CSI inline volumes should support fsGroup

2025-07-21 19:01:49 +00:00 · 2022-03-11 16:12:53 -07:00 · 2022-03-11 16:12:53 -07:00 · 88a1962e56
commit 88a1962e56
parent f10cd679eb
2 changed files with 38 additions and 12 deletions
--- a/pkg/volume/csi/csi_mounter.go
+++ b/pkg/volume/csi/csi_mounter.go
@ -404,19 +404,27 @@ func (c *csiMountMgr) supportsFSGroup(fsType string, fsGroup *int64, driverPolic
 		return false
 	}

-	if c.spec.PersistentVolume == nil {
-		klog.V(4).Info(log("mounter.SetupAt Warning: skipping fsGroup permission change, no access mode available. The volume may only be accessible to root users."))
-		return false
+	if c.spec.PersistentVolume != nil {
+		if c.spec.PersistentVolume.Spec.AccessModes == nil {
+			klog.V(4).Info(log("mounter.SetupAt WARNING: skipping fsGroup, access modes not provided"))
+			return false
+		}
+		if !hasReadWriteOnce(c.spec.PersistentVolume.Spec.AccessModes) {
+			klog.V(4).Info(log("mounter.SetupAt WARNING: skipping fsGroup, only support ReadWriteOnce access mode"))
+			return false
+		}
+		return true
+	} else if c.spec.Volume != nil && c.spec.Volume.CSI != nil {
+		if !utilfeature.DefaultFeatureGate.Enabled(features.CSIInlineVolume) {
+			klog.V(4).Info(log("mounter.SetupAt WARNING: skipping fsGroup, CSIInlineVolume feature required"))
+			return false
+		}
+		// Inline CSI volumes are always mounted with RWO AccessMode by SetUpAt
+		return true
 	}
-	if c.spec.PersistentVolume.Spec.AccessModes == nil {
-		klog.V(4).Info(log("mounter.SetupAt WARNING: skipping fsGroup, access modes not provided"))
-		return false
-	}
-	if !hasReadWriteOnce(c.spec.PersistentVolume.Spec.AccessModes) {
-		klog.V(4).Info(log("mounter.SetupAt WARNING: skipping fsGroup, only support ReadWriteOnce access mode"))
-		return false
-	}
-	return true
+
+	klog.V(4).Info(log("mounter.SetupAt WARNING: skipping fsGroup, unsupported volume type"))
+	return false
 }

 // isDirMounted returns the !notMounted result from IsLikelyNotMountPoint check
--- a/pkg/volume/csi/csi_mounter_test.go
+++ b/pkg/volume/csi/csi_mounter_test.go
@ -1201,6 +1201,24 @@ func Test_csiMountMgr_supportsFSGroup(t *testing.T) {
 			},
 			want: true,
 		},
+		{
+			name: "driverPolicy is ReadWriteOnceWithFSTypeFSGroupPolicy with CSI inline volume",
+			args: args{
+				fsGroup:      new(int64),
+				fsType:       "ext4",
+				driverPolicy: storage.ReadWriteOnceWithFSTypeFSGroupPolicy,
+			},
+			fields: fields{
+				spec: volume.NewSpecFromVolume(&api.Volume{
+					VolumeSource: api.VolumeSource{
+						CSI: &api.CSIVolumeSource{
+							Driver: testDriver,
+						},
+					},
+				}),
+			},
+			want: true,
+		},
 	}

 	for _, tt := range tests {