diff --git a/staging/src/k8s.io/csi-translation-lib/go.mod b/staging/src/k8s.io/csi-translation-lib/go.mod index 1dcdee600e3..4018998d912 100644 --- a/staging/src/k8s.io/csi-translation-lib/go.mod +++ b/staging/src/k8s.io/csi-translation-lib/go.mod @@ -5,9 +5,11 @@ module k8s.io/csi-translation-lib go 1.13 require ( + github.com/stretchr/testify v1.4.0 k8s.io/api v0.0.0 k8s.io/apimachinery v0.0.0 k8s.io/cloud-provider v0.0.0 + k8s.io/klog v1.0.0 ) replace ( diff --git a/staging/src/k8s.io/csi-translation-lib/plugins/BUILD b/staging/src/k8s.io/csi-translation-lib/plugins/BUILD index 4bd1892eba9..3baad53dd7c 100644 --- a/staging/src/k8s.io/csi-translation-lib/plugins/BUILD +++ b/staging/src/k8s.io/csi-translation-lib/plugins/BUILD @@ -19,6 +19,7 @@ go_library( "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library", "//staging/src/k8s.io/cloud-provider/volume:go_default_library", + "//vendor/k8s.io/klog:go_default_library", ], ) @@ -50,5 +51,6 @@ go_test( "//staging/src/k8s.io/api/core/v1:go_default_library", "//staging/src/k8s.io/api/storage/v1:go_default_library", "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//vendor/github.com/stretchr/testify/assert:go_default_library", ], ) diff --git a/staging/src/k8s.io/csi-translation-lib/plugins/azure_file.go b/staging/src/k8s.io/csi-translation-lib/plugins/azure_file.go index c39991f9470..76a3b86dbb4 100644 --- a/staging/src/k8s.io/csi-translation-lib/plugins/azure_file.go +++ b/staging/src/k8s.io/csi-translation-lib/plugins/azure_file.go @@ -18,11 +18,13 @@ package plugins import ( "fmt" + "regexp" "strings" v1 "k8s.io/api/core/v1" storage "k8s.io/api/storage/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/klog" ) const ( @@ -32,14 +34,19 @@ const ( AzureFileInTreePluginName = "kubernetes.io/azure-file" separator = "#" - volumeIDTemplate = "%s#%s#%s" + volumeIDTemplate = "%s#%s#%s#%s" // Parameter names defined in azure file CSI driver, refer to // https://github.com/kubernetes-sigs/azurefile-csi-driver/blob/master/docs/driver-parameters.md azureFileShareName = "shareName" + + secretNameTemplate = "azure-storage-account-%s-secret" + defaultSecretNamespace = "default" ) var _ InTreePlugin = &azureFileCSITranslator{} +var secretNameFormatRE = regexp.MustCompile(`azure-storage-account-(.+)-secret`) + // azureFileCSITranslator handles translation of PV spec from In-tree // Azure File to CSI Azure File and vice versa type azureFileCSITranslator struct{} @@ -61,9 +68,14 @@ func (t *azureFileCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Vol return nil, fmt.Errorf("volume is nil or Azure File not defined on volume") } - var ( - azureSource = volume.AzureFile + azureSource := volume.AzureFile + accountName, err := getStorageAccountName(azureSource.SecretName) + if err != nil { + klog.Warningf("getStorageAccountName(%s) returned with error: %v", azureSource.SecretName, err) + accountName = azureSource.SecretName + } + var ( pv = &v1.PersistentVolume{ ObjectMeta: metav1.ObjectMeta{ // Must be unique per disk as it is used as the unique part of the @@ -74,12 +86,12 @@ func (t *azureFileCSITranslator) TranslateInTreeInlineVolumeToCSI(volume *v1.Vol PersistentVolumeSource: v1.PersistentVolumeSource{ CSI: &v1.CSIPersistentVolumeSource{ Driver: AzureFileDriverName, - VolumeHandle: fmt.Sprintf(volumeIDTemplate, "", azureSource.SecretName, azureSource.ShareName), + VolumeHandle: fmt.Sprintf(volumeIDTemplate, "", accountName, azureSource.ShareName, ""), ReadOnly: azureSource.ReadOnly, VolumeAttributes: map[string]string{azureFileShareName: azureSource.ShareName}, - NodePublishSecretRef: &v1.SecretReference{ - Name: azureSource.ShareName, - Namespace: "default", + NodeStageSecretRef: &v1.SecretReference{ + Name: azureSource.SecretName, + Namespace: defaultSecretNamespace, }, }, }, @@ -98,15 +110,21 @@ func (t *azureFileCSITranslator) TranslateInTreePVToCSI(pv *v1.PersistentVolume) return nil, fmt.Errorf("pv is nil or Azure File source not defined on pv") } - var ( - azureSource = pv.Spec.PersistentVolumeSource.AzureFile - volumeID = fmt.Sprintf(volumeIDTemplate, "", azureSource.SecretName, azureSource.ShareName) + azureSource := pv.Spec.PersistentVolumeSource.AzureFile + accountName, err := getStorageAccountName(azureSource.SecretName) + if err != nil { + klog.Warningf("getStorageAccountName(%s) returned with error: %v", azureSource.SecretName, err) + accountName = azureSource.SecretName + } + volumeID := fmt.Sprintf(volumeIDTemplate, "", accountName, azureSource.ShareName, "") + var ( // refer to https://github.com/kubernetes-sigs/azurefile-csi-driver/blob/master/docs/driver-parameters.md csiSource = &v1.CSIPersistentVolumeSource{ Driver: AzureFileDriverName, - NodePublishSecretRef: &v1.SecretReference{ - Name: azureSource.ShareName, + NodeStageSecretRef: &v1.SecretReference{ + Name: azureSource.SecretName, + Namespace: defaultSecretNamespace, }, ReadOnly: azureSource.ReadOnly, VolumeAttributes: map[string]string{azureFileShareName: azureSource.ShareName}, @@ -115,7 +133,7 @@ func (t *azureFileCSITranslator) TranslateInTreePVToCSI(pv *v1.PersistentVolume) ) if azureSource.SecretNamespace != nil { - csiSource.NodePublishSecretRef.Namespace = *azureSource.SecretNamespace + csiSource.NodeStageSecretRef.Namespace = *azureSource.SecretNamespace } pv.Spec.PersistentVolumeSource.AzureFile = nil @@ -137,22 +155,21 @@ func (t *azureFileCSITranslator) TranslateCSIPVToInTree(pv *v1.PersistentVolume) ReadOnly: csiSource.ReadOnly, } - if csiSource.NodePublishSecretRef != nil && csiSource.NodePublishSecretRef.Name != "" { - azureSource.SecretName = csiSource.NodePublishSecretRef.Name - azureSource.SecretNamespace = &csiSource.NodePublishSecretRef.Namespace + if csiSource.NodeStageSecretRef != nil && csiSource.NodeStageSecretRef.Name != "" { + azureSource.SecretName = csiSource.NodeStageSecretRef.Name + azureSource.SecretNamespace = &csiSource.NodeStageSecretRef.Namespace if csiSource.VolumeAttributes != nil { if shareName, ok := csiSource.VolumeAttributes[azureFileShareName]; ok { azureSource.ShareName = shareName } } } else { - _, _, fileShareName, err := getFileShareInfo(csiSource.VolumeHandle) + _, storageAccount, fileShareName, _, err := getFileShareInfo(csiSource.VolumeHandle) if err != nil { return nil, err } azureSource.ShareName = fileShareName - // to-do: for dynamic provision scenario in CSI, it uses cluster's identity to get storage account key - // secret for the file share is not created, we may create a serect here + azureSource.SecretName = fmt.Sprintf(secretNameTemplate, storageAccount) } pv.Spec.CSI = nil @@ -190,12 +207,25 @@ func (t *azureFileCSITranslator) RepairVolumeHandle(volumeHandle, nodeID string) } // get file share info according to volume id, e.g. -// input: "rg#f5713de20cde511e8ba4900#pvc-file-dynamic-17e43f84-f474-11e8-acd0-000d3a00df41" -// output: rg, f5713de20cde511e8ba4900, pvc-file-dynamic-17e43f84-f474-11e8-acd0-000d3a00df41 -func getFileShareInfo(id string) (string, string, string, error) { +// input: "rg#f5713de20cde511e8ba4900#pvc-file-dynamic-17e43f84-f474-11e8-acd0-000d3a00df41#diskname.vhd" +// output: rg, f5713de20cde511e8ba4900, pvc-file-dynamic-17e43f84-f474-11e8-acd0-000d3a00df41, diskname.vhd +func getFileShareInfo(id string) (string, string, string, string, error) { segments := strings.Split(id, separator) if len(segments) < 3 { - return "", "", "", fmt.Errorf("error parsing volume id: %q, should at least contain two #", id) + return "", "", "", "", fmt.Errorf("error parsing volume id: %q, should at least contain two #", id) } - return segments[0], segments[1], segments[2], nil + var diskName string + if len(segments) > 3 { + diskName = segments[3] + } + return segments[0], segments[1], segments[2], diskName, nil +} + +// get storage account name from secret name +func getStorageAccountName(secretName string) (string, error) { + matches := secretNameFormatRE.FindStringSubmatch(secretName) + if len(matches) != 2 { + return "", fmt.Errorf("could not get account name from %s, correct format: %s", secretName, secretNameFormatRE) + } + return matches[1], nil } diff --git a/staging/src/k8s.io/csi-translation-lib/plugins/azure_file_test.go b/staging/src/k8s.io/csi-translation-lib/plugins/azure_file_test.go index 848c11e5591..ab2b3ee0cf8 100644 --- a/staging/src/k8s.io/csi-translation-lib/plugins/azure_file_test.go +++ b/staging/src/k8s.io/csi-translation-lib/plugins/azure_file_test.go @@ -23,52 +23,77 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/stretchr/testify/assert" ) func TestGetFileShareInfo(t *testing.T) { tests := []struct { - options string - expected1 string - expected2 string - expected3 string - expected4 error + id string + resourceGroupName string + accountName string + fileShareName string + diskName string + expectedError error }{ { - options: "rg#f5713de20cde511e8ba4900#pvc-file-dynamic-17e43f84-f474-11e8-acd0-000d3a00df41", - expected1: "rg", - expected2: "f5713de20cde511e8ba4900", - expected3: "pvc-file-dynamic-17e43f84-f474-11e8-acd0-000d3a00df41", - expected4: nil, + id: "rg#f5713de20cde511e8ba4900#pvc-file-dynamic-17e43f84-f474-11e8-acd0-000d3a00df41#diskname.vhd", + resourceGroupName: "rg", + accountName: "f5713de20cde511e8ba4900", + fileShareName: "pvc-file-dynamic-17e43f84-f474-11e8-acd0-000d3a00df41", + diskName: "diskname.vhd", + expectedError: nil, }, { - options: "rg#f5713de20cde511e8ba4900", - expected1: "", - expected2: "", - expected3: "", - expected4: fmt.Errorf("error parsing volume id: \"rg#f5713de20cde511e8ba4900\", should at least contain two #"), + id: "rg#f5713de20cde511e8ba4900#pvc-file-dynamic-17e43f84-f474-11e8-acd0-000d3a00df41", + resourceGroupName: "rg", + accountName: "f5713de20cde511e8ba4900", + fileShareName: "pvc-file-dynamic-17e43f84-f474-11e8-acd0-000d3a00df41", + diskName: "", + expectedError: nil, }, { - options: "rg", - expected1: "", - expected2: "", - expected3: "", - expected4: fmt.Errorf("error parsing volume id: \"rg\", should at least contain two #"), + id: "rg#f5713de20cde511e8ba4900", + resourceGroupName: "", + accountName: "", + fileShareName: "", + diskName: "", + expectedError: fmt.Errorf("error parsing volume id: \"rg#f5713de20cde511e8ba4900\", should at least contain two #"), }, { - options: "", - expected1: "", - expected2: "", - expected3: "", - expected4: fmt.Errorf("error parsing volume id: \"\", should at least contain two #"), + id: "rg", + resourceGroupName: "", + accountName: "", + fileShareName: "", + diskName: "", + expectedError: fmt.Errorf("error parsing volume id: \"rg\", should at least contain two #"), + }, + { + id: "", + resourceGroupName: "", + accountName: "", + fileShareName: "", + diskName: "", + expectedError: fmt.Errorf("error parsing volume id: \"\", should at least contain two #"), }, } for _, test := range tests { - result1, result2, result3, result4 := getFileShareInfo(test.options) - if !reflect.DeepEqual(result1, test.expected1) || !reflect.DeepEqual(result2, test.expected2) || - !reflect.DeepEqual(result3, test.expected3) || !reflect.DeepEqual(result4, test.expected4) { - t.Errorf("input: %q, getFileShareInfo result1: %q, expected1: %q, result2: %q, expected2: %q, result3: %q, expected3: %q, result4: %q, expected4: %q", test.options, result1, test.expected1, result2, test.expected2, - result3, test.expected3, result4, test.expected4) + resourceGroupName, accountName, fileShareName, diskName, expectedError := getFileShareInfo(test.id) + if resourceGroupName != test.resourceGroupName { + t.Errorf("getFileShareInfo(%q) returned with: %q, expected: %q", test.id, resourceGroupName, test.resourceGroupName) + } + if accountName != test.accountName { + t.Errorf("getFileShareInfo(%q) returned with: %q, expected: %q", test.id, accountName, test.accountName) + } + if fileShareName != test.fileShareName { + t.Errorf("getFileShareInfo(%q) returned with: %q, expected: %q", test.id, fileShareName, test.fileShareName) + } + if diskName != test.diskName { + t.Errorf("getFileShareInfo(%q) returned with: %q, expected: %q", test.id, diskName, test.diskName) + } + if !reflect.DeepEqual(expectedError, test.expectedError) { + t.Errorf("getFileShareInfo(%q) returned with: %v, expected: %v", test.id, expectedError, test.expectedError) } } } @@ -110,13 +135,13 @@ func TestTranslateAzureFileInTreeStorageClassToCSI(t *testing.T) { PersistentVolumeSource: corev1.PersistentVolumeSource{ CSI: &corev1.CSIPersistentVolumeSource{ Driver: "file.csi.azure.com", - NodePublishSecretRef: &corev1.SecretReference{ - Name: "sharename", + NodeStageSecretRef: &corev1.SecretReference{ + Name: "secretname", Namespace: "default", }, ReadOnly: true, VolumeAttributes: map[string]string{azureFileShareName: "sharename"}, - VolumeHandle: "#secretname#sharename", + VolumeHandle: "#secretname#sharename#", }, }, AccessModes: []corev1.PersistentVolumeAccessMode{corev1.ReadWriteMany}, @@ -188,12 +213,12 @@ func TestTranslateAzureFileInTreePVToCSI(t *testing.T) { CSI: &corev1.CSIPersistentVolumeSource{ Driver: "file.csi.azure.com", ReadOnly: true, - NodePublishSecretRef: &corev1.SecretReference{ - Name: "sharename", + NodeStageSecretRef: &corev1.SecretReference{ + Name: "secretname", Namespace: secretNamespace, }, VolumeAttributes: map[string]string{azureFileShareName: "sharename"}, - VolumeHandle: "#secretname#sharename", + VolumeHandle: "#secretname#sharename#", }, }, }, @@ -217,3 +242,33 @@ func TestTranslateAzureFileInTreePVToCSI(t *testing.T) { } } } + +func TestGetStorageAccount(t *testing.T) { + tests := []struct { + secretName string + expectedError bool + expectedResult string + }{ + { + secretName: "azure-storage-account-accountname-secret", + expectedError: false, + expectedResult: "accountname", + }, + { + secretName: "azure-storage-account-accountname-dup-secret", + expectedError: false, + expectedResult: "accountname-dup", + }, + { + secretName: "invalid", + expectedError: true, + expectedResult: "", + }, + } + + for i, test := range tests { + accountName, err := getStorageAccountName(test.secretName) + assert.Equal(t, test.expectedError, err != nil, "TestCase[%d]", i) + assert.Equal(t, test.expectedResult, accountName, "TestCase[%d]", i) + } +}