mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-11-18 04:10:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

addressed review comments

Browse Source
This commit is contained in:
gman 2019-02-14 14:38:53 +01:00 committed by mergify[bot]
parent 96bf4a98bd
commit 8223ae325b
2 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
pkg/cephfs/cephuser.go
View File

@ -61,23 +61,34 @@ func getSingleCephEntity(args ...string) (*cephEntity, error) {
return &ents[0], nil return &ents[0], nil
} }
func genUserIDs(adminCr *credentials, volID volumeID) (adminID, userID string) {
return cephEntityClientPrefix + adminCr.id, cephEntityClientPrefix + getCephUserName(volID)
}
func getCephUser(volOptions *volumeOptions, adminCr *credentials, volID volumeID) (*cephEntity, error) { func getCephUser(volOptions *volumeOptions, adminCr *credentials, volID volumeID) (*cephEntity, error) {
adminID, userID := genUserIDs(adminCr, volID)
return getSingleCephEntity( return getSingleCephEntity(
"-m", volOptions.Monitors, "-m", volOptions.Monitors,
"-n", cephEntityClientPrefix+adminCr.id, "--key="+adminCr.key, "-n", adminID,
"--key="+adminCr.key,
"-c", cephConfigPath, "-c", cephConfigPath,
"-f", "json", "-f", "json",
"auth", "get", cephEntityClientPrefix+getCephUserName(volID), "auth", "get", userID,
) )
} }
func createCephUser(volOptions *volumeOptions, adminCr *credentials, volID volumeID) (*cephEntity, error) { func createCephUser(volOptions *volumeOptions, adminCr *credentials, volID volumeID) (*cephEntity, error) {
adminID, userID := genUserIDs(adminCr, volID)
return getSingleCephEntity( return getSingleCephEntity(
"-m", volOptions.Monitors, "-m", volOptions.Monitors,
"-n", cephEntityClientPrefix+adminCr.id, "--key="+adminCr.key, "-n", adminID,
"--key="+adminCr.key,
"-c", cephConfigPath, "-c", cephConfigPath,
"-f", "json", "-f", "json",
"auth", "get-or-create", cephEntityClientPrefix+getCephUserName(volID), "auth", "get-or-create", userID,
// User capabilities
"mds", fmt.Sprintf("allow rw path=%s", getVolumeRootPathCeph(volID)), "mds", fmt.Sprintf("allow rw path=%s", getVolumeRootPathCeph(volID)),
"mon", "allow r", "mon", "allow r",
"osd", fmt.Sprintf("allow rw pool=%s namespace=%s", volOptions.Pool, getVolumeNamespace(volID)), "osd", fmt.Sprintf("allow rw pool=%s namespace=%s", volOptions.Pool, getVolumeNamespace(volID)),
@ -85,10 +96,13 @@ func createCephUser(volOptions *volumeOptions, adminCr *credentials, volID volum
} }
func deleteCephUser(volOptions *volumeOptions, adminCr *credentials, volID volumeID) error { func deleteCephUser(volOptions *volumeOptions, adminCr *credentials, volID volumeID) error {
adminID, userID := genUserIDs(adminCr, volID)
return execCommandErr("ceph", return execCommandErr("ceph",
"-m", volOptions.Monitors, "-m", volOptions.Monitors,
"-n", cephEntityClientPrefix+adminCr.id, "--key="+adminCr.key, "-n", adminID,
"--key="+adminCr.key,
"-c", cephConfigPath, "-c", cephConfigPath,
"auth", "rm", cephEntityClientPrefix+getCephUserName(volID), "auth", "rm", userID,
) )
} }

2
pkg/util/stripsecrets.go
View File

@ -1,5 +1,5 @@
/* /*
Copyright 2018 The Kubernetes Authors. Copyright 2019 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.