Rakshith R
8650538b78
rbd: setup encryption if rbdVol exits during CreateVol
...
This commit adds code to setup encryption on a rbdVol
being repaired in a followup CreateVolume request.
This is fixes a bug wherein encryption metadata may not
have been set in previous request due to container restart.
Fixes : #3402
Signed-off-by: Rakshith R <rar@redhat.com>
2022-11-07 12:49:18 +00:00
Madhu Rajanna
07e9dede2c
rbd: check volume details from original volumeID
...
Checking volume details for the existing volumeID
first. if details like OMAP, RBD Image, Pool doesnot
exists try to use clusterIDMapping to look for the
correct informations.
fixes : #2929
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-11-04 06:32:05 +00:00
Humble Chirammal
6bba64c872
rebase: update node driver registar to latest version
...
v2.6.0 is the latest version of the same and this commit
update it.
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-11-03 14:31:26 +00:00
Madhu Rajanna
3e1f60244e
rbd: check for empty lastSyncTime
...
Sometime the json unmarshal might
get success and return empty time
stamp. add a check to make sure the
time is not zero always.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-11-03 08:10:19 +00:00
Madhu Rajanna
3cce629b1d
rebase: update csi-addons spec to latest
...
https://github.com/csi-addons/spec/pull/47
defines the error messages for the
GetVolumeReplicationInfo RPC call.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-11-03 08:10:19 +00:00
Madhu Rajanna
8f25edc888
rbd: return error if last sync time not present
...
As per the csiaddon spec last sync time is
required parameter in the GetVolumeReplicationInfo
if we are failed to parse the description, return
not found error message instead of nil
which is empty response
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-11-03 08:10:19 +00:00
Niels de Vos
076546350c
build: prune go.sum of old versions
...
When manually changing go.mod and running `go mod tidy`, the command
suggests that references to old versions may not be needed anymore:
```
If reproducibility with go 1.16 is not needed:
go mod tidy -compat=1.17
```
The above command modifies `go.sum` only.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-11-02 13:42:03 +00:00
BOSSER, Bastien
dea07aa184
deploy: add commonLabels value
...
Signed-off-by: BOSSER, Bastien <bastien.bosser@atos.net>
2022-11-02 11:28:18 +00:00
Madhu Rajanna
6258c36b73
doc: add missing csidriver creation
...
Add missing csidriver object creation
steps from cephfs and rbd deployment
guide.
fixes : #3476
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-11-02 09:06:25 +00:00
dependabot[bot]
7ca2468d80
rebase: bump github.com/onsi/gomega from 1.22.1 to 1.23.0
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.22.1 to 1.23.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.22.1...v1.23.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-01 18:29:11 +00:00
dependabot[bot]
7b663279bf
rebase: bump k8s.io/kubernetes from 1.25.0 to 1.25.3
...
Bumps [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes ) from 1.25.0 to 1.25.3.
- [Release notes](https://github.com/kubernetes/kubernetes/releases )
- [Commits](https://github.com/kubernetes/kubernetes/compare/v1.25.0...v1.25.3 )
---
updated-dependencies:
- dependency-name: k8s.io/kubernetes
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-01 15:13:34 +00:00
dependabot[bot]
10550c87f6
rebase: bump github.com/hashicorp/vault/api from 1.8.1 to 1.8.2
...
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-01 12:48:09 +00:00
dependabot[bot]
d08e8ee0a6
rebase: bump github.com/aws/aws-sdk-go from 1.44.122 to 1.44.127
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.122 to 1.44.127.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.122...v1.44.127 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-11-01 09:37:53 +00:00
Madhu Rajanna
0530134c9a
e2e: add e2e test for rbd reattach metadata
...
Added E2E test case to verify metadata after
PV is attached to a new PVC in different namespace.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-28 15:50:01 +00:00
Madhu Rajanna
07aa9dea5c
rbd: update namespace name in rados object
...
If a PV is reattached to a new PVC in a different
namespace we need to update the namespace name
in the rados object.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-28 15:50:01 +00:00
Madhu Rajanna
019628c8c2
rbd: update namespace name in metadata
...
If a PV is reattached to a new PVC in a different
namespace we need to update the namespace name
in the rbd image metadata.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-28 15:50:01 +00:00
Madhu Rajanna
f19805a40b
ci: consider kubernetes 1.25 for tests
...
As we have successful runs with kubernetes
1.25 Marking is as default for CI jobs and
required for merging PR.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-28 15:57:05 +02:00
Madhu Rajanna
4039bf5063
ci: remove kubernetes 1.22 tests
...
As we need to test with last 3 Kubernetes
releases removing Kubernetes 1.22
as we have 1.23, 1.24 and 1.25
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-28 15:57:05 +02:00
dependabot[bot]
4fb026509b
rebase: bump github.com/aws/aws-sdk-go-v2/service/sts
...
Bumps [github.com/aws/aws-sdk-go-v2/service/sts](https://github.com/aws/aws-sdk-go-v2 ) from 1.16.17 to 1.17.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ram/v1.16.17...v1.17.1 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/sts
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-26 15:28:57 +00:00
Madhu Rajanna
5aaa9bf2f0
ci: use rook v1.10.4 release
...
Rook v1.10.4 supports deployment
of Rook on Kubernetes 1.25 or else
Rook deployment will fail.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-26 14:32:51 +00:00
Madhu Rajanna
09df2c6091
e2e: fix panic when checking error
...
fix panic during error handling
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-26 14:32:51 +00:00
Madhu Rajanna
607c654263
e2e: set privileged as pod security enforcement level
...
setting privileged as pod security enforcement level
to run test on kubernetes 1.25
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-26 14:32:51 +00:00
Madhu Rajanna
0e294d66e2
ci: remove podsecurity feature-gate
...
remove the podsecurity feature-gate
from minikube.sh, because of it
kubernetes 1.25.0 deployment is failing
fixes : #3358
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-26 14:32:51 +00:00
Madhu Rajanna
0865296227
doc: ceph mount corruption detection and recovery
...
Added a new section for the ceph kernel client
mount corruption detection and recovery.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-26 09:40:22 +00:00
Madhu Rajanna
848e3ee557
rbd: return abnormal in NodeGetVolumeStats
...
When we do stat on the targetpath, if there is
any error we can check is it due to corruption.
If yes, cephcsi can return abnormal in the
NodeGetVolumeStats so that consumer (CO/admin)
and detect and take further action.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-26 09:40:22 +00:00
Madhu Rajanna
44d4546480
cephfs: return abnormal in NodeGetVolumeStats
...
When we do stat on the targetpath, if there is
any error we can check is it due to corruption.
If yes, cephcsi can return abnormal in the
NodeGetVolumeStats so that consumer (CO/admin)
and detect and take further action.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-26 09:40:22 +00:00
Madhu Rajanna
659567cfdc
ci: add github action to trigger E2E
...
based on the discussion on the slack
channel. we are adding a github action
to trigger the CI jobs when a ok-to-test
label is added on the PR.
This action is based on below github action
https://github.com/peter-evans/create-or-update-comment
Sample Demo avaiable at
https://github.com/Madhu-1/
\label-commentor-action-testing/pull/4
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-26 06:59:22 +00:00
dependabot[bot]
2cc1a276fc
rebase: bump github.com/aws/aws-sdk-go from 1.44.117 to 1.44.122
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.117 to 1.44.122.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.117...v1.44.122 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-25 14:22:29 +00:00
dependabot[bot]
14193646b3
rebase: bump github.com/stretchr/testify from 1.8.0 to 1.8.1
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.8.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-25 13:39:31 +00:00
dependabot[bot]
807f776132
rebase: bump github.com/onsi/ginkgo/v2 from 2.3.1 to 2.4.0
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.3.1 to 2.4.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.3.1...v2.4.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-25 12:57:58 +00:00
dependabot[bot]
49245788fc
rebase: bump github.com/onsi/gomega from 1.20.1 to 1.22.1
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.20.1 to 1.22.1.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.20.1...v1.22.1 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-24 12:15:07 +00:00
dependabot[bot]
02ed5ec189
rebase: bump github.com/hashicorp/vault/api from 1.7.2 to 1.8.1
...
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault ) from 1.7.2 to 1.8.1.
- [Release notes](https://github.com/hashicorp/vault/releases )
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md )
- [Commits](https://github.com/hashicorp/vault/compare/v1.7.2...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-20 11:33:15 +00:00
dependabot[bot]
3a490a4df0
rebase: bump github.com/onsi/ginkgo/v2 from 2.1.6 to 2.3.1
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.1.6 to 2.3.1.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.1.6...v2.3.1 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-20 08:45:39 +00:00
Madhu Rajanna
53bb28e0d9
doc: update documentation for v3.7.2 release
...
updated readme and upgrade doc for v3.7.2 release.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-19 11:27:05 +00:00
Humble Chirammal
0f2daca5c2
rebase: make use of v0.0.8 of kmip go client
...
The new release has some important fixes available with it
Ref: https://github.com/ThalesGroup/kmip-go/releases/tag/v0.0.8
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2022-10-19 09:27:37 +00:00
dependabot[bot]
d63185b061
rebase: bump github.com/aws/aws-sdk-go from 1.44.96 to 1.44.117
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.96 to 1.44.117.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.96...v1.44.117 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-19 08:54:25 +00:00
Madhu Rajanna
f12fa3ee56
rbd: return GRPC error from GRPC method
...
GRPC methods should only return GRPC errors
if any error occurs.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-19 08:00:42 +00:00
Madhu Rajanna
302fead713
cephfs: delete subvolume if SetAllMetadata fails
...
To avoid subvolume leaks if the SetAllMetadata
operations fails delete the subvolume.
If any operation fails after creating the subvolume
we will remove the omap as the omap gets
removed we will need to remove the subvolume to
avoid stale resources.
Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2022-10-18 15:10:18 +00:00
Niels de Vos
e08005f402
rebase: ParseAcceptLanguage takes a long time to parse complex tags
...
A vulnerability was found in golang.org/x/text/language package which
could cause a denial of service. An attacker can craft an
Accept-Language header which ParseAcceptLanguage will take significant
time to parse.
Version v0.3.8 of golang.org/x/text fixes a vulnerability.
See-also: https://go.dev/issue/56152
See-also: https://bugzilla.redhat.com/CVE-2022-32149
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2022-10-18 11:58:37 +00:00
Rakshith R
b3837d44ce
ci: fix mdl configuration
...
This commit makes the following changes:
`Please replace \":code_blocks => false\" \`
`by \":ignore_code_blocks => true\" in your configuration.`
Some rules are ignore for the time being,
these will be fixed later on.
Signed-off-by: Rakshith R <rar@redhat.com>
2022-10-18 07:47:33 +00:00
Marcel Lauhoff
69b8feec12
e2e: Feature flag RBD fscrypt tests (default disabled)
...
Add test-rbd-fscrypt feature flag to e2e suite. Default disabled as
the current CI system's kernel doesn't have the required features
enabled.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00
Marcel Lauhoff
5a55419025
cephfs: Add placeholder journal fscrypt support
...
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00
Marcel Lauhoff
dc7ba684e3
rbd: Use EncryptionTypeNone
...
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00
Marcel Lauhoff
2abfafdf3f
util: Add EncryptionTypeNone and unit tests
...
Add type none to distinguish disabled encryption (positive result)
from invalid configuration (negative result).
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00
Marcel Lauhoff
f89076b1d7
scripts: Add env to set minikube iso url
...
Make iso url configurable to use pre-release minikube images or
local-built (file://)
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00
Marcel Lauhoff
da76d8ddae
kms: Add GetSecret() to KMIP KMS
...
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00
Marcel Lauhoff
c73cb1980b
e2e: Use utilEncryptionType instead of string in rbd suite
...
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00
Marcel Lauhoff
eae5b80298
e2e: Apply formatting to rbd suite and helper
...
Apply formatting for previous changes separately to make the commit
diffs easier to read.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00
Marcel Lauhoff
9ad4bb1de5
e2e: Add encrypted PVC with default settings test
...
Add test that enables encryption with default type. Check that we set
up block encryption.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00
Marcel Lauhoff
f5ba45b78f
e2e: Run encryption related tests on file and block type
...
Replace `By` with `ByFileAndBlockEncryption` in all encryption related
tests to parameterize them to file and block encryption.
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
2022-10-17 17:33:52 +00:00