set fsGroup by securityContext.fsGroup in azure file

fix comments fix comments fix comments
2025-07-28 14:07:14 +00:00 · 2018-01-16 03:38:14 +00:00 · 2018-01-16 03:38:14 +00:00 · c38e7589a4
commit c38e7589a4
parent eb3196b1b4
4 changed files with 46 additions and 12 deletions
--- a/pkg/volume/azure_file/BUILD
+++ b/pkg/volume/azure_file/BUILD
@ -43,6 +43,7 @@ go_test(
        "//pkg/util/mount:go_default_library",
        "//pkg/volume:go_default_library",
        "//pkg/volume/testing:go_default_library",
+        "//vendor/github.com/Azure/go-autorest/autorest/to:go_default_library",
        "//vendor/k8s.io/api/core/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
--- a/pkg/volume/azure_file/azure_file.go
+++ b/pkg/volume/azure_file/azure_file.go
@ -227,7 +227,7 @@ func (b *azureFileMounter) SetUpAt(dir string, fsGroup *int64) error {
 			options = append(options, "ro")
 		}
 		mountOptions = volume.JoinMountOptions(b.mountOptions, options)
-		mountOptions = appendDefaultMountOptions(mountOptions)
+		mountOptions = appendDefaultMountOptions(mountOptions, fsGroup)
 	}

 	err = b.mounter.Mount(source, dir, "cifs", mountOptions)
--- a/pkg/volume/azure_file/azure_file_test.go
+++ b/pkg/volume/azure_file/azure_file_test.go
@ -25,6 +25,7 @@ import (
 	"strings"
 	"testing"

+	"github.com/Azure/go-autorest/autorest/to"
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
@ -364,32 +365,55 @@ func TestGetSecretNameAndNamespaceForPV(t *testing.T) {
 func TestAppendDefaultMountOptions(t *testing.T) {
 	tests := []struct {
 		options  []string
+		fsGroup  *int64
 		expected []string
 	}{
 		{
-			options:  []string{"dir_mode=0777"},
-			expected: []string{"dir_mode=0777", fmt.Sprintf("%s=%s", fileMode, defaultFileMode), fmt.Sprintf("%s=%s", vers, defaultVers)},
+			options: []string{"dir_mode=0777"},
+			fsGroup: nil,
+			expected: []string{"dir_mode=0777",
+				fmt.Sprintf("%s=%s", fileMode, defaultFileMode),
+				fmt.Sprintf("%s=%s", vers, defaultVers)},
 		},
 		{
-			options:  []string{"file_mode=0777"},
-			expected: []string{"file_mode=0777", fmt.Sprintf("%s=%s", dirMode, defaultDirMode), fmt.Sprintf("%s=%s", vers, defaultVers)},
+			options: []string{"file_mode=0777"},
+			fsGroup: to.Int64Ptr(0),
+			expected: []string{"file_mode=0777",
+				fmt.Sprintf("%s=%s", dirMode, defaultDirMode),
+				fmt.Sprintf("%s=%s", vers, defaultVers),
+				fmt.Sprintf("%s=0", gid)},
 		},
 		{
-			options:  []string{"vers=2.1"},
-			expected: []string{"vers=2.1", fmt.Sprintf("%s=%s", fileMode, defaultFileMode), fmt.Sprintf("%s=%s", dirMode, defaultDirMode)},
+			options: []string{"vers=2.1"},
+			fsGroup: to.Int64Ptr(1000),
+			expected: []string{"vers=2.1",
+				fmt.Sprintf("%s=%s", fileMode, defaultFileMode),
+				fmt.Sprintf("%s=%s", dirMode, defaultDirMode),
+				fmt.Sprintf("%s=1000", gid)},
 		},
 		{
-			options:  []string{""},
-			expected: []string{"", fmt.Sprintf("%s=%s", fileMode, defaultFileMode), fmt.Sprintf("%s=%s", dirMode, defaultDirMode), fmt.Sprintf("%s=%s", vers, defaultVers)},
+			options: []string{""},
+			expected: []string{"", fmt.Sprintf("%s=%s",
+				fileMode, defaultFileMode),
+				fmt.Sprintf("%s=%s", dirMode, defaultDirMode),
+				fmt.Sprintf("%s=%s", vers, defaultVers)},
 		},
 		{
 			options:  []string{"file_mode=0777", "dir_mode=0777"},
 			expected: []string{"file_mode=0777", "dir_mode=0777", fmt.Sprintf("%s=%s", vers, defaultVers)},
 		},
+		{
+			options: []string{"gid=2000"},
+			fsGroup: to.Int64Ptr(1000),
+			expected: []string{"gid=2000",
+				fmt.Sprintf("%s=%s", fileMode, defaultFileMode),
+				fmt.Sprintf("%s=%s", dirMode, defaultDirMode),
+				"vers=3.0"},
+		},
 	}

 	for _, test := range tests {
-		result := appendDefaultMountOptions(test.options)
+		result := appendDefaultMountOptions(test.options, test.fsGroup)
 		if !reflect.DeepEqual(result, test.expected) {
 			t.Errorf("input: %q, appendDefaultMountOptions result: %q, expected: %q", test.options, result, test.expected)
 		}
--- a/pkg/volume/azure_file/azure_util.go
+++ b/pkg/volume/azure_file/azure_util.go
@ -29,6 +29,7 @@ import (
 const (
 	fileMode        = "file_mode"
 	dirMode         = "dir_mode"
+	gid             = "gid"
 	vers            = "vers"
 	defaultFileMode = "0755"
 	defaultDirMode  = "0755"
@ -95,11 +96,12 @@ func (s *azureSvc) SetAzureCredentials(host volume.VolumeHost, nameSpace, accoun
 	return secretName, err
 }

-// check whether mountOptions contain file_mode and dir_mode, if not, append default mode
-func appendDefaultMountOptions(mountOptions []string) []string {
+// check whether mountOptions contain file_mode, dir_mode, vers, gid, if not, append default mode
+func appendDefaultMountOptions(mountOptions []string, fsGroup *int64) []string {
 	fileModeFlag := false
 	dirModeFlag := false
 	versFlag := false
+	gidFlag := false

 	for _, mountOption := range mountOptions {
 		if strings.HasPrefix(mountOption, fileMode) {
@ -111,6 +113,9 @@ func appendDefaultMountOptions(mountOptions []string) []string {
 		if strings.HasPrefix(mountOption, vers) {
 			versFlag = true
 		}
+		if strings.HasPrefix(mountOption, gid) {
+			gidFlag = true
+		}
 	}

 	allMountOptions := mountOptions
@ -125,5 +130,9 @@ func appendDefaultMountOptions(mountOptions []string) []string {
 	if !versFlag {
 		allMountOptions = append(allMountOptions, fmt.Sprintf("%s=%s", vers, defaultVers))
 	}
+
+	if !gidFlag && fsGroup != nil {
+		allMountOptions = append(allMountOptions, fmt.Sprintf("%s=%d", gid, *fsGroup))
+	}
 	return allMountOptions
 }