util: pass Namespace as part of KMSInitializerArgs

Amazon KMS expects a Secret with sensitive account and key information in the Kubernetes Namespace where the Ceph-CSI Pods are running. It will fetch the contents of the Secret itself. Signed-off-by: Niels de Vos <ndevos@redhat.com>
2024-12-18 02:50:30 +00:00 · 2021-03-24 17:09:46 +01:00 · 2021-03-24 17:09:46 +01:00 · f3b06d4c4a
commit f3b06d4c4a
parent 523ac4b975
1 changed files with 15 additions and 4 deletions
--- a/internal/util/kms.go
+++ b/internal/util/kms.go
@ -204,6 +204,10 @@ type KMSInitializerArgs struct {
 	Tenant  string
 	Config  map[string]interface{}
 	Secrets map[string]string
+	// Namespace contains the Kubernetes Namespace where the Ceph-CSI Pods
+	// are running. This is an optional option, and might be unset when the
+	// KMSProvider.Initializer is called.
+	Namespace string
 }

 // KMSInitializerFunc gets called when the KMSProvider needs to be
@ -260,11 +264,18 @@ func (kf *kmsProviderList) buildKMS(tenant string, config map[string]interface{}
 			providerName)
 	}

-	return provider.Initializer(KMSInitializerArgs{
+	kmsInitArgs := KMSInitializerArgs{
 		Tenant:  tenant,
 		Config:  config,
 		Secrets: secrets,
-		Namespace: getPodNamespace(),
-		ConfigMap: getKMSConfigMapName(),
-	})
+	}
+
+	// Namespace is an optional parameter, it may not be set and is not
+	// required for all KMSProviders
+	ns, err := getPodNamespace()
+	if err == nil {
+		kmsInitArgs.Namespace = ns
+	}
+
+	return provider.Initializer(kmsInitArgs)
 }