From b9606696c91f98b6eec5ba9dcdfd582498f9873e Mon Sep 17 00:00:00 2001 From: mlmhl Date: Tue, 13 Mar 2018 18:09:51 +0800 Subject: [PATCH] return error if get NodeStageSecret and NodePublishSecret failed --- pkg/volume/csi/csi_attacher.go | 14 +++++++++----- pkg/volume/csi/csi_mounter.go | 13 +++++++++---- pkg/volume/csi/csi_util.go | 8 ++++---- 3 files changed, 22 insertions(+), 13 deletions(-) diff --git a/pkg/volume/csi/csi_attacher.go b/pkg/volume/csi/csi_attacher.go index 720cbce04da..2f8903dfdde 100644 --- a/pkg/volume/csi/csi_attacher.go +++ b/pkg/volume/csi/csi_attacher.go @@ -318,6 +318,15 @@ func (c *csiAttacher) MountDevice(spec *volume.Spec, devicePath string, deviceMo } publishVolumeInfo := attachment.Status.AttachmentMetadata + nodeStageSecrets := map[string]string{} + if csiSource.NodeStageSecretRef != nil { + nodeStageSecrets, err = getCredentialsFromSecret(c.k8s, csiSource.NodeStageSecretRef) + if err != nil { + return fmt.Errorf("fetching NodeStageSecretRef %s/%s failed: %v", + csiSource.NodeStageSecretRef.Namespace, csiSource.NodeStageSecretRef.Name, err) + } + } + // create target_dir before call to NodeStageVolume if err := os.MkdirAll(deviceMountPath, 0750); err != nil { glog.Error(log("attacher.MountDevice failed to create dir %#v: %v", deviceMountPath, err)) @@ -336,11 +345,6 @@ func (c *csiAttacher) MountDevice(spec *volume.Spec, devicePath string, deviceMo fsType = defaultFSType } - nodeStageSecrets := map[string]string{} - if csiSource.NodeStageSecretRef != nil { - nodeStageSecrets = getCredentialsFromSecret(c.k8s, csiSource.NodeStageSecretRef) - } - err = csi.NodeStageVolume(ctx, csiSource.VolumeHandle, publishVolumeInfo, diff --git a/pkg/volume/csi/csi_mounter.go b/pkg/volume/csi/csi_mounter.go index 213d0b58200..1f5306f588a 100644 --- a/pkg/volume/csi/csi_mounter.go +++ b/pkg/volume/csi/csi_mounter.go @@ -153,6 +153,15 @@ func (c *csiMountMgr) SetUpAt(dir string, fsGroup *int64) error { attribs := csiSource.VolumeAttributes + nodePublishSecrets := map[string]string{} + if csiSource.NodePublishSecretRef != nil { + nodePublishSecrets, err = getCredentialsFromSecret(c.k8s, csiSource.NodePublishSecretRef) + if err != nil { + return fmt.Errorf("fetching NodePublishSecretRef %s/%s failed: %v", + csiSource.NodePublishSecretRef.Namespace, csiSource.NodePublishSecretRef.Name, err) + } + } + // create target_dir before call to NodePublish if err := os.MkdirAll(dir, 0750); err != nil { glog.Error(log("mouter.SetUpAt failed to create dir %#v: %v", dir, err)) @@ -188,10 +197,6 @@ func (c *csiMountMgr) SetUpAt(dir string, fsGroup *int64) error { if len(fsType) == 0 { fsType = defaultFSType } - nodePublishSecrets := map[string]string{} - if csiSource.NodePublishSecretRef != nil { - nodePublishSecrets = getCredentialsFromSecret(c.k8s, csiSource.NodePublishSecretRef) - } err = csi.NodePublishVolume( ctx, c.volumeID, diff --git a/pkg/volume/csi/csi_util.go b/pkg/volume/csi/csi_util.go index 6f5e0cd1b70..81a973e44db 100644 --- a/pkg/volume/csi/csi_util.go +++ b/pkg/volume/csi/csi_util.go @@ -23,16 +23,16 @@ import ( "k8s.io/client-go/kubernetes" ) -func getCredentialsFromSecret(k8s kubernetes.Interface, secretRef *api.SecretReference) map[string]string { +func getCredentialsFromSecret(k8s kubernetes.Interface, secretRef *api.SecretReference) (map[string]string, error) { credentials := map[string]string{} secret, err := k8s.CoreV1().Secrets(secretRef.Namespace).Get(secretRef.Name, meta.GetOptions{}) if err != nil { - glog.Warningf("failed to find the secret %s in the namespace %s with error: %v\n", secretRef.Name, secretRef.Namespace, err) - return credentials + glog.Errorf("failed to find the secret %s in the namespace %s with error: %v\n", secretRef.Name, secretRef.Namespace, err) + return credentials, err } for key, value := range secret.Data { credentials[key] = string(value) } - return credentials + return credentials, nil }