From 10b02dc9bace90d9c3411e0bd895da31cdb06e1f Mon Sep 17 00:00:00 2001 From: Surya Gupta Date: Fri, 22 Nov 2024 02:26:53 -0500 Subject: [PATCH 01/46] set default replicas to 2 if not specified --- api/v1/types.go | 1 + controllers/csm_controller.go | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/api/v1/types.go b/api/v1/types.go index 0bb5079c9..98a00f513 100644 --- a/api/v1/types.go +++ b/api/v1/types.go @@ -185,6 +185,7 @@ type Driver struct { // Replicas is the count of controllers for Controller plugin // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Controller count" + // +kubebuilder:default=2 Replicas int32 `json:"replicas" yaml:"replicas"` // DNSPolicy is the dnsPolicy of the daemonset for Node plugin diff --git a/controllers/csm_controller.go b/controllers/csm_controller.go index d9e26b067..bb9f2f9e8 100644 --- a/controllers/csm_controller.go +++ b/controllers/csm_controller.go @@ -286,6 +286,11 @@ func (r *ContainerStorageModuleReconciler) Reconcile(_ context.Context, req ctrl return utils.HandleValidationError(ctx, csm, r, err) } + // Set default replica count if not specified + if csm.Spec.Driver.Replicas == 0 { + csm.Spec.Driver.Replicas = 2 + } + if csm.IsBeingDeleted() { log.Infow("Delete request", "csm", req.Namespace, "Name", req.Name) From b5aefc3ce84093b71ce52f93156f9380dd30c1c2 Mon Sep 17 00:00:00 2001 From: Surya Gupta Date: Fri, 22 Nov 2024 03:05:50 -0500 Subject: [PATCH 02/46] set default path for KUBELET_CONFIG_DIR --- pkg/drivers/powerflex.go | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/pkg/drivers/powerflex.go b/pkg/drivers/powerflex.go index 84d6c7b10..c014e3d54 100644 --- a/pkg/drivers/powerflex.go +++ b/pkg/drivers/powerflex.go @@ -146,19 +146,6 @@ func PrecheckPowerFlex(ctx context.Context, cr *csmv1.ContainerStorageModule, op } } - kubeletConfigDirFound := false - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "KUBELET_CONFIG_DIR" { - kubeletConfigDirFound = true - } - } - if !kubeletConfigDirFound { - cr.Spec.Driver.Common.Envs = append(cr.Spec.Driver.Common.Envs, corev1.EnvVar{ - Name: "KUBELET_CONFIG_DIR", - Value: "/var/lib/kubelet", - }) - } - return nil } From 4b1ffa1d2f6754e3687576e973761ba372611e4b Mon Sep 17 00:00:00 2001 From: Surya Gupta Date: Fri, 22 Nov 2024 03:06:58 -0500 Subject: [PATCH 03/46] set default path for KUBELET_CONFIG_DIR --- pkg/utils/utils.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go index 8da3ce6f6..c5bd12970 100644 --- a/pkg/utils/utils.go +++ b/pkg/utils/utils.go @@ -353,7 +353,7 @@ func ModifyCommonCR(YamlString string, cr csmv1.ContainerStorageModule) string { if string(cr.Spec.Driver.Common.ImagePullPolicy) != "" { YamlString = strings.ReplaceAll(YamlString, DefaultImagePullPolicy, string(cr.Spec.Driver.Common.ImagePullPolicy)) } - path := "" + path := "/var/lib/kubelet" for _, env := range cr.Spec.Driver.Common.Envs { if env.Name == "KUBELET_CONFIG_DIR" { path = env.Value From b7e33cc46f69f1fdc69fea7e8e9ed5cc578ef853 Mon Sep 17 00:00:00 2001 From: Surya Gupta Date: Fri, 22 Nov 2024 04:54:50 -0500 Subject: [PATCH 04/46] define DefaultKubeletConfigDir --- pkg/utils/utils.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go index c5bd12970..1072ebfe2 100644 --- a/pkg/utils/utils.go +++ b/pkg/utils/utils.go @@ -159,6 +159,8 @@ const ( ClientNamespace = "" // BrownfieldManifest - brownfield-onboard.yaml BrownfieldManifest = "brownfield-onboard.yaml" + // DefaultKubeletConfigDir - default kubelet config directory + DefaultKubeletConfigDir = "/var/lib/kubelet" ) // SplitYaml divides a big bytes of yaml files in individual yaml files. @@ -353,7 +355,7 @@ func ModifyCommonCR(YamlString string, cr csmv1.ContainerStorageModule) string { if string(cr.Spec.Driver.Common.ImagePullPolicy) != "" { YamlString = strings.ReplaceAll(YamlString, DefaultImagePullPolicy, string(cr.Spec.Driver.Common.ImagePullPolicy)) } - path := "/var/lib/kubelet" + path := DefaultKubeletConfigDir for _, env := range cr.Spec.Driver.Common.Envs { if env.Name == "KUBELET_CONFIG_DIR" { path = env.Value From 4517b8b4252a1e4414d7f1c3213bbe1f67d667a1 Mon Sep 17 00:00:00 2001 From: Aly Nathoo Date: Fri, 22 Nov 2024 15:42:48 -0500 Subject: [PATCH 05/46] Same KUBECONFIG_DIR changes for powerscale and powerstore. Tested on K8S. --- pkg/drivers/powerscale.go | 10 ---------- pkg/drivers/powerstore.go | 13 ------------- 2 files changed, 23 deletions(-) diff --git a/pkg/drivers/powerscale.go b/pkg/drivers/powerscale.go index 27ff6088d..a8730a6a0 100644 --- a/pkg/drivers/powerscale.go +++ b/pkg/drivers/powerscale.go @@ -58,7 +58,6 @@ func PrecheckPowerScale(ctx context.Context, cr *csmv1.ContainerStorageModule, o // check if skip validation is enabled: skipCertValid := false certCount := 1 - kubeletConfigDirFound := false for _, env := range cr.Spec.Driver.Common.Envs { if env.Name == "X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION" { b, err := strconv.ParseBool(env.Value) @@ -74,15 +73,6 @@ func PrecheckPowerScale(ctx context.Context, cr *csmv1.ContainerStorageModule, o } certCount = int(d) } - if env.Name == "KUBELET_CONFIG_DIR" { - kubeletConfigDirFound = true - } - } - if !kubeletConfigDirFound { - cr.Spec.Driver.Common.Envs = append(cr.Spec.Driver.Common.Envs, corev1.EnvVar{ - Name: "KUBELET_CONFIG_DIR", - Value: "/var/lib/kubelet", - }) } secrets := []string{config} diff --git a/pkg/drivers/powerstore.go b/pkg/drivers/powerstore.go index 1a4f0021b..d638572a4 100644 --- a/pkg/drivers/powerstore.go +++ b/pkg/drivers/powerstore.go @@ -68,19 +68,6 @@ func PrecheckPowerStore(ctx context.Context, cr *csmv1.ContainerStorageModule, o config = cr.Spec.Driver.AuthSecret } - kubeletConfigDirFound := false - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "KUBELET_CONFIG_DIR" { - kubeletConfigDirFound = true - } - } - if !kubeletConfigDirFound { - cr.Spec.Driver.Common.Envs = append(cr.Spec.Driver.Common.Envs, corev1.EnvVar{ - Name: "KUBELET_CONFIG_DIR", - Value: "/var/lib/kubelet", - }) - } - // Check if driver version is supported by doing a stat on a config file configFilePath := fmt.Sprintf("%s/driverconfig/powerstore/%s/upgrade-path.yaml", operatorConfig.ConfigDirectory, cr.Spec.Driver.ConfigVersion) if _, err := os.Stat(configFilePath); os.IsNotExist(err) { From 120ad064179edbceb391d3997e1bc93f83affc91 Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Mon, 25 Nov 2024 06:45:22 -0500 Subject: [PATCH 06/46] updated structs to pointers --- api/v1/types.go | 8 +- api/v1/zz_generated.deepcopy.go | 24 +++- pkg/drivers/common_test.go | 185 +++++++++++++++++----------- pkg/drivers/commonconfig.go | 83 +++++++------ pkg/drivers/commonconfig_test.go | 20 +-- pkg/drivers/powerflex.go | 74 +++++------ pkg/drivers/powerflex_test.go | 8 +- pkg/drivers/powermax.go | 202 +++++++++++++++---------------- pkg/drivers/powerscale.go | 81 +++++++------ pkg/drivers/powerstore.go | 56 +++++---- pkg/drivers/unity.go | 111 +++++++++-------- pkg/utils/utils.go | 16 +-- pkg/utils/utils_test.go | 2 +- tests/shared/common.go | 2 +- 14 files changed, 491 insertions(+), 381 deletions(-) diff --git a/api/v1/types.go b/api/v1/types.go index 98a00f513..d16e6cf3e 100644 --- a/api/v1/types.go +++ b/api/v1/types.go @@ -177,7 +177,7 @@ type Driver struct { // CSIDriverSpec is the specification for CSIDriver // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="CSI Driver Spec" - CSIDriverSpec CSIDriverSpec `json:"csiDriverSpec" yaml:"csiDriverSpec"` + CSIDriverSpec *CSIDriverSpec `json:"csiDriverSpec" yaml:"csiDriverSpec"` // ConfigVersion is the configuration version of the driver // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Config Version" @@ -194,15 +194,15 @@ type Driver struct { // Common is the common specification for both controller and node plugins // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Common specification" - Common ContainerTemplate `json:"common" yaml:"common"` + Common *ContainerTemplate `json:"common" yaml:"common"` // Controller is the specification for Controller plugin only // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Controller Specification" - Controller ContainerTemplate `json:"controller,omitempty" yaml:"controller"` + Controller *ContainerTemplate `json:"controller,omitempty" yaml:"controller"` // Node is the specification for Node plugin only // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Node specification" - Node ContainerTemplate `json:"node,omitempty" yaml:"node"` + Node *ContainerTemplate `json:"node,omitempty" yaml:"node"` // SideCars is the specification for CSI sidecar containers // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="CSI SideCars specification" diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go index 1e31ce79e..c15af8b86 100644 --- a/api/v1/zz_generated.deepcopy.go +++ b/api/v1/zz_generated.deepcopy.go @@ -236,10 +236,26 @@ func (in *Credkey) DeepCopy() *Credkey { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Driver) DeepCopyInto(out *Driver) { *out = *in - out.CSIDriverSpec = in.CSIDriverSpec - in.Common.DeepCopyInto(&out.Common) - in.Controller.DeepCopyInto(&out.Controller) - in.Node.DeepCopyInto(&out.Node) + if in.CSIDriverSpec != nil { + in, out := &in.CSIDriverSpec, &out.CSIDriverSpec + *out = new(CSIDriverSpec) + **out = **in + } + if in.Common != nil { + in, out := &in.Common, &out.Common + *out = new(ContainerTemplate) + (*in).DeepCopyInto(*out) + } + if in.Controller != nil { + in, out := &in.Controller, &out.Controller + *out = new(ContainerTemplate) + (*in).DeepCopyInto(*out) + } + if in.Node != nil { + in, out := &in.Node, &out.Node + *out = new(ContainerTemplate) + (*in).DeepCopyInto(*out) + } if in.SideCars != nil { in, out := &in.SideCars, &out.SideCars *out = make([]ContainerTemplate, len(*in)) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index 6d0f5880a..e17b195c7 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -37,43 +37,54 @@ var ( func csmWithTolerations(driver csmv1.DriverType, version string) csmv1.ContainerStorageModule { res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) - // Add tolerations to controller and node - res.Spec.Driver.Node.Tolerations = []corev1.Toleration{ - { - Key: "notNil", - Value: "123", - TolerationSeconds: new(int64), - }, - { - Key: "nil", - Value: "123", - TolerationSeconds: nil, - }, + // Add tolerations, node selector to controller and node + if res.Spec.Driver.Node != nil { + res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + res.Spec.Driver.Node.Tolerations = []corev1.Toleration{ + { + Key: "notNil", + Value: "123", + TolerationSeconds: new(int64), + }, + { + Key: "nil", + Value: "123", + TolerationSeconds: nil, + }, + } } - res.Spec.Driver.Controller.Tolerations = []corev1.Toleration{ - { - Key: "notNil", - Value: "123", - TolerationSeconds: new(int64), - }, - { - Key: "nil", - Value: "123", - TolerationSeconds: nil, - }, + if res.Spec.Driver.Controller != nil { + res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + res.Spec.Driver.Controller.Tolerations = []corev1.Toleration{ + { + Key: "notNil", + Value: "123", + TolerationSeconds: new(int64), + }, + { + Key: "nil", + Value: "123", + TolerationSeconds: nil, + }, + } } // Add FSGroupPolicy - res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" - - // Add FSGroupPolicy - res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "ReadWriteOnceWithFSType" + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" + res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "ReadWriteOnceWithFSType" + } // Add DNS Policy for GetNode test res.Spec.Driver.DNSPolicy = "ThisIsADNSPolicy" // Add image name - res.Spec.Driver.Common.Image = "thisIsAnImage" + if res.Spec.Driver.Common != nil { + res.Spec.Driver.Common.Image = "thisIsAnImage" + // Add CSI_LOG_LEVEL environment variables + envVar := corev1.EnvVar{Name: "CSI_LOG_LEVEL"} + res.Spec.Driver.Common.Envs = []corev1.EnvVar{envVar} + } // Add pscale driver version res.Spec.Driver.ConfigVersion = version @@ -81,14 +92,6 @@ func csmWithTolerations(driver csmv1.DriverType, version string) csmv1.Container // Add pscale driver type res.Spec.Driver.CSIDriverType = driver - // Add NodeSelector to node and controller - res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} - res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} - - // Add CSI_LOG_LEVEL environment variables - envVar := corev1.EnvVar{Name: "CSI_LOG_LEVEL"} - res.Spec.Driver.Common.Envs = []corev1.EnvVar{envVar} - // Add sidecars to trigger code in controller sideCarObjEnabledNil := csmv1.ContainerTemplate{ Name: "driver", @@ -143,7 +146,7 @@ func csmForPowerFlex(customCSMName string) csmv1.ContainerStorageModule { // Add pflex driver version res.Spec.Driver.ConfigVersion = shared.PFlexConfigVersion res.Spec.Driver.CSIDriverType = csmv1.PowerFlex - if customCSMName == "no-sdc" { + if customCSMName == "no-sdc" && res.Spec.Driver.Node != nil && res.Spec.Driver.Common != nil { res.Spec.Driver.Node.Envs = append(res.Spec.Driver.Node.Envs, corev1.EnvVar{Name: "X_CSI_SDC_ENABLED", Value: "false"}) res.Spec.Driver.Common.Envs = append(res.Spec.Driver.Common.Envs, corev1.EnvVar{Name: "INTERFACE_NAMES", Value: "worker1: \"interface1\",worker2: \"interface2\""}) } @@ -155,8 +158,9 @@ func csmWithPowerstore(driver csmv1.DriverType, version string) csmv1.ContainerS res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) // Add FSGroupPolicy - res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" - + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" + } // Add DNS Policy for GetNode test res.Spec.Driver.DNSPolicy = "ThisIsADNSPolicy" @@ -169,10 +173,6 @@ func csmWithPowerstore(driver csmv1.DriverType, version string) csmv1.ContainerS // Add pstore driver type res.Spec.Driver.CSIDriverType = driver - // Add NodeSelector to node and controller - res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} - res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} - // Add node name prefix to cover some code in GetNode nodeNamePrefix := corev1.EnvVar{Name: "X_CSI_POWERSTORE_NODE_NAME_PREFIX"} @@ -184,14 +184,23 @@ func csmWithPowerstore(driver csmv1.DriverType, version string) csmv1.ContainerS enableChap := corev1.EnvVar{Name: "X_CSI_POWERSTORE_ENABLE_CHAP", Value: "true"} healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} maxVolumesPerNode := corev1.EnvVar{Name: "X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE", Value: "0"} - res.Spec.Driver.Node.Envs = []corev1.EnvVar{enableChap, healthMonitor, maxVolumesPerNode} + // Add NodeSelector to node and controller + if res.Spec.Driver.Node != nil { + res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + res.Spec.Driver.Node.Envs = []corev1.EnvVar{enableChap, healthMonitor, maxVolumesPerNode} + } // Add controller fields specific nfsAclsParam := corev1.EnvVar{Name: "X_CSI_NFS_ACLS"} externalAccess := corev1.EnvVar{Name: "X_CSI_POWERSTORE_EXTERNAL_ACCESS"} - res.Spec.Driver.Controller.Envs = []corev1.EnvVar{nfsAclsParam, healthMonitor, externalAccess} + if res.Spec.Driver.Controller != nil { + res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + res.Spec.Driver.Controller.Envs = []corev1.EnvVar{nfsAclsParam, healthMonitor, externalAccess} + } - res.Spec.Driver.CSIDriverSpec.StorageCapacity = true + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.StorageCapacity = true + } return res } @@ -200,7 +209,9 @@ func csmWithPowermax(driver csmv1.DriverType, version string) csmv1.ContainerSto res := shared.MakeCSM("csm", "driver-test", version) // Add FSGroupPolicy - res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "ReadWriteOnceWithFSType" + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "ReadWriteOnceWithFSType" + } // Add DNS Policy for GetNode test res.Spec.Driver.DNSPolicy = "ThisIsADNSPolicy" @@ -215,24 +226,36 @@ func csmWithPowermax(driver csmv1.DriverType, version string) csmv1.ContainerSto res.Spec.Driver.CSIDriverType = driver // Add NodeSelector to node and controller - res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} - res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + if res.Spec.Driver.Node != nil { + res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + } + if res.Spec.Driver.Controller != nil { + res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + } // Add common envs commonEnvs := getPmaxCommonEnvs() - res.Spec.Driver.Common.Envs = commonEnvs + if res.Spec.Driver.Common != nil { + res.Spec.Driver.Common.Envs = commonEnvs + } // Add node fields specific to powermax enableChap := corev1.EnvVar{Name: "X_CSI_POWERMAX_ISCSI_ENABLE_CHAP", Value: "true"} healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} nodeTopology := corev1.EnvVar{Name: "X_CSI_TOPOLOGY_CONTROL_ENABLED", Value: "true"} - res.Spec.Driver.Node.Envs = []corev1.EnvVar{enableChap, healthMonitor, nodeTopology} + if res.Spec.Driver.Node != nil { + res.Spec.Driver.Node.Envs = []corev1.EnvVar{enableChap, healthMonitor, nodeTopology} + } // Add controller fields specific to powermax - res.Spec.Driver.Controller.Envs = []corev1.EnvVar{healthMonitor} + if res.Spec.Driver.Controller != nil { + res.Spec.Driver.Controller.Envs = []corev1.EnvVar{healthMonitor} + } // Add CSI Driver specific fields - res.Spec.Driver.CSIDriverSpec.StorageCapacity = true + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.StorageCapacity = true + } // Add reverseproxy module revproxy := shared.MakeReverseProxyModule(shared.ConfigVersion) @@ -305,7 +328,9 @@ func csmWithPowerScale(driver csmv1.DriverType, version string) csmv1.ContainerS res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) // Add FSGroupPolicy - res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" + } // Add DNS Policy for GetNode test res.Spec.Driver.DNSPolicy = "ThisIsADNSPolicy" @@ -319,30 +344,38 @@ func csmWithPowerScale(driver csmv1.DriverType, version string) csmv1.ContainerS // Add pscale driver type res.Spec.Driver.CSIDriverType = driver - // Add NodeSelector to node and controller - res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} - res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} - // Add node name prefix to cover some code in GetNode nodeNamePrefix := corev1.EnvVar{Name: "X_CSI_POWERSTORE_NODE_NAME_PREFIX"} // Add FC port filter fcFilterPath := corev1.EnvVar{Name: "X_CSI_FC_PORTS_FILTER_FILE_PATH"} - res.Spec.Driver.Common.Envs = []corev1.EnvVar{nodeNamePrefix, fcFilterPath} + + if res.Spec.Driver.Common != nil { + res.Spec.Driver.Common.Envs = []corev1.EnvVar{nodeNamePrefix, fcFilterPath} + } // Add environment variable csiLogLevel := corev1.EnvVar{Name: "CSI_LOG_LEVEL", Value: "debug"} - res.Spec.Driver.Node.Envs = []corev1.EnvVar{csiLogLevel} - // Add node fields specific to powerstore healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} - res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor} + + // Add node fields specific + if res.Spec.Driver.Node != nil { + res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + res.Spec.Driver.Node.Envs = []corev1.EnvVar{csiLogLevel} + res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor} + } // Add controller fields specific - res.Spec.Driver.Controller.Envs = []corev1.EnvVar{healthMonitor} + if res.Spec.Driver.Controller != nil { + res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + res.Spec.Driver.Controller.Envs = []corev1.EnvVar{csiLogLevel} + } - res.Spec.Driver.CSIDriverSpec.StorageCapacity = true + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.StorageCapacity = true + } // Add sidecars to trigger code in controller sideCarObjEnabledNil := csmv1.ContainerTemplate{ @@ -369,7 +402,9 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) // Add FSGroupPolicy - res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" + } // Add DNS Policy for GetNode test res.Spec.Driver.DNSPolicy = "ThisIsADNSPolicy" @@ -384,8 +419,12 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs res.Spec.Driver.CSIDriverType = driver // Add NodeSelector to node and controller - res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} - res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + if res.Spec.Driver.Node != nil { + res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + } + if res.Spec.Driver.Controller != nil { + res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + } // Add environment variables envVar1 := corev1.EnvVar{Name: "X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS", Value: "false"} @@ -402,11 +441,17 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs // Add node fields specific to unity healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} - res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor} + if res.Spec.Driver.Node != nil { + res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor} + } // Add controller fields specific - res.Spec.Driver.Controller.Envs = []corev1.EnvVar{healthMonitor} - res.Spec.Driver.CSIDriverSpec.StorageCapacity = true + if res.Spec.Driver.Controller != nil { + res.Spec.Driver.Controller.Envs = []corev1.EnvVar{healthMonitor} + } + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.StorageCapacity = true + } return res } diff --git a/pkg/drivers/commonconfig.go b/pkg/drivers/commonconfig.go index d710208a5..8c949a7e6 100644 --- a/pkg/drivers/commonconfig.go +++ b/pkg/drivers/commonconfig.go @@ -76,7 +76,7 @@ func GetController(ctx context.Context, cr csmv1.ContainerStorageModule, operato controllerYAML.Deployment.Spec.Replicas = &defaultReplicas } - if len(cr.Spec.Driver.Controller.Tolerations) != 0 { + if cr.Spec.Driver.Controller != nil && len(cr.Spec.Driver.Controller.Tolerations) != 0 { tols := make([]acorev1.TolerationApplyConfiguration, 0) for _, t := range cr.Spec.Driver.Controller.Tolerations { log.Debugw("Adding toleration", "t", t) @@ -94,19 +94,22 @@ func GetController(ctx context.Context, cr csmv1.ContainerStorageModule, operato controllerYAML.Deployment.Spec.Template.Spec.Tolerations = tols } - if cr.Spec.Driver.Controller.NodeSelector != nil { + if cr.Spec.Driver.Controller != nil && cr.Spec.Driver.Controller.NodeSelector != nil { controllerYAML.Deployment.Spec.Template.Spec.NodeSelector = cr.Spec.Driver.Controller.NodeSelector } containers := controllerYAML.Deployment.Spec.Template.Spec.Containers newcontainers := make([]acorev1.ContainerApplyConfiguration, 0) for i, c := range containers { - if string(*c.Name) == "driver" { - containers[i].Env = utils.ReplaceAllApplyCustomEnvs(c.Env, cr.Spec.Driver.Common.Envs, cr.Spec.Driver.Controller.Envs) - c.Env = containers[i].Env - if string(cr.Spec.Driver.Common.Image) != "" { - image := string(cr.Spec.Driver.Common.Image) - c.Image = &image + if c.Name != nil && string(*c.Name) == "driver" { + // Check if Common is not nil before accessing Envs + if cr.Spec.Driver.Common != nil && cr.Spec.Driver.Controller != nil { + containers[i].Env = utils.ReplaceAllApplyCustomEnvs(c.Env, cr.Spec.Driver.Common.Envs, cr.Spec.Driver.Controller.Envs) + c.Env = containers[i].Env + if string(cr.Spec.Driver.Common.Image) != "" { + image := string(cr.Spec.Driver.Common.Image) + c.Image = &image + } } } @@ -233,7 +236,7 @@ func GetNode(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfi nodeYaml.DaemonSetApplyConfig.Spec.Template.Spec.DNSPolicy = &defaultDNSPolicy } - if len(cr.Spec.Driver.Node.Tolerations) != 0 { + if cr.Spec.Driver.Node != nil && len(cr.Spec.Driver.Node.Tolerations) != 0 { tols := make([]acorev1.TolerationApplyConfiguration, 0) for _, t := range cr.Spec.Driver.Node.Tolerations { fmt.Printf("[BRUH] toleration t: %+v\n", t) @@ -251,19 +254,22 @@ func GetNode(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfi nodeYaml.DaemonSetApplyConfig.Spec.Template.Spec.Tolerations = tols } - if cr.Spec.Driver.Node.NodeSelector != nil { + if cr.Spec.Driver.Node != nil && cr.Spec.Driver.Node.NodeSelector != nil { nodeYaml.DaemonSetApplyConfig.Spec.Template.Spec.NodeSelector = cr.Spec.Driver.Node.NodeSelector } containers := nodeYaml.DaemonSetApplyConfig.Spec.Template.Spec.Containers newcontainers := make([]acorev1.ContainerApplyConfiguration, 0) for i, c := range containers { - if string(*c.Name) == "driver" { - containers[i].Env = utils.ReplaceAllApplyCustomEnvs(c.Env, cr.Spec.Driver.Common.Envs, cr.Spec.Driver.Node.Envs) - c.Env = containers[i].Env - if string(cr.Spec.Driver.Common.Image) != "" { - image := string(cr.Spec.Driver.Common.Image) - c.Image = &image + if c.Name != nil && string(*c.Name) == "driver" { + // Check if Common is not nil before accessing its fields + if cr.Spec.Driver.Common != nil && cr.Spec.Driver.Node != nil { + containers[i].Env = utils.ReplaceAllApplyCustomEnvs(c.Env, cr.Spec.Driver.Common.Envs, cr.Spec.Driver.Node.Envs) + c.Env = containers[i].Env + if string(cr.Spec.Driver.Common.Image) != "" { + image := string(cr.Spec.Driver.Common.Image) + c.Image = &image + } } } removeContainer := false @@ -301,9 +307,11 @@ func GetNode(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfi initcontainers := make([]acorev1.ContainerApplyConfiguration, 0) sdcEnabled := true - for _, env := range cr.Spec.Driver.Node.Envs { - if env.Name == "X_CSI_SDC_ENABLED" && env.Value == "false" { - sdcEnabled = false + if cr.Spec.Driver.Node != nil { + for _, env := range cr.Spec.Driver.Node.Envs { + if env.Name == "X_CSI_SDC_ENABLED" && env.Value == "false" { + sdcEnabled = false + } } } for _, ic := range nodeYaml.DaemonSetApplyConfig.Spec.Template.Spec.InitContainers { @@ -395,14 +403,16 @@ func GetConfigMap(ctx context.Context, cr csmv1.ContainerStorageModule, operator return nil, err } - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "CSI_LOG_LEVEL" { - cmValue += fmt.Sprintf("\n%s: %s", env.Name, env.Value) - podmanLogLevel = env.Value - } - if env.Name == "CSI_LOG_FORMAT" { - cmValue += fmt.Sprintf("\n%s: %s", env.Name, env.Value) - podmanLogFormat = env.Value + if cr.Spec.Driver.Common != nil { + for _, env := range cr.Spec.Driver.Common.Envs { + if env.Name == "CSI_LOG_LEVEL" { + cmValue += fmt.Sprintf("\n%s: %s", env.Name, env.Value) + podmanLogLevel = env.Value + } + if env.Name == "CSI_LOG_FORMAT" { + cmValue += fmt.Sprintf("\n%s: %s", env.Name, env.Value) + podmanLogFormat = env.Value + } } } @@ -418,11 +428,13 @@ func GetConfigMap(ctx context.Context, cr csmv1.ContainerStorageModule, operator } if cr.Spec.Driver.CSIDriverType == "powerflex" { - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "INTERFACE_NAMES" { - cmValue += fmt.Sprintf("\n%s: ", "interfaceNames") - for _, v := range strings.Split(env.Value, ",") { - cmValue += fmt.Sprintf("\n %s ", v) + if cr.Spec.Driver.Common != nil { + for _, env := range cr.Spec.Driver.Common.Envs { + if env.Name == "INTERFACE_NAMES" { + cmValue += fmt.Sprintf("\n%s: ", "interfaceNames") + for _, v := range strings.Split(env.Value, ",") { + cmValue += fmt.Sprintf("\n %s ", v) + } } } } @@ -471,11 +483,12 @@ func GetCSIDriver(ctx context.Context, cr csmv1.ContainerStorageModule, operator return nil, err } // overriding default FSGroupPolicy if this was provided in manifest - if cr.Spec.Driver.CSIDriverSpec.FSGroupPolicy != "" { + if cr.Spec.Driver.CSIDriverSpec != nil && cr.Spec.Driver.CSIDriverSpec.FSGroupPolicy != "" { fsGroupPolicy := storagev1.NoneFSGroupPolicy - if cr.Spec.Driver.CSIDriverSpec.FSGroupPolicy == "ReadWriteOnceWithFSType" { + switch cr.Spec.Driver.CSIDriverSpec.FSGroupPolicy { + case "ReadWriteOnceWithFSType": fsGroupPolicy = storagev1.ReadWriteOnceWithFSTypeFSGroupPolicy - } else if cr.Spec.Driver.CSIDriverSpec.FSGroupPolicy == "File" { + case "File": fsGroupPolicy = storagev1.FileFSGroupPolicy } csidriver.Spec.FSGroupPolicy = &fsGroupPolicy diff --git a/pkg/drivers/commonconfig_test.go b/pkg/drivers/commonconfig_test.go index f4b64a8ba..8299f0415 100644 --- a/pkg/drivers/commonconfig_test.go +++ b/pkg/drivers/commonconfig_test.go @@ -66,15 +66,17 @@ func TestGetCsiDriver(t *testing.T) { csiDriver, err := GetCSIDriver(ctx, tt.csm, config, tt.driverName) if tt.expectedErr == "" { assert.Nil(t, err) - switch tt.csm.Spec.Driver.CSIDriverSpec.FSGroupPolicy { - case "": - assert.Equal(t, storagev1.ReadWriteOnceWithFSTypeFSGroupPolicy, *csiDriver.Spec.FSGroupPolicy) - case "ReadWriteOnceWithFSType": - assert.Equal(t, storagev1.ReadWriteOnceWithFSTypeFSGroupPolicy, *csiDriver.Spec.FSGroupPolicy) - case "File": - assert.Equal(t, storagev1.FileFSGroupPolicy, *csiDriver.Spec.FSGroupPolicy) - default: - assert.Equal(t, storagev1.NoneFSGroupPolicy, *csiDriver.Spec.FSGroupPolicy) + if tt.csm.Spec.Driver.CSIDriverSpec != nil { + switch tt.csm.Spec.Driver.CSIDriverSpec.FSGroupPolicy { + case "": + assert.Equal(t, storagev1.ReadWriteOnceWithFSTypeFSGroupPolicy, *csiDriver.Spec.FSGroupPolicy) + case "ReadWriteOnceWithFSType": + assert.Equal(t, storagev1.ReadWriteOnceWithFSTypeFSGroupPolicy, *csiDriver.Spec.FSGroupPolicy) + case "File": + assert.Equal(t, storagev1.FileFSGroupPolicy, *csiDriver.Spec.FSGroupPolicy) + default: + assert.Equal(t, storagev1.NoneFSGroupPolicy, *csiDriver.Spec.FSGroupPolicy) + } } } else { assert.Containsf(t, err.Error(), tt.expectedErr, "expected error containing %q, got %s", tt.expectedErr, err) diff --git a/pkg/drivers/powerflex.go b/pkg/drivers/powerflex.go index c014e3d54..51f53c114 100644 --- a/pkg/drivers/powerflex.go +++ b/pkg/drivers/powerflex.go @@ -76,9 +76,11 @@ func PrecheckPowerFlex(ctx context.Context, cr *csmv1.ContainerStorageModule, op } var newmdm corev1.EnvVar sdcEnabled := true - for _, env := range cr.Spec.Driver.Node.Envs { - if env.Name == "X_CSI_SDC_ENABLED" && env.Value == "false" { - sdcEnabled = false + if cr.Spec.Driver.Node != nil { + for _, env := range cr.Spec.Driver.Node.Envs { + if env.Name == "X_CSI_SDC_ENABLED" && env.Value == "false" { + sdcEnabled = false + } } } @@ -277,15 +279,17 @@ func ModifyPowerflexCR(yamlString string, cr csmv1.ContainerStorageModule, fileT // nolint:gosec switch fileType { case "Controller": - for _, env := range cr.Spec.Driver.Controller.Envs { - if env.Name == "X_CSI_POWERFLEX_EXTERNAL_ACCESS" { - powerflexExternalAccess = env.Value - } - if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { - healthMonitorController = env.Value - } - if env.Name == "X_CSI_DEBUG" { - csiDebug = env.Value + if cr.Spec.Driver.Controller != nil { + for _, env := range cr.Spec.Driver.Controller.Envs { + if env.Name == "X_CSI_POWERFLEX_EXTERNAL_ACCESS" { + powerflexExternalAccess = env.Value + } + if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { + healthMonitorController = env.Value + } + if env.Name == "X_CSI_DEBUG" { + csiDebug = env.Value + } } } yamlString = strings.ReplaceAll(yamlString, CsiHealthMonitorEnabled, healthMonitorController) @@ -293,27 +297,29 @@ func ModifyPowerflexCR(yamlString string, cr csmv1.ContainerStorageModule, fileT yamlString = strings.ReplaceAll(yamlString, CsiDebug, csiDebug) case "Node": - for _, env := range cr.Spec.Driver.Node.Envs { - if env.Name == "X_CSI_SDC_ENABLED" { - sdcEnabled = env.Value - } - if env.Name == "X_CSI_APPROVE_SDC_ENABLED" { - approveSdcEnabled = env.Value - } - if env.Name == "X_CSI_RENAME_SDC_ENABLED" { - renameSdcEnabled = env.Value - } - if env.Name == "X_CSI_RENAME_SDC_PREFIX" { - renameSdcPrefix = env.Value - } - if env.Name == "X_CSI_MAX_VOLUMES_PER_NODE" { - maxVolumesPerNode = env.Value - } - if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { - healthMonitorNode = env.Value - } - if env.Name == "X_CSI_DEBUG" { - csiDebug = env.Value + if cr.Spec.Driver.Node != nil { + for _, env := range cr.Spec.Driver.Node.Envs { + if env.Name == "X_CSI_SDC_ENABLED" { + sdcEnabled = env.Value + } + if env.Name == "X_CSI_APPROVE_SDC_ENABLED" { + approveSdcEnabled = env.Value + } + if env.Name == "X_CSI_RENAME_SDC_ENABLED" { + renameSdcEnabled = env.Value + } + if env.Name == "X_CSI_RENAME_SDC_PREFIX" { + renameSdcPrefix = env.Value + } + if env.Name == "X_CSI_MAX_VOLUMES_PER_NODE" { + maxVolumesPerNode = env.Value + } + if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { + healthMonitorNode = env.Value + } + if env.Name == "X_CSI_DEBUG" { + csiDebug = env.Value + } } } yamlString = strings.ReplaceAll(yamlString, CsiSdcEnabled, sdcEnabled) @@ -325,7 +331,7 @@ func ModifyPowerflexCR(yamlString string, cr csmv1.ContainerStorageModule, fileT yamlString = strings.ReplaceAll(yamlString, CsiDebug, csiDebug) case "CSIDriverSpec": - if cr.Spec.Driver.CSIDriverSpec.StorageCapacity { + if cr.Spec.Driver.CSIDriverSpec != nil && cr.Spec.Driver.CSIDriverSpec.StorageCapacity { storageCapacity = "true" } yamlString = strings.ReplaceAll(yamlString, CsiStorageCapacityEnabled, storageCapacity) diff --git a/pkg/drivers/powerflex_test.go b/pkg/drivers/powerflex_test.go index 19fbb2eec..7cc7c3361 100644 --- a/pkg/drivers/powerflex_test.go +++ b/pkg/drivers/powerflex_test.go @@ -82,7 +82,7 @@ var ( cr: csmv1.ContainerStorageModule{ Spec: csmv1.ContainerStorageModuleSpec{ Driver: csmv1.Driver{ - Controller: csmv1.ContainerTemplate{ + Controller: &csmv1.ContainerTemplate{ Envs: []corev1.EnvVar{ {Name: "X_CSI_POWERFLEX_EXTERNAL_ACCESS", Value: "NEW_POWERFLEX_ACCESS"}, {Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "NEW_HEALTH_MONITOR"}, @@ -101,7 +101,7 @@ var ( cr: csmv1.ContainerStorageModule{ Spec: csmv1.ContainerStorageModuleSpec{ Driver: csmv1.Driver{ - Node: csmv1.ContainerTemplate{ + Node: &csmv1.ContainerTemplate{ Envs: []corev1.EnvVar{ {Name: "X_CSI_SDC_ENABLED", Value: "NEW_SDC_ENABLED"}, {Name: "X_CSI_APPROVE_SDC_ENABLED", Value: "NEW_APPROVE_SDC"}, @@ -124,7 +124,7 @@ var ( cr: csmv1.ContainerStorageModule{ Spec: csmv1.ContainerStorageModuleSpec{ Driver: csmv1.Driver{ - CSIDriverSpec: csmv1.CSIDriverSpec{ + CSIDriverSpec: &csmv1.CSIDriverSpec{ StorageCapacity: true, }, }, @@ -139,7 +139,7 @@ var ( cr: csmv1.ContainerStorageModule{ Spec: csmv1.ContainerStorageModuleSpec{ Driver: csmv1.Driver{ - CSIDriverSpec: csmv1.CSIDriverSpec{ + CSIDriverSpec: &csmv1.CSIDriverSpec{ StorageCapacity: false, }, }, diff --git a/pkg/drivers/powermax.go b/pkg/drivers/powermax.go index b1e06d411..bcd055cff 100644 --- a/pkg/drivers/powermax.go +++ b/pkg/drivers/powermax.go @@ -85,18 +85,6 @@ func PrecheckPowerMax(ctx context.Context, cr *csmv1.ContainerStorageModule, ope } } } - kubeletConfigDirFound := false - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "KUBELET_CONFIG_DIR" { - kubeletConfigDirFound = true - } - } - if !kubeletConfigDirFound { - cr.Spec.Driver.Common.Envs = append(cr.Spec.Driver.Common.Envs, corev1.EnvVar{ - Name: "KUBELET_CONFIG_DIR", - Value: "/var/lib/kubelet", - }) - } foundRevProxy := false for _, mod := range cr.Spec.Modules { @@ -167,59 +155,63 @@ func ModifyPowermaxCR(yamlString string, cr csmv1.ContainerStorageModule, fileTy // #nosec G101 - False positives switch fileType { case "Node": - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "X_CSI_MANAGED_ARRAYS" { - managedArray = env.Value - } - if env.Name == "X_CSI_POWERMAX_ENDPOINT" { - endpoint = env.Value - } - if env.Name == "X_CSI_K8S_CLUSTER_PREFIX" { - clusterPrefix = env.Value - } - if env.Name == "X_CSI_POWERMAX_DEBUG" { - debug = env.Value - } - if env.Name == "X_CSI_POWERMAX_PORTGROUPS" { - portGroup = env.Value - } - if env.Name == "X_CSI_TRANSPORT_PROTOCOL" { - protocol = env.Value - } - if env.Name == "X_CSI_VSPHERE_ENABLED" { - vsphereEnabled = env.Value - } - if env.Name == "X_CSI_VSPHERE_PORTGROUP" { - vspherePG = env.Value - } - if env.Name == "X_CSI_VSPHERE_HOSTNAME" { - vsphereHostname = env.Value - } - if env.Name == "X_CSI_VCENTER_HOST" { - vsphereHost = env.Value - } - if env.Name == "X_CSI_VSPHERE_ENABLED" { - vsphereEnabled = env.Value - } - if env.Name == "X_CSI_IG_MODIFY_HOSTNAME" { - modifyHostname = env.Value - } - if env.Name == "X_CSI_IG_NODENAME_TEMPLATE" { - nodeTemplate = env.Value + if cr.Spec.Driver.Common != nil { + for _, env := range cr.Spec.Driver.Common.Envs { + if env.Name == "X_CSI_MANAGED_ARRAYS" { + managedArray = env.Value + } + if env.Name == "X_CSI_POWERMAX_ENDPOINT" { + endpoint = env.Value + } + if env.Name == "X_CSI_K8S_CLUSTER_PREFIX" { + clusterPrefix = env.Value + } + if env.Name == "X_CSI_POWERMAX_DEBUG" { + debug = env.Value + } + if env.Name == "X_CSI_POWERMAX_PORTGROUPS" { + portGroup = env.Value + } + if env.Name == "X_CSI_TRANSPORT_PROTOCOL" { + protocol = env.Value + } + if env.Name == "X_CSI_VSPHERE_ENABLED" { + vsphereEnabled = env.Value + } + if env.Name == "X_CSI_VSPHERE_PORTGROUP" { + vspherePG = env.Value + } + if env.Name == "X_CSI_VSPHERE_HOSTNAME" { + vsphereHostname = env.Value + } + if env.Name == "X_CSI_VCENTER_HOST" { + vsphereHost = env.Value + } + if env.Name == "X_CSI_VSPHERE_ENABLED" { + vsphereEnabled = env.Value + } + if env.Name == "X_CSI_IG_MODIFY_HOSTNAME" { + modifyHostname = env.Value + } + if env.Name == "X_CSI_IG_NODENAME_TEMPLATE" { + nodeTemplate = env.Value + } } } - for _, env := range cr.Spec.Driver.Node.Envs { - if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { - nodeHealthMonitor = env.Value - } - if env.Name == "X_CSI_POWERMAX_ISCSI_ENABLE_CHAP" { - nodeChap = env.Value - } - if env.Name == "X_CSI_TOPOLOGY_CONTROL_ENABLED" { - nodeTopology = env.Value - } - if env.Name == "X_CSI_MAX_VOLUMES_PER_NODE" { - maxVolumesPerNode = env.Value + if cr.Spec.Driver.Node != nil { + for _, env := range cr.Spec.Driver.Node.Envs { + if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { + nodeHealthMonitor = env.Value + } + if env.Name == "X_CSI_POWERMAX_ISCSI_ENABLE_CHAP" { + nodeChap = env.Value + } + if env.Name == "X_CSI_TOPOLOGY_CONTROL_ENABLED" { + nodeTopology = env.Value + } + if env.Name == "X_CSI_MAX_VOLUMES_PER_NODE" { + maxVolumesPerNode = env.Value + } } } @@ -240,47 +232,51 @@ func ModifyPowermaxCR(yamlString string, cr csmv1.ContainerStorageModule, fileTy yamlString = strings.ReplaceAll(yamlString, CSIPmaxChap, nodeChap) yamlString = strings.ReplaceAll(yamlString, CsiPmaxMaxVolumesPerNode, maxVolumesPerNode) case "Controller": - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "X_CSI_MANAGED_ARRAYS" { - managedArray = env.Value - } - if env.Name == "X_CSI_POWERMAX_ENDPOINT" { - endpoint = env.Value - } - if env.Name == "X_CSI_K8S_CLUSTER_PREFIX" { - clusterPrefix = env.Value - } - if env.Name == "X_CSI_POWERMAX_DEBUG" { - debug = env.Value - } - if env.Name == "X_CSI_POWERMAX_PORTGROUPS" { - portGroup = env.Value - } - if env.Name == "X_CSI_TRANSPORT_PROTOCOL" { - protocol = env.Value - } - if env.Name == "X_CSI_VSPHERE_ENABLED" { - vsphereEnabled = env.Value - } - if env.Name == "X_CSI_VSPHERE_PORTGROUP" { - vspherePG = env.Value - } - if env.Name == "X_CSI_VSPHERE_HOSTNAME" { - vsphereHostname = env.Value - } - if env.Name == "X_CSI_VCENTER_HOST" { - vsphereHost = env.Value - } - if env.Name == "X_CSI_IG_MODIFY_HOSTNAME" { - modifyHostname = env.Value - } - if env.Name == "X_CSI_IG_NODENAME_TEMPLATE" { - nodeTemplate = env.Value + if cr.Spec.Driver.Common != nil { + for _, env := range cr.Spec.Driver.Common.Envs { + if env.Name == "X_CSI_MANAGED_ARRAYS" { + managedArray = env.Value + } + if env.Name == "X_CSI_POWERMAX_ENDPOINT" { + endpoint = env.Value + } + if env.Name == "X_CSI_K8S_CLUSTER_PREFIX" { + clusterPrefix = env.Value + } + if env.Name == "X_CSI_POWERMAX_DEBUG" { + debug = env.Value + } + if env.Name == "X_CSI_POWERMAX_PORTGROUPS" { + portGroup = env.Value + } + if env.Name == "X_CSI_TRANSPORT_PROTOCOL" { + protocol = env.Value + } + if env.Name == "X_CSI_VSPHERE_ENABLED" { + vsphereEnabled = env.Value + } + if env.Name == "X_CSI_VSPHERE_PORTGROUP" { + vspherePG = env.Value + } + if env.Name == "X_CSI_VSPHERE_HOSTNAME" { + vsphereHostname = env.Value + } + if env.Name == "X_CSI_VCENTER_HOST" { + vsphereHost = env.Value + } + if env.Name == "X_CSI_IG_MODIFY_HOSTNAME" { + modifyHostname = env.Value + } + if env.Name == "X_CSI_IG_NODENAME_TEMPLATE" { + nodeTemplate = env.Value + } } } - for _, env := range cr.Spec.Driver.Controller.Envs { - if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { - ctrlHealthMonitor = env.Value + if cr.Spec.Driver.Controller != nil { + for _, env := range cr.Spec.Driver.Controller.Envs { + if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { + ctrlHealthMonitor = env.Value + } } } yamlString = strings.ReplaceAll(yamlString, CSIPmaxManagedArray, managedArray) @@ -299,7 +295,7 @@ func ModifyPowermaxCR(yamlString string, cr csmv1.ContainerStorageModule, fileTy yamlString = strings.ReplaceAll(yamlString, CSIPmaxVsphereHost, vsphereHost) yamlString = strings.ReplaceAll(yamlString, CSIPmaxChap, nodeChap) case "CSIDriverSpec": - if cr.Spec.Driver.CSIDriverSpec.StorageCapacity { + if cr.Spec.Driver.CSIDriverSpec != nil && cr.Spec.Driver.CSIDriverSpec.StorageCapacity { storageCapacity = "true" } yamlString = strings.ReplaceAll(yamlString, CsiStorageCapacityEnabled, storageCapacity) diff --git a/pkg/drivers/powerscale.go b/pkg/drivers/powerscale.go index a8730a6a0..de578ec04 100644 --- a/pkg/drivers/powerscale.go +++ b/pkg/drivers/powerscale.go @@ -58,20 +58,22 @@ func PrecheckPowerScale(ctx context.Context, cr *csmv1.ContainerStorageModule, o // check if skip validation is enabled: skipCertValid := false certCount := 1 - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION" { - b, err := strconv.ParseBool(env.Value) - if err != nil { - return fmt.Errorf("%s is an invalid value for X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION: %v", env.Value, err) + if cr.Spec.Driver.Common != nil { + for _, env := range cr.Spec.Driver.Common.Envs { + if env.Name == "X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION" { + b, err := strconv.ParseBool(env.Value) + if err != nil { + return fmt.Errorf("%s is an invalid value for X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION: %v", env.Value, err) + } + skipCertValid = b } - skipCertValid = b - } - if env.Name == "CERT_SECRET_COUNT" { - d, err := strconv.ParseInt(env.Value, 0, 8) - if err != nil { - return fmt.Errorf("%s is an invalid value for CERT_SECRET_COUNT: %v", env.Value, err) + if env.Name == "CERT_SECRET_COUNT" { + d, err := strconv.ParseInt(env.Value, 0, 8) + if err != nil { + return fmt.Errorf("%s is an invalid value for CERT_SECRET_COUNT: %v", env.Value, err) + } + certCount = int(d) } - certCount = int(d) } } @@ -103,26 +105,31 @@ func getApplyCertVolume(cr csmv1.ContainerStorageModule) (*acorev1.VolumeApplyCo skipCertValid := false certCount := 1 - if len(cr.Spec.Driver.Common.Envs) == 0 || - (len(cr.Spec.Driver.Common.Envs) == 1 && cr.Spec.Driver.Common.Envs[0].Name != "CERT_SECRET_COUNT") { - certCount = 0 - } + if cr.Spec.Driver.Common != nil { + if len(cr.Spec.Driver.Common.Envs) == 0 || + (len(cr.Spec.Driver.Common.Envs) == 1 && cr.Spec.Driver.Common.Envs[0].Name != "CERT_SECRET_COUNT") { + certCount = 0 + } - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION" { - b, err := strconv.ParseBool(env.Value) - if err != nil { - return nil, fmt.Errorf("%s is an invalid value for X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION: %v", env.Value, err) + for _, env := range cr.Spec.Driver.Common.Envs { + if env.Name == "X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION" { + b, err := strconv.ParseBool(env.Value) + if err != nil { + return nil, fmt.Errorf("%s is an invalid value for X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION: %v", env.Value, err) + } + skipCertValid = b } - skipCertValid = b - } - if env.Name == "CERT_SECRET_COUNT" { - d, err := strconv.ParseInt(env.Value, 0, 8) - if err != nil { - return nil, fmt.Errorf("%s is an invalid value for CERT_SECRET_COUNT: %v", env.Value, err) + if env.Name == "CERT_SECRET_COUNT" { + d, err := strconv.ParseInt(env.Value, 0, 8) + if err != nil { + return nil, fmt.Errorf("%s is an invalid value for CERT_SECRET_COUNT: %v", env.Value, err) + } + certCount = int(d) } - certCount = int(d) } + } else { + certCount = 0 + skipCertValid = true } name := "certs" @@ -165,21 +172,25 @@ func ModifyPowerScaleCR(yamlString string, cr csmv1.ContainerStorageModule, file switch fileType { case "CSIDriverSpec": - if cr.Spec.Driver.CSIDriverSpec.StorageCapacity { + if cr.Spec.Driver.CSIDriverSpec != nil && cr.Spec.Driver.CSIDriverSpec.StorageCapacity { storageCapacity = "true" } yamlString = strings.ReplaceAll(yamlString, CsiStorageCapacityEnabled, storageCapacity) case "Controller": - for _, env := range cr.Spec.Driver.Controller.Envs { - if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { - healthMonitorController = env.Value + if cr.Spec.Driver.Controller != nil { + for _, env := range cr.Spec.Driver.Controller.Envs { + if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { + healthMonitorController = env.Value + } } } yamlString = strings.ReplaceAll(yamlString, CsiHealthMonitorEnabled, healthMonitorController) case "Node": - for _, env := range cr.Spec.Driver.Node.Envs { - if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { - healthMonitorNode = env.Value + if cr.Spec.Driver.Node != nil { + for _, env := range cr.Spec.Driver.Node.Envs { + if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { + healthMonitorNode = env.Value + } } } yamlString = strings.ReplaceAll(yamlString, CsiHealthMonitorEnabled, healthMonitorNode) diff --git a/pkg/drivers/powerstore.go b/pkg/drivers/powerstore.go index d638572a4..d60eda59d 100644 --- a/pkg/drivers/powerstore.go +++ b/pkg/drivers/powerstore.go @@ -106,23 +106,27 @@ func ModifyPowerstoreCR(yamlString string, cr csmv1.ContainerStorageModule, file switch fileType { case "Node": - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "X_CSI_POWERSTORE_NODE_NAME_PREFIX" { - nodePrefix = env.Value - } - if env.Name == "X_CSI_FC_PORTS_FILTER_FILE_PATH" { - fcPortFilter = env.Value + if cr.Spec.Driver.Common != nil { + for _, env := range cr.Spec.Driver.Common.Envs { + if env.Name == "X_CSI_POWERSTORE_NODE_NAME_PREFIX" { + nodePrefix = env.Value + } + if env.Name == "X_CSI_FC_PORTS_FILTER_FILE_PATH" { + fcPortFilter = env.Value + } } } - for _, env := range cr.Spec.Driver.Node.Envs { - if env.Name == "X_CSI_POWERSTORE_ENABLE_CHAP" { - chap = env.Value - } - if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { - healthMonitorNode = env.Value - } - if env.Name == "X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE" { - maxVolumesPerNode = env.Value + if cr.Spec.Driver.Node != nil { + for _, env := range cr.Spec.Driver.Node.Envs { + if env.Name == "X_CSI_POWERSTORE_ENABLE_CHAP" { + chap = env.Value + } + if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { + healthMonitorNode = env.Value + } + if env.Name == "X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE" { + maxVolumesPerNode = env.Value + } } } yamlString = strings.ReplaceAll(yamlString, CsiPowerstoreNodeNamePrefix, nodePrefix) @@ -131,22 +135,24 @@ func ModifyPowerstoreCR(yamlString string, cr csmv1.ContainerStorageModule, file yamlString = strings.ReplaceAll(yamlString, CsiHealthMonitorEnabled, healthMonitorNode) yamlString = strings.ReplaceAll(yamlString, CsiPowerstoreMaxVolumesPerNode, maxVolumesPerNode) case "Controller": - for _, env := range cr.Spec.Driver.Controller.Envs { - if env.Name == "X_CSI_NFS_ACLS" { - nfsAcls = env.Value - } - if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { - healthMonitorController = env.Value - } - if env.Name == "X_CSI_POWERSTORE_EXTERNAL_ACCESS" { - powerstoreExternalAccess = env.Value + if cr.Spec.Driver.Controller != nil { + for _, env := range cr.Spec.Driver.Controller.Envs { + if env.Name == "X_CSI_NFS_ACLS" { + nfsAcls = env.Value + } + if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { + healthMonitorController = env.Value + } + if env.Name == "X_CSI_POWERSTORE_EXTERNAL_ACCESS" { + powerstoreExternalAccess = env.Value + } } } yamlString = strings.ReplaceAll(yamlString, CsiNfsAcls, nfsAcls) yamlString = strings.ReplaceAll(yamlString, CsiHealthMonitorEnabled, healthMonitorController) yamlString = strings.ReplaceAll(yamlString, CsiPowerstoreExternalAccess, powerstoreExternalAccess) case "CSIDriverSpec": - if cr.Spec.Driver.CSIDriverSpec.StorageCapacity { + if cr.Spec.Driver.CSIDriverSpec != nil && cr.Spec.Driver.CSIDriverSpec.StorageCapacity { storageCapacity = "true" } yamlString = strings.ReplaceAll(yamlString, CsiStorageCapacityEnabled, storageCapacity) diff --git a/pkg/drivers/unity.go b/pkg/drivers/unity.go index 218e44c7a..afbaa1afe 100644 --- a/pkg/drivers/unity.go +++ b/pkg/drivers/unity.go @@ -70,20 +70,22 @@ func PrecheckUnity(ctx context.Context, cr *csmv1.ContainerStorageModule, operat skipCertValid := true certCount := 1 - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION" { - b, err := strconv.ParseBool(env.Value) - if err != nil { - return fmt.Errorf("%s is an invalid value for X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION: %v", env.Value, err) + if cr.Spec.Driver.Common != nil { + for _, env := range cr.Spec.Driver.Common.Envs { + if env.Name == "X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION" { + b, err := strconv.ParseBool(env.Value) + if err != nil { + return fmt.Errorf("%s is an invalid value for X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION: %v", env.Value, err) + } + skipCertValid = b } - skipCertValid = b - } - if env.Name == "CERT_SECRET_COUNT" { - d, err := strconv.ParseInt(env.Value, 0, 8) - if err != nil { - return fmt.Errorf("%s is an invalid value for CERT_SECRET_COUNT: %v", env.Value, err) + if env.Name == "CERT_SECRET_COUNT" { + d, err := strconv.ParseInt(env.Value, 0, 8) + if err != nil { + return fmt.Errorf("%s is an invalid value for CERT_SECRET_COUNT: %v", env.Value, err) + } + certCount = int(d) } - certCount = int(d) } } @@ -119,25 +121,29 @@ func ModifyUnityCR(yamlString string, cr csmv1.ContainerStorageModule, fileType switch fileType { case "Node": - for _, env := range cr.Spec.Driver.Node.Envs { - if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { - healthMonitorNode = env.Value - } - if env.Name == "X_CSI_ALLOWED_NETWORKS" { - allowedNetworks = env.Value + if cr.Spec.Driver.Node != nil { + for _, env := range cr.Spec.Driver.Node.Envs { + if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { + healthMonitorNode = env.Value + } + if env.Name == "X_CSI_ALLOWED_NETWORKS" { + allowedNetworks = env.Value + } } } yamlString = strings.ReplaceAll(yamlString, CsiHealthMonitorEnabled, healthMonitorNode) yamlString = strings.ReplaceAll(yamlString, AllowedNetworks, allowedNetworks) case "Controller": - for _, env := range cr.Spec.Driver.Controller.Envs { - if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { - healthMonitorController = env.Value + if cr.Spec.Driver.Controller != nil { + for _, env := range cr.Spec.Driver.Controller.Envs { + if env.Name == "X_CSI_HEALTH_MONITOR_ENABLED" { + healthMonitorController = env.Value + } } } yamlString = strings.ReplaceAll(yamlString, CsiHealthMonitorEnabled, healthMonitorController) case "CSIDriverSpec": - if cr.Spec.Driver.CSIDriverSpec.StorageCapacity { + if cr.Spec.Driver.CSIDriverSpec != nil && cr.Spec.Driver.CSIDriverSpec.StorageCapacity { storageCapacity = "true" } yamlString = strings.ReplaceAll(yamlString, CsiStorageCapacityEnabled, storageCapacity) @@ -150,22 +156,24 @@ func ModifyUnityCR(yamlString string, cr csmv1.ContainerStorageModule, fileType func ModifyUnityConfigMap(_ context.Context, cr csmv1.ContainerStorageModule) map[string]string { keyValue := "" var configMapData map[string]string - for _, env := range cr.Spec.Driver.Common.Envs { + if cr.Spec.Driver.Common != nil { + for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS" { - keyValue += fmt.Sprintf("\n %s: %s", "ALLOW_MULTI_POD_ACCESS", env.Value) - } - if env.Name == "MAX_UNITY_VOLUMES_PER_NODE" { - keyValue += fmt.Sprintf("\n %s: %s", env.Name, env.Value) - } - if env.Name == "X_CSI_UNITY_SYNC_NODEINFO_INTERVAL" { - keyValue += fmt.Sprintf("\n %s: %s", "SYNC_NODE_INFO_TIME_INTERVAL", env.Value) - } - if env.Name == "TENANT_NAME" { - keyValue += fmt.Sprintf("\n %s: %s", env.Name, env.Value) - } - if env.Name == "CSI_LOG_LEVEL" { - keyValue += fmt.Sprintf("\n %s: %s", env.Name, env.Value) + if env.Name == "X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS" { + keyValue += fmt.Sprintf("\n %s: %s", "ALLOW_MULTI_POD_ACCESS", env.Value) + } + if env.Name == "MAX_UNITY_VOLUMES_PER_NODE" { + keyValue += fmt.Sprintf("\n %s: %s", env.Name, env.Value) + } + if env.Name == "X_CSI_UNITY_SYNC_NODEINFO_INTERVAL" { + keyValue += fmt.Sprintf("\n %s: %s", "SYNC_NODE_INFO_TIME_INTERVAL", env.Value) + } + if env.Name == "TENANT_NAME" { + keyValue += fmt.Sprintf("\n %s: %s", env.Name, env.Value) + } + if env.Name == "CSI_LOG_LEVEL" { + keyValue += fmt.Sprintf("\n %s: %s", env.Name, env.Value) + } } } configMapData = map[string]string{ @@ -178,21 +186,26 @@ func ModifyUnityConfigMap(_ context.Context, cr csmv1.ContainerStorageModule) ma func getApplyCertVolumeUnity(cr csmv1.ContainerStorageModule) (*acorev1.VolumeApplyConfiguration, error) { skipCertValid := true certCount := 1 - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION" { - b, err := strconv.ParseBool(env.Value) - if err != nil { - return nil, fmt.Errorf("%s is an invalid value for X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION: %v", env.Value, err) + if cr.Spec.Driver.Common != nil { + for _, env := range cr.Spec.Driver.Common.Envs { + if env.Name == "X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION" { + b, err := strconv.ParseBool(env.Value) + if err != nil { + return nil, fmt.Errorf("%s is an invalid value for X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION: %v", env.Value, err) + } + skipCertValid = b } - skipCertValid = b - } - if env.Name == "CERT_SECRET_COUNT" { - d, err := strconv.ParseInt(env.Value, 0, 8) - if err != nil { - return nil, fmt.Errorf("%s is an invalid value for CERT_SECRET_COUNT: %v", env.Value, err) + if env.Name == "CERT_SECRET_COUNT" { + d, err := strconv.ParseInt(env.Value, 0, 8) + if err != nil { + return nil, fmt.Errorf("%s is an invalid value for CERT_SECRET_COUNT: %v", env.Value, err) + } + certCount = int(d) } - certCount = int(d) } + } else { + skipCertValid = true + certCount = 0 } name := "certs" diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go index 1072ebfe2..da9661678 100644 --- a/pkg/utils/utils.go +++ b/pkg/utils/utils.go @@ -352,14 +352,16 @@ func ModifyCommonCR(YamlString string, cr csmv1.ContainerStorageModule) string { if cr.Namespace != "" { YamlString = strings.ReplaceAll(YamlString, DefaultReleaseNamespace, cr.Namespace) } - if string(cr.Spec.Driver.Common.ImagePullPolicy) != "" { - YamlString = strings.ReplaceAll(YamlString, DefaultImagePullPolicy, string(cr.Spec.Driver.Common.ImagePullPolicy)) - } path := DefaultKubeletConfigDir - for _, env := range cr.Spec.Driver.Common.Envs { - if env.Name == "KUBELET_CONFIG_DIR" { - path = env.Value - break + if cr.Spec.Driver.Common != nil { + if string(cr.Spec.Driver.Common.ImagePullPolicy) != "" { + YamlString = strings.ReplaceAll(YamlString, DefaultImagePullPolicy, string(cr.Spec.Driver.Common.ImagePullPolicy)) + } + for _, env := range cr.Spec.Driver.Common.Envs { + if env.Name == "KUBELET_CONFIG_DIR" { + path = env.Value + break + } } } YamlString = strings.ReplaceAll(YamlString, KubeletConfigDir, path) diff --git a/pkg/utils/utils_test.go b/pkg/utils/utils_test.go index ee180c43b..f1f3d70d4 100644 --- a/pkg/utils/utils_test.go +++ b/pkg/utils/utils_test.go @@ -933,7 +933,7 @@ func TestModifyCommonCR(t *testing.T) { }, Spec: csmv1.ContainerStorageModuleSpec{ Driver: csmv1.Driver{ - Common: csmv1.ContainerTemplate{ + Common: &csmv1.ContainerTemplate{ ImagePullPolicy: corev1.PullPolicy("Always"), }, }, diff --git a/tests/shared/common.go b/tests/shared/common.go index 2855cd45f..48594f607 100644 --- a/tests/shared/common.go +++ b/tests/shared/common.go @@ -116,7 +116,7 @@ func MakeModuleCSM(name, ns, configVersion string) csmv1.ContainerStorageModule func MakeDriver(configVersion, skipCertValid string) csmv1.Driver { driverObj := csmv1.Driver{ ConfigVersion: configVersion, - Common: csmv1.ContainerTemplate{ + Common: &csmv1.ContainerTemplate{ Envs: []corev1.EnvVar{ { Name: "X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION", From f0294468b913547a28f32f69d5d5f837fa28d608 Mon Sep 17 00:00:00 2001 From: Aly Nathoo Date: Mon, 25 Nov 2024 19:19:46 -0500 Subject: [PATCH 07/46] Remove mdm from CR. We still need to add the MDM var to the daemonset. --- pkg/drivers/powerflex.go | 25 +------------------------ 1 file changed, 1 insertion(+), 24 deletions(-) diff --git a/pkg/drivers/powerflex.go b/pkg/drivers/powerflex.go index 51f53c114..023e53231 100644 --- a/pkg/drivers/powerflex.go +++ b/pkg/drivers/powerflex.go @@ -74,7 +74,7 @@ func PrecheckPowerFlex(ctx context.Context, cr *csmv1.ContainerStorageModule, op if err != nil { return err } - var newmdm corev1.EnvVar + sdcEnabled := true if cr.Spec.Driver.Node != nil { for _, env := range cr.Spec.Driver.Node.Envs { @@ -89,17 +89,6 @@ func PrecheckPowerFlex(ctx context.Context, cr *csmv1.ContainerStorageModule, op if initcontainer.Name != "sdc" { newInitContainers = append(newInitContainers, initcontainer) } else if initcontainer.Name == "sdc" && sdcEnabled { - k := 0 - initenv := initcontainer.Envs - for c, env := range initenv { - if env.Name == "MDM" { - env.Value = mdmVar - newmdm = env - k = c - break - } - } - initenv[k] = newmdm newInitContainers = append(newInitContainers, initcontainer) } } @@ -108,12 +97,6 @@ func PrecheckPowerFlex(ctx context.Context, cr *csmv1.ContainerStorageModule, op cr.Spec.Driver.InitContainers = []csmv1.ContainerTemplate{ { Name: "sdc", - Envs: []corev1.EnvVar{ - { - Name: "MDM", - Value: mdmVar, - }, - }, }, } } @@ -138,12 +121,6 @@ func PrecheckPowerFlex(ctx context.Context, cr *csmv1.ContainerStorageModule, op cr.Spec.Driver.SideCars = []csmv1.ContainerTemplate{ { Name: "sdc-monitor", - Envs: []corev1.EnvVar{ - { - Name: "MDM", - Value: mdmVar, - }, - }, }, } } From b49985b51542067b7b28d596fa7591da59255a6d Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Tue, 26 Nov 2024 06:10:53 -0500 Subject: [PATCH 08/46] fixed operator crashing --- pkg/drivers/powerflex.go | 39 +++++++++++++-------------------------- 1 file changed, 13 insertions(+), 26 deletions(-) diff --git a/pkg/drivers/powerflex.go b/pkg/drivers/powerflex.go index 023e53231..6441086a1 100644 --- a/pkg/drivers/powerflex.go +++ b/pkg/drivers/powerflex.go @@ -22,7 +22,6 @@ import ( csmv1 "github.com/dell/csm-operator/api/v1" "github.com/dell/csm-operator/pkg/logger" "github.com/dell/csm-operator/pkg/utils" - corev1 "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/yaml" ) @@ -83,45 +82,33 @@ func PrecheckPowerFlex(ctx context.Context, cr *csmv1.ContainerStorageModule, op } } } - newInitContainers := make([]csmv1.ContainerTemplate, 0) for _, initcontainer := range cr.Spec.Driver.InitContainers { if initcontainer.Name != "sdc" { newInitContainers = append(newInitContainers, initcontainer) - } else if initcontainer.Name == "sdc" && sdcEnabled { + continue + } + + if sdcEnabled { + for i := range initcontainer.Envs { + if initcontainer.Envs[i].Name == "MDM" { + initcontainer.Envs[i].Value = mdmVar + break + } + } newInitContainers = append(newInitContainers, initcontainer) } } cr.Spec.Driver.InitContainers = newInitContainers - if len(cr.Spec.Driver.InitContainers) == 0 && sdcEnabled { - cr.Spec.Driver.InitContainers = []csmv1.ContainerTemplate{ - { - Name: "sdc", - }, - } - } for _, sidecar := range cr.Spec.Driver.SideCars { if sidecar.Name == "sdc-monitor" { - sidenv := sidecar.Envs - var updatenv corev1.EnvVar - j := 0 - for c, env := range sidenv { - if env.Name == "MDM" { - env.Value = mdmVar - updatenv = env - j = c + for i := range sidecar.Envs { + if sidecar.Envs[i].Name == "MDM" { + sidecar.Envs[i].Value = mdmVar break } } - sidenv[j] = updatenv - } - } - if cr.Spec.Driver.SideCars == nil { - cr.Spec.Driver.SideCars = []csmv1.ContainerTemplate{ - { - Name: "sdc-monitor", - }, } } From 2773cfc6a15920a524e007207716a831125c5807 Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Wed, 27 Nov 2024 15:49:14 +0530 Subject: [PATCH 09/46] [WIP] Increase coverage for driver package (#801) * Update common_test.go to increase powerscale.go coverage * Update powerscale_test.go --- pkg/drivers/common_test.go | 5 +++++ pkg/drivers/powerscale_test.go | 15 +++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index e17b195c7..70385a610 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -326,6 +326,8 @@ func getPmaxCommonEnvs() []corev1.EnvVar { func csmWithPowerScale(driver csmv1.DriverType, version string) csmv1.ContainerStorageModule { res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) + res.Spec.Driver.CSIDriverSpec=&csmv1.CSIDriverSpec{ + } // Add FSGroupPolicy if res.Spec.Driver.CSIDriverSpec != nil { @@ -361,6 +363,7 @@ func csmWithPowerScale(driver csmv1.DriverType, version string) csmv1.ContainerS healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} // Add node fields specific + res.Spec.Driver.Node = &csmv1.ContainerTemplate{} if res.Spec.Driver.Node != nil { res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} res.Spec.Driver.Node.Envs = []corev1.EnvVar{csiLogLevel} @@ -368,9 +371,11 @@ func csmWithPowerScale(driver csmv1.DriverType, version string) csmv1.ContainerS } // Add controller fields specific + res.Spec.Driver.Controller = &csmv1.ContainerTemplate{} if res.Spec.Driver.Controller != nil { res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} res.Spec.Driver.Controller.Envs = []corev1.EnvVar{csiLogLevel} + res.Spec.Driver.Controller.Envs = []corev1.EnvVar{healthMonitor} } if res.Spec.Driver.CSIDriverSpec != nil { diff --git a/pkg/drivers/powerscale_test.go b/pkg/drivers/powerscale_test.go index 6c2ed9b37..2a67f5cc8 100644 --- a/pkg/drivers/powerscale_test.go +++ b/pkg/drivers/powerscale_test.go @@ -28,6 +28,7 @@ import ( var ( powerScaleCSM = csmForPowerScale() + powerScaleCSMEmptyEnv = csmForPowerScaleWithEmptyEnv() powerScaleCSMBadSkipCert = csmForPowerScaleBadSkipCert() powerScaleCSMBadCertCnt = csmForPowerScaleBadCertCnt() powerScaleCSMBadVersion = csmForPowerScaleBadVersion() @@ -65,6 +66,7 @@ var ( }{ {"missing secret", powerScaleCSM, powerScaleClient, powerScaleSecret, "failed to find secret"}, {"bad version", powerScaleCSMBadVersion, powerScaleClient, powerScaleSecret, "not supported"}, + {"missing envs", powerScaleCSMEmptyEnv, powerScaleClient, powerScaleSecret, "failed to find secret"}, } ) @@ -138,6 +140,19 @@ func csmForPowerScale() csmv1.ContainerStorageModule { return res } +func csmForPowerScaleWithEmptyEnv() csmv1.ContainerStorageModule { + res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) + + res.Spec.Driver.Common.Envs = []corev1.EnvVar{} + res.Spec.Driver.AuthSecret = "csm-creds" + + // Add pscale driver version + res.Spec.Driver.ConfigVersion = shared.ConfigVersion + res.Spec.Driver.CSIDriverType = csmv1.PowerScale + + return res +} + // makes a csm object with tolerations func csmForPowerScaleBadSkipCert() csmv1.ContainerStorageModule { res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) From 1618b773737d1f07414461bae58ad5ab452c3f6b Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Wed, 27 Nov 2024 05:24:40 -0500 Subject: [PATCH 10/46] Fixed initContainers in CR --- controllers/csm_controller.go | 7 ++-- controllers/csm_controller_test.go | 2 +- pkg/drivers/commonconfig.go | 15 ++++++-- pkg/drivers/commonconfig_test.go | 3 +- pkg/drivers/powerflex.go | 62 ++++++++++++++++++++++-------- pkg/modules/authorization_test.go | 8 ++-- pkg/modules/resiliency_test.go | 6 +-- 7 files changed, 71 insertions(+), 32 deletions(-) diff --git a/controllers/csm_controller.go b/controllers/csm_controller.go index bb9f2f9e8..8f8217d6c 100644 --- a/controllers/csm_controller.go +++ b/controllers/csm_controller.go @@ -745,7 +745,7 @@ func (r *ContainerStorageModuleReconciler) SyncCSM(ctx context.Context, cr csmv1 } // Get Driver resources - driverConfig, err := getDriverConfig(ctx, cr, operatorConfig) + driverConfig, err := getDriverConfig(ctx, cr, operatorConfig, ctrlClient) if err != nil { return err } @@ -1101,6 +1101,7 @@ func (r *ContainerStorageModuleReconciler) reconcileAppMobility(ctx context.Cont func getDriverConfig(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfig utils.OperatorConfig, + ctrlClient client.Client, ) (*DriverConfig, error) { var ( err error @@ -1135,7 +1136,7 @@ func getDriverConfig(ctx context.Context, return nil, fmt.Errorf("getting %s CSIDriver: %v", driverType, err) } - node, err = drivers.GetNode(ctx, cr, operatorConfig, driverType, NodeYaml) + node, err = drivers.GetNode(ctx, cr, operatorConfig, driverType, NodeYaml, ctrlClient) if err != nil { return nil, fmt.Errorf("getting %s node: %v", driverType, err) } @@ -1250,7 +1251,7 @@ func (r *ContainerStorageModuleReconciler) removeDriver(ctx context.Context, ins log := logger.GetLogger(ctx) // Get Driver resources - driverConfig, err := getDriverConfig(ctx, instance, operatorConfig) + driverConfig, err := getDriverConfig(ctx, instance, operatorConfig, r.Client) if err != nil { log.Error("error in getDriverConfig") return err diff --git a/controllers/csm_controller_test.go b/controllers/csm_controller_test.go index 1bb3dd351..61e7008f1 100644 --- a/controllers/csm_controller_test.go +++ b/controllers/csm_controller_test.go @@ -926,7 +926,7 @@ func (suite *CSMControllerTestSuite) TestOldStandAloneModuleCleanup() { if errorInjector != nil { *errorInjector = true } - driverConfig, _ := getDriverConfig(ctx, *csm, operatorConfig) + driverConfig, _ := getDriverConfig(ctx, *csm, operatorConfig, r.Client) err := r.oldStandAloneModuleCleanup(ctx, csm, operatorConfig, driverConfig) if expectedErr == "" { diff --git a/pkg/drivers/commonconfig.go b/pkg/drivers/commonconfig.go index 8c949a7e6..5320611c9 100644 --- a/pkg/drivers/commonconfig.go +++ b/pkg/drivers/commonconfig.go @@ -27,6 +27,7 @@ import ( storagev1 "k8s.io/api/storage/v1" acorev1 "k8s.io/client-go/applyconfigurations/core/v1" metacv1 "k8s.io/client-go/applyconfigurations/meta/v1" + "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/yaml" ) @@ -192,7 +193,7 @@ func GetController(ctx context.Context, cr csmv1.ContainerStorageModule, operato } // GetNode get node yaml -func GetNode(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfig utils.OperatorConfig, driverType csmv1.DriverType, filename string) (*utils.NodeYAML, error) { +func GetNode(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfig utils.OperatorConfig, driverType csmv1.DriverType, filename string, ct client.Client) (*utils.NodeYAML, error) { log := logger.GetLogger(ctx) configMapPath := fmt.Sprintf("%s/driverconfig/%s/%s/%s", operatorConfig.ConfigDirectory, driverType, cr.Spec.Driver.ConfigVersion, filename) log.Debugw("GetNode", "configMapPath", configMapPath) @@ -305,10 +306,16 @@ func GetNode(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfi nodeYaml.DaemonSetApplyConfig.Spec.Template.Spec.Containers = newcontainers + updatedCr, err := SetSDCinitContainers(ctx, cr, operatorConfig, ct) + if err != nil { + log.Errorw("Failed to set SDC init container", "Error", err.Error()) + return nil, err + } + initcontainers := make([]acorev1.ContainerApplyConfiguration, 0) sdcEnabled := true - if cr.Spec.Driver.Node != nil { - for _, env := range cr.Spec.Driver.Node.Envs { + if updatedCr.Spec.Driver.Node != nil { + for _, env := range updatedCr.Spec.Driver.Node.Envs { if env.Name == "X_CSI_SDC_ENABLED" && env.Value == "false" { sdcEnabled = false } @@ -322,7 +329,7 @@ func GetNode(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfi for i := range initcontainers { utils.ReplaceAllContainerImageApply(operatorConfig.K8sVersion, &initcontainers[i]) - utils.UpdateInitContainerApply(cr.Spec.Driver.InitContainers, &initcontainers[i]) + utils.UpdateInitContainerApply(updatedCr.Spec.Driver.InitContainers, &initcontainers[i]) } nodeYaml.DaemonSetApplyConfig.Spec.Template.Spec.InitContainers = initcontainers diff --git a/pkg/drivers/commonconfig_test.go b/pkg/drivers/commonconfig_test.go index 8299f0415..036d4e31a 100644 --- a/pkg/drivers/commonconfig_test.go +++ b/pkg/drivers/commonconfig_test.go @@ -20,6 +20,7 @@ import ( "github.com/dell/csm-operator/tests/shared" "github.com/stretchr/testify/assert" storagev1 "k8s.io/api/storage/v1" + ctrlClientFake "sigs.k8s.io/controller-runtime/pkg/client/fake" ) var ( @@ -131,7 +132,7 @@ func TestGetNode(t *testing.T) { ctx := context.Background() for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - _, err := GetNode(ctx, tt.csm, config, tt.driverName, tt.filename) + _, err := GetNode(ctx, tt.csm, config, tt.driverName, tt.filename, ctrlClientFake.NewClientBuilder().Build()) if tt.expectedErr == "" { assert.Nil(t, err) } else { diff --git a/pkg/drivers/powerflex.go b/pkg/drivers/powerflex.go index 6441086a1..1aa0fc269 100644 --- a/pkg/drivers/powerflex.go +++ b/pkg/drivers/powerflex.go @@ -22,6 +22,7 @@ import ( csmv1 "github.com/dell/csm-operator/api/v1" "github.com/dell/csm-operator/pkg/logger" "github.com/dell/csm-operator/pkg/utils" + corev1 "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/yaml" ) @@ -69,50 +70,79 @@ func PrecheckPowerFlex(ctx context.Context, cr *csmv1.ContainerStorageModule, op return fmt.Errorf("%s %s not supported", csmv1.PowerFlexName, cr.Spec.Driver.ConfigVersion) } - mdmVar, err := GetMDMFromSecret(ctx, cr, ct) + // Check if MDM is set in the secret + _, err := GetMDMFromSecret(ctx, cr, ct) if err != nil { return err } + return nil +} + +func SetSDCinitContainers(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfig utils.OperatorConfig, ct client.Client) (csmv1.ContainerStorageModule, error) { + mdmVar, _ := GetMDMFromSecret(ctx, &cr, ct) + + // Check if SDC is enabled sdcEnabled := true if cr.Spec.Driver.Node != nil { for _, env := range cr.Spec.Driver.Node.Envs { if env.Name == "X_CSI_SDC_ENABLED" && env.Value == "false" { sdcEnabled = false + break } } } - newInitContainers := make([]csmv1.ContainerTemplate, 0) - for _, initcontainer := range cr.Spec.Driver.InitContainers { - if initcontainer.Name != "sdc" { - newInitContainers = append(newInitContainers, initcontainer) - continue - } - if sdcEnabled { - for i := range initcontainer.Envs { - if initcontainer.Envs[i].Name == "MDM" { + // Update init containers + var newInitContainers []csmv1.ContainerTemplate + for _, initcontainer := range cr.Spec.Driver.InitContainers { + if initcontainer.Name == "sdc" && sdcEnabled { + // Update MDM env variable for "sdc" container + for i, env := range initcontainer.Envs { + if env.Name == "MDM" { initcontainer.Envs[i].Value = mdmVar break } } + } + if initcontainer.Name != "sdc" || sdcEnabled { newInitContainers = append(newInitContainers, initcontainer) } } + + // If no init containers left and SDC is enabled, add a new one + if len(newInitContainers) == 0 && sdcEnabled { + newInitContainers = append(newInitContainers, csmv1.ContainerTemplate{ + Name: "sdc", + Envs: []corev1.EnvVar{{Name: "MDM", Value: mdmVar}}, + }) + } cr.Spec.Driver.InitContainers = newInitContainers - for _, sidecar := range cr.Spec.Driver.SideCars { - if sidecar.Name == "sdc-monitor" { - for i := range sidecar.Envs { - if sidecar.Envs[i].Name == "MDM" { - sidecar.Envs[i].Value = mdmVar + // Update sidecar containers + for i := range cr.Spec.Driver.SideCars { + if cr.Spec.Driver.SideCars[i].Name == "sdc-monitor" { + // Update MDM env variable for "sdc-monitor" sidecar container + for j, env := range cr.Spec.Driver.SideCars[i].Envs { + if env.Name == "MDM" { + cr.Spec.Driver.SideCars[i].Envs[j].Value = mdmVar break } } } } - return nil + // If no sidecars, add a new "sdc-monitor" sidecar with MDM + if len(cr.Spec.Driver.SideCars) == 0 { + cr.Spec.Driver.SideCars = []csmv1.ContainerTemplate{ + { + Name: "sdc-monitor", + Envs: []corev1.EnvVar{{Name: "MDM", Value: mdmVar}}, + }, + } + } + + return cr, nil } // GetMDMFromSecret - Get MDM value from secret diff --git a/pkg/modules/authorization_test.go b/pkg/modules/authorization_test.go index 0f4dcfb7e..5b28734bd 100644 --- a/pkg/modules/authorization_test.go +++ b/pkg/modules/authorization_test.go @@ -121,7 +121,7 @@ func TestAuthInjectDaemonset(t *testing.T) { if err != nil { panic(err) } - nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerScaleName, "node.yaml") + nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerScaleName, "node.yaml", ctrlClientFake.NewClientBuilder().Build()) if err != nil { panic(err) } @@ -133,7 +133,7 @@ func TestAuthInjectDaemonset(t *testing.T) { if err != nil { panic(err) } - nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerScaleName, "node.yaml") + nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerScaleName, "node.yaml", ctrlClientFake.NewClientBuilder().Build()) if err != nil { panic(err) } @@ -149,7 +149,7 @@ func TestAuthInjectDaemonset(t *testing.T) { if err != nil { panic(err) } - nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerScaleName, "node.yaml") + nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerScaleName, "node.yaml", ctrlClientFake.NewClientBuilder().Build()) if err != nil { panic(err) } @@ -165,7 +165,7 @@ func TestAuthInjectDaemonset(t *testing.T) { if err != nil { panic(err) } - nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerScaleName, "node.yaml") + nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerScaleName, "node.yaml", ctrlClientFake.NewClientBuilder().Build()) if err != nil { panic(err) } diff --git a/pkg/modules/resiliency_test.go b/pkg/modules/resiliency_test.go index 6324e6f4f..31d9ee673 100644 --- a/pkg/modules/resiliency_test.go +++ b/pkg/modules/resiliency_test.go @@ -313,7 +313,7 @@ func TestResiliencyInjectDaemonset(t *testing.T) { if err != nil { panic(err) } - nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerStore, "node.yaml") + nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerStore, "node.yaml", ctrlClientFake.NewClientBuilder().Build()) if err != nil { panic(err) } @@ -325,7 +325,7 @@ func TestResiliencyInjectDaemonset(t *testing.T) { if err != nil { panic(err) } - nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerStore, "node.yaml") + nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerStore, "node.yaml", ctrlClientFake.NewClientBuilder().Build()) if err != nil { panic(err) } @@ -341,7 +341,7 @@ func TestResiliencyInjectDaemonset(t *testing.T) { if err != nil { panic(err) } - nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerStore, "node.yaml") + nodeYAML, err := drivers.GetNode(ctx, customResource, operatorConfig, csmv1.PowerStore, "node.yaml", ctrlClientFake.NewClientBuilder().Build()) if err != nil { panic(err) } From 36ab65adfbf8e4cfe70f3f6cdcb30c0565e30462 Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Wed, 27 Nov 2024 16:09:27 +0530 Subject: [PATCH 11/46] Update common_test.go for increaing powermax.go coverage --- pkg/drivers/common_test.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index 70385a610..93d1c3927 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -240,14 +240,18 @@ func csmWithPowermax(driver csmv1.DriverType, version string) csmv1.ContainerSto } // Add node fields specific to powermax + res.Spec.Driver.Node = &csmv1.ContainerTemplate{} enableChap := corev1.EnvVar{Name: "X_CSI_POWERMAX_ISCSI_ENABLE_CHAP", Value: "true"} healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} nodeTopology := corev1.EnvVar{Name: "X_CSI_TOPOLOGY_CONTROL_ENABLED", Value: "true"} + maxVolumes := corev1.EnvVar{Name: "X_CSI_MAX_VOLUMES_PER_NODE", Value: "true"} + if res.Spec.Driver.Node != nil { res.Spec.Driver.Node.Envs = []corev1.EnvVar{enableChap, healthMonitor, nodeTopology} } // Add controller fields specific to powermax + res.Spec.Driver.Controller = &csmv1.ContainerTemplate{} if res.Spec.Driver.Controller != nil { res.Spec.Driver.Controller.Envs = []corev1.EnvVar{healthMonitor} } From acc95c539c3105a44527af31a3af4512a86e40b0 Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Wed, 27 Nov 2024 16:15:55 +0530 Subject: [PATCH 12/46] Update common_test.go --- pkg/drivers/common_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index 93d1c3927..ff164325f 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -247,7 +247,7 @@ func csmWithPowermax(driver csmv1.DriverType, version string) csmv1.ContainerSto maxVolumes := corev1.EnvVar{Name: "X_CSI_MAX_VOLUMES_PER_NODE", Value: "true"} if res.Spec.Driver.Node != nil { - res.Spec.Driver.Node.Envs = []corev1.EnvVar{enableChap, healthMonitor, nodeTopology} + res.Spec.Driver.Node.Envs = []corev1.EnvVar{enableChap, healthMonitor, nodeTopology, maxVolumes} } // Add controller fields specific to powermax From c5fd8d20adf75efa957f68331229da88e0a18e8d Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Wed, 27 Nov 2024 16:35:06 +0530 Subject: [PATCH 13/46] Update common_test.go to increase powerflex.go coverage --- pkg/drivers/common_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index ff164325f..f49994165 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -146,6 +146,8 @@ func csmForPowerFlex(customCSMName string) csmv1.ContainerStorageModule { // Add pflex driver version res.Spec.Driver.ConfigVersion = shared.PFlexConfigVersion res.Spec.Driver.CSIDriverType = csmv1.PowerFlex + res.Spec.Driver.Node = &csmv1.ContainerTemplate{} + res.Spec.Driver.Common = &csmv1.ContainerTemplate{} if customCSMName == "no-sdc" && res.Spec.Driver.Node != nil && res.Spec.Driver.Common != nil { res.Spec.Driver.Node.Envs = append(res.Spec.Driver.Node.Envs, corev1.EnvVar{Name: "X_CSI_SDC_ENABLED", Value: "false"}) res.Spec.Driver.Common.Envs = append(res.Spec.Driver.Common.Envs, corev1.EnvVar{Name: "INTERFACE_NAMES", Value: "worker1: \"interface1\",worker2: \"interface2\""}) From e5c238b4741c9f0749db778a6042f32b4ac43ca8 Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Wed, 27 Nov 2024 06:18:27 -0500 Subject: [PATCH 14/46] fixed linting errors --- pkg/drivers/common_test.go | 3 +-- pkg/drivers/commonconfig.go | 2 +- pkg/drivers/powerflex.go | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index f49994165..e4362ef2c 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -332,8 +332,7 @@ func getPmaxCommonEnvs() []corev1.EnvVar { func csmWithPowerScale(driver csmv1.DriverType, version string) csmv1.ContainerStorageModule { res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) - res.Spec.Driver.CSIDriverSpec=&csmv1.CSIDriverSpec{ - } + res.Spec.Driver.CSIDriverSpec = &csmv1.CSIDriverSpec{} // Add FSGroupPolicy if res.Spec.Driver.CSIDriverSpec != nil { diff --git a/pkg/drivers/commonconfig.go b/pkg/drivers/commonconfig.go index 5320611c9..9f8b6d854 100644 --- a/pkg/drivers/commonconfig.go +++ b/pkg/drivers/commonconfig.go @@ -306,7 +306,7 @@ func GetNode(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfi nodeYaml.DaemonSetApplyConfig.Spec.Template.Spec.Containers = newcontainers - updatedCr, err := SetSDCinitContainers(ctx, cr, operatorConfig, ct) + updatedCr, err := SetSDCinitContainers(ctx, cr, ct) if err != nil { log.Errorw("Failed to set SDC init container", "Error", err.Error()) return nil, err diff --git a/pkg/drivers/powerflex.go b/pkg/drivers/powerflex.go index 1aa0fc269..d5b464e14 100644 --- a/pkg/drivers/powerflex.go +++ b/pkg/drivers/powerflex.go @@ -79,7 +79,7 @@ func PrecheckPowerFlex(ctx context.Context, cr *csmv1.ContainerStorageModule, op return nil } -func SetSDCinitContainers(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfig utils.OperatorConfig, ct client.Client) (csmv1.ContainerStorageModule, error) { +func SetSDCinitContainers(ctx context.Context, cr csmv1.ContainerStorageModule, ct client.Client) (csmv1.ContainerStorageModule, error) { mdmVar, _ := GetMDMFromSecret(ctx, &cr, ct) // Check if SDC is enabled From b6b934a4060368f4ab24a24458873866efd4ee41 Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Wed, 27 Nov 2024 06:30:32 -0500 Subject: [PATCH 15/46] fixed linting errors --- pkg/drivers/common_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index e4362ef2c..e3d2621c0 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -247,7 +247,7 @@ func csmWithPowermax(driver csmv1.DriverType, version string) csmv1.ContainerSto healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} nodeTopology := corev1.EnvVar{Name: "X_CSI_TOPOLOGY_CONTROL_ENABLED", Value: "true"} maxVolumes := corev1.EnvVar{Name: "X_CSI_MAX_VOLUMES_PER_NODE", Value: "true"} - + if res.Spec.Driver.Node != nil { res.Spec.Driver.Node.Envs = []corev1.EnvVar{enableChap, healthMonitor, nodeTopology, maxVolumes} } From 4af66a1a060961146f6175eeb1bd8e3e5df0f24d Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Wed, 27 Nov 2024 06:37:07 -0500 Subject: [PATCH 16/46] fixed yaml linting errors --- tests/e2e/testfiles/storage_csm_powerscale_alt_vals_2.yaml | 4 ++-- tests/e2e/testfiles/storage_csm_powerscale_alt_vals_3.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/e2e/testfiles/storage_csm_powerscale_alt_vals_2.yaml b/tests/e2e/testfiles/storage_csm_powerscale_alt_vals_2.yaml index 63864c62d..268566911 100644 --- a/tests/e2e/testfiles/storage_csm_powerscale_alt_vals_2.yaml +++ b/tests/e2e/testfiles/storage_csm_powerscale_alt_vals_2.yaml @@ -209,11 +209,11 @@ spec: - key: "node.kubernetes.io/network-unavailable" operator: "Exists" effect: "NoExecute" - # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint - key: "node-role.kubernetes.io/control-plane" operator: "Exists" effect: "NoSchedule" - # Uncomment if nodes you wish to use have the node-role.kubernetes.io/master taint + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/master taint - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule" diff --git a/tests/e2e/testfiles/storage_csm_powerscale_alt_vals_3.yaml b/tests/e2e/testfiles/storage_csm_powerscale_alt_vals_3.yaml index 0fe5040c2..3af4983ea 100644 --- a/tests/e2e/testfiles/storage_csm_powerscale_alt_vals_3.yaml +++ b/tests/e2e/testfiles/storage_csm_powerscale_alt_vals_3.yaml @@ -149,11 +149,11 @@ spec: # tolerations: Define tolerations for the controller deployment, if required. # Default value: None tolerations: - # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint - key: "node-role.kubernetes.io/control-plane" operator: "Exists" effect: "NoSchedule" - # Uncomment if nodes you wish to use have the node-role.kubernetes.io/master taint + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/master taint - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule" From 466029e49cb80a36cfa1d06620c13df22276bdbc Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Thu, 28 Nov 2024 11:00:48 +0530 Subject: [PATCH 17/46] To increase coverage for powerstore.go --- pkg/drivers/common_test.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index e3d2621c0..957f7ae1f 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -160,6 +160,7 @@ func csmWithPowerstore(driver csmv1.DriverType, version string) csmv1.ContainerS res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) // Add FSGroupPolicy + res.Spec.Driver.CSIDriverSpec = &csmv1.CSIDriverSpec{} if res.Spec.Driver.CSIDriverSpec != nil { res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" } @@ -187,6 +188,7 @@ func csmWithPowerstore(driver csmv1.DriverType, version string) csmv1.ContainerS healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} maxVolumesPerNode := corev1.EnvVar{Name: "X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE", Value: "0"} // Add NodeSelector to node and controller + res.Spec.Driver.Node = &csmv1.ContainerTemplate{} if res.Spec.Driver.Node != nil { res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} res.Spec.Driver.Node.Envs = []corev1.EnvVar{enableChap, healthMonitor, maxVolumesPerNode} @@ -195,6 +197,7 @@ func csmWithPowerstore(driver csmv1.DriverType, version string) csmv1.ContainerS // Add controller fields specific nfsAclsParam := corev1.EnvVar{Name: "X_CSI_NFS_ACLS"} externalAccess := corev1.EnvVar{Name: "X_CSI_POWERSTORE_EXTERNAL_ACCESS"} + res.Spec.Driver.Controller = &csmv1.ContainerTemplate{} if res.Spec.Driver.Controller != nil { res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} res.Spec.Driver.Controller.Envs = []corev1.EnvVar{nfsAclsParam, healthMonitor, externalAccess} From 4911e77b11f83a931b51dc08695c6e41250cc57b Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Thu, 28 Nov 2024 12:15:43 +0530 Subject: [PATCH 18/46] Increase coverage for unity.go file --- pkg/drivers/common_test.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index 957f7ae1f..1dfb903af 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -415,6 +415,7 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) // Add FSGroupPolicy + res.Spec.Driver.CSIDriverSpec = &csmv1.CSIDriverSpec{} if res.Spec.Driver.CSIDriverSpec != nil { res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" } @@ -432,9 +433,11 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs res.Spec.Driver.CSIDriverType = driver // Add NodeSelector to node and controller + res.Spec.Driver.Node = &csmv1.ContainerTemplate{} if res.Spec.Driver.Node != nil { res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} } + res.Spec.Driver.Controller = &csmv1.ContainerTemplate{} if res.Spec.Driver.Controller != nil { res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} } @@ -454,8 +457,9 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs // Add node fields specific to unity healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} + allowedNetworks:= corev1.EnvVar{Name: "X_CSI_ALLOWED_NETWORKS", Value: "true"} if res.Spec.Driver.Node != nil { - res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor} + res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor,allowedNetworks} } // Add controller fields specific From 0c01ab8851d4d3a673f2186461e177e210177139 Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Thu, 28 Nov 2024 13:08:45 +0530 Subject: [PATCH 19/46] Increase coverage for unity.go file --- pkg/drivers/common_test.go | 47 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index 1dfb903af..e671120f2 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -472,3 +472,50 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs return res } + +func csmWithUnityInvalidValue(driver csmv1.DriverType, version string, certProvided bool) csmv1.ContainerStorageModule { + res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) + res.Spec.Driver.Common=nil + // Add FSGroupPolicy + res.Spec.Driver.CSIDriverSpec = &csmv1.CSIDriverSpec{} + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" + } + + // Add DNS Policy for GetNode test + res.Spec.Driver.DNSPolicy = "ThisIsADNSPolicy" + + // Add unity driver version + res.Spec.Driver.ConfigVersion = version + + // Add unity driver type + res.Spec.Driver.CSIDriverType = driver + + // Add NodeSelector to node and controller + res.Spec.Driver.Node = &csmv1.ContainerTemplate{} + if res.Spec.Driver.Node != nil { + res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + } + res.Spec.Driver.Controller = &csmv1.ContainerTemplate{} + if res.Spec.Driver.Controller != nil { + res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} + } + + // Add node fields specific to unity + healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} + allowedNetworks:= corev1.EnvVar{Name: "X_CSI_ALLOWED_NETWORKS", Value: "true"} + + if res.Spec.Driver.Node != nil { + res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor,allowedNetworks} + } + + // Add controller fields specific + if res.Spec.Driver.Controller != nil { + res.Spec.Driver.Controller.Envs = []corev1.EnvVar{healthMonitor} + } + if res.Spec.Driver.CSIDriverSpec != nil { + res.Spec.Driver.CSIDriverSpec.StorageCapacity = true + } + + return res +} From ada2143a28bdd0ecade34e5b791b5c2576bd0dbb Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Thu, 28 Nov 2024 13:10:34 +0530 Subject: [PATCH 20/46] To increase coverage for unity.go --- pkg/drivers/commonconfig_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkg/drivers/commonconfig_test.go b/pkg/drivers/commonconfig_test.go index 036d4e31a..d7beafc7b 100644 --- a/pkg/drivers/commonconfig_test.go +++ b/pkg/drivers/commonconfig_test.go @@ -30,6 +30,7 @@ var ( pScaleCSM = csmWithPowerScale(csmv1.PowerScale, shared.PScaleConfigVersion) unityCSM = csmWithUnity(csmv1.Unity, shared.UnityConfigVersion, false) unityCSMCertProvided = csmWithUnity(csmv1.Unity, shared.UnityConfigVersion, true) + unityCSMInvalidValue = csmWithUnityInvalidValue(csmv1.Unity, shared.UnityConfigVersion, true) pmaxCSM = csmWithPowermax(csmv1.PowerMax, shared.PmaxConfigVersion) fakeDriver csmv1.DriverType = "fakeDriver" @@ -54,6 +55,7 @@ var ( {"pstore happy path", pStoreCSM, csmv1.PowerStore, "node.yaml", ""}, {"unity happy path", unityCSM, csmv1.Unity, "node.yaml", ""}, {"unity happy path when secrets with certificates provided", unityCSMCertProvided, csmv1.Unity, "node.yaml", ""}, + {"unity common is nil", unityCSMInvalidValue, csmv1.Unity, "node.yaml", ""}, {"file does not exist", csm, fakeDriver, "NonExist.yaml", "no such file or directory"}, {"pmax happy path", pmaxCSM, csmv1.PowerMax, "node.yaml", ""}, {"config file is invalid", csm, badDriver, "bad.yaml", "unmarshal"}, From a9047a452840668663fb104bdb8352c3be4d61d5 Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Thu, 28 Nov 2024 13:54:16 +0530 Subject: [PATCH 21/46] To increase coverage for commonconfig.go --- pkg/drivers/common_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index e671120f2..ba894faff 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -38,6 +38,7 @@ func csmWithTolerations(driver csmv1.DriverType, version string) csmv1.Container res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) // Add tolerations, node selector to controller and node + res.Spec.Driver.Node = &csmv1.ContainerTemplate{} if res.Spec.Driver.Node != nil { res.Spec.Driver.Node.NodeSelector = map[string]string{"thisIs": "NodeSelector"} res.Spec.Driver.Node.Tolerations = []corev1.Toleration{ @@ -53,6 +54,7 @@ func csmWithTolerations(driver csmv1.DriverType, version string) csmv1.Container }, } } + res.Spec.Driver.Controller = &csmv1.ContainerTemplate{} if res.Spec.Driver.Controller != nil { res.Spec.Driver.Controller.NodeSelector = map[string]string{"thisIs": "NodeSelector"} res.Spec.Driver.Controller.Tolerations = []corev1.Toleration{ From 2f426c883ef8c8696485d854f228fa76f2097b08 Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Thu, 28 Nov 2024 17:08:18 +0530 Subject: [PATCH 22/46] To increase coverage for commonconfig.go --- pkg/drivers/common_test.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index ba894faff..425a62f17 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -410,6 +410,10 @@ func csmWithPowerScale(driver csmv1.DriverType, version string) csmv1.ContainerS } sideCarList := []csmv1.ContainerTemplate{sideCarObjEnabledNil, sideCarObjEnabledFalse, sideCarObjEnabledTrue} res.Spec.Driver.SideCars = sideCarList + res.Spec.Modules = []csmv1.Module{csmv1.Module{ + Name: csmv1.Resiliency, + Enabled: true, + }} return res } @@ -420,6 +424,7 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs res.Spec.Driver.CSIDriverSpec = &csmv1.CSIDriverSpec{} if res.Spec.Driver.CSIDriverSpec != nil { res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "File" + res.Spec.Driver.CSIDriverSpec.FSGroupPolicy = "ReadWriteOnceWithFSType" } // Add DNS Policy for GetNode test From 2894e0f13e1d318a2a9b9c57ae616e8aefd923bd Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Thu, 28 Nov 2024 17:23:43 +0530 Subject: [PATCH 23/46] Fixed Linting issues --- pkg/drivers/common_test.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index 425a62f17..08b372588 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -464,9 +464,9 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs // Add node fields specific to unity healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} - allowedNetworks:= corev1.EnvVar{Name: "X_CSI_ALLOWED_NETWORKS", Value: "true"} + allowedNetworks := corev1.EnvVar{Name: "X_CSI_ALLOWED_NETWORKS", Value: "true"} if res.Spec.Driver.Node != nil { - res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor,allowedNetworks} + res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor, allowedNetworks} } // Add controller fields specific @@ -482,7 +482,7 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs func csmWithUnityInvalidValue(driver csmv1.DriverType, version string, certProvided bool) csmv1.ContainerStorageModule { res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) - res.Spec.Driver.Common=nil + res.Spec.Driver.Common = nil // Add FSGroupPolicy res.Spec.Driver.CSIDriverSpec = &csmv1.CSIDriverSpec{} if res.Spec.Driver.CSIDriverSpec != nil { @@ -510,10 +510,10 @@ func csmWithUnityInvalidValue(driver csmv1.DriverType, version string, certProvi // Add node fields specific to unity healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} - allowedNetworks:= corev1.EnvVar{Name: "X_CSI_ALLOWED_NETWORKS", Value: "true"} + allowedNetworks := corev1.EnvVar{Name: "X_CSI_ALLOWED_NETWORKS", Value: "true"} if res.Spec.Driver.Node != nil { - res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor,allowedNetworks} + res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor, allowedNetworks} } // Add controller fields specific From cb391492652d99ec344fe77b4f5ac69bea4c138c Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Thu, 28 Nov 2024 17:32:21 +0530 Subject: [PATCH 24/46] Fixed Linting issues --- pkg/drivers/common_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index 08b372588..98072f1b6 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -410,9 +410,9 @@ func csmWithPowerScale(driver csmv1.DriverType, version string) csmv1.ContainerS } sideCarList := []csmv1.ContainerTemplate{sideCarObjEnabledNil, sideCarObjEnabledFalse, sideCarObjEnabledTrue} res.Spec.Driver.SideCars = sideCarList - res.Spec.Modules = []csmv1.Module{csmv1.Module{ - Name: csmv1.Resiliency, - Enabled: true, + res.Spec.Modules = []csmv1.Module{{ + Name: csmv1.Resiliency, + Enabled: true, }} return res } From 6b273e0620fd8d5fcc97daf33ac1b022a4049d2a Mon Sep 17 00:00:00 2001 From: sakshi-garg1 <74704849+sakshi-garg1@users.noreply.github.com> Date: Thu, 28 Nov 2024 17:39:22 +0530 Subject: [PATCH 25/46] Fixed Linting issues --- pkg/drivers/common_test.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index 98072f1b6..879055afa 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -410,7 +410,7 @@ func csmWithPowerScale(driver csmv1.DriverType, version string) csmv1.ContainerS } sideCarList := []csmv1.ContainerTemplate{sideCarObjEnabledNil, sideCarObjEnabledFalse, sideCarObjEnabledTrue} res.Spec.Driver.SideCars = sideCarList - res.Spec.Modules = []csmv1.Module{{ + res.Spec.Modules = []csmv1.Module{{ Name: csmv1.Resiliency, Enabled: true, }} @@ -510,8 +510,7 @@ func csmWithUnityInvalidValue(driver csmv1.DriverType, version string, certProvi // Add node fields specific to unity healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} - allowedNetworks := corev1.EnvVar{Name: "X_CSI_ALLOWED_NETWORKS", Value: "true"} - + allowedNetworks := corev1.EnvVar{Name: "X_CSI_ALLOWED_NETWORKS", Value: "true"} if res.Spec.Driver.Node != nil { res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor, allowedNetworks} } From 85d5a5fb26ec55dd0e553a9ad4932987fc8bbb9a Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Thu, 28 Nov 2024 07:25:06 -0500 Subject: [PATCH 26/46] fixed linters error --- pkg/drivers/common_test.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index 879055afa..a65f36619 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -411,8 +411,8 @@ func csmWithPowerScale(driver csmv1.DriverType, version string) csmv1.ContainerS sideCarList := []csmv1.ContainerTemplate{sideCarObjEnabledNil, sideCarObjEnabledFalse, sideCarObjEnabledTrue} res.Spec.Driver.SideCars = sideCarList res.Spec.Modules = []csmv1.Module{{ - Name: csmv1.Resiliency, - Enabled: true, + Name: csmv1.Resiliency, + Enabled: true, }} return res } @@ -480,7 +480,7 @@ func csmWithUnity(driver csmv1.DriverType, version string, certProvided bool) cs return res } -func csmWithUnityInvalidValue(driver csmv1.DriverType, version string, certProvided bool) csmv1.ContainerStorageModule { +func csmWithUnityInvalidValue(driver csmv1.DriverType, version string) csmv1.ContainerStorageModule { res := shared.MakeCSM("csm", "driver-test", shared.ConfigVersion) res.Spec.Driver.Common = nil // Add FSGroupPolicy @@ -510,7 +510,7 @@ func csmWithUnityInvalidValue(driver csmv1.DriverType, version string, certProvi // Add node fields specific to unity healthMonitor := corev1.EnvVar{Name: "X_CSI_HEALTH_MONITOR_ENABLED", Value: "true"} - allowedNetworks := corev1.EnvVar{Name: "X_CSI_ALLOWED_NETWORKS", Value: "true"} + allowedNetworks := corev1.EnvVar{Name: "X_CSI_ALLOWED_NETWORKS", Value: "true"} if res.Spec.Driver.Node != nil { res.Spec.Driver.Node.Envs = []corev1.EnvVar{healthMonitor, allowedNetworks} } From f3bcc931dff36274378f5359b8eb3bcfe510ebdb Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Thu, 28 Nov 2024 07:31:21 -0500 Subject: [PATCH 27/46] fixed linters error --- pkg/drivers/commonconfig_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/drivers/commonconfig_test.go b/pkg/drivers/commonconfig_test.go index d7beafc7b..481a88472 100644 --- a/pkg/drivers/commonconfig_test.go +++ b/pkg/drivers/commonconfig_test.go @@ -30,7 +30,7 @@ var ( pScaleCSM = csmWithPowerScale(csmv1.PowerScale, shared.PScaleConfigVersion) unityCSM = csmWithUnity(csmv1.Unity, shared.UnityConfigVersion, false) unityCSMCertProvided = csmWithUnity(csmv1.Unity, shared.UnityConfigVersion, true) - unityCSMInvalidValue = csmWithUnityInvalidValue(csmv1.Unity, shared.UnityConfigVersion, true) + unityCSMInvalidValue = csmWithUnityInvalidValue(csmv1.Unity, shared.UnityConfigVersion) pmaxCSM = csmWithPowermax(csmv1.PowerMax, shared.PmaxConfigVersion) fakeDriver csmv1.DriverType = "fakeDriver" From e784f687250969f07208eb44b6450d48e5e9e050 Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Fri, 29 Nov 2024 02:35:06 -0500 Subject: [PATCH 28/46] e2e tests for minimal sample --- tests/e2e/steps/steps_def.go | 46 ++++++++++++++++++- tests/e2e/steps/steps_runner.go | 1 + .../minimal-testfiles/scenarios.yaml | 5 ++ 3 files changed, 51 insertions(+), 1 deletion(-) diff --git a/tests/e2e/steps/steps_def.go b/tests/e2e/steps/steps_def.go index 9e2966231..d7d4c2975 100644 --- a/tests/e2e/steps/steps_def.go +++ b/tests/e2e/steps/steps_def.go @@ -26,6 +26,8 @@ import ( "encoding/json" + "path/filepath" + "github.com/dell/csm-operator/pkg/constants" "github.com/dell/csm-operator/pkg/modules" "github.com/dell/csm-operator/pkg/utils" @@ -39,7 +41,6 @@ import ( "k8s.io/kubernetes/test/e2e/framework/kubectl" fpod "k8s.io/kubernetes/test/e2e/framework/pod" "k8s.io/utils/pointer" - "path/filepath" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/yaml" ) @@ -323,6 +324,49 @@ func (step *Step) validateDriverInstalled(res Resource, driverName string, crNum return checkAllRunningPods(context.TODO(), res.CustomResource[crNum-1].(csmv1.ContainerStorageModule).Namespace, step.clientSet) } +func (step *Step) validateMinimalCSMDriverSpec(res Resource, driverName string, crNumStr string) error { + crNum, _ := strconv.Atoi(crNumStr) + cr := res.CustomResource[crNum-1].(csmv1.ContainerStorageModule) + found := new(csmv1.ContainerStorageModule) + err := step.ctrlClient.Get(context.TODO(), client.ObjectKey{ + Namespace: cr.Namespace, + Name: cr.Name, + }, found) + if err != nil { + if errors.IsNotFound(err) { + return fmt.Errorf("CSM resource '%s' not found in namespace '%s'", cr.Name, cr.Namespace) + } + return fmt.Errorf("failed to get CSM resource '%s/%s': %w", cr.Namespace, cr.Name, err) + } + driver := found.Spec.Driver + if driver.ConfigVersion == "" { + return fmt.Errorf("configVersion is missing") + } + if driver.CSIDriverType == "" { + return fmt.Errorf("csiDriverType is missing") + } + if driver.Replicas == 0 { + return fmt.Errorf("replicas should have a non-zero value") + } + + // Ensure all other fields are empty or nil + if len(driver.SideCars) > 0 || + len(driver.InitContainers) > 0 || + len(driver.SnapshotClass) > 0 || + driver.Controller != nil || + driver.Node != nil || + driver.CSIDriverSpec != nil || + driver.DNSPolicy != "" || + driver.Common != nil || + driver.AuthSecret != "" || + driver.TLSCertSecret != "" || + driver.ForceUpdate { + return fmt.Errorf("unexpected fields found in Driver spec: %+v", driver) + } + + return nil +} + func (step *Step) validateDriverNotInstalled(res Resource, driverName string, crNumStr string) error { crNum, _ := strconv.Atoi(crNumStr) time.Sleep(20 * time.Second) diff --git a/tests/e2e/steps/steps_runner.go b/tests/e2e/steps/steps_runner.go index db4a9c86b..53edaf893 100644 --- a/tests/e2e/steps/steps_runner.go +++ b/tests/e2e/steps/steps_runner.go @@ -47,6 +47,7 @@ func StepRunnerInit(runner *Runner, ctrlClient client.Client, clientSet *kuberne runner.addStep(`^Upgrade from custom resource \[(\d+)\] to \[(\d+)\]$`, step.upgradeCustomResource) runner.addStep(`^Validate custom resource \[(\d+)\]$`, step.validateCustomResourceStatus) runner.addStep(`^Validate \[([^"]*)\] driver from CR \[(\d+)\] is installed$`, step.validateDriverInstalled) + runner.addStep(`^Validate \[([^"]*)\] driver spec from CR \[(\d+)\]$`, step.validateMinimalCSMDriverSpec) runner.addStep(`^Validate \[([^"]*)\] driver from CR \[(\d+)\] is not installed$`, step.validateDriverNotInstalled) runner.addStep(`^Run custom test$`, step.runCustomTest) diff --git a/tests/e2e/testfiles/minimal-testfiles/scenarios.yaml b/tests/e2e/testfiles/minimal-testfiles/scenarios.yaml index 18c275024..89ab21a36 100644 --- a/tests/e2e/testfiles/minimal-testfiles/scenarios.yaml +++ b/tests/e2e/testfiles/minimal-testfiles/scenarios.yaml @@ -12,6 +12,7 @@ - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [powerstore] driver from CR [1] is installed" + - "Validate [powerstore] driver spec from CR [1]" - "Run custom test" # cleanup - "Enable forceRemoveDriver on CR [1]" @@ -86,6 +87,7 @@ - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [unity] driver from CR [1] is installed" + - "Validate [unity] driver spec from CR [1]" - "Run custom test" # cleanup - "Enable forceRemoveDriver on CR [1]" @@ -110,6 +112,7 @@ - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [powerflex] driver from CR [1] is installed" + - "Validate [powerflex] driver spec from CR [1]" - "Run custom test" # cleanup - "Enable forceRemoveDriver on CR [1]" @@ -293,6 +296,7 @@ - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [powerscale] driver from CR [1] is installed" + - "Validate [powerscale] driver spec from CR [1]" - "Run custom test" # cleanup - "Enable forceRemoveDriver on CR [1]" @@ -618,6 +622,7 @@ - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [powermax] driver from CR [1] is installed" + - "Validate [powermax] driver spec from CR [1]" - "Run custom test" - "Enable forceRemoveDriver on CR [1]" - "Delete custom resource [1]" From 16a6a745c75547c8645d7ed231f0aba1598d71e6 Mon Sep 17 00:00:00 2001 From: Aly Nathoo Date: Tue, 3 Dec 2024 11:58:25 -0500 Subject: [PATCH 29/46] Removing code that defaults replica count in deployment and CR to 2 when it comes in as 0. --- controllers/csm_controller.go | 4 ---- pkg/drivers/commonconfig.go | 4 ---- 2 files changed, 8 deletions(-) diff --git a/controllers/csm_controller.go b/controllers/csm_controller.go index 8f8217d6c..fe1944f46 100644 --- a/controllers/csm_controller.go +++ b/controllers/csm_controller.go @@ -286,10 +286,6 @@ func (r *ContainerStorageModuleReconciler) Reconcile(_ context.Context, req ctrl return utils.HandleValidationError(ctx, csm, r, err) } - // Set default replica count if not specified - if csm.Spec.Driver.Replicas == 0 { - csm.Spec.Driver.Replicas = 2 - } if csm.IsBeingDeleted() { log.Infow("Delete request", "csm", req.Namespace, "Name", req.Name) diff --git a/pkg/drivers/commonconfig.go b/pkg/drivers/commonconfig.go index 9f8b6d854..f1c58c88f 100644 --- a/pkg/drivers/commonconfig.go +++ b/pkg/drivers/commonconfig.go @@ -72,10 +72,6 @@ func GetController(ctx context.Context, cr csmv1.ContainerStorageModule, operato controllerYAML := driverYAML.(utils.ControllerYAML) controllerYAML.Deployment.Spec.Replicas = &cr.Spec.Driver.Replicas - var defaultReplicas int32 = 2 - if *(controllerYAML.Deployment.Spec.Replicas) == 0 { - controllerYAML.Deployment.Spec.Replicas = &defaultReplicas - } if cr.Spec.Driver.Controller != nil && len(cr.Spec.Driver.Controller.Tolerations) != 0 { tols := make([]acorev1.TolerationApplyConfiguration, 0) From 9d4e09ad56232a7aa70630d53d331c90dbb18e07 Mon Sep 17 00:00:00 2001 From: Aly Nathoo Date: Tue, 3 Dec 2024 16:46:53 -0500 Subject: [PATCH 30/46] Fix linter error. --- controllers/csm_controller.go | 1 - 1 file changed, 1 deletion(-) diff --git a/controllers/csm_controller.go b/controllers/csm_controller.go index fe1944f46..ba2498612 100644 --- a/controllers/csm_controller.go +++ b/controllers/csm_controller.go @@ -286,7 +286,6 @@ func (r *ContainerStorageModuleReconciler) Reconcile(_ context.Context, req ctrl return utils.HandleValidationError(ctx, csm, r, err) } - if csm.IsBeingDeleted() { log.Infow("Delete request", "csm", req.Namespace, "Name", req.Name) From 01d2c78ad8e4a09e4be3f7a863732cd2b6f69530 Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Wed, 4 Dec 2024 04:14:34 -0500 Subject: [PATCH 31/46] addressed @rajendraindukuri & @kumarp20 review comment --- ...rage.dell.com_containerstoragemodules.yaml | 3740 ++++++++--------- pkg/drivers/commonconfig.go | 11 +- pkg/drivers/powerflex.go | 30 +- 3 files changed, 1703 insertions(+), 2078 deletions(-) diff --git a/config/crd/bases/storage.dell.com_containerstoragemodules.yaml b/config/crd/bases/storage.dell.com_containerstoragemodules.yaml index 3592443b8..c3f95aab3 100644 --- a/config/crd/bases/storage.dell.com_containerstoragemodules.yaml +++ b/config/crd/bases/storage.dell.com_containerstoragemodules.yaml @@ -12,65 +12,881 @@ spec: listKind: ContainerStorageModuleList plural: containerstoragemodules shortNames: - - csm + - csm singular: containerstoragemodule scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: CreationTime - type: date - - description: Type of CSIDriver - jsonPath: .spec.driver.csiDriverType - name: CSIDriverType - type: string - - description: Version of CSIDriver - jsonPath: .spec.driver.configVersion - name: ConfigVersion - type: string - - description: State of Installation - jsonPath: .status.state - name: State - type: string - name: v1 - schema: - openAPIV3Schema: - description: - ContainerStorageModule is the Schema for the containerstoragemodules - API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ContainerStorageModuleSpec defines the desired state of ContainerStorageModule - properties: - driver: - description: Driver is a CSI Drivers for Dell Technologies - properties: - authSecret: - description: - AuthSecret is the name of the credentials secret - for the driver - type: string - common: - description: - Common is the common specification for both controller - and node plugins + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: CreationTime + type: date + - description: Type of CSIDriver + jsonPath: .spec.driver.csiDriverType + name: CSIDriverType + type: string + - description: Version of CSIDriver + jsonPath: .spec.driver.configVersion + name: ConfigVersion + type: string + - description: State of Installation + jsonPath: .status.state + name: State + type: string + name: v1 + schema: + openAPIV3Schema: + description: ContainerStorageModule is the Schema for the containerstoragemodules + API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: ContainerStorageModuleSpec defines the desired state of ContainerStorageModule + properties: + driver: + description: Driver is a CSI Drivers for Dell Technologies + properties: + authSecret: + description: AuthSecret is the name of the credentials secret + for the driver + type: string + common: + description: Common is the common specification for both controller + and node plugins + properties: + args: + description: Args is the set of arguments for the container + items: + type: string + type: array + authorizationController: + description: AuthorizationController is the image tag for + the container + type: string + authorizationControllerReplicas: + description: AuthorizationControllerReplicas is the number + of replicas for the authorization controller deployment + type: integer + certificate: + description: Certificate is a certificate used for a certificate/private-key + pair + type: string + certificateAuthority: + description: CertificateAuthority is a certificate authority + used to validate a certificate + type: string + commander: + description: Commander is the image tag for the Container + type: string + controllerReconcileInterval: + description: The interval which the reconcile of each controller + is run + type: string + credentials: + description: ComponentCred is to store the velero credential + contents + items: + description: Credential struct + properties: + createWithInstall: + description: CreateWithInstall is used to indicate wether + or not to create a secret for objectstore + type: boolean + name: + description: Name is the name of secret which contains + credentials to access objectstore + type: string + secretContents: + description: SecretContents contains credentials to + access objectstore + properties: + aws_access_key_id: + description: AccessKeyID is a name of key ID to + access objectstore + type: string + aws_secret_access_key: + description: AccessKey contains the key to access + objectstore + type: string + type: object + type: object + type: array + deployNodeAgent: + description: DeployNodeAgent is to enable/disable node-agent + services + type: boolean + enabled: + description: Enabled is used to indicate wether or not to + deploy a module + type: boolean + envs: + description: Envs is the set of environment variables for + the container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + hostname: + description: Hostname is the authorization proxy server hostname + type: string + image: + description: Image is the image tag for the Container + type: string + imagePullPolicy: + description: ImagePullPolicy is the image pull policy for + the image + type: string + leaderElection: + description: LeaderElection is boolean flag to enable leader + election + type: boolean + licenseName: + description: LicenseName is the name of the license for app-mobility + type: string + name: + description: Name is the name of Container + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + NodeSelector is a selector which must be true for the pod to fit on a node. + Selector which must match a node's labels for the pod to be scheduled on that node. + type: object + objectStoreSecretName: + description: ObjectStoreSecretName is the name of the secret + for the object store for app-mobility + type: string + opa: + description: Opa is the image tag for the Container + type: string + opaKubeMgmt: + description: OpaKubeMgmt is the image tag for the Container + type: string + openTelemetryCollectorAddress: + description: OpenTelemetryCollectorAddress is the address + of the OTLP receiving endpoint using gRPC + type: string + privateKey: + description: PrivateKey is a private key used for a certificate/private-key + pair + type: string + proxyServerIngress: + description: ProxyServerIngress is the authorization proxy + server ingress configuration + items: + description: ProxyServerIngress is the authorization ingress + configuration struct + properties: + annotations: + additionalProperties: + type: string + description: Annotations is an unstructured key value + map that stores additional annotations for the ingress + type: object + hosts: + description: Hosts is the hosts rules for the ingress + items: + type: string + type: array + ingressClassName: + description: IngressClassName is the ingressClassName + type: string + type: object + type: array + proxyService: + description: ProxyService is the image tag for the Container + type: string + proxyServiceReplicas: + description: ProxyServiceReplicas is the number of replicas + for the proxy service deployment + type: integer + redis: + description: Redis is the image tag for the Container + type: string + redisCommander: + description: RedisCommander is the name of the redis deployment + type: string + redisName: + description: RedisName is the name of the redis statefulset + type: string + redisReplicas: + description: RedisReplicas is the number of replicas for the + redis deployment + type: integer + replicaCount: + description: ReplicaCount is the replica count for app mobility + type: string + roleService: + description: RoleService is the image tag for the Container + type: string + roleServiceReplicas: + description: RoleServiceReplicas is the number of replicas + for the role service deployment + type: integer + sentinel: + description: Sentinel is the name of the sentinel statefulSet + type: string + skipCertificateValidation: + description: skipCertificateValidation is the flag to skip + certificate validation + type: boolean + storageService: + description: StorageService is the image tag for the Container + type: string + storageServiceReplicas: + description: StorageServiceReplicas is the number of replicas + for storage service deployment + type: integer + storageclass: + description: RedisStorageClass is the authorization proxy + server redis storage class for persistence + type: string + tenantService: + description: TenantService is the image tag for the Container + type: string + tenantServiceReplicas: + description: TenantServiceReplicas is the number of replicas + for the tenant service deployment + type: integer + tolerations: + description: Tolerations is the list of tolerations for the + driver pods + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + useVolumeSnapshot: + description: UseSnapshot is to check whether volume snapshot + is enabled under velero component + type: boolean + vaultConfigurations: + description: Vaults are the vault configurations + items: + description: Vault is the configuration for a vault instance + struct + properties: + address: + description: Address is the address for this vault + type: string + certificateAuthority: + description: CertificateAuthority is the base64-encoded + certificate authority for validaitng the vault certificate + type: string + clientCertificate: + description: ClientCertificate is the base64-encoded + certificate for connecting to vault + type: string + clientKey: + description: ClientKey validates is the base64-encoded + certificate key for connecting to vault + type: string + identifier: + description: Identifier is the identifier for this vault + type: string + role: + description: Role is the role for this vault + type: string + skipCertificateValidation: + description: SkipCertificateValidation validates the + vault server certificate or not + type: boolean + type: object + type: array + veleroNamespace: + description: VeleroNamespace is the namespace that Velero + is installed in + type: string + type: object + configVersion: + description: ConfigVersion is the configuration version of the + driver + type: string + controller: + description: Controller is the specification for Controller plugin + only + properties: + args: + description: Args is the set of arguments for the container + items: + type: string + type: array + authorizationController: + description: AuthorizationController is the image tag for + the container + type: string + authorizationControllerReplicas: + description: AuthorizationControllerReplicas is the number + of replicas for the authorization controller deployment + type: integer + certificate: + description: Certificate is a certificate used for a certificate/private-key + pair + type: string + certificateAuthority: + description: CertificateAuthority is a certificate authority + used to validate a certificate + type: string + commander: + description: Commander is the image tag for the Container + type: string + controllerReconcileInterval: + description: The interval which the reconcile of each controller + is run + type: string + credentials: + description: ComponentCred is to store the velero credential + contents + items: + description: Credential struct + properties: + createWithInstall: + description: CreateWithInstall is used to indicate wether + or not to create a secret for objectstore + type: boolean + name: + description: Name is the name of secret which contains + credentials to access objectstore + type: string + secretContents: + description: SecretContents contains credentials to + access objectstore + properties: + aws_access_key_id: + description: AccessKeyID is a name of key ID to + access objectstore + type: string + aws_secret_access_key: + description: AccessKey contains the key to access + objectstore + type: string + type: object + type: object + type: array + deployNodeAgent: + description: DeployNodeAgent is to enable/disable node-agent + services + type: boolean + enabled: + description: Enabled is used to indicate wether or not to + deploy a module + type: boolean + envs: + description: Envs is the set of environment variables for + the container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + hostname: + description: Hostname is the authorization proxy server hostname + type: string + image: + description: Image is the image tag for the Container + type: string + imagePullPolicy: + description: ImagePullPolicy is the image pull policy for + the image + type: string + leaderElection: + description: LeaderElection is boolean flag to enable leader + election + type: boolean + licenseName: + description: LicenseName is the name of the license for app-mobility + type: string + name: + description: Name is the name of Container + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + NodeSelector is a selector which must be true for the pod to fit on a node. + Selector which must match a node's labels for the pod to be scheduled on that node. + type: object + objectStoreSecretName: + description: ObjectStoreSecretName is the name of the secret + for the object store for app-mobility + type: string + opa: + description: Opa is the image tag for the Container + type: string + opaKubeMgmt: + description: OpaKubeMgmt is the image tag for the Container + type: string + openTelemetryCollectorAddress: + description: OpenTelemetryCollectorAddress is the address + of the OTLP receiving endpoint using gRPC + type: string + privateKey: + description: PrivateKey is a private key used for a certificate/private-key + pair + type: string + proxyServerIngress: + description: ProxyServerIngress is the authorization proxy + server ingress configuration + items: + description: ProxyServerIngress is the authorization ingress + configuration struct + properties: + annotations: + additionalProperties: + type: string + description: Annotations is an unstructured key value + map that stores additional annotations for the ingress + type: object + hosts: + description: Hosts is the hosts rules for the ingress + items: + type: string + type: array + ingressClassName: + description: IngressClassName is the ingressClassName + type: string + type: object + type: array + proxyService: + description: ProxyService is the image tag for the Container + type: string + proxyServiceReplicas: + description: ProxyServiceReplicas is the number of replicas + for the proxy service deployment + type: integer + redis: + description: Redis is the image tag for the Container + type: string + redisCommander: + description: RedisCommander is the name of the redis deployment + type: string + redisName: + description: RedisName is the name of the redis statefulset + type: string + redisReplicas: + description: RedisReplicas is the number of replicas for the + redis deployment + type: integer + replicaCount: + description: ReplicaCount is the replica count for app mobility + type: string + roleService: + description: RoleService is the image tag for the Container + type: string + roleServiceReplicas: + description: RoleServiceReplicas is the number of replicas + for the role service deployment + type: integer + sentinel: + description: Sentinel is the name of the sentinel statefulSet + type: string + skipCertificateValidation: + description: skipCertificateValidation is the flag to skip + certificate validation + type: boolean + storageService: + description: StorageService is the image tag for the Container + type: string + storageServiceReplicas: + description: StorageServiceReplicas is the number of replicas + for storage service deployment + type: integer + storageclass: + description: RedisStorageClass is the authorization proxy + server redis storage class for persistence + type: string + tenantService: + description: TenantService is the image tag for the Container + type: string + tenantServiceReplicas: + description: TenantServiceReplicas is the number of replicas + for the tenant service deployment + type: integer + tolerations: + description: Tolerations is the list of tolerations for the + driver pods + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + useVolumeSnapshot: + description: UseSnapshot is to check whether volume snapshot + is enabled under velero component + type: boolean + vaultConfigurations: + description: Vaults are the vault configurations + items: + description: Vault is the configuration for a vault instance + struct + properties: + address: + description: Address is the address for this vault + type: string + certificateAuthority: + description: CertificateAuthority is the base64-encoded + certificate authority for validaitng the vault certificate + type: string + clientCertificate: + description: ClientCertificate is the base64-encoded + certificate for connecting to vault + type: string + clientKey: + description: ClientKey validates is the base64-encoded + certificate key for connecting to vault + type: string + identifier: + description: Identifier is the identifier for this vault + type: string + role: + description: Role is the role for this vault + type: string + skipCertificateValidation: + description: SkipCertificateValidation validates the + vault server certificate or not + type: boolean + type: object + type: array + veleroNamespace: + description: VeleroNamespace is the namespace that Velero + is installed in + type: string + type: object + csiDriverSpec: + description: CSIDriverSpec is the specification for CSIDriver + properties: + fSGroupPolicy: + type: string + storageCapacity: + type: boolean + type: object + csiDriverType: + description: CSIDriverType is the CSI Driver type for Dell Technologies + - e.g, powermax, powerflex,... + type: string + dnsPolicy: + description: DNSPolicy is the dnsPolicy of the daemonset for Node + plugin + type: string + forceRemoveDriver: + description: ForceRemoveDriver is the boolean flag used to remove + driver deployment when CR is deleted + type: boolean + forceUpdate: + description: ForceUpdate is the boolean flag used to force an + update of the driver instance + type: boolean + initContainers: + description: InitContainers is the specification for Driver InitContainers + items: + description: ContainerTemplate template properties: args: description: Args is the set of arguments for the container @@ -78,90 +894,74 @@ spec: type: string type: array authorizationController: - description: - AuthorizationController is the image tag for + description: AuthorizationController is the image tag for the container type: string authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number + description: AuthorizationControllerReplicas is the number of replicas for the authorization controller deployment type: integer certificate: - description: - Certificate is a certificate used for a certificate/private-key + description: Certificate is a certificate used for a certificate/private-key pair type: string certificateAuthority: - description: - CertificateAuthority is a certificate authority + description: CertificateAuthority is a certificate authority used to validate a certificate type: string commander: description: Commander is the image tag for the Container type: string controllerReconcileInterval: - description: - The interval which the reconcile of each controller + description: The interval which the reconcile of each controller is run type: string credentials: - description: - ComponentCred is to store the velero credential + description: ComponentCred is to store the velero credential contents items: description: Credential struct properties: createWithInstall: - description: - CreateWithInstall is used to indicate wether - or not to create a secret for objectstore + description: CreateWithInstall is used to indicate + wether or not to create a secret for objectstore type: boolean name: - description: - Name is the name of secret which contains + description: Name is the name of secret which contains credentials to access objectstore type: string secretContents: - description: - SecretContents contains credentials to + description: SecretContents contains credentials to access objectstore properties: aws_access_key_id: - description: - AccessKeyID is a name of key ID to + description: AccessKeyID is a name of key ID to access objectstore type: string aws_secret_access_key: - description: - AccessKey contains the key to access + description: AccessKey contains the key to access objectstore type: string type: object type: object type: array deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent + description: DeployNodeAgent is to enable/disable node-agent services type: boolean enabled: - description: - Enabled is used to indicate wether or not to + description: Enabled is used to indicate wether or not to deploy a module type: boolean envs: - description: - Envs is the set of environment variables for + description: Envs is the set of environment variables for the container items: - description: - EnvVar represents an environment variable present - in a Container. + description: EnvVar represents an environment variable + present in a Container. properties: name: - description: - Name of the environment variable. Must + description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: @@ -177,9 +977,8 @@ spec: Defaults to "". type: string valueFrom: - description: - Source for the environment variable's value. - Cannot be used if value is not empty. + description: Source for the environment variable's + value. Cannot be used if value is not empty. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -194,17 +993,14 @@ spec: This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: - description: - Specify whether the ConfigMap or - its key must be defined + description: Specify whether the ConfigMap + or its key must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic fieldRef: @@ -213,17 +1009,15 @@ spec: spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: - description: - Version of the schema the FieldPath + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". type: string fieldPath: - description: - Path of the field to select in + description: Path of the field to select in the specified API version. type: string required: - - fieldPath + - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: @@ -232,34 +1026,30 @@ spec: (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: - description: - "Container name: required for volumes, - optional for env vars" + description: 'Container name: required for + volumes, optional for env vars' type: string divisor: anyOf: - - type: integer - - type: string - description: - Specifies the output format of + - type: integer + - type: string + description: Specifies the output format of the exposed resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: "Required: resource to select" + description: 'Required: resource to select' type: string required: - - resource + - resource type: object x-kubernetes-map-type: atomic secretKeyRef: - description: - Selects a key of a secret in the pod's - namespace + description: Selects a key of a secret in the + pod's namespace properties: key: - description: - The key of the secret to select + description: The key of the secret to select from. Must be a valid secret key. type: string name: @@ -269,42 +1059,39 @@ spec: This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: - description: - Specify whether the Secret or its - key must be defined + description: Specify whether the Secret or + its key must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic type: object required: - - name + - name type: object type: array hostname: - description: Hostname is the authorization proxy server hostname + description: Hostname is the authorization proxy server + hostname type: string image: description: Image is the image tag for the Container type: string imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for + description: ImagePullPolicy is the image pull policy for the image type: string leaderElection: - description: - LeaderElection is boolean flag to enable leader + description: LeaderElection is boolean flag to enable leader election type: boolean licenseName: - description: LicenseName is the name of the license for app-mobility + description: LicenseName is the name of the license for + app-mobility type: string name: description: Name is the name of Container @@ -317,8 +1104,7 @@ spec: Selector which must match a node's labels for the pod to be scheduled on that node. type: object objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret + description: ObjectStoreSecretName is the name of the secret for the object store for app-mobility type: string opa: @@ -328,29 +1114,24 @@ spec: description: OpaKubeMgmt is the image tag for the Container type: string openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address + description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC type: string privateKey: - description: - PrivateKey is a private key used for a certificate/private-key + description: PrivateKey is a private key used for a certificate/private-key pair type: string proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy + description: ProxyServerIngress is the authorization proxy server ingress configuration items: - description: - ProxyServerIngress is the authorization ingress + description: ProxyServerIngress is the authorization ingress configuration struct properties: annotations: additionalProperties: type: string - description: - Annotations is an unstructured key value + description: Annotations is an unstructured key value map that stores additional annotations for the ingress type: object hosts: @@ -367,8 +1148,7 @@ spec: description: ProxyService is the image tag for the Container type: string proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas + description: ProxyServiceReplicas is the number of replicas for the proxy service deployment type: integer redis: @@ -381,9 +1161,8 @@ spec: description: RedisName is the name of the redis statefulset type: string redisReplicas: - description: - RedisReplicas is the number of replicas for the - redis deployment + description: RedisReplicas is the number of replicas for + the redis deployment type: integer replicaCount: description: ReplicaCount is the replica count for app mobility @@ -392,43 +1171,37 @@ spec: description: RoleService is the image tag for the Container type: string roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas + description: RoleServiceReplicas is the number of replicas for the role service deployment type: integer sentinel: description: Sentinel is the name of the sentinel statefulSet type: string skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip + description: skipCertificateValidation is the flag to skip certificate validation type: boolean storageService: description: StorageService is the image tag for the Container type: string storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas + description: StorageServiceReplicas is the number of replicas for storage service deployment type: integer storageclass: - description: - RedisStorageClass is the authorization proxy + description: RedisStorageClass is the authorization proxy server redis storage class for persistence type: string tenantService: description: TenantService is the image tag for the Container type: string tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas + description: TenantServiceReplicas is the number of replicas for the tenant service deployment type: integer tolerations: - description: - Tolerations is the list of tolerations for the - driver pods + description: Tolerations is the list of tolerations for + the driver pods items: description: |- The pod this Toleration is attached to tolerates any taint that matches @@ -467,63 +1240,453 @@ spec: type: object type: array useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot + description: UseSnapshot is to check whether volume snapshot is enabled under velero component type: boolean vaultConfigurations: description: Vaults are the vault configurations items: - description: - Vault is the configuration for a vault instance + description: Vault is the configuration for a vault instance struct properties: address: description: Address is the address for this vault type: string certificateAuthority: - description: - CertificateAuthority is the base64-encoded + description: CertificateAuthority is the base64-encoded certificate authority for validaitng the vault certificate type: string clientCertificate: - description: - ClientCertificate is the base64-encoded + description: ClientCertificate is the base64-encoded certificate for connecting to vault type: string clientKey: - description: - ClientKey validates is the base64-encoded + description: ClientKey validates is the base64-encoded certificate key for connecting to vault type: string identifier: - description: Identifier is the identifier for this vault + description: Identifier is the identifier for this + vault type: string role: description: Role is the role for this vault type: string skipCertificateValidation: - description: - SkipCertificateValidation validates the + description: SkipCertificateValidation validates the vault server certificate or not type: boolean type: object type: array veleroNamespace: - description: - VeleroNamespace is the namespace that Velero + description: VeleroNamespace is the namespace that Velero is installed in type: string type: object - configVersion: - description: - ConfigVersion is the configuration version of the - driver - type: string - controller: - description: - Controller is the specification for Controller plugin - only + type: array + node: + description: Node is the specification for Node plugin only + properties: + args: + description: Args is the set of arguments for the container + items: + type: string + type: array + authorizationController: + description: AuthorizationController is the image tag for + the container + type: string + authorizationControllerReplicas: + description: AuthorizationControllerReplicas is the number + of replicas for the authorization controller deployment + type: integer + certificate: + description: Certificate is a certificate used for a certificate/private-key + pair + type: string + certificateAuthority: + description: CertificateAuthority is a certificate authority + used to validate a certificate + type: string + commander: + description: Commander is the image tag for the Container + type: string + controllerReconcileInterval: + description: The interval which the reconcile of each controller + is run + type: string + credentials: + description: ComponentCred is to store the velero credential + contents + items: + description: Credential struct + properties: + createWithInstall: + description: CreateWithInstall is used to indicate wether + or not to create a secret for objectstore + type: boolean + name: + description: Name is the name of secret which contains + credentials to access objectstore + type: string + secretContents: + description: SecretContents contains credentials to + access objectstore + properties: + aws_access_key_id: + description: AccessKeyID is a name of key ID to + access objectstore + type: string + aws_secret_access_key: + description: AccessKey contains the key to access + objectstore + type: string + type: object + type: object + type: array + deployNodeAgent: + description: DeployNodeAgent is to enable/disable node-agent + services + type: boolean + enabled: + description: Enabled is used to indicate wether or not to + deploy a module + type: boolean + envs: + description: Envs is the set of environment variables for + the container + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must + be a C_IDENTIFIER. + type: string + value: + description: |- + Variable references $(VAR_NAME) are expanded + using the previously defined environment variables in the container and + any service environment variables. If a variable cannot be resolved, + the reference in the input string will be unchanged. Double $$ are reduced + to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. + "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". + Escaped references will never be expanded, regardless of whether the variable + exists or not. + Defaults to "". + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, + spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in + the specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + anyOf: + - type: integer + - type: string + description: Specifies the output format of + the exposed resources, defaults to "1" + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + hostname: + description: Hostname is the authorization proxy server hostname + type: string + image: + description: Image is the image tag for the Container + type: string + imagePullPolicy: + description: ImagePullPolicy is the image pull policy for + the image + type: string + leaderElection: + description: LeaderElection is boolean flag to enable leader + election + type: boolean + licenseName: + description: LicenseName is the name of the license for app-mobility + type: string + name: + description: Name is the name of Container + type: string + nodeSelector: + additionalProperties: + type: string + description: |- + NodeSelector is a selector which must be true for the pod to fit on a node. + Selector which must match a node's labels for the pod to be scheduled on that node. + type: object + objectStoreSecretName: + description: ObjectStoreSecretName is the name of the secret + for the object store for app-mobility + type: string + opa: + description: Opa is the image tag for the Container + type: string + opaKubeMgmt: + description: OpaKubeMgmt is the image tag for the Container + type: string + openTelemetryCollectorAddress: + description: OpenTelemetryCollectorAddress is the address + of the OTLP receiving endpoint using gRPC + type: string + privateKey: + description: PrivateKey is a private key used for a certificate/private-key + pair + type: string + proxyServerIngress: + description: ProxyServerIngress is the authorization proxy + server ingress configuration + items: + description: ProxyServerIngress is the authorization ingress + configuration struct + properties: + annotations: + additionalProperties: + type: string + description: Annotations is an unstructured key value + map that stores additional annotations for the ingress + type: object + hosts: + description: Hosts is the hosts rules for the ingress + items: + type: string + type: array + ingressClassName: + description: IngressClassName is the ingressClassName + type: string + type: object + type: array + proxyService: + description: ProxyService is the image tag for the Container + type: string + proxyServiceReplicas: + description: ProxyServiceReplicas is the number of replicas + for the proxy service deployment + type: integer + redis: + description: Redis is the image tag for the Container + type: string + redisCommander: + description: RedisCommander is the name of the redis deployment + type: string + redisName: + description: RedisName is the name of the redis statefulset + type: string + redisReplicas: + description: RedisReplicas is the number of replicas for the + redis deployment + type: integer + replicaCount: + description: ReplicaCount is the replica count for app mobility + type: string + roleService: + description: RoleService is the image tag for the Container + type: string + roleServiceReplicas: + description: RoleServiceReplicas is the number of replicas + for the role service deployment + type: integer + sentinel: + description: Sentinel is the name of the sentinel statefulSet + type: string + skipCertificateValidation: + description: skipCertificateValidation is the flag to skip + certificate validation + type: boolean + storageService: + description: StorageService is the image tag for the Container + type: string + storageServiceReplicas: + description: StorageServiceReplicas is the number of replicas + for storage service deployment + type: integer + storageclass: + description: RedisStorageClass is the authorization proxy + server redis storage class for persistence + type: string + tenantService: + description: TenantService is the image tag for the Container + type: string + tenantServiceReplicas: + description: TenantServiceReplicas is the number of replicas + for the tenant service deployment + type: integer + tolerations: + description: Tolerations is the list of tolerations for the + driver pods + items: + description: |- + The pod this Toleration is attached to tolerates any taint that matches + the triple using the matching operator . + properties: + effect: + description: |- + Effect indicates the taint effect to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: |- + Key is the taint key that the toleration applies to. Empty means match all taint keys. + If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: |- + Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod can + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + it is not set, which means tolerate the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict immediately) by the system. + format: int64 + type: integer + value: + description: |- + Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + type: object + type: array + useVolumeSnapshot: + description: UseSnapshot is to check whether volume snapshot + is enabled under velero component + type: boolean + vaultConfigurations: + description: Vaults are the vault configurations + items: + description: Vault is the configuration for a vault instance + struct + properties: + address: + description: Address is the address for this vault + type: string + certificateAuthority: + description: CertificateAuthority is the base64-encoded + certificate authority for validaitng the vault certificate + type: string + clientCertificate: + description: ClientCertificate is the base64-encoded + certificate for connecting to vault + type: string + clientKey: + description: ClientKey validates is the base64-encoded + certificate key for connecting to vault + type: string + identifier: + description: Identifier is the identifier for this vault + type: string + role: + description: Role is the role for this vault + type: string + skipCertificateValidation: + description: SkipCertificateValidation validates the + vault server certificate or not + type: boolean + type: object + type: array + veleroNamespace: + description: VeleroNamespace is the namespace that Velero + is installed in + type: string + type: object + replicas: + default: 2 + description: Replicas is the count of controllers for Controller + plugin + format: int32 + type: integer + sideCars: + description: SideCars is the specification for CSI sidecar containers + items: + description: ContainerTemplate template properties: args: description: Args is the set of arguments for the container @@ -531,90 +1694,74 @@ spec: type: string type: array authorizationController: - description: - AuthorizationController is the image tag for + description: AuthorizationController is the image tag for the container type: string authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number + description: AuthorizationControllerReplicas is the number of replicas for the authorization controller deployment type: integer certificate: - description: - Certificate is a certificate used for a certificate/private-key + description: Certificate is a certificate used for a certificate/private-key pair type: string certificateAuthority: - description: - CertificateAuthority is a certificate authority + description: CertificateAuthority is a certificate authority used to validate a certificate type: string commander: description: Commander is the image tag for the Container type: string controllerReconcileInterval: - description: - The interval which the reconcile of each controller + description: The interval which the reconcile of each controller is run type: string credentials: - description: - ComponentCred is to store the velero credential + description: ComponentCred is to store the velero credential contents items: description: Credential struct properties: createWithInstall: - description: - CreateWithInstall is used to indicate wether - or not to create a secret for objectstore + description: CreateWithInstall is used to indicate + wether or not to create a secret for objectstore type: boolean name: - description: - Name is the name of secret which contains + description: Name is the name of secret which contains credentials to access objectstore type: string secretContents: - description: - SecretContents contains credentials to + description: SecretContents contains credentials to access objectstore properties: aws_access_key_id: - description: - AccessKeyID is a name of key ID to + description: AccessKeyID is a name of key ID to access objectstore type: string aws_secret_access_key: - description: - AccessKey contains the key to access + description: AccessKey contains the key to access objectstore type: string type: object type: object type: array deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent + description: DeployNodeAgent is to enable/disable node-agent services type: boolean enabled: - description: - Enabled is used to indicate wether or not to + description: Enabled is used to indicate wether or not to deploy a module type: boolean envs: - description: - Envs is the set of environment variables for + description: Envs is the set of environment variables for the container items: - description: - EnvVar represents an environment variable present - in a Container. + description: EnvVar represents an environment variable + present in a Container. properties: name: - description: - Name of the environment variable. Must + description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: @@ -630,9 +1777,8 @@ spec: Defaults to "". type: string valueFrom: - description: - Source for the environment variable's value. - Cannot be used if value is not empty. + description: Source for the environment variable's + value. Cannot be used if value is not empty. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -647,17 +1793,14 @@ spec: This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: - description: - Specify whether the ConfigMap or - its key must be defined + description: Specify whether the ConfigMap + or its key must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic fieldRef: @@ -666,17 +1809,15 @@ spec: spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: - description: - Version of the schema the FieldPath + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". type: string fieldPath: - description: - Path of the field to select in + description: Path of the field to select in the specified API version. type: string required: - - fieldPath + - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: @@ -685,34 +1826,30 @@ spec: (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: - description: - "Container name: required for volumes, - optional for env vars" + description: 'Container name: required for + volumes, optional for env vars' type: string divisor: anyOf: - - type: integer - - type: string - description: - Specifies the output format of + - type: integer + - type: string + description: Specifies the output format of the exposed resources, defaults to "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: "Required: resource to select" + description: 'Required: resource to select' type: string required: - - resource + - resource type: object x-kubernetes-map-type: atomic secretKeyRef: - description: - Selects a key of a secret in the pod's - namespace + description: Selects a key of a secret in the + pod's namespace properties: key: - description: - The key of the secret to select + description: The key of the secret to select from. Must be a valid secret key. type: string name: @@ -722,42 +1859,39 @@ spec: This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: - description: - Specify whether the Secret or its - key must be defined + description: Specify whether the Secret or + its key must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic type: object required: - - name + - name type: object type: array hostname: - description: Hostname is the authorization proxy server hostname + description: Hostname is the authorization proxy server + hostname type: string image: description: Image is the image tag for the Container type: string imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for + description: ImagePullPolicy is the image pull policy for the image type: string leaderElection: - description: - LeaderElection is boolean flag to enable leader + description: LeaderElection is boolean flag to enable leader election type: boolean licenseName: - description: LicenseName is the name of the license for app-mobility + description: LicenseName is the name of the license for + app-mobility type: string name: description: Name is the name of Container @@ -770,8 +1904,7 @@ spec: Selector which must match a node's labels for the pod to be scheduled on that node. type: object objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret + description: ObjectStoreSecretName is the name of the secret for the object store for app-mobility type: string opa: @@ -781,29 +1914,24 @@ spec: description: OpaKubeMgmt is the image tag for the Container type: string openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address + description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC type: string privateKey: - description: - PrivateKey is a private key used for a certificate/private-key + description: PrivateKey is a private key used for a certificate/private-key pair type: string proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy + description: ProxyServerIngress is the authorization proxy server ingress configuration items: - description: - ProxyServerIngress is the authorization ingress + description: ProxyServerIngress is the authorization ingress configuration struct properties: annotations: additionalProperties: type: string - description: - Annotations is an unstructured key value + description: Annotations is an unstructured key value map that stores additional annotations for the ingress type: object hosts: @@ -820,8 +1948,7 @@ spec: description: ProxyService is the image tag for the Container type: string proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas + description: ProxyServiceReplicas is the number of replicas for the proxy service deployment type: integer redis: @@ -834,9 +1961,8 @@ spec: description: RedisName is the name of the redis statefulset type: string redisReplicas: - description: - RedisReplicas is the number of replicas for the - redis deployment + description: RedisReplicas is the number of replicas for + the redis deployment type: integer replicaCount: description: ReplicaCount is the replica count for app mobility @@ -845,43 +1971,37 @@ spec: description: RoleService is the image tag for the Container type: string roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas + description: RoleServiceReplicas is the number of replicas for the role service deployment type: integer sentinel: description: Sentinel is the name of the sentinel statefulSet type: string skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip + description: skipCertificateValidation is the flag to skip certificate validation type: boolean storageService: description: StorageService is the image tag for the Container type: string storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas + description: StorageServiceReplicas is the number of replicas for storage service deployment type: integer storageclass: - description: - RedisStorageClass is the authorization proxy + description: RedisStorageClass is the authorization proxy server redis storage class for persistence type: string tenantService: description: TenantService is the image tag for the Container type: string tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas + description: TenantServiceReplicas is the number of replicas for the tenant service deployment type: integer tolerations: - description: - Tolerations is the list of tolerations for the - driver pods + description: Tolerations is the list of tolerations for + the driver pods items: description: |- The pod this Toleration is attached to tolerates any taint that matches @@ -920,84 +2040,78 @@ spec: type: object type: array useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot + description: UseSnapshot is to check whether volume snapshot is enabled under velero component type: boolean vaultConfigurations: description: Vaults are the vault configurations items: - description: - Vault is the configuration for a vault instance + description: Vault is the configuration for a vault instance struct properties: address: description: Address is the address for this vault type: string certificateAuthority: - description: - CertificateAuthority is the base64-encoded + description: CertificateAuthority is the base64-encoded certificate authority for validaitng the vault certificate type: string clientCertificate: - description: - ClientCertificate is the base64-encoded + description: ClientCertificate is the base64-encoded certificate for connecting to vault type: string clientKey: - description: - ClientKey validates is the base64-encoded + description: ClientKey validates is the base64-encoded certificate key for connecting to vault type: string identifier: - description: Identifier is the identifier for this vault + description: Identifier is the identifier for this + vault type: string role: description: Role is the role for this vault type: string skipCertificateValidation: - description: - SkipCertificateValidation validates the + description: SkipCertificateValidation validates the vault server certificate or not type: boolean type: object type: array veleroNamespace: - description: - VeleroNamespace is the namespace that Velero + description: VeleroNamespace is the namespace that Velero is installed in type: string type: object - csiDriverSpec: - description: CSIDriverSpec is the specification for CSIDriver + type: array + snapshotClass: + description: SnapshotClass is the specification for Snapshot Classes + items: + description: SnapshotClass struct properties: - fSGroupPolicy: + name: + description: Name is the name of the Snapshot Class type: string - storageCapacity: - type: boolean + parameters: + additionalProperties: + type: string + description: Parameters is a map of driver specific parameters + for snapshot class + type: object type: object - csiDriverType: - description: - CSIDriverType is the CSI Driver type for Dell Technologies - - e.g, powermax, powerflex,... - type: string - dnsPolicy: - description: - DNSPolicy is the dnsPolicy of the daemonset for Node - plugin - type: string - forceRemoveDriver: - description: - ForceRemoveDriver is the boolean flag used to remove - driver deployment when CR is deleted - type: boolean - forceUpdate: - description: - ForceUpdate is the boolean flag used to force an - update of the driver instance - type: boolean - initContainers: - description: InitContainers is the specification for Driver InitContainers + type: array + tlsCertSecret: + description: TLSCertSecret is the name of the TLS Cert secret + type: string + type: object + modules: + description: Modules is list of Container Storage Module modules you + want to deploy + items: + description: Module defines the desired state of a ContainerStorageModule + properties: + components: + description: Components is the specification for CSM components + containers items: description: ContainerTemplate template properties: @@ -1007,90 +2121,74 @@ spec: type: string type: array authorizationController: - description: - AuthorizationController is the image tag for - the container + description: AuthorizationController is the image tag + for the container type: string authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number + description: AuthorizationControllerReplicas is the number of replicas for the authorization controller deployment type: integer certificate: - description: - Certificate is a certificate used for a certificate/private-key + description: Certificate is a certificate used for a certificate/private-key pair type: string certificateAuthority: - description: - CertificateAuthority is a certificate authority + description: CertificateAuthority is a certificate authority used to validate a certificate type: string commander: description: Commander is the image tag for the Container type: string controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run + description: The interval which the reconcile of each + controller is run type: string credentials: - description: - ComponentCred is to store the velero credential + description: ComponentCred is to store the velero credential contents items: description: Credential struct properties: createWithInstall: - description: - CreateWithInstall is used to indicate + description: CreateWithInstall is used to indicate wether or not to create a secret for objectstore type: boolean name: - description: - Name is the name of secret which contains + description: Name is the name of secret which contains credentials to access objectstore type: string secretContents: - description: - SecretContents contains credentials to - access objectstore + description: SecretContents contains credentials + to access objectstore properties: aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore + description: AccessKeyID is a name of key ID + to access objectstore type: string aws_secret_access_key: - description: - AccessKey contains the key to access + description: AccessKey contains the key to access objectstore type: string type: object type: object type: array deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent + description: DeployNodeAgent is to enable/disable node-agent services type: boolean enabled: - description: - Enabled is used to indicate wether or not to - deploy a module + description: Enabled is used to indicate wether or not + to deploy a module type: boolean envs: - description: - Envs is the set of environment variables for - the container + description: Envs is the set of environment variables + for the container items: - description: - EnvVar represents an environment variable + description: EnvVar represents an environment variable present in a Container. properties: name: - description: - Name of the environment variable. Must + description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: @@ -1106,8 +2204,7 @@ spec: Defaults to "". type: string valueFrom: - description: - Source for the environment variable's + description: Source for the environment variable's value. Cannot be used if value is not empty. properties: configMapKeyRef: @@ -1123,17 +2220,14 @@ spec: This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: - description: - Specify whether the ConfigMap + description: Specify whether the ConfigMap or its key must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic fieldRef: @@ -1142,17 +2236,15 @@ spec: spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: - description: - Version of the schema the FieldPath + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". type: string fieldPath: - description: - Path of the field to select in - the specified API version. + description: Path of the field to select + in the specified API version. type: string required: - - fieldPath + - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: @@ -1161,34 +2253,31 @@ spec: (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: - description: - "Container name: required for - volumes, optional for env vars" + description: 'Container name: required for + volumes, optional for env vars' type: string divisor: anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: "Required: resource to select" + description: 'Required: resource to select' type: string required: - - resource + - resource type: object x-kubernetes-map-type: atomic secretKeyRef: - description: - Selects a key of a secret in the + description: Selects a key of a secret in the pod's namespace properties: key: - description: - The key of the secret to select + description: The key of the secret to select from. Must be a valid secret key. type: string name: @@ -1198,45 +2287,38 @@ spec: This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: - description: - Specify whether the Secret or - its key must be defined + description: Specify whether the Secret + or its key must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic type: object required: - - name + - name type: object type: array hostname: - description: - Hostname is the authorization proxy server + description: Hostname is the authorization proxy server hostname type: string image: description: Image is the image tag for the Container type: string imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image + description: ImagePullPolicy is the image pull policy + for the image type: string leaderElection: - description: - LeaderElection is boolean flag to enable leader - election + description: LeaderElection is boolean flag to enable + leader election type: boolean licenseName: - description: - LicenseName is the name of the license for + description: LicenseName is the name of the license for app-mobility type: string name: @@ -1250,9 +2332,8 @@ spec: Selector which must match a node's labels for the pod to be scheduled on that node. type: object objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility + description: ObjectStoreSecretName is the name of the + secret for the object store for app-mobility type: string opa: description: Opa is the image tag for the Container @@ -1261,30 +2342,26 @@ spec: description: OpaKubeMgmt is the image tag for the Container type: string openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address + description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC type: string privateKey: - description: - PrivateKey is a private key used for a certificate/private-key + description: PrivateKey is a private key used for a certificate/private-key pair type: string proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy + description: ProxyServerIngress is the authorization proxy server ingress configuration items: - description: - ProxyServerIngress is the authorization ingress - configuration struct + description: ProxyServerIngress is the authorization + ingress configuration struct properties: annotations: additionalProperties: type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress + description: Annotations is an unstructured key + value map that stores additional annotations for + the ingress type: object hosts: description: Hosts is the hosts rules for the ingress @@ -1300,8 +2377,7 @@ spec: description: ProxyService is the image tag for the Container type: string proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas + description: ProxyServiceReplicas is the number of replicas for the proxy service deployment type: integer redis: @@ -1314,53 +2390,47 @@ spec: description: RedisName is the name of the redis statefulset type: string redisReplicas: - description: - RedisReplicas is the number of replicas for + description: RedisReplicas is the number of replicas for the redis deployment type: integer replicaCount: - description: ReplicaCount is the replica count for app mobility + description: ReplicaCount is the replica count for app + mobility type: string roleService: description: RoleService is the image tag for the Container type: string roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas + description: RoleServiceReplicas is the number of replicas for the role service deployment type: integer sentinel: description: Sentinel is the name of the sentinel statefulSet type: string skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation + description: skipCertificateValidation is the flag to + skip certificate validation type: boolean storageService: description: StorageService is the image tag for the Container type: string storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas + description: StorageServiceReplicas is the number of replicas for storage service deployment type: integer storageclass: - description: - RedisStorageClass is the authorization proxy + description: RedisStorageClass is the authorization proxy server redis storage class for persistence type: string tenantService: description: TenantService is the image tag for the Container type: string tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas + description: TenantServiceReplicas is the number of replicas for the tenant service deployment type: integer tolerations: - description: - Tolerations is the list of tolerations for + description: Tolerations is the list of tolerations for the driver pods items: description: |- @@ -1400,511 +2470,64 @@ spec: type: object type: array useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot + description: UseSnapshot is to check whether volume snapshot is enabled under velero component type: boolean vaultConfigurations: description: Vaults are the vault configurations items: - description: - Vault is the configuration for a vault instance - struct + description: Vault is the configuration for a vault + instance struct properties: address: description: Address is the address for this vault type: string certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate + description: CertificateAuthority is the base64-encoded + certificate authority for validaitng the vault + certificate type: string clientCertificate: - description: - ClientCertificate is the base64-encoded + description: ClientCertificate is the base64-encoded certificate for connecting to vault type: string clientKey: - description: - ClientKey validates is the base64-encoded + description: ClientKey validates is the base64-encoded certificate key for connecting to vault type: string identifier: - description: - Identifier is the identifier for this + description: Identifier is the identifier for this vault type: string role: description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - type: array - node: - description: Node is the specification for Node plugin only - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate wether - or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables for - the container - items: - description: - EnvVar represents an environment variable present - in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for volumes, - optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the pod's - namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: Hostname is the authorization proxy server hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: LicenseName is the name of the license for app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for the - redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for the - driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: Identifier is the identifier for this vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - replicas: - description: - Replicas is the count of controllers for Controller - plugin - format: int32 - type: integer - sideCars: - description: SideCars is the specification for CSI sidecar containers + type: string + skipCertificateValidation: + description: SkipCertificateValidation validates + the vault server certificate or not + type: boolean + type: object + type: array + veleroNamespace: + description: VeleroNamespace is the namespace that Velero + is installed in + type: string + type: object + type: array + configVersion: + description: ConfigVersion is the configuration version of the + module + type: string + enabled: + description: Enabled is used to indicate whether or not to deploy + a module + type: boolean + forceRemoveModule: + description: ForceRemoveModule is the boolean flag used to remove + authorization proxy server deployment when CR is deleted + type: boolean + initContainer: + description: InitContainer is the specification for Module InitContainer items: description: ContainerTemplate template properties: @@ -1914,90 +2537,74 @@ spec: type: string type: array authorizationController: - description: - AuthorizationController is the image tag for - the container + description: AuthorizationController is the image tag + for the container type: string authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number + description: AuthorizationControllerReplicas is the number of replicas for the authorization controller deployment type: integer certificate: - description: - Certificate is a certificate used for a certificate/private-key + description: Certificate is a certificate used for a certificate/private-key pair type: string certificateAuthority: - description: - CertificateAuthority is a certificate authority + description: CertificateAuthority is a certificate authority used to validate a certificate type: string commander: description: Commander is the image tag for the Container type: string controllerReconcileInterval: - description: - The interval which the reconcile of each controller - is run + description: The interval which the reconcile of each + controller is run type: string credentials: - description: - ComponentCred is to store the velero credential + description: ComponentCred is to store the velero credential contents items: description: Credential struct properties: createWithInstall: - description: - CreateWithInstall is used to indicate + description: CreateWithInstall is used to indicate wether or not to create a secret for objectstore type: boolean name: - description: - Name is the name of secret which contains + description: Name is the name of secret which contains credentials to access objectstore type: string secretContents: - description: - SecretContents contains credentials to - access objectstore + description: SecretContents contains credentials + to access objectstore properties: aws_access_key_id: - description: - AccessKeyID is a name of key ID to - access objectstore + description: AccessKeyID is a name of key ID + to access objectstore type: string aws_secret_access_key: - description: - AccessKey contains the key to access + description: AccessKey contains the key to access objectstore type: string type: object type: object type: array deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent + description: DeployNodeAgent is to enable/disable node-agent services type: boolean enabled: - description: - Enabled is used to indicate wether or not to - deploy a module + description: Enabled is used to indicate wether or not + to deploy a module type: boolean envs: - description: - Envs is the set of environment variables for - the container + description: Envs is the set of environment variables + for the container items: - description: - EnvVar represents an environment variable + description: EnvVar represents an environment variable present in a Container. properties: name: - description: - Name of the environment variable. Must + description: Name of the environment variable. Must be a C_IDENTIFIER. type: string value: @@ -2013,8 +2620,7 @@ spec: Defaults to "". type: string valueFrom: - description: - Source for the environment variable's + description: Source for the environment variable's value. Cannot be used if value is not empty. properties: configMapKeyRef: @@ -2030,17 +2636,14 @@ spec: This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: - description: - Specify whether the ConfigMap + description: Specify whether the ConfigMap or its key must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic fieldRef: @@ -2049,17 +2652,15 @@ spec: spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: - description: - Version of the schema the FieldPath + description: Version of the schema the FieldPath is written in terms of, defaults to "v1". type: string fieldPath: - description: - Path of the field to select in - the specified API version. + description: Path of the field to select + in the specified API version. type: string required: - - fieldPath + - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: @@ -2068,34 +2669,31 @@ spec: (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: - description: - "Container name: required for - volumes, optional for env vars" + description: 'Container name: required for + volumes, optional for env vars' type: string divisor: anyOf: - - type: integer - - type: string - description: - Specifies the output format of - the exposed resources, defaults to "1" + - type: integer + - type: string + description: Specifies the output format + of the exposed resources, defaults to + "1" pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: - description: "Required: resource to select" + description: 'Required: resource to select' type: string required: - - resource + - resource type: object x-kubernetes-map-type: atomic secretKeyRef: - description: - Selects a key of a secret in the + description: Selects a key of a secret in the pod's namespace properties: key: - description: - The key of the secret to select + description: The key of the secret to select from. Must be a valid secret key. type: string name: @@ -2105,45 +2703,38 @@ spec: This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. type: string optional: - description: - Specify whether the Secret or - its key must be defined + description: Specify whether the Secret + or its key must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic type: object required: - - name + - name type: object type: array hostname: - description: - Hostname is the authorization proxy server + description: Hostname is the authorization proxy server hostname type: string image: description: Image is the image tag for the Container type: string imagePullPolicy: - description: - ImagePullPolicy is the image pull policy for - the image + description: ImagePullPolicy is the image pull policy + for the image type: string leaderElection: - description: - LeaderElection is boolean flag to enable leader - election + description: LeaderElection is boolean flag to enable + leader election type: boolean licenseName: - description: - LicenseName is the name of the license for + description: LicenseName is the name of the license for app-mobility type: string name: @@ -2157,9 +2748,8 @@ spec: Selector which must match a node's labels for the pod to be scheduled on that node. type: object objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the secret - for the object store for app-mobility + description: ObjectStoreSecretName is the name of the + secret for the object store for app-mobility type: string opa: description: Opa is the image tag for the Container @@ -2168,30 +2758,26 @@ spec: description: OpaKubeMgmt is the image tag for the Container type: string openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address + description: OpenTelemetryCollectorAddress is the address of the OTLP receiving endpoint using gRPC type: string privateKey: - description: - PrivateKey is a private key used for a certificate/private-key + description: PrivateKey is a private key used for a certificate/private-key pair type: string proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy + description: ProxyServerIngress is the authorization proxy server ingress configuration items: - description: - ProxyServerIngress is the authorization ingress - configuration struct + description: ProxyServerIngress is the authorization + ingress configuration struct properties: annotations: additionalProperties: type: string - description: - Annotations is an unstructured key value - map that stores additional annotations for the ingress + description: Annotations is an unstructured key + value map that stores additional annotations for + the ingress type: object hosts: description: Hosts is the hosts rules for the ingress @@ -2207,8 +2793,7 @@ spec: description: ProxyService is the image tag for the Container type: string proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas + description: ProxyServiceReplicas is the number of replicas for the proxy service deployment type: integer redis: @@ -2221,53 +2806,47 @@ spec: description: RedisName is the name of the redis statefulset type: string redisReplicas: - description: - RedisReplicas is the number of replicas for + description: RedisReplicas is the number of replicas for the redis deployment type: integer replicaCount: - description: ReplicaCount is the replica count for app mobility + description: ReplicaCount is the replica count for app + mobility type: string roleService: description: RoleService is the image tag for the Container type: string roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas + description: RoleServiceReplicas is the number of replicas for the role service deployment type: integer sentinel: description: Sentinel is the name of the sentinel statefulSet type: string skipCertificateValidation: - description: - skipCertificateValidation is the flag to skip - certificate validation + description: skipCertificateValidation is the flag to + skip certificate validation type: boolean storageService: description: StorageService is the image tag for the Container type: string storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas + description: StorageServiceReplicas is the number of replicas for storage service deployment type: integer storageclass: - description: - RedisStorageClass is the authorization proxy + description: RedisStorageClass is the authorization proxy server redis storage class for persistence type: string tenantService: description: TenantService is the image tag for the Container type: string tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas + description: TenantServiceReplicas is the number of replicas for the tenant service deployment type: integer tolerations: - description: - Tolerations is the list of tolerations for + description: Tolerations is the list of tolerations for the driver pods items: description: |- @@ -2307,1059 +2886,86 @@ spec: type: object type: array useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot + description: UseSnapshot is to check whether volume snapshot is enabled under velero component type: boolean vaultConfigurations: description: Vaults are the vault configurations items: - description: - Vault is the configuration for a vault instance - struct + description: Vault is the configuration for a vault + instance struct properties: address: description: Address is the address for this vault type: string certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate + description: CertificateAuthority is the base64-encoded + certificate authority for validaitng the vault + certificate type: string clientCertificate: - description: - ClientCertificate is the base64-encoded + description: ClientCertificate is the base64-encoded certificate for connecting to vault type: string clientKey: - description: - ClientKey validates is the base64-encoded + description: ClientKey validates is the base64-encoded certificate key for connecting to vault type: string identifier: - description: - Identifier is the identifier for this + description: Identifier is the identifier for this vault type: string role: description: Role is the role for this vault type: string skipCertificateValidation: - description: - SkipCertificateValidation validates the - vault server certificate or not + description: SkipCertificateValidation validates + the vault server certificate or not type: boolean type: object type: array veleroNamespace: - description: - VeleroNamespace is the namespace that Velero + description: VeleroNamespace is the namespace that Velero is installed in type: string type: object type: array - snapshotClass: - description: SnapshotClass is the specification for Snapshot Classes - items: - description: SnapshotClass struct - properties: - name: - description: Name is the name of the Snapshot Class - type: string - parameters: - additionalProperties: - type: string - description: - Parameters is a map of driver specific parameters - for snapshot class - type: object - type: object - type: array - tlsCertSecret: - description: TLSCertSecret is the name of the TLS Cert secret - type: string - type: object - modules: - description: - Modules is list of Container Storage Module modules you - want to deploy - items: - description: Module defines the desired state of a ContainerStorageModule - properties: - components: - description: - Components is the specification for CSM components - containers - items: - description: ContainerTemplate template - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag - for the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each - controller is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate - wether or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials - to access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID - to access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not - to deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables - for the container - items: - description: - EnvVar represents an environment variable - present in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for - volumes, optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format - of the exposed resources, defaults to - "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the - pod's namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: - Hostname is the authorization proxy server - hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy - for the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable - leader election - type: boolean - licenseName: - description: - LicenseName is the name of the license for - app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the - secret for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization - ingress configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key - value map that stores additional annotations for - the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for - the redis deployment - type: integer - replicaCount: - description: - ReplicaCount is the replica count for app - mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to - skip certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for - the driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault - instance struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault - certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: - Identifier is the identifier for this - vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates - the vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - type: array - configVersion: - description: - ConfigVersion is the configuration version of the - module - type: string - enabled: - description: - Enabled is used to indicate whether or not to deploy - a module - type: boolean - forceRemoveModule: - description: - ForceRemoveModule is the boolean flag used to remove - authorization proxy server deployment when CR is deleted - type: boolean - initContainer: - description: InitContainer is the specification for Module InitContainer - items: - description: ContainerTemplate template - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: - AuthorizationController is the image tag - for the container - type: string - authorizationControllerReplicas: - description: - AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: - Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: - CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: - The interval which the reconcile of each - controller is run - type: string - credentials: - description: - ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: - CreateWithInstall is used to indicate - wether or not to create a secret for objectstore - type: boolean - name: - description: - Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: - SecretContents contains credentials - to access objectstore - properties: - aws_access_key_id: - description: - AccessKeyID is a name of key ID - to access objectstore - type: string - aws_secret_access_key: - description: - AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: - DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: - Enabled is used to indicate wether or not - to deploy a module - type: boolean - envs: - description: - Envs is the set of environment variables - for the container - items: - description: - EnvVar represents an environment variable - present in a Container. - properties: - name: - description: - Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: - Source for the environment variable's - value. Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the ConfigMap - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: - Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: - Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: - "Container name: required for - volumes, optional for env vars" - type: string - divisor: - anyOf: - - type: integer - - type: string - description: - Specifies the output format - of the exposed resources, defaults to - "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: - Selects a key of a secret in the - pod's namespace - properties: - key: - description: - The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - TODO: Add other useful fields. apiVersion, kind, uid? - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - type: string - optional: - description: - Specify whether the Secret - or its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: - Hostname is the authorization proxy server - hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: - ImagePullPolicy is the image pull policy - for the image - type: string - leaderElection: - description: - LeaderElection is boolean flag to enable - leader election - type: boolean - licenseName: - description: - LicenseName is the name of the license for - app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: - ObjectStoreSecretName is the name of the - secret for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: - OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: - PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: - ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: - ProxyServerIngress is the authorization - ingress configuration struct - properties: - annotations: - additionalProperties: - type: string - description: - Annotations is an unstructured key - value map that stores additional annotations for - the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: - ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: - RedisReplicas is the number of replicas for - the redis deployment - type: integer - replicaCount: - description: - ReplicaCount is the replica count for app - mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: - RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: - skipCertificateValidation is the flag to - skip certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: - StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: - RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: - TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: - Tolerations is the list of tolerations for - the driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: - UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: - Vault is the configuration for a vault - instance struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: - CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault - certificate - type: string - clientCertificate: - description: - ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: - ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: - Identifier is the identifier for this - vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: - SkipCertificateValidation validates - the vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: - VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - type: array - name: - description: Name is name of ContainerStorageModule modules - type: string - type: object - type: array - type: object - status: - description: - ContainerStorageModuleStatus defines the observed state of - ContainerStorageModule - properties: - controllerStatus: - description: ControllerStatus is the status of Controller pods - properties: - available: - type: string - desired: - type: string - failed: - type: string - type: object - nodeStatus: - description: NodeStatus is the status of Controller pods - properties: - available: - type: string - desired: - type: string - failed: + name: + description: Name is name of ContainerStorageModule modules type: string type: object - state: - description: State is the state of the driver installation - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + type: array + type: object + status: + description: ContainerStorageModuleStatus defines the observed state of + ContainerStorageModule + properties: + controllerStatus: + description: ControllerStatus is the status of Controller pods + properties: + available: + type: string + desired: + type: string + failed: + type: string + type: object + nodeStatus: + description: NodeStatus is the status of Controller pods + properties: + available: + type: string + desired: + type: string + failed: + type: string + type: object + state: + description: State is the state of the driver installation + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/pkg/drivers/commonconfig.go b/pkg/drivers/commonconfig.go index f1c58c88f..78aa57af1 100644 --- a/pkg/drivers/commonconfig.go +++ b/pkg/drivers/commonconfig.go @@ -302,10 +302,13 @@ func GetNode(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfi nodeYaml.DaemonSetApplyConfig.Spec.Template.Spec.Containers = newcontainers - updatedCr, err := SetSDCinitContainers(ctx, cr, ct) - if err != nil { - log.Errorw("Failed to set SDC init container", "Error", err.Error()) - return nil, err + var updatedCr csmv1.ContainerStorageModule + if cr.Spec.Driver.CSIDriverType == "powerflex" { + updatedCr, err = SetSDCinitContainers(ctx, cr, ct) + if err != nil { + log.Errorw("Failed to set SDC init container", "Error", err.Error()) + return nil, err + } } initcontainers := make([]acorev1.ContainerApplyConfiguration, 0) diff --git a/pkg/drivers/powerflex.go b/pkg/drivers/powerflex.go index d5b464e14..1e150e167 100644 --- a/pkg/drivers/powerflex.go +++ b/pkg/drivers/powerflex.go @@ -97,20 +97,27 @@ func SetSDCinitContainers(ctx context.Context, cr csmv1.ContainerStorageModule, var newInitContainers []csmv1.ContainerTemplate for _, initcontainer := range cr.Spec.Driver.InitContainers { if initcontainer.Name == "sdc" && sdcEnabled { - // Update MDM env variable for "sdc" container + // Ensure MDM env variable is set + mdmUpdated := false for i, env := range initcontainer.Envs { if env.Name == "MDM" { initcontainer.Envs[i].Value = mdmVar + mdmUpdated = true break } } + // If MDM not found, update it from secret + if !mdmUpdated { + initcontainer.Envs = append(initcontainer.Envs, corev1.EnvVar{ + Name: "MDM", + Value: mdmVar, + }) + } } - if initcontainer.Name != "sdc" || sdcEnabled { - newInitContainers = append(newInitContainers, initcontainer) - } + newInitContainers = append(newInitContainers, initcontainer) } - // If no init containers left and SDC is enabled, add a new one + // If there is no init containers and SDC is enabled, add a sdc init container if len(newInitContainers) == 0 && sdcEnabled { newInitContainers = append(newInitContainers, csmv1.ContainerTemplate{ Name: "sdc", @@ -122,17 +129,26 @@ func SetSDCinitContainers(ctx context.Context, cr csmv1.ContainerStorageModule, // Update sidecar containers for i := range cr.Spec.Driver.SideCars { if cr.Spec.Driver.SideCars[i].Name == "sdc-monitor" { - // Update MDM env variable for "sdc-monitor" sidecar container + // Ensure MDM env variable is set + mdmUpdated := false for j, env := range cr.Spec.Driver.SideCars[i].Envs { if env.Name == "MDM" { cr.Spec.Driver.SideCars[i].Envs[j].Value = mdmVar + mdmUpdated = true break } } + // If MDM not found, update it from secret + if !mdmUpdated { + cr.Spec.Driver.SideCars[i].Envs = append(cr.Spec.Driver.SideCars[i].Envs, corev1.EnvVar{ + Name: "MDM", + Value: mdmVar, + }) + } } } - // If no sidecars, add a new "sdc-monitor" sidecar with MDM + // If no sidecars are present, add a new "sdc-monitor" sidecar with MDM if len(cr.Spec.Driver.SideCars) == 0 { cr.Spec.Driver.SideCars = []csmv1.ContainerTemplate{ { From d7827cb6d34044b9f3b3428e018f100b2f296260 Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Wed, 4 Dec 2024 05:04:18 -0500 Subject: [PATCH 32/46] fixed liniting errors for crd --- ...rage.dell.com_containerstoragemodules.yaml | 4803 ++++++++++------- 1 file changed, 2862 insertions(+), 1941 deletions(-) diff --git a/config/crd/bases/storage.dell.com_containerstoragemodules.yaml b/config/crd/bases/storage.dell.com_containerstoragemodules.yaml index c3f95aab3..2cbbd7150 100644 --- a/config/crd/bases/storage.dell.com_containerstoragemodules.yaml +++ b/config/crd/bases/storage.dell.com_containerstoragemodules.yaml @@ -12,881 +12,80 @@ spec: listKind: ContainerStorageModuleList plural: containerstoragemodules shortNames: - - csm + - csm singular: containerstoragemodule scope: Namespaced versions: - - additionalPrinterColumns: - - jsonPath: .metadata.creationTimestamp - name: CreationTime - type: date - - description: Type of CSIDriver - jsonPath: .spec.driver.csiDriverType - name: CSIDriverType - type: string - - description: Version of CSIDriver - jsonPath: .spec.driver.configVersion - name: ConfigVersion - type: string - - description: State of Installation - jsonPath: .status.state - name: State - type: string - name: v1 - schema: - openAPIV3Schema: - description: ContainerStorageModule is the Schema for the containerstoragemodules - API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: ContainerStorageModuleSpec defines the desired state of ContainerStorageModule - properties: - driver: - description: Driver is a CSI Drivers for Dell Technologies - properties: - authSecret: - description: AuthSecret is the name of the credentials secret - for the driver - type: string - common: - description: Common is the common specification for both controller - and node plugins - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: The interval which the reconcile of each controller - is run - type: string - credentials: - description: ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: CreateWithInstall is used to indicate wether - or not to create a secret for objectstore - type: boolean - name: - description: Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: Envs is the set of environment variables for - the container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: Hostname is the authorization proxy server hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: LicenseName is the name of the license for app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: RedisReplicas is the number of replicas for the - redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: Tolerations is the list of tolerations for the - driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: Identifier is the identifier for this vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - configVersion: - description: ConfigVersion is the configuration version of the - driver - type: string - controller: - description: Controller is the specification for Controller plugin - only - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: The interval which the reconcile of each controller - is run - type: string - credentials: - description: ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: CreateWithInstall is used to indicate wether - or not to create a secret for objectstore - type: boolean - name: - description: Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: Envs is the set of environment variables for - the container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: Hostname is the authorization proxy server hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: LicenseName is the name of the license for app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: RedisReplicas is the number of replicas for the - redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: Tolerations is the list of tolerations for the - driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: Identifier is the identifier for this vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - csiDriverSpec: - description: CSIDriverSpec is the specification for CSIDriver - properties: - fSGroupPolicy: - type: string - storageCapacity: - type: boolean - type: object - csiDriverType: - description: CSIDriverType is the CSI Driver type for Dell Technologies - - e.g, powermax, powerflex,... - type: string - dnsPolicy: - description: DNSPolicy is the dnsPolicy of the daemonset for Node - plugin - type: string - forceRemoveDriver: - description: ForceRemoveDriver is the boolean flag used to remove - driver deployment when CR is deleted - type: boolean - forceUpdate: - description: ForceUpdate is the boolean flag used to force an - update of the driver instance - type: boolean - initContainers: - description: InitContainers is the specification for Driver InitContainers - items: - description: ContainerTemplate template + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: CreationTime + type: date + - description: Type of CSIDriver + jsonPath: .spec.driver.csiDriverType + name: CSIDriverType + type: string + - description: Version of CSIDriver + jsonPath: .spec.driver.configVersion + name: ConfigVersion + type: string + - description: State of Installation + jsonPath: .status.state + name: State + type: string + name: v1 + schema: + openAPIV3Schema: + description: >- + ContainerStorageModule is the Schema for the containerstoragemodules + API + properties: + apiVersion: + description: >- + APIVersion defines the versioned schema of this representation + of an object. + + Servers should convert recognized schemas to the latest internal + value, and + + may reject unrecognized values. + + More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: >- + Kind is a string value representing the REST resource this + object represents. + + Servers may infer this from the endpoint the client submits + requests to. + + Cannot be updated. + + In CamelCase. + + More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: >- + ContainerStorageModuleSpec defines the desired state of + ContainerStorageModule + properties: + driver: + description: Driver is a CSI Drivers for Dell Technologies + properties: + authSecret: + description: >- + AuthSecret is the name of the credentials secret for the + driver + type: string + common: + description: >- + Common is the common specification for both controller + and node plugins properties: args: description: Args is the set of arguments for the container @@ -894,91 +93,122 @@ spec: type: string type: array authorizationController: - description: AuthorizationController is the image tag for - the container + description: >- + AuthorizationController is the image tag for the + container type: string authorizationControllerReplicas: - description: AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment + description: >- + AuthorizationControllerReplicas is the number of + replicas for the authorization controller deployment type: integer certificate: - description: Certificate is a certificate used for a certificate/private-key - pair + description: >- + Certificate is a certificate used for a + certificate/private-key pair type: string certificateAuthority: - description: CertificateAuthority is a certificate authority - used to validate a certificate + description: >- + CertificateAuthority is a certificate authority used + to validate a certificate type: string commander: description: Commander is the image tag for the Container type: string controllerReconcileInterval: - description: The interval which the reconcile of each controller + description: >- + The interval which the reconcile of each controller is run type: string credentials: - description: ComponentCred is to store the velero credential + description: >- + ComponentCred is to store the velero credential contents items: description: Credential struct properties: createWithInstall: - description: CreateWithInstall is used to indicate - wether or not to create a secret for objectstore + description: >- + CreateWithInstall is used to indicate wether + or not to create a secret for objectstore type: boolean name: - description: Name is the name of secret which contains + description: >- + Name is the name of secret which contains credentials to access objectstore type: string secretContents: - description: SecretContents contains credentials to - access objectstore + description: >- + SecretContents contains credentials to access + objectstore properties: aws_access_key_id: - description: AccessKeyID is a name of key ID to - access objectstore + description: >- + AccessKeyID is a name of key ID to access + objectstore type: string aws_secret_access_key: - description: AccessKey contains the key to access + description: >- + AccessKey contains the key to access objectstore type: string type: object type: object type: array deployNodeAgent: - description: DeployNodeAgent is to enable/disable node-agent + description: >- + DeployNodeAgent is to enable/disable node-agent services type: boolean enabled: - description: Enabled is used to indicate wether or not to - deploy a module + description: >- + Enabled is used to indicate wether or not to deploy + a module type: boolean envs: - description: Envs is the set of environment variables for - the container + description: >- + Envs is the set of environment variables for the + container items: - description: EnvVar represents an environment variable - present in a Container. + description: >- + EnvVar represents an environment variable present + in a Container. properties: name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. + description: >- + Name of the environment variable. Must be a + C_IDENTIFIER. type: string value: - description: |- + description: >- Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable + + using the previously defined environment + variables in the container and + + any service environment variables. If a + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. + + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. + description: >- + Source for the environment variable's value. + Cannot be used if value is not empty. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -987,110 +217,147 @@ spec: description: The key to select. type: string name: - default: "" - description: |- + default: '' + description: >- Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: - description: Specify whether the ConfigMap - or its key must be defined + description: >- + Specify whether the ConfigMap or its key + must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + description: >- + Selects a field of the pod: supports + metadata.name, metadata.namespace, + `metadata.labels['']`, + `metadata.annotations['']`, + + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, + status.podIPs. properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". + description: >- + Version of the schema the FieldPath is + written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select in - the specified API version. + description: >- + Path of the field to select in the + specified API version. type: string required: - - fieldPath + - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + description: >- + Selects a resource of the container: only + resources limits and requests + + (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and + requests.ephemeral-storage) are currently + supported. properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' + description: >- + Container name: required for volumes, + optional for env vars type: string divisor: anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - type: integer + - type: string + description: >- + Specifies the output format of the + exposed resources, defaults to "1" + pattern: >- + ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: description: 'Required: resource to select' type: string required: - - resource + - resource type: object x-kubernetes-map-type: atomic secretKeyRef: - description: Selects a key of a secret in the - pod's namespace + description: >- + Selects a key of a secret in the pod's + namespace properties: key: - description: The key of the secret to select - from. Must be a valid secret key. + description: >- + The key of the secret to select from. + Must be a valid secret key. type: string name: - default: "" - description: |- + default: '' + description: >- Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: - description: Specify whether the Secret or - its key must be defined + description: >- + Specify whether the Secret or its key + must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic type: object required: - - name + - name type: object type: array hostname: - description: Hostname is the authorization proxy server - hostname + description: Hostname is the authorization proxy server hostname type: string image: description: Image is the image tag for the Container type: string imagePullPolicy: - description: ImagePullPolicy is the image pull policy for - the image + description: >- + ImagePullPolicy is the image pull policy for the + image type: string leaderElection: - description: LeaderElection is boolean flag to enable leader + description: >- + LeaderElection is boolean flag to enable leader election type: boolean licenseName: - description: LicenseName is the name of the license for + description: >- + LicenseName is the name of the license for app-mobility type: string name: @@ -1099,13 +366,17 @@ spec: nodeSelector: additionalProperties: type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. + description: >- + NodeSelector is a selector which must be true for + the pod to fit on a node. + + Selector which must match a node's labels for the + pod to be scheduled on that node. type: object objectStoreSecretName: - description: ObjectStoreSecretName is the name of the secret - for the object store for app-mobility + description: >- + ObjectStoreSecretName is the name of the secret for + the object store for app-mobility type: string opa: description: Opa is the image tag for the Container @@ -1114,25 +385,31 @@ spec: description: OpaKubeMgmt is the image tag for the Container type: string openTelemetryCollectorAddress: - description: OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC + description: >- + OpenTelemetryCollectorAddress is the address of the + OTLP receiving endpoint using gRPC type: string privateKey: - description: PrivateKey is a private key used for a certificate/private-key - pair + description: >- + PrivateKey is a private key used for a + certificate/private-key pair type: string proxyServerIngress: - description: ProxyServerIngress is the authorization proxy - server ingress configuration + description: >- + ProxyServerIngress is the authorization proxy server + ingress configuration items: - description: ProxyServerIngress is the authorization ingress + description: >- + ProxyServerIngress is the authorization ingress configuration struct properties: annotations: additionalProperties: type: string - description: Annotations is an unstructured key value - map that stores additional annotations for the ingress + description: >- + Annotations is an unstructured key value map + that stores additional annotations for the + ingress type: object hosts: description: Hosts is the hosts rules for the ingress @@ -1148,8 +425,9 @@ spec: description: ProxyService is the image tag for the Container type: string proxyServiceReplicas: - description: ProxyServiceReplicas is the number of replicas - for the proxy service deployment + description: >- + ProxyServiceReplicas is the number of replicas for + the proxy service deployment type: integer redis: description: Redis is the image tag for the Container @@ -1161,8 +439,9 @@ spec: description: RedisName is the name of the redis statefulset type: string redisReplicas: - description: RedisReplicas is the number of replicas for - the redis deployment + description: >- + RedisReplicas is the number of replicas for the + redis deployment type: integer replicaCount: description: ReplicaCount is the replica count for app mobility @@ -1171,522 +450,163 @@ spec: description: RoleService is the image tag for the Container type: string roleServiceReplicas: - description: RoleServiceReplicas is the number of replicas - for the role service deployment + description: >- + RoleServiceReplicas is the number of replicas for + the role service deployment type: integer sentinel: description: Sentinel is the name of the sentinel statefulSet type: string skipCertificateValidation: - description: skipCertificateValidation is the flag to skip + description: >- + skipCertificateValidation is the flag to skip certificate validation type: boolean storageService: description: StorageService is the image tag for the Container type: string storageServiceReplicas: - description: StorageServiceReplicas is the number of replicas - for storage service deployment + description: >- + StorageServiceReplicas is the number of replicas for + storage service deployment type: integer storageclass: - description: RedisStorageClass is the authorization proxy - server redis storage class for persistence + description: >- + RedisStorageClass is the authorization proxy server + redis storage class for persistence type: string tenantService: description: TenantService is the image tag for the Container type: string tenantServiceReplicas: - description: TenantServiceReplicas is the number of replicas - for the tenant service deployment + description: >- + TenantServiceReplicas is the number of replicas for + the tenant service deployment type: integer tolerations: - description: Tolerations is the list of tolerations for - the driver pods + description: >- + Tolerations is the list of tolerations for the + driver pods items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . + description: >- + The pod this Toleration is attached to tolerates + any taint that matches + + the triple using the matching + operator . properties: effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + description: >- + Effect indicates the taint effect to match. + Empty means match all taint effects. + + When specified, allowed values are NoSchedule, + PreferNoSchedule and NoExecute. type: string key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. + description: >- + Key is the taint key that the toleration + applies to. Empty means match all taint keys. + + If the key is empty, operator must be Exists; + this combination means to match all values and + all keys. type: string operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can + description: >- + Operator represents a key's relationship to + the value. + + Valid operators are Exists and Equal. Defaults + to Equal. + + Exists is equivalent to wildcard for value, so + that a pod can + tolerate all taints of a particular category. type: string tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. + description: >- + TolerationSeconds represents the period of + time the toleration (which must be + + of effect NoExecute, otherwise this field is + ignored) tolerates the taint. By default, + + it is not set, which means tolerate the taint + forever (do not evict). Zero and + + negative values will be treated as 0 (evict + immediately) by the system. format: int64 type: integer value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. + description: >- + Value is the taint value the toleration + matches to. + + If the operator is Exists, the value should be + empty, otherwise just a regular string. type: string type: object type: array useVolumeSnapshot: - description: UseSnapshot is to check whether volume snapshot - is enabled under velero component + description: >- + UseSnapshot is to check whether volume snapshot is + enabled under velero component type: boolean vaultConfigurations: description: Vaults are the vault configurations items: - description: Vault is the configuration for a vault instance + description: >- + Vault is the configuration for a vault instance struct properties: address: description: Address is the address for this vault type: string certificateAuthority: - description: CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate + description: >- + CertificateAuthority is the base64-encoded + certificate authority for validaitng the vault + certificate type: string clientCertificate: - description: ClientCertificate is the base64-encoded + description: >- + ClientCertificate is the base64-encoded certificate for connecting to vault type: string clientKey: - description: ClientKey validates is the base64-encoded + description: >- + ClientKey validates is the base64-encoded certificate key for connecting to vault type: string identifier: - description: Identifier is the identifier for this - vault + description: Identifier is the identifier for this vault type: string role: description: Role is the role for this vault type: string skipCertificateValidation: - description: SkipCertificateValidation validates the - vault server certificate or not + description: >- + SkipCertificateValidation validates the vault + server certificate or not type: boolean type: object type: array veleroNamespace: - description: VeleroNamespace is the namespace that Velero - is installed in + description: >- + VeleroNamespace is the namespace that Velero is + installed in type: string type: object - type: array - node: - description: Node is the specification for Node plugin only - properties: - args: - description: Args is the set of arguments for the container - items: - type: string - type: array - authorizationController: - description: AuthorizationController is the image tag for - the container - type: string - authorizationControllerReplicas: - description: AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment - type: integer - certificate: - description: Certificate is a certificate used for a certificate/private-key - pair - type: string - certificateAuthority: - description: CertificateAuthority is a certificate authority - used to validate a certificate - type: string - commander: - description: Commander is the image tag for the Container - type: string - controllerReconcileInterval: - description: The interval which the reconcile of each controller - is run - type: string - credentials: - description: ComponentCred is to store the velero credential - contents - items: - description: Credential struct - properties: - createWithInstall: - description: CreateWithInstall is used to indicate wether - or not to create a secret for objectstore - type: boolean - name: - description: Name is the name of secret which contains - credentials to access objectstore - type: string - secretContents: - description: SecretContents contains credentials to - access objectstore - properties: - aws_access_key_id: - description: AccessKeyID is a name of key ID to - access objectstore - type: string - aws_secret_access_key: - description: AccessKey contains the key to access - objectstore - type: string - type: object - type: object - type: array - deployNodeAgent: - description: DeployNodeAgent is to enable/disable node-agent - services - type: boolean - enabled: - description: Enabled is used to indicate wether or not to - deploy a module - type: boolean - envs: - description: Envs is the set of environment variables for - the container - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. - type: string - value: - description: |- - Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable - exists or not. - Defaults to "". - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in - the specified API version. - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select - from. Must be a valid secret key. - type: string - name: - default: "" - description: |- - Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are - almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - hostname: - description: Hostname is the authorization proxy server hostname - type: string - image: - description: Image is the image tag for the Container - type: string - imagePullPolicy: - description: ImagePullPolicy is the image pull policy for - the image - type: string - leaderElection: - description: LeaderElection is boolean flag to enable leader - election - type: boolean - licenseName: - description: LicenseName is the name of the license for app-mobility - type: string - name: - description: Name is the name of Container - type: string - nodeSelector: - additionalProperties: - type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. - type: object - objectStoreSecretName: - description: ObjectStoreSecretName is the name of the secret - for the object store for app-mobility - type: string - opa: - description: Opa is the image tag for the Container - type: string - opaKubeMgmt: - description: OpaKubeMgmt is the image tag for the Container - type: string - openTelemetryCollectorAddress: - description: OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC - type: string - privateKey: - description: PrivateKey is a private key used for a certificate/private-key - pair - type: string - proxyServerIngress: - description: ProxyServerIngress is the authorization proxy - server ingress configuration - items: - description: ProxyServerIngress is the authorization ingress - configuration struct - properties: - annotations: - additionalProperties: - type: string - description: Annotations is an unstructured key value - map that stores additional annotations for the ingress - type: object - hosts: - description: Hosts is the hosts rules for the ingress - items: - type: string - type: array - ingressClassName: - description: IngressClassName is the ingressClassName - type: string - type: object - type: array - proxyService: - description: ProxyService is the image tag for the Container - type: string - proxyServiceReplicas: - description: ProxyServiceReplicas is the number of replicas - for the proxy service deployment - type: integer - redis: - description: Redis is the image tag for the Container - type: string - redisCommander: - description: RedisCommander is the name of the redis deployment - type: string - redisName: - description: RedisName is the name of the redis statefulset - type: string - redisReplicas: - description: RedisReplicas is the number of replicas for the - redis deployment - type: integer - replicaCount: - description: ReplicaCount is the replica count for app mobility - type: string - roleService: - description: RoleService is the image tag for the Container - type: string - roleServiceReplicas: - description: RoleServiceReplicas is the number of replicas - for the role service deployment - type: integer - sentinel: - description: Sentinel is the name of the sentinel statefulSet - type: string - skipCertificateValidation: - description: skipCertificateValidation is the flag to skip - certificate validation - type: boolean - storageService: - description: StorageService is the image tag for the Container - type: string - storageServiceReplicas: - description: StorageServiceReplicas is the number of replicas - for storage service deployment - type: integer - storageclass: - description: RedisStorageClass is the authorization proxy - server redis storage class for persistence - type: string - tenantService: - description: TenantService is the image tag for the Container - type: string - tenantServiceReplicas: - description: TenantServiceReplicas is the number of replicas - for the tenant service deployment - type: integer - tolerations: - description: Tolerations is the list of tolerations for the - driver pods - items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . - properties: - effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - type: object - type: array - useVolumeSnapshot: - description: UseSnapshot is to check whether volume snapshot - is enabled under velero component - type: boolean - vaultConfigurations: - description: Vaults are the vault configurations - items: - description: Vault is the configuration for a vault instance - struct - properties: - address: - description: Address is the address for this vault - type: string - certificateAuthority: - description: CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate - type: string - clientCertificate: - description: ClientCertificate is the base64-encoded - certificate for connecting to vault - type: string - clientKey: - description: ClientKey validates is the base64-encoded - certificate key for connecting to vault - type: string - identifier: - description: Identifier is the identifier for this vault - type: string - role: - description: Role is the role for this vault - type: string - skipCertificateValidation: - description: SkipCertificateValidation validates the - vault server certificate or not - type: boolean - type: object - type: array - veleroNamespace: - description: VeleroNamespace is the namespace that Velero - is installed in - type: string - type: object - replicas: - default: 2 - description: Replicas is the count of controllers for Controller - plugin - format: int32 - type: integer - sideCars: - description: SideCars is the specification for CSI sidecar containers - items: - description: ContainerTemplate template + configVersion: + description: ConfigVersion is the configuration version of the driver + type: string + controller: + description: >- + Controller is the specification for Controller plugin + only properties: args: description: Args is the set of arguments for the container @@ -1694,91 +614,122 @@ spec: type: string type: array authorizationController: - description: AuthorizationController is the image tag for - the container + description: >- + AuthorizationController is the image tag for the + container type: string authorizationControllerReplicas: - description: AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment + description: >- + AuthorizationControllerReplicas is the number of + replicas for the authorization controller deployment type: integer certificate: - description: Certificate is a certificate used for a certificate/private-key - pair + description: >- + Certificate is a certificate used for a + certificate/private-key pair type: string certificateAuthority: - description: CertificateAuthority is a certificate authority - used to validate a certificate + description: >- + CertificateAuthority is a certificate authority used + to validate a certificate type: string commander: description: Commander is the image tag for the Container type: string controllerReconcileInterval: - description: The interval which the reconcile of each controller + description: >- + The interval which the reconcile of each controller is run type: string credentials: - description: ComponentCred is to store the velero credential + description: >- + ComponentCred is to store the velero credential contents items: description: Credential struct properties: createWithInstall: - description: CreateWithInstall is used to indicate - wether or not to create a secret for objectstore + description: >- + CreateWithInstall is used to indicate wether + or not to create a secret for objectstore type: boolean name: - description: Name is the name of secret which contains + description: >- + Name is the name of secret which contains credentials to access objectstore type: string secretContents: - description: SecretContents contains credentials to - access objectstore + description: >- + SecretContents contains credentials to access + objectstore properties: aws_access_key_id: - description: AccessKeyID is a name of key ID to - access objectstore + description: >- + AccessKeyID is a name of key ID to access + objectstore type: string aws_secret_access_key: - description: AccessKey contains the key to access + description: >- + AccessKey contains the key to access objectstore type: string type: object type: object type: array deployNodeAgent: - description: DeployNodeAgent is to enable/disable node-agent + description: >- + DeployNodeAgent is to enable/disable node-agent services type: boolean enabled: - description: Enabled is used to indicate wether or not to - deploy a module + description: >- + Enabled is used to indicate wether or not to deploy + a module type: boolean envs: - description: Envs is the set of environment variables for - the container + description: >- + Envs is the set of environment variables for the + container items: - description: EnvVar represents an environment variable - present in a Container. + description: >- + EnvVar represents an environment variable present + in a Container. properties: name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. + description: >- + Name of the environment variable. Must be a + C_IDENTIFIER. type: string value: - description: |- + description: >- Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable + + using the previously defined environment + variables in the container and + + any service environment variables. If a + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. + + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. + description: >- + Source for the environment variable's value. + Cannot be used if value is not empty. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -1787,110 +738,147 @@ spec: description: The key to select. type: string name: - default: "" - description: |- + default: '' + description: >- Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: - description: Specify whether the ConfigMap - or its key must be defined + description: >- + Specify whether the ConfigMap or its key + must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + description: >- + Selects a field of the pod: supports + metadata.name, metadata.namespace, + `metadata.labels['']`, + `metadata.annotations['']`, + + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, + status.podIPs. properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". + description: >- + Version of the schema the FieldPath is + written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select in - the specified API version. + description: >- + Path of the field to select in the + specified API version. type: string required: - - fieldPath + - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + description: >- + Selects a resource of the container: only + resources limits and requests + + (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and + requests.ephemeral-storage) are currently + supported. properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' + description: >- + Container name: required for volumes, + optional for env vars type: string divisor: anyOf: - - type: integer - - type: string - description: Specifies the output format of - the exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - type: integer + - type: string + description: >- + Specifies the output format of the + exposed resources, defaults to "1" + pattern: >- + ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: description: 'Required: resource to select' type: string required: - - resource + - resource type: object x-kubernetes-map-type: atomic secretKeyRef: - description: Selects a key of a secret in the - pod's namespace + description: >- + Selects a key of a secret in the pod's + namespace properties: key: - description: The key of the secret to select - from. Must be a valid secret key. + description: >- + The key of the secret to select from. + Must be a valid secret key. type: string name: - default: "" - description: |- + default: '' + description: >- Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: - description: Specify whether the Secret or - its key must be defined + description: >- + Specify whether the Secret or its key + must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic type: object required: - - name + - name type: object type: array hostname: - description: Hostname is the authorization proxy server - hostname + description: Hostname is the authorization proxy server hostname type: string image: description: Image is the image tag for the Container type: string imagePullPolicy: - description: ImagePullPolicy is the image pull policy for - the image + description: >- + ImagePullPolicy is the image pull policy for the + image type: string leaderElection: - description: LeaderElection is boolean flag to enable leader + description: >- + LeaderElection is boolean flag to enable leader election type: boolean licenseName: - description: LicenseName is the name of the license for + description: >- + LicenseName is the name of the license for app-mobility type: string name: @@ -1899,13 +887,17 @@ spec: nodeSelector: additionalProperties: type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. + description: >- + NodeSelector is a selector which must be true for + the pod to fit on a node. + + Selector which must match a node's labels for the + pod to be scheduled on that node. type: object objectStoreSecretName: - description: ObjectStoreSecretName is the name of the secret - for the object store for app-mobility + description: >- + ObjectStoreSecretName is the name of the secret for + the object store for app-mobility type: string opa: description: Opa is the image tag for the Container @@ -1914,25 +906,31 @@ spec: description: OpaKubeMgmt is the image tag for the Container type: string openTelemetryCollectorAddress: - description: OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC + description: >- + OpenTelemetryCollectorAddress is the address of the + OTLP receiving endpoint using gRPC type: string privateKey: - description: PrivateKey is a private key used for a certificate/private-key - pair + description: >- + PrivateKey is a private key used for a + certificate/private-key pair type: string proxyServerIngress: - description: ProxyServerIngress is the authorization proxy - server ingress configuration + description: >- + ProxyServerIngress is the authorization proxy server + ingress configuration items: - description: ProxyServerIngress is the authorization ingress + description: >- + ProxyServerIngress is the authorization ingress configuration struct properties: annotations: additionalProperties: type: string - description: Annotations is an unstructured key value - map that stores additional annotations for the ingress + description: >- + Annotations is an unstructured key value map + that stores additional annotations for the + ingress type: object hosts: description: Hosts is the hosts rules for the ingress @@ -1948,8 +946,9 @@ spec: description: ProxyService is the image tag for the Container type: string proxyServiceReplicas: - description: ProxyServiceReplicas is the number of replicas - for the proxy service deployment + description: >- + ProxyServiceReplicas is the number of replicas for + the proxy service deployment type: integer redis: description: Redis is the image tag for the Container @@ -1961,8 +960,9 @@ spec: description: RedisName is the name of the redis statefulset type: string redisReplicas: - description: RedisReplicas is the number of replicas for - the redis deployment + description: >- + RedisReplicas is the number of replicas for the + redis deployment type: integer replicaCount: description: ReplicaCount is the replica count for app mobility @@ -1971,147 +971,188 @@ spec: description: RoleService is the image tag for the Container type: string roleServiceReplicas: - description: RoleServiceReplicas is the number of replicas - for the role service deployment + description: >- + RoleServiceReplicas is the number of replicas for + the role service deployment type: integer sentinel: description: Sentinel is the name of the sentinel statefulSet type: string skipCertificateValidation: - description: skipCertificateValidation is the flag to skip + description: >- + skipCertificateValidation is the flag to skip certificate validation type: boolean storageService: description: StorageService is the image tag for the Container type: string storageServiceReplicas: - description: StorageServiceReplicas is the number of replicas - for storage service deployment + description: >- + StorageServiceReplicas is the number of replicas for + storage service deployment type: integer storageclass: - description: RedisStorageClass is the authorization proxy - server redis storage class for persistence + description: >- + RedisStorageClass is the authorization proxy server + redis storage class for persistence type: string tenantService: description: TenantService is the image tag for the Container type: string tenantServiceReplicas: - description: TenantServiceReplicas is the number of replicas - for the tenant service deployment + description: >- + TenantServiceReplicas is the number of replicas for + the tenant service deployment type: integer tolerations: - description: Tolerations is the list of tolerations for - the driver pods + description: >- + Tolerations is the list of tolerations for the + driver pods items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . + description: >- + The pod this Toleration is attached to tolerates + any taint that matches + + the triple using the matching + operator . properties: effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + description: >- + Effect indicates the taint effect to match. + Empty means match all taint effects. + + When specified, allowed values are NoSchedule, + PreferNoSchedule and NoExecute. type: string key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. + description: >- + Key is the taint key that the toleration + applies to. Empty means match all taint keys. + + If the key is empty, operator must be Exists; + this combination means to match all values and + all keys. type: string operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can + description: >- + Operator represents a key's relationship to + the value. + + Valid operators are Exists and Equal. Defaults + to Equal. + + Exists is equivalent to wildcard for value, so + that a pod can + tolerate all taints of a particular category. type: string tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. + description: >- + TolerationSeconds represents the period of + time the toleration (which must be + + of effect NoExecute, otherwise this field is + ignored) tolerates the taint. By default, + + it is not set, which means tolerate the taint + forever (do not evict). Zero and + + negative values will be treated as 0 (evict + immediately) by the system. format: int64 type: integer value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. + description: >- + Value is the taint value the toleration + matches to. + + If the operator is Exists, the value should be + empty, otherwise just a regular string. type: string type: object type: array useVolumeSnapshot: - description: UseSnapshot is to check whether volume snapshot - is enabled under velero component + description: >- + UseSnapshot is to check whether volume snapshot is + enabled under velero component type: boolean vaultConfigurations: description: Vaults are the vault configurations items: - description: Vault is the configuration for a vault instance + description: >- + Vault is the configuration for a vault instance struct properties: address: description: Address is the address for this vault type: string certificateAuthority: - description: CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault certificate + description: >- + CertificateAuthority is the base64-encoded + certificate authority for validaitng the vault + certificate type: string clientCertificate: - description: ClientCertificate is the base64-encoded + description: >- + ClientCertificate is the base64-encoded certificate for connecting to vault type: string clientKey: - description: ClientKey validates is the base64-encoded + description: >- + ClientKey validates is the base64-encoded certificate key for connecting to vault type: string identifier: - description: Identifier is the identifier for this - vault + description: Identifier is the identifier for this vault type: string role: description: Role is the role for this vault type: string skipCertificateValidation: - description: SkipCertificateValidation validates the - vault server certificate or not + description: >- + SkipCertificateValidation validates the vault + server certificate or not type: boolean type: object type: array veleroNamespace: - description: VeleroNamespace is the namespace that Velero - is installed in + description: >- + VeleroNamespace is the namespace that Velero is + installed in type: string type: object - type: array - snapshotClass: - description: SnapshotClass is the specification for Snapshot Classes - items: - description: SnapshotClass struct + csiDriverSpec: + description: CSIDriverSpec is the specification for CSIDriver properties: - name: - description: Name is the name of the Snapshot Class + fSGroupPolicy: type: string - parameters: - additionalProperties: - type: string - description: Parameters is a map of driver specific parameters - for snapshot class - type: object + storageCapacity: + type: boolean type: object - type: array - tlsCertSecret: - description: TLSCertSecret is the name of the TLS Cert secret - type: string - type: object - modules: - description: Modules is list of Container Storage Module modules you - want to deploy - items: - description: Module defines the desired state of a ContainerStorageModule - properties: - components: - description: Components is the specification for CSM components - containers + csiDriverType: + description: >- + CSIDriverType is the CSI Driver type for Dell + Technologies - e.g, powermax, powerflex,... + type: string + dnsPolicy: + description: >- + DNSPolicy is the dnsPolicy of the daemonset for Node + plugin + type: string + forceRemoveDriver: + description: >- + ForceRemoveDriver is the boolean flag used to remove + driver deployment when CR is deleted + type: boolean + forceUpdate: + description: >- + ForceUpdate is the boolean flag used to force an update + of the driver instance + type: boolean + initContainers: + description: >- + InitContainers is the specification for Driver + InitContainers items: description: ContainerTemplate template properties: @@ -2121,91 +1162,123 @@ spec: type: string type: array authorizationController: - description: AuthorizationController is the image tag - for the container + description: >- + AuthorizationController is the image tag for the + container type: string authorizationControllerReplicas: - description: AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment + description: >- + AuthorizationControllerReplicas is the number of + replicas for the authorization controller + deployment type: integer certificate: - description: Certificate is a certificate used for a certificate/private-key - pair + description: >- + Certificate is a certificate used for a + certificate/private-key pair type: string certificateAuthority: - description: CertificateAuthority is a certificate authority + description: >- + CertificateAuthority is a certificate authority used to validate a certificate type: string commander: description: Commander is the image tag for the Container type: string controllerReconcileInterval: - description: The interval which the reconcile of each + description: >- + The interval which the reconcile of each controller is run type: string credentials: - description: ComponentCred is to store the velero credential + description: >- + ComponentCred is to store the velero credential contents items: description: Credential struct properties: createWithInstall: - description: CreateWithInstall is used to indicate - wether or not to create a secret for objectstore + description: >- + CreateWithInstall is used to indicate wether + or not to create a secret for objectstore type: boolean name: - description: Name is the name of secret which contains + description: >- + Name is the name of secret which contains credentials to access objectstore type: string secretContents: - description: SecretContents contains credentials - to access objectstore + description: >- + SecretContents contains credentials to + access objectstore properties: aws_access_key_id: - description: AccessKeyID is a name of key ID - to access objectstore + description: >- + AccessKeyID is a name of key ID to + access objectstore type: string aws_secret_access_key: - description: AccessKey contains the key to access + description: >- + AccessKey contains the key to access objectstore type: string type: object type: object type: array deployNodeAgent: - description: DeployNodeAgent is to enable/disable node-agent + description: >- + DeployNodeAgent is to enable/disable node-agent services type: boolean enabled: - description: Enabled is used to indicate wether or not - to deploy a module + description: >- + Enabled is used to indicate wether or not to + deploy a module type: boolean envs: - description: Envs is the set of environment variables - for the container + description: >- + Envs is the set of environment variables for the + container items: - description: EnvVar represents an environment variable + description: >- + EnvVar represents an environment variable present in a Container. properties: name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. + description: >- + Name of the environment variable. Must be a + C_IDENTIFIER. type: string value: - description: |- + description: >- Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable + + using the previously defined environment + variables in the container and + + any service environment variables. If a + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. + + "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. + description: >- + Source for the environment variable's value. + Cannot be used if value is not empty. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -2214,111 +1287,149 @@ spec: description: The key to select. type: string name: - default: "" - description: |- + default: '' + description: >- Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: - description: Specify whether the ConfigMap - or its key must be defined + description: >- + Specify whether the ConfigMap or its key + must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + description: >- + Selects a field of the pod: supports + metadata.name, metadata.namespace, + `metadata.labels['']`, + `metadata.annotations['']`, + + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, + status.podIPs. properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". + description: >- + Version of the schema the FieldPath is + written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. + description: >- + Path of the field to select in the + specified API version. type: string required: - - fieldPath + - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + description: >- + Selects a resource of the container: + only resources limits and requests + + (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and + requests.ephemeral-storage) are + currently supported. properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' + description: >- + Container name: required for volumes, + optional for env vars type: string divisor: anyOf: - - type: integer - - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - type: integer + - type: string + description: >- + Specifies the output format of the + exposed resources, defaults to "1" + pattern: >- + ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: description: 'Required: resource to select' type: string required: - - resource + - resource type: object x-kubernetes-map-type: atomic secretKeyRef: - description: Selects a key of a secret in the - pod's namespace + description: >- + Selects a key of a secret in the pod's + namespace properties: key: - description: The key of the secret to select - from. Must be a valid secret key. + description: >- + The key of the secret to select from. + Must be a valid secret key. type: string name: - default: "" - description: |- + default: '' + description: >- Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: - description: Specify whether the Secret - or its key must be defined + description: >- + Specify whether the Secret or its key + must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic type: object required: - - name + - name type: object type: array hostname: - description: Hostname is the authorization proxy server + description: >- + Hostname is the authorization proxy server hostname type: string image: description: Image is the image tag for the Container type: string imagePullPolicy: - description: ImagePullPolicy is the image pull policy - for the image + description: >- + ImagePullPolicy is the image pull policy for the + image type: string leaderElection: - description: LeaderElection is boolean flag to enable - leader election + description: >- + LeaderElection is boolean flag to enable leader + election type: boolean licenseName: - description: LicenseName is the name of the license for + description: >- + LicenseName is the name of the license for app-mobility type: string name: @@ -2327,13 +1438,17 @@ spec: nodeSelector: additionalProperties: type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. + description: >- + NodeSelector is a selector which must be true for + the pod to fit on a node. + + Selector which must match a node's labels for the + pod to be scheduled on that node. type: object objectStoreSecretName: - description: ObjectStoreSecretName is the name of the - secret for the object store for app-mobility + description: >- + ObjectStoreSecretName is the name of the secret + for the object store for app-mobility type: string opa: description: Opa is the image tag for the Container @@ -2342,26 +1457,31 @@ spec: description: OpaKubeMgmt is the image tag for the Container type: string openTelemetryCollectorAddress: - description: OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC + description: >- + OpenTelemetryCollectorAddress is the address of + the OTLP receiving endpoint using gRPC type: string privateKey: - description: PrivateKey is a private key used for a certificate/private-key - pair + description: >- + PrivateKey is a private key used for a + certificate/private-key pair type: string proxyServerIngress: - description: ProxyServerIngress is the authorization proxy + description: >- + ProxyServerIngress is the authorization proxy server ingress configuration items: - description: ProxyServerIngress is the authorization - ingress configuration struct + description: >- + ProxyServerIngress is the authorization ingress + configuration struct properties: annotations: additionalProperties: type: string - description: Annotations is an unstructured key - value map that stores additional annotations for - the ingress + description: >- + Annotations is an unstructured key value map + that stores additional annotations for the + ingress type: object hosts: description: Hosts is the hosts rules for the ingress @@ -2377,8 +1497,9 @@ spec: description: ProxyService is the image tag for the Container type: string proxyServiceReplicas: - description: ProxyServiceReplicas is the number of replicas - for the proxy service deployment + description: >- + ProxyServiceReplicas is the number of replicas for + the proxy service deployment type: integer redis: description: Redis is the image tag for the Container @@ -2390,144 +1511,695 @@ spec: description: RedisName is the name of the redis statefulset type: string redisReplicas: - description: RedisReplicas is the number of replicas for - the redis deployment + description: >- + RedisReplicas is the number of replicas for the + redis deployment type: integer replicaCount: - description: ReplicaCount is the replica count for app - mobility + description: ReplicaCount is the replica count for app mobility type: string roleService: description: RoleService is the image tag for the Container type: string roleServiceReplicas: - description: RoleServiceReplicas is the number of replicas - for the role service deployment + description: >- + RoleServiceReplicas is the number of replicas for + the role service deployment type: integer sentinel: description: Sentinel is the name of the sentinel statefulSet type: string skipCertificateValidation: - description: skipCertificateValidation is the flag to - skip certificate validation + description: >- + skipCertificateValidation is the flag to skip + certificate validation type: boolean storageService: description: StorageService is the image tag for the Container type: string storageServiceReplicas: - description: StorageServiceReplicas is the number of replicas + description: >- + StorageServiceReplicas is the number of replicas for storage service deployment type: integer storageclass: - description: RedisStorageClass is the authorization proxy + description: >- + RedisStorageClass is the authorization proxy server redis storage class for persistence type: string tenantService: description: TenantService is the image tag for the Container type: string tenantServiceReplicas: - description: TenantServiceReplicas is the number of replicas + description: >- + TenantServiceReplicas is the number of replicas for the tenant service deployment type: integer tolerations: - description: Tolerations is the list of tolerations for - the driver pods + description: >- + Tolerations is the list of tolerations for the + driver pods items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . + description: >- + The pod this Toleration is attached to tolerates + any taint that matches + + the triple using the matching + operator . properties: effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + description: >- + Effect indicates the taint effect to match. + Empty means match all taint effects. + + When specified, allowed values are + NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. + description: >- + Key is the taint key that the toleration + applies to. Empty means match all taint + keys. + + If the key is empty, operator must be + Exists; this combination means to match all + values and all keys. type: string operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. + description: >- + Operator represents a key's relationship to + the value. + + Valid operators are Exists and Equal. + Defaults to Equal. + + Exists is equivalent to wildcard for value, + so that a pod can + + tolerate all taints of a particular + category. type: string tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. + description: >- + TolerationSeconds represents the period of + time the toleration (which must be + + of effect NoExecute, otherwise this field is + ignored) tolerates the taint. By default, + + it is not set, which means tolerate the + taint forever (do not evict). Zero and + + negative values will be treated as 0 (evict + immediately) by the system. format: int64 type: integer value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. + description: >- + Value is the taint value the toleration + matches to. + + If the operator is Exists, the value should + be empty, otherwise just a regular string. type: string type: object type: array useVolumeSnapshot: - description: UseSnapshot is to check whether volume snapshot - is enabled under velero component + description: >- + UseSnapshot is to check whether volume snapshot is + enabled under velero component type: boolean vaultConfigurations: description: Vaults are the vault configurations items: - description: Vault is the configuration for a vault - instance struct + description: >- + Vault is the configuration for a vault instance + struct properties: address: description: Address is the address for this vault type: string certificateAuthority: - description: CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault - certificate + description: >- + CertificateAuthority is the base64-encoded + certificate authority for validaitng the + vault certificate type: string clientCertificate: - description: ClientCertificate is the base64-encoded + description: >- + ClientCertificate is the base64-encoded certificate for connecting to vault type: string clientKey: - description: ClientKey validates is the base64-encoded + description: >- + ClientKey validates is the base64-encoded certificate key for connecting to vault type: string identifier: - description: Identifier is the identifier for this - vault + description: Identifier is the identifier for this vault type: string role: description: Role is the role for this vault type: string skipCertificateValidation: - description: SkipCertificateValidation validates - the vault server certificate or not + description: >- + SkipCertificateValidation validates the + vault server certificate or not type: boolean type: object type: array veleroNamespace: - description: VeleroNamespace is the namespace that Velero - is installed in + description: >- + VeleroNamespace is the namespace that Velero is + installed in type: string type: object type: array - configVersion: - description: ConfigVersion is the configuration version of the - module - type: string - enabled: - description: Enabled is used to indicate whether or not to deploy - a module - type: boolean - forceRemoveModule: - description: ForceRemoveModule is the boolean flag used to remove - authorization proxy server deployment when CR is deleted - type: boolean - initContainer: - description: InitContainer is the specification for Module InitContainer + node: + description: Node is the specification for Node plugin only + properties: + args: + description: Args is the set of arguments for the container + items: + type: string + type: array + authorizationController: + description: >- + AuthorizationController is the image tag for the + container + type: string + authorizationControllerReplicas: + description: >- + AuthorizationControllerReplicas is the number of + replicas for the authorization controller deployment + type: integer + certificate: + description: >- + Certificate is a certificate used for a + certificate/private-key pair + type: string + certificateAuthority: + description: >- + CertificateAuthority is a certificate authority used + to validate a certificate + type: string + commander: + description: Commander is the image tag for the Container + type: string + controllerReconcileInterval: + description: >- + The interval which the reconcile of each controller + is run + type: string + credentials: + description: >- + ComponentCred is to store the velero credential + contents + items: + description: Credential struct + properties: + createWithInstall: + description: >- + CreateWithInstall is used to indicate wether + or not to create a secret for objectstore + type: boolean + name: + description: >- + Name is the name of secret which contains + credentials to access objectstore + type: string + secretContents: + description: >- + SecretContents contains credentials to access + objectstore + properties: + aws_access_key_id: + description: >- + AccessKeyID is a name of key ID to access + objectstore + type: string + aws_secret_access_key: + description: >- + AccessKey contains the key to access + objectstore + type: string + type: object + type: object + type: array + deployNodeAgent: + description: >- + DeployNodeAgent is to enable/disable node-agent + services + type: boolean + enabled: + description: >- + Enabled is used to indicate wether or not to deploy + a module + type: boolean + envs: + description: >- + Envs is the set of environment variables for the + container + items: + description: >- + EnvVar represents an environment variable present + in a Container. + properties: + name: + description: >- + Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: >- + Variable references $(VAR_NAME) are expanded + + using the previously defined environment + variables in the container and + + any service environment variables. If a + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. + + "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + + exists or not. + + Defaults to "". + type: string + valueFrom: + description: >- + Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: '' + description: >- + Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: >- + Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: >- + Selects a field of the pod: supports + metadata.name, metadata.namespace, + `metadata.labels['']`, + `metadata.annotations['']`, + + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, + status.podIPs. + properties: + apiVersion: + description: >- + Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: >- + Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: >- + Selects a resource of the container: only + resources limits and requests + + (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and + requests.ephemeral-storage) are currently + supported. + properties: + containerName: + description: >- + Container name: required for volumes, + optional for env vars + type: string + divisor: + anyOf: + - type: integer + - type: string + description: >- + Specifies the output format of the + exposed resources, defaults to "1" + pattern: >- + ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: >- + Selects a key of a secret in the pod's + namespace + properties: + key: + description: >- + The key of the secret to select from. + Must be a valid secret key. + type: string + name: + default: '' + description: >- + Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: >- + Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + hostname: + description: Hostname is the authorization proxy server hostname + type: string + image: + description: Image is the image tag for the Container + type: string + imagePullPolicy: + description: >- + ImagePullPolicy is the image pull policy for the + image + type: string + leaderElection: + description: >- + LeaderElection is boolean flag to enable leader + election + type: boolean + licenseName: + description: >- + LicenseName is the name of the license for + app-mobility + type: string + name: + description: Name is the name of Container + type: string + nodeSelector: + additionalProperties: + type: string + description: >- + NodeSelector is a selector which must be true for + the pod to fit on a node. + + Selector which must match a node's labels for the + pod to be scheduled on that node. + type: object + objectStoreSecretName: + description: >- + ObjectStoreSecretName is the name of the secret for + the object store for app-mobility + type: string + opa: + description: Opa is the image tag for the Container + type: string + opaKubeMgmt: + description: OpaKubeMgmt is the image tag for the Container + type: string + openTelemetryCollectorAddress: + description: >- + OpenTelemetryCollectorAddress is the address of the + OTLP receiving endpoint using gRPC + type: string + privateKey: + description: >- + PrivateKey is a private key used for a + certificate/private-key pair + type: string + proxyServerIngress: + description: >- + ProxyServerIngress is the authorization proxy server + ingress configuration + items: + description: >- + ProxyServerIngress is the authorization ingress + configuration struct + properties: + annotations: + additionalProperties: + type: string + description: >- + Annotations is an unstructured key value map + that stores additional annotations for the + ingress + type: object + hosts: + description: Hosts is the hosts rules for the ingress + items: + type: string + type: array + ingressClassName: + description: IngressClassName is the ingressClassName + type: string + type: object + type: array + proxyService: + description: ProxyService is the image tag for the Container + type: string + proxyServiceReplicas: + description: >- + ProxyServiceReplicas is the number of replicas for + the proxy service deployment + type: integer + redis: + description: Redis is the image tag for the Container + type: string + redisCommander: + description: RedisCommander is the name of the redis deployment + type: string + redisName: + description: RedisName is the name of the redis statefulset + type: string + redisReplicas: + description: >- + RedisReplicas is the number of replicas for the + redis deployment + type: integer + replicaCount: + description: ReplicaCount is the replica count for app mobility + type: string + roleService: + description: RoleService is the image tag for the Container + type: string + roleServiceReplicas: + description: >- + RoleServiceReplicas is the number of replicas for + the role service deployment + type: integer + sentinel: + description: Sentinel is the name of the sentinel statefulSet + type: string + skipCertificateValidation: + description: >- + skipCertificateValidation is the flag to skip + certificate validation + type: boolean + storageService: + description: StorageService is the image tag for the Container + type: string + storageServiceReplicas: + description: >- + StorageServiceReplicas is the number of replicas for + storage service deployment + type: integer + storageclass: + description: >- + RedisStorageClass is the authorization proxy server + redis storage class for persistence + type: string + tenantService: + description: TenantService is the image tag for the Container + type: string + tenantServiceReplicas: + description: >- + TenantServiceReplicas is the number of replicas for + the tenant service deployment + type: integer + tolerations: + description: >- + Tolerations is the list of tolerations for the + driver pods + items: + description: >- + The pod this Toleration is attached to tolerates + any taint that matches + + the triple using the matching + operator . + properties: + effect: + description: >- + Effect indicates the taint effect to match. + Empty means match all taint effects. + + When specified, allowed values are NoSchedule, + PreferNoSchedule and NoExecute. + type: string + key: + description: >- + Key is the taint key that the toleration + applies to. Empty means match all taint keys. + + If the key is empty, operator must be Exists; + this combination means to match all values and + all keys. + type: string + operator: + description: >- + Operator represents a key's relationship to + the value. + + Valid operators are Exists and Equal. Defaults + to Equal. + + Exists is equivalent to wildcard for value, so + that a pod can + + tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: >- + TolerationSeconds represents the period of + time the toleration (which must be + + of effect NoExecute, otherwise this field is + ignored) tolerates the taint. By default, + + it is not set, which means tolerate the taint + forever (do not evict). Zero and + + negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: >- + Value is the taint value the toleration + matches to. + + If the operator is Exists, the value should be + empty, otherwise just a regular string. + type: string + type: object + type: array + useVolumeSnapshot: + description: >- + UseSnapshot is to check whether volume snapshot is + enabled under velero component + type: boolean + vaultConfigurations: + description: Vaults are the vault configurations + items: + description: >- + Vault is the configuration for a vault instance + struct + properties: + address: + description: Address is the address for this vault + type: string + certificateAuthority: + description: >- + CertificateAuthority is the base64-encoded + certificate authority for validaitng the vault + certificate + type: string + clientCertificate: + description: >- + ClientCertificate is the base64-encoded + certificate for connecting to vault + type: string + clientKey: + description: >- + ClientKey validates is the base64-encoded + certificate key for connecting to vault + type: string + identifier: + description: Identifier is the identifier for this vault + type: string + role: + description: Role is the role for this vault + type: string + skipCertificateValidation: + description: >- + SkipCertificateValidation validates the vault + server certificate or not + type: boolean + type: object + type: array + veleroNamespace: + description: >- + VeleroNamespace is the namespace that Velero is + installed in + type: string + type: object + replicas: + default: 2 + description: >- + Replicas is the count of controllers for Controller + plugin + format: int32 + type: integer + sideCars: + description: SideCars is the specification for CSI sidecar containers items: description: ContainerTemplate template properties: @@ -2537,91 +2209,123 @@ spec: type: string type: array authorizationController: - description: AuthorizationController is the image tag - for the container + description: >- + AuthorizationController is the image tag for the + container type: string authorizationControllerReplicas: - description: AuthorizationControllerReplicas is the number - of replicas for the authorization controller deployment + description: >- + AuthorizationControllerReplicas is the number of + replicas for the authorization controller + deployment type: integer certificate: - description: Certificate is a certificate used for a certificate/private-key - pair + description: >- + Certificate is a certificate used for a + certificate/private-key pair type: string certificateAuthority: - description: CertificateAuthority is a certificate authority + description: >- + CertificateAuthority is a certificate authority used to validate a certificate type: string commander: description: Commander is the image tag for the Container type: string controllerReconcileInterval: - description: The interval which the reconcile of each + description: >- + The interval which the reconcile of each controller is run type: string credentials: - description: ComponentCred is to store the velero credential + description: >- + ComponentCred is to store the velero credential contents items: description: Credential struct properties: createWithInstall: - description: CreateWithInstall is used to indicate - wether or not to create a secret for objectstore + description: >- + CreateWithInstall is used to indicate wether + or not to create a secret for objectstore type: boolean name: - description: Name is the name of secret which contains + description: >- + Name is the name of secret which contains credentials to access objectstore type: string secretContents: - description: SecretContents contains credentials - to access objectstore + description: >- + SecretContents contains credentials to + access objectstore properties: aws_access_key_id: - description: AccessKeyID is a name of key ID - to access objectstore + description: >- + AccessKeyID is a name of key ID to + access objectstore type: string aws_secret_access_key: - description: AccessKey contains the key to access + description: >- + AccessKey contains the key to access objectstore type: string type: object type: object type: array deployNodeAgent: - description: DeployNodeAgent is to enable/disable node-agent + description: >- + DeployNodeAgent is to enable/disable node-agent services type: boolean enabled: - description: Enabled is used to indicate wether or not - to deploy a module + description: >- + Enabled is used to indicate wether or not to + deploy a module type: boolean envs: - description: Envs is the set of environment variables - for the container + description: >- + Envs is the set of environment variables for the + container items: - description: EnvVar represents an environment variable + description: >- + EnvVar represents an environment variable present in a Container. properties: name: - description: Name of the environment variable. Must - be a C_IDENTIFIER. + description: >- + Name of the environment variable. Must be a + C_IDENTIFIER. type: string value: - description: |- + description: >- Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in the container and - any service environment variables. If a variable cannot be resolved, - the reference in the input string will be unchanged. Double $$ are reduced - to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless of whether the variable + + using the previously defined environment + variables in the container and + + any service environment variables. If a + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. + + "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + exists or not. + Defaults to "". type: string valueFrom: - description: Source for the environment variable's - value. Cannot be used if value is not empty. + description: >- + Source for the environment variable's value. + Cannot be used if value is not empty. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -2630,111 +2334,149 @@ spec: description: The key to select. type: string name: - default: "" - description: |- + default: '' + description: >- Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: - description: Specify whether the ConfigMap - or its key must be defined + description: >- + Specify whether the ConfigMap or its key + must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic fieldRef: - description: |- - Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. + description: >- + Selects a field of the pod: supports + metadata.name, metadata.namespace, + `metadata.labels['']`, + `metadata.annotations['']`, + + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, + status.podIPs. properties: apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". + description: >- + Version of the schema the FieldPath is + written in terms of, defaults to "v1". type: string fieldPath: - description: Path of the field to select - in the specified API version. + description: >- + Path of the field to select in the + specified API version. type: string required: - - fieldPath + - fieldPath type: object x-kubernetes-map-type: atomic resourceFieldRef: - description: |- - Selects a resource of the container: only resources limits and requests - (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. + description: >- + Selects a resource of the container: + only resources limits and requests + + (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and + requests.ephemeral-storage) are + currently supported. properties: containerName: - description: 'Container name: required for - volumes, optional for env vars' + description: >- + Container name: required for volumes, + optional for env vars type: string divisor: anyOf: - - type: integer - - type: string - description: Specifies the output format - of the exposed resources, defaults to - "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + - type: integer + - type: string + description: >- + Specifies the output format of the + exposed resources, defaults to "1" + pattern: >- + ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ x-kubernetes-int-or-string: true resource: description: 'Required: resource to select' type: string required: - - resource + - resource type: object x-kubernetes-map-type: atomic secretKeyRef: - description: Selects a key of a secret in the - pod's namespace + description: >- + Selects a key of a secret in the pod's + namespace properties: key: - description: The key of the secret to select - from. Must be a valid secret key. + description: >- + The key of the secret to select from. + Must be a valid secret key. type: string name: - default: "" - description: |- + default: '' + description: >- Name of the referent. - This field is effectively required, but due to backwards compatibility is - allowed to be empty. Instances of this type with an empty value here are + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + almost certainly wrong. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: - description: Specify whether the Secret - or its key must be defined + description: >- + Specify whether the Secret or its key + must be defined type: boolean required: - - key + - key type: object x-kubernetes-map-type: atomic type: object required: - - name + - name type: object type: array hostname: - description: Hostname is the authorization proxy server + description: >- + Hostname is the authorization proxy server hostname type: string image: description: Image is the image tag for the Container type: string imagePullPolicy: - description: ImagePullPolicy is the image pull policy - for the image + description: >- + ImagePullPolicy is the image pull policy for the + image type: string leaderElection: - description: LeaderElection is boolean flag to enable - leader election + description: >- + LeaderElection is boolean flag to enable leader + election type: boolean licenseName: - description: LicenseName is the name of the license for + description: >- + LicenseName is the name of the license for app-mobility type: string name: @@ -2743,13 +2485,17 @@ spec: nodeSelector: additionalProperties: type: string - description: |- - NodeSelector is a selector which must be true for the pod to fit on a node. - Selector which must match a node's labels for the pod to be scheduled on that node. + description: >- + NodeSelector is a selector which must be true for + the pod to fit on a node. + + Selector which must match a node's labels for the + pod to be scheduled on that node. type: object objectStoreSecretName: - description: ObjectStoreSecretName is the name of the - secret for the object store for app-mobility + description: >- + ObjectStoreSecretName is the name of the secret + for the object store for app-mobility type: string opa: description: Opa is the image tag for the Container @@ -2758,26 +2504,31 @@ spec: description: OpaKubeMgmt is the image tag for the Container type: string openTelemetryCollectorAddress: - description: OpenTelemetryCollectorAddress is the address - of the OTLP receiving endpoint using gRPC + description: >- + OpenTelemetryCollectorAddress is the address of + the OTLP receiving endpoint using gRPC type: string privateKey: - description: PrivateKey is a private key used for a certificate/private-key - pair + description: >- + PrivateKey is a private key used for a + certificate/private-key pair type: string proxyServerIngress: - description: ProxyServerIngress is the authorization proxy + description: >- + ProxyServerIngress is the authorization proxy server ingress configuration items: - description: ProxyServerIngress is the authorization - ingress configuration struct + description: >- + ProxyServerIngress is the authorization ingress + configuration struct properties: annotations: additionalProperties: type: string - description: Annotations is an unstructured key - value map that stores additional annotations for - the ingress + description: >- + Annotations is an unstructured key value map + that stores additional annotations for the + ingress type: object hosts: description: Hosts is the hosts rules for the ingress @@ -2793,8 +2544,9 @@ spec: description: ProxyService is the image tag for the Container type: string proxyServiceReplicas: - description: ProxyServiceReplicas is the number of replicas - for the proxy service deployment + description: >- + ProxyServiceReplicas is the number of replicas for + the proxy service deployment type: integer redis: description: Redis is the image tag for the Container @@ -2806,166 +2558,1335 @@ spec: description: RedisName is the name of the redis statefulset type: string redisReplicas: - description: RedisReplicas is the number of replicas for - the redis deployment + description: >- + RedisReplicas is the number of replicas for the + redis deployment type: integer replicaCount: - description: ReplicaCount is the replica count for app - mobility + description: ReplicaCount is the replica count for app mobility type: string roleService: description: RoleService is the image tag for the Container type: string roleServiceReplicas: - description: RoleServiceReplicas is the number of replicas - for the role service deployment + description: >- + RoleServiceReplicas is the number of replicas for + the role service deployment type: integer sentinel: description: Sentinel is the name of the sentinel statefulSet type: string skipCertificateValidation: - description: skipCertificateValidation is the flag to - skip certificate validation + description: >- + skipCertificateValidation is the flag to skip + certificate validation type: boolean storageService: description: StorageService is the image tag for the Container type: string storageServiceReplicas: - description: StorageServiceReplicas is the number of replicas + description: >- + StorageServiceReplicas is the number of replicas for storage service deployment type: integer storageclass: - description: RedisStorageClass is the authorization proxy + description: >- + RedisStorageClass is the authorization proxy server redis storage class for persistence type: string tenantService: description: TenantService is the image tag for the Container type: string tenantServiceReplicas: - description: TenantServiceReplicas is the number of replicas + description: >- + TenantServiceReplicas is the number of replicas for the tenant service deployment type: integer tolerations: - description: Tolerations is the list of tolerations for - the driver pods + description: >- + Tolerations is the list of tolerations for the + driver pods items: - description: |- - The pod this Toleration is attached to tolerates any taint that matches - the triple using the matching operator . + description: >- + The pod this Toleration is attached to tolerates + any taint that matches + + the triple using the matching + operator . properties: effect: - description: |- - Effect indicates the taint effect to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + description: >- + Effect indicates the taint effect to match. + Empty means match all taint effects. + + When specified, allowed values are + NoSchedule, PreferNoSchedule and NoExecute. type: string key: - description: |- - Key is the taint key that the toleration applies to. Empty means match all taint keys. - If the key is empty, operator must be Exists; this combination means to match all values and all keys. + description: >- + Key is the taint key that the toleration + applies to. Empty means match all taint + keys. + + If the key is empty, operator must be + Exists; this combination means to match all + values and all keys. type: string operator: - description: |- - Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. - Exists is equivalent to wildcard for value, so that a pod can - tolerate all taints of a particular category. + description: >- + Operator represents a key's relationship to + the value. + + Valid operators are Exists and Equal. + Defaults to Equal. + + Exists is equivalent to wildcard for value, + so that a pod can + + tolerate all taints of a particular + category. type: string tolerationSeconds: - description: |- - TolerationSeconds represents the period of time the toleration (which must be - of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - it is not set, which means tolerate the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict immediately) by the system. + description: >- + TolerationSeconds represents the period of + time the toleration (which must be + + of effect NoExecute, otherwise this field is + ignored) tolerates the taint. By default, + + it is not set, which means tolerate the + taint forever (do not evict). Zero and + + negative values will be treated as 0 (evict + immediately) by the system. format: int64 type: integer value: - description: |- - Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise just a regular string. + description: >- + Value is the taint value the toleration + matches to. + + If the operator is Exists, the value should + be empty, otherwise just a regular string. type: string type: object type: array useVolumeSnapshot: - description: UseSnapshot is to check whether volume snapshot - is enabled under velero component + description: >- + UseSnapshot is to check whether volume snapshot is + enabled under velero component type: boolean vaultConfigurations: description: Vaults are the vault configurations items: - description: Vault is the configuration for a vault - instance struct + description: >- + Vault is the configuration for a vault instance + struct properties: address: description: Address is the address for this vault type: string certificateAuthority: - description: CertificateAuthority is the base64-encoded - certificate authority for validaitng the vault - certificate + description: >- + CertificateAuthority is the base64-encoded + certificate authority for validaitng the + vault certificate type: string clientCertificate: - description: ClientCertificate is the base64-encoded + description: >- + ClientCertificate is the base64-encoded certificate for connecting to vault type: string clientKey: - description: ClientKey validates is the base64-encoded + description: >- + ClientKey validates is the base64-encoded certificate key for connecting to vault type: string identifier: - description: Identifier is the identifier for this - vault + description: Identifier is the identifier for this vault type: string role: description: Role is the role for this vault type: string skipCertificateValidation: - description: SkipCertificateValidation validates - the vault server certificate or not + description: >- + SkipCertificateValidation validates the + vault server certificate or not type: boolean type: object type: array veleroNamespace: - description: VeleroNamespace is the namespace that Velero - is installed in + description: >- + VeleroNamespace is the namespace that Velero is + installed in + type: string + type: object + type: array + snapshotClass: + description: SnapshotClass is the specification for Snapshot Classes + items: + description: SnapshotClass struct + properties: + name: + description: Name is the name of the Snapshot Class type: string + parameters: + additionalProperties: + type: string + description: >- + Parameters is a map of driver specific parameters + for snapshot class + type: object type: object type: array - name: - description: Name is name of ContainerStorageModule modules + tlsCertSecret: + description: TLSCertSecret is the name of the TLS Cert secret + type: string + type: object + modules: + description: >- + Modules is list of Container Storage Module modules you want + to deploy + items: + description: >- + Module defines the desired state of a + ContainerStorageModule + properties: + components: + description: >- + Components is the specification for CSM components + containers + items: + description: ContainerTemplate template + properties: + args: + description: Args is the set of arguments for the container + items: + type: string + type: array + authorizationController: + description: >- + AuthorizationController is the image tag for the + container + type: string + authorizationControllerReplicas: + description: >- + AuthorizationControllerReplicas is the number of + replicas for the authorization controller + deployment + type: integer + certificate: + description: >- + Certificate is a certificate used for a + certificate/private-key pair + type: string + certificateAuthority: + description: >- + CertificateAuthority is a certificate authority + used to validate a certificate + type: string + commander: + description: Commander is the image tag for the Container + type: string + controllerReconcileInterval: + description: >- + The interval which the reconcile of each + controller is run + type: string + credentials: + description: >- + ComponentCred is to store the velero credential + contents + items: + description: Credential struct + properties: + createWithInstall: + description: >- + CreateWithInstall is used to indicate + wether or not to create a secret for + objectstore + type: boolean + name: + description: >- + Name is the name of secret which contains + credentials to access objectstore + type: string + secretContents: + description: >- + SecretContents contains credentials to + access objectstore + properties: + aws_access_key_id: + description: >- + AccessKeyID is a name of key ID to + access objectstore + type: string + aws_secret_access_key: + description: >- + AccessKey contains the key to access + objectstore + type: string + type: object + type: object + type: array + deployNodeAgent: + description: >- + DeployNodeAgent is to enable/disable node-agent + services + type: boolean + enabled: + description: >- + Enabled is used to indicate wether or not to + deploy a module + type: boolean + envs: + description: >- + Envs is the set of environment variables for the + container + items: + description: >- + EnvVar represents an environment variable + present in a Container. + properties: + name: + description: >- + Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: >- + Variable references $(VAR_NAME) are + expanded + + using the previously defined environment + variables in the container and + + any service environment variables. If a + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. + + "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + + exists or not. + + Defaults to "". + type: string + valueFrom: + description: >- + Source for the environment variable's + value. Cannot be used if value is not + empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: '' + description: >- + Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: >- + Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: >- + Selects a field of the pod: supports + metadata.name, metadata.namespace, + `metadata.labels['']`, + `metadata.annotations['']`, + + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, + status.podIPs. + properties: + apiVersion: + description: >- + Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: >- + Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: >- + Selects a resource of the container: + only resources limits and requests + + (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and + requests.ephemeral-storage) are + currently supported. + properties: + containerName: + description: >- + Container name: required for volumes, + optional for env vars + type: string + divisor: + anyOf: + - type: integer + - type: string + description: >- + Specifies the output format of the + exposed resources, defaults to "1" + pattern: >- + ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: >- + Selects a key of a secret in the pod's + namespace + properties: + key: + description: >- + The key of the secret to select from. + Must be a valid secret key. + type: string + name: + default: '' + description: >- + Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: >- + Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + hostname: + description: >- + Hostname is the authorization proxy server + hostname + type: string + image: + description: Image is the image tag for the Container + type: string + imagePullPolicy: + description: >- + ImagePullPolicy is the image pull policy for the + image + type: string + leaderElection: + description: >- + LeaderElection is boolean flag to enable leader + election + type: boolean + licenseName: + description: >- + LicenseName is the name of the license for + app-mobility + type: string + name: + description: Name is the name of Container + type: string + nodeSelector: + additionalProperties: + type: string + description: >- + NodeSelector is a selector which must be true + for the pod to fit on a node. + + Selector which must match a node's labels for + the pod to be scheduled on that node. + type: object + objectStoreSecretName: + description: >- + ObjectStoreSecretName is the name of the secret + for the object store for app-mobility + type: string + opa: + description: Opa is the image tag for the Container + type: string + opaKubeMgmt: + description: OpaKubeMgmt is the image tag for the Container + type: string + openTelemetryCollectorAddress: + description: >- + OpenTelemetryCollectorAddress is the address of + the OTLP receiving endpoint using gRPC + type: string + privateKey: + description: >- + PrivateKey is a private key used for a + certificate/private-key pair + type: string + proxyServerIngress: + description: >- + ProxyServerIngress is the authorization proxy + server ingress configuration + items: + description: >- + ProxyServerIngress is the authorization + ingress configuration struct + properties: + annotations: + additionalProperties: + type: string + description: >- + Annotations is an unstructured key value + map that stores additional annotations for + the ingress + type: object + hosts: + description: Hosts is the hosts rules for the ingress + items: + type: string + type: array + ingressClassName: + description: IngressClassName is the ingressClassName + type: string + type: object + type: array + proxyService: + description: ProxyService is the image tag for the Container + type: string + proxyServiceReplicas: + description: >- + ProxyServiceReplicas is the number of replicas + for the proxy service deployment + type: integer + redis: + description: Redis is the image tag for the Container + type: string + redisCommander: + description: >- + RedisCommander is the name of the redis + deployment + type: string + redisName: + description: RedisName is the name of the redis statefulset + type: string + redisReplicas: + description: >- + RedisReplicas is the number of replicas for the + redis deployment + type: integer + replicaCount: + description: >- + ReplicaCount is the replica count for app + mobility + type: string + roleService: + description: RoleService is the image tag for the Container + type: string + roleServiceReplicas: + description: >- + RoleServiceReplicas is the number of replicas + for the role service deployment + type: integer + sentinel: + description: Sentinel is the name of the sentinel statefulSet + type: string + skipCertificateValidation: + description: >- + skipCertificateValidation is the flag to skip + certificate validation + type: boolean + storageService: + description: >- + StorageService is the image tag for the + Container + type: string + storageServiceReplicas: + description: >- + StorageServiceReplicas is the number of replicas + for storage service deployment + type: integer + storageclass: + description: >- + RedisStorageClass is the authorization proxy + server redis storage class for persistence + type: string + tenantService: + description: TenantService is the image tag for the Container + type: string + tenantServiceReplicas: + description: >- + TenantServiceReplicas is the number of replicas + for the tenant service deployment + type: integer + tolerations: + description: >- + Tolerations is the list of tolerations for the + driver pods + items: + description: >- + The pod this Toleration is attached to + tolerates any taint that matches + + the triple using the + matching operator . + properties: + effect: + description: >- + Effect indicates the taint effect to + match. Empty means match all taint + effects. + + When specified, allowed values are + NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: >- + Key is the taint key that the toleration + applies to. Empty means match all taint + keys. + + If the key is empty, operator must be + Exists; this combination means to match + all values and all keys. + type: string + operator: + description: >- + Operator represents a key's relationship + to the value. + + Valid operators are Exists and Equal. + Defaults to Equal. + + Exists is equivalent to wildcard for + value, so that a pod can + + tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: >- + TolerationSeconds represents the period of + time the toleration (which must be + + of effect NoExecute, otherwise this field + is ignored) tolerates the taint. By + default, + + it is not set, which means tolerate the + taint forever (do not evict). Zero and + + negative values will be treated as 0 + (evict immediately) by the system. + format: int64 + type: integer + value: + description: >- + Value is the taint value the toleration + matches to. + + If the operator is Exists, the value + should be empty, otherwise just a regular + string. + type: string + type: object + type: array + useVolumeSnapshot: + description: >- + UseSnapshot is to check whether volume snapshot + is enabled under velero component + type: boolean + vaultConfigurations: + description: Vaults are the vault configurations + items: + description: >- + Vault is the configuration for a vault + instance struct + properties: + address: + description: Address is the address for this vault + type: string + certificateAuthority: + description: >- + CertificateAuthority is the base64-encoded + certificate authority for validaitng the + vault certificate + type: string + clientCertificate: + description: >- + ClientCertificate is the base64-encoded + certificate for connecting to vault + type: string + clientKey: + description: >- + ClientKey validates is the base64-encoded + certificate key for connecting to vault + type: string + identifier: + description: >- + Identifier is the identifier for this + vault + type: string + role: + description: Role is the role for this vault + type: string + skipCertificateValidation: + description: >- + SkipCertificateValidation validates the + vault server certificate or not + type: boolean + type: object + type: array + veleroNamespace: + description: >- + VeleroNamespace is the namespace that Velero is + installed in + type: string + type: object + type: array + configVersion: + description: >- + ConfigVersion is the configuration version of the + module + type: string + enabled: + description: >- + Enabled is used to indicate whether or not to deploy a + module + type: boolean + forceRemoveModule: + description: >- + ForceRemoveModule is the boolean flag used to remove + authorization proxy server deployment when CR is + deleted + type: boolean + initContainer: + description: >- + InitContainer is the specification for Module + InitContainer + items: + description: ContainerTemplate template + properties: + args: + description: Args is the set of arguments for the container + items: + type: string + type: array + authorizationController: + description: >- + AuthorizationController is the image tag for the + container + type: string + authorizationControllerReplicas: + description: >- + AuthorizationControllerReplicas is the number of + replicas for the authorization controller + deployment + type: integer + certificate: + description: >- + Certificate is a certificate used for a + certificate/private-key pair + type: string + certificateAuthority: + description: >- + CertificateAuthority is a certificate authority + used to validate a certificate + type: string + commander: + description: Commander is the image tag for the Container + type: string + controllerReconcileInterval: + description: >- + The interval which the reconcile of each + controller is run + type: string + credentials: + description: >- + ComponentCred is to store the velero credential + contents + items: + description: Credential struct + properties: + createWithInstall: + description: >- + CreateWithInstall is used to indicate + wether or not to create a secret for + objectstore + type: boolean + name: + description: >- + Name is the name of secret which contains + credentials to access objectstore + type: string + secretContents: + description: >- + SecretContents contains credentials to + access objectstore + properties: + aws_access_key_id: + description: >- + AccessKeyID is a name of key ID to + access objectstore + type: string + aws_secret_access_key: + description: >- + AccessKey contains the key to access + objectstore + type: string + type: object + type: object + type: array + deployNodeAgent: + description: >- + DeployNodeAgent is to enable/disable node-agent + services + type: boolean + enabled: + description: >- + Enabled is used to indicate wether or not to + deploy a module + type: boolean + envs: + description: >- + Envs is the set of environment variables for the + container + items: + description: >- + EnvVar represents an environment variable + present in a Container. + properties: + name: + description: >- + Name of the environment variable. Must be + a C_IDENTIFIER. + type: string + value: + description: >- + Variable references $(VAR_NAME) are + expanded + + using the previously defined environment + variables in the container and + + any service environment variables. If a + variable cannot be resolved, + + the reference in the input string will be + unchanged. Double $$ are reduced + + to a single $, which allows for escaping + the $(VAR_NAME) syntax: i.e. + + "$$(VAR_NAME)" will produce the string + literal "$(VAR_NAME)". + + Escaped references will never be expanded, + regardless of whether the variable + + exists or not. + + Defaults to "". + type: string + valueFrom: + description: >- + Source for the environment variable's + value. Cannot be used if value is not + empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + default: '' + description: >- + Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: >- + Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + fieldRef: + description: >- + Selects a field of the pod: supports + metadata.name, metadata.namespace, + `metadata.labels['']`, + `metadata.annotations['']`, + + spec.nodeName, spec.serviceAccountName, + status.hostIP, status.podIP, + status.podIPs. + properties: + apiVersion: + description: >- + Version of the schema the FieldPath is + written in terms of, defaults to "v1". + type: string + fieldPath: + description: >- + Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + x-kubernetes-map-type: atomic + resourceFieldRef: + description: >- + Selects a resource of the container: + only resources limits and requests + + (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, + requests.memory and + requests.ephemeral-storage) are + currently supported. + properties: + containerName: + description: >- + Container name: required for volumes, + optional for env vars + type: string + divisor: + anyOf: + - type: integer + - type: string + description: >- + Specifies the output format of the + exposed resources, defaults to "1" + pattern: >- + ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: >- + Selects a key of a secret in the pod's + namespace + properties: + key: + description: >- + The key of the secret to select from. + Must be a valid secret key. + type: string + name: + default: '' + description: >- + Name of the referent. + + This field is effectively required, but + due to backwards compatibility is + + allowed to be empty. Instances of this + type with an empty value here are + + almost certainly wrong. + + More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: >- + Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - name + type: object + type: array + hostname: + description: >- + Hostname is the authorization proxy server + hostname + type: string + image: + description: Image is the image tag for the Container + type: string + imagePullPolicy: + description: >- + ImagePullPolicy is the image pull policy for the + image + type: string + leaderElection: + description: >- + LeaderElection is boolean flag to enable leader + election + type: boolean + licenseName: + description: >- + LicenseName is the name of the license for + app-mobility + type: string + name: + description: Name is the name of Container + type: string + nodeSelector: + additionalProperties: + type: string + description: >- + NodeSelector is a selector which must be true + for the pod to fit on a node. + + Selector which must match a node's labels for + the pod to be scheduled on that node. + type: object + objectStoreSecretName: + description: >- + ObjectStoreSecretName is the name of the secret + for the object store for app-mobility + type: string + opa: + description: Opa is the image tag for the Container + type: string + opaKubeMgmt: + description: OpaKubeMgmt is the image tag for the Container + type: string + openTelemetryCollectorAddress: + description: >- + OpenTelemetryCollectorAddress is the address of + the OTLP receiving endpoint using gRPC + type: string + privateKey: + description: >- + PrivateKey is a private key used for a + certificate/private-key pair + type: string + proxyServerIngress: + description: >- + ProxyServerIngress is the authorization proxy + server ingress configuration + items: + description: >- + ProxyServerIngress is the authorization + ingress configuration struct + properties: + annotations: + additionalProperties: + type: string + description: >- + Annotations is an unstructured key value + map that stores additional annotations for + the ingress + type: object + hosts: + description: Hosts is the hosts rules for the ingress + items: + type: string + type: array + ingressClassName: + description: IngressClassName is the ingressClassName + type: string + type: object + type: array + proxyService: + description: ProxyService is the image tag for the Container + type: string + proxyServiceReplicas: + description: >- + ProxyServiceReplicas is the number of replicas + for the proxy service deployment + type: integer + redis: + description: Redis is the image tag for the Container + type: string + redisCommander: + description: >- + RedisCommander is the name of the redis + deployment + type: string + redisName: + description: RedisName is the name of the redis statefulset + type: string + redisReplicas: + description: >- + RedisReplicas is the number of replicas for the + redis deployment + type: integer + replicaCount: + description: >- + ReplicaCount is the replica count for app + mobility + type: string + roleService: + description: RoleService is the image tag for the Container + type: string + roleServiceReplicas: + description: >- + RoleServiceReplicas is the number of replicas + for the role service deployment + type: integer + sentinel: + description: Sentinel is the name of the sentinel statefulSet + type: string + skipCertificateValidation: + description: >- + skipCertificateValidation is the flag to skip + certificate validation + type: boolean + storageService: + description: >- + StorageService is the image tag for the + Container + type: string + storageServiceReplicas: + description: >- + StorageServiceReplicas is the number of replicas + for storage service deployment + type: integer + storageclass: + description: >- + RedisStorageClass is the authorization proxy + server redis storage class for persistence + type: string + tenantService: + description: TenantService is the image tag for the Container + type: string + tenantServiceReplicas: + description: >- + TenantServiceReplicas is the number of replicas + for the tenant service deployment + type: integer + tolerations: + description: >- + Tolerations is the list of tolerations for the + driver pods + items: + description: >- + The pod this Toleration is attached to + tolerates any taint that matches + + the triple using the + matching operator . + properties: + effect: + description: >- + Effect indicates the taint effect to + match. Empty means match all taint + effects. + + When specified, allowed values are + NoSchedule, PreferNoSchedule and + NoExecute. + type: string + key: + description: >- + Key is the taint key that the toleration + applies to. Empty means match all taint + keys. + + If the key is empty, operator must be + Exists; this combination means to match + all values and all keys. + type: string + operator: + description: >- + Operator represents a key's relationship + to the value. + + Valid operators are Exists and Equal. + Defaults to Equal. + + Exists is equivalent to wildcard for + value, so that a pod can + + tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: >- + TolerationSeconds represents the period of + time the toleration (which must be + + of effect NoExecute, otherwise this field + is ignored) tolerates the taint. By + default, + + it is not set, which means tolerate the + taint forever (do not evict). Zero and + + negative values will be treated as 0 + (evict immediately) by the system. + format: int64 + type: integer + value: + description: >- + Value is the taint value the toleration + matches to. + + If the operator is Exists, the value + should be empty, otherwise just a regular + string. + type: string + type: object + type: array + useVolumeSnapshot: + description: >- + UseSnapshot is to check whether volume snapshot + is enabled under velero component + type: boolean + vaultConfigurations: + description: Vaults are the vault configurations + items: + description: >- + Vault is the configuration for a vault + instance struct + properties: + address: + description: Address is the address for this vault + type: string + certificateAuthority: + description: >- + CertificateAuthority is the base64-encoded + certificate authority for validaitng the + vault certificate + type: string + clientCertificate: + description: >- + ClientCertificate is the base64-encoded + certificate for connecting to vault + type: string + clientKey: + description: >- + ClientKey validates is the base64-encoded + certificate key for connecting to vault + type: string + identifier: + description: >- + Identifier is the identifier for this + vault + type: string + role: + description: Role is the role for this vault + type: string + skipCertificateValidation: + description: >- + SkipCertificateValidation validates the + vault server certificate or not + type: boolean + type: object + type: array + veleroNamespace: + description: >- + VeleroNamespace is the namespace that Velero is + installed in + type: string + type: object + type: array + name: + description: Name is name of ContainerStorageModule modules + type: string + type: object + type: array + type: object + status: + description: >- + ContainerStorageModuleStatus defines the observed state of + ContainerStorageModule + properties: + controllerStatus: + description: ControllerStatus is the status of Controller pods + properties: + available: + type: string + desired: + type: string + failed: + type: string + type: object + nodeStatus: + description: NodeStatus is the status of Controller pods + properties: + available: + type: string + desired: + type: string + failed: type: string type: object - type: array - type: object - status: - description: ContainerStorageModuleStatus defines the observed state of - ContainerStorageModule - properties: - controllerStatus: - description: ControllerStatus is the status of Controller pods - properties: - available: - type: string - desired: - type: string - failed: - type: string - type: object - nodeStatus: - description: NodeStatus is the status of Controller pods - properties: - available: - type: string - desired: - type: string - failed: - type: string - type: object - state: - description: State is the state of the driver installation - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} + state: + description: State is the state of the driver installation + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} From 19586913cd553cfb8ad8f0c20c0c8b96abad30e0 Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Wed, 4 Dec 2024 05:33:14 -0500 Subject: [PATCH 33/46] added no mdm unit test --- pkg/drivers/powerflex_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/drivers/powerflex_test.go b/pkg/drivers/powerflex_test.go index 7cc7c3361..fe897e648 100644 --- a/pkg/drivers/powerflex_test.go +++ b/pkg/drivers/powerflex_test.go @@ -56,6 +56,7 @@ var ( }{ {"missing secret", powerFlexCSM, powerFlexClient, fakeSecret, "no secrets found"}, {"happy path", powerFlexCSM, powerFlexClient, powerFlexSecret, ""}, + {"happy path with initContainers but no MDM", csmForPowerFlex("no-mdm"), powerFlexClient, shared.MakeSecretWithJSON("no-mdm-config", pFlexNS, configJSONFileGood), ""}, {"happy path without sdc", csmForPowerFlex("no-sdc"), powerFlexClient, shared.MakeSecretWithJSON("no-sdc-config", pFlexNS, configJSONFileGood), ""}, {"bad version", powerFlexCSMBadVersion, powerFlexClient, powerFlexSecret, "not supported"}, {"bad username", csmForPowerFlex("bad-user"), powerFlexClient, shared.MakeSecretWithJSON("bad-user-config", pFlexNS, configJSONFileBadUser), "invalid value for Username"}, From e9e6a637eb09c1491db67886718e7a6cca1417f2 Mon Sep 17 00:00:00 2001 From: Rishabh Raj Date: Fri, 6 Dec 2024 03:52:02 -0500 Subject: [PATCH 34/46] fixed reverseproxy envs --- pkg/drivers/powermax.go | 30 +++--------------------------- pkg/modules/reverseproxy.go | 27 +++++++++++++++++++++++---- 2 files changed, 26 insertions(+), 31 deletions(-) diff --git a/pkg/drivers/powermax.go b/pkg/drivers/powermax.go index 1e583ac1f..91dd5da71 100644 --- a/pkg/drivers/powermax.go +++ b/pkg/drivers/powermax.go @@ -97,34 +97,10 @@ func PrecheckPowerMax(ctx context.Context, cr *csmv1.ContainerStorageModule, ope } if !foundRevProxy { // if we are here then it's minimal yaml - log.Infof("Reverse proxy module not found adding it with default config") - components := make([]csmv1.ContainerTemplate, 0) - components = append(components, csmv1.ContainerTemplate{ - Name: "csipowermax-reverseproxy", - }) - - components[0].Envs = append(components[0].Envs, corev1.EnvVar{ - Name: "X_CSI_REVPROXY_TLS_SECRET", - Value: "csirevproxy-tls-secret", - }) - components[0].Envs = append(components[0].Envs, corev1.EnvVar{ - Name: "X_CSI_REVPROXY_PORT", - Value: "2222", - }) - components[0].Envs = append(components[0].Envs, corev1.EnvVar{ - Name: "X_CSI_CONFIG_MAP_NAME", - Value: "powermax-reverseproxy-config", - }) - components[0].Envs = append(components[0].Envs, corev1.EnvVar{ - Name: "DeployAsSidecar", - Value: "true", - }) - + log.Infof("Reverse proxy module not found adding it") cr.Spec.Modules = append(cr.Spec.Modules, csmv1.Module{ - Name: csmv1.ReverseProxy, - Enabled: true, - ForceRemoveModule: true, - Components: components, + Name: csmv1.ReverseProxy, + Enabled: true, }) } diff --git a/pkg/modules/reverseproxy.go b/pkg/modules/reverseproxy.go index 80a055eb7..23bcbed94 100644 --- a/pkg/modules/reverseproxy.go +++ b/pkg/modules/reverseproxy.go @@ -49,7 +49,7 @@ const ( // var used in deploying reverseproxy var ( - deployAsSidecar bool + deployAsSidecar = true CSIPmaxRevProxyServiceName = "X_CSI_POWERMAX_PROXY_SERVICE_NAME" CSIPmaxRevProxyPort = "X_CSI_POWERMAX_SIDECAR_PROXY_PORT" RevProxyDefaultPort = "2222" @@ -118,9 +118,9 @@ func ReverseProxyPrecheck(ctx context.Context, op utils.OperatorConfig, revproxy // ReverseProxyServer - apply/delete deployment objects func ReverseProxyServer(ctx context.Context, isDeleting bool, op utils.OperatorConfig, cr csmv1.ContainerStorageModule, ctrlClient crclient.Client) error { log := logger.GetLogger(ctx) - log.Infof("Checking if DeployAsSidar is false...\n") + log.Infof("Checking if DeployAsSidecar is false...\n") if deployAsSidecar { - log.Infof("DeployAsSidar is true...csi-reverseproxy will be installed as sidecar\n") + log.Infof("DeployAsSidecar is true...csi-reverseproxy will be installed as sidecar\n") log.Infof("exiting ReverseProxyServer...\n") return nil } @@ -204,7 +204,7 @@ func getReverseProxyService(op utils.OperatorConfig, cr csmv1.ContainerStorageMo } yamlString = string(buf) - var proxyPort string + proxyPort := "2222" for _, component := range revProxy.Components { if component.Name == ReverseProxyServerComponent { for _, env := range component.Envs { @@ -320,6 +320,25 @@ func ReverseProxyInjectDeployment(dp v1.DeploymentApplyConfiguration, cr csmv1.C if err != nil { return nil, err } + if revProxyModule.Components == nil { + revProxyModule = &csmv1.Module{ + Name: csmv1.ReverseProxy, + ForceRemoveModule: true, + Enabled: true, + Components: []csmv1.ContainerTemplate{ + { + Image: csmv1.ImageType(op.K8sVersion.Images.CSIRevProxy), + Name: "csipowermax-reverseproxy", + Envs: []corev1.EnvVar{ + {Name: "X_CSI_REVPROXY_TLS_SECRET", Value: "csirevproxy-tls-secret"}, + {Name: "X_CSI_REVPROXY_PORT", Value: "2222"}, + {Name: "X_CSI_CONFIG_MAP_NAME", Value: "powermax-reverseproxy-config"}, + {Name: "DeployAsSidecar", Value: "true"}, + }, + }, + }, + } + } container := *containerPtr // update the image for _, side := range revProxyModule.Components { From 9c4fa54238c22eb1209d7eb53df2761b078fa74f Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Wed, 11 Dec 2024 19:32:33 +0530 Subject: [PATCH 35/46] Inject ReverseProxy directly into the deployment --- controllers/csm_controller.go | 32 ++++++++++--- pkg/drivers/powermax.go | 10 ---- pkg/modules/reverseproxy.go | 88 ++++++++++++++--------------------- 3 files changed, 60 insertions(+), 70 deletions(-) diff --git a/controllers/csm_controller.go b/controllers/csm_controller.go index e18a4b50a..f52753cd5 100644 --- a/controllers/csm_controller.go +++ b/controllers/csm_controller.go @@ -759,6 +759,25 @@ func (r *ContainerStorageModuleReconciler) SyncCSM(ctx context.Context, cr csmv1 node := driverConfig.Node controller := driverConfig.Controller + if cr.GetDriverType() == csmv1.PowerMax { + if !modules.IsReverseProxySidecar() { + log.Infof("DeployAsSidar is false...csi-reverseproxy should be present as deployement\n") + log.Infof("adding proxy service name...\n") + modules.AddReverseProxyServiceName(&controller.Deployment) + } else { + log.Info("Starting CSI ReverseProxy Service") + if err := modules.ReverseProxyStartService(ctx, false, operatorConfig, cr, ctrlClient); err != nil { + return fmt.Errorf("unable to reconcile reverse-proxy service: %v", err) + } + log.Info("Injecting CSI ReverseProxy") + dp, err := modules.ReverseProxyInjectDeployment(controller.Deployment, cr, operatorConfig) + if err != nil { + return fmt.Errorf("injecting replication into deployment: %v", err) + } + controller.Deployment = *dp + } + } + replicationEnabled, clusterClients, err := utils.GetDefaultClusters(ctx, cr, r) if err != nil { return err @@ -827,13 +846,6 @@ func (r *ContainerStorageModuleReconciler) SyncCSM(ctx context.Context, cr csmv1 } controller.Rbac.ClusterRole = *clusterRole - case csmv1.ReverseProxy: - log.Info("Injecting CSI ReverseProxy") - dp, err := modules.ReverseProxyInjectDeployment(controller.Deployment, cr, operatorConfig) - if err != nil { - return fmt.Errorf("injecting replication into deployment: %v", err) - } - controller.Deployment = *dp } } } @@ -1260,6 +1272,12 @@ func (r *ContainerStorageModuleReconciler) removeDriver(ctx context.Context, ins return err } for _, cluster := range clusterClients { + if instance.GetDriverType() == csmv1.PowerMax && modules.IsReverseProxySidecar() { + log.Info("Removing CSI ReverseProxy Service") + if err := modules.ReverseProxyStartService(ctx, true, operatorConfig, instance, cluster.ClusterCTRLClient); err != nil { + return fmt.Errorf("unable to reconcile reverse-proxy service: %v", err) + } + } if err = removeDriverReplicaCluster(ctx, cluster, driverConfig); err != nil { return err } diff --git a/pkg/drivers/powermax.go b/pkg/drivers/powermax.go index 91dd5da71..105fe2c49 100644 --- a/pkg/drivers/powermax.go +++ b/pkg/drivers/powermax.go @@ -86,23 +86,13 @@ func PrecheckPowerMax(ctx context.Context, cr *csmv1.ContainerStorageModule, ope } } - foundRevProxy := false for i, mod := range cr.Spec.Modules { if mod.Name == csmv1.ReverseProxy { - foundRevProxy = true cr.Spec.Modules[i].Enabled = true cr.Spec.Modules[i].ForceRemoveModule = true break } } - if !foundRevProxy { - // if we are here then it's minimal yaml - log.Infof("Reverse proxy module not found adding it") - cr.Spec.Modules = append(cr.Spec.Modules, csmv1.Module{ - Name: csmv1.ReverseProxy, - Enabled: true, - }) - } log.Debugw("preCheck", "secrets", cred) return nil diff --git a/pkg/modules/reverseproxy.go b/pkg/modules/reverseproxy.go index 23bcbed94..90dbd7b8e 100644 --- a/pkg/modules/reverseproxy.go +++ b/pkg/modules/reverseproxy.go @@ -49,13 +49,15 @@ const ( // var used in deploying reverseproxy var ( - deployAsSidecar = true - CSIPmaxRevProxyServiceName = "X_CSI_POWERMAX_PROXY_SERVICE_NAME" - CSIPmaxRevProxyPort = "X_CSI_POWERMAX_SIDECAR_PROXY_PORT" - RevProxyDefaultPort = "2222" - RevProxyServiceName = "csipowermax-reverseproxy" - RevProxyConfigMapVolName = "configmap-volume" - RevProxyTLSSecretVolName = "tls-secret" + deployAsSidecar = true + CSIPmaxRevProxyServiceName = "X_CSI_POWERMAX_PROXY_SERVICE_NAME" + CSIPmaxRevProxyPort = "X_CSI_POWERMAX_SIDECAR_PROXY_PORT" + RevProxyDefaultPort = "2222" + RevProxyServiceName = "csipowermax-reverseproxy" + RevProxyConfigMapVolName = "configmap-volume" + RevProxyConfigMapDeafultName = "powermax-reverseproxy-config" + RevProxyTLSSecretVolName = "tls-secret" + RevProxyTLSSecretDefaultName = "csirevproxy-tls-secret" ) // ReverseproxySupportedDrivers is a map containing the CSI Drivers supported by CSM Reverseproxy. The key is driver name and the value is the driver plugin identifier @@ -152,10 +154,7 @@ func ReverseProxyServer(ctx context.Context, isDeleting bool, op utils.OperatorC // ReverseProxyStartService starts reverseproxy service for node to connect to revserseproxy sidecar func ReverseProxyStartService(ctx context.Context, isDeleting bool, op utils.OperatorConfig, cr csmv1.ContainerStorageModule, ctrlClient crclient.Client) error { log := logger.GetLogger(ctx) - if !deployAsSidecar { - log.Infof("DeployAsSidar is false...csi-reverseproxy service is part of deployement already\n") - return nil - } + YamlString, err := getReverseProxyService(op, cr) if err != nil { return err @@ -193,9 +192,10 @@ func getReverseProxyModule(cr csmv1.ContainerStorageModule) (csmv1.Module, error // getReverseProxyService - gets the reverseproxy service manifest func getReverseProxyService(op utils.OperatorConfig, cr csmv1.ContainerStorageModule) (string, error) { yamlString := "" - revProxy, err := getReverseProxyModule(cr) - if err != nil { - return yamlString, err + revProxy := cr.GetModule(csmv1.ReverseProxy) + // This is necessary for the minimal manifest, where the reverse proxy will not be included in the CSM CR. + if len(revProxy.Name) == 0 { + revProxy.Name = csmv1.ReverseProxy } buf, err := readConfigFile(revProxy, cr, op, ReverseProxyService) @@ -300,45 +300,11 @@ func getReverseProxyDeployment(op utils.OperatorConfig, cr csmv1.ContainerStorag // ReverseProxyInjectDeployment injects reverseproxy container as sidecar into controller func ReverseProxyInjectDeployment(dp v1.DeploymentApplyConfiguration, cr csmv1.ContainerStorageModule, op utils.OperatorConfig) (*v1.DeploymentApplyConfiguration, error) { - log := logger.GetLogger(context.Background()) - - if !deployAsSidecar { - log.Infof("DeployAsSidar is false...csi-reverseproxy should be present as deployement\n") - log.Infof("adding proxy service name...\n") - for i, cnt := range dp.Spec.Template.Spec.Containers { - if *cnt.Name == "driver" { - dp.Spec.Template.Spec.Containers[i].Env = append(dp.Spec.Template.Spec.Containers[i].Env, - acorev1.EnvVarApplyConfiguration{Name: &CSIPmaxRevProxyServiceName, Value: &RevProxyServiceName}, - ) - break - } - } - return &dp, nil - } - revProxyModule, containerPtr, err := getRevproxyApplyCR(cr, op) if err != nil { return nil, err } - if revProxyModule.Components == nil { - revProxyModule = &csmv1.Module{ - Name: csmv1.ReverseProxy, - ForceRemoveModule: true, - Enabled: true, - Components: []csmv1.ContainerTemplate{ - { - Image: csmv1.ImageType(op.K8sVersion.Images.CSIRevProxy), - Name: "csipowermax-reverseproxy", - Envs: []corev1.EnvVar{ - {Name: "X_CSI_REVPROXY_TLS_SECRET", Value: "csirevproxy-tls-secret"}, - {Name: "X_CSI_REVPROXY_PORT", Value: "2222"}, - {Name: "X_CSI_CONFIG_MAP_NAME", Value: "powermax-reverseproxy-config"}, - {Name: "DeployAsSidecar", Value: "true"}, - }, - }, - }, - } - } + container := *containerPtr // update the image for _, side := range revProxyModule.Components { @@ -382,7 +348,7 @@ func getRevProxyPort(revProxyModule csmv1.Module) string { } func getRevProxyVolumeComp(revProxyModule csmv1.Module) []acorev1.VolumeApplyConfiguration { - var revProxyConfigMap, revProxyTLSSecret string + var revProxyConfigMap, revProxyTLSSecret = RevProxyConfigMapDeafultName, RevProxyTLSSecretDefaultName for _, component := range revProxyModule.Components { if component.Name == ReverseProxyServerComponent { for _, env := range component.Envs { @@ -422,9 +388,10 @@ func getRevProxyVolumeComp(revProxyModule csmv1.Module) []acorev1.VolumeApplyCon // returns revproxy module and container func getRevproxyApplyCR(cr csmv1.ContainerStorageModule, op utils.OperatorConfig) (*csmv1.Module, *acorev1.ContainerApplyConfiguration, error) { var err error - revProxyModule, err := getReverseProxyModule(cr) - if err != nil { - return nil, nil, err + revProxyModule := cr.GetModule(csmv1.ReverseProxy) + // This is necessary for the minimal manifest, where the reverse proxy will not be included in the CSM CR. + if len(revProxyModule.Name) == 0 { + revProxyModule.Name = csmv1.ReverseProxy } buf, err := readConfigFile(revProxyModule, cr, op, ReverseProxySidecar) @@ -440,3 +407,18 @@ func getRevproxyApplyCR(cr csmv1.ContainerStorageModule, op utils.OperatorConfig } return &revProxyModule, &container, nil } + +func AddReverseProxyServiceName(dp *v1.DeploymentApplyConfiguration) { + for i, cnt := range dp.Spec.Template.Spec.Containers { + if *cnt.Name == "driver" { + dp.Spec.Template.Spec.Containers[i].Env = append(dp.Spec.Template.Spec.Containers[i].Env, + acorev1.EnvVarApplyConfiguration{Name: &CSIPmaxRevProxyServiceName, Value: &RevProxyServiceName}, + ) + break + } + } +} + +func IsReverseProxySidecar() bool { + return deployAsSidecar +} From d895a6b585ce3f2fd186b027b828f8256c44602b Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Thu, 12 Dec 2024 13:32:25 +0530 Subject: [PATCH 36/46] Refactor ReverseProxy code --- controllers/csm_controller.go | 27 ++++++++--------- controllers/csm_controller_test.go | 4 +-- pkg/modules/reverseproxy.go | 48 +++++------------------------- 3 files changed, 21 insertions(+), 58 deletions(-) diff --git a/controllers/csm_controller.go b/controllers/csm_controller.go index 9fe9192e9..f88ceb9f6 100644 --- a/controllers/csm_controller.go +++ b/controllers/csm_controller.go @@ -731,9 +731,9 @@ func (r *ContainerStorageModuleReconciler) SyncCSM(ctx context.Context, cr csmv1 } // Create/Update Reverseproxy Server - if reverseProxyEnabled, _ := utils.IsModuleEnabled(ctx, cr, csmv1.ReverseProxy); reverseProxyEnabled { + if reverseProxyEnabled, _ := utils.IsModuleEnabled(ctx, cr, csmv1.ReverseProxy); reverseProxyEnabled && !modules.IsReverseProxySidecar() { log.Infow("Trying Create/Update reverseproxy...") - if err := r.reconcileReverseProxy(ctx, false, operatorConfig, cr, ctrlClient); err != nil { + if err := r.reconcileReverseProxyServer(ctx, false, operatorConfig, cr, ctrlClient); err != nil { return fmt.Errorf("failed to deploy reverseproxy proxy server: %v", err) } } @@ -1160,16 +1160,13 @@ func getDriverConfig(ctx context.Context, }, nil } -// reconcileReverseProxy - deploy reverse proxy server -func (r *ContainerStorageModuleReconciler) reconcileReverseProxy(ctx context.Context, isDeleting bool, op utils.OperatorConfig, cr csmv1.ContainerStorageModule, ctrlClient client.Client) error { +// reconcileReverseProxyServer - deploy reverse proxy server +func (r *ContainerStorageModuleReconciler) reconcileReverseProxyServer(ctx context.Context, isDeleting bool, op utils.OperatorConfig, cr csmv1.ContainerStorageModule, ctrlClient client.Client) error { log := logger.GetLogger(ctx) log.Infow("Reconcile reverseproxy proxy") if err := modules.ReverseProxyServer(ctx, isDeleting, op, cr, ctrlClient); err != nil { return fmt.Errorf("unable to reconcile reverse-proxy server: %v", err) } - if err := modules.ReverseProxyStartService(ctx, isDeleting, op, cr, ctrlClient); err != nil { - return fmt.Errorf("unable to reconcile reverse-proxy service: %v", err) - } return nil } @@ -1272,12 +1269,6 @@ func (r *ContainerStorageModuleReconciler) removeDriver(ctx context.Context, ins return err } for _, cluster := range clusterClients { - if instance.GetDriverType() == csmv1.PowerMax && modules.IsReverseProxySidecar() { - log.Info("Removing CSI ReverseProxy Service") - if err := modules.ReverseProxyStartService(ctx, true, operatorConfig, instance, cluster.ClusterCTRLClient); err != nil { - return fmt.Errorf("unable to reconcile reverse-proxy service: %v", err) - } - } if err = removeDriverReplicaCluster(ctx, cluster, driverConfig); err != nil { return err } @@ -1300,6 +1291,12 @@ func (r *ContainerStorageModuleReconciler) removeDriver(ctx context.Context, ins } } + if instance.GetDriverType() == csmv1.PowerMax && modules.IsReverseProxySidecar() { + log.Info("Removing CSI ReverseProxy Service") + if err := modules.ReverseProxyStartService(ctx, true, operatorConfig, instance, cluster.ClusterCTRLClient); err != nil { + return fmt.Errorf("unable to reconcile reverse-proxy service: %v", err) + } + } } return nil @@ -1322,9 +1319,9 @@ func (r *ContainerStorageModuleReconciler) removeModule(ctx context.Context, ins return err } } - if reverseproxyEnabled, _ := utils.IsModuleEnabled(ctx, instance, csmv1.ReverseProxy); reverseproxyEnabled { + if reverseproxyEnabled, _ := utils.IsModuleEnabled(ctx, instance, csmv1.ReverseProxy); reverseproxyEnabled && !modules.IsReverseProxySidecar() { log.Infow("Deleting ReverseProxy") - if err := r.reconcileReverseProxy(ctx, true, operatorConfig, instance, ctrlClient); err != nil { + if err := r.reconcileReverseProxyServer(ctx, true, operatorConfig, instance, ctrlClient); err != nil { return err } } diff --git a/controllers/csm_controller_test.go b/controllers/csm_controller_test.go index 8ead3f952..34d4f0680 100644 --- a/controllers/csm_controller_test.go +++ b/controllers/csm_controller_test.go @@ -287,7 +287,7 @@ func (suite *CSMControllerTestSuite) TestReconcileReverseProxyError() { csm := shared.MakeCSM(csmName, suite.namespace, shared.PmaxConfigVersion) csm.Spec.Modules = getReverseProxyModule() reconciler := suite.createReconciler() - err := reconciler.reconcileReverseProxy(ctx, false, badOperatorConfig, csm, suite.fakeClient) + err := reconciler.reconcileReverseProxyServer(ctx, false, badOperatorConfig, csm, suite.fakeClient) assert.NotNil(suite.T(), err) } @@ -300,7 +300,7 @@ func (suite *CSMControllerTestSuite) TestReconcileReverseProxyServiceError() { reconciler := suite.createReconciler() _ = modules.ReverseProxyPrecheck(ctx, operatorConfig, revProxy[0], csm, reconciler) revProxy[0].ConfigVersion = "" - err := reconciler.reconcileReverseProxy(ctx, false, badOperatorConfig, csm, suite.fakeClient) + err := reconciler.reconcileReverseProxyServer(ctx, false, badOperatorConfig, csm, suite.fakeClient) assert.NotNil(suite.T(), err) } diff --git a/pkg/modules/reverseproxy.go b/pkg/modules/reverseproxy.go index 90dbd7b8e..45a97fc13 100644 --- a/pkg/modules/reverseproxy.go +++ b/pkg/modules/reverseproxy.go @@ -120,13 +120,7 @@ func ReverseProxyPrecheck(ctx context.Context, op utils.OperatorConfig, revproxy // ReverseProxyServer - apply/delete deployment objects func ReverseProxyServer(ctx context.Context, isDeleting bool, op utils.OperatorConfig, cr csmv1.ContainerStorageModule, ctrlClient crclient.Client) error { log := logger.GetLogger(ctx) - log.Infof("Checking if DeployAsSidecar is false...\n") - if deployAsSidecar { - log.Infof("DeployAsSidecar is true...csi-reverseproxy will be installed as sidecar\n") - log.Infof("exiting ReverseProxyServer...\n") - return nil - } - YamlString, err := getReverseProxyDeployment(op, cr, csmv1.Module{}) + YamlString, err := getReverseProxyDeployment(op, cr) if err != nil { return err } @@ -222,7 +216,7 @@ func getReverseProxyService(op utils.OperatorConfig, cr csmv1.ContainerStorageMo } // getReverseProxyDeployment - updates deployment manifest with reverseproxy CRD values -func getReverseProxyDeployment(op utils.OperatorConfig, cr csmv1.ContainerStorageModule, revProxy csmv1.Module) (string, error) { +func getReverseProxyDeployment(op utils.OperatorConfig, cr csmv1.ContainerStorageModule) (string, error) { YamlString := "" revProxy, err := getReverseProxyModule(cr) if err != nil { @@ -237,42 +231,16 @@ func getReverseProxyDeployment(op utils.OperatorConfig, cr csmv1.ContainerStorag YamlString = string(buf) proxyNamespace := cr.Namespace - var proxyTLSSecret, proxyPort, proxyConfig string - - // we will populate default values for environment variables, if nothing is given (minimal yaml) - if revProxy.Components == nil { - components := make([]csmv1.ContainerTemplate, 0) - components = append(components, csmv1.ContainerTemplate{ - Name: "csipowermax-reverseproxy", - }) - revProxy.Components = components - - revProxy.Components[0].Envs = append(revProxy.Components[0].Envs, corev1.EnvVar{ - Name: "X_CSI_REVPROXY_TLS_SECRET", - Value: "csirevproxy-tls-secret", - }) - revProxy.Components[0].Envs = append(revProxy.Components[0].Envs, corev1.EnvVar{ - Name: "X_CSI_REVPROXY_PORT", - Value: "2222", - }) - revProxy.Components[0].Envs = append(revProxy.Components[0].Envs, corev1.EnvVar{ - Name: "X_CSI_CONFIG_MAP_NAME", - Value: "powermax-reverseproxy-config", - }) - revProxy.Components[0].Envs = append(revProxy.Components[0].Envs, corev1.EnvVar{ - Name: "DeployAsSidecar", - Value: "true", - }) - - } + proxyTLSSecret := RevProxyTLSSecretDefaultName + proxyPort := RevProxyDefaultPort + proxyConfig := RevProxyConfigMapDeafultName + image := op.K8sVersion.Images.CSIRevProxy for _, component := range revProxy.Components { if component.Name == ReverseProxyServerComponent { - image := op.K8sVersion.Images.CSIRevProxy if string(component.Image) != "" { image = string(component.Image) } - YamlString = strings.ReplaceAll(YamlString, ReverseProxyImage, image) for _, env := range component.Envs { if env.Name == "X_CSI_REVPROXY_TLS_SECRET" { proxyTLSSecret = env.Value @@ -283,13 +251,11 @@ func getReverseProxyDeployment(op utils.OperatorConfig, cr csmv1.ContainerStorag if env.Name == "X_CSI_CONFIG_MAP_NAME" { proxyConfig = env.Value } - if env.Name == "DeployAsSidecar" { - deployAsSidecar, _ = strconv.ParseBool(env.Value) - } } } } + YamlString = strings.ReplaceAll(YamlString, ReverseProxyImage, image) YamlString = strings.ReplaceAll(YamlString, utils.DefaultReleaseNamespace, proxyNamespace) YamlString = strings.ReplaceAll(YamlString, ReverseProxyPort, proxyPort) YamlString = strings.ReplaceAll(YamlString, ReverseProxyTLSSecret, proxyTLSSecret) From 707cf3e013b096029d587a5283ae37c7412ffae6 Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Tue, 17 Dec 2024 13:03:59 +0530 Subject: [PATCH 37/46] Fix unit test failures --- controllers/csm_controller_test.go | 3 +++ pkg/modules/reverseproxy.go | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/controllers/csm_controller_test.go b/controllers/csm_controller_test.go index 34d4f0680..35e464225 100644 --- a/controllers/csm_controller_test.go +++ b/controllers/csm_controller_test.go @@ -861,6 +861,9 @@ func (suite *CSMControllerTestSuite) TestRemoveModule() { } *tt.errorInjector = true } + if tt.csm.HasModule(csmv1.ReverseProxy) { + modules.IsReverseProxySidecar = func() bool { return false } + } err := r.removeModule(ctx, tt.csm, operatorConfig, r.Client) if tt.expectedErr == "" { assert.Nil(t, err) diff --git a/pkg/modules/reverseproxy.go b/pkg/modules/reverseproxy.go index 45a97fc13..07bab7f58 100644 --- a/pkg/modules/reverseproxy.go +++ b/pkg/modules/reverseproxy.go @@ -385,6 +385,6 @@ func AddReverseProxyServiceName(dp *v1.DeploymentApplyConfiguration) { } } -func IsReverseProxySidecar() bool { +var IsReverseProxySidecar = func() bool { return deployAsSidecar } From 1f196498e5cd05277842ebf7b4681bec7ac8f084 Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Tue, 17 Dec 2024 13:37:01 +0530 Subject: [PATCH 38/46] Fix step_defs.go --- tests/e2e/steps/steps_def.go | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/tests/e2e/steps/steps_def.go b/tests/e2e/steps/steps_def.go index e4dc2477c..34c8fcf74 100644 --- a/tests/e2e/steps/steps_def.go +++ b/tests/e2e/steps/steps_def.go @@ -18,6 +18,7 @@ import ( "math/rand" "os" "os/exec" + "path/filepath" "strconv" "strings" "time" @@ -25,9 +26,6 @@ import ( csmv1 "github.com/dell/csm-operator/api/v1" "encoding/json" - "path/filepath" - - "path/filepath" "github.com/dell/csm-operator/pkg/constants" "github.com/dell/csm-operator/pkg/modules" @@ -361,8 +359,7 @@ func (step *Step) validateMinimalCSMDriverSpec(res Resource, driverName string, driver.DNSPolicy != "" || driver.Common != nil || driver.AuthSecret != "" || - driver.TLSCertSecret != "" || - driver.ForceUpdate { + driver.TLSCertSecret != "" { return fmt.Errorf("unexpected fields found in Driver spec: %+v", driver) } From 0bb8fd1f256eba3911546857a8953d7cd42e4e91 Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Tue, 17 Dec 2024 17:46:36 +0530 Subject: [PATCH 39/46] Increase coverage of controller --- controllers/csm_controller_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/controllers/csm_controller_test.go b/controllers/csm_controller_test.go index 56d77105d..68fcaf617 100644 --- a/controllers/csm_controller_test.go +++ b/controllers/csm_controller_test.go @@ -738,7 +738,8 @@ func (suite *CSMControllerTestSuite) TestRemoveDriver() { csmBadType.Spec.Driver.CSIDriverType = "wrongdriver" csmWoType := shared.MakeCSM(csmName, suite.namespace, configVersion) csm := shared.MakeCSM(csmName, suite.namespace, configVersion) - csm.Spec.Driver.CSIDriverType = "powerscale" + csm.Spec.Driver.CSIDriverType = csmv1.PowerMax + modules.IsReverseProxySidecar = func() bool { return true } removeDriverTests := []struct { name string From 7c25b49ecd59930f34d954241d340cb559fd28ea Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Wed, 18 Dec 2024 11:37:04 +0530 Subject: [PATCH 40/46] Increase coverage of controller --- controllers/csm_controller_test.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/controllers/csm_controller_test.go b/controllers/csm_controller_test.go index 68fcaf617..bbef26228 100644 --- a/controllers/csm_controller_test.go +++ b/controllers/csm_controller_test.go @@ -273,6 +273,17 @@ func (suite *CSMControllerTestSuite) TestReverseProxyReconcile() { suite.runFakeCSMManager("", true) } +func (suite *CSMControllerTestSuite) TestReverseProxySidecarReconcile() { + revProxy := getReverseProxyModule() + deploAsSidecar := corev1.EnvVar{Name: "DeployAsSidecar", Value: "true"} + revProxy[0].Components[0].Envs = append(revProxy[0].Components[0].Envs, deploAsSidecar) + modules.IsReverseProxySidecar = func() bool { return true } + suite.makeFakeRevProxyCSM(csmName, suite.namespace, true, revProxy, string(v1.PowerMax)) + suite.runFakeCSMManager("", false) + suite.deleteCSM(csmName) + suite.runFakeCSMManager("", true) +} + func (suite *CSMControllerTestSuite) TestReverseProxyPreCheckError() { suite.makeFakeRevProxyCSM(csmName, suite.namespace, false, getReverseProxyModule(), "badVersion") reconciler := suite.createReconciler() @@ -802,6 +813,7 @@ func (suite *CSMControllerTestSuite) TestSyncCSM() { appMobCSM.Spec.Modules = getAppMob() reverseProxyServerCSM := shared.MakeCSM(csmName, suite.namespace, configVersion) reverseProxyServerCSM.Spec.Modules = getReverseProxyModule() + modules.IsReverseProxySidecar = func() bool { return false } syncCSMTests := []struct { name string From e2e64fe3a0a29e0bbb8715ef6b10e727a7777c08 Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Wed, 18 Dec 2024 12:41:05 +0530 Subject: [PATCH 41/46] Fix gosec error --- pkg/modules/reverseproxy.go | 2 +- tests/e2e/steps/steps_def.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/modules/reverseproxy.go b/pkg/modules/reverseproxy.go index 07bab7f58..7241fcbc2 100644 --- a/pkg/modules/reverseproxy.go +++ b/pkg/modules/reverseproxy.go @@ -57,7 +57,7 @@ var ( RevProxyConfigMapVolName = "configmap-volume" RevProxyConfigMapDeafultName = "powermax-reverseproxy-config" RevProxyTLSSecretVolName = "tls-secret" - RevProxyTLSSecretDefaultName = "csirevproxy-tls-secret" + RevProxyTLSSecretDefaultName = "csirevproxy-tls-secret" // #nosec G101 ) // ReverseproxySupportedDrivers is a map containing the CSI Drivers supported by CSM Reverseproxy. The key is driver name and the value is the driver plugin identifier diff --git a/tests/e2e/steps/steps_def.go b/tests/e2e/steps/steps_def.go index 0c30fb2c3..3538e8798 100644 --- a/tests/e2e/steps/steps_def.go +++ b/tests/e2e/steps/steps_def.go @@ -26,6 +26,7 @@ import ( csmv1 "github.com/dell/csm-operator/api/v1" "encoding/json" + "github.com/dell/csm-operator/pkg/constants" "github.com/dell/csm-operator/pkg/modules" "github.com/dell/csm-operator/pkg/utils" @@ -39,7 +40,6 @@ import ( "k8s.io/kubernetes/test/e2e/framework/kubectl" fpod "k8s.io/kubernetes/test/e2e/framework/pod" "k8s.io/utils/pointer" - "path/filepath" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/yaml" ) From b3b5a9d9621f6e86223cfbdf85f8e507bf3335e7 Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Wed, 18 Dec 2024 13:02:06 +0530 Subject: [PATCH 42/46] Fix lint error --- pkg/modules/reverseproxy.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/modules/reverseproxy.go b/pkg/modules/reverseproxy.go index 7241fcbc2..16e98dc53 100644 --- a/pkg/modules/reverseproxy.go +++ b/pkg/modules/reverseproxy.go @@ -314,7 +314,7 @@ func getRevProxyPort(revProxyModule csmv1.Module) string { } func getRevProxyVolumeComp(revProxyModule csmv1.Module) []acorev1.VolumeApplyConfiguration { - var revProxyConfigMap, revProxyTLSSecret = RevProxyConfigMapDeafultName, RevProxyTLSSecretDefaultName + revProxyConfigMap, revProxyTLSSecret := RevProxyConfigMapDeafultName, RevProxyTLSSecretDefaultName for _, component := range revProxyModule.Components { if component.Name == ReverseProxyServerComponent { for _, env := range component.Envs { From 252d2eaaf0f6ce6292137bd0323aa2efe1f00e78 Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Wed, 18 Dec 2024 17:39:35 +0530 Subject: [PATCH 43/46] Increase coverage of reverseproxy --- pkg/modules/reverseproxy_test.go | 111 ++++++++++++++++++ .../cr_powermax_reverseproxy_sidecar.yaml | 63 ++++++++++ 2 files changed, 174 insertions(+) create mode 100644 pkg/modules/testdata/cr_powermax_reverseproxy_sidecar.yaml diff --git a/pkg/modules/reverseproxy_test.go b/pkg/modules/reverseproxy_test.go index 6ea01bf29..ef9a0dacf 100644 --- a/pkg/modules/reverseproxy_test.go +++ b/pkg/modules/reverseproxy_test.go @@ -14,6 +14,7 @@ package modules import ( "context" + "strings" "testing" "github.com/dell/csm-operator/pkg/drivers" @@ -366,3 +367,113 @@ func TestReverseProxyStartService(t *testing.T) { }) } } + +func TestAddReverseProxyServiceName(t *testing.T) { + tests := map[string]func(t *testing.T) applyv1.DeploymentApplyConfiguration{ + "Add env var to driver container": func(*testing.T) applyv1.DeploymentApplyConfiguration { + customResource, err := getCustomResource("./testdata/cr_powermax_reverseproxy.yaml") + if err != nil { + panic(err) + } + controllerYAML, err := drivers.GetController(ctx, customResource, operatorConfig, csmv1.PowerMax) + if err != nil { + panic(err) + } + deployAsSidecar = true + return controllerYAML.Deployment + }, + } + for name, tc := range tests { + t.Run(name, func(t *testing.T) { + dp := tc(t) + AddReverseProxyServiceName(&dp) + isEnvFound := false + for i, cnt := range dp.Spec.Template.Spec.Containers { + if *cnt.Name == "driver" { + for _, env := range dp.Spec.Template.Spec.Containers[i].Env { + if strings.EqualFold(*env.Name, CSIPmaxRevProxyServiceName) && strings.EqualFold(*env.Value, RevProxyServiceName) { + isEnvFound = true + } + + } + } + } + if !isEnvFound { + t.Errorf("Expected env vars: %v with value %v, but not found", CSIPmaxRevProxyServiceName, RevProxyServiceName) + } + }) + } +} + +func TestIsReverseProxySidecar(t *testing.T) { + type fakeControllerRuntimeClientWrapper func(clusterConfigData []byte) (ctrlClient.Client, error) + + tests := map[string]func(t *testing.T) (bool, csmv1.Module, csmv1.ContainerStorageModule, ctrlClient.Client, fakeControllerRuntimeClientWrapper){ + "Reverse proxy is configured as sidecar": func(*testing.T) (bool, csmv1.Module, csmv1.ContainerStorageModule, ctrlClient.Client, fakeControllerRuntimeClientWrapper) { + customResource, err := getCustomResource("./testdata/cr_powermax_reverseproxy_sidecar.yaml") + if err != nil { + panic(err) + } + + proxySecret := getSecret(customResource.Namespace, "csirevproxy-tls-secret") + proxyConfigMap := getConfigMap(customResource.Namespace, "powermax-reverseproxy-config") + + tmpCR := customResource + reverseProxy := tmpCR.Spec.Modules[0] + + sourceClient := ctrlClientFake.NewClientBuilder().WithObjects(proxySecret, proxyConfigMap).Build() + fakeControllerRuntimeClient := func(_ []byte) (ctrlClient.Client, error) { + clusterClient := ctrlClientFake.NewClientBuilder().WithObjects(proxySecret, proxyConfigMap).Build() + return clusterClient, nil + } + + return true, reverseProxy, tmpCR, sourceClient, fakeControllerRuntimeClient + }, + "Reverse proxy is not configured as sidecar": func(*testing.T) (bool, csmv1.Module, csmv1.ContainerStorageModule, ctrlClient.Client, fakeControllerRuntimeClientWrapper) { + customResource, err := getCustomResource("./testdata/cr_powermax_reverseproxy.yaml") + if err != nil { + panic(err) + } + + proxySecret := getSecret(customResource.Namespace, "csirevproxy-tls-secret") + proxyConfigMap := getConfigMap(customResource.Namespace, "powermax-reverseproxy-config") + + tmpCR := customResource + reverseProxy := tmpCR.Spec.Modules[0] + + sourceClient := ctrlClientFake.NewClientBuilder().WithObjects(proxySecret, proxyConfigMap).Build() + fakeControllerRuntimeClient := func(_ []byte) (ctrlClient.Client, error) { + clusterClient := ctrlClientFake.NewClientBuilder().WithObjects(proxySecret, proxyConfigMap).Build() + return clusterClient, nil + } + + return false, reverseProxy, tmpCR, sourceClient, fakeControllerRuntimeClient + }, + } + for name, tc := range tests { + t.Run(name, func(t *testing.T) { + oldNewControllerRuntimeClientWrapper := utils.NewControllerRuntimeClientWrapper + oldNewK8sClientWrapper := utils.NewK8sClientWrapper + defer func() { + utils.NewControllerRuntimeClientWrapper = oldNewControllerRuntimeClientWrapper + utils.NewK8sClientWrapper = oldNewK8sClientWrapper + }() + + isSideCar, reverseProxy, tmpCR, sourceClient, fakeControllerRuntimeClient := tc(t) + utils.NewControllerRuntimeClientWrapper = fakeControllerRuntimeClient + utils.NewK8sClientWrapper = func(_ []byte) (*kubernetes.Clientset, error) { + return nil, nil + } + + fakeReconcile := utils.FakeReconcileCSM{ + Client: sourceClient, + K8sClient: fake.NewSimpleClientset(), + } + + ReverseProxyPrecheck(ctx, operatorConfig, reverseProxy, tmpCR, &fakeReconcile) + if isSideCar != IsReverseProxySidecar() { + t.Errorf("Expected %v but got %v", isSideCar, IsReverseProxySidecar()) + } + }) + } +} diff --git a/pkg/modules/testdata/cr_powermax_reverseproxy_sidecar.yaml b/pkg/modules/testdata/cr_powermax_reverseproxy_sidecar.yaml new file mode 100644 index 000000000..a1ce5ce24 --- /dev/null +++ b/pkg/modules/testdata/cr_powermax_reverseproxy_sidecar.yaml @@ -0,0 +1,63 @@ +# Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +apiVersion: storage.dell.com/v1 +kind: ContainerStorageModule +metadata: + name: test-powermax + namespace: powermax +spec: + driver: + csiDriverType: "powermax" + configVersion: v2.13.0 + authSecret: powermax-creds + replicas: 1 + common: + image: "quay.io/dell/container-storage-modules/csi-powermax:v2.13.0" + imagePullPolicy: IfNotPresent + modules: + # CSI Powermax Reverseproxy is a mandatory module + - name: "csireverseproxy" + # enabled: Always set to true + enabled: true + configVersion: v2.12.0 + components: + - name: csipowermax-reverseproxy + # image: Define the container images used for the reverse proxy + # Default value: None + image: quay.io/dell/container-storage-modules/csipowermax-reverseproxy:v2.12.0 + envs: + # "tlsSecret" defines the TLS secret that is created with certificate + # and its associated key + # Default value: None + # Example: "tls-secret" + - name: X_CSI_REVPROXY_TLS_SECRET + value: "csirevproxy-tls-secret" + - name: X_CSI_REVPROXY_PORT + value: "2222" + - name: X_CSI_CONFIG_MAP_NAME + value: "powermax-reverseproxy-config" + - name: "DeployAsSidecar" + value: "true" + - name: authorization + # enable: Enable/Disable csm-authorization + enabled: false + components: + - name: karavi-authorization-proxy + image: quay.io/dell/container-storage-modules/csm-authorization-sidecar:v2.1.0 + envs: + # proxyHost: hostname of the csm-authorization server + - name: "PROXY_HOST" + value: "testing-proxy-host" + # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server + - name: "SKIP_CERTIFICATE_VALIDATION" + value: "true" From ab93bbaec753763904008dd8502ef3491223bab6 Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Wed, 18 Dec 2024 17:45:39 +0530 Subject: [PATCH 44/46] Fix lint error --- pkg/modules/reverseproxy_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/pkg/modules/reverseproxy_test.go b/pkg/modules/reverseproxy_test.go index ef9a0dacf..213beb565 100644 --- a/pkg/modules/reverseproxy_test.go +++ b/pkg/modules/reverseproxy_test.go @@ -394,7 +394,6 @@ func TestAddReverseProxyServiceName(t *testing.T) { if strings.EqualFold(*env.Name, CSIPmaxRevProxyServiceName) && strings.EqualFold(*env.Value, RevProxyServiceName) { isEnvFound = true } - } } } From 42576c89b8370e243522c9798f39f9eb0b5261da Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Thu, 19 Dec 2024 12:20:32 +0530 Subject: [PATCH 45/46] Fix minimal e2e scenarios --- tests/e2e/steps/steps_def.go | 4 ++ .../minimal-testfiles/scenarios.yaml | 60 +++++++++---------- 2 files changed, 34 insertions(+), 30 deletions(-) diff --git a/tests/e2e/steps/steps_def.go b/tests/e2e/steps/steps_def.go index 3538e8798..dd6a8040f 100644 --- a/tests/e2e/steps/steps_def.go +++ b/tests/e2e/steps/steps_def.go @@ -363,6 +363,10 @@ func (step *Step) validateMinimalCSMDriverSpec(res Resource, driverName string, return fmt.Errorf("unexpected fields found in Driver spec: %+v", driver) } + if driver.CSIDriverType == csmv1.PowerMax && found.HasModule(csmv1.ReverseProxy) { + return fmt.Errorf("csm resource '%s' contains reverse proxy module", cr.Name) + } + return nil } diff --git a/tests/e2e/testfiles/minimal-testfiles/scenarios.yaml b/tests/e2e/testfiles/minimal-testfiles/scenarios.yaml index 2099dd04a..f81abad89 100644 --- a/tests/e2e/testfiles/minimal-testfiles/scenarios.yaml +++ b/tests/e2e/testfiles/minimal-testfiles/scenarios.yaml @@ -95,9 +95,9 @@ - "Restore template [testfiles/powerstore-templates/powerstore-secret-template.yaml] for [pstore]" - "Restore template [testfiles/powerstore-templates/powerstore-storageclass-template.yaml] for [pstore]" customTest: - name: Cert CSI - run: - - cert-csi test vio --sc op-e2e-pstore --chainNumber 2 --chainLength 2 + - name: Cert CSI + run: + - cert-csi test vio --sc op-e2e-pstore --chainNumber 2 --chainLength 2 - scenario: "Install PowerStore Driver (Minimal, With false forceRemoveDriver)" paths: @@ -123,9 +123,9 @@ - "Restore template [testfiles/powerstore-templates/powerstore-secret-template.yaml] for [pstore]" - "Restore template [testfiles/powerstore-templates/powerstore-storageclass-template.yaml] for [pstore]" customTest: - name: Cert CSI - run: - - cert-csi test vio --sc op-e2e-pstore --chainNumber 2 --chainLength 2 + - name: Cert CSI + run: + - cert-csi test vio --sc op-e2e-pstore --chainNumber 2 --chainLength 2 - scenario: "Install Unity Driver (Minimal, Standalone)" paths: @@ -175,9 +175,9 @@ - "Restore template [testfiles/unity-templates/unity-secret-template.yaml] for [unity]" - "Restore template [testfiles/unity-templates/unity-storageclass-template.yaml] for [unity]" customTest: - name: Cert CSI - run: - - cert-csi test vio --sc op-e2e-unity --chainNumber 2 --chainLength 2 + - name: Cert CSI + run: + - cert-csi test vio --sc op-e2e-unity --chainNumber 2 --chainLength 2 - scenario: "Install Unity Driver (Minimal, With no forceRemoveDriver)" paths: @@ -199,9 +199,9 @@ - "Restore template [testfiles/unity-templates/unity-secret-template.yaml] for [unity]" - "Restore template [testfiles/unity-templates/unity-storageclass-template.yaml] for [unity]" customTest: - name: Cert CSI - run: - - cert-csi test vio --sc op-e2e-unity --chainNumber 2 --chainLength 2 + - name: Cert CSI + run: + - cert-csi test vio --sc op-e2e-unity --chainNumber 2 --chainLength 2 - scenario: "Install PowerFlex Driver (Minimal, Standalone)" paths: @@ -248,9 +248,9 @@ - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflex]" - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" customTest: - name: Cert CSI - run: - - cert-csi test vio --sc op-e2e-vxflexos --chainNumber 2 --chainLength 2 + - name: Cert CSI + run: + - cert-csi test vio --sc op-e2e-vxflexos --chainNumber 2 --chainLength 2 - scenario: "Install PowerFlex Driver (Minimal, With false forceRemoveDriver)" paths: @@ -278,9 +278,9 @@ - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflex]" - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" customTest: - name: Cert CSI - run: - - cert-csi test vio --sc op-e2e-vxflexos --chainNumber 2 --chainLength 2 + - name: Cert CSI + run: + - cert-csi test vio --sc op-e2e-vxflexos --chainNumber 2 --chainLength 2 - scenario: "Install PowerFlex Driver (Minimal, With Resiliency)" paths: @@ -487,9 +487,9 @@ - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - "Restore template [testfiles/powerscale-templates/powerscale-storageclass-template.yaml] for [pscale]" customTest: - name: Cert CSI - run: - - cert-csi test vio --sc op-e2e-isilon --chainNumber 2 --chainLength 2 + - name: Cert CSI + run: + - cert-csi test vio --sc op-e2e-isilon --chainNumber 2 --chainLength 2 - scenario: "Install PowerScale Driver (Minimal, With false forceRemoveDriver)" paths: @@ -517,9 +517,9 @@ - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - "Restore template [testfiles/powerscale-templates/powerscale-storageclass-template.yaml] for [pscale]" customTest: - name: Cert CSI - run: - - cert-csi test vio --sc op-e2e-isilon --chainNumber 2 --chainLength 2 + - name: Cert CSI + run: + - cert-csi test vio --sc op-e2e-isilon --chainNumber 2 --chainLength 2 - scenario: "Install PowerScale Driver (Minimal, Standalone), Enable/Disable Resiliency" paths: @@ -868,9 +868,9 @@ - "Restore template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" - "Restore template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmaxCreds]" customTest: - name: Cert CSI - run: - - cert-csi test vio --sc op-e2e-pmax --chainLength 1 --chainNumber 1 + - name: Cert CSI + run: + - cert-csi test vio --sc op-e2e-pmax --chainLength 1 --chainNumber 1 - scenario: "Install PowerMax Driver (Minimal, With false forceRemoveDriver)" paths: @@ -898,9 +898,9 @@ - "Restore template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" - "Restore template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmaxCreds]" customTest: - name: Cert CSI - run: - - cert-csi test vio --sc op-e2e-pmax --chainLength 1 --chainNumber 1 + - name: Cert CSI + run: + - cert-csi test vio --sc op-e2e-pmax --chainLength 1 --chainNumber 1 - scenario: "Install PowerMax Driver (Minimal, With Observability)" paths: From 0d79b9f1e2824d9a2b1501ed10eb79a3ba3b0bea Mon Sep 17 00:00:00 2001 From: Akshay Saini Date: Fri, 20 Dec 2024 17:44:50 +0530 Subject: [PATCH 46/46] Fix driver UT --- pkg/drivers/common_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/drivers/common_test.go b/pkg/drivers/common_test.go index 466e0168d..bc79de9b9 100644 --- a/pkg/drivers/common_test.go +++ b/pkg/drivers/common_test.go @@ -121,9 +121,6 @@ func csmWithTolerations(driver csmv1.DriverType, version string) csmv1.Container func csmForPowerFlex(customCSMName string) csmv1.ContainerStorageModule { res := shared.MakeCSM(customCSMName, pFlexNS, shared.PFlexConfigVersion) - // Add driver common image - res.Spec.Driver.Common.Image = "driverimage" - // Add sdc initcontainer res.Spec.Driver.InitContainers = []csmv1.ContainerTemplate{{ Name: "sdc", @@ -158,6 +155,9 @@ func csmForPowerFlex(customCSMName string) csmv1.ContainerStorageModule { res.Spec.Driver.Common.Envs = append(res.Spec.Driver.Common.Envs, corev1.EnvVar{Name: "INTERFACE_NAMES", Value: "worker1: \"interface1\",worker2: \"interface2\""}) } + // Add driver common image + res.Spec.Driver.Common.Image = "driverimage" + return res }