dependabot[bot]
855a3fa193
rebase: bump golang.org/x/crypto from 0.3.0 to 0.4.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-13 10:04:00 +00:00
dependabot[bot]
b53ed92eb5
rebase: bump github.com/IBM/keyprotect-go-client from 0.9.0 to 0.9.1
...
Bumps [github.com/IBM/keyprotect-go-client](https://github.com/IBM/keyprotect-go-client ) from 0.9.0 to 0.9.1.
- [Release notes](https://github.com/IBM/keyprotect-go-client/releases )
- [Changelog](https://github.com/IBM/keyprotect-go-client/blob/master/CHANGELOG.md )
- [Commits](https://github.com/IBM/keyprotect-go-client/compare/v0.9.0...v0.9.1 )
---
updated-dependencies:
- dependency-name: github.com/IBM/keyprotect-go-client
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-13 09:21:49 +00:00
Michel van de Wouw
1e37aa108f
deploy: csidriver added to helper scripts
...
Signed-off-by: Michel van de Wouw <michelvandewouw@techforce1.nl>
2022-12-12 13:41:31 +00:00
Marcel Lauhoff
82ea8fea93
doc: Briefly document CephFS fscrypt support
...
Add encrypted, encryptionKMSID to the parameters list. Briefly document
the fscrypt CephFS support.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-12-12 13:32:59 +00:00
Marcel Lauhoff
6881b3ad3d
doc: Add encryptionType to RBD parameters list
...
Add the new parameter encryptionType and a hint to the encrypted
parameter that RBD now supports fscrypt on ext4 as an alternative
encryption scheme.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-12-12 13:32:59 +00:00
dependabot[bot]
f003c37b21
rebase: bump google.golang.org/grpc from 1.50.1 to 1.51.0
...
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go ) from 1.50.1 to 1.51.0.
- [Release notes](https://github.com/grpc/grpc-go/releases )
- [Commits](https://github.com/grpc/grpc-go/compare/v1.50.1...v1.51.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/grpc
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-12 06:02:41 +00:00
Humble Chirammal
31f0ac6e2d
deploy: update node-driver-registrar to v2.6.2
...
This version has a fix for an important bug at kubelet
registration path.
https://github.com/kubernetes-csi/node-driver-registrar/pull/247
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-12-08 11:50:40 +00:00
dependabot[bot]
353a562566
rebase: bump github.com/aws/aws-sdk-go-v2/service/sts
...
Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2 ) from 1.17.5 to 1.17.6.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.17.5...config/v1.17.6 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-07 12:00:07 +00:00
dependabot[bot]
62598270e8
rebase: bump golang.org/x/sys from 0.2.0 to 0.3.0
...
Bumps [golang.org/x/sys](https://github.com/golang/sys ) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/golang/sys/releases )
- [Commits](https://github.com/golang/sys/compare/v0.2.0...v0.3.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-12-07 10:45:44 +00:00
dependabot[bot]
ec242d4cc8
rebase: bump github.com/prometheus/client_golang from 1.12.2 to 1.14.0
...
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) from 1.12.2 to 1.14.0.
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.12.2...v1.14.0 )
---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-30 16:32:45 +00:00
dependabot[bot]
bfbd17581b
rebase: bump github.com/aws/aws-sdk-go from 1.44.143 to 1.44.146
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.143 to 1.44.146.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.143...v1.44.146 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-30 13:55:48 +00:00
dependabot[bot]
d803a0ef75
rebase: bump golang.org/x/crypto from 0.2.0 to 0.3.0
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/golang/crypto/releases )
- [Commits](https://github.com/golang/crypto/compare/v0.2.0...v0.3.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-30 11:00:04 +00:00
dependabot[bot]
eddfa8d2f4
rebase: bump github.com/aws/aws-sdk-go-v2/service/sts
...
Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2 ) from 1.17.3 to 1.17.5.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.17.3...config/v1.17.5 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-24 09:23:58 +00:00
Humble Chirammal
165758e3a7
rebase: update the kube dependencies to v1.25.4
...
this commit update the kube dependencies to latest v1.25.4.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-23 22:16:12 +00:00
dependabot[bot]
1ac0a17f5c
rebase: bump github.com/aws/aws-sdk-go from 1.44.132 to 1.44.143
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.132 to 1.44.143.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.132...v1.44.143 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-23 13:06:06 +00:00
Marcel Lauhoff
5da977db8a
deploy: Remove unnecessary RBAC permissions
...
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
446c8c9264
e2e: Deploy vault as part of the Ceph FS upgrade suite
...
Deploy vault, analogue to the RBD upgrade suite to have the
ceph-csi-encryption-kms-config map ready when dependent
deployments/daemonsets are created.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
0bf8646340
cephfs: nolint:gocyclo NewVolumeOptions, NewVolumeOptionsFromVolID
...
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
e5ebd23709
e2e: add cephfs fscrypt snapshot volume test
...
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
a53a64129d
e2e: add PVC-PVC clone Ceph FS fscrypt tests
...
Note: Feature fixed https://tracker.ceph.com/issues/57641
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
8d38107fd6
e2e: add basic PVC Ceph FS fscrypt tests
...
Test storage class, pvc and app bind of an fscrypt encrypted Ceph FS
with secrets metadata, vault, vault tokens and vault tenant KMS.
Tests are based on the RBD block/file encryption tests.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
638f77a95c
e2e: Deploy vault as part of the Ceph FS suite
...
Always deploy Vault as part of the the Ceph FS test suite.
Required by:
- fscrypt tests using any vault KMS type.
- Configuration in deploy/cephfs/*.yaml via the
ceph-csi-encryption-kms-config config map created during deployVault()
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
42744213f6
e2e: Add test-cephfs-fscrypt flag
...
Add flag to default disable Ceph FS fscrypt tests, as they require a
custom minikube ISO
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
2ade867211
e2e: Add Ceph FS fscrypt validation helper
...
Add e2e helper to verify encrypted Ceph FS. Verify file's
ceph.fscrypt.auth attribute and KMS password creation / removal.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
cd42ad67b2
examples: Ceph FS fscrypt / KMS additions
...
Add encryption configuration to Ceph FS examples
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
0e66c3211a
deploy: Add KMS configuration to Ceph FS
...
Adds necessary KMS configuration based on the RBD configuration to use
Ceph FS with fscrypt
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Marcel Lauhoff
4788d279a5
cephfs: fscrypt encryption support
...
Add Ceph FS fscrypt support, similar to the RBD/ext4 fscrypt
integration. Supports encrypted PVCs, snapshots and clones.
Requires kernel and Ceph MDS support that is currently not in any
stable release.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-11-23 12:21:02 +00:00
Madhu Rajanna
28f51aaaf7
e2e: add snapshot count validation
...
Add snapshot count validation for cephfs
and nfs to avoid resource leak.
fixes : #3224
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-11-21 12:16:10 +00:00
Madhu Rajanna
c5a6d11a8f
e2e: correct int format
...
use %d when formatting the int
value.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-11-21 12:16:10 +00:00
dependabot[bot]
0f0957164e
rebase: bump github.com/aws/aws-sdk-go-v2/service/sts
...
Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2 ) from 1.17.1 to 1.17.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.17.1...config/v1.17.3 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-17 13:36:07 +00:00
dependabot[bot]
f0cc5a0ef8
rebase: bump actions/dependency-review-action from 2 to 3
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2 to 3.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](https://github.com/actions/dependency-review-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-17 13:00:22 +00:00
Humble Chirammal
b839c3aa63
deploy: remove snapshot v1beta1 references from manifests
...
This commit remove the v1beta1 snapshot references as its
no longer valid or to be concerned about.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-17 10:05:01 +00:00
riya-singhal31
539686329f
ci: fix mdl related failures
...
This commit address the issue-
https://github.com/ceph/ceph-csi/issues/3448 .
Signed-off-by: riya-singhal31 <rsinghal@redhat.com>
2022-11-17 08:25:10 +00:00
Humble Chirammal
d721ed6c5c
build: fix CVEs in the image
...
This commit update dependencies which is required to fix below CVEs.
CVE-2022-27664
CVE-2022-27191
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-16 15:16:16 +00:00
dependabot[bot]
4e9047dcbd
rebase: bump github.com/pkg/xattr from 0.4.7 to 0.4.9
...
Bumps [github.com/pkg/xattr](https://github.com/pkg/xattr ) from 0.4.7 to 0.4.9.
- [Release notes](https://github.com/pkg/xattr/releases )
- [Commits](https://github.com/pkg/xattr/compare/v0.4.7...v0.4.9 )
---
updated-dependencies:
- dependency-name: github.com/pkg/xattr
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-16 10:26:31 +00:00
Niels de Vos
93d32c49c8
build: fix ShellCheck issue in scripts/test-go.sh
...
With the updated Fedora 37 container-image, a new version of ShellCheck
gets installed. This version is a little more strict and complains about
the array expansion in `scripts/test-go.sh`.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-11-16 08:01:46 +00:00
Niels de Vos
774beef838
ci: install openssl
for Fedora 37 testing image
...
GitHub Workflows fail installing Helm if the `openssl` package is not
available. Fedora 36 installs `openssl` by default, Fedora 37 does not.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-11-16 08:01:46 +00:00
Humble Chirammal
ff18fb1def
build: add dnf update and add switch --nodocs to install command
...
this commit update the packages and then do installation of the
packages in docker build process.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-15 15:32:57 +00:00
Humble Chirammal
b134bf7eda
build: update golang version to 1.18.8
...
the latest 1.18 version of go binary is 1.18.8 and this commit
update the package to the latest.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-15 15:32:57 +00:00
Humble Chirammal
f9530e961b
build: update packages in api directory to the latest
...
this commit update the packages in API directory and also
update the mention of go version in the same.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-15 09:51:29 +00:00
Humble Chirammal
95dac056f2
ci: fix formatting for the interval in dependabot configuration
...
as per the documentation `""` has to be mentioned for the schedule
interval value field. This commit ensures it and make it consistent.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-15 03:34:37 +00:00
Humble Chirammal
a2215683e1
ci: package dependencies in actions/retest
...
these dependencies were not updated and this commit update the
same.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-15 03:34:37 +00:00
Humble Chirammal
71c4ae542c
rebase: remove protobuf dependency locking
...
this commit remove the protobuf dependency locking in the module
description.
Also, ptypes.TimestampProto is deprecated and this commit
make use of the timestamppb.New() for the construction.
ParseTime() function has been removed and callers adjusted to the
same.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-15 00:10:46 +00:00
Humble Chirammal
d772fc098c
rebase: update to go-ceph v1.18.0
...
this commit make use of latest go-ceph version
https://github.com/ceph/go-ceph/releases/tag/v0.18.0
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-14 20:46:41 +00:00
Humble Chirammal
ea806bfa73
docs: update/correct development guide
...
the pre-commit version in the developement guide was too outdated
which has been updated and this commit also addressed a typo.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-14 20:46:41 +00:00
Madhu Rajanna
d12400aa9c
rbd: unset metadata if setmetadata is false
...
We need to unset the metadata on the clone
and restore PVC if the parent PVC was created
when setmetadata was set to true and it was
set to false when restore and clone pvc was
created.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-11-14 14:41:36 +00:00
Humble Chirammal
ad36f13e92
build: the go setup has been configured to 1.18 for retest build
...
this commit make use of 1.18 version of go for building
actions/retest code.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-12 07:16:21 +00:00
Rakshith R
eb21d75ef7
rbd: ignore stdErr for ceph osd blocklist when there is no error
...
`ceph osd blocklist range add/rm <ip>` cmd is outputting
"blocklisting cidr:10.1.114.75:0/32 until 202..." messages
incorrectly into stdErr. This commit ignores stdErr when err
is nil.
Signed-off-by: Rakshith R <rar@redhat.com>
2022-11-12 04:20:14 +00:00
Humble Chirammal
e2832fde5b
deploy: add fsgrouppolicy to the driver yaml
...
this fsgrouppolicy setting was missing in api/deploy/* which
caused the yamlgen to not pickup this. this commit address the
same.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-11 16:41:24 +00:00
Humble Chirammal
b258628b05
helm: get rid of storage group enablement based on the version
...
deploy: remove beta storage group mention from csidriver yaml
the kubernetes version based enablement of storage api group
enablement is no longer requried and its already on v1 for
supported kubernetes versions.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-11 16:41:24 +00:00