- Introduce new flag to enable feature to prevent unauthorised volume mode conversion

- Changes to snapshot controller to read the volume mode from the PV and add it to SourceVolumeMode field in VolumeSnapshotContent

cmd/snapshot-controller/main.go

@@ -70,6 +70,7 @@ var (
 	retryIntervalStart            = flag.Duration("retry-interval-start", time.Second, "Initial retry interval of failed volume snapshot creation or deletion. It doubles with each failure, up to retry-interval-max. Default is 1 second.")
 	retryIntervalMax              = flag.Duration("retry-interval-max", 5*time.Minute, "Maximum retry interval of failed volume snapshot creation or deletion. Default is 5 minutes.")
 	enableDistributedSnapshotting = flag.Bool("enable-distributed-snapshotting", false, "Enables each node to handle snapshotting for the local volumes created on that node")
+	preventVolumeModeConversion   = flag.Bool("prevent-volume-mode-conversion", false, "Prevents an unauthorised user from modifying the volume mode when creating a PVC from an existing VolumeSnapshot.")
 )
 
 var (
@@ -187,6 +188,7 @@ func main() {
 		workqueue.NewItemExponentialFailureRateLimiter(*retryIntervalStart, *retryIntervalMax),
 		workqueue.NewItemExponentialFailureRateLimiter(*retryIntervalStart, *retryIntervalMax),
 		*enableDistributedSnapshotting,
+		*preventVolumeModeConversion,
 	)
 
 	if err := ensureCustomResourceDefinitionsExist(snapClient); err != nil {

pkg/common-controller/framework_test.go

@@ -844,6 +844,7 @@ func newTestController(kubeClient kubernetes.Interface, clientset clientset.Inte
 		workqueue.NewItemExponentialFailureRateLimiter(1*time.Millisecond, 1*time.Minute),
 		workqueue.NewItemExponentialFailureRateLimiter(1*time.Millisecond, 1*time.Minute),
 		false,
+		false,
 	)
 
 	ctrl.eventRecorder = record.NewFakeRecorder(1000)

pkg/common-controller/snapshot_controller.go

@@ -684,6 +684,20 @@ func (ctrl *csiSnapshotCommonController) createSnapshotContent(snapshot *crdv1.V
 		}
 	}
 
+	if ctrl.preventVolumeModeConversion {
+		volumeMode := volume.Spec.VolumeMode
+		if volumeMode != nil {
+			snapshotContent.Spec.SourceVolumeMode = new(crdv1.SourceVolumeMode)
+			switch *volumeMode {
+			case v1.PersistentVolumeBlock:
+				*snapshotContent.Spec.SourceVolumeMode = crdv1.SourceVolumeModeBlock
+			case v1.PersistentVolumeFilesystem:
+				*snapshotContent.Spec.SourceVolumeMode = crdv1.SourceVolumeModeFilesystem
+			}
+		}
+		klog.V(5).Infof("snapcontent %s has volume mode %s", snapshotContent.Name, *snapshotContent.Spec.SourceVolumeMode)
+	}
+
 	// Set AnnDeletionSecretRefName and AnnDeletionSecretRefNamespace
 	if snapshotterSecretRef != nil {
 		klog.V(5).Infof("createSnapshotContent: set annotation [%s] on content [%s].", utils.AnnDeletionSecretRefName, snapshotContent.Name)

pkg/common-controller/snapshot_controller_base.go

@@ -68,6 +68,7 @@ type csiSnapshotCommonController struct {
 	resyncPeriod time.Duration
 
 	enableDistributedSnapshotting bool
+	preventVolumeModeConversion   bool
 }
 
 // NewCSISnapshotController returns a new *csiSnapshotCommonController
@@ -84,6 +85,7 @@ func NewCSISnapshotCommonController(
 	snapshotRateLimiter workqueue.RateLimiter,
 	contentRateLimiter workqueue.RateLimiter,
 	enableDistributedSnapshotting bool,
+	preventVolumeModeConversion bool,
 ) *csiSnapshotCommonController {
 	broadcaster := record.NewBroadcaster()
 	broadcaster.StartLogging(klog.Infof)
@@ -138,6 +140,8 @@ func NewCSISnapshotCommonController(
 		ctrl.nodeListerSynced = nodeInformer.Informer().HasSynced
 	}
 
+	ctrl.preventVolumeModeConversion = preventVolumeModeConversion
+
 	return ctrl
 }