diff --git a/Dockerfile b/Dockerfile index c3ebaeffa..1ed57614f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -48,7 +48,7 @@ LABEL vendor="Dell Inc." \ name="dell-csm-operator" \ summary="Operator for installing Dell CSI Drivers and Dell CSM Modules" \ description="Common Operator for installing various Dell CSI Drivers and Dell CSM Modules" \ - version="1.6.0" \ + version="1.6.1" \ license="Dell CSM Operator Apache License" # copy the licenses folder diff --git a/Makefile b/Makefile index ad0f7f99a..caa0f4e5d 100644 --- a/Makefile +++ b/Makefile @@ -208,7 +208,7 @@ OPM = $(shell which opm) endif endif -# A comma-separated list of bundle images (e.g. make catalog-build BUNDLE_IMGS=example.com/operator-bundle:v0.1.0,example.com/operator-bundle:v1.6.0). +# A comma-separated list of bundle images (e.g. make catalog-build BUNDLE_IMGS=example.com/operator-bundle:v0.1.0,example.com/operator-bundle:v1.6.1). # These images MUST exist in a registry and be pull-able. BUNDLE_IMGS ?= $(BUNDLE_IMG) diff --git a/bundle/manifests/dell-csm-operator.clusterserviceversion.yaml b/bundle/manifests/dell-csm-operator.clusterserviceversion.yaml index 8a061cc08..b4e1e58a7 100644 --- a/bundle/manifests/dell-csm-operator.clusterserviceversion.yaml +++ b/bundle/manifests/dell-csm-operator.clusterserviceversion.yaml @@ -822,10 +822,10 @@ metadata: "value": "debug" } ], - "image": "dellemc/csi-powerstore:v2.11.0", + "image": "dellemc/csi-powerstore:v2.11.1", "imagePullPolicy": "IfNotPresent" }, - "configVersion": "v2.11.0", + "configVersion": "v2.11.1", "controller": { "envs": [ { @@ -1011,10 +1011,10 @@ metadata: "value": "true" } ], - "image": "dellemc/csi-unity:v2.11.0", + "image": "dellemc/csi-unity:v2.11.1", "imagePullPolicy": "IfNotPresent" }, - "configVersion": "v2.11.0", + "configVersion": "v2.11.1", "controller": { "envs": [ { @@ -1460,7 +1460,7 @@ metadata: operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: https://github.com/dell/csm-operator support: Dell Technologies - name: dell-csm-operator.v1.6.0 + name: dell-csm-operator.v1.6.1 namespace: placeholder spec: apiservicedefinitions: {} @@ -3416,7 +3416,9 @@ spec: Drivers\n*\tResiliency - Designed to make Kubernetes applications more resilient to \n node failures\n\nThese modules are available for various storage platforms in the Dell portfolio, \nsuch as Dell PowerStore, Dell PowerMax, Dell PowerFlex, - Dell PowerScale, and Dell Unity XT.\n\nFor more information, visit [Dell’s Container + Dell PowerScale, and Dell Unity XT.\n\n### Supported Openshift Platforms\n\nQualified Openshift versions for CSM Operator v1.6.0: 4.15-4.16 + \nQualified Openshift versions for CSM Operator v1.5.1: 4.13-4.15 + \n\nFor more information, visit [Dell’s Container Storage Module web page](https://www.dell.com/en-us/dt/solutions/kubernetes-containers/kubernetes-storage.htm)\n\nAdditional Materials\n*\t[CSM Operator GitHub Page](https://dell.github.io/csm-docs/docs/deployment/csmoperator/)\n*\t[CSM Introduction Video](https://www.youtube.com/watch?v=NtNSKdF9Iyo)\n*\t[CSM Solution @@ -3430,12 +3432,6 @@ spec: spec: clusterPermissions: - rules: - - apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' - nonResourceURLs: - /metrics verbs: @@ -4585,7 +4581,7 @@ spec: template: metadata: annotations: - storage.dell.com/CSMVersion: v1.11.0 + storage.dell.com/CSMVersion: v1.11.1 labels: control-plane: controller-manager spec: @@ -4610,7 +4606,7 @@ spec: - /manager env: - name: RELATED_IMAGE_dell-csm-operator - value: docker.io/dellemc/dell-csm-operator:v1.6.0 + value: docker.io/dellemc/dell-csm-operator:v1.6.1 - name: RELATED_IMAGE_csi-isilon value: docker.io/dellemc/csi-isilon:v2.11.0 - name: RELATED_IMAGE_csi-powermax @@ -4618,9 +4614,9 @@ spec: - name: RELATED_IMAGE_csipowermax-reverseproxy value: docker.io/dellemc/csipowermax-reverseproxy:v2.10.0 - name: RELATED_IMAGE_csi-powerstore - value: docker.io/dellemc/csi-powerstore:v2.11.0 + value: docker.io/dellemc/csi-powerstore:v2.11.1 - name: RELATED_IMAGE_csi-unity - value: docker.io/dellemc/csi-unity:v2.11.0 + value: docker.io/dellemc/csi-unity:v2.11.1 - name: RELATED_IMAGE_csi-vxflexos value: docker.io/dellemc/csi-vxflexos:v2.11.0 - name: RELATED_IMAGE_sdc @@ -4732,9 +4728,9 @@ spec: name: csi-powermax - image: docker.io/dellemc/csipowermax-reverseproxy:v2.10.0 name: csipowermax-reverseproxy - - image: docker.io/dellemc/csi-powerstore:v2.11.0 + - image: docker.io/dellemc/csi-powerstore:v2.11.1 name: csi-powerstore - - image: docker.io/dellemc/csi-unity:v2.11.0 + - image: docker.io/dellemc/csi-unity:v2.11.1 name: csi-unity - image: docker.io/dellemc/csi-vxflexos:v2.11.0 name: csi-vxflexos @@ -4779,5 +4775,5 @@ spec: - image: docker.io/dellemc/connectivity-cert-persister-k8s:0.11.0 name: cert-persister skips: - - dell-csm-operator.v1.5.1 + - dell-csm-operator.v1.6.1 version: 1.6.0 diff --git a/config/install/kustomization.yaml b/config/install/kustomization.yaml index 7c3351233..531693b17 100644 --- a/config/install/kustomization.yaml +++ b/config/install/kustomization.yaml @@ -14,4 +14,4 @@ bases: images: - name: controller newName: docker.io/dellemc/dell-csm-operator - newTag: v1.6.0 + newTag: v1.6.1 diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 88a696666..2572bb2a3 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -13,4 +13,4 @@ kind: Kustomization images: - name: controller newName: docker.io/dellemc/dell-csm-operator - newTag: v1.6.0 + newTag: v1.6.1 diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 9672493cf..d1390d77a 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -15,7 +15,7 @@ spec: labels: control-plane: controller-manager annotations: - storage.dell.com/CSMVersion: v1.11.0 + storage.dell.com/CSMVersion: v1.11.1 spec: serviceAccountName: manager-service-account securityContext: @@ -29,7 +29,7 @@ spec: imagePullPolicy: Always name: manager env: - - value: docker.io/dellemc/dell-csm-operator:v1.6.0 + - value: docker.io/dellemc/dell-csm-operator:v1.6.1 name: RELATED_IMAGE_dell-csm-operator - value: docker.io/dellemc/csi-isilon:v2.11.0 name: RELATED_IMAGE_csi-isilon @@ -37,9 +37,9 @@ spec: name: RELATED_IMAGE_csi-powermax - value: docker.io/dellemc/csipowermax-reverseproxy:v2.10.0 name: RELATED_IMAGE_csipowermax-reverseproxy - - value: docker.io/dellemc/csi-powerstore:v2.11.0 + - value: docker.io/dellemc/csi-powerstore:v2.11.1 name: RELATED_IMAGE_csi-powerstore - - value: docker.io/dellemc/csi-unity:v2.11.0 + - value: docker.io/dellemc/csi-unity:v2.11.1 name: RELATED_IMAGE_csi-unity - value: docker.io/dellemc/csi-vxflexos:v2.11.0 name: RELATED_IMAGE_csi-vxflexos diff --git a/config/manifests/bases/dell-csm-operator.clusterserviceversion.yaml b/config/manifests/bases/dell-csm-operator.clusterserviceversion.yaml index 9ba8844c9..87fa864ec 100644 --- a/config/manifests/bases/dell-csm-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/dell-csm-operator.clusterserviceversion.yaml @@ -5,7 +5,7 @@ metadata: alm-examples: '[]' capabilities: Seamless Upgrades categories: Storage - containerImage: docker.io/dellemc/dell-csm-operator:v1.6.0 + containerImage: docker.io/dellemc/dell-csm-operator:v1.6.1 createdAt: "2022-03-29T11:59:59Z" description: Easily install and manage Dell’s CSI Drivers and CSM features.operators.openshift.io/disconnected: "true" @@ -17,7 +17,7 @@ metadata: features.operators.openshift.io/token-auth-gcp: "false" repository: https://github.com/dell/csm-operator support: Dell Technologies - name: dell-csm-operator.v1.6.0 + name: dell-csm-operator.v1.6.1 namespace: placeholder spec: apiservicedefinitions: {} @@ -2018,7 +2018,7 @@ spec: name: Dell Technologies url: https://github.com/dell/csm-operator relatedImages: - - image: docker.io/dellemc/dell-csm-operator:v1.6.0 + - image: docker.io/dellemc/dell-csm-operator:v1.6.1 name: dell-csm-operator - image: docker.io/dellemc/csi-isilon:v2.11.0 name: csi-isilon @@ -2026,9 +2026,9 @@ spec: name: csi-powermax - image: docker.io/dellemc/csipowermax-reverseproxy:v2.10.0 name: csipowermax-reverseproxy - - image: docker.io/dellemc/csi-powerstore:v2.11.0 + - image: docker.io/dellemc/csi-powerstore:v2.11.1 name: csi-powerstore - - image: docker.io/dellemc/csi-unity:v2.11.0 + - image: docker.io/dellemc/csi-unity:v2.11.1 name: csi-unity - image: docker.io/dellemc/csi-vxflexos:v2.11.0 name: csi-vxflexos @@ -2074,4 +2074,4 @@ spec: name: cert-persister skips: - dell-csm-operator.v1.5.1 - version: 1.6.0 + version: 1.6.1 diff --git a/config/samples/storage_v1_csm_powerstore.yaml b/config/samples/storage_v1_csm_powerstore.yaml index f085cb32c..16d8d2d89 100644 --- a/config/samples/storage_v1_csm_powerstore.yaml +++ b/config/samples/storage_v1_csm_powerstore.yaml @@ -31,7 +31,7 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: true - configVersion: v2.11.0 + configVersion: v2.11.1 # authSecret: This is the secret used to validate the default PowerStore secret used for installation # Allowed values: -config # For example: If the metadataName is set to powerstore, authSecret value should be set to powerstore-config @@ -42,7 +42,7 @@ spec: forceUpdate: false forceRemoveDriver: true common: - image: "dellemc/csi-powerstore:v2.11.0" + image: "dellemc/csi-powerstore:v2.11.1" imagePullPolicy: IfNotPresent envs: - name: X_CSI_POWERSTORE_NODE_NAME_PREFIX diff --git a/config/samples/storage_v1_csm_unity.yaml b/config/samples/storage_v1_csm_unity.yaml index 03f98a32a..192c2d6d4 100644 --- a/config/samples/storage_v1_csm_unity.yaml +++ b/config/samples/storage_v1_csm_unity.yaml @@ -16,14 +16,14 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: true - configVersion: v2.11.0 + configVersion: v2.11.1 # Controller count replicas: 2 dnsPolicy: ClusterFirstWithHostNet forceUpdate: false forceRemoveDriver: true common: - image: "dellemc/csi-unity:v2.11.0" + image: "dellemc/csi-unity:v2.11.1" imagePullPolicy: IfNotPresent envs: # X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS - Flag to enable sharing of volumes across multiple pods within the same node in RWO access mode. diff --git a/controllers/csm_controller.go b/controllers/csm_controller.go index 4967b85f1..7e1e6d2b6 100644 --- a/controllers/csm_controller.go +++ b/controllers/csm_controller.go @@ -93,7 +93,7 @@ const ( CSMFinalizerName = "finalizer.dell.emc.com" // CSMVersion - - CSMVersion = "v1.11.0" + CSMVersion = "v1.11.1" ) var ( diff --git a/deploy/olm/operator_community.yaml b/deploy/olm/operator_community.yaml index 8484028a5..99aacc07e 100644 --- a/deploy/olm/operator_community.yaml +++ b/deploy/olm/operator_community.yaml @@ -5,7 +5,7 @@ metadata: namespace: test-csm-operator-olm spec: sourceType: grpc - image: docker.io/dellemc/dell-csm-operator:v1.6.0 + image: docker.io/dellemc/dell-csm-operator:v1.6.1 --- apiVersion: operators.coreos.com/v1 kind: OperatorGroup diff --git a/deploy/operator.yaml b/deploy/operator.yaml index 31b7903ff..3dd1525b7 100644 --- a/deploy/operator.yaml +++ b/deploy/operator.yaml @@ -1328,7 +1328,7 @@ spec: template: metadata: annotations: - storage.dell.com/CSMVersion: v1.11.0 + storage.dell.com/CSMVersion: v1.11.1 labels: control-plane: controller-manager spec: @@ -1339,7 +1339,7 @@ spec: - /manager env: - name: RELATED_IMAGE_dell-csm-operator - value: docker.io/dellemc/dell-csm-operator:v1.6.0 + value: docker.io/dellemc/dell-csm-operator:v1.6.1 - name: RELATED_IMAGE_csi-isilon value: docker.io/dellemc/csi-isilon:v2.11.0 - name: RELATED_IMAGE_csi-powermax @@ -1347,9 +1347,9 @@ spec: - name: RELATED_IMAGE_csipowermax-reverseproxy value: docker.io/dellemc/csipowermax-reverseproxy:v2.10.0 - name: RELATED_IMAGE_csi-powerstore - value: docker.io/dellemc/csi-powerstore:v2.11.0 + value: docker.io/dellemc/csi-powerstore:v2.11.1 - name: RELATED_IMAGE_csi-unity - value: docker.io/dellemc/csi-unity:v2.11.0 + value: docker.io/dellemc/csi-unity:v2.11.1 - name: RELATED_IMAGE_csi-vxflexos value: docker.io/dellemc/csi-vxflexos:v2.11.0 - name: RELATED_IMAGE_sdc @@ -1392,7 +1392,7 @@ spec: value: docker.io/dellemc/connectivity-client-docker-k8s:1.19.0 - name: RELATED_IMAGE_cert-persister value: docker.io/dellemc/connectivity-cert-persister-k8s:0.11.0 - image: docker.io/dellemc/dell-csm-operator:v1.6.0 + image: docker.io/dellemc/dell-csm-operator:v1.6.1 imagePullPolicy: Always livenessProbe: httpGet: diff --git a/docker.mk b/docker.mk index b4fdf88b7..868f275e5 100644 --- a/docker.mk +++ b/docker.mk @@ -14,11 +14,11 @@ BUNDLE_IMAGE_TAG_BASE_COMMUNITY ?= dell-csm-community-operator-bundle # Image tag base for community catalog images CATALOG_IMAGE_TAG_BASE_COMMUNITY ?= dell-csm-community-operator-catalog -# Operator version tagged with build number. For e.g. - v1.6.0.001 -VERSION ?= v1.6.0 +# Operator version tagged with build number. For e.g. - v1.6.1.001 +VERSION ?= v1.6.1 # Bundle Version is the semantic version(required by operator-sdk) -BUNDLE_VERSION ?= 1.6.0 +BUNDLE_VERSION ?= 1.6.1 # Timestamp local builds TIMESTAMP := $(shell date +%Y%m%d%H%M%S) @@ -37,5 +37,5 @@ IMG ?= "$(REGISTRY)/$(IMAGE_TAG_BASE):$(VERSION)" # You can use it as an arg. (E.g make bundle-build BUNDLE_IMG=/:) BUNDLE_IMG ?= "$(REGISTRY)/$(BUNDLE_IMAGE_TAG_BASE_COMMUNITY):$(VERSION)" -# The image tag given to the resulting catalog image (e.g. make catalog-build CATALOG_IMG=example.com/operator-catalog:v1.6.0). +# The image tag given to the resulting catalog image (e.g. make catalog-build CATALOG_IMG=example.com/operator-catalog:v1.6.1). CATALOG_IMG ?= "$(REGISTRY)/$(CATALOG_IMAGE_TAG_BASE_COMMUNITY):$(VERSION)" diff --git a/operatorconfig/driverconfig/powerstore/v2.11.1/controller.yaml b/operatorconfig/driverconfig/powerstore/v2.11.1/controller.yaml new file mode 100644 index 000000000..83ba7ec4f --- /dev/null +++ b/operatorconfig/driverconfig/powerstore/v2.11.1/controller.yaml @@ -0,0 +1,272 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: -controller + namespace: +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -controller +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["volumegroup.storage.dell.com"] + resources: ["dellcsivolumegroupsnapshots", "dellcsivolumegroupsnapshots/status"] + verbs: ["create", "list", "watch", "delete", "update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots", "volumesnapshots/status"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["patch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + # below for resizer + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + # Permissions for CSIStorageCapacity + - apiGroups: ["storage.k8s.io"] + resources: ["csistoragecapacities"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -controller +subjects: + - kind: ServiceAccount + name: -controller + namespace: +roleRef: + kind: ClusterRole + name: -controller + apiGroup: rbac.authorization.k8s.io +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: -controller + namespace: +spec: + selector: + matchLabels: + name: -controller + replicas: 2 + template: + metadata: + labels: + name: -controller + annotations: + kubectl.kubernetes.io/default-container: driver + spec: + serviceAccountName: -controller + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: name + operator: In + values: + - -controller + topologyKey: kubernetes.io/hostname + containers: + - name: attacher + image: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--leader-election" + - "--worker-threads=130" + - "--resync=10s" + - "--timeout=130s" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: resizer + image: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--leader-election" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: provisioner + image: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--volume-name-prefix=csivol" + - "--volume-name-uuid-length=10" + - "--v=5" + - "--leader-election" + - "--default-fstype=ext4" + - "--extra-create-metadata" + - "--feature-gates=Topology=true" + - "--enable-capacity=true" + - "--capacity-ownerref-level=2" + - "--capacity-poll-interval=5m" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--leader-election" + - "--snapshot-name-prefix=csisnap" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: external-health-monitor + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--http-endpoint=:8080" + - "--enable-node-watcher=true" + - "--monitor-interval=60s" + - "--timeout=180s" + - "--leader-election-renew-deadline=10s" + - "--leader-election-lease-duration=15s" + - "--leader-election-retry-period=5s" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: driver + image: dellemc/csi-powerstore:v2.11.1 + imagePullPolicy: IfNotPresent + command: ["/csi-powerstore"] + args: + - "--array-config=/powerstore-config/config" + - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" + env: + - name: ENABLE_TRACING + value: + - name: CSI_ENDPOINT + value: /var/run/csi/csi.sock + - name: X_CSI_MODE + value: controller + - name: X_CSI_DRIVER_NAME + value: "csi-powerstore.dellemc.com" + - name: X_CSI_POWERSTORE_EXTERNAL_ACCESS + value: + - name: X_CSI_NFS_ACLS + value: "" + - name: X_CSI_POWERSTORE_CONFIG_PATH + value: /powerstore-config/config + - name: X_CSI_POWERSTORE_CONFIG_PARAMS_PATH + value: /powerstore-config-params/driver-config-params.yaml + - name: GOPOWERSTORE_DEBUG + value: true + - name: CSI_AUTO_ROUND_OFF_FILESYSTEM_SIZE + value: true + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "" + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: powerstore-config + mountPath: /powerstore-config + - name: powerstore-config-params + mountPath: /powerstore-config-params + volumes: + - name: socket-dir + emptyDir: + - name: powerstore-config-params + configMap: + name: -config-params + - name: powerstore-config + secret: + secretName: -config diff --git a/operatorconfig/driverconfig/powerstore/v2.11.1/csidriver.yaml b/operatorconfig/driverconfig/powerstore/v2.11.1/csidriver.yaml new file mode 100644 index 000000000..0f1b9547f --- /dev/null +++ b/operatorconfig/driverconfig/powerstore/v2.11.1/csidriver.yaml @@ -0,0 +1,27 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# + +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: csi-powerstore.dellemc.com +spec: + storageCapacity: false + podInfoOnMount: true + fsGroupPolicy: ReadWriteOnceWithFSType + volumeLifecycleModes: + - Persistent + - Ephemeral diff --git a/operatorconfig/driverconfig/powerstore/v2.11.1/driver-config-params.yaml b/operatorconfig/driverconfig/powerstore/v2.11.1/driver-config-params.yaml new file mode 100644 index 000000000..19960e910 --- /dev/null +++ b/operatorconfig/driverconfig/powerstore/v2.11.1/driver-config-params.yaml @@ -0,0 +1,29 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# + +apiVersion: v1 +kind: ConfigMap +metadata: + name: -config-params + namespace: +data: + driver-config-params.yaml: | + CSI_LOG_LEVEL: "debug" + CSI_LOG_FORMAT: "JSON" + PODMON_CONTROLLER_LOG_LEVEL: "debug" + PODMON_CONTROLLER_LOG_FORMAT: "JSON" + PODMON_NODE_LOG_LEVEL: "debug" + PODMON_NODE_LOG_FORMAT: "JSON" diff --git a/operatorconfig/driverconfig/powerstore/v2.11.1/node.yaml b/operatorconfig/driverconfig/powerstore/v2.11.1/node.yaml new file mode 100644 index 000000000..91b2ad20a --- /dev/null +++ b/operatorconfig/driverconfig/powerstore/v2.11.1/node.yaml @@ -0,0 +1,246 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: -node + namespace: +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -node +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["create", "delete", "get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["security.openshift.io"] + resourceNames: ["privileged"] + resources: ["securitycontextconstraints"] + verbs: ["use"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -node +subjects: + - kind: ServiceAccount + name: -node + namespace: +roleRef: + kind: ClusterRole + name: -node + apiGroup: rbac.authorization.k8s.io +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: -node + namespace: +spec: + selector: + matchLabels: + app: -node + template: + metadata: + labels: + app: -node + driver.dellemc.com: dell-storage + annotations: + kubectl.kubernetes.io/default-container: driver + spec: + #nodeSelector: + #tolerations: + serviceAccount: -node + dnsPolicy: ClusterFirstWithHostNet + hostNetwork: true + hostIPC: true + containers: + - name: driver + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + image: dellemc/csi-powerstore:v2.11.1 + imagePullPolicy: IfNotPresent + command: ["/csi-powerstore"] + args: + - "--array-config=/powerstore-config/config" + - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" + env: + - name: ENABLE_TRACING + value: + - name: CSI_ENDPOINT + value: unix:///plugins/csi-powerstore.dellemc.com/csi_sock + - name: X_CSI_MODE + value: node + - name: X_CSI_POWERSTORE_KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: X_CSI_POWERSTORE_NODE_NAME_PREFIX + value: + - name: X_CSI_POWERSTORE_NODE_ID_PATH + value: /node-id + - name: X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE + value: + - name: X_CSI_POWERSTORE_NODE_CHROOT_PATH + value: /noderoot + - name: X_CSI_POWERSTORE_TMP_DIR + value: /plugins/csi-powerstore.dellemc.com/tmp + - name: X_CSI_DRIVER_NAME + value: "csi-powerstore.dellemc.com" + - name: X_CSI_FC_PORTS_FILTER_FILE_PATH + value: + - name: X_CSI_POWERSTORE_ENABLE_CHAP + value: "" + - name: X_CSI_POWERSTORE_CONFIG_PATH + value: /powerstore-config/config + - name: X_CSI_POWERSTORE_CONFIG_PARAMS_PATH + value: /powerstore-config-params/driver-config-params.yaml + - name: GOPOWERSTORE_DEBUG + value: "true" + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "" + volumeMounts: + - name: driver-path + mountPath: /plugins/csi-powerstore.dellemc.com + - name: csi-path + mountPath: /plugins/kubernetes.io/csi + mountPropagation: "Bidirectional" + - name: pods-path + mountPath: /pods + mountPropagation: "Bidirectional" + - name: dev + mountPath: /dev + - name: sys + mountPath: /sys + - name: run + mountPath: /run + - name: node-id + mountPath: /node-id + - name: etciscsi + mountPath: /etc/iscsi + - name: mpath + mountPath: /etc/multipath.conf + - name: noderoot + mountPath: /noderoot + - name: powerstore-config + mountPath: /powerstore-config + - name: powerstore-config-params + mountPath: /powerstore-config-params + - name: registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - --kubelet-registration-path=/plugins/csi-powerstore.dellemc.com/csi_sock + env: + - name: ADDRESS + value: /csi/csi_sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + volumeMounts: + - name: registration-dir + mountPath: /registration + - name: driver-path + mountPath: /csi + volumes: + - name: registration-dir + hostPath: + path: /plugins_registry/ + type: DirectoryOrCreate + - name: driver-path + hostPath: + path: /plugins/csi-powerstore.dellemc.com + type: DirectoryOrCreate + - name: csi-path + hostPath: + path: /plugins/kubernetes.io/csi + - name: pods-path + hostPath: + path: /pods + type: Directory + - name: dev + hostPath: + path: /dev + type: Directory + - name: node-id + hostPath: + path: /etc/machine-id + type: File + - name: etciscsi + hostPath: + path: /etc/iscsi + type: DirectoryOrCreate + - name: mpath + hostPath: + path: /etc/multipath.conf + type: FileOrCreate + - name: noderoot + hostPath: + path: / + type: Directory + - name: sys + hostPath: + path: /sys + type: Directory + - name: run + hostPath: + path: /run + type: Directory + - name: powerstore-config-params + configMap: + name: -config-params + - name: powerstore-config + secret: + secretName: -config + - name: usr-bin + hostPath: + path: /usr/bin + type: Directory + - name: kubelet-pods + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - name: var-run + hostPath: + path: /var/run + type: Directory diff --git a/operatorconfig/driverconfig/powerstore/v2.11.1/upgrade-path.yaml b/operatorconfig/driverconfig/powerstore/v2.11.1/upgrade-path.yaml new file mode 100644 index 000000000..529a9668d --- /dev/null +++ b/operatorconfig/driverconfig/powerstore/v2.11.1/upgrade-path.yaml @@ -0,0 +1 @@ +minUpgradePath: v2.9.0 diff --git a/operatorconfig/driverconfig/unity/v2.11.1/controller.yaml b/operatorconfig/driverconfig/unity/v2.11.1/controller.yaml new file mode 100644 index 000000000..7dc4afa46 --- /dev/null +++ b/operatorconfig/driverconfig/unity/v2.11.1/controller.yaml @@ -0,0 +1,261 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: -controller + namespace: +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -controller +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "create", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["patch"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csinodeinfos"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] + # below for snapshotter + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update", "patch"] + # below for resizer + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + # Permissions for CSIStorageCapacity + - apiGroups: ["storage.k8s.io"] + resources: ["csistoragecapacities"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -controller +subjects: + - kind: ServiceAccount + name: -controller + namespace: +roleRef: + kind: ClusterRole + name: -controller + apiGroup: rbac.authorization.k8s.io +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: -controller + namespace: +spec: + selector: + matchLabels: + app: -controller + replicas: 2 + template: + metadata: + labels: + app: -controller + annotations: + kubectl.kubernetes.io/default-container: driver + spec: + serviceAccountName: -controller + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - -controller + topologyKey: "kubernetes.io/hostname" + containers: + - name: attacher + image: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--leader-election" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: provisioner + image: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--volume-name-prefix=csivol" + - "--volume-name-uuid-length=10" + - "--timeout=180s" + - "--worker-threads=6" + - "--v=5" + - "--feature-gates=Topology=true" + - "--strict-topology=true" + - "--leader-election" + - "--leader-election-namespace=" + - "--default-fstype=ext4" + - "--enable-capacity=true" + - "--capacity-ownerref-level=2" + - "--capacity-poll-interval=5m" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--snapshot-name-prefix=csi-snap" + - "--snapshot-name-uuid-length=10" + - "--timeout=360s" + - "--v=5" + - "--leader-election" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: resizer + image: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--leader-election" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: external-health-monitor + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--http-endpoint=:8080" + - "--enable-node-watcher=true" + - "--monitor-interval=60s" + - "--timeout=180s" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: driver + image: dellemc/csi-unity:v2.11.1 + args: + - "--driver-name=csi-unity.dellemc.com" + - "--driver-config=/unity-config/driver-config-params.yaml" + - "--driver-secret=/unity-secret/config" + imagePullPolicy: IfNotPresent + env: + - name: CSI_ENDPOINT + value: /var/run/csi/csi.sock + - name: X_CSI_MODE + value: controller + - name: X_CSI_UNITY_AUTOPROBE + value: "true" + - name: SSL_CERT_DIR + value: /certs + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "" + - name: X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION + value: "true" + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: certs + mountPath: /certs + readOnly: true + - name: unity-config + mountPath: /unity-config + - name: unity-secret + mountPath: /unity-secret + volumes: + - name: certs + projected: + sources: + - secret: + name: -certs-0 + items: + - key: cert-0 + path: cert-0 + - name: socket-dir + emptyDir: + - name: unity-config + configMap: + name: -config-params + - name: unity-secret + secret: + secretName: -creds diff --git a/operatorconfig/driverconfig/unity/v2.11.1/csidriver.yaml b/operatorconfig/driverconfig/unity/v2.11.1/csidriver.yaml new file mode 100644 index 000000000..01b17ef22 --- /dev/null +++ b/operatorconfig/driverconfig/unity/v2.11.1/csidriver.yaml @@ -0,0 +1,12 @@ +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: csi-unity.dellemc.com +spec: + attachRequired: true + podInfoOnMount: true + storageCapacity: true + volumeLifecycleModes: + - Persistent + - Ephemeral + fsGroupPolicy: ReadWriteOnceWithFSType diff --git a/operatorconfig/driverconfig/unity/v2.11.1/driver-config-params.yaml b/operatorconfig/driverconfig/unity/v2.11.1/driver-config-params.yaml new file mode 100644 index 000000000..3a1c28626 --- /dev/null +++ b/operatorconfig/driverconfig/unity/v2.11.1/driver-config-params.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: -config-params + namespace: +data: + driver-config-params.yaml: | + CSI_LOG_LEVEL: "info" + CSI_LOG_FORMAT: "JSON" + ALLOW_RWO_MULTIPOD_ACCESS: "false" + MAX_UNITY_VOLUMES_PER_NODE: 0 + SYNC_NODE_INFO_TIME_INTERVAL: 15 + TENANT_NAME: "" \ No newline at end of file diff --git a/operatorconfig/driverconfig/unity/v2.11.1/node.yaml b/operatorconfig/driverconfig/unity/v2.11.1/node.yaml new file mode 100644 index 000000000..9aa609b4d --- /dev/null +++ b/operatorconfig/driverconfig/unity/v2.11.1/node.yaml @@ -0,0 +1,193 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: -node + namespace: +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -node +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["create", "delete", "get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["security.openshift.io"] + resourceNames: ["privileged"] + resources: ["securitycontextconstraints"] + verbs: ["use"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -node +subjects: + - kind: ServiceAccount + name: -node + namespace: +roleRef: + kind: ClusterRole + name: -node + apiGroup: rbac.authorization.k8s.io +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: -node + namespace: +spec: + updateStrategy: + type: RollingUpdate + selector: + matchLabels: + app: -node + template: + metadata: + labels: + app: -node + annotations: + kubectl.kubernetes.io/default-container: driver + spec: + serviceAccountName: -node + hostIPC: true + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + containers: + - name: driver + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + image: dellemc/csi-unity:v2.11.1 + imagePullPolicy: IfNotPresent + args: + - "--driver-name=csi-unity.dellemc.com" + - "--driver-config=/unity-config/driver-config-params.yaml" + - "--driver-secret=/unity-secret/config" + env: + - name: CSI_ENDPOINT + value: unix:///var/lib/kubelet/plugins/unity.emc.dell.com/csi_sock + - name: X_CSI_MODE + value: node + - name: X_CSI_UNITY_AUTOPROBE + value: "true" + - name: X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS + value: "false" + - name: X_CSI_PRIVATE_MOUNT_DIR + value: "/var/lib/kubelet/plugins/unity.emc.dell.com/disks" + - name: X_CSI_EPHEMERAL_STAGING_PATH + value: "/var/lib/kubelet/plugins/kubernetes.io/csi/pv/" + - name: X_CSI_ISCSI_CHROOT + value: "/noderoot" + - name: X_CSI_UNITY_NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: SSL_CERT_DIR + value: /certs + - name: X_CSI_UNITY_SYNC_NODEINFO_INTERVAL + value: "15" + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "" + - name: X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION + value: "true" + - name: X_CSI_ALLOWED_NETWORKS + value: "" + volumeMounts: + - name: driver-path + mountPath: /var/lib/kubelet/plugins/unity.emc.dell.com + - name: volumedevices-path + mountPath: /var/lib/kubelet/plugins/kubernetes.io/csi + mountPropagation: "Bidirectional" + - name: pods-path + mountPath: /var/lib/kubelet/pods + mountPropagation: "Bidirectional" + - name: dev + mountPath: /dev + - name: noderoot + mountPath: /noderoot + - name: certs + mountPath: /certs + readOnly: true + - name: unity-config + mountPath: /unity-config + - name: unity-secret + mountPath: /unity-secret + - name: registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - --kubelet-registration-path=/var/lib/kubelet/plugins/unity.emc.dell.com/csi_sock + env: + - name: ADDRESS + value: /csi/csi_sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + volumeMounts: + - name: registration-dir + mountPath: /registration + - name: driver-path + mountPath: /csi + volumes: + - name: registration-dir + hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: DirectoryOrCreate + - name: driver-path + hostPath: + path: /var/lib/kubelet/plugins/unity.emc.dell.com + type: DirectoryOrCreate + - name: volumedevices-path + hostPath: + path: /var/lib/kubelet/plugins/kubernetes.io/csi + type: DirectoryOrCreate + - name: pods-path + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - name: dev + hostPath: + path: /dev + type: Directory + - name: noderoot + hostPath: + path: / + type: Directory + - name: certs + projected: + sources: + - secret: + name: -certs-0 + items: + - key: cert-0 + path: cert-0 + - name: unity-config + configMap: + name: -config-params + - name: unity-secret + secret: + secretName: -creds diff --git a/operatorconfig/driverconfig/unity/v2.11.1/upgrade-path.yaml b/operatorconfig/driverconfig/unity/v2.11.1/upgrade-path.yaml new file mode 100644 index 000000000..529a9668d --- /dev/null +++ b/operatorconfig/driverconfig/unity/v2.11.1/upgrade-path.yaml @@ -0,0 +1 @@ +minUpgradePath: v2.9.0 diff --git a/operatorconfig/moduleconfig/common/version-values.yaml b/operatorconfig/moduleconfig/common/version-values.yaml index c7a7c5ff1..116127650 100644 --- a/operatorconfig/moduleconfig/common/version-values.yaml +++ b/operatorconfig/moduleconfig/common/version-values.yaml @@ -70,6 +70,8 @@ powerstore: resiliency: "v1.9.1" v2.11.0: resiliency: "v1.10.0" + v2.11.1: + resiliency: "v1.10.0" powermax: # List of Driver versions and modules that supports the version v2.9.0: diff --git a/pkg/modules/authorization.go b/pkg/modules/authorization.go index 3b389809a..2a3b0e101 100644 --- a/pkg/modules/authorization.go +++ b/pkg/modules/authorization.go @@ -756,7 +756,8 @@ func authorizationStorageServiceV2(ctx context.Context, isDeleting bool, cr csmv continue } } - + // conversion to int32 is safe for a value up to 2147483647 + // #nosec G115 deployment := getStorageServiceScaffold(cr.Name, cr.Namespace, image, int32(replicas)) // set vault volumes diff --git a/pkg/modules/testdata/cr_powerstore_resiliency.yaml b/pkg/modules/testdata/cr_powerstore_resiliency.yaml index ca2266e93..72aba5761 100644 --- a/pkg/modules/testdata/cr_powerstore_resiliency.yaml +++ b/pkg/modules/testdata/cr_powerstore_resiliency.yaml @@ -6,11 +6,11 @@ metadata: spec: driver: csiDriverType: "powerstore" - configVersion: v2.11.0 + configVersion: v2.11.1 authSecret: powerstore-creds replicas: 1 common: - image: "dellemc/csi-powerstore:v2.11.0" + image: "dellemc/csi-powerstore:v2.11.1" imagePullPolicy: IfNotPresent modules: - name: resiliency diff --git a/samples/storage_csm_powerstore_v2111.yaml b/samples/storage_csm_powerstore_v2111.yaml new file mode 100644 index 000000000..85cfa913e --- /dev/null +++ b/samples/storage_csm_powerstore_v2111.yaml @@ -0,0 +1,216 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +apiVersion: storage.dell.com/v1 +kind: ContainerStorageModule +metadata: + name: powerstore + namespace: powerstore +spec: + driver: + csiDriverType: "powerstore" + csiDriverSpec: + # in OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field + # fsGroupPolicy: Defines if the underlying volume supports changing ownership and permission of the volume before being mounted. + # Allowed values: ReadWriteOnceWithFSType, File , None + # Default value: ReadWriteOnceWithFSType + fSGroupPolicy: "ReadWriteOnceWithFSType" + # storageCapacity: Helps the scheduler to schedule the pod on a node satisfying the topology constraints, only if the requested capacity is available on the storage array + # Allowed values: + # true: enable storage capacity tracking + # false: disable storage capacity tracking + storageCapacity: true + configVersion: v2.11.1 + # authSecret: This is the secret used to validate the default PowerStore secret used for installation + # Allowed values: -config + # For example: If the metadataName is set to powerstore, authSecret value should be set to powerstore-config + authSecret: powerstore-config + # Controller count + replicas: 2 + dnsPolicy: ClusterFirstWithHostNet + forceUpdate: false + forceRemoveDriver: true + common: + image: "dellemc/csi-powerstore:v2.11.1" + imagePullPolicy: IfNotPresent + envs: + - name: X_CSI_POWERSTORE_NODE_NAME_PREFIX + value: "csi-node" + - name: X_CSI_FC_PORTS_FILTER_FILE_PATH + value: "/etc/fc-ports-filter" + # Specify kubelet config dir path. + # Ensure that the config.yaml file is present at this path. + # Default value: /var/lib/kubelet + - name: KUBELET_CONFIG_DIR + value: /var/lib/kubelet + - name: CSI_LOG_LEVEL + value: debug + sideCars: + # 'csivol' represents a string prepended to each volume created by the CSI driver + - name: provisioner + image: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 + args: ["--volume-name-prefix=csivol"] + - name: attacher + image: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 + - name: registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 + - name: resizer + image: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 + - name: snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 + - name: csi-metadata-retriever + image: dellemc/csi-metadata-retriever:v1.8.0 + # health monitor is disabled by default, refer to driver documentation before enabling it + - name: external-health-monitor + enabled: false + args: ["--monitor-interval=60s"] + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity + # Configure only when the storageCapacity is set as "true" + # Allowed values: 1m,2m,3m,...,10m,...,60m etc. Default value: 5m + #- name: provisioner + # args: ["--capacity-poll-interval=5m"] + + controller: + envs: + # X_CSI_NFS_ACLS: enables setting permissions on NFS mount directory + # This value will be the default value if a storage class and array config in secret + # do not contain the NFS ACL (nfsAcls) parameter specified + # Permissions can be specified in two formats: + # 1) Unix mode (NFSv3) + # 2) NFSv4 ACLs (NFSv4) + # NFSv4 ACLs are supported on NFSv4 share only. + # Allowed values: + # 1) Unix mode: valid octal mode number + # Examples: "0777", "777", "0755" + # 2) NFSv4 acls: valid NFSv4 acls, seperated by comma + # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" + # Optional: true + # Default value: "0777" + # nfsAcls: "0777" + - name: X_CSI_NFS_ACLS + value: "0777" + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. + # Install the 'external-health-monitor' sidecar accordingly. + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: false + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "false" + # X_CSI_POWERSTORE_EXTERNAL_ACCESS: Allows to specify additional entries for hostAccess of NFS volumes. Both single IP address and subnet are valid entries. + # Allowed Values: x.x.x.x/xx or x.x.x.x + # Default Value: + - name: X_CSI_POWERSTORE_EXTERNAL_ACCESS + value: + # nodeSelector: Define node selection constraints for controller pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + nodeSelector: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # node-role.kubernetes.io/control-plane: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # - key: "node-role.kubernetes.io/control-plane" + # operator: "Exists" + # effect: "NoSchedule" + node: + envs: + # Set to "true" to enable ISCSI CHAP Authentication + # CHAP password will be autogenerated by driver + - name: "X_CSI_POWERSTORE_ENABLE_CHAP" + value: "false" + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: false + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "false" + # X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE: Defines the maximum PowerStore volumes that can be created per node + # Allowed values: Any value greater than or equal to 0 + # Default value: "0" + - name: X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE + value: "0" + # nodeSelector: Define node selection constraints for node pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + nodeSelector: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # node-role.kubernetes.io/control-plane: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # - key: "node-role.kubernetes.io/control-plane" + # operator: "Exists" + # effect: "NoSchedule" + modules: + - name: resiliency + # enabled: Enable/Disable Resiliency feature + # Allowed values: + # true: enable Resiliency feature(deploy podmon sidecar) + # false: disable Resiliency feature(do not deploy podmon sidecar) + # Default value: false + enabled: false + configVersion: v1.10.0 + components: + - name: podmon-controller + image: dellemc/podmon:v1.10.0 + imagePullPolicy: IfNotPresent + args: + - "--labelvalue=csi-powerstore" + - "--arrayConnectivityPollRate=60" + - "--skipArrayConnectionValidation=false" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + - "--arrayConnectivityConnectionLossThreshold=3" + # Below 4 args should not be modified. + - "--csisock=unix:/var/run/csi/csi.sock" + - "--mode=controller" + - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" + - "--driverPath=csi-powerstore.dellemc.com" + - name: podmon-node + image: dellemc/podmon:v1.10.0 + imagePullPolicy: IfNotPresent + envs: + # podmonAPIPort: Defines the port to be used within the kubernetes cluster + # Allowed values: Any valid and free port (string) + # Default value: 8083 + - name: "X_CSI_PODMON_API_PORT" + value: "8083" + args: + - "--labelvalue=csi-powerstore" + - "--arrayConnectivityPollRate=60" + - "--leaderelection=false" + - "--driverPodLabelValue=dell-storage" + - "--ignoreVolumelessPods=false" + # Below 4 args should not be modified. + - "--csisock=unix:/var/lib/kubelet/plugins/csi-powerstore.dellemc.com/csi_sock" + - "--mode=node" + - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" + - "--driverPath=csi-powerstore.dellemc.com" diff --git a/samples/storage_csm_unity_v2111.yaml b/samples/storage_csm_unity_v2111.yaml new file mode 100644 index 000000000..1ff3a30d8 --- /dev/null +++ b/samples/storage_csm_unity_v2111.yaml @@ -0,0 +1,168 @@ +apiVersion: storage.dell.com/v1 +kind: ContainerStorageModule +metadata: + name: unity + namespace: unity +spec: + driver: + csiDriverType: "unity" + csiDriverSpec: + # in OCP <= 4.16 and K8s <= 1.29, fsGroupPolicy is an immutable field + # fsGroupPolicy: Defines if the underlying volume supports changing ownership and permission of the volume before being mounted. + # Allowed values: ReadWriteOnceWithFSType, File , None + # Default value: ReadWriteOnceWithFSType + fSGroupPolicy: "ReadWriteOnceWithFSType" + # storageCapacity: Helps the scheduler to schedule the pod on a node satisfying the topology constraints, only if the requested capacity is available on the storage array + # Allowed values: + # true: enable storage capacity tracking + # false: disable storage capacity tracking + storageCapacity: true + configVersion: v2.11.1 + # Controller count + replicas: 2 + dnsPolicy: ClusterFirstWithHostNet + forceUpdate: false + forceRemoveDriver: true + common: + image: "dellemc/csi-unity:v2.11.1" + imagePullPolicy: IfNotPresent + envs: + # X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS - Flag to enable sharing of volumes across multiple pods within the same node in RWO access mode. + # Allowed values: boolean + # Default value: "false" + # Examples : "true" , "false" + - name: X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS + value: "false" + - name: X_CSI_EPHEMERAL_STAGING_PATH + value: "/var/lib/kubelet/plugins/kubernetes.io/csi/pv/" + # X_CSI_ISCSI_CHROOT is the path to which the driver will chroot before + # running any iscsi commands. This value should only be set when instructed + # by technical support + - name: X_CSI_ISCSI_CHROOT + value: "/noderoot" + # X_CSI_UNITY_SYNC_NODEINFO_INTERVAL - Time interval to add node info to array. Default 15 minutes. Minimum value should be 1. + # Allowed values: integer + # Default value: 15 + # Examples : 0 , 2 + - name: X_CSI_UNITY_SYNC_NODEINFO_INTERVAL + value: "15" + # Specify kubelet config dir path. + # Ensure that the config.yaml file is present at this path. + # Default value: /var/lib/kubelet + - name: KUBELET_CONFIG_DIR + value: /var/lib/kubelet + # CSI_LOG_LEVEL is used to set the logging level of the driver. + # Allowed values: "error", "warn"/"warning", "info", "debug" + # Default value: "info" + - name: CSI_LOG_LEVEL + value: debug + # CSI driver log format + # Allowed values: "TEXT" or "JSON" + # Default value: "TEXT" + - name: CSI_LOG_FORMAT + value: "TEXT" + # TENANT_NAME - Tenant name that need to added while adding host entry to the array. + # Allowed values: string + # Default value: "" + # Examples : "tenant2" , "tenant3" + - name: TENANT_NAME + value: "" + # CERT_SECRET_COUNT: Represents number of certificate secrets, which user is going to create for + # ssl authentication. (unity-cert-0..unity-cert-n) + # This field is only verified if X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION is set to false + # Allowed values: n, where n > 0 + # Default value: None + - name: CERT_SECRET_COUNT + value: "1" + # X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION: Specifies if the driver is going to validate unisphere certs while connecting to the Unisphere REST API interface. + # If it is set to false, then a secret unity-certs has to be created with an X.509 certificate of CA which signed the Unisphere certificate + # Allowed values: + # true: skip Unisphere API server's certificate verification + # false: verify Unisphere API server's certificates + # Default value: true + - name: X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION + value: "true" + sideCars: + # 'csivol' represents a string prepended to each volume created by the CSI driver + - name: provisioner + image: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 + args: ["--volume-name-prefix=csivol"] + - name: attacher + image: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 + - name: registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 + - name: resizer + image: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 + - name: snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 + - name: csi-metadata-retriever + image: dellemc/csi-metadata-retriever:v1.8.0 + # health monitor is disabled by default, refer to driver documentation before enabling it + - name: external-health-monitor + # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity + # Configure when the storageCapacity is set as "true" + # Allowed values: 1m,2m,3m,...,10m,...,60m etc. Default value: 5m + #- name: provisioner + # args: ["--capacity-poll-interval=5m"] + + enabled: false + args: ["--monitor-interval=60s"] + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + controller: + envs: + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. + # Install the 'external-health-monitor' sidecar accordingly. + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: false + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "false" + nodeSelector: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # node-role.kubernetes.io/control-plane: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # - key: "node-role.kubernetes.io/control-plane" + # operator: "Exists" + # effect: "NoSchedule" + node: + envs: + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: false + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "false" + # X_CSI_ALLOWED_NETWORKS: Custom networks for Unity export + # Specify list of networks which can be used for NFS I/O traffic; CIDR format should be used. + # Allowed values: list of one or more networks (comma separated) + # Default value: "" + # Provide them in the following format: "net1, net2" + # CIDR format should be used + # eg: "192.168.1.0/24, 192.168.100.0/22" + - name: X_CSI_ALLOWED_NETWORKS + value: "" + # nodeSelector: Define node selection constraints for node pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + nodeSelector: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # node-role.kubernetes.io/control-plane: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: +# Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint +# - key: "node-role.kubernetes.io/control-plane" +# operator: "Exists" +# effect: "NoSchedule" diff --git a/tests/config/driverconfig/badDriver/v2.11.1/bad.yaml b/tests/config/driverconfig/badDriver/v2.11.1/bad.yaml new file mode 100644 index 000000000..f90b8b7a7 --- /dev/null +++ b/tests/config/driverconfig/badDriver/v2.11.1/bad.yaml @@ -0,0 +1,4 @@ +this snfoiasga + is + + 843*&(*(% invalid YAml diff --git a/tests/config/driverconfig/badDriver/v2.11.1/controller.yaml b/tests/config/driverconfig/badDriver/v2.11.1/controller.yaml new file mode 100644 index 000000000..f90b8b7a7 --- /dev/null +++ b/tests/config/driverconfig/badDriver/v2.11.1/controller.yaml @@ -0,0 +1,4 @@ +this snfoiasga + is + + 843*&(*(% invalid YAml diff --git a/tests/config/driverconfig/badDriver/v2.11.1/csidriver.yaml b/tests/config/driverconfig/badDriver/v2.11.1/csidriver.yaml new file mode 100644 index 000000000..f90b8b7a7 --- /dev/null +++ b/tests/config/driverconfig/badDriver/v2.11.1/csidriver.yaml @@ -0,0 +1,4 @@ +this snfoiasga + is + + 843*&(*(% invalid YAml diff --git a/tests/config/driverconfig/badDriver/v2.11.1/driver-config-params.yaml b/tests/config/driverconfig/badDriver/v2.11.1/driver-config-params.yaml new file mode 100644 index 000000000..55d520672 --- /dev/null +++ b/tests/config/driverconfig/badDriver/v2.11.1/driver-config-params.yaml @@ -0,0 +1,5 @@ +this snfoiasga + is + + 843*&(*(% invalid YAml + \ No newline at end of file diff --git a/tests/config/driverconfig/badDriver/v2.11.1/upgrade-path.yaml b/tests/config/driverconfig/badDriver/v2.11.1/upgrade-path.yaml new file mode 100644 index 000000000..f90b8b7a7 --- /dev/null +++ b/tests/config/driverconfig/badDriver/v2.11.1/upgrade-path.yaml @@ -0,0 +1,4 @@ +this snfoiasga + is + + 843*&(*(% invalid YAml diff --git a/tests/config/driverconfig/powerstore/v2.11.1/bad.yaml b/tests/config/driverconfig/powerstore/v2.11.1/bad.yaml new file mode 100644 index 000000000..a85d0f248 --- /dev/null +++ b/tests/config/driverconfig/powerstore/v2.11.1/bad.yaml @@ -0,0 +1,19 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +this snfoiasga + is + + 843*&(*(% invalid YAml \ No newline at end of file diff --git a/tests/config/driverconfig/powerstore/v2.11.1/config.json b/tests/config/driverconfig/powerstore/v2.11.1/config.json new file mode 100644 index 000000000..b90989ebe --- /dev/null +++ b/tests/config/driverconfig/powerstore/v2.11.1/config.json @@ -0,0 +1,12 @@ +[ + { + "username": "admin", + "password": "password", + "globalID": "unique" , + "blockProtocol": "auto", + "endpoint": "https://10.0.0.1/api/rest", + "skipCertificateValidation": true, + "nasName": "nas-server" , + "nfsAcls": "0777" + } +] \ No newline at end of file diff --git a/tests/config/driverconfig/powerstore/v2.11.1/controller.yaml b/tests/config/driverconfig/powerstore/v2.11.1/controller.yaml new file mode 100644 index 000000000..65f408104 --- /dev/null +++ b/tests/config/driverconfig/powerstore/v2.11.1/controller.yaml @@ -0,0 +1,270 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: -controller + namespace: +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -controller +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["volumegroup.storage.dell.com"] + resources: ["dellcsivolumegroupsnapshots","dellcsivolumegroupsnapshots/status"] + verbs: ["create", "list", "watch", "delete", "update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots", "volumesnapshots/status"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["patch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + # below for resizer + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + # Permissions for CSIStorageCapacity + - apiGroups: ["storage.k8s.io"] + resources: ["csistoragecapacities"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get"] + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -controller +subjects: + - kind: ServiceAccount + name: -controller + namespace: +roleRef: + kind: ClusterRole + name: -controller + apiGroup: rbac.authorization.k8s.io +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: -controller + namespace: +spec: + selector: + matchLabels: + name: -controller + replicas: 2 + template: + metadata: + labels: + name: -controller + spec: + serviceAccountName: -controller + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: name + operator: In + values: + - -controller + topologyKey: kubernetes.io/hostname + containers: + - name: attacher + image: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--leader-election" + - "--worker-threads=130" + - "--resync=10s" + - "--timeout=130s" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: resizer + image: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--leader-election" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: provisioner + image: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--volume-name-prefix=csivol" + - "--volume-name-uuid-length=10" + - "--v=5" + - "--leader-election" + - "--default-fstype=ext4" + - "--extra-create-metadata" + - "--feature-gates=Topology=true" + - "--enable-capacity=false" + - "--capacity-ownerref-level=2" + - "--capacity-poll-interval=5m" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--leader-election" + - "--snapshot-name-prefix=csisnap" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: external-health-monitor + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--http-endpoint=:8080" + - "--enable-node-watcher=true" + - "--monitor-interval=60s" + - "--timeout=180s" + - "--leader-election-renew-deadline=10s" + - "--leader-election-lease-duration=15s" + - "--leader-election-retry-period=5s" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: driver + image: dellemc/csi-powerstore:v2.11.1 + imagePullPolicy: IfNotPresent + command: [ "/csi-powerstore" ] + args: + - "--array-config=/powerstore-config/config" + - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" + env: + - name: ENABLE_TRACING + value: + - name: CSI_ENDPOINT + value: /var/run/csi/csi.sock + - name: X_CSI_MODE + value: controller + - name: X_CSI_DRIVER_NAME + value: "csi-powerstore.dellemc.com" + - name: X_CSI_POWERSTORE_EXTERNAL_ACCESS + value: + - name: X_CSI_NFS_ACLS + value: "" + - name: X_CSI_POWERSTORE_CONFIG_PATH + value: /powerstore-config/config + - name: X_CSI_POWERSTORE_CONFIG_PARAMS_PATH + value: /powerstore-config-params/driver-config-params.yaml + - name: GOPOWERSTORE_DEBUG + value: true + - name: CSI_AUTO_ROUND_OFF_FILESYSTEM_SIZE + value: false + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "" + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: powerstore-config + mountPath: /powerstore-config + - name: powerstore-config-params + mountPath: /powerstore-config-params + volumes: + - name: socket-dir + emptyDir: + - name: powerstore-config-params + configMap: + name: -config-params + - name: powerstore-config + secret: + secretName: -config \ No newline at end of file diff --git a/tests/config/driverconfig/powerstore/v2.11.1/csidriver.yaml b/tests/config/driverconfig/powerstore/v2.11.1/csidriver.yaml new file mode 100644 index 000000000..1d6b34780 --- /dev/null +++ b/tests/config/driverconfig/powerstore/v2.11.1/csidriver.yaml @@ -0,0 +1,27 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# + +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: csi-powerstore.dellemc.com +spec: + storageCapacity: false + podInfoOnMount: true + fsGroupPolicy: ReadWriteOnceWithFSType + volumeLifecycleModes: + - Persistent + - Ephemeral \ No newline at end of file diff --git a/tests/config/driverconfig/powerstore/v2.11.1/driver-config-params.yaml b/tests/config/driverconfig/powerstore/v2.11.1/driver-config-params.yaml new file mode 100644 index 000000000..94ce0ee14 --- /dev/null +++ b/tests/config/driverconfig/powerstore/v2.11.1/driver-config-params.yaml @@ -0,0 +1,25 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# + +apiVersion: v1 +kind: ConfigMap +metadata: + name: -config-params + namespace: +data: + driver-config-params.yaml: | + CSI_LOG_LEVEL: "debug" + CSI_LOG_FORMAT: "JSON" \ No newline at end of file diff --git a/tests/config/driverconfig/powerstore/v2.11.1/node.yaml b/tests/config/driverconfig/powerstore/v2.11.1/node.yaml new file mode 100644 index 000000000..b76231685 --- /dev/null +++ b/tests/config/driverconfig/powerstore/v2.11.1/node.yaml @@ -0,0 +1,244 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +apiVersion: v1 +kind: ServiceAccount +metadata: + name: -node + namespace: +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -node +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["create", "delete", "get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["security.openshift.io"] + resourceNames: ["privileged"] + resources: ["securitycontextconstraints"] + verbs: ["use"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -node +subjects: + - kind: ServiceAccount + name: -node + namespace: +roleRef: + kind: ClusterRole + name: -node + apiGroup: rbac.authorization.k8s.io +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: -node + namespace: +spec: + selector: + matchLabels: + app: -node + template: + metadata: + labels: + app: -node + driver.dellemc.com: dell-storage + spec: + #nodeSelector: + #tolerations: + serviceAccount: -node + dnsPolicy: ClusterFirstWithHostNet + hostNetwork: true + hostIPC: true + containers: + - name: driver + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + image: dellemc/csi-powerstore:v2.11.1 + imagePullPolicy: IfNotPresent + command: [ "/csi-powerstore" ] + args: + - "--array-config=/powerstore-config/config" + - "--driver-config-params=/powerstore-config-params/driver-config-params.yaml" + env: + - name: ENABLE_TRACING + value: + - name: CSI_ENDPOINT + value: unix:///plugins/csi-powerstore.dellemc.com/csi_sock + - name: X_CSI_MODE + value: node + - name: X_CSI_POWERSTORE_KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: X_CSI_POWERSTORE_NODE_NAME_PREFIX + value: + - name: X_CSI_POWERSTORE_NODE_ID_PATH + value: /node-id + - name: X_CSI_POWERSTORE_MAX_VOLUMES_PER_NODE + value: + - name: X_CSI_POWERSTORE_NODE_CHROOT_PATH + value: /noderoot + - name: X_CSI_POWERSTORE_TMP_DIR + value: /plugins/csi-powerstore.dellemc.com/tmp + - name: X_CSI_DRIVER_NAME + value: "csi-powerstore.dellemc.com" + - name: X_CSI_FC_PORTS_FILTER_FILE_PATH + value: + - name: X_CSI_POWERSTORE_ENABLE_CHAP + value: "" + - name: X_CSI_POWERSTORE_CONFIG_PATH + value: /powerstore-config/config + - name: X_CSI_POWERSTORE_CONFIG_PARAMS_PATH + value: /powerstore-config-params/driver-config-params.yaml + - name: GOPOWERSTORE_DEBUG + value: "true" + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "" + volumeMounts: + - name: driver-path + mountPath: /plugins/csi-powerstore.dellemc.com + - name: csi-path + mountPath: /plugins/kubernetes.io/csi + mountPropagation: "Bidirectional" + - name: pods-path + mountPath: /pods + mountPropagation: "Bidirectional" + - name: dev + mountPath: /dev + - name: sys + mountPath: /sys + - name: run + mountPath: /run + - name: node-id + mountPath: /node-id + - name: etciscsi + mountPath: /etc/iscsi + - name: mpath + mountPath: /etc/multipath.conf + - name: noderoot + mountPath: /noderoot + - name: powerstore-config + mountPath: /powerstore-config + - name: powerstore-config-params + mountPath: /powerstore-config-params + - name: registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - --kubelet-registration-path=/plugins/csi-powerstore.dellemc.com/csi_sock + env: + - name: ADDRESS + value: /csi/csi_sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + volumeMounts: + - name: registration-dir + mountPath: /registration + - name: driver-path + mountPath: /csi + volumes: + - name: registration-dir + hostPath: + path: /plugins_registry/ + type: DirectoryOrCreate + - name: driver-path + hostPath: + path: /plugins/csi-powerstore.dellemc.com + type: DirectoryOrCreate + - name: csi-path + hostPath: + path: /plugins/kubernetes.io/csi + - name: pods-path + hostPath: + path: /pods + type: Directory + - name: dev + hostPath: + path: /dev + type: Directory + - name: node-id + hostPath: + path: /etc/machine-id + type: File + - name: etciscsi + hostPath: + path: /etc/iscsi + type: DirectoryOrCreate + - name: mpath + hostPath: + path: /etc/multipath.conf + type: FileOrCreate + - name: noderoot + hostPath: + path: / + type: Directory + - name: sys + hostPath: + path: /sys + type: Directory + - name: run + hostPath: + path: /run + type: Directory + - name: powerstore-config-params + configMap: + name: -config-params + - name: powerstore-config + secret: + secretName: -config + - name: usr-bin + hostPath: + path: /usr/bin + type: Directory + - name: kubelet-pods + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - name: var-run + hostPath: + path: /var/run + type: Directory \ No newline at end of file diff --git a/tests/config/driverconfig/powerstore/v2.11.1/upgrade-path.yaml b/tests/config/driverconfig/powerstore/v2.11.1/upgrade-path.yaml new file mode 100644 index 000000000..fd1516286 --- /dev/null +++ b/tests/config/driverconfig/powerstore/v2.11.1/upgrade-path.yaml @@ -0,0 +1,16 @@ +# +# +# Copyright © 2023 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +minUpgradePath: v2.9.0 diff --git a/tests/config/driverconfig/unity/v2.11.1/bad.yaml b/tests/config/driverconfig/unity/v2.11.1/bad.yaml new file mode 100644 index 000000000..0e37cfa82 --- /dev/null +++ b/tests/config/driverconfig/unity/v2.11.1/bad.yaml @@ -0,0 +1,19 @@ +# +# +# Copyright © 2024 Dell Inc. or its subsidiaries. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# +this snfoiasga + is + + 843*&(*(% invalid YAml diff --git a/tests/config/driverconfig/unity/v2.11.1/config.json b/tests/config/driverconfig/unity/v2.11.1/config.json new file mode 100644 index 000000000..77550649a --- /dev/null +++ b/tests/config/driverconfig/unity/v2.11.1/config.json @@ -0,0 +1,12 @@ +[ + { + "arrayId": "AB1234567890" , + "username": "admin", + "password": "password", + "endpoint": "https://10.0.0.1/", + "skipCertificateValidation": true, + "isDefault": true + } +] + + diff --git a/tests/config/driverconfig/unity/v2.11.1/controller.yaml b/tests/config/driverconfig/unity/v2.11.1/controller.yaml new file mode 100644 index 000000000..c6d0f57a9 --- /dev/null +++ b/tests/config/driverconfig/unity/v2.11.1/controller.yaml @@ -0,0 +1,259 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: -controller + namespace: +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -controller +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete", "update","patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "create", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update","patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["patch"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csinodeinfos"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] +# below for snapshotter + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["update"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "list", "watch", "delete"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["update", "patch"] + # below for resizer + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + # Permissions for CSIStorageCapacity + - apiGroups: ["storage.k8s.io"] + resources: ["csistoragecapacities"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: ["apps"] + resources: ["replicasets"] + verbs: ["get"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -controller +subjects: + - kind: ServiceAccount + name: -controller + namespace: +roleRef: + kind: ClusterRole + name: -controller + apiGroup: rbac.authorization.k8s.io +--- +kind: Deployment +apiVersion: apps/v1 +metadata: + name: -controller + namespace: +spec: + selector: + matchLabels: + app: -controller + replicas: 2 + template: + metadata: + labels: + app: -controller + spec: + serviceAccountName: -controller + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - -controller + topologyKey: "kubernetes.io/hostname" + containers: + - name: attacher + image: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--leader-election" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: provisioner + image: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--volume-name-prefix=csivol" + - "--volume-name-uuid-length=10" + - "--timeout=180s" + - "--worker-threads=6" + - "--v=5" + - "--feature-gates=Topology=true" + - "--strict-topology=true" + - "--leader-election" + - "--leader-election-namespace=" + - "--default-fstype=ext4" + - "--enable-capacity=true" + - "--capacity-ownerref-level=2" + - "--capacity-poll-interval=5m" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: snapshotter + image: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--snapshot-name-prefix=csi-snap" + - "--snapshot-name-uuid-length=10" + - "--timeout=360s" + - "--v=5" + - "--leader-election" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: resizer + image: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 + imagePullPolicy: IfNotPresent + args: + - "--csi-address=$(ADDRESS)" + - "--v=5" + - "--leader-election" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: external-health-monitor + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 + imagePullPolicy: IfNotPresent + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - "--leader-election" + - "--http-endpoint=:8080" + - "--enable-node-watcher=true" + - "--monitor-interval=60s" + - "--timeout=180s" + env: + - name: ADDRESS + value: /var/run/csi/csi.sock + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: driver + image: dellemc/csi-unity:v2.11.1 + args: + - "--driver-name=csi-unity.dellemc.com" + - "--driver-config=/unity-config/driver-config-params.yaml" + - "--driver-secret=/unity-secret/config" + imagePullPolicy: IfNotPresent + env: + - name: CSI_ENDPOINT + value: /var/run/csi/csi.sock + - name: X_CSI_MODE + value: controller + - name: X_CSI_UNITY_AUTOPROBE + value: "true" + - name: SSL_CERT_DIR + value: /certs + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "" + - name: X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION + value: "true" + volumeMounts: + - name: socket-dir + mountPath: /var/run/csi + - name: certs + mountPath: /certs + readOnly: true + - name: unity-config + mountPath: /unity-config + - name: unity-secret + mountPath: /unity-secret + volumes: + - name: certs + projected: + sources: + - secret: + name: -certs-0 + items: + - key: cert-0 + path: cert-0 + - name: socket-dir + emptyDir: + - name: unity-config + configMap: + name: -config-params + - name: unity-secret + secret: + secretName: -creds diff --git a/tests/config/driverconfig/unity/v2.11.1/csidriver.yaml b/tests/config/driverconfig/unity/v2.11.1/csidriver.yaml new file mode 100644 index 000000000..1ef295e21 --- /dev/null +++ b/tests/config/driverconfig/unity/v2.11.1/csidriver.yaml @@ -0,0 +1,12 @@ +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: csi-unity.dellemc.com +spec: + attachRequired: true + podInfoOnMount: true + storageCapacity: true + volumeLifecycleModes: + - Persistent + - Ephemeral + fsGroupPolicy: ReadWriteOnceWithFSType \ No newline at end of file diff --git a/tests/config/driverconfig/unity/v2.11.1/driver-config-params.yaml b/tests/config/driverconfig/unity/v2.11.1/driver-config-params.yaml new file mode 100644 index 000000000..c49210aab --- /dev/null +++ b/tests/config/driverconfig/unity/v2.11.1/driver-config-params.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: -config-params + namespace: +data: + driver-config-params.yaml: | + CSI_LOG_LEVEL: "info" + ALLOW_RWO_MULTIPOD_ACCESS: "false" + MAX_UNITY_VOLUMES_PER_NODE: 0 + SYNC_NODE_INFO_TIME_INTERVAL: 15 + TENANT_NAME: "" diff --git a/tests/config/driverconfig/unity/v2.11.1/node.yaml b/tests/config/driverconfig/unity/v2.11.1/node.yaml new file mode 100644 index 000000000..bccf645f9 --- /dev/null +++ b/tests/config/driverconfig/unity/v2.11.1/node.yaml @@ -0,0 +1,189 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: -node + namespace: +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -node +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["create", "delete", "get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["security.openshift.io"] + resourceNames: ["privileged"] + resources: ["securitycontextconstraints"] + verbs: ["use"] +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: -node +subjects: + - kind: ServiceAccount + name: -node + namespace: +roleRef: + kind: ClusterRole + name: -node + apiGroup: rbac.authorization.k8s.io +--- +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: -node + namespace: +spec: + updateStrategy: + type: RollingUpdate + selector: + matchLabels: + app: -node + template: + metadata: + labels: + app: -node + spec: + serviceAccountName: -node + hostIPC: true + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + containers: + - name: driver + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + image: dellemc/csi-unity:nightly + imagePullPolicy: IfNotPresent + args: + - "--driver-name=csi-unity.dellemc.com" + - "--driver-config=/unity-config/driver-config-params.yaml" + - "--driver-secret=/unity-secret/config" + env: + - name: CSI_ENDPOINT + value: unix:///var/lib/kubelet/plugins/unity.emc.dell.com/csi_sock + - name: X_CSI_MODE + value: node + - name: X_CSI_UNITY_AUTOPROBE + value: "true" + - name: X_CSI_UNITY_ALLOW_MULTI_POD_ACCESS + value: "false" + - name: X_CSI_PRIVATE_MOUNT_DIR + value: "/var/lib/kubelet/plugins/unity.emc.dell.com/disks" + - name: X_CSI_EPHEMERAL_STAGING_PATH + value: "/var/lib/kubelet/plugins/kubernetes.io/csi/pv/" + - name: X_CSI_ISCSI_CHROOT + value: "/noderoot" + - name: X_CSI_UNITY_NODENAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + - name: SSL_CERT_DIR + value: /certs + - name: X_CSI_UNITY_SYNC_NODEINFO_INTERVAL + value: "15" + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "" + - name: X_CSI_UNITY_SKIP_CERTIFICATE_VALIDATION + value: "true" + volumeMounts: + - name: driver-path + mountPath: /var/lib/kubelet/plugins/unity.emc.dell.com + - name: volumedevices-path + mountPath: /var/lib/kubelet/plugins/kubernetes.io/csi + mountPropagation: "Bidirectional" + - name: pods-path + mountPath: /var/lib/kubelet/pods + mountPropagation: "Bidirectional" + - name: dev + mountPath: /dev + - name: noderoot + mountPath: /noderoot + - name: certs + mountPath: /certs + readOnly: true + - name: unity-config + mountPath: /unity-config + - name: unity-secret + mountPath: /unity-secret + - name: registrar + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 + args: + - "--v=5" + - "--csi-address=$(ADDRESS)" + - --kubelet-registration-path=/var/lib/kubelet/plugins/unity.emc.dell.com/csi_sock + env: + - name: ADDRESS + value: /csi/csi_sock + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + volumeMounts: + - name: registration-dir + mountPath: /registration + - name: driver-path + mountPath: /csi + volumes: + - name: registration-dir + hostPath: + path: /var/lib/kubelet/plugins_registry/ + type: DirectoryOrCreate + - name: driver-path + hostPath: + path: /var/lib/kubelet/plugins/unity.emc.dell.com + type: DirectoryOrCreate + - name: volumedevices-path + hostPath: + path: /var/lib/kubelet/plugins/kubernetes.io/csi + type: DirectoryOrCreate + - name: pods-path + hostPath: + path: /var/lib/kubelet/pods + type: Directory + - name: dev + hostPath: + path: /dev + type: Directory + - name: noderoot + hostPath: + path: / + type: Directory + - name: certs + projected: + sources: + - secret: + name: -certs-0 + items: + - key: cert-0 + path: cert-0 + - name: unity-config + configMap: + name: -config-params + - name: unity-secret + secret: + secretName: -creds diff --git a/tests/config/driverconfig/unity/v2.11.1/upgrade-path.yaml b/tests/config/driverconfig/unity/v2.11.1/upgrade-path.yaml new file mode 100644 index 000000000..529a9668d --- /dev/null +++ b/tests/config/driverconfig/unity/v2.11.1/upgrade-path.yaml @@ -0,0 +1 @@ +minUpgradePath: v2.9.0 diff --git a/tests/e2e/array-info.sh b/tests/e2e/array-info.sh index ffc841995..a8c3a166f 100755 --- a/tests/e2e/array-info.sh +++ b/tests/e2e/array-info.sh @@ -39,7 +39,8 @@ export PFLEX_TENANT_PREFIX="tn1" export PSCALE_CLUSTER="Isilon-System-Name" export PSCALE_USER="username" export PSCALE_PASS="password" -export PSCALE_ENDPOINT="1.1.1.1:8080" +export PSCALE_ENDPOINT="1.1.1.1" +export PSCALE_PORT="8080" export PSCALE_AUTH_ENDPOINT="localhost" export PSCALE_AUTH_PORT="9400" # The following are Authorization Proxy Server specific for powerscale: diff --git a/tests/e2e/e2e_test.go b/tests/e2e/e2e_test.go index de8364078..555d12ab7 100644 --- a/tests/e2e/e2e_test.go +++ b/tests/e2e/e2e_test.go @@ -131,11 +131,9 @@ var _ = BeforeSuite(func() { step.StepRunnerInit(stepRunner, ctrlClient, clientSet) beautify = " " - }) var _ = Describe("[run-e2e-test] E2E Testing", func() { - It("Running all test Given Test Scenarios", func() { if testApex { for _, test := range testResourcesApex { @@ -155,7 +153,6 @@ var _ = Describe("[run-e2e-test] E2E Testing", func() { By(fmt.Sprintf("Ending: %s\n", test.ScenarioApex.Scenario)) time.Sleep(5 * time.Second) } - } if testCsm { for _, test := range testResources { diff --git a/tests/e2e/go.mod b/tests/e2e/go.mod index 102b5ce1c..370680412 100644 --- a/tests/e2e/go.mod +++ b/tests/e2e/go.mod @@ -4,9 +4,9 @@ go 1.22 require ( github.com/dell/csm-operator v0.0.0 - github.com/onsi/ginkgo/v2 v2.19.0 - github.com/onsi/gomega v1.33.1 - golang.org/x/mod v0.18.0 + github.com/onsi/ginkgo/v2 v2.20.2 + github.com/onsi/gomega v1.34.1 + golang.org/x/mod v0.20.0 k8s.io/api v0.28.9 k8s.io/apimachinery v0.28.9 k8s.io/client-go v0.28.9 @@ -34,7 +34,7 @@ require ( github.com/evanphx/json-patch/v5 v5.6.0 // indirect github.com/felixge/httpsnoop v1.0.3 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/go-logr/logr v1.4.1 // indirect + github.com/go-logr/logr v1.4.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect @@ -47,7 +47,7 @@ require ( github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect + github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 // indirect github.com/google/uuid v1.3.1 // indirect github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect @@ -85,22 +85,22 @@ require ( go.opentelemetry.io/proto/otlp v1.0.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect - golang.org/x/crypto v0.23.0 // indirect - golang.org/x/exp v0.0.0-20221028150844-83b7d23a625f // indirect - golang.org/x/net v0.25.0 // indirect + golang.org/x/crypto v0.26.0 // indirect + golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect + golang.org/x/net v0.28.0 // indirect golang.org/x/oauth2 v0.11.0 // indirect - golang.org/x/sync v0.7.0 // indirect - golang.org/x/sys v0.20.0 // indirect - golang.org/x/term v0.20.0 // indirect - golang.org/x/text v0.15.0 // indirect + golang.org/x/sync v0.8.0 // indirect + golang.org/x/sys v0.24.0 // indirect + golang.org/x/term v0.23.0 // indirect + golang.org/x/text v0.17.0 // indirect golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.21.0 // indirect + golang.org/x/tools v0.24.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/grpc v1.59.0 // indirect - google.golang.org/protobuf v1.33.0 // indirect + google.golang.org/protobuf v1.34.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/tests/e2e/go.sum b/tests/e2e/go.sum index 17d15ccd1..edbd49b38 100644 --- a/tests/e2e/go.sum +++ b/tests/e2e/go.sum @@ -50,8 +50,8 @@ github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= @@ -89,8 +89,8 @@ github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= -github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= +github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 h1:5iH8iuqE5apketRbSFBy+X1V0o+l+8NF1avt4HWl7cA= +github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc= @@ -136,10 +136,11 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= -github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= -github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= -github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= +github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= +github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4= +github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag= +github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= +github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -229,50 +230,50 @@ go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI= -golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= -golang.org/x/exp v0.0.0-20221028150844-83b7d23a625f h1:Al51T6tzvuh3oiwX11vex3QgJ2XTedFPGmbEVh8cdoc= -golang.org/x/exp v0.0.0-20221028150844-83b7d23a625f/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= +golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw= +golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0= -golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.20.0 h1:utOm6MM3R3dnawAiJgn0y+xvuYRsm1RKM/4giyfDgV0= +golang.org/x/mod v0.20.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= -golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= +golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= +golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU= golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= -golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= +golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= -golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= -golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= +golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= +golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= +golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= -golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= +golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.21.0 h1:qc0xYgIbsSDt9EyWz05J5wfa7LOVW0YTLOXrqdLAWIw= -golang.org/x/tools v0.21.0/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= +golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -289,8 +290,8 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1: google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= +google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= diff --git a/tests/e2e/steps/steps_def.go b/tests/e2e/steps/steps_def.go index f41887527..c78b99d51 100644 --- a/tests/e2e/steps/steps_def.go +++ b/tests/e2e/steps/steps_def.go @@ -24,6 +24,8 @@ import ( csmv1 "github.com/dell/csm-operator/api/v1" + "encoding/json" + "github.com/dell/csm-operator/pkg/constants" "github.com/dell/csm-operator/pkg/modules" "github.com/dell/csm-operator/pkg/utils" @@ -50,12 +52,12 @@ const ( var ( authString = "karavi-authorization-proxy" operatorNamespace = "dell-csm-operator" - quotaLimit = "30000000" + quotaLimit = "100000000" pflexSecretMap = map[string]string{"REPLACE_USER": "PFLEX_USER", "REPLACE_PASS": "PFLEX_PASS", "REPLACE_SYSTEMID": "PFLEX_SYSTEMID", "REPLACE_ENDPOINT": "PFLEX_ENDPOINT", "REPLACE_MDM": "PFLEX_MDM", "REPLACE_POOL": "PFLEX_POOL"} pflexAuthSecretMap = map[string]string{"REPLACE_USER": "PFLEX_USER", "REPLACE_SYSTEMID": "PFLEX_SYSTEMID", "REPLACE_ENDPOINT": "PFLEX_AUTH_ENDPOINT", "REPLACE_MDM": "PFLEX_MDM"} - pscaleSecretMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_USER": "PSCALE_USER", "REPLACE_PASS": "PSCALE_PASS", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT"} - pscaleAuthSecretMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_USER": "PSCALE_USER", "REPLACE_PASS": "PSCALE_PASS", "REPLACE_AUTH_ENDPOINT": "PSCALE_AUTH_ENDPOINT", "REPLACE_PORT": "PSCALE_AUTH_PORT", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT"} - pscaleAuthSidecarMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_AUTH_ENDPOINT": "PSCALE_AUTH_ENDPOINT", "REPLACE_PORT": "PSCALE_AUTH_PORT"} + pscaleSecretMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_USER": "PSCALE_USER", "REPLACE_PASS": "PSCALE_PASS", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_PORT": "PSCALE_PORT"} + pscaleAuthSecretMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_USER": "PSCALE_USER", "REPLACE_PASS": "PSCALE_PASS", "REPLACE_AUTH_ENDPOINT": "PSCALE_AUTH_ENDPOINT", "REPLACE_AUTH_PORT": "PSCALE_AUTH_PORT", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_PORT": "PSCALE_PORT"} + pscaleAuthSidecarMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_AUTH_ENDPOINT": "PSCALE_AUTH_ENDPOINT", "REPLACE_AUTH_PORT": "PSCALE_AUTH_PORT", "REPLACE_PORT": "PSCALE_PORT"} pflexAuthSidecarMap = map[string]string{"REPLACE_USER": "PFLEX_USER", "REPLACE_PASS": "PFLEX_PASS", "REPLACE_SYSTEMID": "PFLEX_SYSTEMID", "REPLACE_ENDPOINT": "PFLEX_ENDPOINT", "REPLACE_AUTH_ENDPOINT": "PFLEX_AUTH_ENDPOINT"} pmaxCredMap = map[string]string{"REPLACE_USER": "PMAX_USER_ENCODED", "REPLACE_PASS": "PMAX_PASS_ENCODED"} pmaxAuthSidecarMap = map[string]string{"REPLACE_SYSTEMID": "PMAX_SYSTEMID", "REPLACE_ENDPOINT": "PMAX_ENDPOINT", "REPLACE_AUTH_ENDPOINT": "PMAX_AUTH_ENDPOINT"} @@ -67,7 +69,7 @@ var ( pflexCrMap = map[string]string{"REPLACE_STORAGE_NAME": "PFLEX_STORAGE", "REPLACE_STORAGE_TYPE": "PFLEX_STORAGE", "REPLACE_ENDPOINT": "PFLEX_ENDPOINT", "REPLACE_SYSTEM_ID": "PFLEX_SYSTEMID", "REPLACE_VAULT_STORAGE_PATH": "PFLEX_VAULT_STORAGE_PATH", "REPLACE_ROLE_NAME": "PFLEX_ROLE", "REPLACE_QUOTA": "PFLEX_QUOTA", "REPLACE_STORAGE_POOL_PATH": "PFLEX_POOL", "REPLACE_TENANT_NAME": "PFLEX_TENANT", "REPLACE_TENANT_ROLES": "PFLEX_ROLE", "REPLACE_TENANT_VOLUME_PREFIX": "PFLEX_TENANT_PREFIX"} // Auth V2 - pscaleCrMap = map[string]string{"REPLACE_STORAGE_NAME": "PSCALE_STORAGE", "REPLACE_STORAGE_TYPE": "PSCALE_STORAGE", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_SYSTEM_ID": "PSCALE_CLUSTER", "REPLACE_VAULT_STORAGE_PATH": "PSCALE_VAULT_STORAGE_PATH", "REPLACE_ROLE_NAME": "PSCALE_ROLE", "REPLACE_QUOTA": "PSCALE_QUOTA", "REPLACE_STORAGE_POOL_PATH": "PSCALE_POOL_V2", "REPLACE_TENANT_NAME": "PSCALE_TENANT", "REPLACE_TENANT_ROLES": "PSCALE_ROLE", "REPLACE_TENANT_VOLUME_PREFIX": "PSCALE_TENANT_PREFIX"} + pscaleCrMap = map[string]string{"REPLACE_STORAGE_NAME": "PSCALE_STORAGE", "REPLACE_STORAGE_TYPE": "PSCALE_STORAGE", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_SYSTEM_ID": "PSCALE_CLUSTER", "REPLACE_VAULT_STORAGE_PATH": "PSCALE_VAULT_STORAGE_PATH", "REPLACE_ROLE_NAME": "PSCALE_ROLE", "REPLACE_QUOTA": "PSCALE_QUOTA", "REPLACE_STORAGE_POOL_PATH": "PSCALE_POOL_V2", "REPLACE_TENANT_NAME": "PSCALE_TENANT", "REPLACE_TENANT_ROLES": "PSCALE_ROLE", "REPLACE_TENANT_VOLUME_PREFIX": "PSCALE_TENANT_PREFIX", "REPLACE_PORT": "PSCALE_PORT"} pstoreSecretMap = map[string]string{"REPLACE_USER": "PSTORE_USER", "REPLACE_PASS": "PSTORE_PASS", "REPLACE_GLOBALID": "PSTORE_GLOBALID", "REPLACE_ENDPOINT": "PSTORE_ENDPOINT"} ) @@ -328,7 +330,7 @@ func (step *Step) deleteCustomResource(res Resource, crNumStr string) error { func (step *Step) validateCustomResourceStatus(res Resource, crNumStr string) error { crNum, _ := strconv.Atoi(crNumStr) cr := res.CustomResource[crNum-1] - time.Sleep(60 * time.Second) + time.Sleep(20 * time.Second) found := new(csmv1.ContainerStorageModule) err := step.ctrlClient.Get(context.TODO(), client.ObjectKey{ Namespace: cr.Namespace, @@ -346,13 +348,13 @@ func (step *Step) validateCustomResourceStatus(res Resource, crNumStr string) er func (step *Step) validateDriverInstalled(res Resource, driverName string, crNumStr string) error { crNum, _ := strconv.Atoi(crNumStr) - time.Sleep(60 * time.Second) + time.Sleep(20 * time.Second) return checkAllRunningPods(context.TODO(), res.CustomResource[crNum-1].Namespace, step.clientSet) } func (step *Step) validateDriverNotInstalled(res Resource, driverName string, crNumStr string) error { crNum, _ := strconv.Atoi(crNumStr) - time.Sleep(60 * time.Second) + time.Sleep(20 * time.Second) return checkNoRunningPods(context.TODO(), res.CustomResource[crNum-1].Namespace, step.clientSet) } @@ -379,7 +381,7 @@ func (step *Step) removeNodeLabel(res Resource, label string) error { func (step *Step) validateModuleInstalled(res Resource, module string, crNumStr string) error { crNum, _ := strconv.Atoi(crNumStr) cr := res.CustomResource[crNum-1] - time.Sleep(60 * time.Second) + time.Sleep(20 * time.Second) found := new(csmv1.ContainerStorageModule) if err := step.ctrlClient.Get(context.TODO(), client.ObjectKey{ Namespace: cr.Namespace, @@ -424,7 +426,7 @@ func (step *Step) validateModuleInstalled(res Resource, module string, crNumStr func (step *Step) validateModuleNotInstalled(res Resource, module string, crNumStr string) error { crNum, _ := strconv.Atoi(crNumStr) cr := res.CustomResource[crNum-1] - time.Sleep(60 * time.Second) + time.Sleep(20 * time.Second) found := new(csmv1.ContainerStorageModule) if err := step.ctrlClient.Get(context.TODO(), client.ObjectKey{ Namespace: cr.Namespace, @@ -889,7 +891,7 @@ func (step *Step) runCustomTest(res Resource) error { func (step *Step) enableModule(res Resource, module string, crNumStr string) error { crNum, _ := strconv.Atoi(crNumStr) cr := res.CustomResource[crNum-1] - time.Sleep(60 * time.Second) + time.Sleep(20 * time.Second) found := new(csmv1.ContainerStorageModule) if err := step.ctrlClient.Get(context.TODO(), client.ObjectKey{ Namespace: cr.Namespace, @@ -1260,8 +1262,8 @@ func (step *Step) configureAuthorizationProxyServer(res Resource, driver string, // AuthorizationV1Resources creates resources using karavictl for V1 versions of Authorization Proxy Server func (step *Step) AuthorizationV1Resources(storageType, driver, port, proxyHost, driverNamespace string) error { - fmt.Println("=====Waiting for everything to be up and running, adding a sleep time of 60 seconds before creating the role, tenant and role binding===") - time.Sleep(60 * time.Second) + fmt.Println("=====Waiting for everything to be up and running, adding a sleep time of 120 seconds before creating the role, tenant and role binding===") + time.Sleep(120 * time.Second) var ( endpoint = "" sysID = "" @@ -1303,6 +1305,16 @@ func (step *Step) AuthorizationV1Resources(storageType, driver, port, proxyHost, // get env variables if os.Getenv(endpointvar) != "" { endpoint = os.Getenv(endpointvar) + + if driver == "powerscale" { + port := os.Getenv("PSCALE_PORT") + if port == "" { + fmt.Println("=== PSCALE_PORT not set, using default port 8080 ===") + port = "8080" + } + + endpoint = endpoint + ":" + port + } } if os.Getenv(systemIdvar) != "" { sysID = os.Getenv(systemIdvar) @@ -1337,23 +1349,58 @@ func (step *Step) AuthorizationV1Resources(storageType, driver, port, proxyHost, return fmt.Errorf("failed to write admin token: %v\nErrMessage:\n%s", err, string(b)) } - // Create storage - fmt.Println("\n=== Creating Storage ===\n ") + // Check for storage + fmt.Println("\n=== Checking Storage ===\n ") cmd := exec.Command("karavictl", "--admin-token", "/tmp/adminToken.yaml", - "storage", "create", - "--type", storageType, - "--endpoint", fmt.Sprintf("https://%s", endpoint), - "--system-id", sysID, - "--user", user, - "--password", password, - "--array-insecure", + "storage", "list", "--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port), ) - fmt.Println("=== Storage === \n", cmd.String()) + + //by default, assume we will create storage + skipStorage := false + + fmt.Println("=== Checking Storage === \n", cmd.String()) b, err = cmd.CombinedOutput() if err != nil { - return fmt.Errorf("failed to create storage %s: %v\nErrMessage:\n%s", storageType, err, string(b)) + return fmt.Errorf("failed to check storage %s: %v\nErrMessage:\n%s", storageType, err, string(b)) + } + + storage := make(map[string]json.RawMessage) + + err = json.Unmarshal(b, &storage) + if err != nil { + return fmt.Errorf("failed to marshall response:%s \nErrMessage:\n%s", string(b), err) + } + + for k, v := range storage { + if k == storageType { + fmt.Printf("Storage %s is already registered. \n It has the following config: %s \n", k, v) + skipStorage = true + } + } + + if !skipStorage { + + // Create storage + fmt.Println("\n=== Creating Storage ===\n ") + cmd = exec.Command("karavictl", + "--admin-token", "/tmp/adminToken.yaml", + "storage", "create", + "--type", storageType, + "--endpoint", fmt.Sprintf("https://%s", endpoint), + "--system-id", sysID, + "--user", user, + "--password", password, + "--array-insecure", + "--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port), + ) + fmt.Println("=== Storage === \n", cmd.String()) + b, err = cmd.CombinedOutput() + if err != nil { + return fmt.Errorf("failed to create storage %s: %v\nErrMessage:\n%s", storageType, err, string(b)) + } + } // Create Tenant @@ -1370,28 +1417,60 @@ func (step *Step) AuthorizationV1Resources(storageType, driver, port, proxyHost, return fmt.Errorf("failed to create tenant %s: %v\nErrMessage:\n%s", tenantName, err, string(b)) } - // Create Role - fmt.Println("\n\n=== Creating Role ===\n ") - if storageType == "powerscale" { - quotaLimit = "0" - } + //By default, assume a role will be created + skipRole := false cmd = exec.Command("karavictl", "--admin-token", "/tmp/adminToken.yaml", - "role", "create", - fmt.Sprintf("--role=%s=%s=%s=%s=%s", - roleName, storageType, sysID, pool, quotaLimit), + "role", "list", "--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port), ) - fmt.Println("=== Role === \n", cmd.String()) + fmt.Println("=== Checking Roles === \n", cmd.String()) + b, err = cmd.CombinedOutput() if err != nil { - return fmt.Errorf("failed to create role %s: %v\nErrMessage:\n%s", roleName, err, string(b)) + return fmt.Errorf("failed to check roles: %v\nErrMessage:\n%s", err, string(b)) } - // role creation take few seconds - time.Sleep(5 * time.Second) + roles := make(map[string]json.RawMessage) + err = json.Unmarshal(b, &roles) + if err != nil { + return fmt.Errorf("failed to marshall response:%s \nErrMessage:\n%s", string(b), err) + } + + for k, v := range roles { + if k == roleName { + fmt.Printf("Role %s is already created. \n It has the following config: %s \n", k, v) + skipRole = true + } + } + + if !skipRole { + + // Create Role + fmt.Println("\n\n=== Creating Role ===\n ") + if storageType == "powerscale" { + quotaLimit = "0" + } + cmd = exec.Command("karavictl", + "--admin-token", "/tmp/adminToken.yaml", + "role", "create", + fmt.Sprintf("--role=%s=%s=%s=%s=%s", + roleName, storageType, sysID, pool, quotaLimit), + "--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port), + ) + + fmt.Println("=== Role === \n", cmd.String()) + b, err = cmd.CombinedOutput() + if err != nil { + return fmt.Errorf("failed to create role %s: %v\nErrMessage:\n%s", roleName, err, string(b)) + } + + // role creation take few seconds + time.Sleep(5 * time.Second) + + } // Bind role fmt.Println("\n\n=== Creating RoleBinding ===\n ") cmd = exec.Command("karavictl", @@ -1447,7 +1526,7 @@ func (step *Step) AuthorizationV1Resources(storageType, driver, port, proxyHost, func (step *Step) AuthorizationV2Resources(storageType, driver, driverNamespace, proxyHost, port, csmTenantName string) error { var ( crMap = "" - templateFile = "testfiles/authorization-templates/csm-authorization-template.yaml" + templateFile = "testfiles/authorization-templates/csm-authorization-v2-template.yaml" updatedTemplateFile = "" ) diff --git a/tests/e2e/testfiles/authorization-templates/csm-authorization-template.yaml b/tests/e2e/testfiles/authorization-templates/csm-authorization-v2-template.yaml similarity index 100% rename from tests/e2e/testfiles/authorization-templates/csm-authorization-template.yaml rename to tests/e2e/testfiles/authorization-templates/csm-authorization-v2-template.yaml diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_no_cert.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_v1_proxy_server.yaml similarity index 100% rename from tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_no_cert.yaml rename to tests/e2e/testfiles/authorization-templates/csm_authorization_v1_proxy_server.yaml diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_alt_ns.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_v1_proxy_server_alt_ns.yaml similarity index 100% rename from tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_alt_ns.yaml rename to tests/e2e/testfiles/authorization-templates/csm_authorization_v1_proxy_server_alt_ns.yaml diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_1.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_v1_proxy_server_n_minus_1.yaml similarity index 94% rename from tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_1.yaml rename to tests/e2e/testfiles/authorization-templates/csm_authorization_v1_proxy_server_n_minus_1.yaml index aaf92390d..fd65dab6d 100644 --- a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_1.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm_authorization_v1_proxy_server_n_minus_1.yaml @@ -9,7 +9,7 @@ spec: - name: authorization-proxy-server # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.10.0 + configVersion: v1.10.1 forceRemoveModule: true components: # For Kubernetes Container Platform only @@ -32,10 +32,10 @@ spec: - name: proxy-server # enable: Enable/Disable csm-authorization proxy server enabled: true - proxyService: dellemc/csm-authorization-proxy:v1.10.0 - tenantService: dellemc/csm-authorization-tenant:v1.10.0 - roleService: dellemc/csm-authorization-role:v1.10.0 - storageService: dellemc/csm-authorization-storage:v1.10.0 + proxyService: dellemc/csm-authorization-proxy:v1.10.1 + tenantService: dellemc/csm-authorization-tenant:v1.10.1 + roleService: dellemc/csm-authorization-role:v1.10.1 + storageService: dellemc/csm-authorization-storage:v1.10.1 opa: openpolicyagent/opa opaKubeMgmt: openpolicyagent/kube-mgmt:0.11 @@ -73,7 +73,7 @@ spec: # to use a different storage class for redis, specify the name of the storage class # NOTE: the storage class must NOT be a storage class provisioned by a CSI driver using this installation of CSM Authorization # Default value: None - storageclass: "" + storageclass: "local-storage" --- apiVersion: v1 diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_2.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_v1_proxy_server_no_cert.yaml similarity index 90% rename from tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_2.yaml rename to tests/e2e/testfiles/authorization-templates/csm_authorization_v1_proxy_server_no_cert.yaml index e42666b4e..65e27fa9c 100644 --- a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_2.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm_authorization_v1_proxy_server_no_cert.yaml @@ -9,7 +9,7 @@ spec: - name: authorization-proxy-server # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.9.0 + configVersion: v1.11.0 forceRemoveModule: true components: # For Kubernetes Container Platform only @@ -32,10 +32,10 @@ spec: - name: proxy-server # enable: Enable/Disable csm-authorization proxy server enabled: true - proxyService: dellemc/csm-authorization-proxy:v1.9.0 - tenantService: dellemc/csm-authorization-tenant:v1.9.0 - roleService: dellemc/csm-authorization-role:v1.9.0 - storageService: dellemc/csm-authorization-storage:v1.9.0 + proxyService: dellemc/csm-authorization-proxy:v1.11.0 + tenantService: dellemc/csm-authorization-tenant:v1.11.0 + roleService: dellemc/csm-authorization-role:v1.11.0 + storageService: dellemc/csm-authorization-storage:v1.11.0 opa: openpolicyagent/opa opaKubeMgmt: openpolicyagent/kube-mgmt:0.11 @@ -73,7 +73,7 @@ spec: # to use a different storage class for redis, specify the name of the storage class # NOTE: the storage class must NOT be a storage class provisioned by a CSI driver using this installation of CSM Authorization # Default value: None - storageclass: "local-storage" + storageclass: "" --- apiVersion: v1 diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_v2_proxy_server.yaml similarity index 100% rename from tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml rename to tests/e2e/testfiles/authorization-templates/csm_authorization_v2_proxy_server.yaml diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_v2_proxy_server_default_redis.yaml similarity index 100% rename from tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml rename to tests/e2e/testfiles/authorization-templates/csm_authorization_v2_proxy_server_default_redis.yaml diff --git a/tests/e2e/testfiles/pflex-pscale-values.yaml b/tests/e2e/testfiles/pflex-pscale-values.yaml deleted file mode 100644 index e1f0f8155..000000000 --- a/tests/e2e/testfiles/pflex-pscale-values.yaml +++ /dev/null @@ -1,211 +0,0 @@ -- scenario: "Install PowerScale Driver(Standalone)" - paths: - - "testfiles/storage_csm_powerscale.yaml" - modules: - steps: - - "Given an environment with k8s or openshift, and CSM operator installed" - - "Create storageclass with name [op-e2e-isilon] and template [testfiles/powerscale-templates/powerscale-storageclass-template.yaml] for [pscale]" - - "Set up secret with template [testfiles/powerscale-templates/powerscale-secret-template.yaml] name [isilon-creds] in namespace [isilon] for [pscale]" - - "Apply custom resource [1]" - - "Validate custom resource [1]" - - "Validate [powerscale] driver from CR [1] is installed" - - "Run custom test" - # Last three steps perform Clean Up - - "Enable forceRemoveDriver on CR [1]" - - "Delete custom resource [1]" - - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - - "Restore template [testfiles/powerscale-templates/powerscale-storageclass-template.yaml] for [pscale]" - customTest: - name: Cert CSI - run: - - ./cert-csi test vio --sc op-e2e-isilon --chainNumber 2 --chainLength 2 - -- scenario: "Uninstall PowerScale Driver" - paths: - - "testfiles/storage_csm_powerscale.yaml" - modules: - steps: - - "Given an environment with k8s or openshift, and CSM operator installed" - - "Set up secret with template [testfiles/powerscale-templates/powerscale-secret-template.yaml] name [isilon-creds] in namespace [isilon] for [pscale]" - - "Apply custom resource [1]" - - "Validate custom resource [1]" - - "Validate [powerscale] driver from CR [1] is installed" - - "Enable forceRemoveDriver on CR [1]" - - "Delete custom resource [1]" - - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - - "Validate [powerscale] driver from CR [1] is not installed" - -- scenario: "Install PowerFlex Driver(Standalone)" - paths: - - "testfiles/storage_csm_powerflex.yaml" - modules: - steps: - - "Given an environment with k8s or openshift, and CSM operator installed" - - "Create storageclass with name [op-e2e-vxflexos] and template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - - "Set up secret with template [testfiles/powerflex-templates/powerflex-secret-template.yaml] name [test-vxflexos-config] in namespace [test-vxflexos] for [pflex]" - - "Apply custom resource [1]" - - "Validate custom resource [1]" - - "Validate [powerflex] driver from CR [1] is installed" - - "Run custom test" - # Last two steps perform Clean Up - - "Enable forceRemoveDriver on CR [1]" - - "Delete custom resource [1]" - - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflex]" - - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - customTest: - name: Cert CSI - run: - - ./cert-csi test vio --sc op-e2e-vxflexos --chainNumber 2 --chainLength 2 - -- scenario: "Uninstall PowerFlex Driver" - paths: - - "testfiles/storage_csm_powerflex.yaml" - modules: - steps: - - "Given an environment with k8s or openshift, and CSM operator installed" - - "Set up secret with template [testfiles/powerflex-templates/powerflex-secret-template.yaml] name [test-vxflexos-config] in namespace [test-vxflexos] for [pflex]" - - "Apply custom resource [1]" - - "Validate custom resource [1]" - - "Validate [powerflex] driver from CR [1] is installed" - - "Enable forceRemoveDriver on CR [1]" - - "Delete custom resource [1]" - - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflex]" - - "Validate [powerflex] driver from CR [1] is not installed" - -- scenario: "Install PowerFlex Driver (With Authorization)" - paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - - "testfiles/storage_csm_powerflex_auth.yaml" - modules: - - "authorization" - - "authorizationproxyserver" - steps: - - "Given an environment with k8s or openshift, and CSM operator installed" - - "Create [authorization-proxy-server] prerequisites from CR [1]" - - "Apply custom resource [1]" - - "Validate [authorization-proxy-server] module from CR [1] is installed" - - "Configure authorization-proxy-server for [powerflex] for CR [1]" - - "Create storageclass with name [op-e2e-vxflexos] and template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - - "Set up secret with template [testfiles/powerflex-templates/csm-authorization-config.json] name [karavi-authorization-config] in namespace [test-vxflexos] for [pflexAuthSidecar]" - - "Set up secret with template [testfiles/powerflex-templates/powerflex-secret-template.yaml] name [test-vxflexos-config] in namespace [test-vxflexos] for [pflexAuth]" - - "Apply custom resource [2]" - - "Validate custom resource [2]" - - "Validate [powerflex] driver from CR [2] is installed" - - "Run custom test" - # Last steps perform Clean Up - - "Enable forceRemoveDriver on CR [2]" - - "Delete custom resource [1]" - - "Delete custom resource [2]" - - "Restore template [testfiles/powerflex-templates/csm-authorization-config.json] for [pflexAuthSidecar]" - - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflexAuth]" - - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - customTest: - name: Cert CSI - run: - - ./cert-csi test vio --sc op-e2e-vxflexos --chainNumber 2 --chainLength 2 - -- scenario: "Install PowerFlex Driver(Standalone), Enable Authorization" - paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - - "testfiles/storage_csm_powerflex.yaml" - modules: - - "authorizationproxyserver" - - "authorization" - steps: - - "Given an environment with k8s or openshift, and CSM operator installed" - - "Create [authorization-proxy-server] prerequisites from CR [1]" - - "Apply custom resource [1]" - - "Validate [authorization-proxy-server] module from CR [1] is installed" - - "Configure authorization-proxy-server for [powerflex] for CR [1]" - - "Set up secret with template [testfiles/powerflex-templates/csm-authorization-config.json] name [karavi-authorization-config] in namespace [test-vxflexos] for [pflexAuthSidecar]" - - "Create storageclass with name [op-e2e-vxflexos] and template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - - "Set up secret with template [testfiles/powerflex-templates/powerflex-secret-template.yaml] name [test-vxflexos-config] in namespace [test-vxflexos] for [pflex]" - - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflex]" - - "Apply custom resource [2]" - - "Validate custom resource [2]" - - "Validate [powersflex] driver from CR [2] is installed" - - "Validate [authorization] module from CR [2] is not installed" - - "Set up secret with template [testfiles/powerflex-templates/powerflex-secret-template.yaml] name [test-vxflexos-config] in namespace [test-vxflexos] for [pflexAuth]" - - "Enable [authorization] module from CR [2]" - - "Validate [powerflex] driver from CR [2] is installed" - - "Validate [authorization] module from CR [2] is installed" - - "Run custom test" - # Last steps perform Clean Up - - "Enable forceRemoveDriver on CR [2]" - - "Delete custom resource [1]" - - "Delete custom resource [2]" - - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflexAuth]" - - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - - "Restore template [testfiles/powerflex-templates/csm-authorization-config.json] for [pflexAuthSidecar]" - customTest: - name: Cert CSI - run: - - ./cert-csi test vio --sc op-e2e-vxflexos --chainNumber 2 --chainLength 2 - -- scenario: Install PowerFlex Driver(With Authorization), Disable Authorization module" - paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - - "testfiles/storage_csm_powerflex_auth.yaml" - modules: - - "authorization" - - "authorizationproxyserver" - steps: - - "Given an environment with k8s or openshift, and CSM operator installed" - - "Create [authorization-proxy-server] prerequisites from CR [1]" - - "Apply custom resource [1]" - - "Validate [authorization-proxy-server] module from CR [1] is installed" - - "Configure authorization-proxy-server for [powerflex] for CR [1]" - - "Set up secret with template [testfiles/powerflex-templates/csm-authorization-config.json] name [karavi-authorization-config] in namespace [test-vxflexos] for [pflexAuthSidecar]" - - "Create storageclass with name [op-e2e-vxflexos] and template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - - "Set up secret with template [testfiles/powerflex-templates/powerflex-secret-template.yaml] name [test-vxflexos-config] in namespace [test-vxflexos] for [pflexAuth]" - - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflexAuth]" - - "Apply custom resource [2]" - - "Validate custom resource [2]" - - "Validate [powerflex] driver from CR [2] is installed" - - "Validate [authorization] module from CR [2] is installed" - - "Run custom test" - - "Disable [authorization] module from CR [2]" - - "Set up secret with template [testfiles/powerflex-templates/powerflex-secret-template.yaml] name [test-vxflexos-config] in namespace [test-vxflexos] for [pflex]" - - "Validate [powerflex] driver from CR [2] is installed" - - "Validate [authorization] module from CR [2] is not installed" - - "Run custom test" - # Last steps perform Clean Up - - "Enable forceRemoveDriver on CR [2]" - - "Delete custom resource [1]" - - "Delete custom resource [2]" - - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflex]" - - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - - "Restore template [testfiles/powerflex-templates/csm-authorization-config.json] for [pflexAuthSidecar]" - customTest: - name: Cert CSI - run: - - ./cert-csi test vio --sc op-e2e-vxflexos --chainNumber 2 --chainLength 2 - -- scenario: "Install PowerScale Driver and PowerFlex Driver, uninstall PowerFlex Driver" - paths: - - "testfiles/storage_csm_powerscale.yaml" - - "testfiles/storage_csm_powerflex.yaml" - modules: - steps: - - "Given an environment with k8s or openshift, and CSM operator installed" - - "Set up secret with template [testfiles/powerflex-templates/powerflex-secret-template.yaml] name [test-vxflexos-config] in namespace [test-vxflexos] for [pflex]" - - "Set up secret with template [testfiles/powerscale-templates/powerscale-secret-template.yaml] name [isilon-creds] in namespace [isilon] for [pscale]" - - "Apply custom resource [1]" - - "Apply custom resource [2]" - - "Validate custom resource [1]" - - "Validate custom resource [2]" - - "Validate [powerscale] driver from CR [1] is installed" - - "Validate [powerflex] driver from CR [2] is installed" - - "Enable forceRemoveDriver on CR [2]" - - "Delete custom resource [2]" - - "Validate [powerscale] driver from CR [1] is installed" - - "Validate [powerflex] driver from CR [2] is not installed" - # Last four steps perform Clean Up - - "Enable forceRemoveDriver on CR [1]" - - "Delete custom resource [1]" - - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflex]" - - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - - - - diff --git a/tests/e2e/testfiles/powerscale-templates/karavi-authorization-config.json b/tests/e2e/testfiles/powerscale-templates/karavi-authorization-config.json index db4954d1b..3fbb297d9 100644 --- a/tests/e2e/testfiles/powerscale-templates/karavi-authorization-config.json +++ b/tests/e2e/testfiles/powerscale-templates/karavi-authorization-config.json @@ -1,8 +1,8 @@ [{ "username":"-", "password":"-", - "intendedEndpoint":"https://REPLACE_ENDPOINT", - "endpoint":"https://REPLACE_AUTH_ENDPOINT:REPLACE_PORT", + "intendedEndpoint":"https://REPLACE_ENDPOINT:REPLACE_PORT", + "endpoint":"https://REPLACE_AUTH_ENDPOINT:REPLACE_AUTH_PORT", "systemID": "REPLACE_CLUSTERNAME", "insecure":true, "isDefault":true diff --git a/tests/e2e/testfiles/powerscale-templates/powerscale-auth-secret-template.yaml b/tests/e2e/testfiles/powerscale-templates/powerscale-auth-secret-template.yaml index e442ca485..ff6675556 100644 --- a/tests/e2e/testfiles/powerscale-templates/powerscale-auth-secret-template.yaml +++ b/tests/e2e/testfiles/powerscale-templates/powerscale-auth-secret-template.yaml @@ -1,9 +1,11 @@ isilonClusters: - clusterName: "REPLACE_CLUSTERNAME" - username: "REPLACE_USER" - password: "REPLACE_PASS" + username: "-" + password: "-" isDefault: true endpoint: "REPLACE_AUTH_ENDPOINT" - endpointPort: "REPLACE_PORT" + endpointPort: REPLACE_AUTH_PORT skipCertificateValidation: true mountEndpoint: "REPLACE_ENDPOINT" + isiPath: "/ifs/data/csi" + isiVolumePathPermissions: "0777" diff --git a/tests/e2e/testfiles/powerscale-templates/powerscale-secret-template.yaml b/tests/e2e/testfiles/powerscale-templates/powerscale-secret-template.yaml index 7d04acbe5..95e0132a5 100644 --- a/tests/e2e/testfiles/powerscale-templates/powerscale-secret-template.yaml +++ b/tests/e2e/testfiles/powerscale-templates/powerscale-secret-template.yaml @@ -5,4 +5,4 @@ isilonClusters: isDefault: true endpoint: "REPLACE_ENDPOINT" skipCertificateValidation: true - endpointPort: 8080 + endpointPort: "REPLACE_PORT" diff --git a/tests/e2e/testfiles/scenarios.yaml b/tests/e2e/testfiles/scenarios.yaml index f166fd4e8..751018b3c 100644 --- a/tests/e2e/testfiles/scenarios.yaml +++ b/tests/e2e/testfiles/scenarios.yaml @@ -2,7 +2,7 @@ - scenario: "Install Authorization Proxy Server V1" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_1.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server.yaml" tags: - "authorizationproxyserver" steps: @@ -13,11 +13,11 @@ - "Configure authorization-proxy-server for [powerscale] for CR [1]" - "Delete custom resource [1]" -# Upgrade from V1 to V2 is not supported +# Upgrade from V1 to V2 is not supported. This test is to install a previous version of Auth V1 and upgrade to the next. - scenario: "Install Authorization Proxy Server V1 and upgrade" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_2.yaml" # v1.9.1 - - "testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_1.yaml" # v1.10.0 + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server_n_minus_1.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server.yaml" tags: - "authorizationproxyserver" steps: @@ -35,7 +35,7 @@ # Authorization V2 scenarios only supports powerflex driver - scenario: "Install Authorization Proxy Server V2" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" + - "testfiles/authorization-templates/csm_authorization_v2_proxy_server.yaml" - "testfiles/authorization-templates/csm_authorization_crds.yaml" tags: - "authorizationproxyserver" @@ -65,7 +65,7 @@ - scenario: "Install Authorization Proxy Server V2 With Default Redis Storage Class" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml" + - "testfiles/authorization-templates/csm_authorization_v2_proxy_server_default_redis.yaml" - "testfiles/authorization-templates/csm_authorization_crds.yaml" tags: - "authorizationproxyserver" @@ -82,7 +82,7 @@ - scenario: "Install Authorization Proxy Server V1 with alternate namespace" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_alt_ns.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server_alt_ns.yaml" tags: - "authorizationproxyserver" steps: @@ -96,11 +96,12 @@ - scenario: "Install Authorization Proxy Server & PowerFlex Driver (With Authorization V1), Upgrade both Authorization Proxy Server and PowerFlex Driver" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_2.yaml" # v1.9.1 - - "testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_1.yaml" # v1.10.0 + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server_n_minus_1.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server.yaml" - "testfiles/storage_csm_powerflex_auth_n_minus_1.yaml" - "testfiles/storage_csm_powerflex_auth.yaml" tags: + - "powerflex" - "authorization" - "authorizationproxyserver" # - "sanity" @@ -112,8 +113,6 @@ - "Configure authorization-proxy-server for [powerflex] for CR [1]" - "Create storageclass with name [op-e2e-vxflexos] and template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - "Set up secret with template [testfiles/powerflex-templates/csm-authorization-config.json] name [karavi-authorization-config] in namespace [test-vxflexos] for [pflexAuthSidecar]" - - "Set up secret with template [testfiles/powerflex-templates/powerflex-secret-template.yaml] name [test-vxflexos-config] in namespace [test-vxflexos] for [pflex]" - - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflex]" - "Set up secret with template [testfiles/powerflex-templates/powerflex-secret-template.yaml] name [test-vxflexos-config] in namespace [test-vxflexos] for [pflexAuth]" - "Apply custom resource [3]" - "Validate custom resource [3]" @@ -263,7 +262,7 @@ - scenario: "Install PowerScale Driver(With Authorization V1)" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_1.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server_no_cert.yaml" - "testfiles/storage_csm_powerscale_auth.yaml" tags: - "authorizationproxyserver" @@ -367,13 +366,12 @@ - scenario: "Install PowerScale Driver, Enable/Disable Authorization V1 module" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_1.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server_no_cert.yaml" - "testfiles/storage_csm_powerscale.yaml" tags: - "authorizationproxyserver" - "authorization" - "powerscale" - # - "sanity" steps: - "Given an environment with k8s or openshift, and CSM operator installed" - "Create [authorization-proxy-server] prerequisites from CR [1]" @@ -387,13 +385,14 @@ - "Validate [powerscale] driver from CR [2] is installed" - "Validate [authorization] module from CR [2] is not installed" - "Enable [authorization] module from CR [2]" + - "Set up secret with template [testfiles/powerscale-templates/powerscale-auth-secret-template.yaml] name [isilon-creds-auth] in namespace [isilon] for [pscaleAuth]" - "Set secret for driver from CR [2] to [isilon-creds-auth]" - "Set up secret with template [testfiles/powerscale-templates/karavi-authorization-config.json] name [karavi-authorization-config] in namespace [isilon] for [pscaleAuthSidecar]" - "Set up secret with template [testfiles/authorization-templates/rootCertificate.pem] name [proxy-server-root-certificate] in namespace [isilon] for [authSidecarCert]" - "Validate [powerscale] driver from CR [2] is installed" - "Validate [authorization] module from CR [2] is installed" - - "Set up secret with template [testfiles/powerscale-templates/powerscale-secret-template.yaml] name [isilon-creds-auth] in namespace [isilon] for [pscale]" - "Disable [authorization] module from CR [2]" + - "Set secret for driver from CR [2] to [isilon-creds]" - "Validate [powerscale] driver from CR [2] is installed" - "Validate [authorization] module from CR [2] is not installed" # cleanup @@ -403,6 +402,8 @@ - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - "Restore template [testfiles/powerscale-templates/powerscale-auth-secret-template.yaml] for [pscaleAuth]" - "Restore template [testfiles/powerscale-templates/karavi-authorization-config.json] for [pscaleAuthSidecar]" + - "Restore template [testfiles/powerscale-templates/powerscale-storageclass-template.yaml] for [pscale]" + - "Restore template [testfiles/powerscale-templates/rootCertificate.pem] for [authSidecarCert]" - scenario: "Install PowerScale Driver(With Observability)" paths: @@ -435,6 +436,7 @@ - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Set up secret with template [testfiles/powerscale-templates/powerscale-secret-template.yaml] name [isilon-creds] in namespace [isilon] for [pscale]" - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [powerscale] driver from CR [1] is installed" @@ -449,6 +451,7 @@ # cleanup - "Enable forceRemoveDriver on CR [1]" - "Delete custom resource [1]" + - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - scenario: "Install PowerScale Driver(With Observability and Custom Certs)" paths: @@ -471,14 +474,13 @@ - scenario: "Install PowerScale Driver(With Authorization V1 and Observability)" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_no_cert.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server_no_cert.yaml" - "testfiles/storage_csm_powerscale_observability_auth.yaml" tags: - "authorizationproxyserver" - "authorization" - "powerscale" - "observability" - # - "sanity" steps: - "Given an environment with k8s or openshift, and CSM operator installed" - "Create [authorization-proxy-server] prerequisites from CR [1]" @@ -510,7 +512,7 @@ - scenario: "Install PowerScale Driver(Standalone), Enable Authorization V1, Enable Observability" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_no_cert.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server_no_cert.yaml" - "testfiles/storage_csm_powerscale.yaml" tags: - "authorizationproxyserver" @@ -534,6 +536,7 @@ - "Set secret for driver from CR [2] to [isilon-creds-auth]" - "Set up secret with template [testfiles/powerscale-templates/karavi-authorization-config.json] name [karavi-authorization-config] in namespace [isilon] for [pscaleAuthSidecar]" - "Set up secret with template [testfiles/authorization-templates/rootCertificate.pem] name [proxy-server-root-certificate] in namespace [isilon] for [authSidecarCert]" + - "Set up secret with template [testfiles/powerscale-templates/powerscale-auth-secret-template.yaml] name [isilon-creds-auth] in namespace [isilon] for [pscaleAuth]" - "Validate [powerscale] driver from CR [2] is installed" - "Validate [authorization] module from CR [2] is installed" - "Validate [observability] module from CR [2] is not installed" @@ -547,10 +550,12 @@ - "Delete custom resource [1]" - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - "Restore template [testfiles/powerscale-templates/karavi-authorization-config.json] for [pscaleAuthSidecar]" + - "Restore template [testfiles/powerscale-templates/powerscale-auth-secret-template.yaml] for [pscaleAuth]" + - "Restore template [testfiles/authorization-templates/rootCertificate.pem] for [authSidecarCert]" -- scenario: "Install PowerScale Driver(With Authorization V1 and Observability), Disable Authorization module, Disable Observability module" +- scenario: "Install PowerScale Driver(With Authorization V1 and Observability), Disable Observability module, Disable Authorization module" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_no_cert.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server_no_cert.yaml" - "testfiles/storage_csm_powerscale_observability_auth.yaml" tags: - "authorizationproxyserver" @@ -572,14 +577,15 @@ - "Validate [powerscale] driver from CR [2] is installed" - "Validate [authorization] module from CR [2] is installed" - "Validate [observability] module from CR [2] is installed" + - "Disable [observability] module from CR [2]" + - "Validate [powerscale] driver from CR [2] is installed" + - "Validate [authorization] module from CR [2] is installed" + - "Validate [observability] module from CR [2] is not installed" - "Disable [authorization] module from CR [2]" + - "Set up secret with template [testfiles/powerscale-templates/powerscale-secret-template.yaml] name [isilon-creds] in namespace [isilon] for [pscale]" - "Set secret for driver from CR [2] to [isilon-creds]" - "Validate [powerscale] driver from CR [2] is installed" - "Validate [authorization] module from CR [2] is not installed" - - "Validate [observability] module from CR [2] is installed" - - "Disable [observability] module from CR [2]" - - "Validate [powerscale] driver from CR [2] is installed" - - "Validate [authorization] module from CR [2] is not installed" - "Validate [observability] module from CR [2] is not installed" - "Run custom test" # cleanup @@ -590,6 +596,7 @@ - "Restore template [testfiles/powerscale-templates/powerscale-auth-secret-template.yaml] for [pscaleAuth]" - "Restore template [testfiles/powerscale-templates/karavi-authorization-config.json] for [pscaleAuthSidecar]" - "Restore template [testfiles/authorization-templates/rootCertificate.pem] for [authSidecarCert]" + - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" customTest: name: Cert CSI run: @@ -758,7 +765,7 @@ - scenario: "Install PowerFlex Driver (With Authorization V2)" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" + - "testfiles/authorization-templates/csm_authorization_v2_proxy_server.yaml" - "testfiles/storage_csm_powerflex_auth.yaml" - "testfiles/authorization-templates/csm_authorization_crds.yaml" tags: @@ -798,7 +805,7 @@ - scenario: "Install PowerFlex Driver (With Authorization V2), Upgrade driver and authorization sidecar" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" + - "testfiles/authorization-templates/csm_authorization_v2_proxy_server.yaml" - "testfiles/storage_csm_powerflex_auth_n_minus_1.yaml" - "testfiles/storage_csm_powerflex_auth.yaml" - "testfiles/authorization-templates/csm_authorization_crds.yaml" @@ -897,6 +904,7 @@ paths: - "testfiles/storage_csm_powerflex_observability_custom_cert.yaml" tags: + - "powerflex" - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" @@ -915,6 +923,7 @@ paths: - "testfiles/storage_csm_powerflex_observability_otel_custom_cert.yaml" tags: + - "powerflex" - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" @@ -1007,7 +1016,7 @@ - scenario: "Install PowerFlex Driver(Standalone), Enable Authorization V1, Enable Observability" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_no_cert.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server_no_cert.yaml" - "testfiles/storage_csm_powerflex.yaml" tags: - "authorizationproxyserver" @@ -1049,12 +1058,12 @@ - scenario: "Install PowerFlex Driver(With Authorization V1 and Observability)" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_no_cert.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server_no_cert.yaml" - "testfiles/storage_csm_powerflex_observability_auth.yaml" tags: - "authorizationproxyserver" - "authorization" - # - "powerflex" + - "powerflex" - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" @@ -1086,7 +1095,7 @@ - scenario: Install PowerFlex Driver(With Authorization V2 and Observability), Disable Observability module, Disable Authorization module" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" + - "testfiles/authorization-templates/csm_authorization_v2_proxy_server.yaml" - "testfiles/storage_csm_powerflex_observability_auth.yaml" - "testfiles/authorization-templates/csm_authorization_crds.yaml" tags: @@ -1181,6 +1190,7 @@ - "resiliency" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Set up secret with template [testfiles/powerscale-templates/powerscale-secret-template.yaml] name [isilon-creds] in namespace [isilon] for [pscale]" - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [powerscale] driver from CR [1] is installed" @@ -1189,6 +1199,7 @@ # cleanup - "Enable forceRemoveDriver on CR [1]" - "Delete custom resource [1]" + - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" customTest: name: CustomTest run: @@ -1203,6 +1214,7 @@ - "sanity" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Set up secret with template [testfiles/powerscale-templates/powerscale-secret-template.yaml] name [isilon-creds] in namespace [isilon] for [pscale]" - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [powerscale] driver from CR [1] is installed" @@ -1216,6 +1228,7 @@ # cleanup - "Enable forceRemoveDriver on CR [1]" - "Delete custom resource [1]" + - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - scenario: "Install PowerScale Driver and PowerFlex Driver, uninstall PowerFlex Driver" paths: @@ -1540,7 +1553,8 @@ - "powermax" steps: - "Given an environment with k8s or openshift, and CSM operator installed" - - "Create storageclass with name [powermax] and template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" + - "Create storageclass with name [op-e2e-pmax] and template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" + - "Set up creds with template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmaxCreds]" - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [powermax] driver from CR [1] is installed" @@ -1548,10 +1562,12 @@ # Last two steps perform Clean Up - "Enable forceRemoveDriver on CR [1]" - "Delete custom resource [1]" + - "Restore template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" + - "Restore template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmaxCreds]" customTest: name: Cert CSI run: - - cert-csi test vio --sc powermax --chainNumber 2 --chainLength 2 + - cert-csi test vio --sc op-e2e-pmax --chainNumber 2 --chainLength 2 - scenario: "Install PowerMax Driver(Sidecar)" paths: @@ -1560,8 +1576,8 @@ - "powermax" steps: - "Given an environment with k8s or openshift, and CSM operator installed" - - "Create storageclass with name [powermax] and template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" - - "Set up secret with template [testfiles/powermax-templates/powermax-secret-template.yaml] name [powermax-creds] in namespace [powermax] for [pmax]" + - "Create storageclass with name [op-e2e-pmax] and template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" + - "Set up creds with template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmaxCreds]" - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [powermax] driver from CR [1] is installed" @@ -1569,12 +1585,12 @@ # Last two steps perform Clean Up - "Enable forceRemoveDriver on CR [1]" - "Delete custom resource [1]" - - "Restore template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmax]" - - "Restore template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmax]" + - "Restore template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" + - "Restore template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmaxCreds]" customTest: name: Cert CSI run: - - cert-csi test vio --sc powermax --chainNumber 2 --chainLength 2 + - cert-csi test vio --sc op-e2e-pmax --chainNumber 2 --chainLength 2 - scenario: "Install PowerMax Driver(With Observability)" paths: @@ -1585,7 +1601,7 @@ steps: - "Given an environment with k8s or openshift, and CSM operator installed" - "Create storageclass with name [op-e2e-pmax] and template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" - - "Set up secret with template [testfiles/powermax-templates/powermax-secret-template.yaml] name [powermax-creds] in namespace [powermax] for [pmax]" + - "Set up creds with template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmaxCreds]" - "Apply custom resource [1]" - "Validate custom resource [1]" - "Validate [powermax] driver from CR [1] is installed" @@ -1593,12 +1609,12 @@ # cleanup - "Enable forceRemoveDriver on CR [1]" - "Delete custom resource [1]" - - "Restore template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmax]" - - "Restore template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmax]" + - "Restore template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" + - "Restore template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmaxCreds]" -- scenario: "Install PowerMax Driver (With Auth module)" +- scenario: "Install PowerMax Driver (With Auth V1 module)" paths: - - "testfiles/authorization-templates/csm_authorization_proxy_server_n_minus_1.yaml" + - "testfiles/authorization-templates/csm_authorization_v1_proxy_server.yaml" - "testfiles/storage_csm_powermax_reverseproxy_authorization.yaml" tags: - "authorizationproxyserver" @@ -1623,6 +1639,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Restore template [testfiles/powermax-templates/powermax-storageclass-template.yaml] for [pmax]" - "Restore template [testfiles/powermax-templates/csm-authorization-config.json] for [pmaxAuthSidecar]" - "Restore template [testfiles/powermax-templates/powermax-secret-template.yaml] for [pmaxCreds]" - "Restore template [testfiles/powermax-templates/powermax_reverse_proxy_config.yaml] for [pmaxReverseProxy]" diff --git a/tests/e2e/testfiles/storage_csm_powerflex_auth.yaml b/tests/e2e/testfiles/storage_csm_powerflex_auth.yaml index 50f753747..d91df63e3 100644 --- a/tests/e2e/testfiles/storage_csm_powerflex_auth.yaml +++ b/tests/e2e/testfiles/storage_csm_powerflex_auth.yaml @@ -17,7 +17,7 @@ spec: forceUpdate: false forceRemoveDriver: true common: - image: "dellemc/csi-vxflexos:nightly" + image: "dellemc/csi-vxflexos:v2.11.0" imagePullPolicy: Always envs: - name: X_CSI_VXFLEXOS_ENABLELISTVOLUMESNAPSHOT @@ -132,7 +132,7 @@ spec: configVersion: v1.11.0 components: - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:nightly + image: dellemc/csm-authorization-sidecar:v1.11.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" diff --git a/tests/e2e/testfiles/storage_csm_powerflex_auth_n_minus_1.yaml b/tests/e2e/testfiles/storage_csm_powerflex_auth_n_minus_1.yaml index 6dbe6a072..2a254d1d9 100644 --- a/tests/e2e/testfiles/storage_csm_powerflex_auth_n_minus_1.yaml +++ b/tests/e2e/testfiles/storage_csm_powerflex_auth_n_minus_1.yaml @@ -11,13 +11,13 @@ spec: # Allowed values: ReadWriteOnceWithFSType, File , None # Default value: ReadWriteOnceWithFSType fSGroupPolicy: "File" - configVersion: v2.9.2 + configVersion: v2.10.1 replicas: 1 dnsPolicy: ClusterFirstWithHostNet forceUpdate: false forceRemoveDriver: true common: - image: "dellemc/csi-vxflexos:v2.9.2" + image: "dellemc/csi-vxflexos:v2.10.1" imagePullPolicy: Always envs: - name: X_CSI_VXFLEXOS_ENABLELISTVOLUMESNAPSHOT @@ -137,10 +137,10 @@ spec: - name: authorization # enable: Enable/Disable csm-authorization enabled: true - configVersion: v1.11.0 + configVersion: v1.10.0 components: - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:v1.11.0 + image: dellemc/csm-authorization-sidecar:v1.10.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" diff --git a/tests/e2e/testfiles/storage_csm_powerflex_replica.yaml b/tests/e2e/testfiles/storage_csm_powerflex_replica.yaml new file mode 100644 index 000000000..0a995d9c2 --- /dev/null +++ b/tests/e2e/testfiles/storage_csm_powerflex_replica.yaml @@ -0,0 +1,225 @@ +apiVersion: storage.dell.com/v1 +kind: ContainerStorageModule +metadata: + name: test-vxflexos + namespace: test-vxflexos +spec: + driver: + csiDriverType: "powerflex" + csiDriverSpec: + # fsGroupPolicy: Defines if the underlying volume supports changing ownership and permission of the volume before being mounted. + # Allowed values: ReadWriteOnceWithFSType, File , None + # Default value: ReadWriteOnceWithFSType + fSGroupPolicy: "File" + # storageCapacity: Helps the scheduler to schedule the pod on a node satisfying the topology constraints, only if the requested capacity is available on the storage array + # Allowed values: + # true: enable storage capacity tracking + # false: disable storage capacity tracking + storageCapacity: true + configVersion: v2.11.0 + replicas: 1 + dnsPolicy: ClusterFirstWithHostNet + forceUpdate: false + forceRemoveDriver: true + common: + image: "dellemc/csi-vxflexos:v2.11.0" + imagePullPolicy: IfNotPresent + envs: + - name: X_CSI_VXFLEXOS_ENABLELISTVOLUMESNAPSHOT + value: "false" + - name: X_CSI_VXFLEXOS_ENABLESNAPSHOTCGDELETE + value: "false" + - name: X_CSI_DEBUG + value: "true" + - name: X_CSI_ALLOW_RWO_MULTI_POD_ACCESS + value: "false" + # Specify kubelet config dir path. + # Ensure that the config.yaml file is present at this path. + # Default value: None + - name: KUBELET_CONFIG_DIR + value: "/var/lib/kubelet" + - name: "CERT_SECRET_COUNT" + value: "0" + - name: X_CSI_QUOTA_ENABLED + value: "false" + sideCars: + # sdc-monitor is disabled by default, due to high CPU usage + - name: sdc-monitor + enabled: false + image: dellemc/sdc:4.5.2.1 + envs: + - name: HOST_PID + value: "1" + - name: MDM + value: "10.x.x.x,10.x.x.x" # provide MDM value + # health monitor is disabled by default, refer to driver documentation before enabling it + # Also set the env variable controller.envs.X_CSI_HEALTH_MONITOR_ENABLED to "true". + - name: csi-external-health-monitor-controller + enabled: false + args: ["--monitor-interval=60s"] + # Uncomment the following to configure how often external-provisioner polls the driver to detect changed capacity + # Configure when the storageCapacity is set as "true" + # Allowed values: 1m,2m,3m,...,10m,...,60m etc. Default value: 5m + # - name: provisioner + # args: ["--capacity-poll-interval=5m"] + + controller: + envs: + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. + # Install the 'external-health-monitor' sidecar accordingly. + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: false + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "false" + # "controller.nodeSelector" defines what nodes would be selected for pods of controller deployment + # Leave as blank to use all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/control-plane: "" + nodeSelector: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/master taint + # node-role.kubernetes.io/master: "" + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # node-role.kubernetes.io/control-plane: "" + + # "controller.tolerations" defines tolerations that would be applied to controller deployment + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/master taint + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # - key: "node-role.kubernetes.io/control-plane" + # operator: "Exists" + # effect: "NoSchedule" + node: + envs: + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # Allowed values: + # true: enable checking of health condition of CSI volumes + # false: disable checking of health condition of CSI volumes + # Default value: false + - name: X_CSI_HEALTH_MONITOR_ENABLED + value: "false" + # X_CSI_APPROVE_SDC_ENABLED: Enables/Disable SDC approval + # Allowed values: + # true: enable SDC approval + # false: disable SDC approval + # Default value: false + - name: X_CSI_APPROVE_SDC_ENABLED + value: "false" + # X_CSI_RENAME_SDC_ENABLED: Enable/Disable rename of SDC + # Allowed values: + # true: enable renaming + # false: disable renaming + # Default value: false + - name: X_CSI_RENAME_SDC_ENABLED + value: "false" + # X_CSI_MAX_VOLUMES_PER_NODE: Defines the maximum PowerFlex volumes that can be created per node + # Allowed values: Any value greater than or equal to 0 + # Default value: "0" + - name: X_CSI_MAX_VOLUMES_PER_NODE + value: "0" + # X_CSI_RENAME_SDC_PREFIX: defines a string for prefix of the SDC name. + # "prefix" + "worker_node_hostname" should not exceed 31 chars. + # Default value: none + # Examples: "rhel-sdc", "sdc-test" + - name: X_CSI_RENAME_SDC_PREFIX + value: "" + # "node.nodeSelector" defines what nodes would be selected for pods of node daemonset + # Leave as blank to use all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/control-plane: "" + nodeSelector: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/master taint + # node-role.kubernetes.io/master: "" + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # node-role.kubernetes.io/control-plane: "" + + # "node.tolerations" defines tolerations that would be applied to node daemonset + # Leave as blank to install node driver only on worker nodes + # Default value: None + tolerations: + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/master taint + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint + # - key: "node-role.kubernetes.io/control-plane" + # operator: "Exists" + # effect: "NoSchedule" + initContainers: + - image: dellemc/sdc:4.5.2.1 + imagePullPolicy: IfNotPresent + name: sdc + envs: + - name: MDM + value: "10.x.x.x,10.x.x.x" # provide MDM value + modules: + # Replication: allows to configure replication + # Replication CRDs must be installed before installing driver + - name: replication + # enabled: Enable/Disable replication feature + # Allowed values: + # true: enable replication feature(install dell-csi-replicator sidecar) + # false: disable replication feature(do not install dell-csi-replicator sidecar) + # Default value: false + enabled: true + configVersion: v1.9.0 + components: + - name: dell-csi-replicator + # image: Image to use for dell-csi-replicator. This shouldn't be changed + # Allowed values: string + # Default value: None + image: dellemc/dell-csi-replicator:v1.9.0 + envs: + # replicationPrefix: prefix to prepend to storage classes parameters + # Allowed values: string + # Default value: replication.storage.dell.com + - name: "X_CSI_REPLICATION_PREFIX" + value: "replication.storage.dell.com" + # replicationContextPrefix: prefix to use for naming of resources created by replication feature + # Allowed values: string + - name: "X_CSI_REPLICATION_CONTEXT_PREFIX" + value: "powerflex" + - name: dell-replication-controller-manager + # image: Defines controller image. This shouldn't be changed + # Allowed values: string + image: dellemc/dell-replication-controller:v1.9.0 + envs: + # TARGET_CLUSTERS_IDS: comma separated list of cluster IDs of the targets clusters. DO NOT include the source(wherever CSM Operator is deployed) cluster ID + # Set the value to "self" in case of stretched/single cluster configuration + # Allowed values: string + - name: "TARGET_CLUSTERS_IDS" + value: "self" + # Replication log level + # Allowed values: "error", "warn"/"warning", "info", "debug" + # Default value: "debug" + - name: "REPLICATION_CTRL_LOG_LEVEL" + value: "debug" + # replicas: Defines number of controller replicas + # Allowed values: int + # Default value: 1 + - name: "REPLICATION_CTRL_REPLICAS" + value: "1" + # retryIntervalMin: Initial retry interval of failed reconcile request. + # It doubles with each failure, upto retry-interval-max + # Allowed values: time + - name: "RETRY_INTERVAL_MIN" + value: "1s" + # RETRY_INTERVAL_MAX: Maximum retry interval of failed reconcile request + # Allowed values: time + - name: "RETRY_INTERVAL_MAX" + value: "5m" + - name: dell-replication-controller-init + # image: Defines replication init container image. This shouldn't be changed + # Allowed values: string + image: dellemc/dell-replication-init:v1.0.0 + diff --git a/tests/e2e/testfiles/storage_csm_powermax_reverseproxy_authorization.yaml b/tests/e2e/testfiles/storage_csm_powermax_reverseproxy_authorization.yaml index 6bbf5d2bd..176d687d4 100644 --- a/tests/e2e/testfiles/storage_csm_powermax_reverseproxy_authorization.yaml +++ b/tests/e2e/testfiles/storage_csm_powermax_reverseproxy_authorization.yaml @@ -245,8 +245,8 @@ spec: - name: csipowermax-reverseproxy # image: Define the container images used for the reverse proxy # Default value: None - # Example: "csipowermax-reverseproxy:v2.9.1" - image: dellemc/csipowermax-reverseproxy:nightly + # Example: "csipowermax-reverseproxy:v2.10.0" + image: dellemc/csipowermax-reverseproxy:v2.10.0 envs: # "tlsSecret" defines the TLS secret that is created with certificate # and its associated key @@ -270,11 +270,11 @@ spec: configVersion: v1.11.0 components: - name: karavi-authorization-proxy - image: dellemc/csm-authorization-sidecar:nightly + image: dellemc/csm-authorization-sidecar:v1.11.0 envs: # proxyHost: hostname of the csm-authorization server - name: "PROXY_HOST" value: "authorization-ingress-nginx-controller.authorization.svc.cluster.local" # skipCertificateValidation: Enable/Disable certificate validation of the csm-authorization server - name: "SKIP_CERTIFICATE_VALIDATION" - value: "true" \ No newline at end of file + value: "true" diff --git a/tests/e2e/testfiles/storage_csm_powerscale.yaml b/tests/e2e/testfiles/storage_csm_powerscale.yaml index e1172fd30..953f7b7d2 100644 --- a/tests/e2e/testfiles/storage_csm_powerscale.yaml +++ b/tests/e2e/testfiles/storage_csm_powerscale.yaml @@ -312,6 +312,14 @@ spec: # image: Defines karavi-topology image. This shouldn't be changed # Allowed values: string image: dellemc/csm-topology:v1.9.0 + # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + certificate: "" + # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + privateKey: "" envs: # topology log level # Valid values: TRACE, DEBUG, INFO, WARN, ERROR, FATAL, PANIC @@ -324,12 +332,27 @@ spec: # image: Defines otel-collector image. This shouldn't be changed # Allowed values: string image: otel/opentelemetry-collector:0.42.0 + # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + certificate: "" + # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + privateKey: "" envs: # image of nginx proxy image # Allowed values: string # Default value: "nginxinc/nginx-unprivileged:1.20" - name: "NGINX_PROXY_IMAGE" value: "nginxinc/nginx-unprivileged:1.20" + # enabled: Enable/Disable cert-manager + # Allowed values: + # true: enable deployment of cert-manager + # false: disable deployment of cert-manager only if it's already deployed + # Default value: true + - name: cert-manager + enabled: false - name: metrics-powerscale # enabled: Enable/Disable PowerScale metrics enabled: false diff --git a/tests/e2e/testfiles/storage_csm_powerscale_auth.yaml b/tests/e2e/testfiles/storage_csm_powerscale_auth.yaml index 99a1154c7..6176b4436 100644 --- a/tests/e2e/testfiles/storage_csm_powerscale_auth.yaml +++ b/tests/e2e/testfiles/storage_csm_powerscale_auth.yaml @@ -16,6 +16,7 @@ spec: replicas: 1 dnsPolicy: ClusterFirstWithHostNet forceUpdate: true + forceRemoveDriver: true common: image: "dellemc/csi-isilon:nightly" imagePullPolicy: IfNotPresent @@ -33,7 +34,7 @@ spec: # Allowed value: valid port number # Default value: 8080 - name: X_CSI_ISI_PORT - value: "" + value: "8080" # X_CSI_ISI_PATH: The base path for the volumes to be created on PowerScale cluster. # This value acts as a default value for isiPath, if not specified for a cluster config in secret # Ensure that this path exists on PowerScale cluster. @@ -65,6 +66,13 @@ spec: # Default value: true - name: X_CSI_ISI_SKIP_CERTIFICATE_VALIDATION value: "true" + # X_CSI_ISI_AUTH_TYPE: Specify the authentication method to be used. + # Allowed values: + # 0: basic authentication + # 1: session-based authentication + # Default value: 0 + - name: X_CSI_ISI_AUTH_TYPE + value: "1" # X_CSI_CUSTOM_TOPOLOGY_ENABLED: Specify if custom topology label .dellemc.com/: # has to be used for making connection to backend PowerScale Array. # If X_CSI_CUSTOM_TOPOLOGY_ENABLED is set to true, then do not specify allowedTopologies in storage class. diff --git a/tests/e2e/testfiles/storage_csm_powerscale_resiliency.yaml b/tests/e2e/testfiles/storage_csm_powerscale_resiliency.yaml index 4fa69e8fe..d23513205 100644 --- a/tests/e2e/testfiles/storage_csm_powerscale_resiliency.yaml +++ b/tests/e2e/testfiles/storage_csm_powerscale_resiliency.yaml @@ -293,20 +293,3 @@ spec: - "--driver-config-params=/csi-isilon-config-params/driver-config-params.yaml" - "--driverPodLabelValue=dell-storage" - "--ignoreVolumelessPods=false" ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: isilon-config-params - namespace: isilon -data: - driver-config-params.yaml: | - CSI_LOG_LEVEL: "debug" - CSI_LOG_FORMAT: "TEXT" - PODMON_CONTROLLER_LOG_LEVEL: "debug" - PODMON_CONTROLLER_LOG_FORMAT: "TEXT" - PODMON_NODE_LOG_LEVEL: "debug" - PODMON_NODE_LOG_FORMAT: "TEXT" -spec: - driver: - configVersion: v2.11.0 diff --git a/tests/e2e/testfiles/storage_csm_powerstore.yaml b/tests/e2e/testfiles/storage_csm_powerstore.yaml index 2b1c0e7ad..06ee947c2 100644 --- a/tests/e2e/testfiles/storage_csm_powerstore.yaml +++ b/tests/e2e/testfiles/storage_csm_powerstore.yaml @@ -28,7 +28,7 @@ spec: # Default value: ReadWriteOnceWithFSType fSGroupPolicy: "ReadWriteOnceWithFSType" storageCapacity: false - configVersion: v2.11.0 + configVersion: v2.11.1 authSecret: powerstore-config # Controller count replicas: 1 diff --git a/tests/e2e/testfiles/storage_csm_powerstore_resiliency.yaml b/tests/e2e/testfiles/storage_csm_powerstore_resiliency.yaml index 97773e759..e54191e89 100644 --- a/tests/e2e/testfiles/storage_csm_powerstore_resiliency.yaml +++ b/tests/e2e/testfiles/storage_csm_powerstore_resiliency.yaml @@ -28,7 +28,7 @@ spec: # Default value: ReadWriteOnceWithFSType fSGroupPolicy: "ReadWriteOnceWithFSType" storageCapacity: false - configVersion: v2.11.0 + configVersion: v2.11.1 authSecret: powerstore-config # Controller count replicas: 2 diff --git a/tests/e2e/testfiles/storage_csm_unity.yaml b/tests/e2e/testfiles/storage_csm_unity.yaml index 1312230ca..8dbca8642 100644 --- a/tests/e2e/testfiles/storage_csm_unity.yaml +++ b/tests/e2e/testfiles/storage_csm_unity.yaml @@ -16,7 +16,7 @@ spec: # true: enable storage capacity tracking # false: disable storage capacity tracking storageCapacity: true - configVersion: v2.11.0 + configVersion: v2.11.1 # Controller count replicas: 2 dnsPolicy: ClusterFirstWithHostNet diff --git a/tests/shared/common.go b/tests/shared/common.go index 8cf11947a..1eb44439f 100644 --- a/tests/shared/common.go +++ b/tests/shared/common.go @@ -35,8 +35,8 @@ const ( JumpDowngradeConfigVersion string = "v2.10.0" OldConfigVersion string = "v2.2.0" BadConfigVersion string = "v0" - PStoreConfigVersion string = "v2.11.0" - UnityConfigVersion string = "v2.11.0" + PStoreConfigVersion string = "v2.11.1" + UnityConfigVersion string = "v2.11.1" PScaleConfigVersion string = "v2.11.0" PmaxConfigVersion string = "v2.11.0" AuthServerConfigVersion string = "v1.11.0"