From 815a205199402abbc3df51e8e6c53c51f6134bc6 Mon Sep 17 00:00:00 2001 From: sushiMix <53741704+sushiMix@users.noreply.github.com> Date: Thu, 4 Jan 2024 10:51:23 +0100 Subject: [PATCH] review Signed-off-by: sushiMix <53741704+sushiMix@users.noreply.github.com> --- cmd/provisioner-localpv/app/config.go | 36 --------------------- cmd/provisioner-localpv/app/config_test.go | 37 ++++++++++++++++++++++ docs/tutorials/hostpath/filepermissions.md | 4 +-- 3 files changed, 39 insertions(+), 38 deletions(-) diff --git a/cmd/provisioner-localpv/app/config.go b/cmd/provisioner-localpv/app/config.go index 34a6b402..948bd153 100644 --- a/cmd/provisioner-localpv/app/config.go +++ b/cmd/provisioner-localpv/app/config.go @@ -142,12 +142,6 @@ const ( // This is the cas-template key for all file permission 'data' keys KeyFilePermissions = "FilePermissions" - // FsUID defines the user owner of the shared directory - KeyFsUID = "UID" - - // FsGID defines the group owner of the shared directory - KeyFsGID = "GID" - // FSMode defines the file permission mode of the shared directory KeyFsMode = "mode" ) @@ -385,36 +379,6 @@ func (c *VolumeConfig) IsPermissionEnabled() bool { return permissionEnabledQuotaBool } -// GetFsGID fetches the group owner's ID from -// PVC annotation, if specified -// NOT YET USED -func (c *VolumeConfig) GetFsGID() string { - if c.IsPermissionEnabled() { - configData := c.getData(KeyFilePermissions) - if configData != nil { - if val, p := configData[KeyFsGID]; p { - return strings.TrimSpace(val) - } - } - } - return "" -} - -// GetFsGID fetches the user owner's ID from -// PVC annotation, if specified -// NOT YET USED -func (c *VolumeConfig) GetFsUID() string { - if c.IsPermissionEnabled() { - configData := c.getData(KeyFilePermissions) - if configData != nil { - if val, p := configData[KeyFsUID]; p { - return strings.TrimSpace(val) - } - } - } - return "" -} - // GetFsMode fetches the file mode from PVC // or StorageClass annotation, if specified func (c *VolumeConfig) GetFsMode() string { diff --git a/cmd/provisioner-localpv/app/config_test.go b/cmd/provisioner-localpv/app/config_test.go index 477a3fcd..ee42937f 100644 --- a/cmd/provisioner-localpv/app/config_test.go +++ b/cmd/provisioner-localpv/app/config_test.go @@ -105,6 +105,43 @@ func TestDataConfigToMap(t *testing.T) { } } +func TestPermissionConfigToMap(t *testing.T) { + hostpathConfig := mconfig.Config{Name: "StorageType", Value: "hostpath"} + permissionConfig := mconfig.Config{Name: "FilePermissions", Enabled: "true", + Data: map[string]string{ + "mode": "0750", + }, + } + + testCases := map[string]struct { + config []mconfig.Config + expectedValue map[string]interface{} + }{ + "nil 'Data' map": { + config: []mconfig.Config{hostpathConfig, permissionConfig}, + expectedValue: map[string]interface{}{ + "FilePermissions": map[string]string{ + "mode": "0750", + }, + }, + }, + } + + for k, v := range testCases { + v := v + k := k + t.Run(k, func(t *testing.T) { + actualValue, err := dataConfigToMap(v.config) + if err != nil { + t.Errorf("expected error to be nil, but got %v", err) + } + if !reflect.DeepEqual(actualValue, v.expectedValue) { + t.Errorf("expected %v, but got %v", v.expectedValue, actualValue) + } + }) + } +} + func Test_listConfigToMap(t *testing.T) { tests := map[string]struct { pvConfig []mconfig.Config diff --git a/docs/tutorials/hostpath/filepermissions.md b/docs/tutorials/hostpath/filepermissions.md index 214adc05..1e9d1982 100644 --- a/docs/tutorials/hostpath/filepermissions.md +++ b/docs/tutorials/hostpath/filepermissions.md @@ -3,7 +3,7 @@ Hostpath LocalPV will by default create folder with the following rights: `0777`. In some usecases, these rights are too wide and should be reduced. As an important point, when using hostpath the underlying PV will be a localpath whichs allows kubelet to chown the folder based on the [fsGroup](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#configure-volume-permission-and-ownership-change-policy-for-pods)) -We allow to set file permissions using: +We allow to set file permissions using: ```yaml #This is a custom StorageClass template @@ -30,7 +30,7 @@ We allow to set file permissions using: With such configuration the folder will be crated with `0770` rights for all the PVC using this storage class. -The same configuration is available at PVC level to have a more fined grained configuration capability (overrding the Storage class configuration level): +The same configuration is available at PVC level to have a more fined grained configuration capability (the Storage class configuration will always win against PVC one): ```yaml kind: PersistentVolumeClaim