alexlebens/external-snapshotter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added the feature to use secrets of ListSnapshots

Browse Source
This commit is contained in:
bells17
2020-02-09 01:29:36 +09:00
parent 4b7aec33d4
commit 3b76de4999
14 changed files with 915 additions and 833 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@@ -3,7 +3,7 @@ module github.com/kubernetes-csi/external-snapshotter/v2
go 1.12 go 1.12
require ( require (
github.com/container-storage-interface/spec v1.1.0 github.com/container-storage-interface/spec v1.2.0
github.com/golang/mock v1.2.0 github.com/golang/mock v1.2.0
github.com/golang/protobuf v1.3.2 github.com/golang/protobuf v1.3.2
github.com/google/go-cmp v0.3.1 // indirect github.com/google/go-cmp v0.3.1 // indirect

2
go.sum
View File

@@ -28,6 +28,8 @@ github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/container-storage-interface/spec v1.1.0 h1:qPsTqtR1VUPvMPeK0UnCZMtXaKGyyLPG8gj/wG6VqMs= github.com/container-storage-interface/spec v1.1.0 h1:qPsTqtR1VUPvMPeK0UnCZMtXaKGyyLPG8gj/wG6VqMs=
github.com/container-storage-interface/spec v1.1.0/go.mod h1:6URME8mwIBbpVyZV93Ce5St17xBiQJQY67NDsuohiy4= github.com/container-storage-interface/spec v1.1.0/go.mod h1:6URME8mwIBbpVyZV93Ce5St17xBiQJQY67NDsuohiy4=
github.com/container-storage-interface/spec v1.2.0 h1:bD9KIVgaVKKkQ/UbVUY9kCaH/CJbhNxe0eeB4JeJV2s=
github.com/container-storage-interface/spec v1.2.0/go.mod h1:6URME8mwIBbpVyZV93Ce5St17xBiQJQY67NDsuohiy4=
github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=

2
pkg/common-controller/snapshot_controller.go
View File

@@ -573,7 +573,7 @@ func (ctrl *csiSnapshotCommonController) getCreateSnapshotInput(snapshot *crdv1.
contentName := utils.GetSnapshotContentNameForSnapshot(snapshot) contentName := utils.GetSnapshotContentNameForSnapshot(snapshot)
// Resolve snapshotting secret credentials. // Resolve snapshotting secret credentials.
snapshotterSecretRef, err := utils.GetSecretReference(class.Parameters, contentName, snapshot) snapshotterSecretRef, err := utils.GetSecretReference(utils.SnapshotterSecretParams, class.Parameters, contentName, snapshot)
if err != nil { if err != nil {
return nil, nil, "", nil, err return nil, nil, "", nil, err
} }

2
pkg/sidecar-controller/content_create_test.go
View File

@@ -39,7 +39,7 @@ func TestSyncContent(t *testing.T) {
readyToUse: true, readyToUse: true,
}, },
}, },
expectedListCalls: []listCall{{"sid1-1", true, time.Now(), 1, nil}}, expectedListCalls: []listCall{{"sid1-1", map[string]string{}, true, time.Now(), 1, nil}},
errors: noerrors, errors: noerrors,
test: testSyncContent, test: testSyncContent,
}) })

6
pkg/sidecar-controller/csi_handler.go
View File

@@ -31,7 +31,7 @@ import (
type Handler interface { type Handler interface {
CreateSnapshot(content *crdv1.VolumeSnapshotContent, parameters map[string]string, snapshotterCredentials map[string]string) (string, string, time.Time, int64, bool, error) CreateSnapshot(content *crdv1.VolumeSnapshotContent, parameters map[string]string, snapshotterCredentials map[string]string) (string, string, time.Time, int64, bool, error)
DeleteSnapshot(content *crdv1.VolumeSnapshotContent, snapshotterCredentials map[string]string) error DeleteSnapshot(content *crdv1.VolumeSnapshotContent, snapshotterCredentials map[string]string) error
GetSnapshotStatus(content *crdv1.VolumeSnapshotContent) (bool, time.Time, int64, error) GetSnapshotStatus(content *crdv1.VolumeSnapshotContent, snapshotterListCredentials map[string]string) (bool, time.Time, int64, error)
} }
// csiHandler is a handler that calls CSI to create/delete volume snapshot. // csiHandler is a handler that calls CSI to create/delete volume snapshot.
@@ -103,7 +103,7 @@ func (handler *csiHandler) DeleteSnapshot(content *crdv1.VolumeSnapshotContent,
return nil return nil
} }
func (handler *csiHandler) GetSnapshotStatus(content *crdv1.VolumeSnapshotContent) (bool, time.Time, int64, error) { func (handler *csiHandler) GetSnapshotStatus(content *crdv1.VolumeSnapshotContent, snapshotterListCredentials map[string]string) (bool, time.Time, int64, error) {
ctx, cancel := context.WithTimeout(context.Background(), handler.timeout) ctx, cancel := context.WithTimeout(context.Background(), handler.timeout)
defer cancel() defer cancel()
@@ -117,7 +117,7 @@ func (handler *csiHandler) GetSnapshotStatus(content *crdv1.VolumeSnapshotConten
return false, time.Time{}, 0, fmt.Errorf("failed to list snapshot for content %s: snapshotHandle is missing", content.Name) return false, time.Time{}, 0, fmt.Errorf("failed to list snapshot for content %s: snapshotHandle is missing", content.Name)
} }
csiSnapshotStatus, timestamp, size, err := handler.snapshotter.GetSnapshotStatus(ctx, snapshotHandle) csiSnapshotStatus, timestamp, size, err := handler.snapshotter.GetSnapshotStatus(ctx, snapshotHandle, snapshotterListCredentials)
if err != nil { if err != nil {
return false, time.Time{}, 0, fmt.Errorf("failed to list snapshot for content %s: %q", content.Name, err) return false, time.Time{}, 0, fmt.Errorf("failed to list snapshot for content %s: %q", content.Name, err)
} }

8
pkg/sidecar-controller/framework_test.go
View File

@@ -810,6 +810,7 @@ func emptyDataSecretAnnotations() map[string]string {
type listCall struct { type listCall struct {
snapshotID string snapshotID string
secrets map[string]string
// information to return // information to return
readyToUse bool readyToUse bool
createTime time.Time createTime time.Time
@@ -911,7 +912,7 @@ func (f *fakeSnapshotter) DeleteSnapshot(ctx context.Context, snapshotID string,
return call.err return call.err
} }
func (f *fakeSnapshotter) GetSnapshotStatus(ctx context.Context, snapshotID string) (bool, time.Time, int64, error) { func (f *fakeSnapshotter) GetSnapshotStatus(ctx context.Context, snapshotID string, snapshotterListCredentials map[string]string) (bool, time.Time, int64, error) {
if f.listCallCounter >= len(f.listCalls) { if f.listCallCounter >= len(f.listCalls) {
f.t.Errorf("Unexpected CSI list Snapshot call: snapshotID=%s, index: %d, calls: %+v", snapshotID, f.createCallCounter, f.createCalls) f.t.Errorf("Unexpected CSI list Snapshot call: snapshotID=%s, index: %d, calls: %+v", snapshotID, f.createCallCounter, f.createCalls)
return false, time.Time{}, 0, fmt.Errorf("unexpected call") return false, time.Time{}, 0, fmt.Errorf("unexpected call")
@@ -925,6 +926,11 @@ func (f *fakeSnapshotter) GetSnapshotStatus(ctx context.Context, snapshotID stri
err = fmt.Errorf("unexpected List snapshot call") err = fmt.Errorf("unexpected List snapshot call")
} }
if !reflect.DeepEqual(call.secrets, snapshotterListCredentials) {
f.t.Errorf("Wrong CSI List Snapshot call: snapshotID=%s, expected secrets %+v, got %+v", snapshotID, call.secrets, snapshotterListCredentials)
err = fmt.Errorf("unexpected Delete Snapshot call")
}
if err != nil { if err != nil {
return false, time.Time{}, 0, fmt.Errorf("unexpected call") return false, time.Time{}, 0, fmt.Errorf("unexpected call")
} }

25
pkg/sidecar-controller/snapshot_controller.go
View File

@@ -252,10 +252,33 @@ func (ctrl *csiSnapshotSideCarController) checkandUpdateContentStatusOperation(c
var readyToUse = false var readyToUse = false
var driverName string var driverName string
var snapshotID string var snapshotID string
var snapshotterListCredentials map[string]string
if content.Spec.Source.SnapshotHandle != nil { if content.Spec.Source.SnapshotHandle != nil {
klog.V(5).Infof("checkandUpdateContentStatusOperation: call GetSnapshotStatus for snapshot which is pre-bound to content [%s]", content.Name) klog.V(5).Infof("checkandUpdateContentStatusOperation: call GetSnapshotStatus for snapshot which is pre-bound to content [%s]", content.Name)
readyToUse, creationTime, size, err = ctrl.handler.GetSnapshotStatus(content)
if content.Spec.VolumeSnapshotClassName != nil {
class, err := ctrl.getSnapshotClass(*content.Spec.VolumeSnapshotClassName)
if err != nil {
klog.Errorf("failed to getSnapshotClass %s", err)
return nil, fmt.Errorf("cannot get snapshot class for snapshot content %s", err)
}
snapshotterListSecretRef, err := utils.GetSecretReference(utils.SnapshotterListSecretParams, class.Parameters, content.GetObjectMeta().GetName(), nil)
if err != nil {
klog.Errorf("Failed to get secret reference for snapshot %s: %s", content.Name, err.Error())
return nil, fmt.Errorf("cannot get secret reference for snapshot content %#v", content.Name)
}
snapshotterListCredentials, err = utils.GetCredentials(ctrl.client, snapshotterListSecretRef)
if err != nil {
// Continue with deletion, as the secret may have already been deleted.
klog.Errorf("Failed to credentials for snapshot %s: %s", content.Name, err.Error())
return nil, fmt.Errorf("cannot get credentials for snapshot content %#v", content.Name)
}
}
readyToUse, creationTime, size, err = ctrl.handler.GetSnapshotStatus(content, snapshotterListCredentials)
if err != nil { if err != nil {
klog.Errorf("checkandUpdateContentStatusOperation: failed to call get snapshot status to check whether snapshot is ready to use %q", err) klog.Errorf("checkandUpdateContentStatusOperation: failed to call get snapshot status to check whether snapshot is ready to use %q", err)
return nil, err return nil, err

20
pkg/sidecar-controller/snapshot_delete_test.go
View File

@@ -156,7 +156,7 @@ func TestDeleteSync(t *testing.T) {
readyToUse: true, readyToUse: true,
}, },
}, },
expectedListCalls: []listCall{{"sid1-1", true, time.Now(), 1, nil}}, expectedListCalls: []listCall{{"sid1-1", map[string]string{}, true, time.Now(), 1, nil}},
expectedDeleteCalls: []deleteCall{{"sid1-1", nil, nil}}, expectedDeleteCalls: []deleteCall{{"sid1-1", nil, nil}},
test: testSyncContent, test: testSyncContent,
}, },
@@ -178,7 +178,7 @@ func TestDeleteSync(t *testing.T) {
readyToUse: true, readyToUse: true,
}, },
}, },
expectedListCalls: []listCall{{"sid1-2", true, time.Now(), 1, nil}}, expectedListCalls: []listCall{{"sid1-2", map[string]string{}, true, time.Now(), 1, nil}},
expectedDeleteCalls: []deleteCall{{"sid1-2", nil, nil}}, expectedDeleteCalls: []deleteCall{{"sid1-2", nil, nil}},
test: testSyncContent, test: testSyncContent,
}, },
@@ -201,7 +201,7 @@ func TestDeleteSync(t *testing.T) {
}, },
expectedDeleteCalls: []deleteCall{{"sid1-3", nil, fmt.Errorf("mock csi driver delete error")}}, expectedDeleteCalls: []deleteCall{{"sid1-3", nil, fmt.Errorf("mock csi driver delete error")}},
expectedEvents: []string{"Warning SnapshotDeleteError"}, expectedEvents: []string{"Warning SnapshotDeleteError"},
expectedListCalls: []listCall{{"sid1-3", true, time.Now(), 1, nil}}, expectedListCalls: []listCall{{"sid1-3", map[string]string{}, true, time.Now(), 1, nil}},
test: testSyncContent, test: testSyncContent,
}, },
{ {
@@ -216,7 +216,7 @@ func TestDeleteSync(t *testing.T) {
name: "1-5 - csi driver delete snapshot returns error, bound finalizer should remain", name: "1-5 - csi driver delete snapshot returns error, bound finalizer should remain",
initialContents: newContentArrayWithDeletionTimestamp("content1-5", "sid1-5", "snap1-5", "sid1-5", validSecretClass, "", "snap1-5-volumehandle", deletionPolicy, nil, &defaultSize, true, &timeNowMetav1), initialContents: newContentArrayWithDeletionTimestamp("content1-5", "sid1-5", "snap1-5", "sid1-5", validSecretClass, "", "snap1-5-volumehandle", deletionPolicy, nil, &defaultSize, true, &timeNowMetav1),
expectedContents: newContentArrayWithDeletionTimestamp("content1-5", "sid1-5", "snap1-5", "sid1-5", validSecretClass, "", "snap1-5-volumehandle", deletionPolicy, nil, &defaultSize, true, &timeNowMetav1), expectedContents: newContentArrayWithDeletionTimestamp("content1-5", "sid1-5", "snap1-5", "sid1-5", validSecretClass, "", "snap1-5-volumehandle", deletionPolicy, nil, &defaultSize, true, &timeNowMetav1),
expectedListCalls: []listCall{{"sid1-5", true, time.Now(), 1000, nil}}, expectedListCalls: []listCall{{"sid1-5", map[string]string{}, true, time.Now(), 1000, nil}},
expectedDeleteCalls: []deleteCall{{"sid1-5", nil, errors.New("mock csi driver delete error")}}, expectedDeleteCalls: []deleteCall{{"sid1-5", nil, errors.New("mock csi driver delete error")}},
expectedEvents: []string{"Warning SnapshotDeleteError"}, expectedEvents: []string{"Warning SnapshotDeleteError"},
errors: noerrors, errors: noerrors,
@@ -227,7 +227,7 @@ func TestDeleteSync(t *testing.T) {
name: "1-6 - content is deleted before deleting", name: "1-6 - content is deleted before deleting",
initialContents: newContentArray("content1-6", "sid1-6", "snap1-6", "sid1-6", classGold, "sid1-6", "", deletionPolicy, nil, nil, true), initialContents: newContentArray("content1-6", "sid1-6", "snap1-6", "sid1-6", classGold, "sid1-6", "", deletionPolicy, nil, nil, true),
expectedContents: nocontents, expectedContents: nocontents,
expectedListCalls: []listCall{{"sid1-6", false, time.Now(), 0, nil}}, expectedListCalls: []listCall{{"sid1-6", nil, false, time.Now(), 0, nil}},
expectedDeleteCalls: []deleteCall{{"sid1-6", map[string]string{"foo": "bar"}, nil}}, expectedDeleteCalls: []deleteCall{{"sid1-6", map[string]string{"foo": "bar"}, nil}},
expectedEvents: noevents, expectedEvents: noevents,
errors: noerrors, errors: noerrors,
@@ -243,7 +243,7 @@ func TestDeleteSync(t *testing.T) {
initialContents: newContentArrayWithReadyToUse("content1-7", "", "snap1-7", "sid1-7", validSecretClass, "sid1-7", "", deletePolicy, nil, &defaultSize, &True, true), initialContents: newContentArrayWithReadyToUse("content1-7", "", "snap1-7", "sid1-7", validSecretClass, "sid1-7", "", deletePolicy, nil, &defaultSize, &True, true),
expectedContents: newContentArrayWithReadyToUse("content1-7", "", "snap1-7", "sid1-7", validSecretClass, "sid1-7", "", deletePolicy, nil, &defaultSize, &True, true), expectedContents: newContentArrayWithReadyToUse("content1-7", "", "snap1-7", "sid1-7", validSecretClass, "sid1-7", "", deletePolicy, nil, &defaultSize, &True, true),
expectedEvents: noevents, expectedEvents: noevents,
expectedListCalls: []listCall{{"sid1-7", true, time.Now(), 1000, nil}}, expectedListCalls: []listCall{{"sid1-7", map[string]string{}, true, time.Now(), 1000, nil}},
initialSecrets: []*v1.Secret{secret()}, initialSecrets: []*v1.Secret{secret()},
errors: noerrors, errors: noerrors,
test: testSyncContent, test: testSyncContent,
@@ -253,7 +253,7 @@ func TestDeleteSync(t *testing.T) {
initialContents: newContentArrayWithReadyToUse("content1-8", "sid1-8", "none-existed-snapshot", "sid1-8", validSecretClass, "sid1-8", "", retainPolicy, nil, &defaultSize, &True, true), initialContents: newContentArrayWithReadyToUse("content1-8", "sid1-8", "none-existed-snapshot", "sid1-8", validSecretClass, "sid1-8", "", retainPolicy, nil, &defaultSize, &True, true),
expectedContents: newContentArrayWithReadyToUse("content1-8", "sid1-8", "none-existed-snapshot", "sid1-8", validSecretClass, "sid1-8", "", retainPolicy, nil, &defaultSize, &True, true), expectedContents: newContentArrayWithReadyToUse("content1-8", "sid1-8", "none-existed-snapshot", "sid1-8", validSecretClass, "sid1-8", "", retainPolicy, nil, &defaultSize, &True, true),
expectedEvents: noevents, expectedEvents: noevents,
expectedListCalls: []listCall{{"sid1-8", true, time.Now(), 0, nil}}, expectedListCalls: []listCall{{"sid1-8", map[string]string{}, true, time.Now(), 0, nil}},
errors: noerrors, errors: noerrors,
test: testSyncContent, test: testSyncContent,
}, },
@@ -262,7 +262,7 @@ func TestDeleteSync(t *testing.T) {
initialContents: newContentArrayWithDeletionTimestamp("content1-9", "sid1-9", "snap1-9", "sid1-9", emptySecretClass, "", "snap1-9-volumehandle", deletePolicy, nil, &defaultSize, true, &timeNowMetav1), initialContents: newContentArrayWithDeletionTimestamp("content1-9", "sid1-9", "snap1-9", "sid1-9", emptySecretClass, "", "snap1-9-volumehandle", deletePolicy, nil, &defaultSize, true, &timeNowMetav1),
expectedContents: newContentArrayWithDeletionTimestamp("content1-9", "sid1-9", "snap1-9", "", emptySecretClass, "", "snap1-9-volumehandle", deletePolicy, nil, &defaultSize, false, &timeNowMetav1), expectedContents: newContentArrayWithDeletionTimestamp("content1-9", "sid1-9", "snap1-9", "", emptySecretClass, "", "snap1-9-volumehandle", deletePolicy, nil, &defaultSize, false, &timeNowMetav1),
expectedEvents: noevents, expectedEvents: noevents,
expectedListCalls: []listCall{{"sid1-9", true, time.Now(), 0, nil}}, expectedListCalls: []listCall{{"sid1-9", map[string]string{}, true, time.Now(), 0, nil}},
errors: noerrors, errors: noerrors,
initialSecrets: []*v1.Secret{}, // secret does not exist initialSecrets: []*v1.Secret{}, // secret does not exist
expectedDeleteCalls: []deleteCall{{"sid1-9", nil, nil}}, expectedDeleteCalls: []deleteCall{{"sid1-9", nil, nil}},
@@ -273,7 +273,7 @@ func TestDeleteSync(t *testing.T) {
initialContents: newContentArrayWithDeletionTimestamp("content1-10", "sid1-10", "snap1-10", "sid1-10", emptySecretClass, "", "snap1-10-volumehandle", retainPolicy, nil, &defaultSize, true, &timeNowMetav1), initialContents: newContentArrayWithDeletionTimestamp("content1-10", "sid1-10", "snap1-10", "sid1-10", emptySecretClass, "", "snap1-10-volumehandle", retainPolicy, nil, &defaultSize, true, &timeNowMetav1),
expectedContents: newContentArrayWithDeletionTimestamp("content1-10", "sid1-10", "snap1-10", "sid1-10", emptySecretClass, "", "snap1-10-volumehandle", retainPolicy, nil, &defaultSize, false, &timeNowMetav1), expectedContents: newContentArrayWithDeletionTimestamp("content1-10", "sid1-10", "snap1-10", "sid1-10", emptySecretClass, "", "snap1-10-volumehandle", retainPolicy, nil, &defaultSize, false, &timeNowMetav1),
expectedEvents: noevents, expectedEvents: noevents,
expectedListCalls: []listCall{{"sid1-10", true, time.Now(), 0, nil}}, expectedListCalls: []listCall{{"sid1-10", map[string]string{}, true, time.Now(), 0, nil}},
errors: noerrors, errors: noerrors,
initialSecrets: []*v1.Secret{}, initialSecrets: []*v1.Secret{},
test: testSyncContent, test: testSyncContent,
@@ -292,7 +292,7 @@ func TestDeleteSync(t *testing.T) {
initialContents: newContentArrayWithDeletionTimestamp("content1-12", "sid1-12", "snap1-12", "sid1-12", emptySecretClass, "sid1-12", "", retainPolicy, nil, &defaultSize, true, &timeNowMetav1), initialContents: newContentArrayWithDeletionTimestamp("content1-12", "sid1-12", "snap1-12", "sid1-12", emptySecretClass, "sid1-12", "", retainPolicy, nil, &defaultSize, true, &timeNowMetav1),
expectedContents: newContentArrayWithDeletionTimestamp("content1-12", "sid1-12", "snap1-12", "sid1-12", emptySecretClass, "sid1-12", "", retainPolicy, nil, &defaultSize, false, &timeNowMetav1), expectedContents: newContentArrayWithDeletionTimestamp("content1-12", "sid1-12", "snap1-12", "sid1-12", emptySecretClass, "sid1-12", "", retainPolicy, nil, &defaultSize, false, &timeNowMetav1),
expectedEvents: noevents, expectedEvents: noevents,
expectedListCalls: []listCall{{"sid1-12", true, time.Now(), 0, nil}}, expectedListCalls: []listCall{{"sid1-12", map[string]string{}, true, time.Now(), 0, nil}},
errors: noerrors, errors: noerrors,
initialSecrets: []*v1.Secret{}, initialSecrets: []*v1.Secret{},
test: testSyncContent, test: testSyncContent,

5
pkg/snapshotter/snapshotter.go
View File

@@ -39,7 +39,7 @@ type Snapshotter interface {
DeleteSnapshot(ctx context.Context, snapshotID string, snapshotterCredentials map[string]string) (err error) DeleteSnapshot(ctx context.Context, snapshotID string, snapshotterCredentials map[string]string) (err error)
// GetSnapshotStatus returns if a snapshot is ready to use, creation time, and restore size. // GetSnapshotStatus returns if a snapshot is ready to use, creation time, and restore size.
GetSnapshotStatus(ctx context.Context, snapshotID string) (bool, time.Time, int64, error) GetSnapshotStatus(ctx context.Context, snapshotID string, snapshotterListCredentials map[string]string) (bool, time.Time, int64, error)
} }
type snapshot struct { type snapshot struct {
@@ -112,7 +112,7 @@ func (s *snapshot) isListSnapshotsSupported(ctx context.Context) (bool, error) {
return false, nil return false, nil
} }
func (s *snapshot) GetSnapshotStatus(ctx context.Context, snapshotID string) (bool, time.Time, int64, error) { func (s *snapshot) GetSnapshotStatus(ctx context.Context, snapshotID string, snapshotterListCredentials map[string]string) (bool, time.Time, int64, error) {
klog.V(5).Infof("GetSnapshotStatus: %s", snapshotID) klog.V(5).Infof("GetSnapshotStatus: %s", snapshotID)
client := csi.NewControllerClient(s.conn) client := csi.NewControllerClient(s.conn)
@@ -127,6 +127,7 @@ func (s *snapshot) GetSnapshotStatus(ctx context.Context, snapshotID string) (bo
} }
req := csi.ListSnapshotsRequest{ req := csi.ListSnapshotsRequest{
SnapshotId: snapshotID, SnapshotId: snapshotID,
Secrets: snapshotterListCredentials,
} }
rsp, err := client.ListSnapshots(ctx, &req) rsp, err := client.ListSnapshots(ctx, &req)
if err != nil { if err != nil {

21
pkg/snapshotter/snapshotter_test.go
View File

@@ -362,9 +362,16 @@ func TestGetSnapshotStatus(t *testing.T) {
}, },
} }
secret := map[string]string{"foo": "bar"}
secretRequest := &csi.ListSnapshotsRequest{
SnapshotId: defaultID,
Secrets: secret,
}
tests := []struct { tests := []struct {
name string name string
snapshotID string snapshotID string
snapshotterListCredentials map[string]string
listSnapshotsSupported bool listSnapshotsSupported bool
input *csi.ListSnapshotsRequest input *csi.ListSnapshotsRequest
output *csi.ListSnapshotsResponse output *csi.ListSnapshotsResponse
@@ -385,6 +392,18 @@ func TestGetSnapshotStatus(t *testing.T) {
expectCreateAt: createTime, expectCreateAt: createTime,
expectSize: size, expectSize: size,
}, },
{
name: "secret",
snapshotID: defaultID,
snapshotterListCredentials: secret,
listSnapshotsSupported: true,
input: secretRequest,
output: defaultResponse,
expectError: false,
expectReady: true,
expectCreateAt: createTime,
expectSize: size,
},
{ {
name: "ListSnapshots not supported", name: "ListSnapshots not supported",
snapshotID: defaultID, snapshotID: defaultID,
@@ -455,7 +474,7 @@ func TestGetSnapshotStatus(t *testing.T) {
} }
s := NewSnapshotter(csiConn) s := NewSnapshotter(csiConn)
ready, createTime, size, err := s.GetSnapshotStatus(context.Background(), test.snapshotID) ready, createTime, size, err := s.GetSnapshotStatus(context.Background(), test.snapshotID, test.snapshotterListCredentials)
if test.expectError && err == nil { if test.expectError && err == nil {
t.Errorf("test %q: Expected error, got none", test.name) t.Errorf("test %q: Expected error, got none", test.name)
} }

15
pkg/utils/util.go
View File

@@ -56,6 +56,9 @@ const (
prefixedSnapshotterSecretNameKey = csiParameterPrefix + "snapshotter-secret-name" prefixedSnapshotterSecretNameKey = csiParameterPrefix + "snapshotter-secret-name"
prefixedSnapshotterSecretNamespaceKey = csiParameterPrefix + "snapshotter-secret-namespace" prefixedSnapshotterSecretNamespaceKey = csiParameterPrefix + "snapshotter-secret-namespace"
prefixedSnapshotterListSecretNameKey = csiParameterPrefix + "snapshotter-list-secret-name"
prefixedSnapshotterListSecretNamespaceKey = csiParameterPrefix + "snapshotter-list-secret-namespace"
// Name of finalizer on VolumeSnapshotContents that are bound by VolumeSnapshots // Name of finalizer on VolumeSnapshotContents that are bound by VolumeSnapshots
VolumeSnapshotContentFinalizer = "snapshot.storage.kubernetes.io/volumesnapshotcontent-bound-protection" VolumeSnapshotContentFinalizer = "snapshot.storage.kubernetes.io/volumesnapshotcontent-bound-protection"
// Name of finalizer on VolumeSnapshot that is being used as a source to create a PVC // Name of finalizer on VolumeSnapshot that is being used as a source to create a PVC
@@ -81,12 +84,18 @@ const (
AnnDeletionSecretRefNamespace = "snapshot.storage.kubernetes.io/deletion-secret-namespace" AnnDeletionSecretRefNamespace = "snapshot.storage.kubernetes.io/deletion-secret-namespace"
) )
var snapshotterSecretParams = secretParamsMap{ var SnapshotterSecretParams = secretParamsMap{
name: "Snapshotter", name: "Snapshotter",
secretNameKey: prefixedSnapshotterSecretNameKey, secretNameKey: prefixedSnapshotterSecretNameKey,
secretNamespaceKey: prefixedSnapshotterSecretNamespaceKey, secretNamespaceKey: prefixedSnapshotterSecretNamespaceKey,
} }
var SnapshotterListSecretParams = secretParamsMap{
name: "SnapshotterList",
secretNameKey: prefixedSnapshotterListSecretNameKey,
secretNamespaceKey: prefixedSnapshotterListSecretNamespaceKey,
}
func SnapshotKey(vs *crdv1.VolumeSnapshot) string { func SnapshotKey(vs *crdv1.VolumeSnapshot) string {
return fmt.Sprintf("%s/%s", vs.Namespace, vs.Name) return fmt.Sprintf("%s/%s", vs.Namespace, vs.Name)
} }
@@ -222,8 +231,8 @@ func verifyAndGetSecretNameAndNamespaceTemplate(secret secretParamsMap, snapshot
// - the nameTemplate or namespaceTemplate contains a token that cannot be resolved // - the nameTemplate or namespaceTemplate contains a token that cannot be resolved
// - the resolved name is not a valid secret name // - the resolved name is not a valid secret name
// - the resolved namespace is not a valid namespace name // - the resolved namespace is not a valid namespace name
func GetSecretReference(snapshotClassParams map[string]string, snapContentName string, snapshot *crdv1.VolumeSnapshot) (*v1.SecretReference, error) { func GetSecretReference(secretParams secretParamsMap, snapshotClassParams map[string]string, snapContentName string, snapshot *crdv1.VolumeSnapshot) (*v1.SecretReference, error) {
nameTemplate, namespaceTemplate, err := verifyAndGetSecretNameAndNamespaceTemplate(snapshotterSecretParams, snapshotClassParams) nameTemplate, namespaceTemplate, err := verifyAndGetSecretNameAndNamespaceTemplate(secretParams, snapshotClassParams)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to get name and namespace template from params: %v", err) return nil, fmt.Errorf("failed to get name and namespace template from params: %v", err)
} }

15
pkg/utils/util_test.go
View File

@@ -17,15 +17,17 @@ limitations under the License.
package utils package utils
import ( import (
crdv1 "github.com/kubernetes-csi/external-snapshotter/v2/pkg/apis/volumesnapshot/v1beta1"
"k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"reflect" "reflect"
"testing" "testing"
crdv1 "github.com/kubernetes-csi/external-snapshotter/v2/pkg/apis/volumesnapshot/v1beta1"
v1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
) )
func TestGetSecretReference(t *testing.T) { func TestGetSecretReference(t *testing.T) {
testcases := map[string]struct { testcases := map[string]struct {
secretParams secretParamsMap
params map[string]string params map[string]string
snapContentName string snapContentName string
snapshot *crdv1.VolumeSnapshot snapshot *crdv1.VolumeSnapshot
@@ -33,25 +35,30 @@ func TestGetSecretReference(t *testing.T) {
expectErr bool expectErr bool
}{ }{
"no params": { "no params": {
secretParams: SnapshotterSecretParams,
params: nil, params: nil,
expectRef: nil, expectRef: nil,
}, },
"namespace, no name": { "namespace, no name": {
secretParams: SnapshotterSecretParams,
params: map[string]string{prefixedSnapshotterSecretNamespaceKey: "foo"}, params: map[string]string{prefixedSnapshotterSecretNamespaceKey: "foo"},
expectErr: true, expectErr: true,
}, },
"simple - valid": { "simple - valid": {
secretParams: SnapshotterSecretParams,
params: map[string]string{prefixedSnapshotterSecretNameKey: "name", prefixedSnapshotterSecretNamespaceKey: "ns"}, params: map[string]string{prefixedSnapshotterSecretNameKey: "name", prefixedSnapshotterSecretNamespaceKey: "ns"},
snapshot: &crdv1.VolumeSnapshot{}, snapshot: &crdv1.VolumeSnapshot{},
expectRef: &v1.SecretReference{Name: "name", Namespace: "ns"}, expectRef: &v1.SecretReference{Name: "name", Namespace: "ns"},
}, },
"simple - invalid name": { "simple - invalid name": {
secretParams: SnapshotterSecretParams,
params: map[string]string{prefixedSnapshotterSecretNameKey: "bad name", prefixedSnapshotterSecretNamespaceKey: "ns"}, params: map[string]string{prefixedSnapshotterSecretNameKey: "bad name", prefixedSnapshotterSecretNamespaceKey: "ns"},
snapshot: &crdv1.VolumeSnapshot{}, snapshot: &crdv1.VolumeSnapshot{},
expectRef: nil, expectRef: nil,
expectErr: true, expectErr: true,
}, },
"template - invalid": { "template - invalid": {
secretParams: SnapshotterSecretParams,
params: map[string]string{ params: map[string]string{
prefixedSnapshotterSecretNameKey: "static-${volumesnapshotcontent.name}-${volumesnapshot.namespace}-${volumesnapshot.name}-${volumesnapshot.annotations['akey']}", prefixedSnapshotterSecretNameKey: "static-${volumesnapshotcontent.name}-${volumesnapshot.namespace}-${volumesnapshot.name}-${volumesnapshot.annotations['akey']}",
prefixedSnapshotterSecretNamespaceKey: "static-${volumesnapshotcontent.name}-${volumesnapshot.namespace}", prefixedSnapshotterSecretNamespaceKey: "static-${volumesnapshotcontent.name}-${volumesnapshot.namespace}",
@@ -71,7 +78,7 @@ func TestGetSecretReference(t *testing.T) {
for k, tc := range testcases { for k, tc := range testcases {
t.Run(k, func(t *testing.T) { t.Run(k, func(t *testing.T) {
ref, err := GetSecretReference(tc.params, tc.snapContentName, tc.snapshot) ref, err := GetSecretReference(tc.secretParams, tc.params, tc.snapContentName, tc.snapshot)
if err != nil { if err != nil {
if tc.expectErr { if tc.expectErr {
return return

1517
vendor/github.com/container-storage-interface/spec/lib/go/csi/csi.pb.go generated vendored
View File

File diff suppressed because it is too large Load Diff

2
vendor/modules.txt vendored
View File

@@ -6,7 +6,7 @@ github.com/PuerkitoBio/urlesc
github.com/beorn7/perks/quantile github.com/beorn7/perks/quantile
# github.com/blang/semver v3.5.0+incompatible # github.com/blang/semver v3.5.0+incompatible
github.com/blang/semver github.com/blang/semver
# github.com/container-storage-interface/spec v1.1.0 # github.com/container-storage-interface/spec v1.2.0
github.com/container-storage-interface/spec/lib/go/csi github.com/container-storage-interface/spec/lib/go/csi
# github.com/davecgh/go-spew v1.1.1 # github.com/davecgh/go-spew v1.1.1
github.com/davecgh/go-spew/spew github.com/davecgh/go-spew/spew