From f121b1757ef4f0f25c039ff291e4b4a61806b29c Mon Sep 17 00:00:00 2001
From: Benjamin Ernst <benjamin.ernst@cloudogu.com>
Date: Thu, 14 Dec 2023 15:49:41 +0100
Subject: [PATCH 01/13] #24 WIP Update docs for configuring longhorn and velero

---
 .../backup_operator_installation_de.md        | 74 +++++++++++++++++--
 1 file changed, 66 insertions(+), 8 deletions(-)

diff --git a/docs/operations/backup_operator_installation_de.md b/docs/operations/backup_operator_installation_de.md
index c453649..d42c8f6 100644
--- a/docs/operations/backup_operator_installation_de.md
+++ b/docs/operations/backup_operator_installation_de.md
@@ -14,10 +14,41 @@ Aktuell wird `velero` als Provider unterstützt.
 Ist in dem Cluster keine Snapshot-API verfügbar muss ebenfalls ein Snapshot-Controller installiert werden.
 Das Gleiche gilt für den Storage-Provisioner.
 
+#### Backup-Speicher
+
+Die Speicherung der Backups erfolgt in einem S3-kompatiblen Objektspeicher, z.B. [Minio](https://min.io/).
+Dieser Speicher sollte sich außerhalb des Kubernetes Clusters befinden, damit bei einem Ausfall des Clusters die Backups weiterhin vorhanden und sicher sind.
+Daher muss die Installation und der Betrieb des Backup-Speichers separat vom CES durchgeführt werden.
+
 ### Storage-Provisioner
 
 Falls im Cluster kein Storage-Provisioner existiert kann `longhorn` installiert und verwendet werden.
-Mit dem Attribute `valuesYamlOverwrite` können für die Backups URL und Credentials zu einem S3-Storage konfiguriert werden.
+
+### Secret für den Backup-Speicher erstellen
+
+Longhorn-Backups werden im oben beschriebenen Backup-Speicher abgelegt. Dazu benötigt `longhorn` Zugriff auf den Speicher.
+Die dafür benötigten Parameter müssen in einem Kubernetes-Secret abgelegt werden:
+
+| Secret Key            | Beschreibung                          |
+|-----------------------|---------------------------------------|
+| AWS_ENDPOINTS         | Die URL des Backup-Speicher           |
+| AWS_ACCESS_KEY_ID     | Die ID des AccessKey für Longhorn     |
+| AWS_SECRET_ACCESS_KEY | Das Secret zum AccessKey für Longhorn |
+
+Das Secret kann beispielsweise mit diesem Befehl angelegt werden:
+
+```shell
+kubectl create secret generic longhorn-backup-target --namespace=longhorn-system \
+--from-literal=AWS_ENDPOINTS=https://192.168.56.1:9000 \
+--from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \ 
+--from-literal=AWS_SECRET_ACCESS_KEY=MY-ACCESS-SECRET123
+```
+
+Das Secret muss im selben Kubernetes-Namespace wie `longhorn` angelegt werden.
+
+#### Longhorn konfigurieren
+
+Mit dem Attribute `valuesYamlOverwrite` können für die Backups URL und Credentials zu dem Backup-Speicher konfiguriert werden.
 
 ```yaml
 apiVersion: k8s.cloudogu.com/v1
@@ -29,15 +60,19 @@ spec:
   deployNamespace: longhorn-system
   namespace: k8s
   valuesYamlOverwrite: |
-    backup:
-      target:
-        secret:
-          # aws_endpoint is just the server url to the s3 compatible storage.
-          aws_endpoint: http://192.168.56.1:9001 # Insert your s3 url here. Ensure that the bucket `longhorn` exists in the Storage
-          aws_access_key_id: abcd1234
-          aws_secret_access_key: abcc1234
+    longhorn:
+      defaultSettings:
+        backupTarget: s3://longhorn@dummyregion/
+        backupTargetCredentialSecret: long-backup-target
 ```
 
+Für das Backup sind folgende Parameter in der `valuesYamlOverwrite` relevant:
+
+| Parameter                                               | Beschreibung                                                                                         |
+|---------------------------------------------------------|------------------------------------------------------------------------------------------------------|
+| `longhorn.defaultSettings.backupTarget`                 | Die Adresse des Speicherorts (Buckets) innerhalb des Backup-Speichers: `s3://<BUCKET_NAME>@<REGION>` |
+| `longhorn.defaultSettings.backupTargetCredentialSecret` | Der Name des oben erstellen Secrets, dass die Zugangsdaten zum Backup-Speicher enthält               |
+
 #### Snapshot-API
 
 Falls das Kubernetes-Cluster nicht die Snapshot-API unterstützt muss ebenfalls ein Snapshot-Controller installiert werden.
@@ -72,6 +107,29 @@ Installation:
 #### Velero
 
 Velero benötigt zur Ablage der Backups ebenfalls Konfiguration.
+
+### Secret für den Backup-Speicher erstellen
+
+Velero-Backups werden ebenfalls im oben beschriebenen Backup-Speicher abgelegt. Dazu benötigt Velero Zugriff auf den Speicher.
+Die dafür benötigten Parameter müssen in einem Kubernetes-Secret abgelegt werden:
+
+| Secret Key            | Beschreibung                          |
+|-----------------------|---------------------------------------|
+| AWS_ENDPOINTS         | Die URL des Backup-Speicher           |
+| AWS_ACCESS_KEY_ID     | Die ID des AccessKey für Longhorn     |
+| AWS_SECRET_ACCESS_KEY | Das Secret zum AccessKey für Longhorn |
+
+Das Secret kann beispielsweise mit diesem Befehl angelegt werden:
+
+```shell
+kubectl create secret generic velero-backup-target --namespace=longhorn-system \
+--from-literal=AWS_ENDPOINTS=https://192.168.56.1:9000 \
+--from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \ 
+--from-literal=AWS_SECRET_ACCESS_KEY=MY-ACCESS-SECRET123
+```
+
+Das Secret muss im selben Kubernetes-Namespace wie `longhorn` angelegt werden.
+
 Diese beinhaltet den Access-Key, Secret-Key und die URL des S3-Storage.
 Mit dem Attribut `valuesYamlOverwrite` lassen sich auch hier beliebige Konfigurationen hinzufügen oder überschreiben:
 

From 3e53eafc562bd58d08417cdc9a59a93b918f04fb Mon Sep 17 00:00:00 2001
From: Benjamin Ernst <benjamin.ernst@cloudogu.com>
Date: Fri, 15 Dec 2023 10:15:53 +0100
Subject: [PATCH 02/13] #24 WIP Update docs for configuring longhorn and velero

---
 .../backup_operator_installation_de.md        | 102 ++++++++++++------
 1 file changed, 67 insertions(+), 35 deletions(-)

diff --git a/docs/operations/backup_operator_installation_de.md b/docs/operations/backup_operator_installation_de.md
index d42c8f6..1853e2e 100644
--- a/docs/operations/backup_operator_installation_de.md
+++ b/docs/operations/backup_operator_installation_de.md
@@ -10,7 +10,7 @@ Dafür muss eine Custom Resource `Component` für den Backup-Operator und seine
 ### Abhängigkeiten
 
 Vorher sollten aber die Abhängigkeiten des Operators installiert werden. Der Backup-Operator benötigt einen Backup-Provider.
-Aktuell wird `velero` als Provider unterstützt. 
+Aktuell wird `velero` als Provider unterstützt.
 Ist in dem Cluster keine Snapshot-API verfügbar muss ebenfalls ein Snapshot-Controller installiert werden.
 Das Gleiche gilt für den Storage-Provisioner.
 
@@ -113,24 +113,32 @@ Velero benötigt zur Ablage der Backups ebenfalls Konfiguration.
 Velero-Backups werden ebenfalls im oben beschriebenen Backup-Speicher abgelegt. Dazu benötigt Velero Zugriff auf den Speicher.
 Die dafür benötigten Parameter müssen in einem Kubernetes-Secret abgelegt werden:
 
-| Secret Key            | Beschreibung                          |
-|-----------------------|---------------------------------------|
-| AWS_ENDPOINTS         | Die URL des Backup-Speicher           |
-| AWS_ACCESS_KEY_ID     | Die ID des AccessKey für Longhorn     |
-| AWS_SECRET_ACCESS_KEY | Das Secret zum AccessKey für Longhorn |
+| Secret Key            | Beschreibung                        |
+|-----------------------|-------------------------------------|
+| aws_access_key_id     | Die ID des AccessKey für Velero     |
+| aws_secret_access_key | Das Secret zum AccessKey für Velero |
 
-Das Secret kann beispielsweise mit diesem Befehl angelegt werden:
+Das Secret für wird als Datei in Velero verwendet und muss daher nach folgendem Beispiel angelegt werden:
 
 ```shell
-kubectl create secret generic velero-backup-target --namespace=longhorn-system \
---from-literal=AWS_ENDPOINTS=https://192.168.56.1:9000 \
---from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \ 
---from-literal=AWS_SECRET_ACCESS_KEY=MY-ACCESS-SECRET123
+kubectl apply --namespace=ecosystem -f - <<EOF
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: velero-backup-target
+stringData:
+  cloud: |
+    [default]
+    aws_access_key_id=MY-VELERO-ACCESS-KEY
+    aws_secret_access_key=MY-VELERO.ACCESS-SECRET123
+EOF
 ```
 
-Das Secret muss im selben Kubernetes-Namespace wie `longhorn` angelegt werden.
+Das Secret muss im selben Kubernetes-Namespace wie `velero` angelegt werden.
+
+#### Longhorn konfigurieren
 
-Diese beinhaltet den Access-Key, Secret-Key und die URL des S3-Storage.
 Mit dem Attribut `valuesYamlOverwrite` lassen sich auch hier beliebige Konfigurationen hinzufügen oder überschreiben:
 
 ```yaml
@@ -145,11 +153,7 @@ spec:
     velero:
       credentials:
         useSecret: true
-        secretContents:
-          cloud: |
-            [default]
-            aws_access_key_id=abcd1234
-            aws_secret_access_key=abcc1234
+        existingSecret: "velero-backup-target" # Name of a pre-existing secret in the Velero namespace
       configuration:
         backupStorageLocation:
           - name: default
@@ -162,10 +166,20 @@ spec:
               s3Url: http://192.168.56.1:9001 # Insert your url here
               publicUrl: http://localhost:9001 # Insert your url here
 ```
+Die folgenden Parameter in der `valuesYamlOverwrite` sind für die Backup-Konfiguration relevant:
+
+| Parameter                                                              | Beschreibung                                                                                      |
+|------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------|
+| `velero.credentials.existingSecret`                                    | Der Name des oben erstellen Secrets, dass die Zugangsdaten für Velero zum Backup-Speicher enthält |
+| `velero.configuration.backupStorageLocation[default].bucket`           | Der Name des Buckets für Velero innerhalb des Backup-Speichers                                    |
+| `velero.configuration.backupStorageLocation[default].config.s3Url`     | Die URL des Backup-Speichers                                                                      |
+| `velero.configuration.backupStorageLocation[default].config.publicUrl` | Die öffentliche URL des Backup-Speichers                                                          |
 
-Die Felder `s3Url` und `publicUrl` sind dementsprechend anzupassen.
+Die erstellte `yaml`-Datei für die Velero-Komponente kann mit folgendem Befehl angewendet werden:
 
-`kubectl --namespace ecosystem apply -f k8s-velero.yaml`
+```shell
+kubectl --namespace ecosystem apply -f k8s-velero.yaml
+```
 
 ### Installation Backup-Operator
 
@@ -198,7 +212,7 @@ spec:
 
 ---
 > Info:
-> 
+>
 > Die Versionen der Komponenten können über das Attribut `version` angepasst passt werden:
 
 ```yaml
@@ -241,16 +255,22 @@ Da in einem bestehenden Cluster der Komponenten-Operator Credentials für die He
 
 ### Storage-Provisioner
 
+Erstellung des Longhorn-Secrets für den Backup-Speicher:
+
+```shell
+kubectl create secret generic longhorn-backup-target --namespace=longhorn-system \
+--from-literal=AWS_ENDPOINTS=https://192.168.56.1:9000 \
+--from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \ 
+--from-literal=AWS_SECRET_ACCESS_KEY=MY-ACCESS-SECRET123
+```
+
 Konfiguration values.yaml:
 
 ```yaml
-backup:
-  target:
-    secret:
-      # aws_endpoint is just the server url to the s3 compatible storage.
-      aws_endpoint: http://192.168.56.1:9001 # Insert your s3 url here. Ensure that the bucket `longhorn` exists in the Storage
-      aws_access_key_id: abcd1234
-      aws_secret_access_key: abcc1234
+longhorn:
+  defaultSettings:
+    backupTarget: s3://longhorn@dummyregion/
+    backupTargetCredentialSecret: long-backup-target
 ```
 
 Installation:
@@ -267,15 +287,29 @@ Installation:
 
 ### Velero
 
+Erstellung des Velero-Secrets für den Backup-Speicher:
+
+```shell
+kubectl apply --namespace=ecosystem -f - <<EOF
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: velero-backup-target
+stringData:
+  cloud: |
+    [default]
+    aws_access_key_id=MY-VELERO-ACCESS-KEY
+    aws_secret_access_key=MY-VELERO.ACCESS-SECRET123
+EOF
+```
+Konfiguration values.yaml:
+
 ```yaml
 velero:
   credentials:
     useSecret: true
-    secretContents:
-      cloud: |
-        [default]
-        aws_access_key_id=abcd1234
-        aws_secret_access_key=abcc1234
+    existingSecret: "velero-backup-target" # Name of a pre-existing secret in the Velero namespace
   configuration:
     backupStorageLocation:
       - name: default
@@ -289,8 +323,6 @@ velero:
           publicUrl: http://localhost:9001 # Insert your url here
 ```
 
-Die Felder `s3Url` und `publicUrl` sind dementsprechend anzupassen.
-
 `helm install k8s-velero oci://registry.cloudogu.com/k8s/k8s-velero --version 5.0.2-4 -f values.yaml --namespace ecosystem`
 
 ### Installation Backup-Operator

From 7bc0bbf00c48f00bfb0796fbadb7688150bbd840 Mon Sep 17 00:00:00 2001
From: Benjamin Ernst <benjamin.ernst@cloudogu.com>
Date: Fri, 15 Dec 2023 10:33:57 +0100
Subject: [PATCH 03/13] #24 Update and translate docs for configuring longhorn
 and velero

---
 .../backup_operator_installation_de.md        |   9 +-
 .../backup_operator_installation_en.md        | 150 ++++++++++++++----
 2 files changed, 128 insertions(+), 31 deletions(-)

diff --git a/docs/operations/backup_operator_installation_de.md b/docs/operations/backup_operator_installation_de.md
index e723eba..4882cc7 100644
--- a/docs/operations/backup_operator_installation_de.md
+++ b/docs/operations/backup_operator_installation_de.md
@@ -24,7 +24,7 @@ Daher muss die Installation und der Betrieb des Backup-Speichers separat vom CES
 
 Falls im Cluster kein Storage-Provisioner existiert kann `longhorn` installiert und verwendet werden.
 
-### Secret für den Backup-Speicher erstellen
+#### Secret für den Backup-Speicher erstellen
 
 Longhorn-Backups werden im oben beschriebenen Backup-Speicher abgelegt. Dazu benötigt `longhorn` Zugriff auf den Speicher.
 Die dafür benötigten Parameter müssen in einem Kubernetes-Secret abgelegt werden:
@@ -73,7 +73,7 @@ Für das Backup sind folgende Parameter in der `valuesYamlOverwrite` relevant:
 | `longhorn.defaultSettings.backupTarget`                 | Die Adresse des Speicherorts (Buckets) innerhalb des Backup-Speichers: `s3://<BUCKET_NAME>@<REGION>` |
 | `longhorn.defaultSettings.backupTargetCredentialSecret` | Der Name des oben erstellen Secrets, dass die Zugangsdaten zum Backup-Speicher enthält               |
 
-TODO
+Die erstellte `yaml`-Datei für die Longhorn-Komponente kann mit folgendem Befehl angewendet werden:
 
 `kubectl --namespace ecosystem apply -f k8s-longhorn.yaml`
 
@@ -112,7 +112,7 @@ Installation:
 
 Velero benötigt zur Ablage der Backups ebenfalls Konfiguration.
 
-### Secret für den Backup-Speicher erstellen
+#### Secret für den Backup-Speicher erstellen
 
 Velero-Backups werden ebenfalls im oben beschriebenen Backup-Speicher abgelegt. Dazu benötigt Velero Zugriff auf den Speicher.
 Die dafür benötigten Parameter müssen in einem Kubernetes-Secret abgelegt werden:
@@ -141,7 +141,7 @@ EOF
 
 Das Secret muss im selben Kubernetes-Namespace wie `velero` angelegt werden.
 
-#### Longhorn konfigurieren
+#### Velero konfigurieren
 
 Mit dem Attribut `valuesYamlOverwrite` lassen sich auch hier beliebige Konfigurationen hinzufügen oder überschreiben:
 
@@ -307,6 +307,7 @@ stringData:
     aws_secret_access_key=MY-VELERO.ACCESS-SECRET123
 EOF
 ```
+
 Konfiguration values.yaml:
 
 ```yaml
diff --git a/docs/operations/backup_operator_installation_en.md b/docs/operations/backup_operator_installation_en.md
index 17dd04d..e5263be 100644
--- a/docs/operations/backup_operator_installation_en.md
+++ b/docs/operations/backup_operator_installation_en.md
@@ -14,9 +14,40 @@ Currently `velero` is supported as a provider.
 If no snapshot API is available in the cluster, a snapshot controller must also be installed.
 The same applies to the storage provider.
 
+#### Backup storage
+
+The backups are stored in an S3-compatible object storage, e.g. [Minio](https://min.io/).
+This storage should be located outside the Kubernetes cluster, so that the backups are still available and secure if the cluster fails.
+The installation and operation of the backup storage must therefore be carried out separately from the CES.
+
 ### Storage provisioner
 
 If no storage provisioner exists in the cluster, `longhorn` can be installed and used.
+
+#### Create a secret for the backup storage
+
+Longhorn backups are stored in the backup storage described above. To do this, `longhorn` needs access to the storage.
+The parameters required for this must be stored in a Kubernetes secret:
+
+| Secret Key            | Description                               |
+|-----------------------|-------------------------------------------|
+| AWS_ENDPOINTS         | The URL of the backup storage             |
+| AWS_ACCESS_KEY_ID     | The ID of the AccessKey for Longhorn      |
+| AWS_SECRET_ACCESS_KEY | The secret for the AccessKey for Longhorn |
+
+The secret can be created with the following example command:
+
+```shell
+kubectl create secret generic longhorn-backup-target --namespace=longhorn-system \
+--from-literal=AWS_ENDPOINTS=https://192.168.56.1:9000 \
+--from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \ 
+--from-literal=AWS_SECRET_ACCESS_KEY=MY-ACCESS-SECRET123
+```
+
+The secret must be created in the same Kubernetes namespace as `longhorn`.
+
+#### Configure Longhorn
+
 The attribute `valuesYamlOverwrite` can be used to configure the URL and credentials for backups to an S3 storage.
 
 ```yaml
@@ -29,15 +60,21 @@ spec:
   deployNamespace: longhorn-system
   namespace: k8s
   valuesYamlOverwrite: |
-    backup:
-      target:
-        secret:
-          # aws_endpoint is just the server url to the s3 compatible storage.
-          aws_endpoint: http://192.168.56.1:9001 # Insert your s3 url here. Ensure that the bucket `longhorn` exists in the Storage
-          aws_access_key_id: abcd1234 # Insert your access key here
-          aws_secret_access_key: abcc1234 # Insert your access secret key here
+    longhorn:
+      defaultSettings:
+        backupTarget: s3://longhorn@dummyregion/
+        backupTargetCredentialSecret: long-backup-target
 ```
 
+The following parameters in the `valuesYamlOverwrite` are relevant for the backup:
+
+| Parameter                                               | Description                                                                                           |
+|---------------------------------------------------------|-------------------------------------------------------------------------------------------------------|
+| `longhorn.defaultSettings.backupTarget`                 | The address of the storage location (bucket) within the backup storage: `s3://<BUCKET_NAME>@<REGION>` |
+| `longhorn.defaultSettings.backupTargetCredentialSecret` | The name of the secret created above that contains the access data to the backup storage              |
+
+The `yaml` file created for the Longhorn component can be used with the following command:
+
 `kubectl --namespace ecosystem apply -f k8s-longhorn.yaml`
 
 #### Snapshot API
@@ -74,7 +111,38 @@ Installation:
 #### Velero
 
 Velero also requires configuration to store the backups.
-This includes the access key, secret key and the URL of the S3 storage.
+
+#### Create a secret for the backup storage
+
+Velero backups are also stored in the backup storage described above. Velero needs access to the storage for this.
+The parameters required for this must be stored in a Kubernetes secret:
+
+| Secret Key            | Description                             |
+|-----------------------|-----------------------------------------|
+| aws_access_key_id     | The ID of the AccessKey for Velero      |
+| aws_secret_access_key | The secret for the AccessKey for Velero |
+
+The secret for is used as a file in Velero and must therefore be created according to the following example:
+
+```shell
+kubectl apply --namespace=ecosystem -f - <<EOF
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: velero-backup-target
+stringData:
+  cloud: |
+    [default]
+    aws_access_key_id=MY-VELERO-ACCESS-KEY
+    aws_secret_access_key=MY-VELERO.ACCESS-SECRET123
+EOF
+```
+
+The secret must be created in the same Kubernetes namespace as `velero`.
+
+#### Configure Velero
+
 The attribute `valuesYamlOverwrite` can also be used here to add or overwrite any configurations:
 
 ```yaml
@@ -89,11 +157,7 @@ spec:
     velero:
       credentials:
         useSecret: true
-        secretContents:
-          cloud: |
-            [default]
-            aws_access_key_id=abcd1234 # Insert your access key here
-            aws_secret_access_key=abcc1234 # Insert your access secret key here
+        existingSecret: "velero-backup-target" # Name of a pre-existing secret in the Velero namespace
       configuration:
         backupStorageLocation:
           - name: default
@@ -107,9 +171,20 @@ spec:
               publicUrl: http://localhost:9001 # Insert your url here
 ```
 
-The `aws_access_key_id`, `aws_secret_access_key_id`, `s3Url` and `publicUrl` fields must be adapted accordingly.
+The following parameters in the `valuesYamlOverwrite` are relevant for the backup configuration:
+
+| Parameter                                                              | Description                                                                                         |
+|------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
+| `velero.credentials.existingSecret`                                    | The name of the secret created above that contains the access data for Velero to the backup storage |
+| `velero.configuration.backupStorageLocation[default].bucket`           | The name of the bucket for Velero within the backup storage                                         |
+| `velero.configuration.backupStorageLocation[default].config.s3Url`     | The URL of the backup storage                                                                       |
+| `velero.configuration.backupStorageLocation[default].config.publicUrl` | The public URL of the backup storage                                                                |
+
+The created `yaml` file for the Velero component can be applied with the following command:
 
-`kubectl --namespace ecosystem apply -f k8s-velero.yaml`
+```shell
+kubectl --namespace ecosystem apply -f k8s-velero.yaml
+```
 
 ### Installation backup operator
 
@@ -185,16 +260,22 @@ Since the component operator in an existing cluster has credentials for the Helm
 
 ### Storage-Provisioner
 
+Creation of the Longhorn secret for the backup storage:
+
+```shell
+kubectl create secret generic longhorn-backup-target --namespace=longhorn-system \
+--from-literal=AWS_ENDPOINTS=https://192.168.56.1:9000 \
+--from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \ 
+--from-literal=AWS_SECRET_ACCESS_KEY=MY-ACCESS-SECRET123
+```
+
 Configuration k8s-longhorn-values.yaml:
 
 ```yaml
-backup:
-  target:
-    secret:
-      # aws_endpoint is just the server url to the s3 compatible storage.
-      aws_endpoint: http://192.168.56.1:9001 # Insert your s3 url here. Ensure that the bucket `longhorn` exists in the Storage
-      aws_access_key_id: abcd1234 # Insert your access key here
-      aws_secret_access_key: abcc1234 # Insert your access secret key here
+longhorn:
+  defaultSettings:
+    backupTarget: s3://longhorn@dummyregion/
+    backupTargetCredentialSecret: long-backup-target
 ```
 
 Installation:
@@ -211,15 +292,30 @@ Installation:
 
 ### Velero
 
+Creation of the Velero secret for the backup storage:
+
+```shell
+kubectl apply --namespace=ecosystem -f - <<EOF
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: velero-backup-target
+stringData:
+  cloud: |
+    [default]
+    aws_access_key_id=MY-VELERO-ACCESS-KEY
+    aws_secret_access_key=MY-VELERO.ACCESS-SECRET123
+EOF
+```
+
+Configuration values.yaml:
+
 ```yaml
 velero:
   credentials:
     useSecret: true
-    secretContents:
-      cloud: |
-        [default]
-        aws_access_key_id=abcd1234 # Insert your access key here
-        aws_secret_access_key=abcc1234 # Insert your access secret key here
+    existingSecret: "velero-backup-target" # Name of a pre-existing secret in the Velero namespace
   configuration:
     backupStorageLocation:
       - name: default

From 4731eca1f5e862c3b21b6dde4c3530b20ab33ba7 Mon Sep 17 00:00:00 2001
From: Benjamin Ernst <benjamin.ernst@cloudogu.com>
Date: Tue, 19 Dec 2023 16:05:32 +0100
Subject: [PATCH 04/13] #24 add changelog

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 79ada9d..948fd19 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Changed
+- [#14] Updated docs for installing and configuring `k8s-longhorn` and `k8s-velero`.
+
 ### Added
 - [#23] Added docs for installing the operator in an existent Cloudogu EcoSystem and on an empty cluster.
 

From 9dd28e10d61ffa83f609f8cd3fecafe10ea455b7 Mon Sep 17 00:00:00 2001
From: Niklas <niklas.hinze@cloudogu.com>
Date: Wed, 3 Jan 2024 10:40:43 +0100
Subject: [PATCH 05/13] #24 Fix create secret command in docs

---
 docs/operations/backup_operator_installation_de.md | 2 +-
 docs/operations/backup_operator_installation_en.md | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/operations/backup_operator_installation_de.md b/docs/operations/backup_operator_installation_de.md
index 4882cc7..8656eba 100644
--- a/docs/operations/backup_operator_installation_de.md
+++ b/docs/operations/backup_operator_installation_de.md
@@ -40,7 +40,7 @@ Das Secret kann beispielsweise mit diesem Befehl angelegt werden:
 ```shell
 kubectl create secret generic longhorn-backup-target --namespace=longhorn-system \
 --from-literal=AWS_ENDPOINTS=https://192.168.56.1:9000 \
---from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \ 
+--from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \
 --from-literal=AWS_SECRET_ACCESS_KEY=MY-ACCESS-SECRET123
 ```
 
diff --git a/docs/operations/backup_operator_installation_en.md b/docs/operations/backup_operator_installation_en.md
index e5263be..3a3c84c 100644
--- a/docs/operations/backup_operator_installation_en.md
+++ b/docs/operations/backup_operator_installation_en.md
@@ -265,7 +265,7 @@ Creation of the Longhorn secret for the backup storage:
 ```shell
 kubectl create secret generic longhorn-backup-target --namespace=longhorn-system \
 --from-literal=AWS_ENDPOINTS=https://192.168.56.1:9000 \
---from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \ 
+--from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \
 --from-literal=AWS_SECRET_ACCESS_KEY=MY-ACCESS-SECRET123
 ```
 

From e5cfafbe35466ad34f5c90677a06cd34058c54af Mon Sep 17 00:00:00 2001
From: nhinze23 <83591279+nhinze23@users.noreply.github.com>
Date: Wed, 3 Jan 2024 11:04:42 +0100
Subject: [PATCH 06/13] Apply suggestions from code review

---
 docs/operations/backup_operator_installation_de.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/operations/backup_operator_installation_de.md b/docs/operations/backup_operator_installation_de.md
index 8656eba..7483993 100644
--- a/docs/operations/backup_operator_installation_de.md
+++ b/docs/operations/backup_operator_installation_de.md
@@ -48,7 +48,7 @@ Das Secret muss im selben Kubernetes-Namespace wie `longhorn` angelegt werden.
 
 #### Longhorn konfigurieren
 
-Mit dem Attribute `valuesYamlOverwrite` können für die Backups URL und Credentials zu dem Backup-Speicher konfiguriert werden.
+Mit dem Attribut `valuesYamlOverwrite` können für die Backups URL und Credentials zu dem Backup-Speicher konfiguriert werden.
 
 ```yaml
 apiVersion: k8s.cloudogu.com/v1
@@ -71,7 +71,7 @@ Für das Backup sind folgende Parameter in der `valuesYamlOverwrite` relevant:
 | Parameter                                               | Beschreibung                                                                                         |
 |---------------------------------------------------------|------------------------------------------------------------------------------------------------------|
 | `longhorn.defaultSettings.backupTarget`                 | Die Adresse des Speicherorts (Buckets) innerhalb des Backup-Speichers: `s3://<BUCKET_NAME>@<REGION>` |
-| `longhorn.defaultSettings.backupTargetCredentialSecret` | Der Name des oben erstellen Secrets, dass die Zugangsdaten zum Backup-Speicher enthält               |
+| `longhorn.defaultSettings.backupTargetCredentialSecret` | Der Name des oben erstellten Secrets, dass die Zugangsdaten zum Backup-Speicher enthält               |
 
 Die erstellte `yaml`-Datei für die Longhorn-Komponente kann mit folgendem Befehl angewendet werden:
 

From 0857b128e48f276112e1ea8485e52f42fd423ba1 Mon Sep 17 00:00:00 2001
From: Niklas <niklas.hinze@cloudogu.com>
Date: Thu, 4 Jan 2024 13:40:56 +0100
Subject: [PATCH 07/13] Fix typos

---
 docs/operations/backup_operator_installation_de.md |  6 +++---
 docs/operations/backup_operator_installation_en.md | 10 +++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/docs/operations/backup_operator_installation_de.md b/docs/operations/backup_operator_installation_de.md
index 7483993..ea09b17 100644
--- a/docs/operations/backup_operator_installation_de.md
+++ b/docs/operations/backup_operator_installation_de.md
@@ -63,7 +63,7 @@ spec:
     longhorn:
       defaultSettings:
         backupTarget: s3://longhorn@dummyregion/
-        backupTargetCredentialSecret: long-backup-target
+        backupTargetCredentialSecret: longhorn-backup-target
 ```
 
 Für das Backup sind folgende Parameter in der `valuesYamlOverwrite` relevant:
@@ -167,8 +167,8 @@ spec:
             config:
               region: minio-default
               s3ForcePathStyle: true
-              s3Url: http://192.168.56.1:9001 # Insert your url here
-              publicUrl: http://localhost:9001 # Insert your url here
+              s3Url: http://192.168.56.1:9000 # Insert your url here
+              publicUrl: http://localhost:9000 # Insert your url here
 ```
 Die folgenden Parameter in der `valuesYamlOverwrite` sind für die Backup-Konfiguration relevant:
 
diff --git a/docs/operations/backup_operator_installation_en.md b/docs/operations/backup_operator_installation_en.md
index 3a3c84c..172b770 100644
--- a/docs/operations/backup_operator_installation_en.md
+++ b/docs/operations/backup_operator_installation_en.md
@@ -63,7 +63,7 @@ spec:
     longhorn:
       defaultSettings:
         backupTarget: s3://longhorn@dummyregion/
-        backupTargetCredentialSecret: long-backup-target
+        backupTargetCredentialSecret: longhorn-backup-target
 ```
 
 The following parameters in the `valuesYamlOverwrite` are relevant for the backup:
@@ -167,8 +167,8 @@ spec:
             config:
               region: minio-default
               s3ForcePathStyle: true
-              s3Url: http://192.168.56.1:9001 # Insert your url here
-              publicUrl: http://localhost:9001 # Insert your url here
+              s3Url: http://192.168.56.1:9000 # Insert your url here
+              publicUrl: http://localhost:9000 # Insert your url here
 ```
 
 The following parameters in the `valuesYamlOverwrite` are relevant for the backup configuration:
@@ -325,8 +325,8 @@ velero:
         config:
           region: minio-default
           s3ForcePathStyle: true
-          s3Url: http://192.168.56.1:9001 # Insert your url here
-          publicUrl: http://localhost:9001 # Insert your url here
+          s3Url: http://192.168.56.1:9000 # Insert your url here
+          publicUrl: http://localhost:9000 # Insert your url here
 ```
 
 The `aws_access_key_id`, `aws_secret_access_key_id`, `s3Url` and `publicUrl` fields must be adapted accordingly.

From 47517ced9ae0f2fc592fd2d8e8b82c989d11621f Mon Sep 17 00:00:00 2001
From: Niklas <niklas.hinze@cloudogu.com>
Date: Thu, 4 Jan 2024 13:54:12 +0100
Subject: [PATCH 08/13] Fix typos

---
 docs/operations/backup_operator_installation_de.md | 2 +-
 docs/operations/backup_operator_installation_en.md | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/operations/backup_operator_installation_de.md b/docs/operations/backup_operator_installation_de.md
index ea09b17..cdf0b71 100644
--- a/docs/operations/backup_operator_installation_de.md
+++ b/docs/operations/backup_operator_installation_de.md
@@ -264,7 +264,7 @@ Erstellung des Longhorn-Secrets für den Backup-Speicher:
 ```shell
 kubectl create secret generic longhorn-backup-target --namespace=longhorn-system \
 --from-literal=AWS_ENDPOINTS=https://192.168.56.1:9000 \
---from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \ 
+--from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \
 --from-literal=AWS_SECRET_ACCESS_KEY=MY-ACCESS-SECRET123
 ```
 
diff --git a/docs/operations/backup_operator_installation_en.md b/docs/operations/backup_operator_installation_en.md
index 172b770..efeaf56 100644
--- a/docs/operations/backup_operator_installation_en.md
+++ b/docs/operations/backup_operator_installation_en.md
@@ -39,8 +39,8 @@ The secret can be created with the following example command:
 
 ```shell
 kubectl create secret generic longhorn-backup-target --namespace=longhorn-system \
---from-literal=AWS_ENDPOINTS=https://192.168.56.1:9000 \
---from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \ 
+--from-literal=AWS_ENDPOINTS=http://192.168.56.1:9000 \
+--from-literal=AWS_ACCESS_KEY_ID=MY-ACCESS-KEY \
 --from-literal=AWS_SECRET_ACCESS_KEY=MY-ACCESS-SECRET123
 ```
 

From e4d0882051af910a46da98a21ebf3171734074d9 Mon Sep 17 00:00:00 2001
From: Niklas <niklas.hinze@cloudogu.com>
Date: Thu, 4 Jan 2024 14:26:24 +0100
Subject: [PATCH 09/13] #27 Add watch permission

---
 k8s/helm/templates/manager-rbac.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/k8s/helm/templates/manager-rbac.yaml b/k8s/helm/templates/manager-rbac.yaml
index e270aeb..f5a7f22 100644
--- a/k8s/helm/templates/manager-rbac.yaml
+++ b/k8s/helm/templates/manager-rbac.yaml
@@ -63,4 +63,5 @@ rules:
       - get
       - list
       - delete
-      - update
\ No newline at end of file
+      - update
+      - watch
\ No newline at end of file

From 2691444539743381f4f4fc421545bd8495a7974f Mon Sep 17 00:00:00 2001
From: Niklas <niklas.hinze@cloudogu.com>
Date: Thu, 4 Jan 2024 14:28:37 +0100
Subject: [PATCH 10/13] #27 Add changelog entry

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 10db343..b58c95c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Fixed
+- [#27] Added missing watch permission for statefulsets.
+  - This is used when waiting for the etcd on maintenance switch.
+
 ### Changed
 - [#14] Updated docs for installing and configuring `k8s-longhorn` and `k8s-velero`.
 

From c7b263fe7f8370fd8111417ca062bb04ca4323ef Mon Sep 17 00:00:00 2001
From: Niklas <niklas.hinze@cloudogu.com>
Date: Thu, 4 Jan 2024 14:29:24 +0100
Subject: [PATCH 11/13] #27 Recreate manifests

---
 .../templates/k8s.cloudogu.com_backups.yaml   | 105 ++++++++----------
 .../k8s.cloudogu.com_backupschedules.yaml     |  96 ++++++++--------
 .../templates/k8s.cloudogu.com_restores.yaml  |  84 +++++++-------
 3 files changed, 132 insertions(+), 153 deletions(-)

diff --git a/k8s/helm-crd/templates/k8s.cloudogu.com_backups.yaml b/k8s/helm-crd/templates/k8s.cloudogu.com_backups.yaml
index 9777921..45deb7e 100644
--- a/k8s/helm-crd/templates/k8s.cloudogu.com_backups.yaml
+++ b/k8s/helm-crd/templates/k8s.cloudogu.com_backups.yaml
@@ -18,61 +18,50 @@ spec:
     singular: backup
   scope: Namespaced
   versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: Backup is the Schema for the backups API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: Spec defines the desired state of Backup
-            properties:
-              provider:
-                description: Provider defines the backup provider which should be
-                  used for the backup.
-                type: string
-              syncedFromProvider:
-                description: 'SyncedFromProvider defines that this backup already
-                  exists in the provider and its status should be synced. This is
-                  necessary because we cannot set the status of a backup on creation,
-                  see: https://stackoverflow.com/questions/73574615/how-to-create-kubernetes-objects-with-status-fields'
-                type: boolean
-            type: object
-          status:
-            description: Status defines the observed state of Backup
-            properties:
-              completionTimestamp:
-                description: CompletionTimestamp marks the date/time when the backup
-                  finished being processed, regardless of any errors.
-                format: date-time
-                type: string
-              requeueTimeNanos:
-                description: RequeueTimeNanos contains the time in nanoseconds to
-                  wait until the next requeue.
-                format: int64
-                type: integer
-              startTimestamp:
-                description: StartTimestamp marks the date/time when the backup started
-                  being processed.
-                format: date-time
-                type: string
-              status:
-                description: Status represents the state of the backup.
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
+    - name: v1
+      schema:
+        openAPIV3Schema:
+          description: Backup is the Schema for the backups API
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              description: Spec defines the desired state of Backup
+              properties:
+                provider:
+                  description: Provider defines the backup provider which should be used for the backup.
+                  type: string
+                syncedFromProvider:
+                  description: 'SyncedFromProvider defines that this backup already exists in the provider and its status should be synced. This is necessary because we cannot set the status of a backup on creation, see: https://stackoverflow.com/questions/73574615/how-to-create-kubernetes-objects-with-status-fields'
+                  type: boolean
+              type: object
+            status:
+              description: Status defines the observed state of Backup
+              properties:
+                completionTimestamp:
+                  description: CompletionTimestamp marks the date/time when the backup finished being processed, regardless of any errors.
+                  format: date-time
+                  type: string
+                requeueTimeNanos:
+                  description: RequeueTimeNanos contains the time in nanoseconds to wait until the next requeue.
+                  format: int64
+                  type: integer
+                startTimestamp:
+                  description: StartTimestamp marks the date/time when the backup started being processed.
+                  format: date-time
+                  type: string
+                status:
+                  description: Status represents the state of the backup.
+                  type: string
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
diff --git a/k8s/helm-crd/templates/k8s.cloudogu.com_backupschedules.yaml b/k8s/helm-crd/templates/k8s.cloudogu.com_backupschedules.yaml
index 0b064ab..2bc755c 100644
--- a/k8s/helm-crd/templates/k8s.cloudogu.com_backupschedules.yaml
+++ b/k8s/helm-crd/templates/k8s.cloudogu.com_backupschedules.yaml
@@ -5,6 +5,10 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.13.0
   name: backupschedules.k8s.cloudogu.com
+  labels:
+    app: ces
+    app.kubernetes.io/name: k8s-backup-operator
+    k8s.cloudogu.com/part-of: backup
 spec:
   group: k8s.cloudogu.com
   names:
@@ -14,53 +18,45 @@ spec:
     singular: backupschedule
   scope: Namespaced
   versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: BackupSchedule is the Schema for the backupschedules API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: BackupScheduleSpec defines the desired state of BackupSchedule
-            properties:
-              provider:
-                description: Provider defines the backup provider which should be
-                  used for the scheduled backups.
-                type: string
-              schedule:
-                description: Schedule is a cron expression defining when to run the
-                  backup.
-                type: string
-            type: object
-          status:
-            description: BackupScheduleStatus defines the observed state of BackupSchedule
-            properties:
-              currentCronJobImage:
-                description: CurrentCronJobImage is the image currently used to create
-                  scheduled backups.
-                type: string
-              requeueTimeNanos:
-                description: RequeueTimeNanos contains the time in nanoseconds to
-                  wait until the next requeue.
-                format: int64
-                type: integer
-              status:
-                description: Status represents the state of the backup.
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
+    - name: v1
+      schema:
+        openAPIV3Schema:
+          description: BackupSchedule is the Schema for the backupschedules API
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              description: BackupScheduleSpec defines the desired state of BackupSchedule
+              properties:
+                provider:
+                  description: Provider defines the backup provider which should be used for the scheduled backups.
+                  type: string
+                schedule:
+                  description: Schedule is a cron expression defining when to run the backup.
+                  type: string
+              type: object
+            status:
+              description: BackupScheduleStatus defines the observed state of BackupSchedule
+              properties:
+                currentCronJobImage:
+                  description: CurrentCronJobImage is the image currently used to create scheduled backups.
+                  type: string
+                requeueTimeNanos:
+                  description: RequeueTimeNanos contains the time in nanoseconds to wait until the next requeue.
+                  format: int64
+                  type: integer
+                status:
+                  description: Status represents the state of the backup.
+                  type: string
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}
diff --git a/k8s/helm-crd/templates/k8s.cloudogu.com_restores.yaml b/k8s/helm-crd/templates/k8s.cloudogu.com_restores.yaml
index 175b24e..b37afbd 100644
--- a/k8s/helm-crd/templates/k8s.cloudogu.com_restores.yaml
+++ b/k8s/helm-crd/templates/k8s.cloudogu.com_restores.yaml
@@ -18,48 +18,42 @@ spec:
     singular: restore
   scope: Namespaced
   versions:
-  - name: v1
-    schema:
-      openAPIV3Schema:
-        description: Restore is the Schema for the restores API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: Spec defines the desired state of Restore
-            properties:
-              backupName:
-                description: BackupName references the backup that should be restored.
-                type: string
-              provider:
-                description: Provider defines the backup provider which should be
-                  used for the restore.
-                type: string
-            type: object
-          status:
-            description: Status defines the observed state of Restore
-            properties:
-              requeueTimeNanos:
-                description: RequeueTimeNanos contains the time in nanoseconds to
-                  wait until the next requeue.
-                format: int64
-                type: integer
-              status:
-                description: Status represents the state of the backup.
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
+    - name: v1
+      schema:
+        openAPIV3Schema:
+          description: Restore is the Schema for the restores API
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              description: Spec defines the desired state of Restore
+              properties:
+                backupName:
+                  description: BackupName references the backup that should be restored.
+                  type: string
+                provider:
+                  description: Provider defines the backup provider which should be used for the restore.
+                  type: string
+              type: object
+            status:
+              description: Status defines the observed state of Restore
+              properties:
+                requeueTimeNanos:
+                  description: RequeueTimeNanos contains the time in nanoseconds to wait until the next requeue.
+                  format: int64
+                  type: integer
+                status:
+                  description: Status represents the state of the backup.
+                  type: string
+              type: object
+          type: object
+      served: true
+      storage: true
+      subresources:
+        status: {}

From a1f946a55e94df53e7ce95a6b5f889a914ea6b57 Mon Sep 17 00:00:00 2001
From: Robert Auer <robert.auer@cloudogu.com>
Date: Wed, 10 Jan 2024 12:15:43 +0100
Subject: [PATCH 12/13] Bump version

---
 Dockerfile                        | 2 +-
 Makefile                          | 2 +-
 k8s/helm/component-patch-tpl.yaml | 2 +-
 k8s/helm/values.yaml              | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 50b637e..350d56a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -34,7 +34,7 @@ RUN make compile-generic
 FROM gcr.io/distroless/static:nonroot
 LABEL maintainer="hello@cloudogu.com" \
       NAME="k8s-backup-operator" \
-      VERSION="0.10.0"
+      VERSION="0.10.1"
 
 WORKDIR /
 COPY --from=builder /workspace/target/k8s-backup-operator .
diff --git a/Makefile b/Makefile
index 4cdd246..a7e12e2 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 # Set these to the desired values
 ARTIFACT_ID=k8s-backup-operator
-VERSION=0.10.0
+VERSION=0.10.1
 IMAGE=cloudogu/${ARTIFACT_ID}:${VERSION}
 GOTAG?=1.21
 MAKEFILES_VERSION=9.0.1
diff --git a/k8s/helm/component-patch-tpl.yaml b/k8s/helm/component-patch-tpl.yaml
index 92a480b..c625884 100644
--- a/k8s/helm/component-patch-tpl.yaml
+++ b/k8s/helm/component-patch-tpl.yaml
@@ -1,7 +1,7 @@
 apiVersion: v1
 values:
   images:
-    backupOperator: cloudogu/k8s-backup-operator:0.10.0
+    backupOperator: cloudogu/k8s-backup-operator:0.10.1
     kubeRbacProxy: gcr.io/kubebuilder/kube-rbac-proxy:v0.14.1
 patches:
   values.yaml:
diff --git a/k8s/helm/values.yaml b/k8s/helm/values.yaml
index 8992a16..fd6b359 100644
--- a/k8s/helm/values.yaml
+++ b/k8s/helm/values.yaml
@@ -18,7 +18,7 @@ manager:
     logLevel: info
   image:
     repository: cloudogu/k8s-backup-operator
-    tag: 0.10.0
+    tag: 0.10.1
   imagePullPolicy: IfNotPresent
   resources:
     limits:

From 4dd2f17264502919e73b0d7893c1f452219c0f20 Mon Sep 17 00:00:00 2001
From: Robert Auer <robert.auer@cloudogu.com>
Date: Wed, 10 Jan 2024 12:16:09 +0100
Subject: [PATCH 13/13] Update changelog

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b58c95c..31de74a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+
+## [v0.10.1] - 2024-01-10
 ### Fixed
 - [#27] Added missing watch permission for statefulsets.
   - This is used when waiting for the etcd on maintenance switch.