From 507c63c610d4d46e0f5a24e566653118cc4f1810 Mon Sep 17 00:00:00 2001 From: Roman Bednar Date: Mon, 7 Feb 2022 11:13:11 +0100 Subject: [PATCH] azure_file: try to get secret namespace from ClaimRef This is the actual fix - attempt to obtain a namespace from ClaimRef. Or fail if namespace could not be found instead of using "default". --- .../csi-translation-lib/plugins/azure_file.go | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/staging/src/k8s.io/csi-translation-lib/plugins/azure_file.go b/staging/src/k8s.io/csi-translation-lib/plugins/azure_file.go index 8588419187c..6a688d7098f 100644 --- a/staging/src/k8s.io/csi-translation-lib/plugins/azure_file.go +++ b/staging/src/k8s.io/csi-translation-lib/plugins/azure_file.go @@ -129,9 +129,21 @@ func (t *azureFileCSITranslator) TranslateInTreePVToCSI(pv *v1.PersistentVolume) resourceGroup = v } } - namespace := defaultSecretNamespace + + // Secret is required when mounting a volume but pod presence cannot be assumed - we should not try to read pod now. + namespace := "" + // Try to read SecretNamespace from source pv. if azureSource.SecretNamespace != nil { namespace = *azureSource.SecretNamespace + } else { + // Try to read namespace from ClaimRef which should be always present. + if pv.Spec.ClaimRef != nil { + namespace = pv.Spec.ClaimRef.Namespace + } + } + + if len(namespace) == 0 { + return nil, fmt.Errorf("could not find a secret namespace in PersistentVolumeSource or ClaimRef") } volumeID := fmt.Sprintf(volumeIDTemplate, resourceGroup, accountName, azureSource.ShareName, pv.ObjectMeta.Name, namespace)