mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2025-06-14 18:53:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

csi: validate incoming VolumeGroupSnapshot requests

Browse Source 
Add missing validation for VolumeGroupSnapshot requests.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
This commit is contained in:
Niels de Vos
2025-06-05 13:47:22 +02:00
committed by mergify[bot]
parent dd93de0bfc
commit cdaa0f537d
1 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
internal/rbd/group_controllerserver.go
View File

@ -21,6 +21,7 @@ import (
"errors" "errors"
"github.com/container-storage-interface/spec/lib/go/csi" "github.com/container-storage-interface/spec/lib/go/csi"
"github.com/kubernetes-csi/csi-lib-utils/protosanitizer"
"google.golang.org/grpc/codes" "google.golang.org/grpc/codes"
"google.golang.org/grpc/status" "google.golang.org/grpc/status"
@ -57,6 +58,15 @@ func (cs *ControllerServer) CreateVolumeGroupSnapshot(
vgNeedsDeletion = true vgNeedsDeletion = true
) )
err = cs.Driver.ValidateGroupControllerServiceRequest(
csi.GroupControllerServiceCapability_RPC_CREATE_DELETE_GET_VOLUME_GROUP_SNAPSHOT,
)
if err != nil {
log.ErrorLog(ctx, "invalid create groupsnapshot req: %v", protosanitizer.StripSecrets(req))
return nil, err
}
// Existence and conflict checks // Existence and conflict checks
if acquired := cs.VolumeGroupLocks.TryAcquire(vgsName); !acquired { if acquired := cs.VolumeGroupLocks.TryAcquire(vgsName); !acquired {
log.ErrorLog(ctx, util.SnapshotOperationAlreadyExistsFmt, vgsName) log.ErrorLog(ctx, util.SnapshotOperationAlreadyExistsFmt, vgsName)
@ -254,6 +264,15 @@ func (cs *ControllerServer) DeleteVolumeGroupSnapshot(
ctx context.Context, ctx context.Context,
req *csi.DeleteVolumeGroupSnapshotRequest, req *csi.DeleteVolumeGroupSnapshotRequest,
) (*csi.DeleteVolumeGroupSnapshotResponse, error) { ) (*csi.DeleteVolumeGroupSnapshotResponse, error) {
err := cs.Driver.ValidateGroupControllerServiceRequest(
csi.GroupControllerServiceCapability_RPC_CREATE_DELETE_GET_VOLUME_GROUP_SNAPSHOT,
)
if err != nil {
log.ErrorLog(ctx, "invalid create groupsnapshot req: %v", protosanitizer.StripSecrets(req))
return nil, err
}
// FIXME: more checking of the request in needed // FIXME: more checking of the request in needed
// 1. verify that all snapshots in the request are all snapshots in the group // 1. verify that all snapshots in the request are all snapshots in the group
// 2. delete the group // 2. delete the group
@ -304,6 +323,15 @@ func (cs *ControllerServer) GetVolumeGroupSnapshot(
ctx context.Context, ctx context.Context,
req *csi.GetVolumeGroupSnapshotRequest, req *csi.GetVolumeGroupSnapshotRequest,
) (*csi.GetVolumeGroupSnapshotResponse, error) { ) (*csi.GetVolumeGroupSnapshotResponse, error) {
err := cs.Driver.ValidateGroupControllerServiceRequest(
csi.GroupControllerServiceCapability_RPC_CREATE_DELETE_GET_VOLUME_GROUP_SNAPSHOT,
)
if err != nil {
log.ErrorLog(ctx, "invalid create groupsnapshot req: %v", protosanitizer.StripSecrets(req))
return nil, err
}
groupSnapshotID := req.GetGroupSnapshotId() groupSnapshotID := req.GetGroupSnapshotId()
// Existence and conflict checks // Existence and conflict checks