"
  resourcecheckreports.psp.wcp.vmware.com: "true"
  resourcechecks.psp.wcp.vmware.com: "true"
  routesets.nsx.vmware.com: "true"
  snapshots.backupdriver.cnsdp.vmware.com: "true"
  statefuldrainnodes.psp.wcp.vmware.com: "true"
  statefulreadynodes.psp.wcp.vmware.com: "true"
  storagepolicies.appplatform.wcp.vmware.com: "true"
  storagepolicies.psp.wcp.vmware.com: "true"
  storagepools.cns.vmware.com: "true"
  supervisorservices.appplatform.wcp.vmware.com: "true"
  tanzukubernetesaddons.run.tanzu.vmware.com: "true"
  tanzukubernetesclusters.run.tanzu.vmware.com: "true"
  tanzukubernetesreleases.run.tanzu.vmware.com: "true"
  tcproutes.networking.x-k8s.io: "true"
  tkgserviceconfigurations.run.tanzu.vmware.com: "true"
  uploads.datamover.cnsdp.vmware.com: "true"
  vcuiplugins.appplatform.wcp.vmware.com: "true"
  veleroservices.veleroappoperator.vmware.com: "true"
  virtualmachineclassbindings.vmoperator.vmware.com: "true"
  virtualmachineclasses.vmoperator.vmware.com: "true"
  virtualmachineimages.vmoperator.vmware.com: "true"
  virtualmachines.vmoperator.vmware.com: "true"
  virtualmachineservices.vmoperator.vmware.com: "true"
  virtualmachinesetresourcepolicies.vmoperator.vmware.com: "true"
  virtualnetworkinterfaces.vmware.com: "true"
  virtualnetworks.vmware.com: "true"
  vmxnet3networkinterfaces.netoperator.vmware.com: "true"
  vspheredistributednetworks.netoperator.vmware.com: "true"
  wcpclusters.infrastructure.cluster.vmware.com: "true"
  wcpmachines.infrastructure.cluster.vmware.com: "true"
  wcpmachinetemplates.infrastructure.cluster.vmware.com: "true"
  wcpnamespaces.appplatform.wcp.vmware.com: "true"
  webconsolerequests.vmoperator.vmware.com: "true"
kind: ConfigMap
metadata:
  creationTimestamp: "2023-01-26T02:59:41Z"
  name: velero-vsphere-plugin-block-list
  namespace: velero
  resourceVersion: "4828873"
  uid: 3f0d70e3-787a-46f7-b552-428da16729c0

2. Unit test

   go test ./pkg/... -timeout=300s
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/apis/backupdriver/v1alpha1    [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/apis/datamover/v1alpha1   [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/backupdriver  [no test files]
   ok      github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/backuprepository  0.217s
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/builder   [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/buildinfo [no test files]
   ok      github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/cmd   0.224s
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/cmd/backupdriver  [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/cmd/backupdriver/cli/install  [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/cmd/backupdriver/cli/server   [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/cmd/datamgr   [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/cmd/datamgr/cli/install   [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/cmd/datamgr/cli/server    [no test files]
   ok      github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/common/vsphere    0.115s
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/constants [no test files]
   ok      github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/controller    0.231s
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/dataMover [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/clientset/versioned [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/clientset/versioned/fake    [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/clientset/versioned/scheme  [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/clientset/versioned/typed/backupdriver/v1alpha1 [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/clientset/versioned/typed/backupdriver/v1alpha1/fake    [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/clientset/versioned/typed/datamover/v1alpha1    [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/clientset/versioned/typed/datamover/v1alpha1/fake   [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/crds    [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/informers/externalversions  [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/informers/externalversions/backupdriver [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/informers/externalversions/backupdriver/v1alpha1    [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/informers/externalversions/datamover    [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/informers/externalversions/datamover/v1alpha1   [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/informers/externalversions/internalinterfaces   [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/listers/backupdriver/v1alpha1   [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/generated/listers/datamover/v1alpha1  [no test files]
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/install   [no test files]
   ok      github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/ivd   0.086s
   ok      github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/paravirt  0.130s
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/plugin    [no test files]
   ok      github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/plugin/util   0.117s
   ok      github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/snapshotUtils 0.139s
   ok      github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/snapshotmgr   0.069s
   ?       github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/test  [no test files]
   ok      github.com/vmware-tanzu/velero-plugin-for-vsphere/pkg/utils 0.062s
   Success!

   Does this PR introduce a user-facing change?:

   Make resources to block list configurable.

[svcbot-qecnsdp]

Sorry, some of the pre-check tests are failing for this PR !

Please check the Jenkins job for more details https://container-dp.svc.eng.vmware.com/job/CNSDP-CI/778/

[svcbot-qecnsdp]

Sorry, some of the pre-check tests are failing for this PR !

Please check the Jenkins job for more details https://container-dp.svc.eng.vmware.com/job/CNSDP-CI/779/

[svcbot-qecnsdp]

Sorry, some of the pre-check tests are failing for this PR !

Please check the Jenkins job for more details https://container-dp.svc.eng.vmware.com/job/CNSDP-CI/780/

[svcbot-qecnsdp]

Sorry, some of the pre-check tests are failing for this PR !

Please check the Jenkins job for more details https://container-dp.svc.eng.vmware.com/job/CNSDP-CI/781/

[svcbot-qecnsdp]

Sorry, some of the pre-check tests are failing for this PR !

Please check the Jenkins job for more details https://container-dp.svc.eng.vmware.com/job/CNSDP-CI/782/

[deepakkinni]

Update description to indicate exactly when the configmap will be recreated and when it won't be

[svcbot-qecnsdp]

Sorry, some of the pre-check tests are failing for this PR !

Please check the Jenkins job for more details https://container-dp.svc.eng.vmware.com/job/CNSDP-CI/783/

[svcbot-qecnsdp]

Sorry, some of the pre-check tests are failing for this PR !

Please check the Jenkins job for more details https://container-dp.svc.eng.vmware.com/job/CNSDP-CI/784/

[xing-yang]

I wonder why backup results from (1) "Backup without configmap" and (2) "Backup with configmap, not exclude resource" are so different. They should be the same. Are you running backup test (2) from a restored setup resulting from (1)?

[xinyanw409]

I wonder why backup results from (1) "Backup without configmap" and (2) "Backup with configmap, not exclude resource" are so different. They should be the same. Are you running backup test (2) from a restored setup resulting from (1)?

• They should be the same. But "Backup with configmap, not exclude resource" should failed because not passing "--exclude-resource" and there are resources are in block list.

• Are you running backup test (2) from a restored setup resulting from (1)? No. I created two namespaces and created the pvc in the namespace.

[svcbot-qecnsdp]

Sorry, some of the pre-check tests are failing for this PR !

Please check the Jenkins job for more details https://container-dp.svc.eng.vmware.com/job/CNSDP-CI/785/