From bd89c166bbcd2e4b954adf93eb133635defac2be Mon Sep 17 00:00:00 2001 From: Vamsikrishna_Siddu Date: Mon, 4 Sep 2023 06:18:34 -0400 Subject: [PATCH] removed nfsAcls from csi-powerflex. --- samples/secret.yaml | 14 -------------- samples/storageclass/storageclass-nfs.yaml | 15 --------------- service/controller.go | 19 ------------------- service/envvars.go | 3 --- service/service.go | 11 ----------- service/step_defs_test.go | 1 - test/integration/step_defs_test.go | 13 ------------- 7 files changed, 76 deletions(-) diff --git a/samples/secret.yaml b/samples/secret.yaml index c6ac9cb7..1ccd5f4c 100644 --- a/samples/secret.yaml +++ b/samples/secret.yaml @@ -31,20 +31,6 @@ # Allowed Values: string # Default Value: "none" nasName: "nas-server" - # nfsAcls: enables setting permissions on NFS mount directory - # This value will be used if a storage class does not have the NFS ACL (nfsAcls) parameter specified - # Permissions can be specified in two formats: - # 1) Unix mode (NFSv3) - # 2) NFSv4 ACLs (NFSv4) - # NFSv4 ACLs are supported on NFSv4 share only. - # Allowed values: - # 1) Unix mode: valid octal mode number - # Examples: "0777", "777", "0755" - # 2) NFSv4 acls: valid NFSv4 acls, separated by comma - # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" - # Optional: true - # Default value: "0777" - # nfsAcls: "0777" - username: "admin" password: "Password123" systemID: "2b11bb111111bb1b" diff --git a/samples/storageclass/storageclass-nfs.yaml b/samples/storageclass/storageclass-nfs.yaml index 14a65f28..31ebc200 100644 --- a/samples/storageclass/storageclass-nfs.yaml +++ b/samples/storageclass/storageclass-nfs.yaml @@ -61,21 +61,6 @@ parameters: # Default value: None nasName: "nas-server" - # nfsAcls: enables setting permissions on NFS mount directory - # This value overrides the NFS ACL (nfsAcls) attribute of corresponding array config in secret, if present - # Permissions can be specified in two formats: - # 1) Unix mode (NFSv3) - # 2) NFSv4 ACLs (NFSv4) - # NFSv4 ACLs are supported on NFSv4 share only. - # Allowed values: - # 1) Unix mode: valid octal mode number - # Examples: "0777", "777", "0755" - # 2) NFSv4 acls: valid NFSv4 acls, separated by comma - # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" - # Optional: true - # Default value: "0777" - # nfsAcls: "0777" - # path: relative path to the root of the associated filesystem. # Allowed values: string # Optional: true diff --git a/service/controller.go b/service/controller.go index be8381cd..0fc57e64 100644 --- a/service/controller.go +++ b/service/controller.go @@ -63,10 +63,6 @@ const ( // volume create parameters map KeyNasName = "nasName" - // KeyNfsACL is the key used to get the NFS ACL from the - // volume create parameters map - KeyNfsACL = "nfsAcls" - // KeyFsType is the key used to get the filesystem type from the // volume create parameters map KeyFsType = "fsType" @@ -274,7 +270,6 @@ func (s *service) CreateVolume( req.Name = name } - nfsAcls := s.opts.NfsAcls var arr *ArrayConnectionData sysID := s.opts.defaultSystemID arr = s.opts.arrays[sysID] @@ -317,17 +312,6 @@ func (s *service) CreateVolume( return nil, err } - // fetch NFS ACL - if params[KeyNfsACL] != "" { - nfsAcls = params[KeyNfsACL] // Storage class takes precedence - } else if arr.NfsAcls != "" { - nfsAcls = arr.NfsAcls // Secrets next - } else if s.opts.NfsAcls != "" { - nfsAcls = s.opts.NfsAcls // Values next - } else { - nfsAcls = "0777" // Default value - } - // fetch volume size size := cr.GetRequiredBytes() @@ -369,7 +353,6 @@ func (s *service) CreateVolume( if existingFS.SizeTotal == int(size) { vi := s.getCSIVolumeFromFilesystem(existingFS, systemID) vi.VolumeContext[KeyNasName] = nasName - vi.VolumeContext[KeyNfsACL] = nfsAcls vi.VolumeContext[KeyFsType] = fsType nfsTopology := s.GetNfsTopology(systemID) vi.AccessibleTopology = nfsTopology @@ -436,7 +419,6 @@ func (s *service) CreateVolume( if newFs != nil { vi := s.getCSIVolumeFromFilesystem(newFs, systemID) vi.VolumeContext[KeyNasName] = nasName - vi.VolumeContext[KeyNfsACL] = nfsAcls vi.VolumeContext[KeyFsType] = fsType nfsTopology := s.GetNfsTopology(systemID) vi.AccessibleTopology = nfsTopology @@ -1160,7 +1142,6 @@ func (s *service) ControllerPublishVolume( // create publish context publishContext := make(map[string]string) publishContext[KeyNasName] = volumeContext[KeyNasName] - publishContext[KeyNfsACL] = volumeContext[KeyNfsACL] csiVolID := req.GetVolumeId() publishContext["volumeContextId"] = csiVolID diff --git a/service/envvars.go b/service/envvars.go index df9952c2..043a109c 100644 --- a/service/envvars.go +++ b/service/envvars.go @@ -58,9 +58,6 @@ const ( // EnvReplicationPrefix is used as a prefix to find out if replication is enabled. EnvReplicationPrefix = "X_CSI_REPLICATION_PREFIX" // #nosec G101 - // EnvNfsAcls enables setting permissions on NFS mount directory. - EnvNfsAcls = "X_CSI_NFS_ACLS" - // EnvMaxVolumesPerNode specifies maximum number of volumes that controller can publish to the node. EnvMaxVolumesPerNode = "X_CSI_MAX_VOLUMES_PER_NODE" diff --git a/service/service.go b/service/service.go index 9847c886..ef5ed2d7 100644 --- a/service/service.go +++ b/service/service.go @@ -108,7 +108,6 @@ type ArrayConnectionData struct { IsDefault bool `json:"isDefault,omitempty"` AllSystemNames string `json:"allSystemNames"` NasName *string `json:"nasName"` - NfsAcls string `json:"nfsAcls"` } // Manifest is the SP's manifest. @@ -149,7 +148,6 @@ type Opts struct { IsApproveSDCEnabled bool replicationContextPrefix string replicationPrefix string - NfsAcls string // enables setting permissions on NFS mount directory MaxVolumesPerNode int64 IsQuotaEnabled bool // allow driver to enable quota limits for NFS volumes } @@ -343,7 +341,6 @@ func (s *service) BeforeServe( "IsSdcRenameEnabled": s.opts.IsSdcRenameEnabled, "sdcPrefix": s.opts.SdcPrefix, "IsApproveSDCEnabled": s.opts.IsApproveSDCEnabled, - "nfsAcls": s.opts.NfsAcls, "MaxVolumesPerNode": s.opts.MaxVolumesPerNode, "IsQuotaEnabled": s.opts.IsQuotaEnabled, } @@ -434,10 +431,6 @@ func (s *service) BeforeServe( opts.MaxVolumesPerNode = MaxVolumesPerNode } - if nfsAcls, ok := csictx.LookupEnv(ctx, EnvNfsAcls); ok { - opts.NfsAcls = nfsAcls - } - // log csiNode topology keys if err = s.logCsiNodeTopologyKeys(); err != nil { Log.WithError(err).Error("unable to log csiNode topology keys") @@ -842,9 +835,6 @@ func getArrayConfig(ctx context.Context) (map[string]*ArrayConnectionData, error if c.NasName == nil || *(c.NasName) == "" { c.NasName = &str } - if c.NfsAcls == "" { - c.NfsAcls = str - } skipCertificateValidation := c.SkipCertificateValidation || c.Insecure @@ -857,7 +847,6 @@ func getArrayConfig(ctx context.Context) (map[string]*ArrayConnectionData, error "systemID": c.SystemID, "allSystemNames": c.AllSystemNames, "nasName": c.NasName, - "nfsAcls": c.NfsAcls, } Log.WithFields(fields).Infof("configured %s", c.SystemID) diff --git a/service/step_defs_test.go b/service/step_defs_test.go index e0f01e77..e1d936f3 100644 --- a/service/step_defs_test.go +++ b/service/step_defs_test.go @@ -3017,7 +3017,6 @@ func (f *feature) iCallBeforeServe() error { stringSlice = append(stringSlice, "X_CSI_HEALTH_MONITOR_ENABLED=true") stringSlice = append(stringSlice, "X_CSI_RENAME_SDC_ENABLED=true") stringSlice = append(stringSlice, "X_CSI_RENAME_SDC_PREFIX=test") - stringSlice = append(stringSlice, "X_CSI_NFS_ACLS=777") stringSlice = append(stringSlice, "X_CSI_APPROVE_SDC_ENABLED=true") stringSlice = append(stringSlice, "X_CSI_REPLICATION_CONTEXT_PREFIX=test") stringSlice = append(stringSlice, "X_CSI_REPLICATION_PREFIX=test") diff --git a/test/integration/step_defs_test.go b/test/integration/step_defs_test.go index 6ca34740..13eaffe8 100644 --- a/test/integration/step_defs_test.go +++ b/test/integration/step_defs_test.go @@ -64,7 +64,6 @@ type ArrayConnectionData struct { IsDefault bool `json:"isDefault,omitempty"` AllSystemNames string `json:"allSystemNames"` NasName *string `json:"nasname"` - NfsAcls string `json:"nfsAcls"` } type feature struct { @@ -183,9 +182,6 @@ func (f *feature) getArrayConfig() (map[string]*ArrayConnectionData, error) { if c.NasName == nil || *(c.NasName) == "" { c.NasName = &str } - if c.NfsAcls == "" { - c.NfsAcls = str - } fields := map[string]interface{}{ "endpoint": c.Endpoint, @@ -196,7 +192,6 @@ func (f *feature) getArrayConfig() (map[string]*ArrayConnectionData, error) { "systemID": c.SystemID, "allSystemNames": c.AllSystemNames, "nasName": *c.NasName, - "nfsAcls": c.NfsAcls, } fmt.Printf("array found %s %#v\n", c.SystemID, fields) @@ -296,10 +291,6 @@ func (f *feature) aBasicNfsVolumeRequest(name string, size int64) error { } if val { - if a.NasName != nil { - params["nasName"] = *a.NasName - params["nfsAcls"] = a.NfsAcls - } params["storagepool"] = NfsPool params["thickprovisioning"] = "false" if len(f.anotherSystemID) > 0 { @@ -360,7 +351,6 @@ func (f *feature) aNfsVolumeRequestWithQuota(volname string, volsize int64, path if val { if a.NasName != nil { params["nasName"] = *a.NasName - params["nfsAcls"] = a.NfsAcls } params["storagepool"] = NfsPool params["thickprovisioning"] = "false" @@ -1969,7 +1959,6 @@ func (f *feature) aBasicNfsVolumeRequestWithWrongNasName(name string, size int64 if val { if a.NasName != nil { params["nasName"] = wrongNasName - params["nfsAcls"] = a.NfsAcls } params["storagepool"] = NfsPool @@ -2096,7 +2085,6 @@ func (f *feature) aNfsVolumeRequest(name string, size int64) error { params := make(map[string]string) if a.NasName != nil { params["nasName"] = *a.NasName - params["nfsAcls"] = a.NfsAcls } params["storagepool"] = NfsPool params["thickprovisioning"] = "false" @@ -2155,7 +2143,6 @@ func (f *feature) controllerPublishVolumeForNfs(id string, nodeIDEnvVar string) for _, a := range f.arrays { req.VolumeContext = make(map[string]string) req.VolumeContext["nasName"] = *a.NasName - req.VolumeContext["nfsAcls"] = a.NfsAcls req.VolumeContext["fsType"] = "nfs" ctx := context.Background() client := csi.NewControllerClient(grpcClient)