return error if get NodeStageSecret and NodePublishSecret failed

2025-08-09 20:17:41 +00:00 · 2018-03-13 18:09:51 +08:00 · 2018-03-13 18:09:51 +08:00 · b9606696c9
commit b9606696c9
parent a7d6340ad2
3 changed files with 22 additions and 13 deletions
--- a/pkg/volume/csi/csi_attacher.go
+++ b/pkg/volume/csi/csi_attacher.go
@ -318,6 +318,15 @@ func (c *csiAttacher) MountDevice(spec *volume.Spec, devicePath string, deviceMo
 	}
 	publishVolumeInfo := attachment.Status.AttachmentMetadata

+	nodeStageSecrets := map[string]string{}
+	if csiSource.NodeStageSecretRef != nil {
+		nodeStageSecrets, err = getCredentialsFromSecret(c.k8s, csiSource.NodeStageSecretRef)
+		if err != nil {
+			return fmt.Errorf("fetching NodeStageSecretRef %s/%s failed: %v",
+				csiSource.NodeStageSecretRef.Namespace, csiSource.NodeStageSecretRef.Name, err)
+		}
+	}
+
 	// create target_dir before call to NodeStageVolume
 	if err := os.MkdirAll(deviceMountPath, 0750); err != nil {
 		glog.Error(log("attacher.MountDevice failed to create dir %#v:  %v", deviceMountPath, err))
@ -336,11 +345,6 @@ func (c *csiAttacher) MountDevice(spec *volume.Spec, devicePath string, deviceMo
 		fsType = defaultFSType
 	}

-	nodeStageSecrets := map[string]string{}
-	if csiSource.NodeStageSecretRef != nil {
-		nodeStageSecrets = getCredentialsFromSecret(c.k8s, csiSource.NodeStageSecretRef)
-	}
-
 	err = csi.NodeStageVolume(ctx,
 		csiSource.VolumeHandle,
 		publishVolumeInfo,
--- a/pkg/volume/csi/csi_mounter.go
+++ b/pkg/volume/csi/csi_mounter.go
@ -153,6 +153,15 @@ func (c *csiMountMgr) SetUpAt(dir string, fsGroup *int64) error {

 	attribs := csiSource.VolumeAttributes

+	nodePublishSecrets := map[string]string{}
+	if csiSource.NodePublishSecretRef != nil {
+		nodePublishSecrets, err = getCredentialsFromSecret(c.k8s, csiSource.NodePublishSecretRef)
+		if err != nil {
+			return fmt.Errorf("fetching NodePublishSecretRef %s/%s failed: %v",
+				csiSource.NodePublishSecretRef.Namespace, csiSource.NodePublishSecretRef.Name, err)
+		}
+	}
+
 	// create target_dir before call to NodePublish
 	if err := os.MkdirAll(dir, 0750); err != nil {
 		glog.Error(log("mouter.SetUpAt failed to create dir %#v:  %v", dir, err))
@ -188,10 +197,6 @@ func (c *csiMountMgr) SetUpAt(dir string, fsGroup *int64) error {
 	if len(fsType) == 0 {
 		fsType = defaultFSType
 	}
-	nodePublishSecrets := map[string]string{}
-	if csiSource.NodePublishSecretRef != nil {
-		nodePublishSecrets = getCredentialsFromSecret(c.k8s, csiSource.NodePublishSecretRef)
-	}
 	err = csi.NodePublishVolume(
 		ctx,
 		c.volumeID,
--- a/pkg/volume/csi/csi_util.go
+++ b/pkg/volume/csi/csi_util.go
@ -23,16 +23,16 @@ import (
 	"k8s.io/client-go/kubernetes"
 )

-func getCredentialsFromSecret(k8s kubernetes.Interface, secretRef *api.SecretReference) map[string]string {
+func getCredentialsFromSecret(k8s kubernetes.Interface, secretRef *api.SecretReference) (map[string]string, error) {
 	credentials := map[string]string{}
 	secret, err := k8s.CoreV1().Secrets(secretRef.Namespace).Get(secretRef.Name, meta.GetOptions{})
 	if err != nil {
-		glog.Warningf("failed to find the secret %s in the namespace %s with error: %v\n", secretRef.Name, secretRef.Namespace, err)
-		return credentials
+		glog.Errorf("failed to find the secret %s in the namespace %s with error: %v\n", secretRef.Name, secretRef.Namespace, err)
+		return credentials, err
 	}
 	for key, value := range secret.Data {
 		credentials[key] = string(value)
 	}

-	return credentials
+	return credentials, nil
 }