add iSCSI CHAP API

Signed-off-by: Huamin Chen <hchen@redhat.com>
2025-08-11 13:02:14 +00:00 · 2017-03-17 15:50:39 -04:00 · 2017-03-17 15:50:39 -04:00 · 4b7e084a8e
commit 4b7e084a8e
parent 8667d7c4f1
8 changed files with 79 additions and 2 deletions
--- a/pkg/api/types.go
+++ b/pkg/api/types.go
@ -653,10 +653,20 @@ type ISCSIVolumeSource struct {
 	// the ReadOnly setting in VolumeMounts.
 	// +optional
 	ReadOnly bool
-	// Required: list of iSCSI target portal ips for high availability.
+	// Optional: list of iSCSI target portal ips for high availability.
 	// the portal is either an IP or ip_addr:port if port is other than default (typically TCP ports 860 and 3260)
 	// +optional
 	Portals []string
 	// Optional: whether support iSCSI Discovery CHAP authentication
 	// +optional
 	DiscoveryCHAPAuth bool
 	// Optional: whether support iSCSI Session CHAP authentication
 	// +optional
 	SessionCHAPAuth bool
 	// Optional: CHAP secret for iSCSI target and initiator authentication.
 	// The secret is used if either DiscoveryCHAPAuth or SessionCHAPAuth is true
 	// +optional
 	SecretRef *LocalObjectReference
 }
 // Represents a Fibre Channel volume.
--- a/pkg/api/v1/types.go
+++ b/pkg/api/v1/types.go
@ -1047,6 +1047,15 @@ type ISCSIVolumeSource struct {
 	// is other than default (typically TCP ports 860 and 3260).
 	// +optional
 	Portals []string `json:"portals,omitempty" protobuf:"bytes,7,opt,name=portals"`
 	// whether support iSCSI Discovery CHAP authentication
 	// +optional
 	DiscoveryCHAPAuth bool `json:"chapAuthDiscovery,omitempty" protobuf:"varint,8,opt,name=chapAuthDiscovery"`
 	// whether support iSCSI Session CHAP authentication
 	// +optional
 	SessionCHAPAuth bool `json:"chapAuthSession,omitempty" protobuf:"varint,11,opt,name=chapAuthSession"`
 	// CHAP secret for iSCSI target and initiator authentication
 	// +optional
 	SecretRef *LocalObjectReference `json:"secretRef,omitempty" protobuf:"bytes,10,opt,name=secretRef"`
 }
 // Represents a Fibre Channel volume.
--- a/pkg/api/v1/zz_generated.conversion.go
+++ b/pkg/api/v1/zz_generated.conversion.go
@ -1706,6 +1706,7 @@ func autoConvert_v1_ISCSIVolumeSource_To_api_ISCSIVolumeSource(in *ISCSIVolumeSo
 	out.FSType = in.FSType
 	out.ReadOnly = in.ReadOnly
 	out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals))
 	out.SecretRef = (*api.LocalObjectReference)(unsafe.Pointer(in.SecretRef))
 	return nil
 }
@ -1721,6 +1722,7 @@ func autoConvert_api_ISCSIVolumeSource_To_v1_ISCSIVolumeSource(in *api.ISCSIVolu
 	out.FSType = in.FSType
 	out.ReadOnly = in.ReadOnly
 	out.Portals = *(*[]string)(unsafe.Pointer(&in.Portals))
 	out.SecretRef = (*LocalObjectReference)(unsafe.Pointer(in.SecretRef))
 	return nil
 }
--- a/pkg/api/v1/zz_generated.deepcopy.go
+++ b/pkg/api/v1/zz_generated.deepcopy.go
@ -1198,6 +1198,11 @@ func DeepCopy_v1_ISCSIVolumeSource(in interface{}, out interface{}, c *conversio
 			*out = make([]string, len(*in))
 			copy(*out, *in)
 		}
 		if in.SecretRef != nil {
 			in, out := &in.SecretRef, &out.SecretRef
 			*out = new(LocalObjectReference)
 			**out = **in
 		}
 		return nil
 	}
 }
--- a/pkg/api/validation/validation.go
+++ b/pkg/api/validation/validation.go
@ -622,6 +622,9 @@ func validateISCSIVolumeSource(iscsi *api.ISCSIVolumeSource, fldPath *field.Path
 	if iscsi.Lun < 0 || iscsi.Lun > 255 {
 		allErrs = append(allErrs, field.Invalid(fldPath.Child("lun"), iscsi.Lun, validation.InclusiveRangeError(0, 255)))
 	}
 	if (iscsi.DiscoveryCHAPAuth || iscsi.SessionCHAPAuth) && iscsi.SecretRef == nil {
 		allErrs = append(allErrs, field.Required(fldPath.Child("secretRef"), ""))
 	}
 	return allErrs
 }
--- a/pkg/api/validation/validation_test.go
+++ b/pkg/api/validation/validation_test.go
@ -948,6 +948,42 @@ func TestValidateVolumes(t *testing.T) {
 			errtype:  field.ErrorTypeRequired,
 			errfield: "iscsi.iqn",
 		},
 		{
 			name: "empty secret",
 			vol: api.Volume{
 				Name: "iscsi",
 				VolumeSource: api.VolumeSource{
 					ISCSI: &api.ISCSIVolumeSource{
 						TargetPortal:      "127.0.0.1",
 						IQN:               "iqn.2015-02.example.com:test",
 						Lun:               1,
 						FSType:            "ext4",
 						ReadOnly:          false,
 						DiscoveryCHAPAuth: true,
 					},
 				},
 			},
 			errtype:  field.ErrorTypeRequired,
 			errfield: "iscsi.secretRef",
 		},
 		{
 			name: "empty secret",
 			vol: api.Volume{
 				Name: "iscsi",
 				VolumeSource: api.VolumeSource{
 					ISCSI: &api.ISCSIVolumeSource{
 						TargetPortal:    "127.0.0.1",
 						IQN:             "iqn.2015-02.example.com:test",
 						Lun:             1,
 						FSType:          "ext4",
 						ReadOnly:        false,
 						SessionCHAPAuth: true,
 					},
 				},
 			},
 			errtype:  field.ErrorTypeRequired,
 			errfield: "iscsi.secretRef",
 		},
 		// Secret
 		{
 			name: "valid Secret",
--- a/pkg/api/zz_generated.deepcopy.go
+++ b/pkg/api/zz_generated.deepcopy.go
@ -1226,6 +1226,11 @@ func DeepCopy_api_ISCSIVolumeSource(in interface{}, out interface{}, c *conversi
 			*out = make([]string, len(*in))
 			copy(*out, *in)
 		}
 		if in.SecretRef != nil {
 			in, out := &in.SecretRef, &out.SecretRef
 			*out = new(LocalObjectReference)
 			**out = **in
 		}
 		return nil
 	}
 }
--- a/pkg/generated/openapi/zz_generated.openapi.go
+++ b/pkg/generated/openapi/zz_generated.openapi.go
@ -3971,11 +3971,18 @@ func GetOpenAPIDefinitions(ref openapi.ReferenceCallback) map[string]openapi.Ope
 								},
 							},
 						},
 						"secretRef": {
 							SchemaProps: spec.SchemaProps{
 								Description: "CHAP secret for iSCSI target and initiator authentication",
 								Ref:         ref("k8s.io/kubernetes/pkg/api/v1.LocalObjectReference"),
 							},
 						},
 					},
 					Required: []string{"targetPortal", "iqn", "lun"},
 				},
 			},
-			Dependencies: []string{},
+			Dependencies: []string{
 				"k8s.io/kubernetes/pkg/api/v1.LocalObjectReference"},
 		},
 		"k8s.io/kubernetes/pkg/api/v1.KeyToPath": {
 			Schema: spec.Schema{