github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-29 21:35:50 +00:00
Code Issues Projects Releases Wiki Activity

Update APIs and adjust tests

Browse Source 
Signed-off-by: zhucan <zhucan.k8s@gmail.com>
Signed-off-by: Humble Chirammal <humble.devassy@gmail.com>
This commit is contained in:
Humble Chirammal 2023-10-31 09:07:06 +08:00
parent 77f4178c98
commit 3890546265
14 changed files with 19 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/openapi-spec/swagger.json generated
View File

@ -5039,7 +5039,7 @@
}, },
"nodeExpandSecretRef": { "nodeExpandSecretRef": {
"$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference",
"description": "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed." "description": "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed."
}, },
"nodePublishSecretRef": { "nodePublishSecretRef": {
"$ref": "#/definitions/io.k8s.api.core.v1.SecretReference", "$ref": "#/definitions/io.k8s.api.core.v1.SecretReference",

2
api/openapi-spec/v3/api__v1_openapi.json
View File

@ -446,7 +446,7 @@
"$ref": "#/components/schemas/io.k8s.api.core.v1.SecretReference" "$ref": "#/components/schemas/io.k8s.api.core.v1.SecretReference"
} }
], ],
"description": "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed." "description": "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed."
}, },
"nodePublishSecretRef": { "nodePublishSecretRef": {
"allOf": [ "allOf": [

2
api/openapi-spec/v3/apis__storage.k8s.io__v1_openapi.json
View File

@ -126,7 +126,7 @@
"$ref": "#/components/schemas/io.k8s.api.core.v1.SecretReference" "$ref": "#/components/schemas/io.k8s.api.core.v1.SecretReference"
} }
], ],
"description": "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed." "description": "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed."
}, },
"nodePublishSecretRef": { "nodePublishSecretRef": {
"allOf": [ "allOf": [

16
pkg/api/persistentvolume/util.go
View File

@ -34,11 +34,6 @@ const (
// DropDisabledSpecFields removes disabled fields from the pv spec. // DropDisabledSpecFields removes disabled fields from the pv spec.
// This should be called from PrepareForCreate/PrepareForUpdate for all resources containing a pv spec. // This should be called from PrepareForCreate/PrepareForUpdate for all resources containing a pv spec.
func DropDisabledSpecFields(pvSpec *api.PersistentVolumeSpec, oldPVSpec *api.PersistentVolumeSpec) { func DropDisabledSpecFields(pvSpec *api.PersistentVolumeSpec, oldPVSpec *api.PersistentVolumeSpec) {
if !utilfeature.DefaultFeatureGate.Enabled(features.CSINodeExpandSecret) && !hasNodeExpansionSecrets(oldPVSpec) {
if pvSpec.CSI != nil {
pvSpec.CSI.NodeExpandSecretRef = nil
}
}
if !utilfeature.DefaultFeatureGate.Enabled(features.VolumeAttributesClass) { if !utilfeature.DefaultFeatureGate.Enabled(features.VolumeAttributesClass) {
if oldPVSpec == nil || oldPVSpec.VolumeAttributesClassName == nil { if oldPVSpec == nil || oldPVSpec.VolumeAttributesClassName == nil {
pvSpec.VolumeAttributesClassName = nil pvSpec.VolumeAttributesClassName = nil
@ -54,17 +49,6 @@ func DropDisabledStatusFields(oldStatus, newStatus *api.PersistentVolumeStatus)
} }
} }
func hasNodeExpansionSecrets(oldPVSpec *api.PersistentVolumeSpec) bool {
if oldPVSpec == nil || oldPVSpec.CSI == nil {
return false
}
if oldPVSpec.CSI.NodeExpandSecretRef != nil {
return true
}
return false
}
func GetWarningsForPersistentVolume(pv *api.PersistentVolume) []string { func GetWarningsForPersistentVolume(pv *api.PersistentVolume) []string {
if pv == nil { if pv == nil {
return nil return nil

64
pkg/api/persistentvolume/util_test.go
View File

@ -32,10 +32,6 @@ import (
) )
func TestDropDisabledFields(t *testing.T) { func TestDropDisabledFields(t *testing.T) {
secretRef := &api.SecretReference{
Name: "expansion-secret",
Namespace: "default",
}
vacName := ptr.To("vac") vacName := ptr.To("vac")
tests := map[string]struct { tests := map[string]struct {
@ -43,51 +39,8 @@ func TestDropDisabledFields(t *testing.T) {
newSpec *api.PersistentVolumeSpec newSpec *api.PersistentVolumeSpec
expectOldSpec *api.PersistentVolumeSpec expectOldSpec *api.PersistentVolumeSpec
expectNewSpec *api.PersistentVolumeSpec expectNewSpec *api.PersistentVolumeSpec
csiExpansionEnabled bool
vacEnabled bool vacEnabled bool
}{ }{
"disabled csi expansion clears secrets": {
csiExpansionEnabled: false,
newSpec: specWithCSISecrets(secretRef),
expectNewSpec: specWithCSISecrets(nil),
oldSpec: nil,
expectOldSpec: nil,
},
"enabled csi expansion preserve secrets": {
csiExpansionEnabled: true,
newSpec: specWithCSISecrets(secretRef),
expectNewSpec: specWithCSISecrets(secretRef),
oldSpec: nil,
expectOldSpec: nil,
},
"enabled csi expansion preserve secrets when both old and new have it": {
csiExpansionEnabled: true,
newSpec: specWithCSISecrets(secretRef),
expectNewSpec: specWithCSISecrets(secretRef),
oldSpec: specWithCSISecrets(secretRef),
expectOldSpec: specWithCSISecrets(secretRef),
},
"disabled csi expansion old pv had secrets": {
csiExpansionEnabled: false,
newSpec: specWithCSISecrets(secretRef),
expectNewSpec: specWithCSISecrets(secretRef),
oldSpec: specWithCSISecrets(secretRef),
expectOldSpec: specWithCSISecrets(secretRef),
},
"enabled csi expansion preserves secrets when old pv did not had secrets": {
csiExpansionEnabled: true,
newSpec: specWithCSISecrets(secretRef),
expectNewSpec: specWithCSISecrets(secretRef),
oldSpec: specWithCSISecrets(nil),
expectOldSpec: specWithCSISecrets(nil),
},
"disabled csi expansion neither new pv nor old pv had secrets": {
csiExpansionEnabled: false,
newSpec: specWithCSISecrets(nil),
expectNewSpec: specWithCSISecrets(nil),
oldSpec: specWithCSISecrets(nil),
expectOldSpec: specWithCSISecrets(nil),
},
"disabled vac clears volume attributes class name": { "disabled vac clears volume attributes class name": {
vacEnabled: false, vacEnabled: false,
newSpec: specWithVACName(vacName), newSpec: specWithVACName(vacName),
@ -134,7 +87,6 @@ func TestDropDisabledFields(t *testing.T) {
for name, tc := range tests { for name, tc := range tests {
t.Run(name, func(t *testing.T) { t.Run(name, func(t *testing.T) {
defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CSINodeExpandSecret, tc.csiExpansionEnabled)()
defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.VolumeAttributesClass, tc.vacEnabled)() defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.VolumeAttributesClass, tc.vacEnabled)()
DropDisabledSpecFields(tc.newSpec, tc.oldSpec) DropDisabledSpecFields(tc.newSpec, tc.oldSpec)
@ -148,22 +100,6 @@ func TestDropDisabledFields(t *testing.T) {
} }
} }
func specWithCSISecrets(secret *api.SecretReference) *api.PersistentVolumeSpec {
pvSpec := &api.PersistentVolumeSpec{
PersistentVolumeSource: api.PersistentVolumeSource{
CSI: &api.CSIPersistentVolumeSource{
Driver: "com.google.gcepd",
VolumeHandle: "foobar",
},
},
}
if secret != nil {
pvSpec.CSI.NodeExpandSecretRef = secret
}
return pvSpec
}
func specWithVACName(vacName *string) *api.PersistentVolumeSpec { func specWithVACName(vacName *string) *api.PersistentVolumeSpec {
pvSpec := &api.PersistentVolumeSpec{ pvSpec := &api.PersistentVolumeSpec{
PersistentVolumeSource: api.PersistentVolumeSource{ PersistentVolumeSource: api.PersistentVolumeSource{

2
pkg/apis/core/types.go
View File

@ -1879,10 +1879,8 @@ type CSIPersistentVolumeSource struct {
// NodeExpandSecretRef is a reference to the secret object containing // NodeExpandSecretRef is a reference to the secret object containing
// sensitive information to pass to the CSI driver to complete the CSI // sensitive information to pass to the CSI driver to complete the CSI
// NodeExpandVolume call. // NodeExpandVolume call.
// This is a beta field which is enabled default by CSINodeExpandSecret feature gate.
// This field is optional, may be omitted if no secret is required. If the // This field is optional, may be omitted if no secret is required. If the
// secret object contains more than one secret, all secrets are passed. // secret object contains more than one secret, all secrets are passed.
// +featureGate=CSINodeExpandSecret
// +optional // +optional
NodeExpandSecretRef *SecretReference NodeExpandSecretRef *SecretReference
} }

6
pkg/features/kube_features.go
View File

@ -163,7 +163,7 @@ const (
// kep: https://kep.k8s.io/3171 // kep: https://kep.k8s.io/3171
// alpha: v1.25 // alpha: v1.25
// beta: v1.27 // beta: v1.27
// GA: 1.29 // GA: v1.29
// Enables SecretRef field in CSI NodeExpandVolume request. // Enables SecretRef field in CSI NodeExpandVolume request.
CSINodeExpandSecret featuregate.Feature = "CSINodeExpandSecret" CSINodeExpandSecret featuregate.Feature = "CSINodeExpandSecret"
@ -1006,9 +1006,7 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS
CSIMigrationRBD: {Default: false, PreRelease: featuregate.Deprecated}, // deprecated in 1.28, remove in 1.31 CSIMigrationRBD: {Default: false, PreRelease: featuregate.Deprecated}, // deprecated in 1.28, remove in 1.31
CSIMigrationvSphere: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.29 CSINodeExpandSecret: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.31
CSINodeExpandSecret: {Default: true, PreRelease: featuregate.GA},
CSIVolumeHealth: {Default: false, PreRelease: featuregate.Alpha}, CSIVolumeHealth: {Default: false, PreRelease: featuregate.Alpha},

2
pkg/generated/openapi/zz_generated.openapi.go generated
View File

@ -17645,7 +17645,7 @@ func schema_k8sio_api_core_v1_CSIPersistentVolumeSource(ref common.ReferenceCall
}, },
"nodeExpandSecretRef": { "nodeExpandSecretRef": {
SchemaProps: spec.SchemaProps{ SchemaProps: spec.SchemaProps{
Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", Description: "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
Ref: ref("k8s.io/api/core/v1.SecretReference"), Ref: ref("k8s.io/api/core/v1.SecretReference"),
}, },
}, },

5
pkg/registry/core/persistentvolume/strategy.go
View File

@ -19,6 +19,7 @@ package persistentvolume
import ( import (
"context" "context"
"fmt" "fmt"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
utilfeature "k8s.io/apiserver/pkg/util/feature" utilfeature "k8s.io/apiserver/pkg/util/feature"
"k8s.io/kubernetes/pkg/features" "k8s.io/kubernetes/pkg/features"
@ -74,8 +75,6 @@ func (persistentvolumeStrategy) PrepareForCreate(ctx context.Context, obj runtim
now := NowFunc() now := NowFunc()
pv.Status.LastPhaseTransitionTime = &now pv.Status.LastPhaseTransitionTime = &now
} }
pvutil.DropDisabledSpecFields(&pv.Spec, nil)
} }
func (persistentvolumeStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList { func (persistentvolumeStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList {
@ -103,8 +102,6 @@ func (persistentvolumeStrategy) PrepareForUpdate(ctx context.Context, obj, old r
newPv := obj.(*api.PersistentVolume) newPv := obj.(*api.PersistentVolume)
oldPv := old.(*api.PersistentVolume) oldPv := old.(*api.PersistentVolume)
newPv.Status = oldPv.Status newPv.Status = oldPv.Status
pvutil.DropDisabledSpecFields(&newPv.Spec, &oldPv.Spec)
} }
func (persistentvolumeStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList { func (persistentvolumeStrategy) ValidateUpdate(ctx context.Context, obj, old runtime.Object) field.ErrorList {

5
pkg/volume/csi/expander.go
View File

@ -23,9 +23,7 @@ import (
"google.golang.org/grpc/codes" "google.golang.org/grpc/codes"
"google.golang.org/grpc/status" "google.golang.org/grpc/status"
api "k8s.io/api/core/v1" api "k8s.io/api/core/v1"
utilfeature "k8s.io/apiserver/pkg/util/feature"
"k8s.io/klog/v2" "k8s.io/klog/v2"
"k8s.io/kubernetes/pkg/features"
"k8s.io/kubernetes/pkg/volume" "k8s.io/kubernetes/pkg/volume"
"k8s.io/kubernetes/pkg/volume/util" "k8s.io/kubernetes/pkg/volume/util"
volumetypes "k8s.io/kubernetes/pkg/volume/util/types" volumetypes "k8s.io/kubernetes/pkg/volume/util/types"
@ -83,7 +81,7 @@ func (c *csiPlugin) nodeExpandWithClient(
} }
nodeExpandSecrets := map[string]string{} nodeExpandSecrets := map[string]string{}
expandClient := c.host.GetKubeClient() expandClient := c.host.GetKubeClient()
if utilfeature.DefaultFeatureGate.Enabled(features.CSINodeExpandSecret) {
if csiSource.NodeExpandSecretRef != nil { if csiSource.NodeExpandSecretRef != nil {
nodeExpandSecrets, err = getCredentialsFromSecret(expandClient, csiSource.NodeExpandSecretRef) nodeExpandSecrets, err = getCredentialsFromSecret(expandClient, csiSource.NodeExpandSecretRef)
if err != nil { if err != nil {
@ -91,7 +89,6 @@ func (c *csiPlugin) nodeExpandWithClient(
csiSource.NodeExpandSecretRef.Namespace, csiSource.NodeExpandSecretRef.Name, err) csiSource.NodeExpandSecretRef.Namespace, csiSource.NodeExpandSecretRef.Name, err)
} }
} }
}
opts := csiResizeOptions{ opts := csiResizeOptions{
volumePath: resizeOptions.DeviceMountPath, volumePath: resizeOptions.DeviceMountPath,

4
pkg/volume/csi/expander_test.go
View File

@ -27,9 +27,6 @@ import (
api "k8s.io/api/core/v1" api "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/resource" "k8s.io/apimachinery/pkg/api/resource"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
utilfeature "k8s.io/apiserver/pkg/util/feature"
featuregatetesting "k8s.io/component-base/featuregate/testing"
"k8s.io/kubernetes/pkg/features"
"k8s.io/kubernetes/pkg/volume" "k8s.io/kubernetes/pkg/volume"
volumetypes "k8s.io/kubernetes/pkg/volume/util/types" volumetypes "k8s.io/kubernetes/pkg/volume/util/types"
) )
@ -118,7 +115,6 @@ func TestNodeExpand(t *testing.T) {
} }
for _, tc := range tests { for _, tc := range tests {
t.Run(tc.name, func(t *testing.T) { t.Run(tc.name, func(t *testing.T) {
defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CSINodeExpandSecret, tc.enableCSINodeExpandSecret)()
plug, tmpDir := newTestPlugin(t, nil) plug, tmpDir := newTestPlugin(t, nil)
defer os.RemoveAll(tmpDir) defer os.RemoveAll(tmpDir)

2
staging/src/k8s.io/api/core/v1/generated.proto
View File

@ -228,10 +228,8 @@ message CSIPersistentVolumeSource {
// nodeExpandSecretRef is a reference to the secret object containing // nodeExpandSecretRef is a reference to the secret object containing
// sensitive information to pass to the CSI driver to complete the CSI // sensitive information to pass to the CSI driver to complete the CSI
// NodeExpandVolume call. // NodeExpandVolume call.
// This is a beta field which is enabled default by CSINodeExpandSecret feature gate.
// This field is optional, may be omitted if no secret is required. If the // This field is optional, may be omitted if no secret is required. If the
// secret object contains more than one secret, all secrets are passed. // secret object contains more than one secret, all secrets are passed.
// +featureGate=CSINodeExpandSecret
// +optional // +optional
optional SecretReference nodeExpandSecretRef = 10; optional SecretReference nodeExpandSecretRef = 10;
} }

2
staging/src/k8s.io/api/core/v1/types.go
View File

@ -1968,10 +1968,8 @@ type CSIPersistentVolumeSource struct {
// nodeExpandSecretRef is a reference to the secret object containing // nodeExpandSecretRef is a reference to the secret object containing
// sensitive information to pass to the CSI driver to complete the CSI // sensitive information to pass to the CSI driver to complete the CSI
// NodeExpandVolume call. // NodeExpandVolume call.
// This is a beta field which is enabled default by CSINodeExpandSecret feature gate.
// This field is optional, may be omitted if no secret is required. If the // This field is optional, may be omitted if no secret is required. If the
// secret object contains more than one secret, all secrets are passed. // secret object contains more than one secret, all secrets are passed.
// +featureGate=CSINodeExpandSecret
// +optional // +optional
NodeExpandSecretRef *SecretReference `json:"nodeExpandSecretRef,omitempty" protobuf:"bytes,10,opt,name=nodeExpandSecretRef"` NodeExpandSecretRef *SecretReference `json:"nodeExpandSecretRef,omitempty" protobuf:"bytes,10,opt,name=nodeExpandSecretRef"`
} }

2
staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go generated
View File

@ -127,7 +127,7 @@ var map_CSIPersistentVolumeSource = map[string]string{
"nodeStageSecretRef": "nodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", "nodeStageSecretRef": "nodeStageSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeStageVolume and NodeStageVolume and NodeUnstageVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
"nodePublishSecretRef": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", "nodePublishSecretRef": "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
"controllerExpandSecretRef": "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.", "controllerExpandSecretRef": "controllerExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI ControllerExpandVolume call. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
"nodeExpandSecretRef": "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This is a beta field which is enabled default by CSINodeExpandSecret feature gate. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.", "nodeExpandSecretRef": "nodeExpandSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodeExpandVolume call. This field is optional, may be omitted if no secret is required. If the secret object contains more than one secret, all secrets are passed.",
} }
func (CSIPersistentVolumeSource) SwaggerDoc() map[string]string { func (CSIPersistentVolumeSource) SwaggerDoc() map[string]string {