Skip to content

✨ Add supports to Crypto Spec in VMOp VirtualMachine and PVC #3680

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

✨ Add supports to Crypto Spec in VMOp VirtualMachine and PVC #3680

wants to merge 3 commits into from
+631 −22

Conversation

@laozc
Copy link
Member

@laozc laozc commented Nov 17, 2025
edited
Loading

What this PR does / why we need it:

Add new fields to opt-in EncryptionClass name on volumes

    // +optional
    EncryptionClassName *string `json:"encryptionClassName,omitempty"`

and VMOp.Crypto

    // Crypto describes the desired encryption state of the VirtualMachine.
	// +optional
	Crypto *VirtualMachineCryptoSpec `json:"crypto,omitempty"`

VirtualMachineCryptoSpec.Crypto

type VirtualMachineCryptoSpec struct {
   EncryptionClassName *string `json:"encryptionClassName,omitempty"`
   UseDefaultKeyProvider *bool `json:"useDefaultKeyProvider,omitempty"`
}

Note: The EncryptionClassName changed to use *string because of the API lint in CAPV.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Nov 17, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign sbueringer for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Nov 17, 2025
@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Nov 17, 2025
@laozc laozc changed the title feat: Add supports to Crypto Spec in VMOp VirtualMachine and PVC ✨ Add supports to Crypto Spec in VMOp VirtualMachine and PVC Nov 17, 2025
@laozc laozc force-pushed the encryption-class branch 8 times, most recently from d044a65 to e10f947 Compare November 17, 2025 07:05
@k8s-ci-robot k8s-ci-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Nov 17, 2025
@laozc laozc force-pushed the encryption-class branch 9 times, most recently from 84c63df to 6a0a4f2 Compare November 18, 2025 08:18
zjs
zjs approved these changes Nov 18, 2025
View reviewed changes
Copy link

@zjs zjs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall, LGTM

zhanggbj
zhanggbj approved these changes Nov 26, 2025
View reviewed changes
Copy link
Contributor

@zhanggbj zhanggbj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
Overall LGTM, just left some nits.

go.mod

// The version of vm-operator should be kept in sync with the manifests at: config/deployments/integration-tests
replace github.com/vmware-tanzu/vm-operator/api => github.com/vmware-tanzu/vm-operator/api v1.8.6
replace github.com/vmware-tanzu/vm-operator/api => github.com/vmware-tanzu/vm-operator/api v1.9.1-0.20251029150609-93918c59a719
Copy link
Contributor

@zhanggbj zhanggbj Nov 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since Encryption Class is backported to VMOP API later than VM AF/AAF, will update PR #3655 to use this commit.

Also CC @fabriziopandini @sbueringer for awareness.

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Nov 26, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Nov 26, 2025

LGTM label has been added.

Git tree hash: 82929e1a102a4d6b7974fbb89c7bc5dccfae8393

@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Nov 26, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Nov 26, 2025

New changes are detected. LGTM label has been removed.

silvery1622
silvery1622 reviewed Nov 27, 2025
View reviewed changes
silvery1622
silvery1622 reviewed Nov 27, 2025
View reviewed changes
silvery1622
silvery1622 reviewed Nov 27, 2025
View reviewed changes
Copy link
Contributor

@silvery1622 silvery1622 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left some comments regarding the validation rules for VirtualMachineCryptoSpec and the existence validation for EncryptionClass.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fabriziopandini fabriziopandini Awaiting requested review from fabriziopandini

@rvanderp3 rvanderp3 Awaiting requested review from rvanderp3

@zhanggbj zhanggbj Awaiting requested review from zhanggbj

2 more reviewers

@silvery1622 silvery1622 silvery1622 left review comments

@zjs zjs zjs approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@zhanggbj zhanggbj

Labels

cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@laozc @k8s-ci-robot @zjs @zhanggbj @silvery1622