The e2e tests create a Secret for using with the RBD StorageClass.
However this Secret was not used, instead the Rook generated Secret was
linked in the StorageClass.
By using our own Secret from the examples, Rook should not touch it when
we make modifications. In addition, no modifications are needed for
encryption anymore, as these are included in the example.
Updates: #1795
Signed-off-by: Niels de Vos <ndevos@redhat.com>
(cherry picked from commit 5bcd5cb928)
The configuration option `EnvVaultInsecure` is expected to be a string,
not a boolean. By converting the bool back to a string (after
verification), it is now possible to skip the certificate validation
check by setting `vaultCAVerify: false` in the Vault configuration.
Fixes: #1852
Reported-by: Bryon Nevis <bryon.nevis@intel.com>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
(cherry picked from commit 582d004ca5)
This can happen when the subvolume is in snapshot-retained state.
We should not return error for such case as it is a valid situation.
Signed-off-by: Mudit Agarwal <muagarwa@redhat.com>
(cherry picked from commit d480eb4bda)
Make rbdplugin pod work in a non-initial network namespace (i.e. with
"hostNetwork: false") by skipping waiting for udev events when mapping
and unmapping images. CSI use case is very simple: all that is needed
is a device node which is immediately fed to mkfs, so we should be able
to tolerate udev not being finished with the device just fine.
Fixes: #1323
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
(cherry picked from commit 04644c1d58)
With the new support for passing --options, referring to ExecCommand()
argument slices as mapOptions and options is confusing.
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
(cherry picked from commit 5631b83dd0)
To fix math/big CVE, this version of golang has the fix
for this vulnerability.
Signed-off-by: Mudit Agarwal <muagarwa@redhat.com>
(cherry picked from commit 0339df2b02)
v3.2.1 has been released, so revert back to the v3.2-canary version for
HEAD of the release-v3.2 branch.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
rbd device list --format=json returns namespace as a namespace not radosNamespace
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit fdec9f65b8)
update deploy.sh to use correct CSI_IMAGE_VERSION
from the build.env.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
(cherry picked from commit 68adacad36)
external-provisioner is exposing a new argument
to set the default fstype while starting the provisioner
sidecar, if the fstype is not specified in the storageclass
the default fstype will be applied for the pvc created from
the storageclass.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
with csi-provisioner v2.x the topology based
provisioning will not have any backward compatibility
with older version of kubernetes, if the nodes are
not labeled with topology keys, the pvc creation
is going to get fail with error `accessibility
requirements: no available topology found`, disabling
the topology based provisioning by default, if user want
to use it he can always enable it.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
This PR makes the changes in csi templates and
upgrade documentation required for updating
csi sidecar images.
Signed-off-by: Mudit Agarwal <muagarwa@redhat.com>
if the user has created a static PV for a RBD
image which is not created by CSI driver, dont
generate the OMAP data.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
If cephcsi encounters any error after
reservation, as a cleanup operation
it should revert back the reservation.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
If the omap data already exits return nil.
so that omap generator will not try to reserve
anything again.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
as we have added new github actions for the
static checks in #1762. This commits adds
the mergify rules for those github actions.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
Depending on the local changes, running 'make containerized-test' fails
with an error like:
level=error msg="Running error: gofmt: error computing diff: exec: \"diff\": executable file not found in $PATH"
Installing the diffutils package makes sure 'go fmt' finds the
executable.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Deploying Vault still fails on occasion. It seems that the
imagePullPolicy has not been configured for the container yet.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
RBD Snapshot doc was the part of the README.md file. Hence,
renamed the cephfs-snap-clone.md file to snap-clone.md file
and moved the rbd snapshot document there.
Signed-off-by: yati1998 <ypadia@redhat.com>
currently github action are getting trigerred for
both pull and push request, this commits removes the
action for push events.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
removed unwanted extra arguments from the helm templates
and added a single value kubeletDir to make the kubelet
root-dir configurable.
previously used variables like socketDir,registrationDir
and pluginDir is removed now because if we have the kubelet
path we can derive all other required path for cephcsi to
work properly.
fixes: #1475
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>