mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-12-18 02:50:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

rbd: modify oidc token file path according to FHS 3.0

Browse Source 
OIDC token file path has been modified from
`/var/run/secrets/token` to `/run/secrets/tokens`.
This has been done to ensure compliance with
FHS 3.0.

refer:
https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch05s13.html

Signed-off-by: Rakshith R <rar@redhat.com>
This commit is contained in:
Rakshith R 2022-03-23 11:01:25 +05:30 committed by mergify[bot]
parent 0ab8e6a2f5
commit 40de75e0db
5 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
charts/ceph-csi-rbd/templates/nodeplugin-daemonset.yaml
View File

@ -134,7 +134,7 @@ spec:
- name: ceph-logdir - name: ceph-logdir
mountPath: /var/log/ceph mountPath: /var/log/ceph
- name: oidc-token - name: oidc-token
mountPath: /var/run/secrets/tokens mountPath: /run/secrets/tokens
readOnly: true readOnly: true
resources: resources:
{{ toYaml .Values.nodeplugin.plugin.resources | indent 12 }} {{ toYaml .Values.nodeplugin.plugin.resources | indent 12 }}

2
charts/ceph-csi-rbd/templates/provisioner-deployment.yaml
View File

@ -184,7 +184,7 @@ spec:
- name: keys-tmp-dir - name: keys-tmp-dir
mountPath: /tmp/csi/keys mountPath: /tmp/csi/keys
- name: oidc-token - name: oidc-token
mountPath: /var/run/secrets/tokens mountPath: /run/secrets/tokens
readOnly: true readOnly: true
resources: resources:
{{ toYaml .Values.nodeplugin.plugin.resources | indent 12 }} {{ toYaml .Values.nodeplugin.plugin.resources | indent 12 }}

2
deploy/rbd/kubernetes/csi-rbdplugin-provisioner.yaml
View File

@ -164,7 +164,7 @@ spec:
- name: ceph-config - name: ceph-config
mountPath: /etc/ceph/ mountPath: /etc/ceph/
- name: oidc-token - name: oidc-token
mountPath: /var/run/secrets/tokens mountPath: /run/secrets/tokens
readOnly: true readOnly: true
- name: csi-rbdplugin-controller - name: csi-rbdplugin-controller
# for stable functionality replace canary with latest release version # for stable functionality replace canary with latest release version

2
deploy/rbd/kubernetes/csi-rbdplugin.yaml
View File

@ -119,7 +119,7 @@ spec:
- name: ceph-config - name: ceph-config
mountPath: /etc/ceph/ mountPath: /etc/ceph/
- name: oidc-token - name: oidc-token
mountPath: /var/run/secrets/tokens mountPath: /run/secrets/tokens
readOnly: true readOnly: true
- name: liveness-prometheus - name: liveness-prometheus
securityContext: securityContext:

2
internal/kms/aws_sts_metadata.go
View File

@ -60,7 +60,7 @@ const (
// tokenFilePath is the path to the file containing the OIDC token. // tokenFilePath is the path to the file containing the OIDC token.
// //
// #nosec:G101, value not credential, just path to the token. // #nosec:G101, value not credential, just path to the token.
tokenFilePath = "/var/run/secrets/tokens/oidc-token" tokenFilePath = "/run/secrets/tokens/oidc-token"
) )
var _ = RegisterProvider(Provider{ var _ = RegisterProvider(Provider{