From 0b20979e079ab9fe21476d7b91d0eec784369e87 Mon Sep 17 00:00:00 2001 From: Randeep Sharma <92301596+randeepsharma@users.noreply.github.com> Date: Thu, 4 Aug 2022 00:05:33 +0530 Subject: [PATCH] Changes to add to root clients for ROVoleFromSnapshot and RCE is true (#111) --- service/controller.go | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/service/controller.go b/service/controller.go index 02986ebd..f3491e54 100644 --- a/service/controller.go +++ b/service/controller.go @@ -288,7 +288,6 @@ func (s *service) CreateVolume( // check volume content source in the request isROVolumeFromSnapshot = false if contentSource = req.GetVolumeContentSource(); contentSource != nil { - // Fetch source snapshot ID or volume ID from content source if snapshot := contentSource.GetSnapshot(); snapshot != nil { normalizedSnapshotID := snapshot.GetSnapshotId() @@ -1130,7 +1129,13 @@ func (s *service) ControllerPublishVolume( err = isiConfig.isiSvc.AddExportClientNetworkIdentifierByIDWithZone(ctx, clusterName, exportID, accessZone, nodeID, isiConfig.isiSvc.AddExportClientByIDWithZone) } case csi.VolumeCapability_AccessMode_MULTI_NODE_READER_ONLY: - err = isiConfig.isiSvc.AddExportClientNetworkIdentifierByIDWithZone(ctx, clusterName, exportID, accessZone, nodeID, isiConfig.isiSvc.AddExportReadOnlyClientByIDWithZone) + //since read-only has higher privileges than root-clients, add to root-clients in exports on powerscale if root client enabled is set to true + if rootClientEnabled && isROVolumeFromSnapshot { + log.Info("ROVolumeFromSnapshot & rootClientEnabled is set to true, add to root clients") + err = isiConfig.isiSvc.AddExportClientNetworkIdentifierByIDWithZone(ctx, clusterName, exportID, accessZone, nodeID, isiConfig.isiSvc.AddExportRootClientByIDWithZone) + } else { + err = isiConfig.isiSvc.AddExportClientNetworkIdentifierByIDWithZone(ctx, clusterName, exportID, accessZone, nodeID, isiConfig.isiSvc.AddExportReadOnlyClientByIDWithZone) + } case csi.VolumeCapability_AccessMode_SINGLE_NODE_WRITER, csi.VolumeCapability_AccessMode_SINGLE_NODE_SINGLE_WRITER, csi.VolumeCapability_AccessMode_SINGLE_NODE_MULTI_WRITER: