Merge pull request #116209 from haoruan/feature-csidriver-fields-mutable

Allow FSGroupPolicy and PodInfoOnMount to be mutable in CSIDriver.Spec

api/openapi-spec/swagger.json

@@ -14746,11 +14746,11 @@
           "type": "boolean"
         },
         "fsGroupPolicy": {
-          "description": "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field is immutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
+          "description": "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
           "type": "string"
         },
         "podInfoOnMount": {
-          "description": "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field is immutable.",
+          "description": "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.",
           "type": "boolean"
         },
         "requiresRepublish": {

api/openapi-spec/v3/apis__storage.k8s.io__v1_openapi.json

@@ -1268,11 +1268,11 @@
             "type": "boolean"
           },
           "fsGroupPolicy": {
-            "description": "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field is immutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
+            "description": "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
             "type": "string"
           },
           "podInfoOnMount": {
-            "description": "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field is immutable.",
+            "description": "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.",
             "type": "boolean"
           },
           "requiresRepublish": {

pkg/apis/storage/types.go

@@ -284,7 +284,7 @@ type CSIDriverSpec struct {
 	// permission of the volume before being mounted.
 	// Refer to the specific FSGroupPolicy values for additional details.
 	//
-	// This field is immutable.
+	// This field was immutable in Kubernetes < 1.29 and now is mutable.
 	//
 	// Defaults to ReadWriteOnceWithFSType, which will examine each volume
 	// to determine if Kubernetes should modify ownership and permissions of the volume.
@@ -318,7 +318,7 @@ type CSIDriverSpec struct {
 	// deployed on such a cluster and the deployment determines which mode that is, for example
 	// via a command line parameter of the driver.
 	//
-	// This field is immutable.
+	// This field was immutable in Kubernetes < 1.29 and now is mutable.
 	//
 	// +optional
 	PodInfoOnMount *bool

pkg/apis/storage/validation/validation.go

@@ -418,8 +418,6 @@ func ValidateCSIDriverUpdate(new, old *storage.CSIDriver) field.ErrorList {
 
 	// immutable fields should not be mutated.
 	allErrs = append(allErrs, apimachineryvalidation.ValidateImmutableField(new.Spec.AttachRequired, old.Spec.AttachRequired, field.NewPath("spec", "attachedRequired"))...)
-	allErrs = append(allErrs, apimachineryvalidation.ValidateImmutableField(new.Spec.FSGroupPolicy, old.Spec.FSGroupPolicy, field.NewPath("spec", "fsGroupPolicy"))...)
-	allErrs = append(allErrs, apimachineryvalidation.ValidateImmutableField(new.Spec.PodInfoOnMount, old.Spec.PodInfoOnMount, field.NewPath("spec", "podInfoOnMount"))...)
 	allErrs = append(allErrs, apimachineryvalidation.ValidateImmutableField(new.Spec.VolumeLifecycleModes, old.Spec.VolumeLifecycleModes, field.NewPath("spec", "volumeLifecycleModes"))...)
 
 	allErrs = append(allErrs, validateTokenRequests(new.Spec.TokenRequests, field.NewPath("spec", "tokenRequests"))...)

pkg/apis/storage/validation/validation_test.go

@@ -1715,6 +1715,17 @@ func TestCSIDriverValidationUpdate(t *testing.T) {
 		modify: func(new *storage.CSIDriver) {
 			new.Spec.SELinuxMount = &notSELinuxMount
 		},
+	}, {
+		name: "change PodInfoOnMount",
+		modify: func(new *storage.CSIDriver) {
+			new.Spec.PodInfoOnMount = &podInfoOnMount
+		},
+	}, {
+		name: "change FSGroupPolicy",
+		modify: func(new *storage.CSIDriver) {
+			fileFSGroupPolicy := storage.FileFSGroupPolicy
+			new.Spec.FSGroupPolicy = &fileFSGroupPolicy
+		},
 	}}
 	for _, test := range successCases {
 		t.Run(test.name, func(t *testing.T) {
@@ -1755,11 +1766,6 @@ func TestCSIDriverValidationUpdate(t *testing.T) {
 		modify: func(new *storage.CSIDriver) {
 			new.Spec.PodInfoOnMount = nil
 		},
-	}, {
-		name: "PodInfoOnMount changed",
-		modify: func(new *storage.CSIDriver) {
-			new.Spec.PodInfoOnMount = &podInfoOnMount
-		},
 	}, {
 		name: "invalid volume lifecycle mode",
 		modify: func(new *storage.CSIDriver) {
@@ -1792,12 +1798,6 @@ func TestCSIDriverValidationUpdate(t *testing.T) {
 			invalidFSGroupPolicy := storage.FSGroupPolicy("invalid")
 			new.Spec.FSGroupPolicy = &invalidFSGroupPolicy
 		},
-	}, {
-		name: "FSGroupPolicy changed",
-		modify: func(new *storage.CSIDriver) {
-			fileFSGroupPolicy := storage.FileFSGroupPolicy
-			new.Spec.FSGroupPolicy = &fileFSGroupPolicy
-		},
 	}, {
 		name: "TokenRequests invalidated",
 		modify: func(new *storage.CSIDriver) {

pkg/generated/openapi/zz_generated.openapi.go

@@ -43605,7 +43605,7 @@ func schema_k8sio_api_storage_v1_CSIDriverSpec(ref common.ReferenceCallback) com
 					},
 					"podInfoOnMount": {
 						SchemaProps: spec.SchemaProps{
-							Description: "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field is immutable.",
+							Description: "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.",
 							Type:        []string{"boolean"},
 							Format:      "",
 						},
@@ -43639,7 +43639,7 @@ func schema_k8sio_api_storage_v1_CSIDriverSpec(ref common.ReferenceCallback) com
 					},
 					"fsGroupPolicy": {
 						SchemaProps: spec.SchemaProps{
-							Description: "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field is immutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
+							Description: "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
 							Type:        []string{"string"},
 							Format:      "",
 						},

pkg/registry/storage/csidriver/strategy.go

@@ -83,10 +83,8 @@ func (csiDriverStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.
 		newCSIDriver.Spec.SELinuxMount = nil
 	}
 
-	// Any changes to the mutable fields increment the generation number.
+	// Any changes to the spec increment the generation number.
-	if !apiequality.Semantic.DeepEqual(oldCSIDriver.Spec.TokenRequests, newCSIDriver.Spec.TokenRequests) ||
+	if !apiequality.Semantic.DeepEqual(oldCSIDriver.Spec, newCSIDriver.Spec) {
-		!apiequality.Semantic.DeepEqual(oldCSIDriver.Spec.RequiresRepublish, newCSIDriver.Spec.RequiresRepublish) ||
-		!apiequality.Semantic.DeepEqual(oldCSIDriver.Spec.SELinuxMount, newCSIDriver.Spec.SELinuxMount) {
 		newCSIDriver.Generation = oldCSIDriver.Generation + 1
 	}
 }

pkg/registry/storage/csidriver/strategy_test.go

@@ -88,7 +88,6 @@ func TestCSIDriverPrepareForUpdate(t *testing.T) {
 	})
 
 	attachRequired := true
-	podInfoOnMount := true
 	driverWithNothing := &storage.CSIDriver{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: "foo",
@@ -100,7 +99,6 @@ func TestCSIDriverPrepareForUpdate(t *testing.T) {
 		},
 		Spec: storage.CSIDriverSpec{
 			AttachRequired: &attachRequired,
-			PodInfoOnMount: &podInfoOnMount,
 			VolumeLifecycleModes: []storage.VolumeLifecycleMode{
 				storage.VolumeLifecyclePersistent,
 			},
@@ -109,6 +107,49 @@ func TestCSIDriverPrepareForUpdate(t *testing.T) {
 	enabled := true
 	disabled := false
 	gcp := "gcp"
+	noneFsGroupPolicy := storage.NoneFSGroupPolicy
+	readWriteOnceWithFSTypeFSGroupPolicy := storage.ReadWriteOnceWithFSTypeFSGroupPolicy
+	fileFSGroupPolicy := storage.FileFSGroupPolicy
+	driverWithPodInfoOnMountEnabled := &storage.CSIDriver{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: "foo",
+		},
+		Spec: storage.CSIDriverSpec{
+			PodInfoOnMount: &enabled,
+		},
+	}
+	driverWithPodInfoOnMountDisabled := &storage.CSIDriver{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: "foo",
+		},
+		Spec: storage.CSIDriverSpec{
+			PodInfoOnMount: &disabled,
+		},
+	}
+	driverWithNoneFSGroupPolicy := &storage.CSIDriver{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: "foo",
+		},
+		Spec: storage.CSIDriverSpec{
+			FSGroupPolicy: &noneFsGroupPolicy,
+		},
+	}
+	driverWithReadWriteOnceWithFSTypeFSGroupPolicy := &storage.CSIDriver{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: "foo",
+		},
+		Spec: storage.CSIDriverSpec{
+			FSGroupPolicy: &readWriteOnceWithFSTypeFSGroupPolicy,
+		},
+	}
+	driverWithFileFSGroupPolicy := &storage.CSIDriver{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: "foo",
+		},
+		Spec: storage.CSIDriverSpec{
+			FSGroupPolicy: &fileFSGroupPolicy,
+		},
+	}
 	driverWithCapacityEnabled := &storage.CSIDriver{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: "foo",
@@ -165,22 +206,91 @@ func TestCSIDriverPrepareForUpdate(t *testing.T) {
 		wantSELinuxMount                    *bool
 	}{
 		{
-			name:         "capacity feature enabled, before: none, update: enabled",
+			name:           "podInfoOnMount feature enabled, before: none, update: enabled",
-			old:          driverWithNothing,
+			old:            driverWithNothing,
-			update:       driverWithCapacityEnabled,
+			update:         driverWithPodInfoOnMountEnabled,
-			wantCapacity: &enabled,
+			wantGeneration: 1,
 		},
 		{
-			name:         "capacity feature enabled, before: enabled, update: disabled",
+			name:           "podInfoOnMount feature enabled, before: enabled, update: disabled",
-			old:          driverWithCapacityEnabled,
+			old:            driverWithPodInfoOnMountEnabled,
-			update:       driverWithCapacityDisabled,
+			update:         driverWithPodInfoOnMountDisabled,
-			wantCapacity: &disabled,
+			wantGeneration: 1,
 		},
 		{
-			name:      "inline feature enabled, before: none, update: persistent",
+			name:           "fSGroupPolicy feature enabled, before: nil, update: none",
-			old:       driverWithNothing,
+			old:            driverWithNothing,
-			update:    driverWithPersistent,
+			update:         driverWithNoneFSGroupPolicy,
-			wantModes: resultPersistent,
+			wantGeneration: 1,
+		},
+		{
+			name:           "fSGroupPolicy feature enabled, before: nil, update: readWriteOnceWithFSType",
+			old:            driverWithNothing,
+			update:         driverWithReadWriteOnceWithFSTypeFSGroupPolicy,
+			wantGeneration: 1,
+		},
+		{
+			name:           "fSGroupPolicy feature enabled, before: nil, update: file",
+			old:            driverWithNothing,
+			update:         driverWithFileFSGroupPolicy,
+			wantGeneration: 1,
+		},
+		{
+			name:           "fSGroupPolicy feature enabled, before: none, update: readWriteOnceWithFSType",
+			old:            driverWithNoneFSGroupPolicy,
+			update:         driverWithReadWriteOnceWithFSTypeFSGroupPolicy,
+			wantGeneration: 1,
+		},
+		{
+			name:           "fSGroupPolicy feature enabled, before: none, update: file",
+			old:            driverWithNoneFSGroupPolicy,
+			update:         driverWithFileFSGroupPolicy,
+			wantGeneration: 1,
+		},
+		{
+			name:           "fSGroupPolicy feature enabled, before: readWriteOnceWithFSType, update: none",
+			old:            driverWithReadWriteOnceWithFSTypeFSGroupPolicy,
+			update:         driverWithNoneFSGroupPolicy,
+			wantGeneration: 1,
+		},
+		{
+			name:           "fSGroupPolicy feature enabled, before: readWriteOnceWithFSType, update: file",
+			old:            driverWithReadWriteOnceWithFSTypeFSGroupPolicy,
+			update:         driverWithFileFSGroupPolicy,
+			wantGeneration: 1,
+		},
+		{
+			name:           "fSGroupPolicy feature enabled, before: file, update: none",
+			old:            driverWithFileFSGroupPolicy,
+			update:         driverWithNoneFSGroupPolicy,
+			wantGeneration: 1,
+		},
+		{
+			name:           "fSGroupPolicy feature enabled, before: file, update: readWriteOnceWithFSType",
+			old:            driverWithFileFSGroupPolicy,
+			update:         driverWithReadWriteOnceWithFSTypeFSGroupPolicy,
+			wantGeneration: 1,
+		},
+		{
+			name:           "capacity feature enabled, before: none, update: enabled",
+			old:            driverWithNothing,
+			update:         driverWithCapacityEnabled,
+			wantCapacity:   &enabled,
+			wantGeneration: 1,
+		},
+		{
+			name:           "capacity feature enabled, before: enabled, update: disabled",
+			old:            driverWithCapacityEnabled,
+			update:         driverWithCapacityDisabled,
+			wantCapacity:   &disabled,
+			wantGeneration: 1,
+		},
+		{
+			name:           "inline feature enabled, before: none, update: persistent",
+			old:            driverWithNothing,
+			update:         driverWithPersistent,
+			wantModes:      resultPersistent,
+			wantGeneration: 1,
 		},
 		{
 			name:                  "service account token feature enabled, before: none, update: audience=gcp",

staging/src/k8s.io/api/storage/v1/generated.proto

@@ -103,7 +103,7 @@ message CSIDriverSpec {
   // deployed on such a cluster and the deployment determines which mode that is, for example
   // via a command line parameter of the driver.
   //
-  // This field is immutable.
+  // This field was immutable in Kubernetes < 1.29 and now is mutable.
   //
   // +optional
   optional bool podInfoOnMount = 2;
@@ -150,7 +150,7 @@ message CSIDriverSpec {
   // permission of the volume before being mounted.
   // Refer to the specific FSGroupPolicy values for additional details.
   //
-  // This field is immutable.
+  // This field was immutable in Kubernetes < 1.29 and now is mutable.
   //
   // Defaults to ReadWriteOnceWithFSType, which will examine each volume
   // to determine if Kubernetes should modify ownership and permissions of the volume.

staging/src/k8s.io/api/storage/v1/types.go

@@ -306,7 +306,7 @@ type CSIDriverSpec struct {
 	// deployed on such a cluster and the deployment determines which mode that is, for example
 	// via a command line parameter of the driver.
 	//
-	// This field is immutable.
+	// This field was immutable in Kubernetes < 1.29 and now is mutable.
 	//
 	// +optional
 	PodInfoOnMount *bool `json:"podInfoOnMount,omitempty" protobuf:"bytes,2,opt,name=podInfoOnMount"`
@@ -353,7 +353,7 @@ type CSIDriverSpec struct {
 	// permission of the volume before being mounted.
 	// Refer to the specific FSGroupPolicy values for additional details.
 	//
-	// This field is immutable.
+	// This field was immutable in Kubernetes < 1.29 and now is mutable.
 	//
 	// Defaults to ReadWriteOnceWithFSType, which will examine each volume
 	// to determine if Kubernetes should modify ownership and permissions of the volume.

staging/src/k8s.io/api/storage/v1/types_swagger_doc_generated.go

@@ -50,10 +50,10 @@ func (CSIDriverList) SwaggerDoc() map[string]string {
 var map_CSIDriverSpec = map[string]string{
 	"":                     "CSIDriverSpec is the specification of a CSIDriver.",
 	"attachRequired":       "attachRequired indicates this CSI volume driver requires an attach operation (because it implements the CSI ControllerPublishVolume() method), and that the Kubernetes attach detach controller should call the attach volume interface which checks the volumeattachment status and waits until the volume is attached before proceeding to mounting. The CSI external-attacher coordinates with CSI volume driver and updates the volumeattachment status when the attach operation is complete. If the CSIDriverRegistry feature gate is enabled and the value is specified to false, the attach operation will be skipped. Otherwise the attach operation will be called.\n\nThis field is immutable.",
-	"podInfoOnMount":       "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field is immutable.",
+	"podInfoOnMount":       "podInfoOnMount indicates this CSI volume driver requires additional pod information (like podName, podUID, etc.) during mount operations, if set to true. If set to false, pod information will not be passed on mount. Default is false.\n\nThe CSI driver specifies podInfoOnMount as part of driver deployment. If true, Kubelet will pass pod information as VolumeContext in the CSI NodePublishVolume() calls. The CSI driver is responsible for parsing and validating the information passed in as VolumeContext.\n\nThe following VolumeContext will be passed if podInfoOnMount is set to true. This list might grow, but the prefix will be used. \"csi.storage.k8s.io/pod.name\": pod.Name \"csi.storage.k8s.io/pod.namespace\": pod.Namespace \"csi.storage.k8s.io/pod.uid\": string(pod.UID) \"csi.storage.k8s.io/ephemeral\": \"true\" if the volume is an ephemeral inline volume\n                                defined by a CSIVolumeSource, otherwise \"false\"\n\n\"csi.storage.k8s.io/ephemeral\" is a new feature in Kubernetes 1.16. It is only required for drivers which support both the \"Persistent\" and \"Ephemeral\" VolumeLifecycleMode. Other drivers can leave pod info disabled and/or ignore this field. As Kubernetes 1.15 doesn't support this field, drivers can only support one mode when deployed on such a cluster and the deployment determines which mode that is, for example via a command line parameter of the driver.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.",
 	"volumeLifecycleModes": "volumeLifecycleModes defines what kind of volumes this CSI volume driver supports. The default if the list is empty is \"Persistent\", which is the usage defined by the CSI specification and implemented in Kubernetes via the usual PV/PVC mechanism.\n\nThe other mode is \"Ephemeral\". In this mode, volumes are defined inline inside the pod spec with CSIVolumeSource and their lifecycle is tied to the lifecycle of that pod. A driver has to be aware of this because it is only going to get a NodePublishVolume call for such a volume.\n\nFor more information about implementing this mode, see https://kubernetes-csi.github.io/docs/ephemeral-local-volumes.html A driver can support one or more of these modes and more modes may be added in the future.\n\nThis field is beta. This field is immutable.",
 	"storageCapacity":      "storageCapacity indicates that the CSI volume driver wants pod scheduling to consider the storage capacity that the driver deployment will report by creating CSIStorageCapacity objects with capacity information, if set to true.\n\nThe check can be enabled immediately when deploying a driver. In that case, provisioning new volumes with late binding will pause until the driver deployment has published some suitable CSIStorageCapacity object.\n\nAlternatively, the driver can be deployed with the field unset or false and it can be flipped later when storage capacity information has been published.\n\nThis field was immutable in Kubernetes <= 1.22 and now is mutable.",
-	"fsGroupPolicy":        "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field is immutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
+	"fsGroupPolicy":        "fsGroupPolicy defines if the underlying volume supports changing ownership and permission of the volume before being mounted. Refer to the specific FSGroupPolicy values for additional details.\n\nThis field was immutable in Kubernetes < 1.29 and now is mutable.\n\nDefaults to ReadWriteOnceWithFSType, which will examine each volume to determine if Kubernetes should modify ownership and permissions of the volume. With the default policy the defined fsGroup will only be applied if a fstype is defined and the volume's access mode contains ReadWriteOnce.",
 	"tokenRequests":        "tokenRequests indicates the CSI driver needs pods' service account tokens it is mounting volume for to do necessary authentication. Kubelet will pass the tokens in VolumeContext in the CSI NodePublishVolume calls. The CSI driver should parse and validate the following VolumeContext: \"csi.storage.k8s.io/serviceAccount.tokens\": {\n  \"<audience>\": {\n    \"token\": <token>,\n    \"expirationTimestamp\": <expiration timestamp in RFC3339>,\n  },\n  ...\n}\n\nNote: Audience in each TokenRequest should be different and at most one token is empty string. To receive a new token after expiry, RequiresRepublish can be used to trigger NodePublishVolume periodically.",
 	"requiresRepublish":    "requiresRepublish indicates the CSI driver wants `NodePublishVolume` being periodically called to reflect any possible change in the mounted volume. This field defaults to false.\n\nNote: After a successful initial NodePublishVolume call, subsequent calls to NodePublishVolume should only update the contents of the volume. New mount points will not be seen by a running container.",
 	"seLinuxMount":         "seLinuxMount specifies if the CSI driver supports \"-o context\" mount option.\n\nWhen \"true\", the CSI driver must ensure that all volumes provided by this CSI driver can be mounted separately with different `-o context` options. This is typical for storage backends that provide volumes as filesystems on block devices or as independent shared volumes. Kubernetes will call NodeStage / NodePublish with \"-o context=xyz\" mount option when mounting a ReadWriteOncePod volume used in Pod that has explicitly set SELinux context. In the future, it may be expanded to other volume AccessModes. In any case, Kubernetes will ensure that the volume is mounted only with a single SELinux context.\n\nWhen \"false\", Kubernetes won't pass any special SELinux mount options to the driver. This is typical for volumes that represent subdirectories of a bigger shared filesystem.\n\nDefault is \"false\".",

test/e2e/storage/csi_mock/base.go

@@ -248,6 +248,17 @@ func (m *mockDriverSetup) cleanup(ctx context.Context) {
 	framework.ExpectNoError(err, "while cleaning up after test")
 }
 
+func (m *mockDriverSetup) update(o utils.PatchCSIOptions) {
+	item, err := m.cs.StorageV1().CSIDrivers().Get(context.TODO(), m.config.GetUniqueDriverName(), metav1.GetOptions{})
+	framework.ExpectNoError(err, "Failed to get CSIDriver %v", m.config.GetUniqueDriverName())
+
+	err = utils.PatchCSIDeployment(nil, o, item)
+	framework.ExpectNoError(err, "Failed to apply %v to CSIDriver object %v", o, m.config.GetUniqueDriverName())
+
+	_, err = m.cs.StorageV1().CSIDrivers().Update(context.TODO(), item, metav1.UpdateOptions{})
+	framework.ExpectNoError(err, "Failed to update CSIDriver %v", m.config.GetUniqueDriverName())
+}
+
 func (m *mockDriverSetup) createPod(ctx context.Context, withVolume volumeType) (class *storagev1.StorageClass, claim *v1.PersistentVolumeClaim, pod *v1.Pod) {
 	ginkgo.By("Creating pod")
 	f := m.f
@@ -722,8 +733,8 @@ func checkPodLogs(ctx context.Context, getCalls func(ctx context.Context) ([]dri
 		switch call.Method {
 		case "NodePublishVolume":
 			numNodePublishVolume++
-			if numNodePublishVolume == 1 {
+			if numNodePublishVolume == expectedNumNodePublish {
-				// Check that NodePublish had expected attributes for first volume
+				// Check that NodePublish had expected attributes for last of expected volume
 				for k, v := range expectedAttributes {
 					vv, found := call.Request.VolumeContext[k]
 					if found && (v == vv || (v == "<nonempty>" && len(vv) != 0)) {

test/e2e/storage/csi_mock/csi_fsgroup_policy.go

@@ -21,9 +21,9 @@ import (
 	"fmt"
 	"math/rand"
 	"strconv"
-	"time"
 
 	"github.com/onsi/ginkgo/v2"
+	"github.com/onsi/gomega"
 	storagev1 "k8s.io/api/storage/v1"
 	"k8s.io/kubernetes/test/e2e/framework"
 	e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
@@ -74,47 +74,67 @@ var _ = utils.SIGDescribe("CSI Mock volume fsgroup policies", func() {
 				})
 				ginkgo.DeferCleanup(m.cleanup)
 
-				// kube-scheduler may need some time before it gets the CSIDriver object.
+				waitUtilFSGroupInPod(ctx, m, test.modified)
-				// Without them, scheduling doesn't run as expected by the test.
-				syncDelay := 5 * time.Second
-				time.Sleep(syncDelay)
 
-				fsGroupVal := int64(rand.Int63n(20000) + 1024)
+				// The created resources will be removed by the cleanup() function,
-				fsGroup := &fsGroupVal
+				// so need to delete anything here.
+			})
+		}
+	})
 
-				_, _, pod := m.createPodWithFSGroup(ctx, fsGroup) /* persistent volume */
+	ginkgo.Context("CSI FSGroupPolicy Update [LinuxOnly]", func() {
-
+		tests := []struct {
-				mountPath := pod.Spec.Containers[0].VolumeMounts[0].MountPath
+			name             string
-				dirName := mountPath + "/" + f.UniqueName
+			oldFSGroupPolicy storagev1.FSGroupPolicy
-				fileName := dirName + "/" + f.UniqueName
+			newFSGroupPolicy storagev1.FSGroupPolicy
-
+		}{
-				err := e2epod.WaitForPodNameRunningInNamespace(ctx, m.cs, pod.Name, pod.Namespace)
+			{
-				framework.ExpectNoError(err, "failed to start pod")
+				name:             "should update fsGroup if update from None to File",
-
+				oldFSGroupPolicy: storagev1.NoneFSGroupPolicy,
-				// Create the subdirectory to ensure that fsGroup propagates
+				newFSGroupPolicy: storagev1.FileFSGroupPolicy,
-				createDirectory := fmt.Sprintf("mkdir %s", dirName)
+			},
-				_, _, err = e2evolume.PodExec(f, pod, createDirectory)
+			{
-				framework.ExpectNoError(err, "failed: creating the directory: %s", err)
+				name:             "should update fsGroup if update from None to default",
-
+				oldFSGroupPolicy: storagev1.NoneFSGroupPolicy,
-				// Inject the contents onto the mount
+				newFSGroupPolicy: storagev1.ReadWriteOnceWithFSTypeFSGroupPolicy,
-				createFile := fmt.Sprintf("echo '%s' > '%s'; sync", "filecontents", fileName)
+			},
-				_, _, err = e2evolume.PodExec(f, pod, createFile)
+			{
-				framework.ExpectNoError(err, "failed: writing the contents: %s", err)
+				name:             "should not update fsGroup if update from File to None",
-
+				oldFSGroupPolicy: storagev1.FileFSGroupPolicy,
-				// Delete the created file. This step is mandatory, as the mock driver
+				newFSGroupPolicy: storagev1.NoneFSGroupPolicy,
-				// won't clean up the contents automatically.
+			},
-				defer func() {
+			{
-					deleteDir := fmt.Sprintf("rm -fr %s", dirName)
+				name:             "should update fsGroup if update from File to default",
-					_, _, err = e2evolume.PodExec(f, pod, deleteDir)
+				oldFSGroupPolicy: storagev1.FileFSGroupPolicy,
-					framework.ExpectNoError(err, "failed: deleting the directory: %s", err)
+				newFSGroupPolicy: storagev1.ReadWriteOnceWithFSTypeFSGroupPolicy,
-				}()
+			},
-
+			{
-				// Ensure that the fsGroup matches what we expect
+				name:             "should not update fsGroup if update from detault to None",
-				if test.modified {
+				oldFSGroupPolicy: storagev1.ReadWriteOnceWithFSTypeFSGroupPolicy,
-					utils.VerifyFSGroupInPod(f, fileName, strconv.FormatInt(*fsGroup, 10), pod)
+				newFSGroupPolicy: storagev1.NoneFSGroupPolicy,
-				} else {
+			},
-					utils.VerifyFSGroupInPod(f, fileName, "root", pod)
+			{
+				name:             "should update fsGroup if update from detault to File",
+				oldFSGroupPolicy: storagev1.ReadWriteOnceWithFSTypeFSGroupPolicy,
+				newFSGroupPolicy: storagev1.FileFSGroupPolicy,
+			},
+		}
+		for _, t := range tests {
+			test := t
+			ginkgo.It(test.name, func(ctx context.Context) {
+				if framework.NodeOSDistroIs("windows") {
+					e2eskipper.Skipf("FSGroupPolicy is only applied on linux nodes -- skipping")
 				}
+				m.init(ctx, testParameters{
+					disableAttach:  true,
+					registerDriver: true,
+					fsGroupPolicy:  &test.oldFSGroupPolicy,
+				})
+				ginkgo.DeferCleanup(m.cleanup)
+
+				waitUtilFSGroupInPod(ctx, m, test.oldFSGroupPolicy != storagev1.NoneFSGroupPolicy)
+				m.update(utils.PatchCSIOptions{FSGroupPolicy: &test.newFSGroupPolicy})
+				waitUtilFSGroupInPod(ctx, m, test.newFSGroupPolicy != storagev1.NoneFSGroupPolicy)
 
 				// The created resources will be removed by the cleanup() function,
 				// so need to delete anything here.
@@ -122,3 +142,56 @@ var _ = utils.SIGDescribe("CSI Mock volume fsgroup policies", func() {
 		}
 	})
 })
+
+func waitUtilFSGroupInPod(ctx context.Context, m *mockDriverSetup, modified bool) {
+	var err error
+
+	utils.WaitUntil(framework.Poll, framework.PodStartTimeout, func() bool {
+		err = gomega.InterceptGomegaFailure(func() {
+			fsGroupVal := int64(rand.Int63n(20000) + 1024)
+			fsGroup := &fsGroupVal
+
+			_, _, pod := m.createPodWithFSGroup(ctx, fsGroup) /* persistent volume */
+			defer func() {
+				err = e2epod.DeletePodWithWait(context.TODO(), m.f.ClientSet, pod)
+				framework.ExpectNoError(err, "failed: deleting the pod: %s", err)
+			}()
+
+			mountPath := pod.Spec.Containers[0].VolumeMounts[0].MountPath
+			dirName := mountPath + "/" + m.f.UniqueName
+			fileName := dirName + "/" + m.f.UniqueName
+
+			err = e2epod.WaitForPodNameRunningInNamespace(ctx, m.cs, pod.Name, pod.Namespace)
+			framework.ExpectNoError(err, "failed to start pod")
+
+			// Create the subdirectory to ensure that fsGroup propagates
+			createDirectory := fmt.Sprintf("mkdir %s", dirName)
+			_, _, err = e2evolume.PodExec(m.f, pod, createDirectory)
+			framework.ExpectNoError(err, "failed: creating the directory: %s", err)
+
+			// Inject the contents onto the mount
+			createFile := fmt.Sprintf("echo '%s' > '%s'; sync", "filecontents", fileName)
+			_, _, err = e2evolume.PodExec(m.f, pod, createFile)
+			framework.ExpectNoError(err, "failed: writing the contents: %s", err)
+
+			// Delete the created file. This step is mandatory, as the mock driver
+			// won't clean up the contents automatically.
+			defer func() {
+				deleteDir := fmt.Sprintf("rm -fr %s", dirName)
+				_, _, err = e2evolume.PodExec(m.f, pod, deleteDir)
+				framework.ExpectNoError(err, "failed: deleting the directory: %s", err)
+			}()
+
+			// Ensure that the fsGroup matches what we expect
+			if modified {
+				utils.VerifyFSGroupInPod(m.f, fileName, strconv.FormatInt(*fsGroup, 10), pod)
+			} else {
+				utils.VerifyFSGroupInPod(m.f, fileName, "root", pod)
+			}
+		})
+
+		return err == nil
+	})
+
+	framework.ExpectNoError(err, "failed: verifing fsgroup in pod: %s", err)
+}

test/e2e/storage/csi_mock/csi_workload.go

@@ -20,6 +20,7 @@ import (
 	"context"
 
 	"github.com/onsi/ginkgo/v2"
+	"github.com/onsi/gomega"
 	"k8s.io/kubernetes/test/e2e/framework"
 	e2epod "k8s.io/kubernetes/test/e2e/framework/pod"
 	"k8s.io/kubernetes/test/e2e/storage/testsuites"
@@ -34,7 +35,6 @@ var _ = utils.SIGDescribe("CSI Mock workload info", func() {
 	m := newMockDriverSetup(f)
 	ginkgo.Context("CSI workload information using mock driver", func() {
 		var (
-			err          error
 			podInfoTrue  = true
 			podInfoFalse = false
 		)
@@ -89,36 +89,99 @@ var _ = utils.SIGDescribe("CSI Mock workload info", func() {
 
 				ginkgo.DeferCleanup(m.cleanup)
 
-				withVolume := pvcReference
+				waitUntilPodInfoInLog(ctx, m, test.expectPodInfo, test.expectEphemeral, 1)
-				if test.expectEphemeral {
-					withVolume = csiEphemeral
-				}
-				_, _, pod := m.createPod(ctx, withVolume)
-				if pod == nil {
-					return
-				}
-				err = e2epod.WaitForPodNameRunningInNamespace(ctx, m.cs, pod.Name, pod.Namespace)
-				framework.ExpectNoError(err, "Failed to start pod: %v", err)
 
-				// If we expect an ephemeral volume, the feature has to be enabled.
+			})
-				// Otherwise need to check if we expect pod info, because the content
+		}
-				// of that depends on whether the feature is enabled or not.
+	})
-				csiInlineVolumesEnabled := test.expectEphemeral
-				if test.expectPodInfo {
-					ginkgo.By("checking for CSIInlineVolumes feature")
-					csiInlineVolumesEnabled, err = testsuites.CSIInlineVolumesEnabled(ctx, m.cs, f.Timeouts, f.Namespace.Name)
-					framework.ExpectNoError(err, "failed to test for CSIInlineVolumes")
-				}
 
-				ginkgo.By("Deleting the previously created pod")
+	ginkgo.Context("CSI PodInfoOnMount Update", func() {
-				err = e2epod.DeletePodWithWait(ctx, m.cs, pod)
+		var (
-				framework.ExpectNoError(err, "while deleting")
+			podInfoTrue  = true
+			podInfoFalse = false
+		)
+		tests := []struct {
+			name              string
+			oldPodInfoOnMount *bool
+			newPodInfoOnMount *bool
+		}{
+			{
+				name:              "should not be passed when update from true to false",
+				oldPodInfoOnMount: &podInfoTrue,
+				newPodInfoOnMount: &podInfoFalse,
+			},
+			{
+				name:              "should not be passed when update from true to nil",
+				oldPodInfoOnMount: &podInfoTrue,
+				newPodInfoOnMount: nil,
+			},
+			{
+				name:              "should be passed when update from false to true",
+				oldPodInfoOnMount: &podInfoFalse,
+				newPodInfoOnMount: &podInfoTrue,
+			},
+			{
+				name:              "should be passed when update from nil to true",
+				oldPodInfoOnMount: nil,
+				newPodInfoOnMount: &podInfoTrue,
+			},
+		}
+		for _, t := range tests {
+			test := t
+			ginkgo.It(t.name, func(ctx context.Context) {
+				m.init(ctx, testParameters{
+					registerDriver: true,
+					podInfo:        test.oldPodInfoOnMount})
+
+				ginkgo.DeferCleanup(m.cleanup)
+
+				waitUntilPodInfoInLog(ctx, m, test.oldPodInfoOnMount != nil && *test.oldPodInfoOnMount, false, 1)
+				m.update(utils.PatchCSIOptions{PodInfo: test.newPodInfoOnMount})
+				waitUntilPodInfoInLog(ctx, m, test.newPodInfoOnMount != nil && *test.newPodInfoOnMount, false, 2)
 
-				ginkgo.By("Checking CSI driver logs")
-				err = checkPodLogs(ctx, m.driver.GetCalls, pod, test.expectPodInfo, test.expectEphemeral, csiInlineVolumesEnabled, false, 1)
-				framework.ExpectNoError(err)
 			})
 		}
 	})
 
 })
+
+func waitUntilPodInfoInLog(ctx context.Context, m *mockDriverSetup, expectPodInfo, expectEphemeral bool, expectedNumNodePublish int) {
+	var err error
+
+	utils.WaitUntil(framework.Poll, framework.PodStartTimeout, func() bool {
+		err = gomega.InterceptGomegaFailure(func() {
+			withVolume := pvcReference
+			if expectEphemeral {
+				withVolume = csiEphemeral
+			}
+			_, _, pod := m.createPod(ctx, withVolume)
+			if pod == nil {
+				return
+			}
+			err = e2epod.WaitForPodNameRunningInNamespace(ctx, m.cs, pod.Name, pod.Namespace)
+			framework.ExpectNoError(err, "Failed to start pod: %v", err)
+
+			// If we expect an ephemeral volume, the feature has to be enabled.
+			// Otherwise need to check if we expect pod info, because the content
+			// of that depends on whether the feature is enabled or not.
+			csiInlineVolumesEnabled := expectEphemeral
+			if expectPodInfo {
+				ginkgo.By("checking for CSIInlineVolumes feature")
+				csiInlineVolumesEnabled, err = testsuites.CSIInlineVolumesEnabled(ctx, m.cs, m.f.Timeouts, m.f.Namespace.Name)
+				framework.ExpectNoError(err, "failed to test for CSIInlineVolumes")
+			}
+
+			ginkgo.By("Deleting the previously created pod")
+			err = e2epod.DeletePodWithWait(ctx, m.cs, pod)
+			framework.ExpectNoError(err, "while deleting")
+
+			ginkgo.By("Checking CSI driver logs")
+			err = checkPodLogs(ctx, m.driver.GetCalls, pod, expectPodInfo, expectEphemeral, csiInlineVolumesEnabled, false, expectedNumNodePublish)
+			framework.ExpectNoError(err)
+		})
+
+		return err == nil
+	})
+
+	framework.ExpectNoError(err, "failed: verifing PodInfo: %s", err)
+}