diff --git a/CHANGELOG-2.x.md b/CHANGELOG-2.x.md index 26e3f8e03..304a36d6f 100644 --- a/CHANGELOG-2.x.md +++ b/CHANGELOG-2.x.md @@ -1,3 +1,13 @@ +# V2.0.7 +* Update GO version from 1.20 to 1.22.5 to mitigate CVEs. ([#1427](https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/1427),[@mskanth972](https://github.com/mskanth972)) +# V2.0.6 +* Updated the docker file to install the latest version of Rust. ([#1414](https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/1414),[@mskanth972](https://github.com/mskanth972)) +* Increase the default Port Range from 400 to 1000. ([#1402](https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/1402),[@mskanth972](https://github.com/mskanth972)) +* Update statefulset example ([#1400](https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/1400) [@seanzatzdev-amazon](https://github.com/seanzatzdev-amazon)) +* Add additionalLabels to node-daemonset ([#1394](https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/1394) [@omerap12](https://github.com/omerap12)) +* Set fips_mode_enabled in efs-utils.conf ([#1344](https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/1344) [@mpatlasov](https://github.com/mpatlasov)) +* make sure the startup taint will eventually being removed after efs driver ready ([#1287](https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/1287) [@abbshr](https://github.com/abbshr)) +* Refactor re-use Access Point ([#1233](https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/1233) [@otorreno](https://github.com/otorreno)) # V2.0.5 * Add a note to not proceed to the next step until pv STATUS is Bound ([#1075](https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/1075),[@wafuwafu13](https://github.com/wafuwafu13)) * Add Pod Identity Support ([#1254](https://github.com/kubernetes-sigs/aws-efs-csi-driver/pull/12541),[@askulkarni2](https://github.com/askulkarni2)) diff --git a/Dockerfile b/Dockerfile index 71e10a507..d20526ece 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM public.ecr.aws/eks-distro-build-tooling/golang:1.20 as go-builder +FROM public.ecr.aws/eks-distro-build-tooling/golang:1.22.5 as go-builder WORKDIR /go/src/github.com/kubernetes-sigs/aws-efs-csi-driver ARG TARGETOS @@ -38,7 +38,11 @@ RUN mkdir -p /tmp/rpms && \ then echo "Installing efs-utils from Amazon Linux 2 yum repo" && \ yum -y install --downloadonly --downloaddir=/tmp/rpms amazon-efs-utils-1.35.0-1.amzn2.noarch; \ else echo "Installing efs-utils from github using the latest git tag" && \ - yum -y install git rpm-build make rust cargo openssl-devel && \ + yum -y install git rpm-build make openssl-devel curl && \ + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y && \ + source $HOME/.cargo/env && \ + rustup update && \ + rustup default stable && \ git clone https://github.com/aws/efs-utils && \ cd efs-utils && \ git checkout $(git describe --tags $(git rev-list --tags --max-count=1)) && \ diff --git a/Makefile b/Makefile index 0cb7a855f..031d8c8c1 100644 --- a/Makefile +++ b/Makefile @@ -13,7 +13,7 @@ # limitations under the License. # -VERSION=v2.0.5 +VERSION=v2.0.7 PKG=github.com/kubernetes-sigs/aws-efs-csi-driver GIT_COMMIT?=$(shell git rev-parse HEAD) diff --git a/charts/aws-efs-csi-driver/CHANGELOG.md b/charts/aws-efs-csi-driver/CHANGELOG.md index 3c9484436..94dad74f8 100644 --- a/charts/aws-efs-csi-driver/CHANGELOG.md +++ b/charts/aws-efs-csi-driver/CHANGELOG.md @@ -1,4 +1,8 @@ # Helm chart +# v3.0.7 +* Bump app/driver version to `v2.0.6` +# v3.0.6 +* Bump app/driver version to `v2.0.5` # v3.0.5 * Bump app/driver version to `v2.0.4` # v3.0.4 diff --git a/charts/aws-efs-csi-driver/Chart.yaml b/charts/aws-efs-csi-driver/Chart.yaml index 5b6329405..9d569d07a 100644 --- a/charts/aws-efs-csi-driver/Chart.yaml +++ b/charts/aws-efs-csi-driver/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: aws-efs-csi-driver -version: 3.0.5 -appVersion: 2.0.4 +version: 3.0.7 +appVersion: 2.0.6 kubeVersion: ">=1.17.0-0" description: "A Helm chart for AWS EFS CSI Driver" home: https://github.com/kubernetes-sigs/aws-efs-csi-driver diff --git a/charts/aws-efs-csi-driver/templates/node-daemonset.yaml b/charts/aws-efs-csi-driver/templates/node-daemonset.yaml index c472b4a92..aab2dd537 100644 --- a/charts/aws-efs-csi-driver/templates/node-daemonset.yaml +++ b/charts/aws-efs-csi-driver/templates/node-daemonset.yaml @@ -5,6 +5,9 @@ metadata: name: efs-csi-node labels: app.kubernetes.io/name: {{ include "aws-efs-csi-driver.name" . }} + {{- with .Values.node.additionalLabels }} + {{ toYaml . | nindent 4 }} + {{- end }} spec: selector: matchLabels: @@ -21,9 +24,6 @@ spec: app: efs-csi-node app.kubernetes.io/name: {{ include "aws-efs-csi-driver.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} - {{- with .Values.node.podLabels }} - {{ toYaml . | nindent 8 }} - {{- end }} {{- if .Values.node.podAnnotations }} annotations: {{ toYaml .Values.node.podAnnotations | nindent 8 }} {{- end }} @@ -56,7 +56,7 @@ spec: dnsConfig: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ .Values.node.serviceAccount.name }} - priorityClassName: {{ .Values.node.priorityClassName}} + priorityClassName: system-node-critical {{- with .Values.node.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/aws-efs-csi-driver/values.yaml b/charts/aws-efs-csi-driver/values.yaml index ec6ae1cfd..772fc150d 100644 --- a/charts/aws-efs-csi-driver/values.yaml +++ b/charts/aws-efs-csi-driver/values.yaml @@ -11,7 +11,7 @@ useFIPS: false image: repository: public.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver - tag: "v2.0.4" + tag: "v2.0.6" pullPolicy: IfNotPresent sidecars: @@ -133,7 +133,6 @@ node: # "fs-01234567": # ip: 10.10.2.2 # region: us-east-2 - priorityClassName: system-node-critical dnsPolicy: ClusterFirst dnsConfig: {} @@ -142,8 +141,8 @@ node: # dnsConfig: # nameservers: # - 169.254.169.253 - podLabels: {} podAnnotations: {} + additionalLabels: {} resources: {} # limits: diff --git a/deploy/kubernetes/base/controller-deployment.yaml b/deploy/kubernetes/base/controller-deployment.yaml index 3d22214bd..456d64658 100644 --- a/deploy/kubernetes/base/controller-deployment.yaml +++ b/deploy/kubernetes/base/controller-deployment.yaml @@ -37,7 +37,7 @@ spec: - name: efs-plugin securityContext: privileged: true - image: public.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver:v2.0.4 + image: public.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver:v2.0.6 imagePullPolicy: IfNotPresent args: - --endpoint=$(CSI_ENDPOINT) diff --git a/deploy/kubernetes/base/node-daemonset.yaml b/deploy/kubernetes/base/node-daemonset.yaml index 5c0a1670b..c8f67d78b 100644 --- a/deploy/kubernetes/base/node-daemonset.yaml +++ b/deploy/kubernetes/base/node-daemonset.yaml @@ -48,7 +48,7 @@ spec: - name: efs-plugin securityContext: privileged: true - image: public.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver:v2.0.4 + image: public.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver:v2.0.6 imagePullPolicy: IfNotPresent args: - --endpoint=$(CSI_ENDPOINT) diff --git a/deploy/kubernetes/overlays/stable/ecr/kustomization.yaml b/deploy/kubernetes/overlays/stable/ecr/kustomization.yaml index f1d570114..390eb59c4 100644 --- a/deploy/kubernetes/overlays/stable/ecr/kustomization.yaml +++ b/deploy/kubernetes/overlays/stable/ecr/kustomization.yaml @@ -5,7 +5,7 @@ bases: images: - name: public.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver newName: 602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/aws-efs-csi-driver - newTag: v2.0.4 + newTag: v2.0.6 - name: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe newName: 602401143452.dkr.ecr.us-west-2.amazonaws.com/eks/livenessprobe newTag: v2.13.0-eks-1-30-8 diff --git a/deploy/kubernetes/overlays/stable/kustomization.yaml b/deploy/kubernetes/overlays/stable/kustomization.yaml index d0e07ebc4..cc3a4d298 100644 --- a/deploy/kubernetes/overlays/stable/kustomization.yaml +++ b/deploy/kubernetes/overlays/stable/kustomization.yaml @@ -4,7 +4,7 @@ bases: - ../../base images: - name: public.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver - newTag: v2.0.4 + newTag: v2.0.6 - name: public.ecr.aws/eks-distro/kubernetes-csi/livenessprobe newTag: v2.13.0-eks-1-30-8 - name: public.ecr.aws/eks-distro/kubernetes-csi/node-driver-registrar diff --git a/docs/README.md b/docs/README.md index cc24bebc0..7a45af028 100644 --- a/docs/README.md +++ b/docs/README.md @@ -88,6 +88,8 @@ The following sections are Kubernetes specific. If you are a Kubernetes user, us | Amazon EFS CSI Driver Version | Image | |-------------------------------|----------------------------------| | master branch | amazon/aws-efs-csi-driver:master | +| v2.0.7 | amazon/aws-efs-csi-driver:v2.0.7 | +| v2.0.6 | amazon/aws-efs-csi-driver:v2.0.6 | | v2.0.5 | amazon/aws-efs-csi-driver:v2.0.5 | | v2.0.4 | amazon/aws-efs-csi-driver:v2.0.4 | | v2.0.3 | amazon/aws-efs-csi-driver:v2.0.3 | @@ -144,7 +146,7 @@ The following sections are Kubernetes specific. If you are a Kubernetes user, us ### ECR Image | Driver Version | [ECR](https://gallery.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver) Image | |----------------|-------------------------------------------------------------------------------| -| v2.0.5 | public.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver:v2.0.5 | +| v2.0.7 | public.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver:v2.0.7 | **Note** You can find previous efs-csi-driver versions' images from [here](https://gallery.ecr.aws/efs-csi-driver/amazon/aws-efs-csi-driver) @@ -363,7 +365,7 @@ If you want to update to a specific version, first customize the driver yaml fil kubectl kustomize "github.com/kubernetes-sigs/aws-efs-csi-driver/deploy/kubernetes/overlays/stable/?ref=release-2.0" > driver.yaml ``` -Then, update all lines referencing `image: amazon/aws-efs-csi-driver` to the desired version (e.g., to `image: amazon/aws-efs-csi-driver:v2.0.5`) in the yaml file, and deploy driver yaml again: +Then, update all lines referencing `image: amazon/aws-efs-csi-driver` to the desired version (e.g., to `image: amazon/aws-efs-csi-driver:v2.0.7`) in the yaml file, and deploy driver yaml again: ```sh kubectl apply -f driver.yaml ``` diff --git a/examples/kubernetes/statefulset/specs/example.yaml b/examples/kubernetes/statefulset/specs/example.yaml index 09cc38fdb..20a8dac66 100644 --- a/examples/kubernetes/statefulset/specs/example.yaml +++ b/examples/kubernetes/statefulset/specs/example.yaml @@ -1,4 +1,4 @@ -apiVersion: v1 +apiVersion: storage.k8s.io/v1 kind: StorageClass metadata: name: efs-sc diff --git a/go.mod b/go.mod index 709a8eb16..eb05663e2 100644 --- a/go.mod +++ b/go.mod @@ -136,4 +136,4 @@ replace ( vbom.ml/util => github.com/fvbommel/util v0.0.0-20180919145318-efcd4e0f9787 ) -go 1.20 +go 1.22.5 diff --git a/go.sum b/go.sum index 65cd3c94d..51d6fc6ae 100644 --- a/go.sum +++ b/go.sum @@ -40,6 +40,7 @@ github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/aws/aws-sdk-go v1.50.3 h1:NnXC/ukOakZbBwQcwAzkAXYEB4SbWboP9TFx9vvhIrE= github.com/aws/aws-sdk-go v1.50.3/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -77,6 +78,7 @@ github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6 github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7foRItutHYUIhlcKzcSf5vDpdhQAKTc= +github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= @@ -125,6 +127,7 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.1.2 h1:DVjP2PbBOzHyzA+dn3WhHIq4NdVu3Q+pvivFICf/7fo= +github.com/golang/glog v1.1.2/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -233,6 +236,7 @@ github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFB github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -319,6 +323,7 @@ github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0ua github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= +github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= @@ -337,6 +342,7 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -366,6 +372,7 @@ go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqe go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= +go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -410,6 +417,7 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= +golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -654,6 +662,7 @@ google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201209185603-f92720507ed4/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b h1:+YaDE2r2OG8t/z5qmsh7Y+XXwCbvadxxZ0YY6mTdrVA= +google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b/go.mod h1:CgAqfJo+Xmu0GwA0411Ht3OU3OntXwsGmrmjI8ioGXI= google.golang.org/genproto/googleapis/api v0.0.0-20231030173426-d783a09b4405 h1:HJMDndgxest5n2y77fnErkM62iUsptE/H8p0dC2Huo4= google.golang.org/genproto/googleapis/api v0.0.0-20231030173426-d783a09b4405/go.mod h1:oT32Z4o8Zv2xPQTg0pbVaPr0MPOH6f14RgXt7zfIpwg= google.golang.org/genproto/googleapis/rpc v0.0.0-20231030173426-d783a09b4405 h1:AB/lmRny7e2pLhFEYIbl5qkDAUt2h0ZRO4wGPhZf+ik= @@ -697,6 +706,7 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= diff --git a/pkg/cloud/cloud.go b/pkg/cloud/cloud.go index 5220ef51d..240b80202 100644 --- a/pkg/cloud/cloud.go +++ b/pkg/cloud/cloud.go @@ -97,9 +97,10 @@ type Efs interface { type Cloud interface { GetMetadata() MetadataService - CreateAccessPoint(ctx context.Context, clientToken string, accessPointOpts *AccessPointOptions, reuseAccessPoint bool) (accessPoint *AccessPoint, err error) + CreateAccessPoint(ctx context.Context, clientToken string, accessPointOpts *AccessPointOptions) (accessPoint *AccessPoint, err error) DeleteAccessPoint(ctx context.Context, accessPointId string) (err error) DescribeAccessPoint(ctx context.Context, accessPointId string) (accessPoint *AccessPoint, err error) + FindAccessPointByClientToken(ctx context.Context, clientToken, fileSystemId string) (accessPoint *AccessPoint, err error) ListAccessPoints(ctx context.Context, fileSystemId string) (accessPoints []*AccessPoint, err error) DescribeFileSystem(ctx context.Context, fileSystemId string) (fs *FileSystem, err error) DescribeMountTargets(ctx context.Context, fileSystemId, az string) (fs *MountTarget, err error) @@ -164,26 +165,8 @@ func (c *cloud) GetMetadata() MetadataService { return c.metadata } -func (c *cloud) CreateAccessPoint(ctx context.Context, clientToken string, accessPointOpts *AccessPointOptions, reuseAccessPoint bool) (accessPoint *AccessPoint, err error) { +func (c *cloud) CreateAccessPoint(ctx context.Context, clientToken string, accessPointOpts *AccessPointOptions) (accessPoint *AccessPoint, err error) { efsTags := parseEfsTags(accessPointOpts.Tags) - - //if reuseAccessPoint is true, check for AP with same Root Directory exists in efs - // if found reuse that AP - if reuseAccessPoint { - existingAP, err := c.findAccessPointByClientToken(ctx, clientToken, accessPointOpts) - if err != nil { - return nil, fmt.Errorf("failed to find access point: %v", err) - } - if existingAP != nil { - //AP path already exists - klog.V(2).Infof("Existing AccessPoint found : %+v", existingAP) - return &AccessPoint{ - AccessPointId: existingAP.AccessPointId, - FileSystemId: existingAP.FileSystemId, - CapacityGiB: accessPointOpts.CapacityGiB, - }, nil - } - } createAPInput := &efs.CreateAccessPointInput{ ClientToken: &clientToken, FileSystemId: &accessPointOpts.FileSystemId, @@ -262,22 +245,22 @@ func (c *cloud) DescribeAccessPoint(ctx context.Context, accessPointId string) ( }, nil } -func (c *cloud) findAccessPointByClientToken(ctx context.Context, clientToken string, accessPointOpts *AccessPointOptions) (accessPoint *AccessPoint, err error) { - klog.V(5).Infof("AccessPointOptions to find AP : %+v", accessPointOpts) +func (c *cloud) FindAccessPointByClientToken(ctx context.Context, clientToken, fileSystemId string) (accessPoint *AccessPoint, err error) { + klog.V(5).Infof("Filesystem ID to find AP : %+v", fileSystemId) klog.V(2).Infof("ClientToken to find AP : %s", clientToken) describeAPInput := &efs.DescribeAccessPointsInput{ - FileSystemId: &accessPointOpts.FileSystemId, + FileSystemId: &fileSystemId, MaxResults: aws.Int64(AccessPointPerFsLimit), } res, err := c.efs.DescribeAccessPointsWithContext(ctx, describeAPInput) if err != nil { if isAccessDenied(err) { - return + return nil, ErrAccessDenied } if isFileSystemNotFound(err) { - return + return nil, ErrNotFound } - err = fmt.Errorf("failed to list Access Points of efs = %s : %v", accessPointOpts.FileSystemId, err) + err = fmt.Errorf("failed to list Access Points of efs = %s : %v", fileSystemId, err) return } for _, ap := range res.AccessPoints { diff --git a/pkg/cloud/cloud_test.go b/pkg/cloud/cloud_test.go index e16cc5c63..48651edbf 100644 --- a/pkg/cloud/cloud_test.go +++ b/pkg/cloud/cloud_test.go @@ -35,7 +35,7 @@ func TestCreateAccessPoint(t *testing.T) { testFunc func(t *testing.T) }{ { - name: "Success - AP does not exist", + name: "Success", testFunc: func(t *testing.T) { mockCtl := gomock.NewController(t) mockEfs := mocks.NewMockEfs(mockCtl) @@ -74,63 +74,9 @@ func TestCreateAccessPoint(t *testing.T) { }, } - describeAPOutput := &efs.DescribeAccessPointsOutput{ - AccessPoints: nil, - } - ctx := context.Background() - mockEfs.EXPECT().DescribeAccessPointsWithContext(gomock.Eq(ctx), gomock.Any()).Return(describeAPOutput, nil) mockEfs.EXPECT().CreateAccessPointWithContext(gomock.Eq(ctx), gomock.Any()).Return(output, nil) - res, err := c.CreateAccessPoint(ctx, clientToken, req, true) - - if err != nil { - t.Fatalf("CreateAccessPointFailed is failed: %v", err) - } - - if res == nil { - t.Fatal("Result is nil") - } - - if accessPointId != res.AccessPointId { - t.Fatalf("AccessPointId mismatched. Expected: %v, Actual: %v", accessPointId, res.AccessPointId) - } - - if fsId != res.FileSystemId { - t.Fatalf("FileSystemId mismatched. Expected: %v, Actual: %v", fsId, res.FileSystemId) - } - mockCtl.Finish() - }, - }, - { - name: "Success - AP already exists", - testFunc: func(t *testing.T) { - mockCtl := gomock.NewController(t) - mockEfs := mocks.NewMockEfs(mockCtl) - c := &cloud{ - efs: mockEfs, - } - - tags := make(map[string]string) - tags["cluster"] = "efs" - - req := &AccessPointOptions{ - FileSystemId: fsId, - Uid: uid, - Gid: gid, - DirectoryPerms: directoryPerms, - DirectoryPath: directoryPath, - Tags: tags, - } - - describeAPOutput := &efs.DescribeAccessPointsOutput{ - AccessPoints: []*efs.AccessPointDescription{ - {AccessPointId: aws.String(accessPointId), FileSystemId: aws.String(fsId), ClientToken: aws.String(clientToken), RootDirectory: &efs.RootDirectory{Path: aws.String(directoryPath)}, Tags: []*efs.Tag{{Key: aws.String(PvcNameTagKey), Value: aws.String(volName)}}}, - }, - } - - ctx := context.Background() - mockEfs.EXPECT().DescribeAccessPointsWithContext(gomock.Eq(ctx), gomock.Any()).Return(describeAPOutput, nil) - res, err := c.CreateAccessPoint(ctx, clientToken, req, true) + res, err := c.CreateAccessPoint(ctx, clientToken, req) if err != nil { t.Fatalf("CreateAccessPointFailed is failed: %v", err) @@ -164,14 +110,10 @@ func TestCreateAccessPoint(t *testing.T) { DirectoryPerms: directoryPerms, DirectoryPath: directoryPath, } - describeAPOutput := &efs.DescribeAccessPointsOutput{ - AccessPoints: nil, - } ctx := context.Background() - mockEfs.EXPECT().DescribeAccessPointsWithContext(gomock.Eq(ctx), gomock.Any()).Return(describeAPOutput, nil) mockEfs.EXPECT().CreateAccessPointWithContext(gomock.Eq(ctx), gomock.Any()).Return(nil, errors.New("CreateAccessPointWithContext failed")) - _, err := c.CreateAccessPoint(ctx, clientToken, req, true) + _, err := c.CreateAccessPoint(ctx, clientToken, req) if err == nil { t.Fatalf("CreateAccessPoint did not fail") } @@ -195,7 +137,7 @@ func TestCreateAccessPoint(t *testing.T) { ctx := context.Background() mockEfs.EXPECT().CreateAccessPointWithContext(gomock.Eq(ctx), gomock.Any()).Return(nil, awserr.New(AccessDeniedException, "Access Denied", errors.New("Access Denied"))) - _, err := c.CreateAccessPoint(ctx, clientToken, req, false) + _, err := c.CreateAccessPoint(ctx, clientToken, req) if err == nil { t.Fatalf("CreateAccessPoint did not fail") } @@ -551,6 +493,119 @@ func TestDescribeAccessPoint(t *testing.T) { } } +func TestFindAccessPointByClientToken(t *testing.T) { + var ( + fsId = "fs-abcd1234" + accessPointId = "ap-abc123" + clientToken = "token" + path = "/myDir" + Gid int64 = 1000 + Uid int64 = 1000 + ) + testCases := []struct { + name string + testFunc func(t *testing.T) + }{ + { + name: "Success - clientToken found", + testFunc: func(t *testing.T) { + mockctl := gomock.NewController(t) + mockEfs := mocks.NewMockEfs(mockctl) + c := &cloud{efs: mockEfs} + + output := &efs.DescribeAccessPointsOutput{ + AccessPoints: []*efs.AccessPointDescription{ + { + AccessPointId: aws.String(accessPointId), + FileSystemId: aws.String(fsId), + ClientToken: aws.String(clientToken), + RootDirectory: &efs.RootDirectory{ + Path: aws.String(path), + }, + PosixUser: &efs.PosixUser{ + Gid: aws.Int64(Gid), + Uid: aws.Int64(Uid), + }, + }, + }, + NextToken: nil, + } + + ctx := context.Background() + mockEfs.EXPECT().DescribeAccessPointsWithContext(gomock.Eq(ctx), gomock.Any()).Return(output, nil) + res, err := c.FindAccessPointByClientToken(ctx, clientToken, fsId) + if err != nil { + t.Fatalf("Find Access Point by Client Token failed: %v", err) + } + + if res == nil { + t.Fatal("Result is nil") + } + + mockctl.Finish() + }, + }, + { + name: "Success - nil result if clientToken is not found", + testFunc: func(t *testing.T) { + mockctl := gomock.NewController(t) + mockEfs := mocks.NewMockEfs(mockctl) + c := &cloud{efs: mockEfs} + + output := &efs.DescribeAccessPointsOutput{ + AccessPoints: []*efs.AccessPointDescription{ + { + AccessPointId: aws.String(accessPointId), + FileSystemId: aws.String(fsId), + ClientToken: aws.String("differentToken"), + RootDirectory: &efs.RootDirectory{ + Path: aws.String(path), + }, + PosixUser: &efs.PosixUser{ + Gid: aws.Int64(Gid), + Uid: aws.Int64(Uid), + }, + }, + }, + NextToken: nil, + } + + ctx := context.Background() + mockEfs.EXPECT().DescribeAccessPointsWithContext(gomock.Eq(ctx), gomock.Any()).Return(output, nil) + res, err := c.FindAccessPointByClientToken(ctx, clientToken, fsId) + if err != nil { + t.Fatalf("Find Access Point by Client Token failed: %v", err) + } + + if res != nil { + t.Fatal("Result should be nil. No access point with the specified token") + } + + mockctl.Finish() + }, + }, + { + name: "Fail - Access Denied", + testFunc: func(t *testing.T) { + mockctl := gomock.NewController(t) + mockEfs := mocks.NewMockEfs(mockctl) + c := &cloud{efs: mockEfs} + ctx := context.Background() + mockEfs.EXPECT().DescribeAccessPointsWithContext(gomock.Eq(ctx), gomock.Any()).Return(nil, awserr.New(AccessDeniedException, "Access Denied", errors.New("Access Denied"))) + _, err := c.FindAccessPointByClientToken(ctx, clientToken, fsId) + if err == nil { + t.Fatalf("Find Access Point by Client Token should have failed: %v", err) + } + + mockctl.Finish() + }, + }, + } + for _, tc := range testCases { + t.Run(tc.name, tc.testFunc) + } +} + func TestListAccessPoints(t *testing.T) { var ( fsId = "fs-abcd1234" @@ -1024,7 +1079,7 @@ func Test_findAccessPointByPath(t *testing.T) { tt.prepare(mockEfs) } - gotAccessPoint, err := c.findAccessPointByClientToken(ctx, tt.args.clientToken, tt.args.accessPointOpts) + gotAccessPoint, err := c.FindAccessPointByClientToken(ctx, tt.args.clientToken, tt.args.accessPointOpts.FileSystemId) if (err != nil) != tt.wantErr { t.Errorf("findAccessPointByClientToken() error = %v, wantErr %v", err, tt.wantErr) return diff --git a/pkg/cloud/fakes.go b/pkg/cloud/fakes.go index 49953665b..8f910ca88 100644 --- a/pkg/cloud/fakes.go +++ b/pkg/cloud/fakes.go @@ -27,7 +27,7 @@ func (c *FakeCloudProvider) GetMetadata() MetadataService { return c.m } -func (c *FakeCloudProvider) CreateAccessPoint(ctx context.Context, clientToken string, accessPointOpts *AccessPointOptions, usePvcName bool) (accessPoint *AccessPoint, err error) { +func (c *FakeCloudProvider) CreateAccessPoint(ctx context.Context, clientToken string, accessPointOpts *AccessPointOptions) (accessPoint *AccessPoint, err error) { ap, exists := c.accessPoints[clientToken] if exists { if accessPointOpts.CapacityGiB == ap.CapacityGiB { @@ -98,6 +98,14 @@ func (c *FakeCloudProvider) DescribeMountTargets(ctx context.Context, fileSystem return nil, ErrNotFound } +func (c *FakeCloudProvider) FindAccessPointByClientToken(ctx context.Context, clientToken, fileSystemId string) (accessPoint *AccessPoint, err error) { + if ap, exists := c.accessPoints[clientToken]; exists { + return ap, nil + } else { + return nil, nil + } +} + func (c *FakeCloudProvider) ListAccessPoints(ctx context.Context, fileSystemId string) ([]*AccessPoint, error) { accessPoints := []*AccessPoint{ c.accessPoints[fileSystemId], diff --git a/pkg/driver/controller.go b/pkg/driver/controller.go index be4630e63..86c6baaf1 100644 --- a/pkg/driver/controller.go +++ b/pkg/driver/controller.go @@ -144,21 +144,8 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest) return nil, status.Errorf(codes.InvalidArgument, "Missing %v parameter", ProvisioningMode) } - // Create tags - tags := map[string]string{ - DefaultTagKey: DefaultTagValue, - } - - // Append input tags to default tag - if len(d.tags) != 0 { - for k, v := range d.tags { - tags[k] = v - } - } - accessPointsOptions := &cloud.AccessPointOptions{ CapacityGiB: volSize, - Tags: tags, } if value, ok := volumeParams[FsId]; ok { @@ -170,162 +157,197 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest) return nil, status.Errorf(codes.InvalidArgument, "Missing %v parameter", FsId) } - uid = -1 - if value, ok := volumeParams[Uid]; ok { - uid, err = strconv.ParseInt(value, 10, 64) - if err != nil { - return nil, status.Errorf(codes.InvalidArgument, "Failed to parse invalid %v: %v", Uid, err) - } - if uid < 0 { - return nil, status.Errorf(codes.InvalidArgument, "%v must be greater or equal than 0", Uid) - } + localCloud, roleArn, crossAccountDNSEnabled, err = getCloud(req.GetSecrets(), d) + if err != nil { + return nil, err } - gid = -1 - if value, ok := volumeParams[Gid]; ok { - gid, err = strconv.ParseInt(value, 10, 64) + var accessPoint *cloud.AccessPoint + //if reuseAccessPoint is true, check for AP with same Root Directory exists in efs + // if found reuse that AP + if reuseAccessPoint { + existingAP, err := localCloud.FindAccessPointByClientToken(ctx, clientToken, accessPointsOptions.FileSystemId) if err != nil { - return nil, status.Errorf(codes.InvalidArgument, "Failed to parse invalid %v: %v", Gid, err) + return nil, fmt.Errorf("failed to find access point: %v", err) } - if gid < 0 { - return nil, status.Errorf(codes.InvalidArgument, "%v must be greater or equal than 0", Gid) + if existingAP != nil { + //AP path already exists + klog.V(2).Infof("Existing AccessPoint found : %+v", existingAP) + accessPoint = &cloud.AccessPoint{ + AccessPointId: existingAP.AccessPointId, + FileSystemId: existingAP.FileSystemId, + CapacityGiB: accessPointsOptions.CapacityGiB, + } } } - if value, ok := volumeParams[GidMin]; ok { - gidMin, err = strconv.ParseInt(value, 10, 64) - if err != nil { - return nil, status.Errorf(codes.InvalidArgument, "Failed to parse invalid %v: %v", GidMin, err) - } - if gidMin <= 0 { - return nil, status.Errorf(codes.InvalidArgument, "%v must be greater than 0", GidMin) + if accessPoint == nil { + // Create tags + tags := map[string]string{ + DefaultTagKey: DefaultTagValue, } - } - if value, ok := volumeParams[GidMax]; ok { - // Ensure GID min is provided with GID max - if gidMin == 0 { - return nil, status.Errorf(codes.InvalidArgument, "Missing %v parameter", GidMin) + // Append input tags to default tag + if len(d.tags) != 0 { + for k, v := range d.tags { + tags[k] = v + } } - gidMax, err = strconv.ParseInt(value, 10, 64) - if err != nil { - return nil, status.Errorf(codes.InvalidArgument, "Failed to parse invalid %v: %v", GidMax, err) + + accessPointsOptions.Tags = tags + + uid = -1 + if value, ok := volumeParams[Uid]; ok { + uid, err = strconv.ParseInt(value, 10, 64) + if err != nil { + return nil, status.Errorf(codes.InvalidArgument, "Failed to parse invalid %v: %v", Uid, err) + } + if uid < 0 { + return nil, status.Errorf(codes.InvalidArgument, "%v must be greater or equal than 0", Uid) + } } - if gidMax <= gidMin { - return nil, status.Errorf(codes.InvalidArgument, "%v must be greater than %v", GidMax, GidMin) + + gid = -1 + if value, ok := volumeParams[Gid]; ok { + gid, err = strconv.ParseInt(value, 10, 64) + if err != nil { + return nil, status.Errorf(codes.InvalidArgument, "Failed to parse invalid %v: %v", Gid, err) + } + if uid < 0 { + return nil, status.Errorf(codes.InvalidArgument, "%v must be greater or equal than 0", Gid) + } } - } else { - // Ensure GID max is provided with GID min - if gidMin != 0 { - return nil, status.Errorf(codes.InvalidArgument, "Missing %v parameter", GidMax) + + if value, ok := volumeParams[GidMin]; ok { + gidMin, err = strconv.ParseInt(value, 10, 64) + if err != nil { + return nil, status.Errorf(codes.InvalidArgument, "Failed to parse invalid %v: %v", GidMin, err) + } + if gidMin <= 0 { + return nil, status.Errorf(codes.InvalidArgument, "%v must be greater than 0", GidMin) + } } - } - // Assign default GID ranges if not provided - if gidMin == 0 && gidMax == 0 { - gidMin = DefaultGidMin - gidMax = DefaultGidMax - } + if value, ok := volumeParams[GidMax]; ok { + // Ensure GID min is provided with GID max + if gidMin == 0 { + return nil, status.Errorf(codes.InvalidArgument, "Missing %v parameter", GidMin) + } + gidMax, err = strconv.ParseInt(value, 10, 64) + if err != nil { + return nil, status.Errorf(codes.InvalidArgument, "Failed to parse invalid %v: %v", GidMax, err) + } + if gidMax <= gidMin { + return nil, status.Errorf(codes.InvalidArgument, "%v must be greater than %v", GidMax, GidMin) + } + } else { + // Ensure GID max is provided with GID min + if gidMin != 0 { + return nil, status.Errorf(codes.InvalidArgument, "Missing %v parameter", GidMax) + } + } - if value, ok := volumeParams[DirectoryPerms]; ok { - accessPointsOptions.DirectoryPerms = value - } + // Assign default GID ranges if not provided + if gidMin == 0 && gidMax == 0 { + gidMin = DefaultGidMin + gidMax = DefaultGidMax + } - // Storage class parameter `az` will be used to fetch preferred mount target for cross account mount. - // If the `az` storage class parameter is not provided, a random mount target will be picked for mounting. - // This storage class parameter different from `az` mount option provided by efs-utils https://github.com/aws/efs-utils/blob/v1.31.1/src/mount_efs/__init__.py#L195 - // The `az` mount option provided by efs-utils is used for cross az mount or to provide az of efs one zone file system mount within the same aws-account. - // To make use of the `az` mount option, add it under storage class's `mountOptions` section. https://kubernetes.io/docs/concepts/storage/storage-classes/#mount-options - if value, ok := volumeParams[AzName]; ok { - azName = value - } + if value, ok := volumeParams[DirectoryPerms]; ok { + accessPointsOptions.DirectoryPerms = value + } - localCloud, roleArn, crossAccountDNSEnabled, err = getCloud(req.GetSecrets(), d) - if err != nil { - return nil, err - } + // Storage class parameter `az` will be used to fetch preferred mount target for cross account mount. + // If the `az` storage class parameter is not provided, a random mount target will be picked for mounting. + // This storage class parameter different from `az` mount option provided by efs-utils https://github.com/aws/efs-utils/blob/v1.31.1/src/mount_efs/__init__.py#L195 + // The `az` mount option provided by efs-utils is used for cross az mount or to provide az of efs one zone file system mount within the same aws-account. + // To make use of the `az` mount option, add it under storage class's `mountOptions` section. https://kubernetes.io/docs/concepts/storage/storage-classes/#mount-options + if value, ok := volumeParams[AzName]; ok { + azName = value + } - // Check if file system exists. Describe FS or List APs handle appropriate error codes - // With dynamic uid/gid provisioning we can save a call to describe FS, as list APs fails if FS ID does not exist - var accessPoints []*cloud.AccessPoint - if uid == -1 || gid == -1 { - accessPoints, err = localCloud.ListAccessPoints(ctx, accessPointsOptions.FileSystemId) - } else { - _, err = localCloud.DescribeFileSystem(ctx, accessPointsOptions.FileSystemId) - } - if err != nil { - if err == cloud.ErrAccessDenied { - return nil, status.Errorf(codes.Unauthenticated, "Access Denied. Please ensure you have the right AWS permissions: %v", err) + // Check if file system exists. Describe FS or List APs handle appropriate error codes + // With dynamic uid/gid provisioning we can save a call to describe FS, as list APs fails if FS ID does not exist + var accessPoints []*cloud.AccessPoint + if uid == -1 || gid == -1 { + accessPoints, err = localCloud.ListAccessPoints(ctx, accessPointsOptions.FileSystemId) + } else { + _, err = localCloud.DescribeFileSystem(ctx, accessPointsOptions.FileSystemId) } - if err == cloud.ErrNotFound { - return nil, status.Errorf(codes.InvalidArgument, "File System does not exist: %v", err) + if err != nil { + if err == cloud.ErrAccessDenied { + return nil, status.Errorf(codes.Unauthenticated, "Access Denied. Please ensure you have the right AWS permissions: %v", err) + } + if err == cloud.ErrNotFound { + return nil, status.Errorf(codes.InvalidArgument, "File System does not exist: %v", err) + } + return nil, status.Errorf(codes.Internal, "Failed to fetch Access Points or Describe File System: %v", err) } - return nil, status.Errorf(codes.Internal, "Failed to fetch Access Points or Describe File System: %v", err) - } - var allocatedGid int64 - if uid == -1 || gid == -1 { - allocatedGid, err = d.gidAllocator.getNextGid(accessPointsOptions.FileSystemId, accessPoints, gidMin, gidMax) - if err != nil { - return nil, err + var allocatedGid int64 + if uid == -1 || gid == -1 { + allocatedGid, err = d.gidAllocator.getNextGid(accessPointsOptions.FileSystemId, accessPoints, gidMin, gidMax) + if err != nil { + return nil, err + } + } + if uid == -1 { + uid = allocatedGid + } + if gid == -1 { + gid = allocatedGid } - } - if uid == -1 { - uid = allocatedGid - } - if gid == -1 { - gid = allocatedGid - } - if value, ok := volumeParams[BasePath]; ok { - basePath = value - } + if value, ok := volumeParams[BasePath]; ok { + basePath = value + } - rootDirName := volName - // Check if a custom structure should be imposed on the access point directory - if value, ok := volumeParams[SubPathPattern]; ok { - // Try and construct the root directory and check it only contains supported components - val, err := interpolateRootDirectoryName(value, volumeParams) - if err == nil { - klog.Infof("Using user-specified structure for access point directory.") - rootDirName = val - if value, ok := volumeParams[EnsureUniqueDirectory]; ok { - if ensureUniqueDirectory, err := strconv.ParseBool(value); !ensureUniqueDirectory && err == nil { - klog.Infof("Not appending PVC UID to path.") + rootDirName := volName + // Check if a custom structure should be imposed on the access point directory + if value, ok := volumeParams[SubPathPattern]; ok { + // Try and construct the root directory and check it only contains supported components + val, err := interpolateRootDirectoryName(value, volumeParams) + if err == nil { + klog.Infof("Using user-specified structure for access point directory.") + rootDirName = val + if value, ok := volumeParams[EnsureUniqueDirectory]; ok { + if ensureUniqueDirectory, err := strconv.ParseBool(value); !ensureUniqueDirectory && err == nil { + klog.Infof("Not appending PVC UID to path.") + } else { + klog.Infof("Appending PVC UID to path.") + rootDirName = fmt.Sprintf("%s-%s", val, uuid.New().String()) + } } else { klog.Infof("Appending PVC UID to path.") rootDirName = fmt.Sprintf("%s-%s", val, uuid.New().String()) } } else { - klog.Infof("Appending PVC UID to path.") - rootDirName = fmt.Sprintf("%s-%s", val, uuid.New().String()) + return nil, err } } else { - return nil, err + klog.Infof("Using PV name for access point directory.") } - } else { - klog.Infof("Using PV name for access point directory.") - } - rootDir := path.Join("/", basePath, rootDirName) - if ok, err := validateEfsPathRequirements(rootDir); !ok { - return nil, err - } - klog.Infof("Using %v as the access point directory.", rootDir) + rootDir := path.Join("/", basePath, rootDirName) + if ok, err := validateEfsPathRequirements(rootDir); !ok { + return nil, err + } + klog.Infof("Using %v as the access point directory.", rootDir) - accessPointsOptions.Uid = uid - accessPointsOptions.Gid = gid - accessPointsOptions.DirectoryPath = rootDir + accessPointsOptions.Uid = uid + accessPointsOptions.Gid = gid + accessPointsOptions.DirectoryPath = rootDir - accessPointId, err := localCloud.CreateAccessPoint(ctx, clientToken, accessPointsOptions, reuseAccessPoint) - if err != nil { - if err == cloud.ErrAccessDenied { - return nil, status.Errorf(codes.Unauthenticated, "Access Denied. Please ensure you have the right AWS permissions: %v", err) - } - if err == cloud.ErrAlreadyExists { - return nil, status.Errorf(codes.AlreadyExists, "Access Point already exists") + accessPoint, err = localCloud.CreateAccessPoint(ctx, clientToken, accessPointsOptions) + if err != nil { + if err == cloud.ErrAccessDenied { + return nil, status.Errorf(codes.Unauthenticated, "Access Denied. Please ensure you have the right AWS permissions: %v", err) + } + if err == cloud.ErrAlreadyExists { + return nil, status.Errorf(codes.AlreadyExists, "Access Point already exists") + } + return nil, status.Errorf(codes.Internal, "Failed to create Access point in File System %v : %v", accessPointsOptions.FileSystemId, err) } - return nil, status.Errorf(codes.Internal, "Failed to create Access point in File System %v : %v", accessPointsOptions.FileSystemId, err) } volContext := map[string]string{} @@ -352,7 +374,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest) return &csi.CreateVolumeResponse{ Volume: &csi.Volume{ CapacityBytes: volSize, - VolumeId: accessPointsOptions.FileSystemId + "::" + accessPointId.AccessPointId, + VolumeId: accessPointsOptions.FileSystemId + "::" + accessPoint.AccessPointId, VolumeContext: volContext, }, }, nil diff --git a/pkg/driver/controller_test.go b/pkg/driver/controller_test.go index 3725ce026..b625f508b 100644 --- a/pkg/driver/controller_test.go +++ b/pkg/driver/controller_test.go @@ -79,8 +79,8 @@ func TestCreateVolume(t *testing.T) { FileSystemId: fsId, } mockCloud.EXPECT().DescribeFileSystem(gomock.Eq(ctx), gomock.Any()).Return(fileSystem, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Eq(volumeName), gomock.Any(), gomock.Eq(false)).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointsOptions *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Eq(volumeName), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointsOptions *cloud.AccessPointOptions) { if accessPointsOptions.Uid != 1000 { t.Fatalf("Uid mismatched. Expected: %v, actual: %v", 1000, accessPointsOptions.Uid) } @@ -146,8 +146,8 @@ func TestCreateVolume(t *testing.T) { FileSystemId: fsId, } mockCloud.EXPECT().DescribeFileSystem(gomock.Eq(ctx), gomock.Any()).Return(fileSystem, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if accessPointOpts.Uid != 1000 { t.Fatalf("Uid mismatched. Expected: %v, actual: %v", 1000, accessPointOpts.Uid) } @@ -228,8 +228,8 @@ func TestCreateVolume(t *testing.T) { var expectedGid int64 = 1003 //1001 and 1002 are taken, next available is 1003 mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(accessPoints, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), false).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if accessPointOpts.Uid != expectedGid { t.Fatalf("Uid mismatched. Expected: %v, actual: %v", expectedGid, accessPointOpts.Uid) } @@ -323,8 +323,8 @@ func TestCreateVolume(t *testing.T) { var expectedGid int64 = 1004 // 1001-1003 is taken. mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(accessPoints, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), false).Return(ap2, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(ap2, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if accessPointOpts.Uid != expectedGid { t.Fatalf("Uid mismatched. Expected: %v, actual: %v", expectedGid, accessPointOpts.Uid) } @@ -340,8 +340,8 @@ func TestCreateVolume(t *testing.T) { expectedGid = 1001 // 1001 is now free and lowest possible, if no GID return would happen allocator would pick 1005. mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(accessPoints, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), false).Return(ap3, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(ap3, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if accessPointOpts.Uid != expectedGid { t.Fatalf("Uid mismatched. Expected: %v, actual: %v", expectedGid, accessPointOpts.Uid) } @@ -357,8 +357,8 @@ func TestCreateVolume(t *testing.T) { expectedGid = 1002 // 1001 and 1004 are now taken, lowest available is 1002 mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(accessPoints, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), false).Return(ap2, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(ap2, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if accessPointOpts.Uid != expectedGid { t.Fatalf("Uid mismatched. Expected: %v, actual: %v", expectedGid, accessPointOpts.Uid) } @@ -444,8 +444,8 @@ func TestCreateVolume(t *testing.T) { expectedGid := 2000 mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(accessPoints, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), false).Return(lastAccessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(lastAccessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if accessPointOpts.Uid != int64(expectedGid) { t.Fatalf("Uid mismatched. Expected: %v, actual: %v", expectedGid, accessPointOpts.Uid) } @@ -512,8 +512,8 @@ func TestCreateVolume(t *testing.T) { expectedGid := 1000 // Allocator should pick lowest available GID mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(nil, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), false).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if accessPointOpts.Uid != int64(expectedGid) { t.Fatalf("Uid mismatched. Expected: %v, actual: %v", expectedGid, accessPointOpts.Uid) } @@ -574,7 +574,7 @@ func TestCreateVolume(t *testing.T) { } accessPoints := []*cloud.AccessPoint{accessPoint} mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(accessPoints, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Eq(volumeName), gomock.Any(), gomock.Any()).Return(accessPoint, nil) + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Eq(volumeName), gomock.Any()).Return(accessPoint, nil) res, err := driver.CreateVolume(ctx, req) @@ -630,7 +630,7 @@ func TestCreateVolume(t *testing.T) { } accessPoints := []*cloud.AccessPoint{accessPoint} mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(accessPoints, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil) + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil) res, err := driver.CreateVolume(ctx, req) @@ -689,7 +689,7 @@ func TestCreateVolume(t *testing.T) { } accessPoints := []*cloud.AccessPoint{accessPoint} mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(accessPoints, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil) + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil) res, err := driver.CreateVolume(ctx, req) @@ -748,7 +748,7 @@ func TestCreateVolume(t *testing.T) { } accessPoints := []*cloud.AccessPoint{accessPoint} mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(accessPoints, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil) + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil) res, err := driver.CreateVolume(ctx, req) @@ -810,9 +810,7 @@ func TestCreateVolume(t *testing.T) { Uid: 1000, }, } - accessPoints := []*cloud.AccessPoint{accessPoint} - mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(accessPoints, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Eq(get64LenHash(pvcNameVal)), gomock.Any(), gomock.Any()).Return(accessPoint, nil) + mockCloud.EXPECT().FindAccessPointByClientToken(gomock.Eq(ctx), gomock.Any(), gomock.Eq(fsId)).Return(accessPoint, nil) res, err := driver.CreateVolume(ctx, req) @@ -875,8 +873,8 @@ func TestCreateVolume(t *testing.T) { } mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(nil, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPoint bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if !verifyPathWhenUUIDIncluded(accessPointOpts.DirectoryPath, directoryCreated) { t.Fatalf("Root directory mismatch. Expected: %v (with UID appended), actual: %v", directoryCreated, @@ -943,8 +941,8 @@ func TestCreateVolume(t *testing.T) { } mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(nil, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if !verifyPathWhenUUIDIncluded(accessPointOpts.DirectoryPath, directoryCreated) { t.Fatalf("Root directory mismatch. Expected: %v (with UID appended), actual: %v", directoryCreated, @@ -1014,8 +1012,8 @@ func TestCreateVolume(t *testing.T) { } mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(nil, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if !verifyPathWhenUUIDIncluded(accessPointOpts.DirectoryPath, directoryCreated) { t.Fatalf("Root directory mismatch. Expected: %v (with UID appended), actual: %v", directoryCreated, @@ -1085,8 +1083,8 @@ func TestCreateVolume(t *testing.T) { } mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(nil, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if accessPointOpts.DirectoryPath != directoryCreated { t.Fatalf("Root directory mismatch. Expected: %v, actual: %v", directoryCreated, @@ -1155,8 +1153,8 @@ func TestCreateVolume(t *testing.T) { } mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(nil, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if !verifyPathWhenUUIDIncluded(accessPointOpts.DirectoryPath, directoryCreated) { t.Fatalf("Root directory mismatch. Expected: %v (with UID appended), actual: %v", directoryCreated, @@ -1220,8 +1218,8 @@ func TestCreateVolume(t *testing.T) { } mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(nil, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if accessPointOpts.DirectoryPath != "/" { t.Fatalf("Root directory mismatch. Expected: %v, actual: %v", "/", @@ -1286,8 +1284,8 @@ func TestCreateVolume(t *testing.T) { } mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(nil, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if accessPointOpts.DirectoryPath != "/" { t.Fatalf("Root directory mismatch. Expected: %v, actual: %v", "/", @@ -1354,8 +1352,8 @@ func TestCreateVolume(t *testing.T) { } mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return(nil, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(accessPoint, nil). - Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, reuseAccessPointName bool) { + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(accessPoint, nil). + Do(func(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) { if !verifyPathWhenUUIDIncluded(accessPointOpts.DirectoryPath, directoryCreated) { t.Fatalf("Root directory mismatch. Expected: %v (with UID appended), actual: %v", directoryCreated, @@ -2366,7 +2364,7 @@ func TestCreateVolume(t *testing.T) { ctx := context.Background() mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return([]*cloud.AccessPoint{}, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, errors.New("CreateAccessPoint call failed")) + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(nil, errors.New("CreateAccessPoint call failed")) _, err := driver.CreateVolume(ctx, req) if err == nil { t.Fatal("CreateVolume did not fail") @@ -2405,7 +2403,7 @@ func TestCreateVolume(t *testing.T) { ctx := context.Background() mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return([]*cloud.AccessPoint{}, nil) - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, cloud.ErrAccessDenied) + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(nil, cloud.ErrAccessDenied) _, err := driver.CreateVolume(ctx, req) if err == nil { t.Fatal("CreateVolume did not fail") @@ -2460,7 +2458,7 @@ func TestCreateVolume(t *testing.T) { }, } mockCloud.EXPECT().ListAccessPoints(gomock.Eq(ctx), gomock.Any()).Return([]*cloud.AccessPoint{ap1, ap2}, nil).AnyTimes() - mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any(), gomock.Any()).Return(ap2, nil).AnyTimes() + mockCloud.EXPECT().CreateAccessPoint(gomock.Eq(ctx), gomock.Any(), gomock.Any()).Return(ap2, nil).AnyTimes() var err error // All GIDs from available range are taken, CreateVolume should fail. diff --git a/pkg/driver/efs_watch_dog.go b/pkg/driver/efs_watch_dog.go index 3b907f222..e4083c8d6 100644 --- a/pkg/driver/efs_watch_dog.go +++ b/pkg/driver/efs_watch_dog.go @@ -73,7 +73,7 @@ fips_mode_enabled = {{.FipsEnabled -}} # Define the port range that the TLS tunnel will choose from port_range_lower_bound = 20049 -port_range_upper_bound = 20449 +port_range_upper_bound = 21049 # Optimize read_ahead_kb for Linux 5.4+ optimize_readahead = true diff --git a/pkg/driver/efs_watch_dog_test.go b/pkg/driver/efs_watch_dog_test.go index bdb31ada1..38525d7be 100644 --- a/pkg/driver/efs_watch_dog_test.go +++ b/pkg/driver/efs_watch_dog_test.go @@ -59,7 +59,7 @@ stunnel_check_cert_validity = false # Define the port range that the TLS tunnel will choose from port_range_lower_bound = 20049 -port_range_upper_bound = 20449 +port_range_upper_bound = 21049 # Optimize read_ahead_kb for Linux 5.4+ optimize_readahead = true diff --git a/pkg/driver/mocks/mock_cloud.go b/pkg/driver/mocks/mock_cloud.go index eacf69fae..96cef7e69 100644 --- a/pkg/driver/mocks/mock_cloud.go +++ b/pkg/driver/mocks/mock_cloud.go @@ -162,18 +162,18 @@ func (m *MockCloud) EXPECT() *MockCloudMockRecorder { } // CreateAccessPoint mocks base method. -func (m *MockCloud) CreateAccessPoint(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions, usePvcName bool) (*cloud.AccessPoint, error) { +func (m *MockCloud) CreateAccessPoint(ctx context.Context, clientToken string, accessPointOpts *cloud.AccessPointOptions) (*cloud.AccessPoint, error) { m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "CreateAccessPoint", ctx, clientToken, accessPointOpts, usePvcName) + ret := m.ctrl.Call(m, "CreateAccessPoint", ctx, clientToken, accessPointOpts) ret0, _ := ret[0].(*cloud.AccessPoint) ret1, _ := ret[1].(error) return ret0, ret1 } // CreateAccessPoint indicates an expected call of CreateAccessPoint. -func (mr *MockCloudMockRecorder) CreateAccessPoint(ctx, clientToken, accessPointOpts, usePvcName interface{}) *gomock.Call { +func (mr *MockCloudMockRecorder) CreateAccessPoint(ctx, clientToken, accessPointOpts interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateAccessPoint", reflect.TypeOf((*MockCloud)(nil).CreateAccessPoint), ctx, clientToken, accessPointOpts, usePvcName) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateAccessPoint", reflect.TypeOf((*MockCloud)(nil).CreateAccessPoint), ctx, clientToken, accessPointOpts) } // DeleteAccessPoint mocks base method. @@ -235,6 +235,21 @@ func (mr *MockCloudMockRecorder) DescribeMountTargets(ctx, fileSystemId, az inte return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DescribeMountTargets", reflect.TypeOf((*MockCloud)(nil).DescribeMountTargets), ctx, fileSystemId, az) } +// FindAccessPointByClientToken mocks base method. +func (m *MockCloud) FindAccessPointByClientToken(ctx context.Context, clientToken, fileSystemId string) (*cloud.AccessPoint, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "FindAccessPointByClientToken", ctx, clientToken, fileSystemId) + ret0, _ := ret[0].(*cloud.AccessPoint) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// FindAccessPointByClientToken indicates an expected call of FindAccessPointByClientToken. +func (mr *MockCloudMockRecorder) FindAccessPointByClientToken(ctx, clientToken, fileSystemId interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "FindAccessPointByClientToken", reflect.TypeOf((*MockCloud)(nil).FindAccessPointByClientToken), ctx, clientToken, fileSystemId) +} + // GetMetadata mocks base method. func (m *MockCloud) GetMetadata() cloud.MetadataService { m.ctrl.T.Helper() @@ -250,16 +265,16 @@ func (mr *MockCloudMockRecorder) GetMetadata() *gomock.Call { } // ListAccessPoints mocks base method. -func (m *MockCloud) ListAccessPoints(arg0 context.Context, arg1 string) ([]*cloud.AccessPoint, error) { +func (m *MockCloud) ListAccessPoints(ctx context.Context, fileSystemId string) ([]*cloud.AccessPoint, error) { m.ctrl.T.Helper() - ret := m.ctrl.Call(m, "ListAccessPoints", arg0, arg1) + ret := m.ctrl.Call(m, "ListAccessPoints", ctx, fileSystemId) ret0, _ := ret[0].([]*cloud.AccessPoint) ret1, _ := ret[1].(error) return ret0, ret1 } // ListAccessPoints indicates an expected call of ListAccessPoints. -func (mr *MockCloudMockRecorder) ListAccessPoints(arg0, arg1 interface{}) *gomock.Call { +func (mr *MockCloudMockRecorder) ListAccessPoints(ctx, fileSystemId interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListAccessPoints", reflect.TypeOf((*MockCloud)(nil).ListAccessPoints), arg0, arg1) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ListAccessPoints", reflect.TypeOf((*MockCloud)(nil).ListAccessPoints), ctx, fileSystemId) } diff --git a/troubleshooting/README.md b/troubleshooting/README.md index c4068ce71..30fb59a3f 100644 --- a/troubleshooting/README.md +++ b/troubleshooting/README.md @@ -1,9 +1,5 @@ # Troubleshooting -#### Note -By default, logs are published to the node in which the EFS mount occurs. -This node can be found by examining the output of `kubectl describe pod efs-app`, where `efs-app` is the pod which utilizes the EFS PVC. For the most accurate logs, please substitute the pod name corresponding to the aforementioned node in the below steps for ``. - ### Log collector script The log collector script will collect diff --git a/vendor/k8s.io/kubernetes/test/e2e/framework/testfiles/testdata/a/foo.txt b/vendor/k8s.io/kubernetes/test/e2e/framework/testfiles/testdata/a/foo.txt deleted file mode 100644 index 557db03de..000000000 --- a/vendor/k8s.io/kubernetes/test/e2e/framework/testfiles/testdata/a/foo.txt +++ /dev/null @@ -1 +0,0 @@ -Hello World