feat: add support for custom Velero plugins via EC config

[banjoh]

What this PR does / why we need it:

Add ability to configure custom Velero plugins through the Embedded Cluster
config specification. Plugins are injected as initContainers into the Velero
deployment.

Changes:

• Add VeleroPlugin type to ConfigSpec.Extensions.Velero with required Name
  and Image fields, and optional ImagePullPolicy
• Implement plugin injection in Velero addon's GenerateHelmValues to read
  plugins from EmbeddedConfigSpec and append as initContainers
• Add validation for Velero plugins (duplicate names/images, image format)
• Fix validateImageFormat to correctly distinguish registry ports from image
  tags (e.g., registry.io:5000/repo/image:tag)
• Add EmbeddedConfigSpec field to Velero struct to pass config during
  installation/upgrade/restore
• Add comprehensive unit tests for plugin injection scenarios
• Update CRD schemas and generated deepcopy methods

The implementation only uses plugins from EmbeddedConfigSpec, following the
existing pattern where EndUserConfigSpec is only used for overrides via
addOnOverrides mechanism.

Example configuration:

  extensions:
    velero:
      plugins:
        - name: velero-plugin-postgresql
          image: myvendor/velero-postgresql:v1.0.0
          imagePullPolicy: Always

Signed-off-by: Evans Mungai [email protected]

Which issue(s) this PR fixes:

sc-131045

Does this PR require a test?

Does this PR require a release note?

Does this PR require documentation?

[github-actions]

This PR has been released (on staging) and is available for download with a embedded-cluster-smoke-test-staging-app license ID.

Online Installer:

curl "https://staging.replicated.app/embedded/embedded-cluster-smoke-test-staging-app/ci/appver-dev-af3f231" -H "Authorization: $EC_SMOKE_TEST_LICENSE_ID" -o embedded-cluster-smoke-test-staging-app-ci.tgz

Airgap Installer (may take a few minutes before the airgap bundle is built):

curl "https://staging.replicated.app/embedded/embedded-cluster-smoke-test-staging-app/ci-airgap/appver-dev-af3f231?airgap=true" -H "Authorization: $EC_SMOKE_TEST_LICENSE_ID" -o embedded-cluster-smoke-test-staging-app-ci.tgz

Happy debugging!

[sgalsaleh]

why not call this inside helmValues() function above?

[sgalsaleh]

hmm, this seems like something that should exist in the new EC lint code rather than / in addition to here.

[sgalsaleh]

why not just use the ReferenceRegexp regex from https://pkg.go.dev/github.com/distribution/reference?

[sgalsaleh]

Can you please add 3 dryrun tests for:

• V2 installs
• V3 headless installs
• V3 non-headless installs?

For V2 dryrun install tests, the code is at: https://github.com/replicatedhq/embedded-cluster/blob/main/tests/dryrun/install_test.go

For V3 dryrun install tests, the code is at: https://github.com/replicatedhq/embedded-cluster/blob/main/tests/dryrun/v3_install_test.go

You can follow the existing pattern. You'll need to create a custom EC config for these tests that include custom velero plugins in the EC config and only use it for these 3 tests, and verify that the velero helm values are generated correctly.

[banjoh]

Can you please add 3 dryrun tests for:

• V2 installs
• V3 headless installs
• V3 non-headless installs?

For V2 dryrun install tests, the code is at: https://github.com/replicatedhq/embedded-cluster/blob/main/tests/dryrun/install_test.go

For V3 dryrun install tests, the code is at: https://github.com/replicatedhq/embedded-cluster/blob/main/tests/dryrun/v3_install_test.go

You can follow the existing pattern. You'll need to create a custom EC config for these tests that include custom velero plugins in the EC config and only use it for these 3 tests, and verify that the velero helm values are generated correctly.

Done

[sgalsaleh]

how about asserting the number of plugins is at most 2 same as the test above? same for the tests below