From dfb88095b0d0883a046398e39e070c4a2771650c Mon Sep 17 00:00:00 2001 From: Jan Safranek Date: Tue, 5 Nov 2024 11:10:36 +0100 Subject: [PATCH] Rename label to seLinuxLabel In various parameters, variables and fields. To make the name more obvious. --- .../selinuxwarning/cache/volumecache.go | 26 +++++++++---------- .../selinuxwarning/cache/volumecache_test.go | 2 +- .../selinux_warning_controller.go | 12 ++++----- 3 files changed, 20 insertions(+), 20 deletions(-) diff --git a/pkg/controller/volume/selinuxwarning/cache/volumecache.go b/pkg/controller/volume/selinuxwarning/cache/volumecache.go index a250a33cb98..4c178074054 100644 --- a/pkg/controller/volume/selinuxwarning/cache/volumecache.go +++ b/pkg/controller/volume/selinuxwarning/cache/volumecache.go @@ -32,7 +32,7 @@ const ( type VolumeCache interface { // Add a single volume to the cache. Returns list of conflicts it caused. - AddVolume(logger klog.Logger, volumeName v1.UniqueVolumeName, podKey cache.ObjectName, label string, changePolicy v1.PodSELinuxChangePolicy, csiDriver string) []Conflict + AddVolume(logger klog.Logger, volumeName v1.UniqueVolumeName, podKey cache.ObjectName, seLinuxLabel string, changePolicy v1.PodSELinuxChangePolicy, csiDriver string) []Conflict // Remove a pod from the cache. Prunes all empty structures. DeletePod(logger klog.Logger, podKey cache.ObjectName) @@ -71,17 +71,17 @@ type usedVolume struct { // Information about a Pod that uses a volume. type podInfo struct { - // SELinux label to be applied to the volume in the Pod. + // SELinux seLinuxLabel to be applied to the volume in the Pod. // Either as mount option or recursively by the container runtime. - label string + seLinuxLabel string // SELinuxChangePolicy of the Pod. changePolicy v1.PodSELinuxChangePolicy } -func newPodInfoListForPod(podKey cache.ObjectName, label string, changePolicy v1.PodSELinuxChangePolicy) map[cache.ObjectName]podInfo { +func newPodInfoListForPod(podKey cache.ObjectName, seLinuxLabel string, changePolicy v1.PodSELinuxChangePolicy) map[cache.ObjectName]podInfo { return map[cache.ObjectName]podInfo{ podKey: { - label: label, + seLinuxLabel: seLinuxLabel, changePolicy: changePolicy, }, } @@ -109,7 +109,7 @@ func (c *volumeCache) AddVolume(logger klog.Logger, volumeName v1.UniqueVolumeNa // The volume is already known // Add the pod to the cache or update its properties volume.pods[podKey] = podInfo{ - label: label, + seLinuxLabel: label, changePolicy: changePolicy, } @@ -133,7 +133,7 @@ func (c *volumeCache) AddVolume(logger klog.Logger, volumeName v1.UniqueVolumeNa OtherPropertyValue: string(changePolicy), }) } - if otherPodInfo.label != label { + if otherPodInfo.seLinuxLabel != label { // Send conflict to both pods conflicts = append(conflicts, Conflict{ PropertyName: "SELinux label", @@ -141,12 +141,12 @@ func (c *volumeCache) AddVolume(logger klog.Logger, volumeName v1.UniqueVolumeNa Pod: podKey, PropertyValue: label, OtherPod: otherPodKey, - OtherPropertyValue: otherPodInfo.label, + OtherPropertyValue: otherPodInfo.seLinuxLabel, }, Conflict{ PropertyName: "SELinux label", EventReason: "SELinuxLabelConflict", Pod: otherPodKey, - PropertyValue: otherPodInfo.label, + PropertyValue: otherPodInfo.seLinuxLabel, OtherPod: podKey, OtherPropertyValue: label, }) @@ -197,7 +197,7 @@ func (c *volumeCache) dump(logger klog.Logger) { }) for _, podKey := range podKeys { podInfo := volume.pods[podKey] - logger.Info(" pod", "pod", podKey, "label", podInfo.label, "changePolicy", podInfo.changePolicy) + logger.Info(" pod", "pod", podKey, "seLinuxLabel", podInfo.seLinuxLabel, "changePolicy", podInfo.changePolicy) } } } @@ -244,14 +244,14 @@ func (c *volumeCache) SendConflicts(logger klog.Logger, ch chan<- Conflict) { OtherPropertyValue: string(otherPodInfo.changePolicy), } } - if podInfo.label != otherPodInfo.label { + if podInfo.seLinuxLabel != otherPodInfo.seLinuxLabel { ch <- Conflict{ PropertyName: "SELinux label", EventReason: "SELinuxLabelConflict", Pod: podKey, - PropertyValue: podInfo.label, + PropertyValue: podInfo.seLinuxLabel, OtherPod: otherPodKey, - OtherPropertyValue: otherPodInfo.label, + OtherPropertyValue: otherPodInfo.seLinuxLabel, } } } diff --git a/pkg/controller/volume/selinuxwarning/cache/volumecache_test.go b/pkg/controller/volume/selinuxwarning/cache/volumecache_test.go index 03a1e49c094..92f2d9d0a7a 100644 --- a/pkg/controller/volume/selinuxwarning/cache/volumecache_test.go +++ b/pkg/controller/volume/selinuxwarning/cache/volumecache_test.go @@ -341,7 +341,7 @@ func TestVolumeCache_AddVolumeSendConflicts(t *testing.T) { t.Errorf("pod %s is not present in the cache", podKey) } expectedPodInfo := podInfo{ - label: tt.podToAdd.label, + seLinuxLabel: tt.podToAdd.label, changePolicy: tt.podToAdd.changePolicy, } if !reflect.DeepEqual(existingInfo, expectedPodInfo) { diff --git a/pkg/controller/volume/selinuxwarning/selinux_warning_controller.go b/pkg/controller/volume/selinuxwarning/selinux_warning_controller.go index 9e82899d1dd..1a779ef2d9f 100644 --- a/pkg/controller/volume/selinuxwarning/selinux_warning_controller.go +++ b/pkg/controller/volume/selinuxwarning/selinux_warning_controller.go @@ -447,11 +447,11 @@ func (c *Controller) syncPod(ctx context.Context, pod *v1.Pod) error { } // Ignore how the volume is going to be mounted. - // Report any errors when a volume is used by two pdos with different SELinux labels regardless of their + // Report any errors when a volume is used by two pods with different SELinux labels regardless of their // SELinuxChangePolicy - label := mountInfo.SELinuxProcessLabel + seLinuxLabel := mountInfo.SELinuxProcessLabel - err = c.syncVolume(logger, pod, spec, label, mountInfo.PluginSupportsSELinuxContextMount) + err = c.syncVolume(logger, pod, spec, seLinuxLabel, mountInfo.PluginSupportsSELinuxContextMount) if err != nil { errs = append(errs, err) } @@ -460,7 +460,7 @@ func (c *Controller) syncPod(ctx context.Context, pod *v1.Pod) error { return errorutils.NewAggregate(errs) } -func (c *Controller) syncVolume(logger klog.Logger, pod *v1.Pod, spec *volume.Spec, label string, pluginSupportsSELinuxContextMount bool) error { +func (c *Controller) syncVolume(logger klog.Logger, pod *v1.Pod, spec *volume.Spec, seLinuxLabel string, pluginSupportsSELinuxContextMount bool) error { plugin, err := c.vpm.FindPluginBySpec(spec) if err != nil { // The controller does not have all volume plugins, only those that affect SELinux. @@ -486,9 +486,9 @@ func (c *Controller) syncVolume(logger klog.Logger, pod *v1.Pod, spec *volume.Sp // This is likely not a CSI volume csiDriver = "" } - logger.V(4).Info("Syncing pod volume", "pod", klog.KObj(pod), "volume", spec.Name(), "label", label, "uniqueVolumeName", uniqueVolumeName, "changePolicy", changePolicy, "csiDriver", csiDriver) + logger.V(4).Info("Syncing pod volume", "pod", klog.KObj(pod), "volume", spec.Name(), "label", seLinuxLabel, "uniqueVolumeName", uniqueVolumeName, "changePolicy", changePolicy, "csiDriver", csiDriver) - conflicts := c.labelCache.AddVolume(logger, uniqueVolumeName, cache.MetaObjectToName(pod), label, changePolicy, csiDriver) + conflicts := c.labelCache.AddVolume(logger, uniqueVolumeName, cache.MetaObjectToName(pod), seLinuxLabel, changePolicy, csiDriver) c.reportConflictEvents(logger, conflicts) return nil