├── .github ├── CODEOWNERS ├── containerscan │ └── allowedlist.yaml ├── pull_request_template.md └── workflows │ └── actions.yaml ├── .gitignore ├── Dockerfile ├── LICENSE ├── Makefile ├── OLM.md ├── PROJECT ├── README.md ├── api └── v1 │ ├── csiisilon_types.go │ ├── csipowermax_types.go │ ├── csipowermaxrevproxy_types.go │ ├── csipowerstore_types.go │ ├── csiunity_types.go │ ├── csivxflexos_types.go │ ├── groupversion_info.go │ ├── types.go │ └── zz_generated.deepcopy.go ├── bin └── manager ├── bundle.Dockerfile ├── bundle ├── manifests │ ├── dell-csi-operator-certified.clusterserviceversion.yaml │ ├── dell-csi-operator-controller-manager-metrics-service_v1_service.yaml │ ├── dell-csi-operator-leader-election-role_rbac.authorization.k8s.io_v1_role.yaml │ ├── dell-csi-operator-leader-election-rolebinding_rbac.authorization.k8s.io_v1_rolebinding.yaml │ ├── dell-csi-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml │ ├── dell-csi-operator-proxy-role_rbac.authorization.k8s.io_v1_clusterrole.yaml │ ├── dell-csi-operator-proxy-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml │ ├── storage.dell.com_csiisilons.yaml │ ├── storage.dell.com_csipowermaxes.yaml │ ├── storage.dell.com_csipowermaxrevproxies.yaml │ ├── storage.dell.com_csipowerstores.yaml │ ├── storage.dell.com_csiunities.yaml │ └── storage.dell.com_csivxflexoses.yaml ├── metadata │ └── annotations.yaml └── tests │ └── scorecard │ └── config.yaml ├── check.sh ├── community.bundle.Dockerfile ├── community_bundle ├── manifests │ ├── dell-csi-operator.clusterserviceversion.yaml │ └── dell-csi-operator.package.yaml └── metadata │ └── annotations.yaml ├── config ├── certmanager │ ├── certificate.yaml │ ├── kustomization.yaml │ └── kustomizeconfig.yaml ├── crd │ ├── bases │ │ ├── storage.dell.com_csiisilons.yaml │ │ ├── storage.dell.com_csipowermaxes.yaml │ │ ├── storage.dell.com_csipowermaxrevproxies.yaml │ │ ├── storage.dell.com_csipowerstores.yaml │ │ ├── storage.dell.com_csiunities.yaml │ │ └── storage.dell.com_csivxflexoses.yaml │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ └── patches │ │ ├── cainjection_in_csiisilons.yaml │ │ ├── cainjection_in_csipowermaxes.yaml │ │ ├── cainjection_in_csipowermaxrevproxies.yaml │ │ ├── cainjection_in_csipowerstores.yaml │ │ ├── cainjection_in_csiunities.yaml │ │ ├── cainjection_in_csivxflexos.yaml │ │ ├── webhook_in_csiisilons.yaml │ │ ├── webhook_in_csipowermaxes.yaml │ │ ├── webhook_in_csipowermaxrevproxies.yaml │ │ ├── webhook_in_csipowerstores.yaml │ │ ├── webhook_in_csiunities.yaml │ │ └── webhook_in_csivxflexos.yaml ├── default │ ├── kustomization.yaml │ ├── manager_auth_proxy_patch.yaml │ ├── manager_webhook_patch.yaml │ └── webhookcainjection_patch.yaml ├── dev │ ├── kustomization.yaml │ └── namespace.yaml ├── install │ └── kustomization.yaml ├── manager │ ├── kustomization.yaml │ └── manager.yaml ├── manifests │ ├── bases │ │ └── dell-csi-operator-certified.clusterserviceversion.yaml │ └── kustomization.yaml ├── olm │ ├── operator_certified.yaml │ └── operator_community.yaml ├── prometheus │ ├── kustomization.yaml │ └── monitor.yaml ├── rbac │ ├── auth_proxy_client_clusterrole.yaml │ ├── auth_proxy_role.yaml │ ├── auth_proxy_role_binding.yaml │ ├── auth_proxy_service.yaml │ ├── csiisilon_editor_role.yaml │ ├── csiisilon_viewer_role.yaml │ ├── csipowermax_editor_role.yaml │ ├── csipowermax_viewer_role.yaml │ ├── csipowermaxrevproxy_editor_role.yaml │ ├── csipowermaxrevproxy_viewer_role.yaml │ ├── csipowerstore_editor_role.yaml │ ├── csipowerstore_viewer_role.yaml │ ├── csiunity_editor_role.yaml │ ├── csiunity_viewer_role.yaml │ ├── csivxflexos_editor_role.yaml │ ├── csivxflexos_viewer_role.yaml │ ├── kustomization.yaml │ ├── leader_election_role.yaml │ ├── leader_election_role_binding.yaml │ ├── role.yaml │ └── role_binding.yaml ├── samples │ ├── kustomization.yaml │ ├── storage_v1_csiisilon.yaml │ ├── storage_v1_csipowermax.yaml │ ├── storage_v1_csipowermaxrevproxy.yaml │ ├── storage_v1_csipowerstore.yaml │ ├── storage_v1_csiunity.yaml │ └── storage_v1_csivxflexos.yaml ├── scorecard │ ├── bases │ │ └── config.yaml │ ├── kustomization.yaml │ └── patches │ │ ├── basic.config.yaml │ │ └── olm.config.yaml ├── serviceaccount │ ├── kustomization.yaml │ └── serviceaccount.yaml └── webhook │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ └── service.yaml ├── controllers ├── csiisilon_controller.go ├── csipowermax_controller.go ├── csipowermaxrevproxy_controller.go ├── csipowerstore_controller.go ├── csiunity_controller.go ├── csivxflexos_controller.go └── suite_test.go ├── core ├── .gitignore ├── core.go ├── semver.tpl └── semver │ └── semver.go ├── deploy ├── crds │ └── storage.dell.com.crds.all.yaml └── operator.yaml ├── dev_documentation └── README.md ├── docker.mk ├── documentation └── Readme.md ├── driverconfig ├── config.yaml ├── isilon_v250_v121.json ├── isilon_v250_v123.json ├── isilon_v250_v124.json ├── isilon_v250_v125.json ├── isilon_v260_v121.json ├── isilon_v260_v123.json ├── isilon_v260_v124.json ├── isilon_v260_v125.json ├── isilon_v260_v126.json ├── isilon_v270_v121.json ├── isilon_v270_v124.json ├── isilon_v270_v125.json ├── isilon_v270_v126.json ├── isilon_v270_v127.json ├── powermax_v250_v121.json ├── powermax_v250_v123.json ├── powermax_v250_v124.json ├── powermax_v250_v125.json ├── powermax_v260_v123.json ├── powermax_v260_v124.json ├── powermax_v260_v125.json ├── powermax_v260_v126.json ├── powermax_v270_v124.json ├── powermax_v270_v125.json ├── powermax_v270_v126.json ├── powermax_v270_v127.json ├── powerstore_v250_v121.json ├── powerstore_v250_v123.json ├── powerstore_v250_v124.json ├── powerstore_v250_v125.json ├── powerstore_v260_v123.json ├── powerstore_v260_v124.json ├── powerstore_v260_v125.json ├── powerstore_v260_v126.json ├── powerstore_v270_v124.json ├── powerstore_v270_v125.json ├── powerstore_v270_v126.json ├── powerstore_v270_v127.json ├── unity_v250_v121.json ├── unity_v250_v123.json ├── unity_v250_v124.json ├── unity_v250_v125.json ├── unity_v260_v123.json ├── unity_v260_v124.json ├── unity_v260_v125.json ├── unity_v260_v126.json ├── unity_v270_v124.json ├── unity_v270_v125.json ├── unity_v270_v126.json ├── unity_v270_v127.json ├── vxflexos_v250_v121.json ├── vxflexos_v250_v123.json ├── vxflexos_v250_v124.json ├── vxflexos_v250_v125.json ├── vxflexos_v260_v121.json ├── vxflexos_v260_v123.json ├── vxflexos_v260_v124.json ├── vxflexos_v260_v125.json ├── vxflexos_v260_v126.json ├── vxflexos_v270_v124.json ├── vxflexos_v270_v125.json ├── vxflexos_v270_v126.json └── vxflexos_v270_v127.json ├── go.mod ├── go.sum ├── hack └── boilerplate.go.txt ├── licenses └── LICENSE ├── main.go ├── pkg ├── config │ └── config.go ├── constants │ └── common.go ├── ctrlconfig │ ├── config.go │ └── opconfig.go ├── resources │ ├── configmap │ │ └── configmap.go │ ├── csidriver │ │ └── csidriver.go │ ├── daemonset │ │ └── daemonset.go │ ├── deployment │ │ └── deployment.go │ ├── helper.go │ ├── rbac │ │ ├── controllerrbac.go │ │ ├── noderbac.go │ │ ├── role.go │ │ └── rolebindings.go │ ├── secrets │ │ └── secrets.go │ ├── service │ │ └── service.go │ ├── serviceaccount │ │ └── serviceaccount.go │ ├── statefulset │ │ └── statefulset.go │ ├── storageclass │ │ └── storageclass.go │ └── volumesnapshotclass │ │ └── createvolumesnapshotclass.go └── utils │ ├── common.go │ ├── status.go │ ├── utils.go │ └── validate.go ├── samples ├── isilon_v250_k8s_121.yaml ├── isilon_v250_k8s_123.yaml ├── isilon_v250_k8s_124.yaml ├── isilon_v250_k8s_125.yaml ├── isilon_v250_ops_410.yaml ├── isilon_v250_ops_411.yaml ├── isilon_v260_k8s_121.yaml ├── isilon_v260_k8s_124.yaml ├── isilon_v260_k8s_125.yaml ├── isilon_v260_k8s_126.yaml ├── isilon_v260_ops_410.yaml ├── isilon_v260_ops_411.yaml ├── isilon_v270_k8s_121.yaml ├── isilon_v270_k8s_124.yaml ├── isilon_v270_k8s_125.yaml ├── isilon_v270_k8s_126.yaml ├── isilon_v270_k8s_127.yaml ├── isilon_v270_ops_411.yaml ├── isilon_v270_ops_412.yaml ├── powermax_reverseproxy.yaml ├── powermax_revproxy_standalone_with_driver.yaml ├── powermax_v250_k8s_121.yaml ├── powermax_v250_k8s_123.yaml ├── powermax_v250_k8s_124.yaml ├── powermax_v250_k8s_125.yaml ├── powermax_v250_ops_410.yaml ├── powermax_v250_ops_411.yaml ├── powermax_v260_k8s_123.yaml ├── powermax_v260_k8s_124.yaml ├── powermax_v260_k8s_125.yaml ├── powermax_v260_k8s_126.yaml ├── powermax_v260_ops_410.yaml ├── powermax_v260_ops_411.yaml ├── powermax_v270_k8s_124.yaml ├── powermax_v270_k8s_125.yaml ├── powermax_v270_k8s_126.yaml ├── powermax_v270_k8s_127.yaml ├── powermax_v270_ops_411.yaml ├── powermax_v270_ops_412.yaml ├── powerstore_v250_k8s_121.yaml ├── powerstore_v250_k8s_123.yaml ├── powerstore_v250_k8s_124.yaml ├── powerstore_v250_k8s_125.yaml ├── powerstore_v250_ops_410.yaml ├── powerstore_v250_ops_411.yaml ├── powerstore_v260_k8s_124.yaml ├── powerstore_v260_k8s_125.yaml ├── powerstore_v260_k8s_126.yaml ├── powerstore_v260_ops_410.yaml ├── powerstore_v260_ops_411.yaml ├── powerstore_v270_k8s_124.yaml ├── powerstore_v270_k8s_125.yaml ├── powerstore_v270_k8s_126.yaml ├── powerstore_v270_k8s_127.yaml ├── powerstore_v270_ops_411.yaml ├── powerstore_v270_ops_412.yaml ├── unity_v250_k8s_121.yaml ├── unity_v250_k8s_123.yaml ├── unity_v250_k8s_124.yaml ├── unity_v250_k8s_125.yaml ├── unity_v250_ops_410.yaml ├── unity_v250_ops_411.yaml ├── unity_v260_k8s_124.yaml ├── unity_v260_k8s_125.yaml ├── unity_v260_k8s_126.yaml ├── unity_v260_ops_410.yaml ├── unity_v260_ops_411.yaml ├── unity_v270_k8s_124.yaml ├── unity_v270_k8s_125.yaml ├── unity_v270_k8s_126.yaml ├── unity_v270_k8s_127.yaml ├── unity_v270_ops_411.yaml ├── unity_v270_ops_412.yaml ├── vxflex_v250_k8s_121.yaml ├── vxflex_v250_k8s_123.yaml ├── vxflex_v250_k8s_124.yaml ├── vxflex_v250_k8s_125.yaml ├── vxflex_v250_ops_410.yaml ├── vxflex_v250_ops_411.yaml ├── vxflex_v260_k8s_121.yaml ├── vxflex_v260_k8s_124.yaml ├── vxflex_v260_k8s_125.yaml ├── vxflex_v260_k8s_126.yaml ├── vxflex_v260_ops_410.yaml ├── vxflex_v260_ops_411.yaml ├── vxflex_v270_k8s_124.yaml ├── vxflex_v270_k8s_125.yaml ├── vxflex_v270_k8s_126.yaml ├── vxflex_v270_k8s_127.yaml ├── vxflex_v270_ops_411.yaml └── vxflex_v270_ops_412.yaml ├── scripts ├── .gitignore ├── build_olm_community_images.sh ├── common.bash ├── csi-offline-bundle.md ├── csi-offline-bundle.sh ├── delete_crds.sh ├── install.sh ├── install_olm.sh ├── staging.sh ├── uninstall.sh ├── updatecsv.sh ├── updateopenshiftcsv.sh └── verify.sh └── test ├── controller_test.go ├── driver ├── Readme.md ├── auto_powermax.yaml ├── auto_unity.yaml ├── config.properties ├── create_yaml.sh ├── deleteEntities.sh ├── install_csi_driver.sh ├── operatorutils.go ├── sample_driver_config ├── testlib.sh ├── uninstall_driver_operator.sh └── unity_driver_config ├── fakeclient_test.go ├── integration-tests ├── basic_test.go ├── cr │ ├── isilon.json │ ├── powermax.json │ ├── powerstore.json │ ├── unity.json │ └── vxflexos.json ├── framework │ └── framework.go ├── main_test.go ├── powermax_test.go ├── test.properties └── utils │ ├── namespaces.go │ └── resources.go └── testdata ├── csiisilon └── 01-simple-deployment │ ├── in-csiisilon-secret.yaml │ ├── in-csiisilon.yaml │ ├── out-clusterrole-controller.yaml │ ├── out-clusterrole-node.yaml │ ├── out-clusterrolebinding-controller.yaml │ ├── out-clusterrolebinding-node.yaml │ ├── out-csidriver.yaml │ ├── out-csiisilon-secret.yaml │ ├── out-csiisilon.yaml │ ├── out-daemonset.yaml │ ├── out-deployment.yaml │ ├── out-dummyclusterrole.yaml │ ├── out-serviceaccount-controller.yaml │ └── out-serviceaccount-node.yaml ├── csipowermax └── 01-simple-deployment │ ├── in-csipowermax-secret.yaml │ ├── in-csipowermax.yaml │ ├── in-vcenter-secret.yaml │ ├── out-clusterrole-controller.yaml │ ├── out-clusterrolebinding-controller.yaml │ ├── out-csidriver.yaml │ ├── out-csipowermax-secret.yaml │ ├── out-csipowermax.yaml │ ├── out-daemonset.yaml │ ├── out-deployment.yaml │ ├── out-dummyclusterrole.yaml │ ├── out-serviceaccount-controller.yaml │ └── out-vcenter-secret.yaml ├── csipowermaxrevproxy ├── 01-simple-linked-deployment │ ├── in-csipowermaxrevorixytlssecret.yaml │ ├── in-csipowermaxrevproxy.yaml │ ├── out-configmap.yaml │ ├── out-csipowermaxrevproxy.yaml │ ├── out-csipowermaxtlssecret.yaml │ ├── out-deployment.yaml │ ├── out-role.yaml │ ├── out-rolebinding.yaml │ ├── out-service.yaml │ └── out-serviceaccount.yaml └── 02-simple-sa-deployment │ ├── in-csipowermaxrevproxy.yaml │ ├── in-csipowermaxrevproxytlssecret.yaml │ ├── in-powermax-creds.yaml │ ├── out-configmap.yaml │ ├── out-csipowermaxreverseproxy.yaml │ ├── out-csipowermaxrevproxytlssecret.yaml │ ├── out-deployment.yaml │ ├── out-powermax-creds.yaml │ ├── out-role.yaml │ ├── out-rolebinding.yaml │ ├── out-service.yaml │ └── out-serviceaccount.yaml ├── csipowerstore └── 01-simple-deployment │ ├── in-csipowerstore-secret.yaml │ ├── in-csipowerstore.yaml │ ├── out-clusterrole-controller.yaml │ ├── out-clusterrolebinding-controller.yaml │ ├── out-csidriver.yaml │ ├── out-csipowerstore-secret.yaml │ ├── out-csipowerstore.yaml │ ├── out-daemonset.yaml │ ├── out-dummyclusterrole.yaml │ ├── out-serviceaccount-controller.yaml │ └── out-statefulset.yaml ├── csiunity └── 01-simple-deployment │ ├── in-csiunity.yaml │ ├── out-clusterrole-controller.yaml │ ├── out-clusterrole-node.yaml │ ├── out-clusterrolebinding-controller.yaml │ ├── out-clusterrolebinding-node.yaml │ ├── out-csidriver.yaml │ ├── out-csiunity.yaml │ ├── out-daemonset.yaml │ ├── out-serviceaccount-controller.yaml │ ├── out-serviceaccount-node.yaml │ ├── out-snapshotclass-2.yaml │ ├── out-snapshotclass.yaml │ ├── out-statefulset.yaml │ ├── out-storageclass-2.yaml │ └── out-storageclass.yaml └── csivxflexos └── 01-simple-deployment ├── in-csidriverdeployment.yaml ├── in-csivxflexos-secret.yaml ├── out-clusterrole-controller.yaml ├── out-clusterrole-node.yaml ├── out-clusterrolebinding-controller.yaml ├── out-clusterrolebinding-node.yaml ├── out-csidriver.yaml ├── out-csivxflexos-secret.yaml ├── out-csivxflexos.yaml ├── out-daemonset.yaml ├── out-deployment.yaml ├── out-dummyclusterrole.yaml ├── out-serviceaccount-controller.yaml └── out-serviceaccount-node.yaml /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | # CODEOWNERS 2 | # 3 | # Documentation for this file can be found at: 4 | # https://help.github.com/en/articles/about-code-owners 5 | 6 | # These are the default owners for the code and will 7 | # be requested for review when someone opens a pull request. 8 | # Order is alphabetical for easier maintenance. 9 | # 10 | # Abhilash (abhi16394) 11 | # Bahubali Jain (bpjain2004) 12 | # Boya Murthy (boyamurthy) 13 | # Chiman Jain (chimanjain) 14 | # Deepak Ghivari (Deepak-Ghivari) 15 | # Francis Nijay (francis-nijay) 16 | # Karthik K (karthikk92) 17 | # Keerthi Bandapati (bandak2) 18 | # Matt Schmaelzle (mjsdell) 19 | # Nitesh Rewatkar (nitesh3108) 20 | # Prasanna Muthukumaraswamy (prablr79) 21 | # Rajendra Indukuri (rajendraindukuri) 22 | # Rensy Thomas (rensyct) 23 | # Spandita Panigrahi (panigs7) 24 | 25 | # for all files: 26 | * @abhi16394 @bpjain2004 @boyamurthy @chimanjain @Deepak-Ghivari @francis-nijay @karthikk92 @bandak2 @mjsdell @nitesh3108 @prablr79 @rajendraindukuri @rensyct @panigs7 27 | -------------------------------------------------------------------------------- /.github/containerscan/allowedlist.yaml: -------------------------------------------------------------------------------- 1 | general: 2 | vulnerabilities: 3 | # list of CVEs that are currently unfixed 4 | - CVE-2022-42898 5 | - CVE-2019-1010022 6 | - CVE-2022-47629 7 | - CVE-2023-0286 8 | - CVE-2022-3294 9 | bestPracticeViolations: 10 | # list of best practies violatied that needs a fix 11 | - DKL-DI-0006 12 | - CIS-DI-0005 13 | - CIS-DI-0006 14 | - CIS-DI-0008 15 | - DKL-LI-0003 16 | - CIS-DI-0009 17 | -------------------------------------------------------------------------------- /.github/pull_request_template.md: -------------------------------------------------------------------------------- 1 | # Description 2 | A few sentences describing the overall goals of the pull request's commits. 3 | 4 | # GitHub Issues 5 | List the GitHub issues impacted by this PR: 6 | 7 | | GitHub Issue # | 8 | | -------------- | 9 | | | 10 | 11 | # Checklist: 12 | 13 | - [ ] I have performed a self-review of my own code to ensure there are no formatting, vetting, linting, or security issues 14 | - [ ] I have verified that new and existing unit tests pass locally with my changes 15 | - [ ] I have not allowed coverage numbers to degenerate 16 | - [ ] I have maintained at least 90% code coverage 17 | - [ ] I have commented my code, particularly in hard-to-understand areas 18 | - [ ] I have made corresponding changes to the documentation 19 | - [ ] I have added tests that prove my fix is effective or that my feature works 20 | - [ ] Backward compatibility is not broken 21 | 22 | # How Has This Been Tested? 23 | Please describe the tests that you ran to verify your changes. Please also list any relevant details for your test configuration 24 | 25 | - [ ] Test A 26 | - [ ] Test B 27 | -------------------------------------------------------------------------------- /.github/workflows/actions.yaml: -------------------------------------------------------------------------------- 1 | name: Workflow 2 | on: 3 | push: 4 | branches: [ main ] 5 | pull_request: 6 | branches: [ main ] 7 | jobs: 8 | code-check: 9 | name: Check Go formatting, linting, vetting 10 | runs-on: ubuntu-latest 11 | steps: 12 | - name: Checkout the code 13 | uses: actions/checkout@v2 14 | - name: Run the formatter, linter, and vetter 15 | uses: dell/common-github-actions/go-code-formatter-linter-vetter@main 16 | with: 17 | directories: ./... 18 | go_security_scan: 19 | name: Run gosec 20 | runs-on: ubuntu-latest 21 | steps: 22 | - name: Checkout the code 23 | uses: actions/checkout@v2 24 | - name: Run gosec to check for security vulnerabilities 25 | uses: dell/common-github-actions/gosec-runner@main 26 | with: 27 | directories: "./..." 28 | excludes: "G108,G402,G307,G101,G404" 29 | test: 30 | name: Run Go unit tests and check package coverage 31 | runs-on: ubuntu-latest 32 | steps: 33 | - name: Set up Go 1.20+ 34 | uses: actions/setup-go@v2 35 | with: 36 | go-version: ^1.20 37 | id: go 38 | - name: Checkout the code 39 | uses: actions/checkout@v2 40 | - name: Checkout dell-csi-operator 41 | uses: actions/checkout@v2 42 | with: 43 | repository: 'dell/dell-csi-operator' 44 | path: 'dell-csi-operator' 45 | # Not able to use dell common git hub actions as there is 46 | # no way to skip integration tests currently. And this 47 | # way of using 'run' to execute run do not allow us to 48 | # check for threshold.But it ensures there are no failures 49 | - name: Run unit tests and check package coverage 50 | run: make unit-test 51 | malware_security_scan: 52 | name: Malware Scanner 53 | runs-on: ubuntu-latest 54 | steps: 55 | - name: Checkout the code 56 | uses: actions/checkout@v2 57 | - name: Run malware scan 58 | uses: dell/common-github-actions/malware-scanner@main 59 | with: 60 | directories: . 61 | options: -ri 62 | image_security_scan: 63 | name: Image Scanner 64 | runs-on: ubuntu-latest 65 | env: 66 | BASE_IMG : ubuntu:latest 67 | steps: 68 | - name: Set up Go 1.20+ 69 | uses: actions/setup-go@v2 70 | with: 71 | go-version: ^1.20 72 | id: go 73 | - name: Checkout the code 74 | uses: actions/checkout@v2 75 | - name: Build Docker Images 76 | run: docker build . -t dell-csi-operator:latest 77 | - name: Scan operator Image 78 | uses: Azure/container-scan@v0 79 | env: 80 | DOCKLE_HOST: "unix:///var/run/docker.sock" 81 | with: 82 | image-name: dell-csi-operator:latest 83 | severity-threshold: HIGH 84 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Temporary Build Files 2 | build/_output 3 | build/_test 4 | # Created by https://www.gitignore.io/api/go,vim,emacs,visualstudiocode 5 | ### Emacs ### 6 | # -*- mode: gitignore; -*- 7 | *~ 8 | \#*\# 9 | /.emacs.desktop 10 | /.emacs.desktop.lock 11 | *.elc 12 | auto-save-list 13 | tramp 14 | .\#* 15 | # Org-mode 16 | .org-id-locations 17 | *_archive 18 | # flymake-mode 19 | *_flymake.* 20 | # eshell files 21 | /eshell/history 22 | /eshell/lastdir 23 | # elpa packages 24 | /elpa/ 25 | # reftex files 26 | *.rel 27 | # AUCTeX auto folder 28 | /auto/ 29 | # cask packages 30 | .cask/ 31 | dist/ 32 | # Flycheck 33 | flycheck_*.el 34 | # server auth directory 35 | /server/ 36 | # projectiles files 37 | .projectile 38 | projectile-bookmarks.eld 39 | # directory configuration 40 | .dir-locals.el 41 | # saveplace 42 | places 43 | # url cache 44 | url/cache/ 45 | # cedet 46 | ede-projects.el 47 | # smex 48 | smex-items 49 | # company-statistics 50 | company-statistics-cache.el 51 | # anaconda-mode 52 | anaconda-mode/ 53 | ### Go ### 54 | # Binaries for programs and plugins 55 | *.exe 56 | *.exe~ 57 | *.dll 58 | *.so 59 | *.dylib 60 | # Test binary, build with 'go test -c' 61 | *.test 62 | # Output of the go coverage tool, specifically when used with LiteIDE 63 | *.out 64 | ### Vim ### 65 | # swap 66 | .sw[a-p] 67 | .*.sw[a-p] 68 | # session 69 | Session.vim 70 | # temporary 71 | .netrwhist 72 | # auto-generated tag files 73 | tags 74 | ### VisualStudioCode ### 75 | .vscode/* 76 | .history 77 | # End of https://www.gitignore.io/api/go,vim,emacs,visualstudiocode 78 | # Local version files 79 | semver.mk 80 | localver.mk 81 | /vendor/ 82 | build/config 83 | .idea/* 84 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # Build the manager binary 2 | FROM golang:1.20 as builder 3 | 4 | WORKDIR /workspace 5 | # Copy the Go Modules manifests 6 | COPY go.mod go.mod 7 | COPY go.sum go.sum 8 | # cache deps before building and copying source so that we don't need to re-download as much 9 | # and so that source changes don't invalidate our downloaded layer 10 | RUN go mod download 11 | 12 | # Copy the go source 13 | COPY main.go main.go 14 | COPY api/ api/ 15 | COPY controllers/ controllers/ 16 | COPY core/ core/ 17 | COPY pkg/ pkg/ 18 | 19 | # Build 20 | 21 | RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go 22 | # Tag corresponding to digest sha256:82d08fba0a8322ff0c39934efe6972ccbf152dfb4639fb7a5765192f674e3eaa is 8.8-860 23 | FROM registry.access.redhat.com/ubi8/ubi-minimal@sha256:82d08fba0a8322ff0c39934efe6972ccbf152dfb4639fb7a5765192f674e3eaa 24 | 25 | RUN microdnf install yum \ 26 | && yum -y update-minimal --security --sec-severity=Important --sec-severity=Critical \ 27 | && yum clean all \ 28 | && rpm -e yum \ 29 | && microdnf clean all 30 | 31 | ENV USER_UID=1001 \ 32 | USER_NAME=dell-csi-operator \ 33 | X_CSI_OPERATOR_CONFIG_DIR="/etc/config/dell-csi-operator" 34 | WORKDIR / 35 | COPY --from=builder /workspace/manager . 36 | COPY driverconfig/ /etc/config/local/dell-csi-operator 37 | LABEL vendor="Dell Inc." \ 38 | name="dell-csi-operator" \ 39 | summary="Operator for installing Dell CSI drivers" \ 40 | description="Common Operator for installing various Dell CSI drivers" \ 41 | version="1.12.0" \ 42 | license="Dell CSI Operator EULA" 43 | # copy the licenses folder 44 | COPY licenses /licenses 45 | 46 | ENTRYPOINT ["/manager"] 47 | USER ${USER_UID} 48 | -------------------------------------------------------------------------------- /PROJECT: -------------------------------------------------------------------------------- 1 | domain: dell.com 2 | layout: 3 | - go.kubebuilder.io/v3 4 | plugins: 5 | manifests.sdk.operatorframework.io/v2: {} 6 | scorecard.sdk.operatorframework.io/v2: {} 7 | projectName: dell-csi-operator-certified 8 | repo: github.com/dell/dell-csi-operator 9 | resources: 10 | - api: 11 | crdVersion: v1 12 | namespaced: true 13 | controller: true 14 | domain: dell.com 15 | group: storage 16 | kind: CSIPowerMax 17 | path: github.com/dell/dell-csi-operator/api/v1 18 | version: v1 19 | webhooks: 20 | defaulting: true 21 | webhookVersion: v1 22 | - api: 23 | crdVersion: v1 24 | namespaced: true 25 | controller: true 26 | domain: dell.com 27 | group: storage 28 | kind: CSIPowerMaxRevProxy 29 | path: github.com/dell/dell-csi-operator/api/v1 30 | version: v1 31 | webhooks: 32 | defaulting: true 33 | webhookVersion: v1 34 | - api: 35 | crdVersion: v1 36 | namespaced: true 37 | controller: true 38 | domain: dell.com 39 | group: storage 40 | kind: CSIIsilon 41 | path: github.com/dell/dell-csi-operator/api/v1 42 | version: v1 43 | webhooks: 44 | defaulting: true 45 | webhookVersion: v1 46 | - api: 47 | crdVersion: v1 48 | namespaced: true 49 | controller: true 50 | domain: dell.com 51 | group: storage 52 | kind: CSIUnity 53 | path: github.com/dell/dell-csi-operator/api/v1 54 | version: v1 55 | webhooks: 56 | defaulting: true 57 | webhookVersion: v1 58 | - api: 59 | crdVersion: v1 60 | namespaced: true 61 | controller: true 62 | domain: dell.com 63 | group: storage 64 | kind: CSIVXFlexOS 65 | path: github.com/dell/dell-csi-operator/api/v1 66 | version: v1 67 | webhooks: 68 | defaulting: true 69 | webhookVersion: v1 70 | - api: 71 | crdVersion: v1 72 | namespaced: true 73 | controller: true 74 | domain: dell.com 75 | group: storage 76 | kind: CSIPowerStore 77 | path: github.com/dell/dell-csi-operator/api/v1 78 | version: v1 79 | webhooks: 80 | defaulting: true 81 | webhookVersion: v1 82 | version: "3" 83 | 84 | -------------------------------------------------------------------------------- /api/v1/csiisilon_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package v1 16 | 17 | import ( 18 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 19 | ) 20 | 21 | // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. 22 | 23 | // CSIIsilonSpec defines the desired state of CSIIsilon 24 | type CSIIsilonSpec struct { 25 | // Driver is the specification for the CSI PowerScale Driver 26 | // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Driver" 27 | Driver Driver `json:"driver" yaml:"driver"` 28 | } 29 | 30 | // +kubebuilder:object:root=true 31 | // +kubebuilder:subresource:status 32 | // +kubebuilder:resource:path=csiisilons,scope=Namespaced 33 | 34 | // CSIIsilon is the Schema for the csiisilons API 35 | // +operator-sdk:csv:customresourcedefinitions:displayName="CSI PowerScale",resources={{Deployment,v1,isilon-controller},{DameonSet,v1,isilon-node}} 36 | type CSIIsilon struct { 37 | metav1.TypeMeta `json:",inline"` 38 | metav1.ObjectMeta `json:"metadata,omitempty"` 39 | 40 | Spec CSIIsilonSpec `json:"spec,omitempty"` 41 | Status DriverStatus `json:"status,omitempty"` 42 | } 43 | 44 | // +kubebuilder:object:root=true 45 | 46 | // CSIIsilonList contains a list of CSIIsilon 47 | type CSIIsilonList struct { 48 | metav1.TypeMeta `json:",inline"` 49 | metav1.ListMeta `json:"metadata,omitempty"` 50 | Items []CSIIsilon `json:"items"` 51 | } 52 | 53 | func init() { 54 | SchemeBuilder.Register(&CSIIsilon{}, &CSIIsilonList{}) 55 | } 56 | -------------------------------------------------------------------------------- /api/v1/csipowermax_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package v1 16 | 17 | import ( 18 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 19 | ) 20 | 21 | // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. 22 | 23 | // CSIPowerMaxSpec defines the desired state of CSIPowerMax 24 | type CSIPowerMaxSpec struct { 25 | // Driver is the specification for the CSI PowerMax Driver 26 | // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Driver" 27 | Driver Driver `json:"driver" yaml:"driver"` 28 | } 29 | 30 | // +kubebuilder:object:root=true 31 | // +kubebuilder:subresource:status 32 | // +kubebuilder:resource:path=csipowermaxes,scope=Namespaced 33 | 34 | // CSIPowerMax is the Schema for the csipowermaxes API 35 | // +operator-sdk:csv:customresourcedefinitions:displayName="CSI PowerMax",resources={{Deployment,v1,powermax-controller},{DameonSet,v1,powermax-node}} 36 | type CSIPowerMax struct { 37 | metav1.TypeMeta `json:",inline"` 38 | metav1.ObjectMeta `json:"metadata,omitempty"` 39 | 40 | Spec CSIPowerMaxSpec `json:"spec,omitempty"` 41 | Status DriverStatus `json:"status,omitempty"` 42 | } 43 | 44 | // +kubebuilder:object:root=true 45 | 46 | // CSIPowerMaxList contains a list of CSIPowerMax 47 | type CSIPowerMaxList struct { 48 | metav1.TypeMeta `json:",inline"` 49 | metav1.ListMeta `json:"metadata,omitempty"` 50 | Items []CSIPowerMax `json:"items"` 51 | } 52 | 53 | func init() { 54 | SchemeBuilder.Register(&CSIPowerMax{}, &CSIPowerMaxList{}) 55 | } 56 | -------------------------------------------------------------------------------- /api/v1/csipowerstore_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package v1 16 | 17 | import ( 18 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 19 | ) 20 | 21 | // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. 22 | 23 | // CSIPowerStoreSpec defines the desired state of CSIPowerStore 24 | type CSIPowerStoreSpec struct { 25 | // Driver is the specification for the CSI PowerStore Driver 26 | // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Driver" 27 | Driver Driver `json:"driver" yaml:"driver"` 28 | } 29 | 30 | // +kubebuilder:object:root=true 31 | // +kubebuilder:subresource:status 32 | // +kubebuilder:resource:path=csipowerstores,scope=Namespaced 33 | 34 | // CSIPowerStore is the Schema for the csipowerstores API 35 | // +operator-sdk:csv:customresourcedefinitions:displayName="CSI PowerStore",resources={{Deployment,v1,powerstore-controller},{DameonSet,v1,powerstore-node}} 36 | type CSIPowerStore struct { 37 | metav1.TypeMeta `json:",inline"` 38 | metav1.ObjectMeta `json:"metadata,omitempty"` 39 | 40 | Spec CSIPowerStoreSpec `json:"spec,omitempty"` 41 | Status DriverStatus `json:"status,omitempty"` 42 | } 43 | 44 | // +kubebuilder:object:root=true 45 | 46 | // CSIPowerStoreList contains a list of CSIPowerStore 47 | type CSIPowerStoreList struct { 48 | metav1.TypeMeta `json:",inline"` 49 | metav1.ListMeta `json:"metadata,omitempty"` 50 | Items []CSIPowerStore `json:"items"` 51 | } 52 | 53 | func init() { 54 | SchemeBuilder.Register(&CSIPowerStore{}, &CSIPowerStoreList{}) 55 | } 56 | -------------------------------------------------------------------------------- /api/v1/csiunity_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package v1 16 | 17 | import ( 18 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 19 | ) 20 | 21 | // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. 22 | 23 | // CSIUnitySpec defines the desired state of CSIUnity 24 | type CSIUnitySpec struct { 25 | // Driver is the specification for the CSI Unity XT Driver 26 | // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Driver" 27 | Driver Driver `json:"driver" yaml:"driver"` 28 | } 29 | 30 | // +kubebuilder:object:root=true 31 | // +kubebuilder:subresource:status 32 | // +kubebuilder:resource:path=csiunities,scope=Namespaced 33 | 34 | // CSIUnity is the Schema for the csiunities API 35 | // +operator-sdk:csv:customresourcedefinitions:displayName="CSI Unity XT",resources={{Deployment,v1,unity-controller},{DameonSet,v1,unity-node}} 36 | type CSIUnity struct { 37 | metav1.TypeMeta `json:",inline"` 38 | metav1.ObjectMeta `json:"metadata,omitempty"` 39 | 40 | Spec CSIUnitySpec `json:"spec,omitempty"` 41 | Status DriverStatus `json:"status,omitempty"` 42 | } 43 | 44 | // +kubebuilder:object:root=true 45 | 46 | // CSIUnityList contains a list of CSIUnity 47 | type CSIUnityList struct { 48 | metav1.TypeMeta `json:",inline"` 49 | metav1.ListMeta `json:"metadata,omitempty"` 50 | Items []CSIUnity `json:"items"` 51 | } 52 | 53 | func init() { 54 | SchemeBuilder.Register(&CSIUnity{}, &CSIUnityList{}) 55 | } 56 | -------------------------------------------------------------------------------- /api/v1/csivxflexos_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package v1 16 | 17 | import ( 18 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 19 | ) 20 | 21 | // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. 22 | 23 | // CSIVXFlexOSSpec defines the desired state of CSIVXFlexOS 24 | type CSIVXFlexOSSpec struct { 25 | // Driver is the specification for the CSI PowerFlex Driver 26 | // +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Driver" 27 | Driver Driver `json:"driver" yaml:"driver"` 28 | } 29 | 30 | // +kubebuilder:object:root=true 31 | // +kubebuilder:subresource:status 32 | // +kubebuilder:resource:path=csivxflexoses,scope=Namespaced 33 | 34 | // CSIVXFlexOS is the Schema for the csivxflexos API 35 | // +operator-sdk:csv:customresourcedefinitions:displayName="CSI PowerFlex",resources={{Deployment,v1,vxflexos-controller},{DameonSet,v1,vxflexos-node}} 36 | type CSIVXFlexOS struct { 37 | metav1.TypeMeta `json:",inline"` 38 | metav1.ObjectMeta `json:"metadata,omitempty"` 39 | 40 | Spec CSIVXFlexOSSpec `json:"spec,omitempty"` 41 | Status DriverStatus `json:"status,omitempty"` 42 | } 43 | 44 | // +kubebuilder:object:root=true 45 | 46 | // CSIVXFlexOSList contains a list of CSIVXFlexOS 47 | type CSIVXFlexOSList struct { 48 | metav1.TypeMeta `json:",inline"` 49 | metav1.ListMeta `json:"metadata,omitempty"` 50 | Items []CSIVXFlexOS `json:"items"` 51 | } 52 | 53 | func init() { 54 | SchemeBuilder.Register(&CSIVXFlexOS{}, &CSIVXFlexOSList{}) 55 | } 56 | -------------------------------------------------------------------------------- /api/v1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | // Package v1 contains API Schema definitions for the storage v1 API group 16 | // +kubebuilder:object:generate=true 17 | // +groupName=storage.dell.com 18 | package v1 19 | 20 | import ( 21 | "k8s.io/apimachinery/pkg/runtime/schema" 22 | "sigs.k8s.io/controller-runtime/pkg/scheme" 23 | ) 24 | 25 | var ( 26 | // GroupVersion is group version used to register these objects 27 | GroupVersion = schema.GroupVersion{Group: "storage.dell.com", Version: "v1"} 28 | 29 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 30 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 31 | 32 | // AddToScheme adds the types in this group-version to the given scheme. 33 | AddToScheme = SchemeBuilder.AddToScheme 34 | ) 35 | -------------------------------------------------------------------------------- /bin/manager: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dell/dell-csi-operator/68dedffe761130cfae300ebc8dddecafc171aa7a/bin/manager -------------------------------------------------------------------------------- /bundle.Dockerfile: -------------------------------------------------------------------------------- 1 | FROM scratch 2 | 3 | # Core bundle labels. 4 | LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 5 | LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ 6 | LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ 7 | LABEL operators.operatorframework.io.bundle.package.v1=dell-csi-operator-certified 8 | LABEL operators.operatorframework.io.bundle.channels.v1=stable 9 | LABEL operators.operatorframework.io.bundle.channel.default.v1=stable 10 | LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.14.0+git 11 | LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 12 | LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3 13 | 14 | # Labels for testing. 15 | LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 16 | LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ 17 | LABEL com.redhat.openshift.versions=v4.11-v4.12 18 | LABEL com.redhat.delivery.backport=false 19 | LABEL com.redhat.delivery.operator.bundle=true 20 | 21 | # Copy files to locations specified by labels. 22 | COPY bundle/manifests /manifests/ 23 | COPY bundle/metadata /metadata/ 24 | COPY bundle/tests/scorecard /tests/scorecard/ 25 | -------------------------------------------------------------------------------- /bundle/manifests/dell-csi-operator-controller-manager-metrics-service_v1_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | creationTimestamp: null 5 | labels: 6 | control-plane: controller-manager 7 | name: dell-csi-operator-controller-manager-metrics-service 8 | spec: 9 | ports: 10 | - name: https 11 | port: 8443 12 | targetPort: https 13 | selector: 14 | control-plane: controller-manager 15 | status: 16 | loadBalancer: {} 17 | -------------------------------------------------------------------------------- /bundle/manifests/dell-csi-operator-leader-election-role_rbac.authorization.k8s.io_v1_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | creationTimestamp: null 5 | name: dell-csi-operator-leader-election-role 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - configmaps 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - configmaps/status 23 | verbs: 24 | - get 25 | - update 26 | - patch 27 | - apiGroups: 28 | - "" 29 | resources: 30 | - events 31 | verbs: 32 | - create 33 | - patch 34 | -------------------------------------------------------------------------------- /bundle/manifests/dell-csi-operator-leader-election-rolebinding_rbac.authorization.k8s.io_v1_rolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | creationTimestamp: null 5 | name: dell-csi-operator-leader-election-rolebinding 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: Role 9 | name: dell-csi-operator-leader-election-role 10 | subjects: 11 | - kind: ServiceAccount 12 | name: default 13 | namespace: default 14 | -------------------------------------------------------------------------------- /bundle/manifests/dell-csi-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | creationTimestamp: null 5 | name: dell-csi-operator-metrics-reader 6 | rules: 7 | - nonResourceURLs: 8 | - /metrics 9 | verbs: 10 | - get 11 | -------------------------------------------------------------------------------- /bundle/manifests/dell-csi-operator-proxy-role_rbac.authorization.k8s.io_v1_clusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | creationTimestamp: null 5 | name: dell-csi-operator-proxy-role 6 | rules: 7 | - apiGroups: 8 | - authentication.k8s.io 9 | resources: 10 | - tokenreviews 11 | verbs: 12 | - create 13 | - apiGroups: 14 | - authorization.k8s.io 15 | resources: 16 | - subjectaccessreviews 17 | verbs: 18 | - create 19 | -------------------------------------------------------------------------------- /bundle/manifests/dell-csi-operator-proxy-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | creationTimestamp: null 5 | name: dell-csi-operator-proxy-rolebinding 6 | roleRef: 7 | apiGroup: rbac.authorization.k8s.io 8 | kind: ClusterRole 9 | name: dell-csi-operator-proxy-role 10 | subjects: 11 | - kind: ServiceAccount 12 | name: default 13 | namespace: default 14 | -------------------------------------------------------------------------------- /bundle/metadata/annotations.yaml: -------------------------------------------------------------------------------- 1 | annotations: 2 | # Core bundle annotations. 3 | operators.operatorframework.io.bundle.mediatype.v1: registry+v1 4 | operators.operatorframework.io.bundle.manifests.v1: manifests/ 5 | operators.operatorframework.io.bundle.metadata.v1: metadata/ 6 | operators.operatorframework.io.bundle.package.v1: dell-csi-operator-certified 7 | operators.operatorframework.io.bundle.channels.v1: stable 8 | operators.operatorframework.io.bundle.channel.default.v1: stable 9 | operators.operatorframework.io.metrics.builder: operator-sdk-v1.14.0+git 10 | operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 11 | operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 12 | 13 | # Annotations for testing. 14 | operators.operatorframework.io.test.mediatype.v1: scorecard+v1 15 | operators.operatorframework.io.test.config.v1: tests/scorecard/ 16 | 17 | # Annotations to specify supported OCP versions. 18 | com.redhat.openshift.versions: v4.11-v4.12 19 | -------------------------------------------------------------------------------- /bundle/tests/scorecard/config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: scorecard.operatorframework.io/v1alpha3 2 | kind: Configuration 3 | metadata: 4 | name: config 5 | stages: 6 | - parallel: true 7 | tests: 8 | - entrypoint: 9 | - scorecard-test 10 | - basic-check-spec 11 | image: quay.io/operator-framework/scorecard-test:v1.0.0 12 | labels: 13 | suite: basic 14 | test: basic-check-spec-test 15 | storage: 16 | spec: 17 | mountPath: {} 18 | - entrypoint: 19 | - scorecard-test 20 | - olm-bundle-validation 21 | image: quay.io/operator-framework/scorecard-test:v1.0.0 22 | labels: 23 | suite: olm 24 | test: olm-bundle-validation-test 25 | storage: 26 | spec: 27 | mountPath: {} 28 | - entrypoint: 29 | - scorecard-test 30 | - olm-crds-have-validation 31 | image: quay.io/operator-framework/scorecard-test:v1.0.0 32 | labels: 33 | suite: olm 34 | test: olm-crds-have-validation-test 35 | storage: 36 | spec: 37 | mountPath: {} 38 | - entrypoint: 39 | - scorecard-test 40 | - olm-crds-have-resources 41 | image: quay.io/operator-framework/scorecard-test:v1.0.0 42 | labels: 43 | suite: olm 44 | test: olm-crds-have-resources-test 45 | storage: 46 | spec: 47 | mountPath: {} 48 | - entrypoint: 49 | - scorecard-test 50 | - olm-spec-descriptors 51 | image: quay.io/operator-framework/scorecard-test:v1.0.0 52 | labels: 53 | suite: olm 54 | test: olm-spec-descriptors-test 55 | storage: 56 | spec: 57 | mountPath: {} 58 | - entrypoint: 59 | - scorecard-test 60 | - olm-status-descriptors 61 | image: quay.io/operator-framework/scorecard-test:v1.0.0 62 | labels: 63 | suite: olm 64 | test: olm-status-descriptors-test 65 | storage: 66 | spec: 67 | mountPath: {} 68 | storage: 69 | spec: 70 | mountPath: {} 71 | -------------------------------------------------------------------------------- /check.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | if [ -f "../vendor" ]; then 16 | # Tell the applicable Go tools to use the vendor directory, if it exists. 17 | MOD_FLAGS="-mod=vendor" 18 | fi 19 | FMT_TMPFILE=/tmp/check_fmt 20 | FMT_COUNT_TMPFILE=${FMT_TMPFILE}.count 21 | 22 | fmt_count() { 23 | if [ ! -f $FMT_COUNT_TMPFILE ]; then 24 | echo "0" 25 | fi 26 | 27 | head -1 $FMT_COUNT_TMPFILE 28 | } 29 | 30 | fmt() { 31 | gofmt -d ./pkg/config ./pkg/constants ./pkg/ctrlconfig ./pkg/resources ./pkg/utils | tee $FMT_TMPFILE 32 | cat $FMT_TMPFILE | wc -l > $FMT_COUNT_TMPFILE 33 | if [ ! `cat $FMT_COUNT_TMPFILE` -eq "0" ]; then 34 | echo Found `cat $FMT_COUNT_TMPFILE` formatting issue\(s\). 35 | return 1 36 | fi 37 | } 38 | 39 | echo === Checking format... 40 | fmt 41 | FMT_RETURN_CODE=$? 42 | echo === Finished 43 | 44 | echo === Vetting dell-csi-operator 45 | CGO_ENABLED=0 go vet ${MOD_FLAGS} ./pkg/config/... ./pkg/constants/... ./pkg/ctrlconfig/... ./pkg/resources/... ./pkg/utils/... 46 | VET_RETURN_CODE=$? 47 | echo === Finished 48 | 49 | echo === Linting... 50 | (command -v golint >/dev/null 2>&1 \ 51 | || GO111MODULE=on go install golang.org/x/lint/golint@latest) \ 52 | && golint --set_exit_status ./pkg/config/... ./pkg/constants/... ./pkg/resources/... ./pkg/ctrlconfig/... ./pkg/utils/... 53 | LINT_RETURN_CODE=$? 54 | echo === Finished 55 | 56 | # Report output. 57 | fail_checks=0 58 | [ "${FMT_RETURN_CODE}" != "0" ] && echo "Formatting checks failed! => Run 'make format'." && fail_checks=1 59 | [ "${VET_RETURN_CODE}" != "0" ] && echo "Vetting checks failed!" && fail_checks=1 60 | [ "${LINT_RETURN_CODE}" != "0" ] && echo "Linting checks failed!" && fail_checks=1 61 | 62 | exit ${fail_checks} 63 | 64 | -------------------------------------------------------------------------------- /community.bundle.Dockerfile: -------------------------------------------------------------------------------- 1 | FROM scratch 2 | 3 | LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 4 | LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ 5 | LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ 6 | LABEL operators.operatorframework.io.bundle.package.v1=dell-csi-operator 7 | LABEL operators.operatorframework.io.bundle.channels.v1=stable 8 | LABEL operators.operatorframework.io.bundle.channel.default.v1=stable 9 | LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.15.0 10 | LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 11 | LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3 12 | 13 | COPY community_bundle/manifests /manifests/ 14 | COPY community_bundle/metadata /metadata/ 15 | -------------------------------------------------------------------------------- /community_bundle/manifests/dell-csi-operator.package.yaml: -------------------------------------------------------------------------------- 1 | channels: 2 | - currentCSV: dell-csi-operator.v1.12.0 3 | name: stable 4 | defaultChannel: stable 5 | packageName: dell-csi-operator 6 | -------------------------------------------------------------------------------- /community_bundle/metadata/annotations.yaml: -------------------------------------------------------------------------------- 1 | annotations: 2 | operators.operatorframework.io.bundle.channel.default.v1: stable 3 | operators.operatorframework.io.bundle.channels.v1: stable 4 | operators.operatorframework.io.bundle.manifests.v1: manifests/ 5 | operators.operatorframework.io.bundle.mediatype.v1: registry+v1 6 | operators.operatorframework.io.bundle.metadata.v1: metadata/ 7 | operators.operatorframework.io.bundle.package.v1: dell-csi-operator 8 | operators.operatorframework.io.metrics.builder: operator-sdk-v1.15.0 9 | operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 10 | operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 11 | operators.operatorframework.io.test.config.v1: tests/scorecard/ 12 | operators.operatorframework.io.test.mediatype.v1: scorecard+v1 13 | 14 | # Annotations to specify supported OCP versions. 15 | com.redhat.openshift.versions: v4.11-v4.12 16 | -------------------------------------------------------------------------------- /config/certmanager/certificate.yaml: -------------------------------------------------------------------------------- 1 | # The following manifests contain a self-signed issuer CR and a certificate CR. 2 | # More document can be found at https://docs.cert-manager.io 3 | # WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for 4 | # breaking changes 5 | apiVersion: cert-manager.io/v1alpha2 6 | kind: Issuer 7 | metadata: 8 | name: selfsigned-issuer 9 | namespace: system 10 | spec: 11 | selfSigned: {} 12 | --- 13 | apiVersion: cert-manager.io/v1alpha2 14 | kind: Certificate 15 | metadata: 16 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml 17 | namespace: system 18 | spec: 19 | # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize 20 | dnsNames: 21 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 22 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local 23 | issuerRef: 24 | kind: Issuer 25 | name: selfsigned-issuer 26 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize 27 | -------------------------------------------------------------------------------- /config/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - certificate.yaml 3 | 4 | configurations: 5 | - kustomizeconfig.yaml 6 | -------------------------------------------------------------------------------- /config/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This configuration is for teaching kustomize how to update name ref and var substitution 2 | nameReference: 3 | - kind: Issuer 4 | group: cert-manager.io 5 | fieldSpecs: 6 | - kind: Certificate 7 | group: cert-manager.io 8 | path: spec/issuerRef/name 9 | 10 | varReference: 11 | - kind: Certificate 12 | group: cert-manager.io 13 | path: spec/commonName 14 | - kind: Certificate 15 | group: cert-manager.io 16 | path: spec/dnsNames 17 | -------------------------------------------------------------------------------- /config/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # This kustomization.yaml is not intended to be run by itself, 2 | # since it depends on service name and namespace that are out of this kustomize package. 3 | # It should be run by config/default 4 | resources: 5 | - bases/storage.dell.com_csipowermaxes.yaml 6 | - bases/storage.dell.com_csipowermaxrevproxies.yaml 7 | - bases/storage.dell.com_csiisilons.yaml 8 | - bases/storage.dell.com_csiunities.yaml 9 | - bases/storage.dell.com_csivxflexoses.yaml 10 | - bases/storage.dell.com_csipowerstores.yaml 11 | # +kubebuilder:scaffold:crdkustomizeresource 12 | 13 | #patchesStrategicMerge: 14 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. 15 | # patches here are for enabling the conversion webhook for each CRD 16 | #- patches/webhook_in_csipowermaxes.yaml 17 | #- patches/webhook_in_csipowermaxrevproxies.yaml 18 | #- patches/webhook_in_csiisilons.yaml 19 | #- patches/webhook_in_csiunities.yaml 20 | #- patches/webhook_in_csivxflexos.yaml 21 | #- patches/webhook_in_csipowerstores.yaml 22 | # +kubebuilder:scaffold:crdkustomizewebhookpatch 23 | 24 | # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. 25 | # patches here are for enabling the CA injection for each CRD 26 | #- patches/cainjection_in_csipowermaxes.yaml 27 | #- patches/cainjection_in_csipowermaxrevproxies.yaml 28 | #- patches/cainjection_in_csiisilons.yaml 29 | #- patches/cainjection_in_csiunities.yaml 30 | #- patches/cainjection_in_csivxflexos.yaml 31 | #- patches/cainjection_in_csipowerstores.yaml 32 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch 33 | 34 | # the following config is for teaching kustomize how to do kustomization for CRDs. 35 | configurations: 36 | - kustomizeconfig.yaml 37 | -------------------------------------------------------------------------------- /config/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 2 | nameReference: 3 | - kind: Service 4 | version: v1 5 | fieldSpecs: 6 | - kind: CustomResourceDefinition 7 | group: apiextensions.k8s.io 8 | path: spec/conversion/webhookClientConfig/service/name 9 | 10 | namespace: 11 | - kind: CustomResourceDefinition 12 | group: apiextensions.k8s.io 13 | path: spec/conversion/webhookClientConfig/service/namespace 14 | create: false 15 | 16 | varReference: 17 | - path: metadata/annotations 18 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_csiisilons.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: csiisilons.storage.dell.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_csipowermaxes.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: csipowermaxes.storage.dell.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_csipowermaxrevproxies.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: csipowermaxrevproxies.storage.dell.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_csipowerstores.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: csipowerstores.storage.dell.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_csiunities.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: csiunities.storage.dell.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/cainjection_in_csivxflexos.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: csivxflexos.storage.dell.com 9 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_csiisilons.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: csiisilons.storage.dell.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_csipowermaxes.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: csipowermaxes.storage.dell.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_csipowermaxrevproxies.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: csipowermaxrevproxies.storage.dell.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_csipowerstores.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: csipowerstores.storage.dell.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_csiunities.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: csiunities.storage.dell.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/crd/patches/webhook_in_csivxflexos.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: csivxflexos.storage.dell.com 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/default/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # Adds namespace to all resources. 2 | namespace: default 3 | 4 | # Value of this field is prepended to the 5 | # names of all resources, e.g. a deployment named 6 | # "wordpress" becomes "alices-wordpress". 7 | # Note that it should also match with the prefix (text before '-') of the namespace 8 | # field above. 9 | namePrefix: dell-csi-operator- 10 | 11 | # Labels to add to all resources and selectors. 12 | #commonLabels: 13 | # someName: someValue 14 | 15 | bases: 16 | - ../crd 17 | - ../serviceaccount 18 | - ../rbac 19 | - ../manager 20 | 21 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in 22 | # crd/kustomization.yaml 23 | #- ../webhook 24 | # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. 25 | #- ../certmanager 26 | # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. 27 | #- ../prometheus 28 | 29 | #patchesStrategicMerge: 30 | # Protect the /metrics endpoint by putting it behind auth. 31 | # If you want your controller-manager to expose the /metrics 32 | # endpoint w/o any authn/z, please comment the following line. 33 | #- manager_auth_proxy_patch.yaml 34 | 35 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in 36 | # crd/kustomization.yaml 37 | #- manager_webhook_patch.yaml 38 | 39 | # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 40 | # Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. 41 | # 'CERTMANAGER' needs to be enabled to use ca injection 42 | #- webhookcainjection_patch.yaml 43 | 44 | # the following config is for teaching kustomize how to do var substitution 45 | vars: 46 | # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. 47 | #- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR 48 | # objref: 49 | # kind: Certificate 50 | # group: cert-manager.io 51 | # version: v1alpha2 52 | # name: serving-cert # this name should match the one in certificate.yaml 53 | # fieldref: 54 | # fieldpath: metadata.namespace 55 | #- name: CERTIFICATE_NAME 56 | # objref: 57 | # kind: Certificate 58 | # group: cert-manager.io 59 | # version: v1alpha2 60 | # name: serving-cert # this name should match the one in certificate.yaml 61 | #- name: SERVICE_NAMESPACE # namespace of the service 62 | # objref: 63 | # kind: Service 64 | # version: v1 65 | # name: webhook-service 66 | # fieldref: 67 | # fieldpath: metadata.namespace 68 | #- name: SERVICE_NAME 69 | # objref: 70 | # kind: Service 71 | # version: v1 72 | # name: webhook-service 73 | -------------------------------------------------------------------------------- /config/default/manager_auth_proxy_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch inject a sidecar container which is a HTTP proxy for the 2 | # controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. 3 | apiVersion: apps/v1 4 | kind: Deployment 5 | metadata: 6 | name: controller-manager 7 | namespace: system 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: kube-rbac-proxy 13 | image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 14 | args: 15 | - "--secure-listen-address=0.0.0.0:8443" 16 | - "--upstream=http://127.0.0.1:8080/" 17 | - "--logtostderr=true" 18 | - "--v=10" 19 | ports: 20 | - containerPort: 8443 21 | name: https 22 | - name: manager 23 | args: 24 | - "--metrics-addr=127.0.0.1:8080" 25 | - "--enable-leader-election" 26 | -------------------------------------------------------------------------------- /config/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | ports: 12 | - containerPort: 9443 13 | name: webhook-server 14 | protocol: TCP 15 | volumeMounts: 16 | - mountPath: /tmp/k8s-webhook-server/serving-certs 17 | name: cert 18 | readOnly: true 19 | volumes: 20 | - name: cert 21 | secret: 22 | defaultMode: 420 23 | secretName: webhook-server-cert 24 | -------------------------------------------------------------------------------- /config/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch add annotation to admission webhook config and 2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. 3 | apiVersion: admissionregistration.k8s.io/v1 4 | kind: MutatingWebhookConfiguration 5 | metadata: 6 | name: mutating-webhook-configuration 7 | annotations: 8 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 9 | --- 10 | apiVersion: admissionregistration.k8s.io/v1 11 | kind: ValidatingWebhookConfiguration 12 | metadata: 13 | name: validating-webhook-configuration 14 | annotations: 15 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 16 | -------------------------------------------------------------------------------- /config/dev/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # Adds namespace to all resources. 2 | namespace: test-operator 3 | namePrefix: dell-csi-operator- 4 | # Labels to add to all resources and selectors. 5 | #commonLabels: 6 | # someName: someValue 7 | 8 | resources: 9 | - ./namespace.yaml 10 | - ../serviceaccount 11 | - ../rbac 12 | - ../manager 13 | 14 | generatorOptions: 15 | disableNameSuffixHash: true 16 | configMapGenerator: 17 | - files: 18 | - config.tar.gz 19 | name: config 20 | -------------------------------------------------------------------------------- /config/dev/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: system 7 | -------------------------------------------------------------------------------- /config/install/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # Adds namespace to all resources. 2 | namespace: dell-csi-operator 3 | namePrefix: dell-csi-operator- 4 | 5 | # Labels to add to all resources and selectors. 6 | #commonLabels: 7 | # someName: someValue 8 | 9 | bases: 10 | - ../serviceaccount 11 | - ../rbac 12 | - ../manager 13 | 14 | images: 15 | - name: controller 16 | newName: docker.io/dellemc/dell-csi-operator 17 | newTag: v1.12.0 18 | -------------------------------------------------------------------------------- /config/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | apiVersion: kustomize.config.k8s.io/v1beta1 4 | kind: Kustomization 5 | -------------------------------------------------------------------------------- /config/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | labels: 7 | control-plane: controller-manager 8 | spec: 9 | selector: 10 | matchLabels: 11 | control-plane: controller-manager 12 | replicas: 1 13 | template: 14 | metadata: 15 | labels: 16 | control-plane: controller-manager 17 | spec: 18 | serviceAccountName: manager-service-account 19 | initContainers: 20 | - name: config-copy 21 | image: docker.io/busybox:1.32.0 22 | command: ['sh', '-c', 'if [ -e /configmap/config.tar.gz ]; then /bin/tar -C /etc/config/dell-csi-operator -xzvf /configmap/config.tar.gz --strip-components 1; else echo "Warning: ConfigMap not mounted"; fi'] 23 | volumeMounts: 24 | - name: configmap-volume 25 | mountPath: /configmap 26 | - name: config-dir 27 | mountPath: /etc/config/dell-csi-operator 28 | containers: 29 | - name: dell-csi-operator-controller 30 | command: 31 | - /manager 32 | args: 33 | - --enable-leader-election 34 | image: controller:latest 35 | imagePullPolicy: Always 36 | env: 37 | - name: OPERATOR_DRIVERS 38 | value: "unity,powermax,isilon,vxflexos,powerstore" 39 | volumeMounts: 40 | - name: configmap-volume 41 | mountPath: /etc/config/configmap 42 | - name: config-dir 43 | mountPath: /etc/config/dell-csi-operator 44 | terminationGracePeriodSeconds: 10 45 | volumes: 46 | - name: configmap-volume 47 | configMap: 48 | # Provide the name of the ConfigMap containing the files you want 49 | # to add to the container 50 | name: dell-csi-operator-config 51 | optional: true 52 | - name: config-dir 53 | emptyDir: 54 | 55 | -------------------------------------------------------------------------------- /config/manifests/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - ../default 3 | - ../samples 4 | - ../scorecard -------------------------------------------------------------------------------- /config/olm/operator_certified.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operators.coreos.com/v1alpha1 2 | kind: CatalogSource 3 | metadata: 4 | name: dellemc-registry 5 | namespace: test-olm 6 | spec: 7 | sourceType: grpc 8 | image: dellemc/dellemcregistry_certified:v1.12.0 9 | --- 10 | apiVersion: operators.coreos.com/v1 11 | kind: OperatorGroup 12 | metadata: 13 | annotations: 14 | olm.providedAPIs: CSIIsilon.v1.storage.dell.com,CSIPowerMax.v1.storage.dell.com,CSIUnity.v1.storage.dell.com,CSIVXFlexOS.v1.storage.dell.com,CSIPowerStore.v1.storage.dell.com,CSIPowerMaxRevProxy.v1.storage.dell.com 15 | name: dellemc-operators 16 | namespace: test-olm 17 | spec: 18 | targetNamespaces: 19 | - test-olm 20 | --- 21 | apiVersion: operators.coreos.com/v1alpha1 22 | kind: Subscription 23 | metadata: 24 | name: dellemc-subscription 25 | namespace: test-olm 26 | spec: 27 | channel: stable 28 | name: dell-csi-operator-certified 29 | source: dellemc-registry 30 | sourceNamespace: test-olm 31 | 32 | -------------------------------------------------------------------------------- /config/olm/operator_community.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: operators.coreos.com/v1alpha1 2 | kind: CatalogSource 3 | metadata: 4 | name: dellemc-registry 5 | namespace: test-olm 6 | spec: 7 | sourceType: grpc 8 | image: dellemc/dellemcregistry_community:v1.12.0 9 | --- 10 | apiVersion: operators.coreos.com/v1 11 | kind: OperatorGroup 12 | metadata: 13 | annotations: 14 | olm.providedAPIs: CSIIsilon.v1.storage.dell.com,CSIPowerMax.v1.storage.dell.com,CSIUnity.v1.storage.dell.com,CSIVXFlexOS.v1.storage.dell.com,CSIPowerStore.v1.storage.dell.com,CSIPowerMaxRevProxy.v1.storage.dell.com 15 | name: dellemc-operators 16 | namespace: test-olm 17 | spec: 18 | targetNamespaces: 19 | - test-olm 20 | --- 21 | apiVersion: operators.coreos.com/v1alpha1 22 | kind: Subscription 23 | metadata: 24 | name: dellemc-subscription 25 | namespace: test-olm 26 | spec: 27 | channel: stable 28 | name: dell-csi-operator 29 | source: dellemc-registry 30 | sourceNamespace: test-olm 31 | -------------------------------------------------------------------------------- /config/prometheus/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - monitor.yaml 3 | -------------------------------------------------------------------------------- /config/prometheus/monitor.yaml: -------------------------------------------------------------------------------- 1 | 2 | # Prometheus Monitor Service (Metrics) 3 | apiVersion: monitoring.coreos.com/v1 4 | kind: ServiceMonitor 5 | metadata: 6 | labels: 7 | control-plane: controller-manager 8 | name: controller-manager-metrics-monitor 9 | namespace: system 10 | spec: 11 | endpoints: 12 | - path: /metrics 13 | port: https 14 | selector: 15 | matchLabels: 16 | control-plane: controller-manager 17 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_client_clusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: metrics-reader 5 | rules: 6 | - nonResourceURLs: ["/metrics"] 7 | verbs: ["get"] 8 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: proxy-role 5 | rules: 6 | - apiGroups: ["authentication.k8s.io"] 7 | resources: 8 | - tokenreviews 9 | verbs: ["create"] 10 | - apiGroups: ["authorization.k8s.io"] 11 | resources: 12 | - subjectaccessreviews 13 | verbs: ["create"] 14 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: proxy-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: proxy-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/auth_proxy_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: controller-manager-metrics-service 7 | namespace: system 8 | spec: 9 | ports: 10 | - name: https 11 | port: 8443 12 | targetPort: https 13 | selector: 14 | control-plane: controller-manager 15 | -------------------------------------------------------------------------------- /config/rbac/csiisilon_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit csiisilons. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csiisilon-editor-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csiisilons 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - storage.dell.com 21 | resources: 22 | - csiisilons/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/csiisilon_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view csiisilons. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csiisilon-viewer-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csiisilons 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - storage.dell.com 17 | resources: 18 | - csiisilons/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/csipowermax_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit csipowermaxes. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csipowermax-editor-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csipowermaxes 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - storage.dell.com 21 | resources: 22 | - csipowermaxes/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/csipowermax_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view csipowermaxes. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csipowermax-viewer-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csipowermaxes 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - storage.dell.com 17 | resources: 18 | - csipowermaxes/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/csipowermaxrevproxy_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit csipowermaxrevproxies. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csipowermaxrevproxy-editor-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csipowermaxrevproxies 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - storage.dell.com 21 | resources: 22 | - csipowermaxrevproxies/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/csipowermaxrevproxy_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view csipowermaxrevproxies. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csipowermaxrevproxy-viewer-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csipowermaxrevproxies 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - storage.dell.com 17 | resources: 18 | - csipowermaxrevproxies/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/csipowerstore_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit csipowerstores. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csipowerstore-editor-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csipowerstores 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - storage.dell.com 21 | resources: 22 | - csipowerstores/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/csipowerstore_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view csipowerstores. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csipowerstore-viewer-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csipowerstores 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - storage.dell.com 17 | resources: 18 | - csipowerstores/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/csiunity_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit csiunities. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csiunity-editor-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csiunities 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - storage.dell.com 21 | resources: 22 | - csiunities/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/csiunity_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view csiunities. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csiunity-viewer-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csiunities 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - storage.dell.com 17 | resources: 18 | - csiunities/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/csivxflexos_editor_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to edit csivxflexos. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csivxflexos-editor-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csivxflexos 11 | verbs: 12 | - create 13 | - delete 14 | - get 15 | - list 16 | - patch 17 | - update 18 | - watch 19 | - apiGroups: 20 | - storage.dell.com 21 | resources: 22 | - csivxflexos/status 23 | verbs: 24 | - get 25 | -------------------------------------------------------------------------------- /config/rbac/csivxflexos_viewer_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions for end users to view csivxflexos. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: csivxflexos-viewer-role 6 | rules: 7 | - apiGroups: 8 | - storage.dell.com 9 | resources: 10 | - csivxflexos 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - apiGroups: 16 | - storage.dell.com 17 | resources: 18 | - csivxflexos/status 19 | verbs: 20 | - get 21 | -------------------------------------------------------------------------------- /config/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - role.yaml 3 | - role_binding.yaml 4 | - leader_election_role.yaml 5 | - leader_election_role_binding.yaml 6 | # Comment the following 4 lines if you want to disable 7 | # the auth proxy (https://github.com/brancz/kube-rbac-proxy) 8 | # which protects your /metrics endpoint. 9 | - auth_proxy_service.yaml 10 | - auth_proxy_role.yaml 11 | - auth_proxy_role_binding.yaml 12 | - auth_proxy_client_clusterrole.yaml 13 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: leader-election-role 6 | rules: 7 | - apiGroups: 8 | - "" 9 | resources: 10 | - configmaps 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - configmaps/status 23 | verbs: 24 | - get 25 | - update 26 | - patch 27 | - apiGroups: 28 | - "" 29 | resources: 30 | - events 31 | verbs: 32 | - create 33 | - patch 34 | -------------------------------------------------------------------------------- /config/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: leader-election-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: leader-election-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: manager-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: manager-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: manager-service-account 12 | namespace: default 13 | -------------------------------------------------------------------------------- /config/samples/kustomization.yaml: -------------------------------------------------------------------------------- 1 | ## Append samples you want in your CSV to this file as resources ## 2 | resources: 3 | - storage_v1_csipowermaxrevproxy.yaml 4 | - storage_v1_csipowerstore.yaml 5 | - storage_v1_csipowermax.yaml 6 | - storage_v1_csiisilon.yaml 7 | - storage_v1_csivxflexos.yaml 8 | - storage_v1_csiunity.yaml 9 | # +kubebuilder:scaffold:manifestskustomizesamples 10 | -------------------------------------------------------------------------------- /config/samples/storage_v1_csipowermaxrevproxy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerMaxRevProxy 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | spec: 7 | # image: Define the container images used for the reverse proxy 8 | # Default value: None 9 | # Example: "csipowermax-reverseproxy:v2.6.0" 10 | image: dellemc/csipowermax-reverseproxy:v2.6.0 11 | # imagePullPolicy: Policy to determine if the image should be pulled prior to starting the container. 12 | # Allowed values: 13 | # Always: Always pull the image. 14 | # IfNotPresent: Only pull the image if it does not already exist on the node. 15 | # Never: Never pull the image. 16 | # Default value: None 17 | imagePullPolicy: IfNotPresent 18 | # "tlsSecret" defines the TLS secret that is created with certificate 19 | # and its associated key 20 | # Default value: None 21 | # Example: "csirevproxy-tls-secret" 22 | tlsSecret: csirevproxy-tls-secret 23 | config: 24 | # Mode for the proxy 25 | # Default value: None 26 | # Example: "Linked" 27 | mode: Linked 28 | linkConfig: 29 | primary: 30 | url: https://0.0.0.0:8443 #Unisphere URL 31 | skipCertificateValidation: true # This setting determines if client side Unisphere certificate validation is to be skipped 32 | certSecret: "" # Provide this value if skipCertificateValidation is set to false 33 | backup: # This is an optional field and lets you configure a backup unisphere which can be used by proxy server 34 | url: https://0.0.0.0:8443 #Unisphere URL 35 | skipCertificateValidation: true 36 | -------------------------------------------------------------------------------- /config/scorecard/bases/config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: scorecard.operatorframework.io/v1alpha3 2 | kind: Configuration 3 | metadata: 4 | name: config 5 | stages: 6 | - parallel: true 7 | tests: [] 8 | -------------------------------------------------------------------------------- /config/scorecard/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - bases/config.yaml 3 | patchesJson6902: 4 | - path: patches/basic.config.yaml 5 | target: 6 | group: scorecard.operatorframework.io 7 | version: v1alpha3 8 | kind: Configuration 9 | name: config 10 | - path: patches/olm.config.yaml 11 | target: 12 | group: scorecard.operatorframework.io 13 | version: v1alpha3 14 | kind: Configuration 15 | name: config 16 | # +kubebuilder:scaffold:patchesJson6902 17 | -------------------------------------------------------------------------------- /config/scorecard/patches/basic.config.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /stages/0/tests/- 3 | value: 4 | entrypoint: 5 | - scorecard-test 6 | - basic-check-spec 7 | image: quay.io/operator-framework/scorecard-test:v1.0.0 8 | labels: 9 | suite: basic 10 | test: basic-check-spec-test 11 | -------------------------------------------------------------------------------- /config/scorecard/patches/olm.config.yaml: -------------------------------------------------------------------------------- 1 | - op: add 2 | path: /stages/0/tests/- 3 | value: 4 | entrypoint: 5 | - scorecard-test 6 | - olm-bundle-validation 7 | image: quay.io/operator-framework/scorecard-test:v1.0.0 8 | labels: 9 | suite: olm 10 | test: olm-bundle-validation-test 11 | - op: add 12 | path: /stages/0/tests/- 13 | value: 14 | entrypoint: 15 | - scorecard-test 16 | - olm-crds-have-validation 17 | image: quay.io/operator-framework/scorecard-test:v1.0.0 18 | labels: 19 | suite: olm 20 | test: olm-crds-have-validation-test 21 | - op: add 22 | path: /stages/0/tests/- 23 | value: 24 | entrypoint: 25 | - scorecard-test 26 | - olm-crds-have-resources 27 | image: quay.io/operator-framework/scorecard-test:v1.0.0 28 | labels: 29 | suite: olm 30 | test: olm-crds-have-resources-test 31 | - op: add 32 | path: /stages/0/tests/- 33 | value: 34 | entrypoint: 35 | - scorecard-test 36 | - olm-spec-descriptors 37 | image: quay.io/operator-framework/scorecard-test:v1.0.0 38 | labels: 39 | suite: olm 40 | test: olm-spec-descriptors-test 41 | - op: add 42 | path: /stages/0/tests/- 43 | value: 44 | entrypoint: 45 | - scorecard-test 46 | - olm-status-descriptors 47 | image: quay.io/operator-framework/scorecard-test:v1.0.0 48 | labels: 49 | suite: olm 50 | test: olm-status-descriptors-test 51 | -------------------------------------------------------------------------------- /config/serviceaccount/kustomization.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kustomize.config.k8s.io/v1beta1 2 | kind: Kustomization 3 | namespace: system 4 | resources: 5 | - ./serviceaccount.yaml -------------------------------------------------------------------------------- /config/serviceaccount/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: manager-service-account 7 | namespace: default 8 | -------------------------------------------------------------------------------- /config/webhook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manifests.yaml 3 | - service.yaml 4 | 5 | configurations: 6 | - kustomizeconfig.yaml 7 | -------------------------------------------------------------------------------- /config/webhook/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # the following config is for teaching kustomize where to look at when substituting vars. 2 | # It requires kustomize v2.1.0 or newer to work properly. 3 | nameReference: 4 | - kind: Service 5 | version: v1 6 | fieldSpecs: 7 | - kind: MutatingWebhookConfiguration 8 | group: admissionregistration.k8s.io 9 | path: webhooks/clientConfig/service/name 10 | - kind: ValidatingWebhookConfiguration 11 | group: admissionregistration.k8s.io 12 | path: webhooks/clientConfig/service/name 13 | 14 | namespace: 15 | - kind: MutatingWebhookConfiguration 16 | group: admissionregistration.k8s.io 17 | path: webhooks/clientConfig/service/namespace 18 | create: true 19 | - kind: ValidatingWebhookConfiguration 20 | group: admissionregistration.k8s.io 21 | path: webhooks/clientConfig/service/namespace 22 | create: true 23 | 24 | varReference: 25 | - path: metadata/annotations 26 | -------------------------------------------------------------------------------- /config/webhook/service.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: webhook-service 6 | namespace: system 7 | spec: 8 | ports: 9 | - port: 443 10 | targetPort: 9443 11 | selector: 12 | control-plane: controller-manager 13 | -------------------------------------------------------------------------------- /controllers/suite_test.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package controllers 16 | 17 | import ( 18 | "path/filepath" 19 | "testing" 20 | 21 | logf "sigs.k8s.io/controller-runtime/pkg/log" 22 | "sigs.k8s.io/controller-runtime/pkg/log/zap" 23 | 24 | storagev1 "github.com/dell/dell-csi-operator/api/v1" 25 | . "github.com/onsi/ginkgo" 26 | . "github.com/onsi/gomega" 27 | "k8s.io/client-go/kubernetes/scheme" 28 | "k8s.io/client-go/rest" 29 | "sigs.k8s.io/controller-runtime/pkg/client" 30 | "sigs.k8s.io/controller-runtime/pkg/envtest" 31 | "sigs.k8s.io/controller-runtime/pkg/envtest/printer" 32 | // +kubebuilder:scaffold:imports 33 | ) 34 | 35 | // These tests use Ginkgo (BDD-style Go testing framework). Refer to 36 | // http://onsi.github.io/ginkgo/ to learn more about Ginkgo. 37 | 38 | var cfg *rest.Config 39 | var k8sClient client.Client 40 | var testEnv *envtest.Environment 41 | 42 | func TestAPIs(t *testing.T) { 43 | RegisterFailHandler(Fail) 44 | 45 | RunSpecsWithDefaultAndCustomReporters(t, 46 | "Controller Suite", 47 | []Reporter{printer.NewlineReporter{}}) 48 | } 49 | 50 | var _ = BeforeSuite(func(done Done) { 51 | logf.SetLogger(zap.New(zap.UseDevMode(true), zap.WriteTo(GinkgoWriter))) 52 | 53 | By("bootstrapping test environment") 54 | testEnv = &envtest.Environment{ 55 | CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases")}, 56 | } 57 | 58 | var err error 59 | cfg, err = testEnv.Start() 60 | Expect(err).ToNot(HaveOccurred()) 61 | Expect(cfg).ToNot(BeNil()) 62 | 63 | err = storagev1.AddToScheme(scheme.Scheme) 64 | Expect(err).NotTo(HaveOccurred()) 65 | 66 | err = storagev1.AddToScheme(scheme.Scheme) 67 | Expect(err).NotTo(HaveOccurred()) 68 | 69 | err = storagev1.AddToScheme(scheme.Scheme) 70 | Expect(err).NotTo(HaveOccurred()) 71 | 72 | err = storagev1.AddToScheme(scheme.Scheme) 73 | Expect(err).NotTo(HaveOccurred()) 74 | 75 | err = storagev1.AddToScheme(scheme.Scheme) 76 | Expect(err).NotTo(HaveOccurred()) 77 | 78 | err = storagev1.AddToScheme(scheme.Scheme) 79 | Expect(err).NotTo(HaveOccurred()) 80 | 81 | // +kubebuilder:scaffold:scheme 82 | 83 | k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) 84 | Expect(err).ToNot(HaveOccurred()) 85 | Expect(k8sClient).ToNot(BeNil()) 86 | 87 | close(done) 88 | }, 60) 89 | 90 | var _ = AfterSuite(func() { 91 | By("tearing down the test environment") 92 | err := testEnv.Stop() 93 | Expect(err).ToNot(HaveOccurred()) 94 | }) 95 | -------------------------------------------------------------------------------- /core/.gitignore: -------------------------------------------------------------------------------- 1 | core_generated.go 2 | -------------------------------------------------------------------------------- /core/core.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | //go:generate go run semver/semver.go -f semver.tpl -o core_generated.go 15 | 16 | package core 17 | 18 | import "time" 19 | 20 | var ( 21 | // SemVer is the semantic version. 22 | SemVer = "unknown" 23 | 24 | // CommitSha7 is the short version of the commit hash from which 25 | // this program was built. 26 | CommitSha7 string 27 | 28 | // CommitSha32 is the long version of the commit hash from which 29 | // this program was built. 30 | CommitSha32 string 31 | 32 | // CommitTime is the commit timestamp of the commit from which 33 | // this program was built. 34 | CommitTime time.Time 35 | ) 36 | -------------------------------------------------------------------------------- /core/semver.tpl: -------------------------------------------------------------------------------- 1 | package core 2 | 3 | import "time" 4 | 5 | func init() { 6 | SemVer = "{{.SemVer}}" 7 | CommitSha7 = "{{.Sha7}}" 8 | CommitSha32 = "{{.Sha32}}" 9 | CommitTime = time.Unix({{.Epoch}}, 0) 10 | } 11 | 12 | -------------------------------------------------------------------------------- /hack/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | /* 2 | 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ -------------------------------------------------------------------------------- /pkg/config/config.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package config 16 | 17 | import csiv1 "github.com/dell/dell-csi-operator/api/v1" 18 | 19 | // DriverType - Represents the type of the driver 20 | type DriverType string 21 | 22 | // Constants for driver types 23 | const ( 24 | PowerMax DriverType = "powermax" 25 | Unity DriverType = "unity" 26 | VxFlexOs DriverType = "vxflexos" 27 | Isilon DriverType = "isilon" 28 | PowerStore DriverType = "powerstore" 29 | Unknown DriverType = "unknown" 30 | ) 31 | 32 | // Config - Holds configuration information for an operator 33 | type Config struct { 34 | ConfigDirectory string 35 | ConfigFile string 36 | KubeAPIServerVersion csiv1.K8sVersion 37 | EnabledDrivers []csiv1.DriverType 38 | RetryCount int32 39 | IsOpenShift bool 40 | } 41 | 42 | // GetDriverType - gets the driver type from a string 43 | func GetDriverType(driverName string) csiv1.DriverType { 44 | switch driverName { 45 | case "powermax": 46 | return csiv1.PowerMax 47 | case "unity": 48 | return csiv1.Unity 49 | case "isilon": 50 | return csiv1.Isilon 51 | case "vxflexos": 52 | return csiv1.VXFlexOS 53 | case "powerstore": 54 | return csiv1.PowerStore 55 | } 56 | return csiv1.Unknown 57 | } 58 | -------------------------------------------------------------------------------- /pkg/constants/common.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package constants 16 | 17 | import ( 18 | "time" 19 | 20 | csiv1 "github.com/dell/dell-csi-operator/api/v1" 21 | "k8s.io/apimachinery/pkg/util/intstr" 22 | ) 23 | 24 | // Constants for driver states etc 25 | const ( 26 | RetryCount = 3 27 | Running = csiv1.DriverState("Running") 28 | Succeeded = csiv1.DriverState("Succeeded") 29 | Creating = csiv1.DriverState("Creating") 30 | Failed = csiv1.DriverState("Failed") 31 | InvalidConfig = csiv1.DriverState("InvalidConfig") 32 | NoState = csiv1.DriverState("") 33 | Updating = csiv1.DriverState("Updating") 34 | DefaultRetryInterval = 5 * time.Second 35 | MaxRetryInterval = 10 * time.Minute 36 | MaxRetryDuration = 30 * time.Minute 37 | ) 38 | 39 | // DriverReplicas - Replica count for controller 40 | var DriverReplicas = int32(1) 41 | 42 | // RevisionHistoryLimit - Max revision history limit for driver daemonset 43 | var RevisionHistoryLimit = int32(10) 44 | 45 | // MaxUnavailableUpdateStrategy - Maximum unavailable update strategy 46 | var MaxUnavailableUpdateStrategy = intstr.IntOrString{IntVal: 1, StrVal: "1"} 47 | 48 | // TerminationMessagePath for the container 49 | const TerminationMessagePath = "/dev/termination-log" 50 | 51 | // TerminationMessagePolicy determines the policy for termination message 52 | const TerminationMessagePolicy = "File" 53 | 54 | // DriverMountPath - Mount path for the driver container 55 | const DriverMountPath = "/var/run/csi" 56 | 57 | // DriverMountName - Socket directory volume mount name 58 | const DriverMountName = "socket-dir" 59 | 60 | // TerminationGracePeriodSeconds - grace period in seconds 61 | var TerminationGracePeriodSeconds = int64(30) 62 | -------------------------------------------------------------------------------- /pkg/resources/configmap/configmap.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package configmap 16 | 17 | import ( 18 | "context" 19 | 20 | corev1 "k8s.io/api/core/v1" 21 | 22 | "github.com/go-logr/logr" 23 | "k8s.io/apimachinery/pkg/api/errors" 24 | "k8s.io/apimachinery/pkg/types" 25 | "sigs.k8s.io/controller-runtime/pkg/client" 26 | ) 27 | 28 | // SyncConfigMap - Creates/Updates a config map 29 | func SyncConfigMap(ctx context.Context, configMap *corev1.ConfigMap, client client.Client, reqLogger logr.Logger) error { 30 | found := &corev1.ConfigMap{} 31 | err := client.Get(ctx, types.NamespacedName{Name: configMap.Name, Namespace: configMap.Namespace}, found) 32 | if err != nil && errors.IsNotFound(err) { 33 | reqLogger.Info("Creating a new ConfigMap", "Name", configMap.Name) 34 | err = client.Create(ctx, configMap) 35 | if err != nil { 36 | return err 37 | } 38 | } else if err != nil { 39 | reqLogger.Info("Unknown error.", "Error", err.Error()) 40 | return err 41 | } else { 42 | reqLogger.Info("Updating ConfigMap", "Name:", configMap.Name) 43 | err = client.Update(ctx, configMap) 44 | if err != nil { 45 | return err 46 | } 47 | } 48 | 49 | return nil 50 | } 51 | -------------------------------------------------------------------------------- /pkg/resources/rbac/noderbac.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package rbac 16 | 17 | import ( 18 | "fmt" 19 | 20 | csiv1 "github.com/dell/dell-csi-operator/api/v1" 21 | "github.com/dell/dell-csi-operator/pkg/resources" 22 | rbacv1 "k8s.io/api/rbac/v1" 23 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 24 | rbachelper "k8s.io/kubernetes/pkg/apis/rbac/v1" 25 | ) 26 | 27 | // NewNodeClusterRole - Returns a clusterRole for the Node plugin 28 | func NewNodeClusterRole(instance csiv1.CSIDriver, customControllerName bool, dummyClusterRole *rbacv1.ClusterRole) *rbacv1.ClusterRole { 29 | driverName := instance.GetName() 30 | driverNameSpace := instance.GetNamespace() 31 | clusterRoleName := fmt.Sprintf("%s-node", driverName) 32 | if customControllerName { 33 | clusterRoleName = fmt.Sprintf("%s-%s-node", driverNameSpace, driverName) 34 | } 35 | clusterRole := &rbacv1.ClusterRole{ 36 | ObjectMeta: metav1.ObjectMeta{ 37 | Name: clusterRoleName, 38 | OwnerReferences: resources.GetDummyOwnerReferences(dummyClusterRole), 39 | }, 40 | Rules: []rbacv1.PolicyRule{ 41 | rbachelper.NewRule("list", "watch", "create", "update", "patch").Groups("").Resources("events").RuleOrDie(), 42 | rbachelper.NewRule("get", "list", "watch", "create", "update", "patch").Groups("").Resources("nodes").RuleOrDie(), 43 | rbachelper.NewRule("get", "list", "watch", "create", "delete", "update").Groups("").Resources("persistentvolumes").RuleOrDie(), 44 | rbachelper.NewRule("get", "list", "watch", "update").Groups("").Resources("persistentvolumeclaims").RuleOrDie(), 45 | rbachelper.NewRule("get", "list", "watch").Groups("storage.k8s.io").Resources("storageclasses").RuleOrDie(), 46 | rbachelper.NewRule("get", "list", "watch", "update").Groups("storage.k8s.io").Resources("volumeattachments").RuleOrDie(), 47 | rbachelper.NewRule("use").Groups("security.openshift.io").Resources("securitycontextconstraints").Names("privileged").RuleOrDie(), 48 | }, 49 | } 50 | return clusterRole 51 | } 52 | 53 | // NewLimitedClusterRole - Returns a clusterRole for the Node plugin 54 | func NewLimitedClusterRole(instance csiv1.CSIDriver, customControllerName bool, dummyClusterRole *rbacv1.ClusterRole) *rbacv1.ClusterRole { 55 | driverName := instance.GetName() 56 | driverNameSpace := instance.GetNamespace() 57 | clusterRoleName := fmt.Sprintf("%s-node", driverName) 58 | if customControllerName { 59 | clusterRoleName = fmt.Sprintf("%s-%s-node", driverNameSpace, driverName) 60 | } 61 | clusterRole := &rbacv1.ClusterRole{ 62 | ObjectMeta: metav1.ObjectMeta{ 63 | Name: clusterRoleName, 64 | OwnerReferences: resources.GetDummyOwnerReferences(dummyClusterRole), 65 | }, 66 | Rules: []rbacv1.PolicyRule{ 67 | rbachelper.NewRule("use").Groups("security.openshift.io").Resources("securitycontextconstraints").Names("privileged").RuleOrDie(), 68 | }, 69 | } 70 | return clusterRole 71 | } 72 | -------------------------------------------------------------------------------- /pkg/resources/rbac/role.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package rbac 16 | 17 | import ( 18 | "context" 19 | 20 | "github.com/go-logr/logr" 21 | rbacv1 "k8s.io/api/rbac/v1" 22 | "k8s.io/apimachinery/pkg/api/errors" 23 | "k8s.io/apimachinery/pkg/types" 24 | "sigs.k8s.io/controller-runtime/pkg/client" 25 | ) 26 | 27 | // SyncRole - Creates/Updates a Role 28 | func SyncRole(ctx context.Context, role *rbacv1.Role, client client.Client, reqLogger logr.Logger) error { 29 | found := &rbacv1.Role{} 30 | err := client.Get(ctx, types.NamespacedName{Name: role.Name, Namespace: role.Namespace}, found) 31 | if err != nil && errors.IsNotFound(err) { 32 | reqLogger.Info("Creating a new Role", "Name", role.Name) 33 | err = client.Create(ctx, role) 34 | if err != nil { 35 | return err 36 | } 37 | } else if err != nil { 38 | reqLogger.Info("Unknown error.", "Error", err.Error()) 39 | return err 40 | } else { 41 | reqLogger.Info("Updating Role", "Name:", role.Name) 42 | err = client.Update(ctx, role) 43 | if err != nil { 44 | return err 45 | } 46 | } 47 | 48 | return nil 49 | } 50 | -------------------------------------------------------------------------------- /pkg/resources/service/service.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package service 16 | 17 | import ( 18 | "context" 19 | 20 | corev1 "k8s.io/api/core/v1" 21 | 22 | "github.com/go-logr/logr" 23 | "k8s.io/apimachinery/pkg/api/errors" 24 | "k8s.io/apimachinery/pkg/types" 25 | "sigs.k8s.io/controller-runtime/pkg/client" 26 | ) 27 | 28 | // SyncService - Creates/Updates a service 29 | func SyncService(ctx context.Context, service *corev1.Service, client client.Client, reqLogger logr.Logger) error { 30 | found := &corev1.Service{} 31 | err := client.Get(ctx, types.NamespacedName{Name: service.Name, Namespace: service.Namespace}, found) 32 | if err != nil && errors.IsNotFound(err) { 33 | reqLogger.Info("Creating a new Service", "Name", service.Name) 34 | err = client.Create(ctx, service) 35 | if err != nil { 36 | return err 37 | } 38 | } else if err != nil { 39 | reqLogger.Info("Unknown error.", "Error", err.Error()) 40 | return err 41 | } else { 42 | reqLogger.Info("Updating Service", "Name:", service.Name) 43 | err = client.Update(ctx, service) 44 | if err != nil { 45 | return err 46 | } 47 | } 48 | 49 | return nil 50 | } 51 | -------------------------------------------------------------------------------- /pkg/resources/serviceaccount/serviceaccount.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package serviceaccount 16 | 17 | import ( 18 | "context" 19 | 20 | csiv1 "github.com/dell/dell-csi-operator/api/v1" 21 | "github.com/dell/dell-csi-operator/pkg/resources" 22 | "github.com/go-logr/logr" 23 | corev1 "k8s.io/api/core/v1" 24 | "k8s.io/apimachinery/pkg/api/errors" 25 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 26 | "k8s.io/apimachinery/pkg/types" 27 | "sigs.k8s.io/controller-runtime/pkg/client" 28 | ) 29 | 30 | // New - Returns a ServiceAccount object 31 | func New(instance csiv1.CSIDriver, saName string) *corev1.ServiceAccount { 32 | //var driver *csiv1.Driver = instance.GetDriver() 33 | driverNamespace := instance.GetNamespace() 34 | return &corev1.ServiceAccount{ 35 | ObjectMeta: metav1.ObjectMeta{ 36 | Name: saName, 37 | Namespace: driverNamespace, 38 | OwnerReferences: resources.GetOwnerReferences(instance), 39 | }, 40 | } 41 | } 42 | 43 | // SyncServiceAccount - Syncs a ServiceAccount 44 | func SyncServiceAccount(ctx context.Context, sa *corev1.ServiceAccount, client client.Client, reqLogger logr.Logger) error { 45 | found := &corev1.ServiceAccount{} 46 | err := client.Get(ctx, types.NamespacedName{Name: sa.Name, Namespace: sa.Namespace}, found) 47 | if err != nil && errors.IsNotFound(err) { 48 | reqLogger.Info("Creating a new ServiceAccount", "Namespace", sa.Namespace, "Name", sa.Name) 49 | err = client.Create(ctx, sa) 50 | if err != nil { 51 | return err 52 | } 53 | 54 | return nil 55 | } else if err != nil { 56 | reqLogger.Info("Unknown error.", "Error", err.Error()) 57 | return err 58 | } else { 59 | // Updating the service account keeps regenerating the secrets. 60 | // We dont have to update the service account if it exists. 61 | reqLogger.Info("ServiceAccount already exists", "Name:", sa.Name) 62 | } 63 | return nil 64 | } 65 | -------------------------------------------------------------------------------- /samples/powermax_reverseproxy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerMaxRevProxy 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | spec: 7 | # image: Define the container images used for the reverse proxy 8 | # Default value: None 9 | # Example: "csipowermax-reverseproxy:v2.6.0" 10 | image: dellemc/csipowermax-reverseproxy:v2.6.0 11 | # imagePullPolicy: Policy to determine if the image should be pulled prior to starting the container. 12 | # Allowed values: 13 | # Always: Always pull the image. 14 | # IfNotPresent: Only pull the image if it does not already exist on the node. 15 | # Never: Never pull the image. 16 | # Default value: None 17 | imagePullPolicy: IfNotPresent 18 | # "tlsSecret" defines the TLS secret that is created with certificate 19 | # and its associated key 20 | # Default value: None 21 | # Example: "csirevproxy-tls-secret" 22 | tlsSecret: csirevproxy-tls-secret 23 | config: 24 | # Mode for the proxy 25 | # Default value: None 26 | # Example: "Linked" 27 | mode: Linked 28 | linkConfig: 29 | primary: 30 | url: https://0.0.0.0:8443 #Unisphere URL 31 | skipCertificateValidation: true # This setting determines if client side Unisphere certificate validation is to be skipped 32 | certSecret: "" # Provide this value if skipCertificateValidation is set to false 33 | backup: # This is an optional field and lets you configure a backup unisphere which can be used by proxy server 34 | url: https://0.0.0.0:8443 #Unisphere URL 35 | skipCertificateValidation: true 36 | -------------------------------------------------------------------------------- /samples/vxflex_v250_ops_411.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIVXFlexOS 3 | metadata: 4 | name: test-vxflexos 5 | namespace: test-vxflexos 6 | spec: 7 | driver: 8 | configVersion: v2.5.0 9 | replicas: 1 10 | dnsPolicy: ClusterFirstWithHostNet 11 | forceUpdate: false 12 | fsGroupPolicy: File 13 | common: 14 | image: "dellemc/csi-vxflexos:v2.5.0" 15 | imagePullPolicy: IfNotPresent 16 | envs: 17 | - name: X_CSI_VXFLEXOS_ENABLELISTVOLUMESNAPSHOT 18 | value: "false" 19 | - name: X_CSI_VXFLEXOS_ENABLESNAPSHOTCGDELETE 20 | value: "false" 21 | - name: X_CSI_DEBUG 22 | value: "true" 23 | - name: X_CSI_ALLOW_RWO_MULTI_POD_ACCESS 24 | value: "false" 25 | sideCars: 26 | # Comment the following section if you don't want to run the monitoring sidecar 27 | - name: sdc-monitor 28 | envs: 29 | - name: HOST_PID 30 | value: "1" 31 | - name: MDM 32 | value: "" 33 | 34 | controller: 35 | envs: 36 | 37 | #"controller.nodeSelector" defines what nodes would be selected for pods of controller deployment 38 | # Leave as blank to use all nodes 39 | # Allowed values: map of key-value pairs 40 | # Default value: None 41 | nodeSelector: 42 | # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint 43 | # node-role.kubernetes.io/control-plane: "" 44 | 45 | # "controller.tolerations" defines tolerations that would be applied to controller deployment 46 | # Leave as blank to install controller on worker nodes 47 | # Default value: None 48 | tolerations: 49 | # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint 50 | # - key: "node-role.kubernetes.io/control-plane" 51 | # operator: "Exists" 52 | # effect: "NoSchedule" 53 | 54 | node: 55 | envs: 56 | 57 | # "node.nodeSelector" defines what nodes would be selected for pods of node daemonset 58 | # Leave as blank to use all nodes 59 | # Allowed values: map of key-value pairs 60 | # Default value: None 61 | nodeSelector: 62 | # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint 63 | # node-role.kubernetes.io/control-plane: "" 64 | 65 | # "node.tolerations" defines tolerations that would be applied to node daemonset 66 | # Leave as blank to install node driver only on worker nodes 67 | # Default value: None 68 | tolerations: 69 | # Uncomment if nodes you wish to use have the node-role.kubernetes.io/control-plane taint 70 | # - key: "node-role.kubernetes.io/control-plane" 71 | # operator: "Exists" 72 | # effect: "NoSchedule" 73 | 74 | initContainers: 75 | - image: dellemc/sdc:3.6.0.6 76 | imagePullPolicy: IfNotPresent 77 | name: sdc 78 | envs: 79 | - name: MDM 80 | value: "10.x.x.x,10.x.x.x" #provide MDM value 81 | 82 | --- 83 | apiVersion: v1 84 | kind: ConfigMap 85 | metadata: 86 | name: vxflexos-config-params 87 | namespace: test-vxflexos 88 | data: 89 | driver-config-params.yaml: | 90 | CSI_LOG_LEVEL: "debug" 91 | CSI_LOG_FORMAT: "TEXT" 92 | -------------------------------------------------------------------------------- /scripts/.gitignore: -------------------------------------------------------------------------------- 1 | images.manifest 2 | images.tar 3 | -------------------------------------------------------------------------------- /scripts/common.bash: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | RED='\033[0;31m' 4 | GREEN='\033[0;32m' 5 | YELLOW='\033[1;33m' 6 | NC='\033[0m' # No Color 7 | 8 | function log() { 9 | case $1 in 10 | separator) 11 | echo "******" 12 | ;; 13 | error) 14 | echo 15 | echo "*****************************************" 16 | printf "${RED}ERROR: $2\n" 17 | printf "${RED}Installation cannot continue${NC}\n" 18 | exit 1 19 | ;; 20 | warning) 21 | echo 22 | printf "${YELLOW}Warning: $2${NC}\n" 23 | ;; 24 | step) 25 | printf "%-75s %s" "$2" 26 | ;; 27 | step_success) 28 | printf "${GREEN}Success${NC}\n" 29 | ;; 30 | step_failure) 31 | printf "${RED}Failed${NC}\n" 32 | ;; 33 | step_warning) 34 | printf "${YELLOW}Warning${NC}\n" 35 | ;; 36 | Passed) 37 | printf "${GREEN}Success${NC}\n" 38 | ;; 39 | Failed) 40 | printf "${RED}Failed${NC}\n" 41 | ;; 42 | *) 43 | echo -n "Unknown" 44 | ;; 45 | esac 46 | } 47 | 48 | # Verify kubectl present 49 | kubectl --help >&/dev/null || { 50 | echo "kubectl required for installation... exiting"; exit 2 51 | } 52 | 53 | # waitOnRunning 54 | # will wait, for a timeout period, for a number of pods to go into Running state within a namespace 55 | # arguments: 56 | # $1: required: namespace to watch 57 | # $2: required: comma separated list of deployment type and name pairs 58 | # for example: "statefulset mystatefulset,daemonset mydaemonset" 59 | # $3: optional: timeout value, 300 seconds is the default. 60 | waitOnRunning() { 61 | if [ -z "${2}" ]; then 62 | echo "No namespace and/or list of deployments was supplied. This field is required for waitOnRunning" 63 | return 1 64 | fi 65 | # namespace 66 | local NS="${1}" 67 | # pods 68 | IFS="," read -r -a PODS <<< "${2}" 69 | # timeout value passed in, or 300 seconds as a default 70 | local TIMEOUT="300" 71 | if [ -n "${3}" ]; then 72 | TIMEOUT="${3}" 73 | fi 74 | 75 | RUNNING=0 76 | for D in "${PODS[@]}"; do 77 | echo 78 | echo "Checking $D, and waiting up to $TIMEOUT seconds to roll out" 79 | kubectl -n "${NS}" rollout status --timeout=${TIMEOUT}s ${D} 2>/dev/null 80 | if [ $? -ne 0 ]; then 81 | RUNNING=1 82 | fi 83 | done 84 | 85 | if [ $RUNNING -ne 0 ]; then 86 | return 1 87 | fi 88 | return 0 89 | } 90 | 91 | # Get the kubernetes major and minor version numbers. 92 | kMajorVersion=$(kubectl version -o="yaml" | grep -A8 'serverVersion:' | grep 'major'| egrep -o '[0-9]+') 93 | kMinorVersion=$(kubectl version -o="yaml" | grep -A8 'serverVersion:' | grep 'minor'| egrep -o '[0-9]+') 94 | kubectl get crd | grep securitycontextconstraints.security.openshift.io --quiet 95 | if [ $? -ne 0 ]; then 96 | isOpenShift=false 97 | else 98 | isOpenShift=true 99 | fi 100 | -------------------------------------------------------------------------------- /scripts/delete_crds.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 4 | 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | kubectl delete crd csipowermaxes.storage.dell.com 16 | kubectl delete crd csipowermaxrevproxies.storage.dell.com 17 | kubectl delete crd csiisilons.storage.dell.com 18 | kubectl delete crd csiunities.storage.dell.com 19 | kubectl delete crd csivxflexoses.storage.dell.com 20 | kubectl delete crd csipowerstores.storage.dell.com 21 | 22 | -------------------------------------------------------------------------------- /scripts/staging.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | SCRIPTDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null 2>&1 && pwd)" 16 | ROOTDIR="$(dirname "$SCRIPTDIR")" 17 | 18 | RANDOM=$$ 19 | generated_dir_name="Release/temp$RANDOM" 20 | 21 | if [ -z ${STAGING_DIR+x} ]; then 22 | STAGING_DIRECTORY=$generated_dir_name 23 | else 24 | STAGING_DIRECTORY=${STAGING_DIR} 25 | if [ "$STAGING_DIRECTORY" == "" ]; then 26 | STAGING_DIRECTORY=$generated_dir_name 27 | fi 28 | fi 29 | 30 | echo "Staging directory is set to: $STAGING_DIRECTORY" 31 | echo "Creating directory" 32 | echo mkdir -p $STAGING_DIRECTORY 33 | mkdir -p $STAGING_DIRECTORY 34 | 35 | echo "** Copying scripts folder **" 36 | echo mkdir -p $STAGING_DIRECTORY/scripts 37 | mkdir -p $STAGING_DIRECTORY/scripts 38 | echo cp -f "${ROOTDIR}/scripts/install.sh" "${STAGING_DIRECTORY}/scripts/" 39 | echo cp -f "${ROOTDIR}/scripts/uninstall.sh" "${STAGING_DIRECTORY}/scripts/" 40 | echo cp -f "${ROOTDIR}/scripts/common.bash" "${STAGING_DIRECTORY}/scripts/" 41 | echo cp -f "${ROOTDIR}/scripts/verify.sh" "${STAGING_DIRECTORY}/scripts/" 42 | echo cp -f "${ROOTDIR}/scripts/delete_crds.sh" "${STAGING_DIRECTORY}/scripts/" 43 | echo cp -f "${ROOTDIR}/scripts/csi-offline-bundle.sh" "${STAGING_DIRECTORY}/scripts/" 44 | echo cp -f "${ROOTDIR}/scripts/csi-offline-bundle.md" "${STAGING_DIRECTORY}/scripts/" 45 | 46 | cp -f "${ROOTDIR}/scripts/install.sh" "${STAGING_DIRECTORY}/scripts/" 47 | cp -f "${ROOTDIR}/scripts/uninstall.sh" "${STAGING_DIRECTORY}/scripts/" 48 | cp -f "${ROOTDIR}/scripts/common.bash" "${STAGING_DIRECTORY}/scripts/" 49 | cp -f "${ROOTDIR}/scripts/verify.sh" "${STAGING_DIRECTORY}/scripts/" 50 | cp -f "${ROOTDIR}/scripts/delete_crds.sh" "${STAGING_DIRECTORY}/scripts/" 51 | cp -f "${ROOTDIR}/scripts/csi-offline-bundle.sh" "${STAGING_DIRECTORY}/scripts/" 52 | cp -f "${ROOTDIR}/scripts/csi-offline-bundle.md" "${STAGING_DIRECTORY}/scripts/" 53 | 54 | echo 55 | echo "** Copying deploy folder **" 56 | echo cp -r "${ROOTDIR}/deploy" "${STAGING_DIRECTORY}/" 57 | cp -r "${ROOTDIR}/deploy" "${STAGING_DIRECTORY}/" 58 | 59 | echo 60 | echo "** Copying driverconfig folder **" 61 | echo cp -r "${ROOTDIR}/driverconfig" "${STAGING_DIRECTORY}/" 62 | cp -r "${ROOTDIR}/driverconfig" "${STAGING_DIRECTORY}/" 63 | 64 | echo 65 | echo "** Copying samples folder **" 66 | echo cp -r "${ROOTDIR}/samples" "${STAGING_DIRECTORY}/" 67 | cp -r "${ROOTDIR}/samples" "${STAGING_DIRECTORY}/" 68 | 69 | echo 70 | echo "** Copying LICENSE file **" 71 | echo cp "${ROOTDIR}/licenses/LICENSE" "${STAGING_DIRECTORY}/" 72 | cp "${ROOTDIR}/licenses/LICENSE" "${STAGING_DIRECTORY}/" 73 | 74 | echo 75 | echo "** Copying Readme from documentation folder **" 76 | echo cp "${ROOTDIR}/documentation/Readme.md" "${STAGING_DIRECTORY}/README.md" 77 | cp "${ROOTDIR}/documentation/Readme.md" "${STAGING_DIRECTORY}/README.md" 78 | -------------------------------------------------------------------------------- /scripts/uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | SCRIPTDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >/dev/null 2>&1 && pwd)" 16 | ROOTDIR="$(dirname "$SCRIPTDIR")" 17 | DEPLOYDIR="$ROOTDIR/deploy" 18 | 19 | # find the operator namespace from operator.yaml file 20 | NS_STRING=$(cat ${DEPLOYDIR}/operator.yaml | grep "namespace:" | head -1) 21 | if [ -z "${NS_STRING}" ]; then 22 | echo "Couldn't find any target namespace in ${DEPLOYDIR}/operator.yaml" 23 | exit 1 24 | fi 25 | # find the namespace from the filtered string 26 | NAMESPACE=$(echo $NS_STRING | cut -d ' ' -f2) 27 | 28 | echo "** Deleting the Operator Deployment **" 29 | echo 30 | echo kubectl delete -f $DEPLOYDIR/operator.yaml 31 | kubectl delete -f $DEPLOYDIR/operator.yaml 32 | echo 33 | echo "** Deleting ConfigMap **" 34 | echo 35 | echo kubectl delete -n $NAMESPACE configmap dell-csi-operator-config 36 | kubectl delete -n $NAMESPACE configmap dell-csi-operator-config 37 | echo 38 | echo "Removing temporary archive" 39 | echo rm -f config.tar.gz 40 | rm -f config.tar.gz 41 | -------------------------------------------------------------------------------- /scripts/updatecsv.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | set -e 16 | if [ $# -eq 0 ]; then 17 | echo "You must specify an Operator version" 18 | exit 1 19 | fi 20 | operator_version=$1 21 | printf "\n*****\n" 22 | echo "Creating temporary directory for storing the sample yaml files" 23 | echo 24 | echo mkdir -p config/temp_sample_manifest_dir 25 | mkdir -p config/temp_sample_manifest_dir 26 | printf "\n*****\n" 27 | echo "Moving the OpenShift sample yaml files to the temp directory" 28 | echo 29 | echo mv -f config/samples/*ops*.yaml config/temp_sample_manifest_dir 30 | mv -f config/samples/*ops*.yaml config/temp_sample_manifest_dir 31 | printf "\n*****\n" 32 | echo "Current set of files in the config/samples folder" 33 | echo 34 | find config/samples -type f -printf "%f\n" 35 | printf "\n*****\n" 36 | echo "Generating CSV file" 37 | echo 38 | echo ./operator-sdk generate csv --update-crds --csv-version "$operator_version" --default-channel --csv-channel stable --operator-name dell-csi-operator 39 | ./operator-sdk generate csv --update-crds --csv-version "$operator_version" --default-channel --csv-channel stable --operator-name dell-csi-operator 40 | printf "\n*****\n" 41 | echo "Moving the sample files back to original directory" 42 | echo 43 | echo mv -f config/temp_sample_manifest_dir/*.yaml config/samples 44 | mv -f config/temp_sample_manifest_dir/*.yaml config/samples 45 | printf "\n*****\n" 46 | echo "Deleting the temporary directory" 47 | echo 48 | echo rm -rf deploy/temp_sample_manifest_dir 49 | rm -rf deploy/temp_sample_manifest_dir 50 | printf "\n*****\n" 51 | echo "**** git status after the update ****" 52 | git status -s 53 | 54 | -------------------------------------------------------------------------------- /test/driver/Readme.md: -------------------------------------------------------------------------------- 1 | 14 | # Readme 15 | Files present 16 | 1. install_csi_driver.sh -> main script which calls other scripts 17 | 2. testlib.sh -> contains certain library functions 18 | 3. operatorutils.go -> contains golang function for creating driver related yaml file. 19 | 4. sample_driver_config -> Sample File which contains key value pairs for creating driver yaml files 20 | 21 | 22 | ## How to Execute? 23 | 1. Take a copy of sample_driver_config file and rename (according to your csi-driver) 24 | 2. Furnish the newly created driver config file with all the required values (including driver build number and driver yaml file name) 25 | 3. Manually furnish the pre-requisites (like namespaces, secrets etc.) 26 | 4. Execute the following command with operator build number (in the format of dell-csi-operator:v1.2.0) to create csi-operator and then csi drivers (controller and node) 27 | 1. sh install_csi_driver.sh "" 28 | 5. Wait for the script to finish and check the existence of csi-operator and controller/node by normal kubectl commands. 29 | 6. This script will pull the specified operator build. Unity/powermax driver has been tested. Other drivers are yet to be tested. 30 | -------------------------------------------------------------------------------- /test/driver/auto_powermax.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerMax 3 | metadata: 4 | creationTimestamp: null 5 | name: powermax 6 | namespace: powermax 7 | spec: 8 | driver: 9 | common: 10 | envs: 11 | - name: X_CSI_POWERMAX_PORTGROUPS 12 | value: csi_pg1 13 | - name: X_CSI_K8S_CLUSTER_PREFIX 14 | value: BCC 15 | - name: X_CSI_POWERMAX_ENDPOINT 16 | value: https://10.228.207.4:8443 17 | - name: X_CSI_POWERMAX_ARRAYS 18 | value: "000197600197" 19 | - name: X_CSI_TRANSPORT_PROTOCOL 20 | value: iscsi 21 | image: dellemc/csi-powermax:v1.5.0.000R 22 | configVersion: v4 23 | controller: {} 24 | node: {} 25 | replicas: 2 26 | sideCars: 27 | - args: 28 | - --v=5 29 | - --snapshot-name-uuid-length=10 30 | - --timeout=360s 31 | - --snapshot-name-prefix=pmax 32 | - --csi-address=$(ADDRESS) 33 | name: snapshotter 34 | snapshotClass: 35 | - name: powermax-snapclass 36 | parameters: 37 | key: val 38 | storageClass: 39 | - default: true 40 | name: bronze 41 | parameters: 42 | SERVICELEVEL: Diamond 43 | SRP: DEFAULT_SRP 44 | SYMID: "000197600197" 45 | reclaimPolicy: Retain 46 | status: 47 | controllerStatus: {} 48 | lastUpdate: 49 | time: null 50 | nodeStatus: {} 51 | -------------------------------------------------------------------------------- /test/driver/auto_unity.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIUnity 3 | metadata: 4 | creationTimestamp: null 5 | name: test-auto-unity 6 | namespace: test-auto-unity 7 | spec: 8 | driver: 9 | common: 10 | image: dellemc/csi-unity:latest 11 | configVersion: v2 12 | controller: {} 13 | node: {} 14 | replicas: 1 15 | sideCars: 16 | - name: snapshotter 17 | snapshotClass: 18 | - name: unity 19 | parameters: 20 | name: test-snap 21 | retentionDuration: "2:2:2:2" 22 | storageClass: 23 | - default: true 24 | name: apm00175023135-iscsi 25 | parameters: 26 | FsType: xfs 27 | arrayId: '"APM00175023135"' 28 | isDataReductionEnabled: '"false"' 29 | protocol: '"iSCSI"' 30 | storagePool: pool_1 31 | thinProvisioned: '"false"' 32 | reclaimPolicy: Retain 33 | status: 34 | controllerStatus: {} 35 | lastUpdate: 36 | time: null 37 | nodeStatus: {} 38 | -------------------------------------------------------------------------------- /test/driver/config.properties: -------------------------------------------------------------------------------- 1 | #Driver type (as of now either 'powermax' or 'unity') 2 | driver_type="powermax" 3 | 4 | 5 | # unity - secret names - Enter the name of secret objects; two objects are required creds and certs 6 | 7 | unity_creds_secret=unity-creds 8 | unity_certs_secret=unity-certs 9 | 10 | # powermax - secret name - Enter the name of secret objects 11 | powermax_secret=powermax-creds 12 | 13 | # IP address of storage array in the form of https:// or https://: 14 | storage_array="https://10.228.207.4:8443/" 15 | 16 | # Cluster prefix [in case of powermax] 17 | X_CSI_K8S_CLUSTER_PREFIX="BCC" 18 | 19 | # Symmetrix ID [in case of powermax] 20 | symmetrixID="000197600197" 21 | 22 | # Namespace for powermax 23 | namespace="powermax" 24 | 25 | 26 | -------------------------------------------------------------------------------- /test/driver/create_yaml.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # This is sample script to show how to create driver custom resource manifests 16 | # First set the environment variables which will be passed by the operatorutils binary to 17 | # generate the yaml files 18 | # The operatorutils code can be modified to read files or read entire directory 19 | # This is just a sample implementation to show how to generate driver manifests easily 20 | #source ./sample_driver_config 21 | source ./powermax_driver_config 22 | #go build ./operatorutils 23 | go run ./operatorutils.go 24 | -------------------------------------------------------------------------------- /test/driver/deleteEntities.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | #This script is to delete the objects created by install script 16 | #Parameters are taken from config.properties 17 | 18 | source ./unity_driver_config 19 | echo "Driver file is $OPERATOR_ENV_DRIVER_MANIFEST" 20 | 21 | # Deletion of Controller and Deletion pod 22 | # ----------------------------------------- 23 | if [ -z "$OPERATOR_ENV_DRIVER_MANIFEST" ]; then 24 | echo "Driver yaml file name is not present in config.properties file; Exiting execution" 25 | exit 1 26 | fi 27 | 28 | if [ -f $OPERATOR_ENV_DRIVER_MANIFEST ];then 29 | echo "$OPERATOR_ENV_DRIVER_MANIFEST present;proceeding further" 30 | else 31 | echo "$OPERATOR_ENV_DRIVER_MANIFEST is not present;Exiting the execution" 32 | exit 1 33 | fi 34 | 35 | 36 | #cd ../../test/driver/ 37 | 38 | target_yaml_file=$OPERATOR_ENV_DRIVER_MANIFEST 39 | echo "About to delete the driver pods..." 40 | kubectl delete -f $target_yaml_file 41 | delete_pod_validation=$? 42 | sleep 5 43 | if [ "$delete_pod_validation" -ne 0 ]; then 44 | echo "Pod deletion - command failed; Terminating the script" 45 | exit 1 46 | else 47 | echo "Deleting the pod - command successful; Proceeding further..." 48 | fi 49 | sleep 60 50 | 51 | pod_validation=`kubectl get pods -n $OPERATOR_ENV_DRIVER_NAMESPACE` 52 | 53 | if [ -z "$pod_validation" ] 54 | then 55 | echo "**************************************************" 56 | echo "Controller and node pod got deleted successfully" 57 | echo "**************************************************" 58 | echo "About to execute Operator uninstallation" 59 | else 60 | echo "Pods still exists;Problem in Deleting Controller/node pod" 61 | exit 1 62 | fi 63 | 64 | # Deletion of CSI-Operator 65 | # ------------------------------- 66 | 67 | echo "Deleting csi-operator via uninstall script" 68 | cd ../../ && sh scripts/uninstall.sh 69 | if [ "$?" -ne 0 ]; then 70 | echo "Problem in executing uninstall.sh" 71 | echo "Check the presence of csi-operator by the command kubectl get pods" 72 | echo "Exiting the script without checking csi-drivers" 73 | exit 1 74 | fi 75 | sleep 60 76 | cd test/driver 77 | operator_pod_validation=`kubectl get pods` 78 | sleep 10 79 | if [ -z "$operator_pod_validation" ] 80 | then 81 | echo "******************************************" 82 | echo "csi-operator got uninstalled successfully" 83 | echo "******************************************" 84 | else 85 | echo "Problem in undeploying dell-csi-operator; operator may still be present.." 86 | echo "Check the existence of dell-csi-operator by the command kubectl get pods" 87 | echo "Exiting the script without checking csi-drivers" 88 | exit 1 89 | fi 90 | 91 | -------------------------------------------------------------------------------- /test/driver/sample_driver_config: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | export OPERATOR_ENV_DRIVER_MANIFEST=auto_powermax.yaml 3 | export OPERATOR_ENV_DRIVER_TYPE=csi-powermax 4 | export OPERATOR_ENV_DRIVER_NAME=powermax 5 | export OPERATOR_ENV_DRIVER_NAMESPACE=powermax 6 | export OPERATOR_ENV_DRIVER_IMAGE="dellemc/csi-powermax:v1.5.0.000R" 7 | export OPERATOR_ENV_DRIVER_CONFIG_VERSION=v4 8 | export OPERATOR_ENV_DRIVER_REPLICAS=2 9 | export OPERATOR_ENV_COMMON_X_CSI_K8S_CLUSTER_PREFIX=BCC 10 | export OPERATOR_ENV_COMMON_X_CSI_POWERMAX_PORTGROUPS="csi_pg1" 11 | export OPERATOR_ENV_COMMON_X_CSI_POWERMAX_ARRAYS="000197600197" 12 | export OPERATOR_ENV_COMMON_X_CSI_TRANSPORT_PROTOCOL="iscsi" 13 | export OPERATOR_ENV_COMMON_X_CSI_POWERMAX_ENDPOINT=https://10.228.207.4:8443 14 | export OPERATOR_ENV_SIDECAR1_NAME=snapshotter 15 | export OPERATOR_ENV_SIDECAR1_ARGS='["--v=5","--snapshot-name-uuid-length=10","--timeout=360s","--snapshot-name-prefix=pmax","--csi-address=$(ADDRESS)"]' 16 | export OPERATOR_ENV_STORAGECLASS1_NAME="bronze" 17 | export OPERATOR_ENV_STORAGECLASS1_DEFAULTSC="true" 18 | export OPERATOR_ENV_STORAGEARRAY="000197600197" 19 | export OPERATOR_ENV_STORAGECLASS1_RECLAIM_POLICY="Retain" 20 | export OPERATOR_ENV_STORAGECLASS1_PARAMETERS='["SRP=DEFAULT_SRP","SERVICELEVEL=Diamond","SYMID=000197600197"]' 21 | export OPERATOR_ENV_VOLUMESNAPSHOTCLASS1_NAME="powermax-snapclass" 22 | export OPERATOR_ENV_VOLUMESNAPSHOTCLASS1_PARAMETERS='["key=val"]' 23 | -------------------------------------------------------------------------------- /test/driver/uninstall_driver_operator.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 4 | # 5 | # Licensed under the Apache License, Version 2.0 (the "License"); 6 | # you may not use this file except in compliance with the License. 7 | # You may obtain a copy of the License at 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | # Shell script to deploy operators and to create CSI Drivers 16 | 17 | source ./sample_driver_config 18 | 19 | #Uninstall teh driver 20 | 21 | kubectl delete -f $OPERATOR_ENV_DRIVER_MANIFEST 22 | 23 | # Uninstall the operator 24 | cd ../../ && sh scripts/uninstall.sh > ./test/driver/deploy_output.log 25 | 26 | 27 | 28 | -------------------------------------------------------------------------------- /test/driver/unity_driver_config: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | export OPERATOR_ENV_DRIVER_MANIFEST=auto_unity.yaml 3 | export OPERATOR_ENV_DRIVER_TYPE=csi-unity 4 | export OPERATOR_ENV_DRIVER_NAME=test-auto-unity 5 | export OPERATOR_ENV_DRIVER_NAMESPACE=test-auto-unity 6 | export OPERATOR_ENV_DRIVER_IMAGE=""dellemc/csi-unity:latest"" 7 | export OPERATOR_ENV_DRIVER_CONFIG_VERSION=v2 8 | #export OPERATOR_ENV_COMMON_X_CSI_K8S_CLUSTER_PREFIX=KPC 9 | #export OPERATOR_ENV_COMMON_X_CSI_POWERMAX_ENDPOINT=https://10.247.73.133:8443 10 | export OPERATOR_ENV_SIDECAR1_NAME=snapshotter 11 | #export OPERATOR_ENV_SIDECAR1_ARGS='["name=test-snap","retentionDuration="""]' 12 | export OPERATOR_ENV_STORAGECLASS1_NAME="apm00175023135-iscsi" 13 | export OPERATOR_ENV_STORAGECLASS1_DEFAULTSC="true" 14 | export OPERATOR_ENV_STORAGECLASS1_RECLAIM_POLICY="Retain" 15 | export OPERATOR_ENV_STORAGECLASS1_PARAMETERS='["FsType=xfs","arrayId="APM00175023135"","isDataReductionEnabled="false"","protocol="iSCSI"","storagePool=pool_1","thinProvisioned="false""]' 16 | export OPERATOR_ENV_VOLUMESNAPSHOTCLASS1_NAME="unity" 17 | export OPERATOR_ENV_VOLUMESNAPSHOTCLASS1_PARAMETERS='["name=test-snap","retentionDuration=2:2:2:2"]' 18 | -------------------------------------------------------------------------------- /test/integration-tests/cr/isilon.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "storage.dell.com/v1", 3 | "kind": "CSIIsilon", 4 | "metadata": { 5 | "name": "test-isilon", 6 | "namespace": "test-isilon" 7 | }, 8 | "spec": { 9 | "driver": { 10 | "configVersion": "v3", 11 | "replicas": 1, 12 | "common": { 13 | "image": "dellemc/csi-isilon:v1.3.0.000R", 14 | "imagePullPolicy": "Always", 15 | "envs": [ 16 | { 17 | "name": "X_CSI_VERBOSE", 18 | "value": "1" 19 | }, 20 | { 21 | "name": "X_CSI_ISI_ENDPOINT", 22 | "value": "10.247.96.195" 23 | }, 24 | { 25 | "name": "X_CSI_ISI_PORT", 26 | "value": "8080" 27 | }, 28 | { 29 | "name": "X_CSI_ISI_PATH", 30 | "value": "/ifs/data/csi" 31 | }, 32 | { 33 | "name": "X_CSI_ISILON_NO_PROBE_ON_START", 34 | "value": "false" 35 | }, 36 | { 37 | "name": "X_CSI_ISI_AUTOPROBE", 38 | "value": "true" 39 | }, 40 | { 41 | "name": "X_CSI_ISI_INSECURE", 42 | "value": "true" 43 | }, 44 | { 45 | "name": "X_CSI_DEBUG", 46 | "value": "true" 47 | } 48 | ] 49 | }, 50 | "controller": { 51 | "envs": [ 52 | { 53 | "name": "X_CSI_ISI_QUOTA_ENABLED", 54 | "value": "true" 55 | }, 56 | { 57 | "name": "X_CSI_ISI_ACCESS_ZONE", 58 | "value": "System" 59 | } 60 | ] 61 | }, 62 | "node": { 63 | "envs": [ 64 | { 65 | "name": "X_CSI_ISILON_NFS_V3", 66 | "value": "false" 67 | } 68 | ] 69 | }, 70 | "sideCars": [ 71 | { 72 | "name": "provisioner", 73 | "image": "quay.io/k8scsi/csi-provisioner:v1.2.1", 74 | "imagePullPolicy": "IfNotPresent", 75 | "args": [ 76 | "--volume-name-prefix=csi-vol" 77 | ] 78 | }, 79 | { 80 | "name": "attacher", 81 | "image": "quay.io/k8scsi/csi-attacher:v1.2.1", 82 | "imagePullPolicy": "IfNotPresent" 83 | }, 84 | { 85 | "name": "snapshotter", 86 | "image": "quay.io/k8scsi/csi-snapshotter:v1.2.0", 87 | "imagePullPolicy": "IfNotPresent", 88 | "args": [ 89 | "--snapshot-name-prefix=csi-snap" 90 | ] 91 | }, 92 | { 93 | "name": "registrar", 94 | "image": "quay.io/k8scsi/csi-node-driver-registrar:v1.1.0", 95 | "imagePullPolicy": "IfNotPresent" 96 | } 97 | ], 98 | "storageClass": [ 99 | { 100 | "name": "sc", 101 | "reclaimPolicy": "Delete", 102 | "default": true, 103 | "parameters": { 104 | "AccessZone": "System", 105 | "IsiPath": "/ifs/data/csi", 106 | "AzServiceIP": "10.247.96.195", 107 | "RootClientEnabled": "false" 108 | } 109 | } 110 | ], 111 | "snapshotClass": [ 112 | { 113 | "name": "vsc", 114 | "parameters": { 115 | "IsiPath": "/ifs/data/csi" 116 | } 117 | } 118 | ] 119 | } 120 | } 121 | } -------------------------------------------------------------------------------- /test/integration-tests/cr/powermax.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "storage.dell.com/v1", 3 | "kind": "CSIPowerMax", 4 | "metadata": { 5 | "name": "test-powermax", 6 | "namespace": "test-powermax" 7 | }, 8 | "spec": { 9 | "driver": { 10 | "configVersion": "v1", 11 | "replicas": 1, 12 | "forceUpdate": false, 13 | "common": { 14 | "image": "10.243.149.79:8443/csi-powermax:v1.3.0.008X", 15 | "imagePullPolicy": "IfNotPresent", 16 | "envs": [ 17 | { 18 | "name": "X_CSI_POWERMAX_ENDPOINT", 19 | "value": "https://10.247.73.133:8443" 20 | }, 21 | { 22 | "name": "X_CSI_K8S_CLUSTER_PREFIX", 23 | "value": "ADD" 24 | }, 25 | { 26 | "name": "X_CSI_POWERMAX_PORTGROUPS", 27 | "value": "iscsi_ports" 28 | } 29 | ] 30 | }, 31 | "sideCars": [ 32 | { 33 | "name": "snapshotter" 34 | } 35 | ], 36 | "storageClass": [ 37 | { 38 | "name": "bronze", 39 | "default": true, 40 | "reclaimPolicy": "Delete", 41 | "parameters": { 42 | "SYMID": "000197900046", 43 | "SRP": "SRP_1", 44 | "ServiceLevel": "Bronze" 45 | } 46 | } 47 | ], 48 | "snapshotClass": [ 49 | { 50 | "name": "powermax-snapclass" 51 | } 52 | ] 53 | } 54 | } 55 | } -------------------------------------------------------------------------------- /test/integration-tests/cr/powerstore.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "storage.dell.com/v1", 3 | "kind": "CSIPowerStore", 4 | "metadata": { 5 | "name": "powerstore", 6 | "namespace": "powerstore" 7 | }, 8 | "spec": { 9 | "driver": { 10 | "common": { 11 | "envs": [ 12 | { 13 | "name": "X_CSI_POWERSTORE_ENDPOINT", 14 | "value": "https://10.230.42.95/api/rest" 15 | }, 16 | { 17 | "name": "X_CSI_POWERSTORE_NODE_NAME_PREFIX", 18 | "value": "csi" 19 | }, 20 | { 21 | "name": "X_CSI_TRANSPORT_PROTOCOL", 22 | "value": "ISCSI" 23 | }, 24 | { 25 | "name": "X_CSI_FC_PORTS_FILTER_FILE_PATH", 26 | "value": "/etc/fc-ports-filter" 27 | } 28 | ], 29 | "image": "dellemc/csi-powerstore:latest", 30 | "imagePullPolicy": "IfNotPresent" 31 | }, 32 | "configVersion": "v2", 33 | "forceUpdate": false, 34 | "node": { 35 | "envs": [ 36 | { 37 | "name": "X_CSI_POWERSTORE_ENABLE_CHAP", 38 | "value": "false" 39 | } 40 | ] 41 | }, 42 | "replicas": 1, 43 | "snapshotClass": [ 44 | { 45 | "name": "powerstore-snapshot" 46 | } 47 | ], 48 | "storageClass": [ 49 | { 50 | "default": true, 51 | "name": "powerstore", 52 | "parameters": { 53 | "csi.storage.k8s.io/fstype": "ext4" 54 | }, 55 | "reclaimPolicy": "Delete" 56 | }, 57 | { 58 | "name": "powerstore-xfs", 59 | "parameters": { 60 | "csi.storage.k8s.io/fstype": "xfs" 61 | }, 62 | "reclaimPolicy": "Delete" 63 | }, 64 | { 65 | "allowedTopologies": [ 66 | { 67 | "matchLabelExpressions": [ 68 | { 69 | "key": "csi-powerstore.dellemc.com/10.230.42.95-nfs", 70 | "values": [ 71 | "true" 72 | ] 73 | } 74 | ] 75 | } 76 | ], 77 | "name": "powerstore-nfs", 78 | "parameters": { 79 | "csi.storage.k8s.io/fstype": "nfs", 80 | "nasName": "nas-server" 81 | }, 82 | "reclaimPolicy": "Delete" 83 | } 84 | ] 85 | } 86 | } 87 | } 88 | -------------------------------------------------------------------------------- /test/integration-tests/cr/unity.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "storage.dell.com/v1", 3 | "kind": "CSIUnity", 4 | "metadata": { 5 | "name": "test-unity", 6 | "namespace": "test-unity" 7 | }, 8 | "spec": { 9 | "driver": { 10 | "configVersion": "v1", 11 | "replicas": 1, 12 | "common": { 13 | "image": "dellemc/csi-unity:v1.1.0.000R", 14 | "imagePullPolicy": "IfNotPresent", 15 | "envs": [ 16 | { 17 | "name": "X_CSI_UNITY_DEBUG", 18 | "value": "true" 19 | }, 20 | { 21 | "name": "X_CSI_UNITY_ENDPOINT", 22 | "value": "https://10.247.55.82" 23 | }, 24 | { 25 | "name": "X_CSI_UNITY_INSECURE", 26 | "value": "true" 27 | } 28 | ] 29 | }, 30 | "sideCars": [ 31 | { 32 | "name": "provisioner", 33 | "image": "quay.io/k8scsi/csi-provisioner:v1.2.1", 34 | "imagePullPolicy": "IfNotPresent", 35 | "args": [ 36 | "--volume-name-prefix=csivol" 37 | ] 38 | }, 39 | { 40 | "name": "attacher", 41 | "image": "quay.io/k8scsi/csi-attacher:v1.2.1", 42 | "imagePullPolicy": "IfNotPresent" 43 | } 44 | ], 45 | "storageClass": [ 46 | { 47 | "name": "fc", 48 | "default": true, 49 | "reclaimPolicy": "Delete", 50 | "parameters": { 51 | "storagepool": "pool_1", 52 | "protocol": "FC" 53 | } 54 | }, 55 | { 56 | "name": "iscsi", 57 | "reclaimPolicy": "Delete", 58 | "parameters": { 59 | "storagepool": "pool_1", 60 | "protocol": "iSCSI" 61 | } 62 | } 63 | ], 64 | "snapshotClass": [ 65 | { 66 | "name": "test-snap", 67 | "parameters": { 68 | "retentionDuration": "1:1:1:1" 69 | } 70 | }, 71 | { 72 | "name": "test1-snap", 73 | "parameters": { 74 | "retentionDuration": "2:2:2:2" 75 | } 76 | } 77 | ] 78 | } 79 | } 80 | } -------------------------------------------------------------------------------- /test/integration-tests/cr/vxflexos.json: -------------------------------------------------------------------------------- 1 | { 2 | "apiVersion": "storage.dell.com/v1", 3 | "kind": "CSIVXFlexOS", 4 | "metadata": { 5 | "name": "test-vxflexos", 6 | "namespace": "test-vxflexos" 7 | }, 8 | "spec": { 9 | "driver": { 10 | "configVersion": "v3", 11 | "replicas": 1, 12 | "common": { 13 | "image": "dellemc/vxflexos:v2.1.0", 14 | "imagePullPolicy": "IfNotPresent", 15 | "envs": [ 16 | { 17 | "name": "X_CSI_VXFLEXOS_SYSTEMNAME", 18 | "value": "4d4a2e5a36080e0f" 19 | }, 20 | { 21 | "name": "X_CSI_VXFLEXOS_ENDPOINT", 22 | "value": "https://10.247.38.41" 23 | }, 24 | { 25 | "name": "X_CSI_VXFLEXOS_ENABLELISTVOLUMESNAPSHOT", 26 | "value": "false" 27 | }, 28 | { 29 | "name": "X_CSI_VXFLEXOS_ENABLESNAPSHOTCGDELETE", 30 | "value": "false" 31 | }, 32 | { 33 | "name": "X_CSI_DEBUG", 34 | "value": "true" 35 | } 36 | ] 37 | }, 38 | "storageClass": [ 39 | { 40 | "name": "vxflexos", 41 | "default": true, 42 | "reclaimPolicy": "Delete", 43 | "parameters": { 44 | "storagepool": "pool_20190320123801" 45 | }, 46 | "allowedTopologies": [ 47 | { 48 | "matchLabelExpressions": [ 49 | { 50 | "key": "csi-vxflexos.dellemc.com/4d4a2e5a36080e0f", 51 | "values": [ 52 | "csi-vxflexos.dellemc.com" 53 | ] 54 | } 55 | ] 56 | } 57 | ] 58 | }, 59 | { 60 | "name": "vxflexos-xfs", 61 | "default": false, 62 | "reclaimPolicy": "Delete", 63 | "parameters": { 64 | "storagepool": "pool_20190320123801", 65 | "FsType": "xfs" 66 | }, 67 | "allowedTopologies": [ 68 | { 69 | "matchLabelExpressions": [ 70 | { 71 | "key": "csi-vxflexos.dellemc.com/4d4a2e5a36080e0f", 72 | "values": [ 73 | "csi-vxflexos.dellemc.com" 74 | ] 75 | } 76 | ] 77 | } 78 | ] 79 | } 80 | ], 81 | "snapshotClass": [ 82 | { 83 | "name": "vxflexos-snapclass" 84 | } 85 | ] 86 | } 87 | } 88 | } 89 | -------------------------------------------------------------------------------- /test/integration-tests/test.properties: -------------------------------------------------------------------------------- 1 | UNITY_UNISPHERE_URL= 2 | UNITY_UNISPHERE_USER= 3 | UNITY_UNISPHERE_PASSWORD= 4 | UNITY_UNISPHERE_INSECURE=true 5 | X_CSI_ISI_USER=root 6 | X_CSI_ISI_PASSWORD=Is1l0n 7 | X_CSI_VXFLEXOS_USER=admin 8 | X_CSI_VXFLEXOS_PASSWORD=Password123! 9 | X_CSI_POWERMAX_USER= 10 | X_CSI_POWERMAX_PASSWORD= 11 | X_CSI_POWERMAX_CHAP_SECRET= 12 | X_CSI_POWERMAX_DRIVER_NAME= 13 | X_CSI_POWERSTORE_USER=admin 14 | X_CSI_POWERSTORE_PASSWORD=Password123! 15 | 16 | -------------------------------------------------------------------------------- /test/integration-tests/utils/namespaces.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright © 2022 Dell Inc. or its subsidiaries. All Rights Reserved. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | Unless required by applicable law or agreed to in writing, software 9 | distributed under the License is distributed on an "AS IS" BASIS, 10 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | See the License for the specific language governing permissions and 12 | limitations under the License. 13 | */ 14 | 15 | package util 16 | 17 | import ( 18 | "context" 19 | "fmt" 20 | 21 | corev1 "k8s.io/api/core/v1" 22 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 23 | "k8s.io/client-go/kubernetes" 24 | ) 25 | 26 | // CreateNamespace creates a namespace with the specified name using the provided client. 27 | func CreateNamespace(namespace string, kubeClient kubernetes.Interface) error { 28 | var err error 29 | fmt.Printf("Creating namespace '%s'...\n", namespace) 30 | 31 | ns := &corev1.Namespace{ 32 | ObjectMeta: metav1.ObjectMeta{ 33 | Name: namespace, 34 | }, 35 | } 36 | 37 | ns, err = kubeClient.CoreV1().Namespaces().Create(context.Background(), ns, metav1.CreateOptions{}) 38 | if err != nil { 39 | fmt.Printf("Failed to create namespace '%s': %v", namespace, err) 40 | return err 41 | } 42 | 43 | fmt.Printf("Successfully created namespace '%s'\n", ns.Name) 44 | return nil 45 | } 46 | 47 | // DeleteNamespace deletes a namespace with the specified name using the provided client. 48 | func DeleteNamespace(namespace string, kubeClient kubernetes.Interface) error { 49 | var err error 50 | fmt.Printf("Deleting namespace '%s'...\n", namespace) 51 | 52 | err = kubeClient.CoreV1().Namespaces().Delete(context.Background(), namespace, metav1.DeleteOptions{}) 53 | if err != nil { 54 | fmt.Printf("Failed to delete namespace '%s': %v", namespace, err) 55 | return err 56 | } 57 | 58 | fmt.Printf("Successfully deleted namespace '%s'\n", namespace) 59 | return nil 60 | } 61 | 62 | // NamespaceExists determines whether a namespace with the specified name exists using the provided client. 63 | func NamespaceExists(namespace string, kubeClient kubernetes.Interface) bool { 64 | var err error 65 | 66 | nss, err := kubeClient.CoreV1().Namespaces().List(context.Background(), metav1.ListOptions{}) 67 | if err != nil { 68 | fmt.Printf("Failed to list namespaces %v", err) 69 | return false 70 | } 71 | for _, ns := range nss.Items { 72 | if ns.Name == namespace { 73 | return true 74 | } 75 | } 76 | 77 | return false 78 | } 79 | -------------------------------------------------------------------------------- /test/testdata/csiisilon/01-simple-deployment/in-csiisilon-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: isilon-creds 5 | # Set driver namespace 6 | namespace: test-isilon 7 | type: Opaque 8 | data: 9 | # set username to the base64 encoded username 10 | username: YWRtaW4= 11 | # set password to the base64 encoded password 12 | password: YWRtaW4= -------------------------------------------------------------------------------- /test/testdata/csiisilon/01-simple-deployment/out-clusterrole-node.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: test-isilon-node 5 | ownerReferences: 6 | - blockOwnerDeletion: true 7 | controller: true 8 | name: test-isilon-test-isilon-dummy 9 | rules: 10 | - apiGroups: 11 | - "" 12 | resources: 13 | - events 14 | verbs: 15 | - create 16 | - list 17 | - patch 18 | - update 19 | - watch 20 | - apiGroups: 21 | - "" 22 | resources: 23 | - nodes 24 | verbs: 25 | - create 26 | - get 27 | - list 28 | - patch 29 | - update 30 | - watch 31 | - apiGroups: 32 | - "" 33 | resources: 34 | - persistentvolumes 35 | verbs: 36 | - create 37 | - delete 38 | - get 39 | - list 40 | - update 41 | - watch 42 | - apiGroups: 43 | - "" 44 | resources: 45 | - persistentvolumeclaims 46 | verbs: 47 | - get 48 | - list 49 | - update 50 | - watch 51 | - apiGroups: 52 | - storage.k8s.io 53 | resources: 54 | - storageclasses 55 | verbs: 56 | - get 57 | - list 58 | - watch 59 | - apiGroups: 60 | - storage.k8s.io 61 | resources: 62 | - volumeattachments 63 | verbs: 64 | - get 65 | - list 66 | - update 67 | - watch 68 | - apiGroups: 69 | - security.openshift.io 70 | resourceNames: 71 | - privileged 72 | resources: 73 | - securitycontextconstraints 74 | verbs: 75 | - use 76 | -------------------------------------------------------------------------------- /test/testdata/csiisilon/01-simple-deployment/out-clusterrolebinding-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: test-isilon-controller 5 | ownerReferences: 6 | - blockOwnerDeletion: true 7 | controller: true 8 | name: test-isilon-test-isilon-dummy 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: ClusterRole 12 | name: test-isilon-controller 13 | subjects: 14 | - kind: ServiceAccount 15 | name: isilon-controller 16 | namespace: test-isilon 17 | -------------------------------------------------------------------------------- /test/testdata/csiisilon/01-simple-deployment/out-clusterrolebinding-node.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: test-isilon-node 5 | ownerReferences: 6 | - blockOwnerDeletion: true 7 | controller: true 8 | name: test-isilon-test-isilon-dummy 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: ClusterRole 12 | name: test-isilon-node 13 | subjects: 14 | - kind: ServiceAccount 15 | name: isilon-node 16 | namespace: test-isilon 17 | 18 | -------------------------------------------------------------------------------- /test/testdata/csiisilon/01-simple-deployment/out-csidriver.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.k8s.io/v1 2 | kind: CSIDriver 3 | metadata: 4 | name: csi-isilon.dellemc.com 5 | ownerReferences: 6 | - blockOwnerDeletion: true 7 | controller: true 8 | name: test-isilon-test-isilon-dummy 9 | spec: 10 | attachRequired: true 11 | podInfoOnMount: true 12 | fsGroupPolicy: "ReadWriteOnceWithFSType" 13 | storageCapacity: false 14 | volumeLifecycleModes: 15 | - Persistent 16 | - Ephemeral -------------------------------------------------------------------------------- /test/testdata/csiisilon/01-simple-deployment/out-csiisilon-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: isilon-creds 5 | # Set driver namespace 6 | namespace: test-isilon 7 | type: Opaque 8 | data: 9 | # set username to the base64 encoded username 10 | username: YWRtaW4= 11 | # set password to the base64 encoded password 12 | password: YWRtaW4= 13 | -------------------------------------------------------------------------------- /test/testdata/csiisilon/01-simple-deployment/out-dummyclusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | labels: 5 | name: test-isilon-test-isilon-dummy 6 | name: test-isilon-test-isilon-dummy 7 | rules: null -------------------------------------------------------------------------------- /test/testdata/csiisilon/01-simple-deployment/out-serviceaccount-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: isilon-controller 5 | namespace: test-isilon 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIIsilon 11 | name: test-isilon 12 | uid: "" 13 | -------------------------------------------------------------------------------- /test/testdata/csiisilon/01-simple-deployment/out-serviceaccount-node.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: isilon-node 5 | namespace: test-isilon 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIIsilon 11 | name: test-isilon 12 | uid: "" 13 | 14 | -------------------------------------------------------------------------------- /test/testdata/csipowermax/01-simple-deployment/in-csipowermax-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: powermax-creds 5 | # Set driver namespace 6 | namespace: test-powermax 7 | type: Opaque 8 | data: 9 | # set username to the base64 encoded username 10 | username: YWRtaW4= 11 | # set password to the base64 encoded password 12 | password: YWRtaW4= 13 | -------------------------------------------------------------------------------- /test/testdata/csipowermax/01-simple-deployment/in-csipowermax.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerMax 3 | metadata: 4 | name: test-powermax 5 | namespace: test-powermax 6 | spec: 7 | driver: 8 | # Config version for CSI PowerMax v2.7.0 driver 9 | configVersion: v2.7.0 10 | # Controller count. Don't increase it 11 | replicas: 1 12 | dnsPolicy: ClusterFirstWithHostNet 13 | forceUpdate: false 14 | storageCapacity: false 15 | common: 16 | # Image for CSI PowerMax driver v2.7.0 17 | image: "dellemc/csi-powermax:v2.7.0" 18 | imagePullPolicy: IfNotPresent 19 | envs: 20 | # Managed Arrays 21 | - name: X_CSI_MANAGED_ARRAYS 22 | value: "000000000000,000000000001" 23 | # Unisphere IP 24 | - name: X_CSI_POWERMAX_ENDPOINT 25 | value: "https://0.0.0.0:8443/" 26 | # Change this to a 3 character prefix unique for this cluster 27 | - name: X_CSI_K8S_CLUSTER_PREFIX 28 | value: "XYZ" 29 | # Add a list of comma separated port groups (only for ISCSI) 30 | - name: "X_CSI_POWERMAX_PORTGROUPS" 31 | value: "" 32 | # Optional whitelist of arrays which will be managed by driver 33 | - name: "X_CSI_POWERMAX_ARRAYS" 34 | value: "" 35 | # Preferred transport protocol (FC/ISCSI) 36 | - name: "X_CSI_TRANSPORT_PROTOCOL" 37 | value: "" 38 | node: 39 | envs: 40 | # Enable ISCSI CHAP Authentication 41 | - name: "X_CSI_POWERMAX_ISCSI_ENABLE_CHAP" 42 | value: "false" 43 | sideCars: 44 | # This will install the optional snapshotter sidecar 45 | - name: snapshotter 46 | --- 47 | apiVersion: v1 48 | kind: ConfigMap 49 | metadata: 50 | name: powermax-config-params 51 | namespace: test-powermax 52 | data: 53 | driver-config-params.yaml: | 54 | CSI_LOG_LEVEL: "debug" 55 | CSI_LOG_FORMAT: "JSON" 56 | -------------------------------------------------------------------------------- /test/testdata/csipowermax/01-simple-deployment/in-vcenter-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: vcenter-creds 5 | # Set driver namespace 6 | namespace: test-powermax 7 | type: Opaque 8 | data: 9 | # set username to the base64 encoded username 10 | username: YWRtaW4= 11 | # set password to the base64 encoded password 12 | password: YWRtaW4= -------------------------------------------------------------------------------- /test/testdata/csipowermax/01-simple-deployment/out-clusterrolebinding-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: test-powermax-controller 5 | ownerReferences: 6 | - blockOwnerDeletion: true 7 | controller: true 8 | name: test-powermax-test-powermax-dummy 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: ClusterRole 12 | name: test-powermax-controller 13 | subjects: 14 | - kind: ServiceAccount 15 | name: powermax-controller 16 | namespace: test-powermax 17 | -------------------------------------------------------------------------------- /test/testdata/csipowermax/01-simple-deployment/out-csidriver.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.k8s.io/v1 2 | kind: CSIDriver 3 | metadata: 4 | name: csi-powermax.dellemc.com 5 | ownerReferences: 6 | - apiVersion: storage.dell.com/v1 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: CSIPowerMax 10 | name: test-powermax 11 | spec: 12 | attachRequired: true 13 | podInfoOnMount: true 14 | fsGroupPolicy: "ReadWriteOnceWithFSType" 15 | storageCapacity: false 16 | volumeLifecycleModes: 17 | - Persistent 18 | -------------------------------------------------------------------------------- /test/testdata/csipowermax/01-simple-deployment/out-csipowermax-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: powermax-creds 5 | # Set driver namespace 6 | namespace: test-powermax 7 | type: Opaque 8 | data: 9 | # set username to the base64 encoded username 10 | username: YWRtaW4= 11 | # set password to the base64 encoded password 12 | password: YWRtaW4= 13 | --- 14 | apiVersion: v1 15 | kind: Secret 16 | metadata: 17 | name: vcenter-creds 18 | # Set driver namespace 19 | namespace: test-powermax 20 | type: Opaque 21 | data: 22 | # set username to the base64 encoded username 23 | username: YWRtaW4= 24 | # set password to the base64 encoded password 25 | password: YWRtaW4= -------------------------------------------------------------------------------- /test/testdata/csipowermax/01-simple-deployment/out-csipowermax.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerMax 3 | metadata: 4 | name: test-powermax 5 | namespace: test-powermax 6 | annotations: 7 | storage.dell.com/CSIDriverConfigVersion: v2.7.0 8 | storage.dell.com/attacher.Image: registry.k8s.io/sig-storage/csi-attacher:v4.3.0 9 | storage.dell.com/attacher.Image.IsDefault: "true" 10 | storage.dell.com/provisioner.Image: registry.k8s.io/sig-storage/csi-provisioner:v3.5.0 11 | storage.dell.com/provisioner.Image.IsDefault: "true" 12 | storage.dell.com/registrar.Image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0 13 | storage.dell.com/registrar.Image.IsDefault: "true" 14 | storage.dell.com/resizer.Image: registry.k8s.io/sig-storage/csi-resizer:v1.8.0 15 | storage.dell.com/resizer.Image.IsDefault: "true" 16 | storage.dell.com/snapshotter.Image: registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2 17 | storage.dell.com/snapshotter.Image.IsDefault: "true" 18 | finalizers: 19 | - "finalizer.dell.emc.com" 20 | spec: 21 | driver: 22 | configVersion: v2.7.0 23 | replicas: 1 24 | dnsPolicy: ClusterFirstWithHostNet 25 | common: 26 | image: "dellemc/csi-powermax:v2.7.0" 27 | imagePullPolicy: IfNotPresent 28 | envs: 29 | - name: X_CSI_MANAGED_ARRAYS 30 | value: "000000000000,000000000001" 31 | - name: X_CSI_POWERMAX_ENDPOINT 32 | value: "https://0.0.0.0:8443/" 33 | - name: X_CSI_K8S_CLUSTER_PREFIX 34 | value: "XYZ" 35 | - name: "X_CSI_POWERMAX_PORTGROUPS" 36 | value: "" 37 | - name: "X_CSI_POWERMAX_ARRAYS" 38 | value: "" 39 | - name: "X_CSI_TRANSPORT_PROTOCOL" 40 | value: "" 41 | node: 42 | envs: 43 | - name: "X_CSI_POWERMAX_ISCSI_ENABLE_CHAP" 44 | value: "false" 45 | sideCars: 46 | - image: registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2 47 | imagePullPolicy: IfNotPresent 48 | name: snapshotter 49 | - image: registry.k8s.io/sig-storage/csi-provisioner:v3.5.0 50 | imagePullPolicy: IfNotPresent 51 | name: provisioner 52 | - image: registry.k8s.io/sig-storage/csi-attacher:v4.3.0 53 | imagePullPolicy: IfNotPresent 54 | name: attacher 55 | - image: registry.k8s.io/sig-storage/csi-resizer:v1.8.0 56 | imagePullPolicy: IfNotPresent 57 | name: resizer 58 | - image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0 59 | imagePullPolicy: IfNotPresent 60 | name: registrar 61 | status: 62 | controllerStatus: 63 | stopped: 64 | - "powermax-controller" 65 | nodeStatus: 66 | stopped: 67 | - "powermax-node" 68 | driverHash: 0x4b5f4832 69 | state: "Succeeded" 70 | lastUpdate: 71 | condition: "Succeeded" 72 | time: "2020-06-22T12:52:28Z" 73 | -------------------------------------------------------------------------------- /test/testdata/csipowermax/01-simple-deployment/out-dummyclusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | labels: 5 | name: test-powermax-test-powermax-dummy 6 | name: test-powermax-test-powermax-dummy 7 | rules: null -------------------------------------------------------------------------------- /test/testdata/csipowermax/01-simple-deployment/out-serviceaccount-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: powermax-controller 5 | namespace: test-powermax 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIPowerMax 11 | name: test-powermax 12 | uid: "" -------------------------------------------------------------------------------- /test/testdata/csipowermax/01-simple-deployment/out-vcenter-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: vcenter-creds 5 | # Set driver namespace 6 | namespace: test-powermax 7 | type: Opaque 8 | data: 9 | # set username to the base64 encoded username 10 | username: YWRtaW4= 11 | # set password to the base64 encoded password 12 | password: YWRtaW4= -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/01-simple-linked-deployment/in-csipowermaxrevorixytlssecret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: csirevproxy-tls-secret 5 | namespace: test-powermax 6 | data: 7 | tls.crt: >- 8 | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNJakNDQWFpZ0F3SUJBZ0lKQUo1WVVxYVJjWjk4TUFvR0NDcUdTTTQ5QkFNQ01FOHhDekFKQmdOVkJBWVQKQWxWVE1Rc3dDUVlEVlFRSURBSk5RVEVTTUJBR0ExVUVCd3dKU0U5UVMwbE9WRTlPTVJBd0RnWURWUVFLREFkRQpSVXhNUlUxRE1RMHdDd1lEVlFRTERBUklSVk5UTUI0WERUSXdNRFF5TkRFd01qVTFObG9YRFRNd01EUXlNakV3Ck1qVTFObG93VHpFTE1Ba0dBMVVFQmhNQ1ZWTXhDekFKQmdOVkJBZ01BazFCTVJJd0VBWURWUVFIREFsSVQxQkwKU1U1VVQwNHhFREFPQmdOVkJBb01CMFJGVEV4RlRVTXhEVEFMQmdOVkJBc01CRWhGVTFNd2RqQVFCZ2NxaGtqTwpQUUlCQmdVcmdRUUFJZ05pQUFUdXVxRWFWQnVtM2MxZFQvaVpTOXllMUtGQVQ4VXJsNVRrbmgxdWtsOFQydDRuClhKdFoxUkM5VG94aGpSRXJNQ2ExT3ZUeGNUZVBRS2FqOXo4c2ZMOTQxaGRheG04RmhnTjF2SEM1M2Y4MWdnSkgKZUJjOHFZNGVjS0RwbWlMVUtCV2pVREJPTUIwR0ExVWREZ1FXQkJUL2V2dHVla0xKTlo5eEFrUVVNSkpWcGJ2UQo1VEFmQmdOVkhTTUVHREFXZ0JUL2V2dHVla0xKTlo5eEFrUVVNSkpWcGJ2UTVUQU1CZ05WSFJNRUJUQURBUUgvCk1Bb0dDQ3FHU000OUJBTUNBMmdBTUdVQ01CMUNRckxOaEw3WHRwRUMyMnZHMGdwVXZVZ3c3MU1BRmROK3dOTXAKait5N2pvZkZSZE1KUG1HeUhVWmRka0s4c1FJeEFLaVVCdThJZUlTQmxEaGE0NlRzWnZyZjFqc0Y2OHByNitCUApHSHFrb1JCL0I5Rm16TW90bFVFL29xYjJwVk1ScHc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== 9 | tls.key: >- 10 | LS0tLS1CRUdJTiBFQyBQQVJBTUVURVJTLS0tLS0KQmdVcmdRUUFJZz09Ci0tLS0tRU5EIEVDIFBBUkFNRVRFUlMtLS0tLQotLS0tLUJFR0lOIEVDIFBSSVZBVEUgS0VZLS0tLS0KTUlHa0FnRUJCRENsK0IzNURmUFRxT1FGMTRxT0tLdFhWdHdWcEdMbGhETVE5bXg3ZGNZdXFIODY3YVk0NXpzMgpPZXJDUDQyY21tMmdCd1lGSzRFRUFDS2haQU5pQUFUdXVxRWFWQnVtM2MxZFQvaVpTOXllMUtGQVQ4VXJsNVRrCm5oMXVrbDhUMnQ0blhKdFoxUkM5VG94aGpSRXJNQ2ExT3ZUeGNUZVBRS2FqOXo4c2ZMOTQxaGRheG04RmhnTjEKdkhDNTNmODFnZ0pIZUJjOHFZNGVjS0RwbWlMVUtCVT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= 11 | type: kubernetes.io/tls -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/01-simple-linked-deployment/in-csipowermaxrevproxy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerMaxRevProxy 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | spec: 7 | # Add fields here 8 | image: dellemc/csipowermax-reverseproxy:v1.4.0.000R 9 | tlsSecret: csirevproxy-tls-secret 10 | config: 11 | mode: Linked #StandAlone 12 | linkConfig: 13 | primary: 14 | url: https://0.0.0.0:8443 15 | skipCertificateValidation: true 16 | backup: 17 | url: https://0.0.0.0:8443 18 | skipCertificateValidation: true 19 | -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/01-simple-linked-deployment/out-configmap.yaml: -------------------------------------------------------------------------------- 1 | kind: ConfigMap 2 | apiVersion: v1 3 | metadata: 4 | name: powermax-reverseproxy-config 5 | namespace: test-powermax 6 | labels: 7 | name: powermax-reverseproxy 8 | ownerReferences: 9 | - apiVersion: storage.dell.com/v1 10 | blockOwnerDeletion: true 11 | controller: true 12 | kind: CSIPowerMaxRevProxy 13 | name: powermax-reverseproxy 14 | uid: "" 15 | data: 16 | config.yaml: | 17 | mode: Linked 18 | port: 2222 19 | linkConfig: 20 | primary: 21 | url: https://0.0.0.0:8443 22 | skipCertificateValidation: true 23 | backup: 24 | url: https://0.0.0.0:8443 25 | skipCertificateValidation: true 26 | -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/01-simple-linked-deployment/out-csipowermaxrevproxy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerMaxRevProxy 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | spec: 7 | # Add fields here 8 | image: dellemc/csipowermax-reverseproxy:v1.4.0.000R 9 | tlsSecret: csirevproxy-tls-secret 10 | config: 11 | mode: Linked #StandAlone 12 | linkConfig: 13 | primary: 14 | url: https://0.0.0.0:8443 15 | skipCertificateValidation: true 16 | backup: 17 | url: https://0.0.0.0:8443 18 | skipCertificateValidation: true 19 | status: 20 | lastUpdate: 21 | condition: Succeeded 22 | time: '2020-08-31T10:34:49Z' 23 | proxyHash: 0xe1dde2db 24 | proxyStatus: 25 | stopped: 26 | - powermax-reverseproxy 27 | state: Succeeded 28 | -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/01-simple-linked-deployment/out-csipowermaxtlssecret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: csirevproxy-tls-secret 5 | namespace: test-powermax 6 | data: 7 | tls.crt: >- 8 | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNJakNDQWFpZ0F3SUJBZ0lKQUo1WVVxYVJjWjk4TUFvR0NDcUdTTTQ5QkFNQ01FOHhDekFKQmdOVkJBWVQKQWxWVE1Rc3dDUVlEVlFRSURBSk5RVEVTTUJBR0ExVUVCd3dKU0U5UVMwbE9WRTlPTVJBd0RnWURWUVFLREFkRQpSVXhNUlUxRE1RMHdDd1lEVlFRTERBUklSVk5UTUI0WERUSXdNRFF5TkRFd01qVTFObG9YRFRNd01EUXlNakV3Ck1qVTFObG93VHpFTE1Ba0dBMVVFQmhNQ1ZWTXhDekFKQmdOVkJBZ01BazFCTVJJd0VBWURWUVFIREFsSVQxQkwKU1U1VVQwNHhFREFPQmdOVkJBb01CMFJGVEV4RlRVTXhEVEFMQmdOVkJBc01CRWhGVTFNd2RqQVFCZ2NxaGtqTwpQUUlCQmdVcmdRUUFJZ05pQUFUdXVxRWFWQnVtM2MxZFQvaVpTOXllMUtGQVQ4VXJsNVRrbmgxdWtsOFQydDRuClhKdFoxUkM5VG94aGpSRXJNQ2ExT3ZUeGNUZVBRS2FqOXo4c2ZMOTQxaGRheG04RmhnTjF2SEM1M2Y4MWdnSkgKZUJjOHFZNGVjS0RwbWlMVUtCV2pVREJPTUIwR0ExVWREZ1FXQkJUL2V2dHVla0xKTlo5eEFrUVVNSkpWcGJ2UQo1VEFmQmdOVkhTTUVHREFXZ0JUL2V2dHVla0xKTlo5eEFrUVVNSkpWcGJ2UTVUQU1CZ05WSFJNRUJUQURBUUgvCk1Bb0dDQ3FHU000OUJBTUNBMmdBTUdVQ01CMUNRckxOaEw3WHRwRUMyMnZHMGdwVXZVZ3c3MU1BRmROK3dOTXAKait5N2pvZkZSZE1KUG1HeUhVWmRka0s4c1FJeEFLaVVCdThJZUlTQmxEaGE0NlRzWnZyZjFqc0Y2OHByNitCUApHSHFrb1JCL0I5Rm16TW90bFVFL29xYjJwVk1ScHc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== 9 | tls.key: >- 10 | LS0tLS1CRUdJTiBFQyBQQVJBTUVURVJTLS0tLS0KQmdVcmdRUUFJZz09Ci0tLS0tRU5EIEVDIFBBUkFNRVRFUlMtLS0tLQotLS0tLUJFR0lOIEVDIFBSSVZBVEUgS0VZLS0tLS0KTUlHa0FnRUJCRENsK0IzNURmUFRxT1FGMTRxT0tLdFhWdHdWcEdMbGhETVE5bXg3ZGNZdXFIODY3YVk0NXpzMgpPZXJDUDQyY21tMmdCd1lGSzRFRUFDS2haQU5pQUFUdXVxRWFWQnVtM2MxZFQvaVpTOXllMUtGQVQ4VXJsNVRrCm5oMXVrbDhUMnQ0blhKdFoxUkM5VG94aGpSRXJNQ2ExT3ZUeGNUZVBRS2FqOXo4c2ZMOTQxaGRheG04RmhnTjEKdkhDNTNmODFnZ0pIZUJjOHFZNGVjS0RwbWlMVUtCVT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= 11 | type: kubernetes.io/tls -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/01-simple-linked-deployment/out-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIPowerMaxRevProxy 11 | name: powermax-reverseproxy 12 | uid: "" 13 | spec: 14 | selector: 15 | matchLabels: 16 | name: powermax-reverseproxy 17 | template: 18 | metadata: 19 | labels: 20 | name: powermax-reverseproxy 21 | spec: 22 | serviceAccountName: powermax-reverseproxy 23 | containers: 24 | - name: csireverseproxy 25 | # Replace this with the built image name 26 | image: dellemc/csipowermax-reverseproxy:v1.4.0.000R 27 | imagePullPolicy: IfNotPresent 28 | env: 29 | - name: X_CSI_REVPROXY_CONFIG_DIR 30 | value: /etc/config/configmap 31 | - name: X_CSI_REVPROXY_CONFIG_FILE_NAME 32 | value: config.yaml 33 | - name: X_CSI_REVRPOXY_IN_CLUSTER 34 | value: "true" 35 | - name: X_CSI_REVPROXY_TLS_CERT_DIR 36 | value: /app/tls 37 | - name: X_CSI_REVPROXY_WATCH_NAMESPACE 38 | value: test-powermax #Change this to the namespace where proxy will be installed 39 | volumeMounts: 40 | - name: configmap-volume 41 | mountPath: /etc/config/configmap 42 | - name: tls-secret 43 | mountPath: /app/tls 44 | - name: cert-dir 45 | mountPath: /app/certs 46 | volumes: 47 | - name: configmap-volume 48 | configMap: 49 | name: powermax-reverseproxy-config 50 | optional: false 51 | - name: tls-secret 52 | secret: 53 | secretName: csirevproxy-tls-secret 54 | optional: false 55 | - name: cert-dir 56 | emptyDir: {} 57 | -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/01-simple-linked-deployment/out-role.yaml: -------------------------------------------------------------------------------- 1 | kind: Role 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIPowerMaxRevProxy 11 | name: powermax-reverseproxy 12 | uid: "" 13 | rules: 14 | - apiGroups: [""] 15 | resources: ["secrets"] 16 | verbs: ["list", "watch", "get"] -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/01-simple-linked-deployment/out-rolebinding.yaml: -------------------------------------------------------------------------------- 1 | kind: RoleBinding 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIPowerMaxRevProxy 11 | name: powermax-reverseproxy 12 | uid: "" 13 | subjects: 14 | - kind: ServiceAccount 15 | name: powermax-reverseproxy 16 | namespace: test-powermax 17 | roleRef: 18 | kind: Role 19 | name: powermax-reverseproxy 20 | apiGroup: rbac.authorization.k8s.io -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/01-simple-linked-deployment/out-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | labels: 7 | name: powermax-reverseproxy 8 | ownerReferences: 9 | - apiVersion: storage.dell.com/v1 10 | blockOwnerDeletion: true 11 | controller: true 12 | kind: CSIPowerMaxRevProxy 13 | name: powermax-reverseproxy 14 | uid: "" 15 | spec: 16 | ports: 17 | - port: 2222 18 | protocol: TCP 19 | targetPort: 2222 20 | selector: 21 | name: powermax-reverseproxy 22 | type: ClusterIP 23 | -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/01-simple-linked-deployment/out-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIPowerMaxRevProxy 11 | name: powermax-reverseproxy 12 | uid: "" -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/in-csipowermaxrevproxy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerMaxRevProxy 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | spec: 7 | # Add fields here 8 | image: dellemc/csipowermax-reverseproxy:v1.4.0.000R 9 | tlsSecret: csirevproxy-tls-secret 10 | config: 11 | mode: StandAlone 12 | standAloneConfig: 13 | storageArrays: 14 | - storageArrayId: "000000000001" 15 | primaryURL: https://0.0.0.0:8443 16 | backupURL: https://0.0.0.0:8443 17 | proxyCredentialSecrets: 18 | - powermax-creds 19 | managementServers: 20 | - url: https://0.0.0.0:8443 21 | arrayCredentialSecret: powermax-creds 22 | skipCertificateValidation: true 23 | - url: https://0.0.0.0:8443 24 | arrayCredentialSecret: powermax-creds 25 | skipCertificateValidation: true 26 | -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/in-csipowermaxrevproxytlssecret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: csirevproxy-tls-secret 5 | namespace: test-powermax 6 | data: 7 | tls.crt: >- 8 | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNJakNDQWFpZ0F3SUJBZ0lKQUo1WVVxYVJjWjk4TUFvR0NDcUdTTTQ5QkFNQ01FOHhDekFKQmdOVkJBWVQKQWxWVE1Rc3dDUVlEVlFRSURBSk5RVEVTTUJBR0ExVUVCd3dKU0U5UVMwbE9WRTlPTVJBd0RnWURWUVFLREFkRQpSVXhNUlUxRE1RMHdDd1lEVlFRTERBUklSVk5UTUI0WERUSXdNRFF5TkRFd01qVTFObG9YRFRNd01EUXlNakV3Ck1qVTFObG93VHpFTE1Ba0dBMVVFQmhNQ1ZWTXhDekFKQmdOVkJBZ01BazFCTVJJd0VBWURWUVFIREFsSVQxQkwKU1U1VVQwNHhFREFPQmdOVkJBb01CMFJGVEV4RlRVTXhEVEFMQmdOVkJBc01CRWhGVTFNd2RqQVFCZ2NxaGtqTwpQUUlCQmdVcmdRUUFJZ05pQUFUdXVxRWFWQnVtM2MxZFQvaVpTOXllMUtGQVQ4VXJsNVRrbmgxdWtsOFQydDRuClhKdFoxUkM5VG94aGpSRXJNQ2ExT3ZUeGNUZVBRS2FqOXo4c2ZMOTQxaGRheG04RmhnTjF2SEM1M2Y4MWdnSkgKZUJjOHFZNGVjS0RwbWlMVUtCV2pVREJPTUIwR0ExVWREZ1FXQkJUL2V2dHVla0xKTlo5eEFrUVVNSkpWcGJ2UQo1VEFmQmdOVkhTTUVHREFXZ0JUL2V2dHVla0xKTlo5eEFrUVVNSkpWcGJ2UTVUQU1CZ05WSFJNRUJUQURBUUgvCk1Bb0dDQ3FHU000OUJBTUNBMmdBTUdVQ01CMUNRckxOaEw3WHRwRUMyMnZHMGdwVXZVZ3c3MU1BRmROK3dOTXAKait5N2pvZkZSZE1KUG1HeUhVWmRka0s4c1FJeEFLaVVCdThJZUlTQmxEaGE0NlRzWnZyZjFqc0Y2OHByNitCUApHSHFrb1JCL0I5Rm16TW90bFVFL29xYjJwVk1ScHc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== 9 | tls.key: >- 10 | LS0tLS1CRUdJTiBFQyBQQVJBTUVURVJTLS0tLS0KQmdVcmdRUUFJZz09Ci0tLS0tRU5EIEVDIFBBUkFNRVRFUlMtLS0tLQotLS0tLUJFR0lOIEVDIFBSSVZBVEUgS0VZLS0tLS0KTUlHa0FnRUJCRENsK0IzNURmUFRxT1FGMTRxT0tLdFhWdHdWcEdMbGhETVE5bXg3ZGNZdXFIODY3YVk0NXpzMgpPZXJDUDQyY21tMmdCd1lGSzRFRUFDS2haQU5pQUFUdXVxRWFWQnVtM2MxZFQvaVpTOXllMUtGQVQ4VXJsNVRrCm5oMXVrbDhUMnQ0blhKdFoxUkM5VG94aGpSRXJNQ2ExT3ZUeGNUZVBRS2FqOXo4c2ZMOTQxaGRheG04RmhnTjEKdkhDNTNmODFnZ0pIZUJjOHFZNGVjS0RwbWlMVUtCVT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= 11 | type: kubernetes.io/tls -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/in-powermax-creds.yaml: -------------------------------------------------------------------------------- 1 | kind: Secret 2 | apiVersion: v1 3 | metadata: 4 | name: powermax-creds 5 | namespace: test-powermax 6 | data: 7 | password: c21j 8 | username: c21j 9 | type: Opaque -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/out-configmap.yaml: -------------------------------------------------------------------------------- 1 | kind: ConfigMap 2 | apiVersion: v1 3 | metadata: 4 | name: powermax-reverseproxy-config 5 | namespace: test-powermax 6 | labels: 7 | name: powermax-reverseproxy 8 | ownerReferences: 9 | - apiVersion: storage.dell.com/v1 10 | blockOwnerDeletion: true 11 | controller: true 12 | kind: CSIPowerMaxRevProxy 13 | name: powermax-reverseproxy 14 | uid: "" 15 | data: 16 | config.yaml: | 17 | mode: StandAlone 18 | port: 2222 19 | standAloneConfig: 20 | storageArrays: 21 | - storageArrayId: "000000000001" 22 | primaryURL: https://0.0.0.0:8443 23 | backupURL: https://0.0.0.0:8443 24 | proxyCredentialSecrets: 25 | - powermax-creds 26 | managementServers: 27 | - url: https://0.0.0.0:8443 28 | arrayCredentialSecret: powermax-creds 29 | skipCertificateValidation: true 30 | - url: https://0.0.0.0:8443 31 | arrayCredentialSecret: powermax-creds 32 | skipCertificateValidation: true 33 | -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/out-csipowermaxreverseproxy.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerMaxRevProxy 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | spec: 7 | image: dellemc/csipowermax-reverseproxy:v1.4.0.000R 8 | tlsSecret: csirevproxy-tls-secret 9 | config: 10 | mode: StandAlone 11 | standAloneConfig: 12 | storageArrays: 13 | - storageArrayId: "000000000001" 14 | primaryURL: https://0.0.0.0:8443 15 | backupURL: https://0.0.0.0:8443 16 | proxyCredentialSecrets: 17 | - powermax-creds 18 | managementServers: 19 | - url: https://0.0.0.0:8443 20 | arrayCredentialSecret: powermax-creds 21 | skipCertificateValidation: true 22 | - url: https://0.0.0.0:8443 23 | arrayCredentialSecret: powermax-creds 24 | skipCertificateValidation: true 25 | status: 26 | lastUpdate: 27 | condition: Succeeded 28 | time: '2020-08-31T10:34:49Z' 29 | proxyHash: 0x99cf347a 30 | proxyStatus: 31 | stopped: 32 | - powermax-reverseproxy 33 | state: Succeeded 34 | -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/out-csipowermaxrevproxytlssecret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: csirevproxy-tls-secret 5 | namespace: test-powermax 6 | data: 7 | tls.crt: >- 8 | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNJakNDQWFpZ0F3SUJBZ0lKQUo1WVVxYVJjWjk4TUFvR0NDcUdTTTQ5QkFNQ01FOHhDekFKQmdOVkJBWVQKQWxWVE1Rc3dDUVlEVlFRSURBSk5RVEVTTUJBR0ExVUVCd3dKU0U5UVMwbE9WRTlPTVJBd0RnWURWUVFLREFkRQpSVXhNUlUxRE1RMHdDd1lEVlFRTERBUklSVk5UTUI0WERUSXdNRFF5TkRFd01qVTFObG9YRFRNd01EUXlNakV3Ck1qVTFObG93VHpFTE1Ba0dBMVVFQmhNQ1ZWTXhDekFKQmdOVkJBZ01BazFCTVJJd0VBWURWUVFIREFsSVQxQkwKU1U1VVQwNHhFREFPQmdOVkJBb01CMFJGVEV4RlRVTXhEVEFMQmdOVkJBc01CRWhGVTFNd2RqQVFCZ2NxaGtqTwpQUUlCQmdVcmdRUUFJZ05pQUFUdXVxRWFWQnVtM2MxZFQvaVpTOXllMUtGQVQ4VXJsNVRrbmgxdWtsOFQydDRuClhKdFoxUkM5VG94aGpSRXJNQ2ExT3ZUeGNUZVBRS2FqOXo4c2ZMOTQxaGRheG04RmhnTjF2SEM1M2Y4MWdnSkgKZUJjOHFZNGVjS0RwbWlMVUtCV2pVREJPTUIwR0ExVWREZ1FXQkJUL2V2dHVla0xKTlo5eEFrUVVNSkpWcGJ2UQo1VEFmQmdOVkhTTUVHREFXZ0JUL2V2dHVla0xKTlo5eEFrUVVNSkpWcGJ2UTVUQU1CZ05WSFJNRUJUQURBUUgvCk1Bb0dDQ3FHU000OUJBTUNBMmdBTUdVQ01CMUNRckxOaEw3WHRwRUMyMnZHMGdwVXZVZ3c3MU1BRmROK3dOTXAKait5N2pvZkZSZE1KUG1HeUhVWmRka0s4c1FJeEFLaVVCdThJZUlTQmxEaGE0NlRzWnZyZjFqc0Y2OHByNitCUApHSHFrb1JCL0I5Rm16TW90bFVFL29xYjJwVk1ScHc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== 9 | tls.key: >- 10 | LS0tLS1CRUdJTiBFQyBQQVJBTUVURVJTLS0tLS0KQmdVcmdRUUFJZz09Ci0tLS0tRU5EIEVDIFBBUkFNRVRFUlMtLS0tLQotLS0tLUJFR0lOIEVDIFBSSVZBVEUgS0VZLS0tLS0KTUlHa0FnRUJCRENsK0IzNURmUFRxT1FGMTRxT0tLdFhWdHdWcEdMbGhETVE5bXg3ZGNZdXFIODY3YVk0NXpzMgpPZXJDUDQyY21tMmdCd1lGSzRFRUFDS2haQU5pQUFUdXVxRWFWQnVtM2MxZFQvaVpTOXllMUtGQVQ4VXJsNVRrCm5oMXVrbDhUMnQ0blhKdFoxUkM5VG94aGpSRXJNQ2ExT3ZUeGNUZVBRS2FqOXo4c2ZMOTQxaGRheG04RmhnTjEKdkhDNTNmODFnZ0pIZUJjOHFZNGVjS0RwbWlMVUtCVT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= 11 | type: kubernetes.io/tls -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/out-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIPowerMaxRevProxy 11 | name: powermax-reverseproxy 12 | uid: "" 13 | spec: 14 | selector: 15 | matchLabels: 16 | name: powermax-reverseproxy 17 | template: 18 | metadata: 19 | labels: 20 | name: powermax-reverseproxy 21 | spec: 22 | serviceAccountName: powermax-reverseproxy 23 | containers: 24 | - name: csireverseproxy 25 | # Replace this with the built image name 26 | image: dellemc/csipowermax-reverseproxy:v1.4.0.000R 27 | imagePullPolicy: IfNotPresent 28 | env: 29 | - name: X_CSI_REVPROXY_CONFIG_DIR 30 | value: /etc/config/configmap 31 | - name: X_CSI_REVPROXY_CONFIG_FILE_NAME 32 | value: config.yaml 33 | - name: X_CSI_REVRPOXY_IN_CLUSTER 34 | value: "true" 35 | - name: X_CSI_REVPROXY_TLS_CERT_DIR 36 | value: /app/tls 37 | - name: X_CSI_REVPROXY_WATCH_NAMESPACE 38 | value: test-powermax #Change this to the namespace where proxy will be installed 39 | volumeMounts: 40 | - name: configmap-volume 41 | mountPath: /etc/config/configmap 42 | - name: tls-secret 43 | mountPath: /app/tls 44 | - name: cert-dir 45 | mountPath: /app/certs 46 | volumes: 47 | - name: configmap-volume 48 | configMap: 49 | name: powermax-reverseproxy-config 50 | optional: false 51 | - name: tls-secret 52 | secret: 53 | secretName: csirevproxy-tls-secret 54 | optional: false 55 | - name: cert-dir 56 | emptyDir: {} 57 | -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/out-powermax-creds.yaml: -------------------------------------------------------------------------------- 1 | kind: Secret 2 | apiVersion: v1 3 | metadata: 4 | name: powermax-creds 5 | namespace: test-powermax 6 | data: 7 | password: c21j 8 | username: c21j 9 | type: Opaque -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/out-role.yaml: -------------------------------------------------------------------------------- 1 | kind: Role 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIPowerMaxRevProxy 11 | name: powermax-reverseproxy 12 | uid: "" 13 | rules: 14 | - apiGroups: [""] 15 | resources: ["secrets"] 16 | verbs: ["list", "watch", "get"] -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/out-rolebinding.yaml: -------------------------------------------------------------------------------- 1 | kind: RoleBinding 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIPowerMaxRevProxy 11 | name: powermax-reverseproxy 12 | uid: "" 13 | subjects: 14 | - kind: ServiceAccount 15 | name: powermax-reverseproxy 16 | namespace: test-powermax 17 | roleRef: 18 | kind: Role 19 | name: powermax-reverseproxy 20 | apiGroup: rbac.authorization.k8s.io -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/out-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | labels: 7 | name: powermax-reverseproxy 8 | ownerReferences: 9 | - apiVersion: storage.dell.com/v1 10 | blockOwnerDeletion: true 11 | controller: true 12 | kind: CSIPowerMaxRevProxy 13 | name: powermax-reverseproxy 14 | uid: "" 15 | spec: 16 | ports: 17 | - port: 2222 18 | protocol: TCP 19 | targetPort: 2222 20 | selector: 21 | name: powermax-reverseproxy 22 | type: ClusterIP 23 | -------------------------------------------------------------------------------- /test/testdata/csipowermaxrevproxy/02-simple-sa-deployment/out-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: powermax-reverseproxy 5 | namespace: test-powermax 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIPowerMaxRevProxy 11 | name: powermax-reverseproxy 12 | uid: "" -------------------------------------------------------------------------------- /test/testdata/csipowerstore/01-simple-deployment/in-csipowerstore-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: powerstore-config 5 | # Set driver namespace 6 | namespace: test-powerstore 7 | type: Opaque 8 | data: 9 | # set username to the base64 encoded username 10 | username: YWRtaW4= 11 | # set password to the base64 encoded password 12 | password: YWRtaW4= 13 | -------------------------------------------------------------------------------- /test/testdata/csipowerstore/01-simple-deployment/in-csipowerstore.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerStore 3 | metadata: 4 | name: test-powerstore 5 | namespace: test-powerstore 6 | spec: 7 | driver: 8 | # Config version for CSI PowerStore v2.7.0 driver 9 | configVersion: v2.7.0 10 | # Controller count 11 | replicas: 1 12 | dnsPolicy: ClusterFirstWithHostNet 13 | forceUpdate: false 14 | storageCapacity: false 15 | common: 16 | # Image for CSI PowerStore driver v2.7.0 17 | image: "dellemc/csi-powerstore:v2.7.0" 18 | imagePullPolicy: IfNotPresent 19 | envs: 20 | - name: X_CSI_POWERSTORE_NODE_NAME_PREFIX 21 | value: "csi" 22 | - name: X_CSI_FC_PORTS_FILTER_FILE_PATH 23 | value: "/etc/fc-ports-filter" 24 | sideCars: 25 | - name: external-health-monitor 26 | args: ["--monitor-interval=60s"] 27 | controller: 28 | envs: 29 | # X_CSI_NFS_ACLS: enables setting permissions on NFS mount directory 30 | # This value will be the default value if a storage class and array config in secret 31 | # do not contain the NFS ACL (nfsAcls) parameter specified 32 | # Permissions can be specified in two formats: 33 | # 1) Unix mode (NFSv3) 34 | # 2) NFSv4 ACLs (NFSv4) 35 | # NFSv4 ACLs are supported on NFSv4 share only. 36 | # Allowed values: 37 | # 1) Unix mode: valid octal mode number 38 | # Examples: "0777", "777", "0755" 39 | # 2) NFSv4 acls: valid NFSv4 acls, seperated by comma 40 | # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" 41 | # Optional: true 42 | # Default value: "0777" 43 | # nfsAcls: "0777" 44 | - name: X_CSI_NFS_ACLS 45 | value: "0777" 46 | node: 47 | envs: 48 | # Set to "true" to enable ISCSI CHAP Authentication 49 | # CHAP password will be autogenerated by driver 50 | - name: "X_CSI_POWERSTORE_ENABLE_CHAP" 51 | value: "true" 52 | --- 53 | apiVersion: v1 54 | kind: ConfigMap 55 | metadata: 56 | name: powerstore-config-params 57 | namespace: test-powerstore 58 | data: 59 | driver-config-params.yaml: | 60 | CSI_LOG_LEVEL: "debug" 61 | CSI_LOG_FORMAT: "JSON" 62 | -------------------------------------------------------------------------------- /test/testdata/csipowerstore/01-simple-deployment/out-clusterrolebinding-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: test-powerstore-controller 5 | ownerReferences: 6 | - blockOwnerDeletion: true 7 | controller: true 8 | name: test-powerstore-test-powerstore-dummy 9 | roleRef: 10 | apiGroup: rbac.authorization.k8s.io 11 | kind: ClusterRole 12 | name: test-powerstore-controller 13 | subjects: 14 | - kind: ServiceAccount 15 | name: powerstore-controller 16 | namespace: test-powerstore 17 | -------------------------------------------------------------------------------- /test/testdata/csipowerstore/01-simple-deployment/out-csidriver.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.k8s.io/v1 2 | kind: CSIDriver 3 | metadata: 4 | name: csi-powerstore.dellemc.com 5 | ownerReferences: 6 | - apiVersion: storage.dell.com/v1 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: CSIPowerStore 10 | name: test-powerstore 11 | spec: 12 | attachRequired: true 13 | podInfoOnMount: true 14 | fsGroupPolicy: "ReadWriteOnceWithFSType" 15 | storageCapacity: false 16 | volumeLifecycleModes: 17 | - Persistent 18 | - Ephemeral 19 | -------------------------------------------------------------------------------- /test/testdata/csipowerstore/01-simple-deployment/out-csipowerstore-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: powerstore-config 5 | # Set driver namespace 6 | namespace: test-powerstore 7 | type: Opaque 8 | data: 9 | # set username to the base64 encoded username 10 | username: YWRtaW4= 11 | # set password to the base64 encoded password 12 | password: YWRtaW4= 13 | -------------------------------------------------------------------------------- /test/testdata/csipowerstore/01-simple-deployment/out-csipowerstore.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIPowerStore 3 | metadata: 4 | creationTimestamp: null 5 | name: test-powerstore 6 | namespace: test-powerstore 7 | annotations: 8 | storage.dell.com/CSIDriverConfigVersion: v2.7.0 9 | storage.dell.com/attacher.Image: registry.k8s.io/sig-storage/csi-attacher:v4.3.0 10 | storage.dell.com/attacher.Image.IsDefault: "true" 11 | storage.dell.com/provisioner.Image: registry.k8s.io/sig-storage/csi-provisioner:v3.5.0 12 | storage.dell.com/provisioner.Image.IsDefault: "true" 13 | storage.dell.com/registrar.Image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0 14 | storage.dell.com/registrar.Image.IsDefault: "true" 15 | storage.dell.com/resizer.Image: registry.k8s.io/sig-storage/csi-resizer:v1.8.0 16 | storage.dell.com/resizer.Image.IsDefault: "true" 17 | storage.dell.com/snapshotter.Image: registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2 18 | storage.dell.com/snapshotter.Image.IsDefault: "true" 19 | storage.dell.com/external-health-monitor.Image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.9.0 20 | storage.dell.com/external-health-monitor.Image.IsDefault: "true" 21 | finalizers: 22 | - "finalizer.dell.emc.com" 23 | spec: 24 | driver: 25 | common: 26 | envs: 27 | - name: X_CSI_POWERSTORE_NODE_NAME_PREFIX 28 | value: csi 29 | - name: X_CSI_FC_PORTS_FILTER_FILE_PATH 30 | value: /etc/fc-ports-filter 31 | image: dellemc/csi-powerstore:v2.7.0 32 | imagePullPolicy: IfNotPresent 33 | configVersion: v2.7.0 34 | controller: 35 | envs: 36 | - name: X_CSI_NFS_ACLS 37 | value: "0777" 38 | node: 39 | envs: 40 | - name: "X_CSI_POWERSTORE_ENABLE_CHAP" 41 | value: "true" 42 | replicas: 1 43 | dnsPolicy: ClusterFirstWithHostNet 44 | sideCars: 45 | - image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.9.0 46 | imagePullPolicy: IfNotPresent 47 | name: external-health-monitor 48 | args: ["--monitor-interval=60s"] 49 | - image: registry.k8s.io/sig-storage/csi-provisioner:v3.5.0 50 | imagePullPolicy: IfNotPresent 51 | name: provisioner 52 | - image: registry.k8s.io/sig-storage/csi-attacher:v4.3.0 53 | imagePullPolicy: IfNotPresent 54 | name: attacher 55 | - image: registry.k8s.io/sig-storage/csi-resizer:v1.8.0 56 | imagePullPolicy: IfNotPresent 57 | name: resizer 58 | - image: registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2 59 | imagePullPolicy: IfNotPresent 60 | name: snapshotter 61 | - image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0 62 | imagePullPolicy: IfNotPresent 63 | name: registrar 64 | status: 65 | controllerStatus: 66 | stopped: 67 | - powerstore-controller 68 | nodeStatus: 69 | stopped: 70 | - powerstore-node 71 | state: Succeeded 72 | lastUpdate: 73 | condition: Succeeded 74 | -------------------------------------------------------------------------------- /test/testdata/csipowerstore/01-simple-deployment/out-dummyclusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | labels: 5 | name: test-powerstore-test-powerstore-dummy 6 | name: test-powerstore-test-powerstore-dummy 7 | rules: null -------------------------------------------------------------------------------- /test/testdata/csipowerstore/01-simple-deployment/out-serviceaccount-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: powerstore-controller 5 | namespace: test-powerstore 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIPowerStore 11 | name: test-powerstore 12 | uid: "" -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/in-csiunity.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIUnity 3 | metadata: 4 | name: test-unity 5 | namespace: test-unity 6 | spec: 7 | driver: 8 | configVersion: v1 9 | replicas: 1 10 | dnsPolicy: ClusterFirstWithHostNet 11 | common: 12 | image: "dellemc/csi-unity:latest" 13 | imagePullPolicy: IfNotPresent 14 | envs: 15 | - name: X_CSI_UNITY_DEBUG 16 | value: "true" 17 | - name: X_CSI_UNITY_ENDPOINT 18 | value: "https://10.247.55.82" 19 | - name: X_CSI_UNITY_INSECURE 20 | value: "true" 21 | sideCars: 22 | - name: provisioner 23 | image: quay.io/k8scsi/csi-provisioner:v1.2.1 24 | imagePullPolicy: IfNotPresent 25 | args: ['--volume-name-prefix=csivol'] 26 | - name: attacher 27 | image: quay.io/k8scsi/csi-attacher:v1.2.1 28 | imagePullPolicy: IfNotPresent 29 | - name: snapshotter 30 | imagePullPolicy: IfNotPresent 31 | args: ['--snapshot-name-prefix=csi-snap'] 32 | storageClass: 33 | - name: fc 34 | default: true 35 | reclaimPolicy: "Delete" 36 | parameters: 37 | storagepool: pool_1 38 | protocol: "FC" 39 | tieringPolicy: "2" 40 | - name: iscsi 41 | reclaimPolicy: "Delete" 42 | parameters: 43 | storagepool: pool_1 44 | protocol: "iSCSCI" 45 | snapshotClass: 46 | - name: test-snap 47 | parameters: 48 | retentionDuration: "1:1:1:1" 49 | - name: test1-snap 50 | parameters: 51 | retentionDuration: "2:2:2:2" 52 | -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-clusterrole-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: test-unity-controller 5 | ownerReferences: 6 | - apiVersion: storage.dell.com/v1 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: CSIUnity 10 | name: test-unity 11 | uid: "" 12 | rules: 13 | - apiGroups: 14 | - "" 15 | resources: 16 | - events 17 | verbs: 18 | - list 19 | - watch 20 | - create 21 | - update 22 | - patch 23 | - apiGroups: 24 | - "" 25 | resources: 26 | - nodes 27 | verbs: 28 | - get 29 | - list 30 | - watch 31 | - apiGroups: 32 | - "" 33 | resources: 34 | - persistentvolumes 35 | verbs: 36 | - get 37 | - list 38 | - watch 39 | - create 40 | - delete 41 | - update 42 | - apiGroups: 43 | - "" 44 | resources: 45 | - persistentvolumeclaims 46 | verbs: 47 | - get 48 | - list 49 | - create 50 | - watch 51 | - update 52 | - apiGroups: 53 | - storage.k8s.io 54 | resources: 55 | - storageclasses 56 | verbs: 57 | - get 58 | - list 59 | - watch 60 | - apiGroups: 61 | - storage.k8s.io 62 | resources: 63 | - volumeattachments 64 | verbs: 65 | - get 66 | - list 67 | - watch 68 | - update 69 | - apiGroups: 70 | - storage.k8s.io 71 | resources: 72 | - csinodes 73 | verbs: 74 | - get 75 | - list 76 | - watch 77 | - update 78 | - apiGroups: 79 | - "" 80 | resources: 81 | - secrets 82 | verbs: 83 | - get 84 | - list 85 | - apiGroups: 86 | - snapshot.storage.k8s.io 87 | resources: 88 | - volumesnapshotclasses 89 | verbs: 90 | - get 91 | - list 92 | - watch 93 | - apiGroups: 94 | - snapshot.storage.k8s.io 95 | resources: 96 | - volumesnapshotcontents 97 | verbs: 98 | - create 99 | - get 100 | - list 101 | - watch 102 | - update 103 | - delete 104 | - patch 105 | - apiGroups: 106 | - snapshot.storage.k8s.io 107 | resources: 108 | - volumesnapshots/status 109 | verbs: 110 | - update 111 | - apiGroups: 112 | - snapshot.storage.k8s.io 113 | resources: 114 | - volumesnapshots 115 | verbs: 116 | - get 117 | - list 118 | - watch 119 | - update 120 | - apiGroups: 121 | - apiextensions.k8s.io 122 | resources: 123 | - customresourcedefinitions 124 | verbs: 125 | - create 126 | - list 127 | - watch 128 | - delete -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-clusterrole-node.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | creationTimestamp: null 5 | name: test-unity-node 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIUnity 11 | name: test-unity 12 | uid: "" 13 | rules: 14 | - apiGroups: 15 | - "" 16 | resources: 17 | - events 18 | verbs: 19 | - create 20 | - list 21 | - patch 22 | - update 23 | - watch 24 | - apiGroups: 25 | - "" 26 | resources: 27 | - nodes 28 | verbs: 29 | - create 30 | - list 31 | - patch 32 | - update 33 | - watch 34 | - apiGroups: 35 | - "" 36 | resources: 37 | - persistentvolumes 38 | verbs: 39 | - create 40 | - delete 41 | - get 42 | - list 43 | - update 44 | - watch 45 | - apiGroups: 46 | - "" 47 | resources: 48 | - persistentvolumeclaims 49 | verbs: 50 | - get 51 | - list 52 | - update 53 | - watch 54 | - apiGroups: 55 | - storage.k8s.io 56 | resources: 57 | - storageclasses 58 | verbs: 59 | - get 60 | - list 61 | - watch 62 | - apiGroups: 63 | - storage.k8s.io 64 | resources: 65 | - volumeattachments 66 | verbs: 67 | - get 68 | - list 69 | - update 70 | - watch 71 | - apiGroups: 72 | - security.openshift.io 73 | resourceNames: 74 | - privileged 75 | resources: 76 | - securitycontextconstraints 77 | verbs: 78 | - use -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-clusterrolebinding-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: test-unity-controller 5 | ownerReferences: 6 | - apiVersion: storage.dell.com/v1 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: CSIUnity 10 | name: test-unity 11 | uid: "" 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: test-unity-controller 16 | subjects: 17 | - kind: ServiceAccount 18 | name: unity-controller 19 | namespace: test-unity 20 | -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-clusterrolebinding-node.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: test-unity-node 5 | ownerReferences: 6 | - apiVersion: storage.dell.com/v1 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: CSIUnity 10 | name: test-unity 11 | uid: "" 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: test-unity-node 16 | subjects: 17 | - kind: ServiceAccount 18 | name: unity-node 19 | namespace: test-unity 20 | -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-csidriver.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.k8s.io/v1 2 | kind: CSIDriver 3 | metadata: 4 | name: test-unity 5 | ownerReferences: 6 | - apiVersion: storage.dell.com/v1 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: CSIUnity 10 | name: test-unity 11 | spec: 12 | attachRequired: true 13 | podInfoOnMount: true 14 | -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-csiunity.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIUnity 3 | metadata: 4 | creationTimestamp: null 5 | name: test-unity 6 | namespace: test-unity 7 | spec: 8 | driver: 9 | configVersion: v1 10 | replicas: 1 11 | dnsPolicy: ClusterFirstWithHostNet 12 | common: 13 | envs: 14 | - name: X_CSI_UNITY_DEBUG 15 | value: "true" 16 | - name: X_CSI_UNITY_ENDPOINT 17 | value: https://10.247.55.82 18 | - name: X_CSI_UNITY_INSECURE 19 | value: "true" 20 | image: dellemc/csi-unity:latest 21 | imagePullPolicy: IfNotPresent 22 | sideCars: 23 | - args: 24 | - --volume-name-prefix=csivol 25 | image: quay.io/k8scsi/csi-provisioner:v1.2.1 26 | imagePullPolicy: IfNotPresent 27 | name: provisioner 28 | - image: quay.io/k8scsi/csi-attacher:v1.2.1 29 | imagePullPolicy: IfNotPresent 30 | name: attacher 31 | - args: 32 | - --snapshot-name-prefix=csi-snap 33 | image: quay.io/k8scsi/csi-snapshotter:v1.2.2 34 | imagePullPolicy: IfNotPresent 35 | name: snapshotter 36 | - image: quay.io/k8scsi/csi-node-driver-registrar:v1.1.0 37 | imagePullPolicy: IfNotPresent 38 | name: registrar 39 | snapshotClass: 40 | - name: test-snap 41 | parameters: 42 | retentionDuration: "1:1:1:1" 43 | - name: test1-snap 44 | parameters: 45 | retentionDuration: "2:2:2:2" 46 | storageClass: 47 | - default: true 48 | name: fc 49 | parameters: 50 | protocol: FC 51 | storagepool: pool_1 52 | tieringPolicy: "2" 53 | reclaimPolicy: Delete 54 | - name: iscsi 55 | parameters: 56 | protocol: iSCSCI 57 | storagepool: pool_1 58 | reclaimPolicy: Delete 59 | status: 60 | status: 61 | creationTime: "2020-03-12T09:37:54Z" 62 | envName: test-unity 63 | startTime: "2020-03-12T09:37:54Z" 64 | state: Succeeded -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-serviceaccount-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: unity-controller 5 | namespace: test-unity 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIUnity 11 | name: test-unity -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-serviceaccount-node.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: unity-node 5 | namespace: test-unity 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIUnity 11 | name: test-unity -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-snapshotclass-2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: snapshot.storage.k8s.io/v1alpha1 2 | kind: VolumeSnapshotClass 3 | metadata: 4 | creationTimestamp: null 5 | name: test-unity-test1-snap 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIUnity 11 | name: test-unity 12 | uid: "" 13 | parameters: 14 | retentionDuration: "2:2:2:2" 15 | snapshotter: csi-unity.dellemc.com -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-snapshotclass.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: snapshot.storage.k8s.io/v1alpha1 2 | kind: VolumeSnapshotClass 3 | metadata: 4 | creationTimestamp: null 5 | name: test-unity-test-snap 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIUnity 11 | name: test-unity 12 | uid: "" 13 | parameters: 14 | retentionDuration: "1:1:1:1" 15 | snapshotter: csi-unity.dellemc.com -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-storageclass-2.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.k8s.io/v1 2 | kind: StorageClass 3 | metadata: 4 | creationTimestamp: null 5 | name: test-unity-iscsi 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: false 9 | controller: true 10 | kind: CSIUnity 11 | name: test-unity 12 | uid: "" 13 | parameters: 14 | protocol: iSCSCI 15 | storagepool: pool_1 16 | provisioner: csi-unity.dellemc.com 17 | reclaimPolicy: Delete 18 | volumeBindingMode: Immediate -------------------------------------------------------------------------------- /test/testdata/csiunity/01-simple-deployment/out-storageclass.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.k8s.io/v1 2 | kind: StorageClass 3 | metadata: 4 | annotations: 5 | storageclass.kubernetes.io/is-default-class: "true" 6 | creationTimestamp: null 7 | name: test-unity-fc 8 | ownerReferences: 9 | - apiVersion: storage.dell.com/v1 10 | blockOwnerDeletion: false 11 | controller: true 12 | kind: CSIUnity 13 | name: test-unity 14 | uid: "" 15 | parameters: 16 | protocol: FC 17 | storagepool: pool_1 18 | tieringPolicy: "2" 19 | provisioner: csi-unity.dellemc.com 20 | reclaimPolicy: Delete 21 | volumeBindingMode: Immediate -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/in-csidriverdeployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIVXFlexOS 3 | metadata: 4 | name: test-vxflexos 5 | namespace: test-vxflexos 6 | spec: 7 | driver: 8 | configVersion: v2.7.0 9 | replicas: 1 10 | dnsPolicy: ClusterFirstWithHostNet 11 | forceUpdate: false 12 | fsGroupPolicy: File 13 | storageCapacity: false 14 | common: 15 | image: "dellemc/csi-vxflexos:v2.7.0" 16 | imagePullPolicy: IfNotPresent 17 | envs: 18 | - name: X_CSI_VXFLEXOS_ENABLELISTVOLUMESNAPSHOT 19 | value: "false" 20 | - name: X_CSI_VXFLEXOS_ENABLESNAPSHOTCGDELETE 21 | value: "false" 22 | - name: X_CSI_DEBUG 23 | value: "true" 24 | - name: X_CSI_ALLOW_RWO_MULTI_POD_ACCESS 25 | value: "false" 26 | node: 27 | envs: 28 | - name: X_CSI_APPROVE_SDC_ENABLED 29 | value: "false" 30 | - name: X_CSI_RENAME_SDC_ENABLED 31 | value: "false" 32 | - name: X_CSI_RENAME_SDC_PREFIX 33 | value: "" 34 | sideCars: 35 | # Uncomment the following section if you want to run the monitoring sidecar 36 | # - name: sdc-monitor 37 | # envs: 38 | # - name: HOST_PID 39 | # value: "1" 40 | # - name: MDM 41 | # value: "" 42 | - name: external-health-monitor 43 | args: ["--monitor-interval=60s"] 44 | initContainers: 45 | - image: dellemc/sdc:3.6.0.6 46 | imagePullPolicy: IfNotPresent 47 | name: sdc 48 | envs: 49 | - name: MDM 50 | value: "10.247.32.32,10.247.90.21" 51 | 52 | 53 | -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/in-csivxflexos-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MDM: MTAuMjQ3LjEzLjIzMCwxMC4yNDcuMTMuMjMyJjEwLjI0Ny4zOC40MSwxMC4yNDcuMzguNDQK 4 | config: WwogICAgewogICAgICAgICJ1c2VybmFtZSI6ICJhZG1pbiIsCiAgICAgICAgInBhc3N3b3JkIjogIlBhc3N3b3JkMTIzIiwKICAgICAgICAic3lzdGVtSUQiOiAiMTIzNWUxNTgwNmQxZWMwZiIsCiAgICAgICAgImVuZHBvaW50IjogImh0dHBzOi8vMTAuMjQ3LjEzLjIzNCIsCiAgICAgICAgImluc2VjdXJlIjogdHJ1ZSwKCSJpc0RlZmF1bHQiOiB0cnVlLAogICAgICAgICJtZG0iOiAiMTAuMjQ3LjEzLjIzMCwxMC4yNDcuMTMuMjMyIgogICAgfSwKICAgIHsKICAgICAgICAidXNlcm5hbWUiOiAiYWRtaW4iLAogICAgICAgICJwYXNzd29yZCI6ICJQYXNzd29yZDEyMyIsCiAgICAgICAgInN5c3RlbUlEIjogIjRkNGEyZTVhMzYwODBlMGYiLAogICAgICAgICJlbmRwb2ludCI6ICJodHRwczovLzEwLjI0Ny4zOC40NyIsCiAgICAgICAgImluc2VjdXJlIjogdHJ1ZSwKICAgICAgICAibWRtIjogIjEwLjI0Ny4zOC40MSwxMC4yNDcuMzguNDQiCiAgICB9Cl0K 5 | kind: Secret 6 | metadata: 7 | name: vxflexos-config 8 | # Set driver namespace 9 | namespace: test-vxflexos 10 | type: Opaque 11 | -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/out-clusterrole-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: test-vxflexos-controller 5 | ownerReferences: 6 | - apiVersion: "" 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: "" 10 | name: test-vxflexos-test-vxflexos-dummy 11 | uid: "" 12 | rules: 13 | - apiGroups: 14 | - "" 15 | resources: 16 | - events 17 | verbs: 18 | - list 19 | - watch 20 | - create 21 | - update 22 | - patch 23 | - apiGroups: 24 | - "" 25 | resources: 26 | - nodes 27 | verbs: 28 | - get 29 | - list 30 | - watch 31 | - apiGroups: 32 | - "" 33 | resources: 34 | - persistentvolumes 35 | verbs: 36 | - get 37 | - list 38 | - watch 39 | - create 40 | - delete 41 | - update 42 | - patch 43 | - apiGroups: 44 | - "" 45 | resources: 46 | - persistentvolumeclaims 47 | verbs: 48 | - get 49 | - list 50 | - create 51 | - watch 52 | - update 53 | - apiGroups: 54 | - "" 55 | resources: 56 | - pods 57 | verbs: 58 | - get 59 | - list 60 | - watch 61 | - apiGroups: 62 | - storage.k8s.io 63 | resources: 64 | - storageclasses 65 | verbs: 66 | - get 67 | - list 68 | - watch 69 | - apiGroups: 70 | - storage.k8s.io 71 | resources: 72 | - volumeattachments 73 | verbs: 74 | - get 75 | - list 76 | - watch 77 | - update 78 | - patch 79 | - apiGroups: 80 | - storage.k8s.io 81 | resources: 82 | - volumeattachments/status 83 | verbs: 84 | - patch 85 | - apiGroups: 86 | - storage.k8s.io 87 | resources: 88 | - csinodes 89 | verbs: 90 | - get 91 | - list 92 | - watch 93 | - update 94 | - apiGroups: 95 | - "" 96 | resources: 97 | - secrets 98 | verbs: 99 | - get 100 | - list 101 | - apiGroups: 102 | - snapshot.storage.k8s.io 103 | resources: 104 | - volumesnapshotclasses 105 | verbs: 106 | - get 107 | - list 108 | - watch 109 | - apiGroups: 110 | - snapshot.storage.k8s.io 111 | resources: 112 | - volumesnapshotcontents 113 | verbs: 114 | - create 115 | - get 116 | - list 117 | - watch 118 | - update 119 | - delete 120 | - patch 121 | - apiGroups: 122 | - snapshot.storage.k8s.io 123 | resources: 124 | - volumesnapshots/status 125 | verbs: 126 | - watch 127 | - update 128 | - get 129 | - list 130 | - apiGroups: 131 | - snapshot.storage.k8s.io 132 | resources: 133 | - volumesnapshotcontents/status 134 | verbs: 135 | - update 136 | - patch 137 | - apiGroups: 138 | - snapshot.storage.k8s.io 139 | resources: 140 | - volumesnapshots 141 | verbs: 142 | - get 143 | - list 144 | - watch 145 | - update 146 | - apiGroups: 147 | - apiextensions.k8s.io 148 | resources: 149 | - customresourcedefinitions 150 | verbs: 151 | - create 152 | - list 153 | - watch 154 | - delete 155 | - apiGroups: 156 | - "" 157 | resources: 158 | - persistentvolumeclaims/status 159 | verbs: 160 | - update 161 | - patch 162 | - apiGroups: 163 | - coordination.k8s.io 164 | resources: 165 | - leases 166 | verbs: 167 | - create 168 | - get 169 | - list 170 | - watch 171 | - delete 172 | - update 173 | -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/out-clusterrole-node.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: test-vxflexos-node 5 | ownerReferences: 6 | - apiVersion: "" 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: "" 10 | name: test-vxflexos-test-vxflexos-dummy 11 | uid: "" 12 | rules: 13 | - apiGroups: 14 | - "" 15 | resources: 16 | - events 17 | verbs: 18 | - create 19 | - list 20 | - patch 21 | - update 22 | - watch 23 | - apiGroups: 24 | - "" 25 | resources: 26 | - nodes 27 | verbs: 28 | - create 29 | - get 30 | - list 31 | - patch 32 | - update 33 | - watch 34 | - apiGroups: 35 | - "" 36 | resources: 37 | - persistentvolumes 38 | verbs: 39 | - create 40 | - delete 41 | - get 42 | - list 43 | - update 44 | - watch 45 | - apiGroups: 46 | - "" 47 | resources: 48 | - persistentvolumeclaims 49 | verbs: 50 | - get 51 | - list 52 | - update 53 | - watch 54 | - apiGroups: 55 | - storage.k8s.io 56 | resources: 57 | - storageclasses 58 | verbs: 59 | - get 60 | - list 61 | - watch 62 | - apiGroups: 63 | - storage.k8s.io 64 | resources: 65 | - volumeattachments 66 | verbs: 67 | - get 68 | - list 69 | - update 70 | - watch 71 | - apiGroups: 72 | - security.openshift.io 73 | resourceNames: 74 | - privileged 75 | resources: 76 | - securitycontextconstraints 77 | verbs: 78 | - use 79 | -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/out-clusterrolebinding-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: test-vxflexos-controller 5 | ownerReferences: 6 | - apiVersion: "" 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: "" 10 | name: test-vxflexos-test-vxflexos-dummy 11 | uid: "" 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: test-vxflexos-controller 16 | subjects: 17 | - kind: ServiceAccount 18 | name: vxflexos-controller 19 | namespace: test-vxflexos 20 | -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/out-clusterrolebinding-node.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: test-vxflexos-node 5 | ownerReferences: 6 | - apiVersion: "" 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: "" 10 | name: test-vxflexos-test-vxflexos-dummy 11 | uid: "" 12 | roleRef: 13 | apiGroup: rbac.authorization.k8s.io 14 | kind: ClusterRole 15 | name: test-vxflexos-node 16 | subjects: 17 | - kind: ServiceAccount 18 | name: vxflexos-node 19 | namespace: test-vxflexos 20 | 21 | -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/out-csidriver.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.k8s.io/v1 2 | kind: CSIDriver 3 | metadata: 4 | name: csi-vxflexos.dellemc.com 5 | ownerReferences: 6 | - apiVersion: storage.dell.com/v1 7 | blockOwnerDeletion: true 8 | controller: true 9 | kind: CSIVXFlexOS 10 | name: test-vxflexos 11 | spec: 12 | attachRequired: true 13 | podInfoOnMount: true 14 | fsGroupPolicy: File 15 | storageCapacity: false 16 | volumeLifecycleModes: 17 | - Persistent 18 | - Ephemeral 19 | -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/out-csivxflexos-secret.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | data: 3 | MDM: MTAuMjQ3LjEzLjIzMCwxMC4yNDcuMTMuMjMyJjEwLjI0Ny4zOC40MSwxMC4yNDcuMzguNDQK 4 | config: WwogICAgewogICAgICAgICJ1c2VybmFtZSI6ICJhZG1pbiIsCiAgICAgICAgInBhc3N3b3JkIjogIlBhc3N3b3JkMTIzIiwKICAgICAgICAic3lzdGVtSUQiOiAiMTIzNWUxNTgwNmQxZWMwZiIsCiAgICAgICAgImVuZHBvaW50IjogImh0dHBzOi8vMTAuMjQ3LjEzLjIzNCIsCiAgICAgICAgImluc2VjdXJlIjogdHJ1ZSwKCSJpc0RlZmF1bHQiOiB0cnVlLAogICAgICAgICJtZG0iOiAiMTAuMjQ3LjEzLjIzMCwxMC4yNDcuMTMuMjMyIgogICAgfSwKICAgIHsKICAgICAgICAidXNlcm5hbWUiOiAiYWRtaW4iLAogICAgICAgICJwYXNzd29yZCI6ICJQYXNzd29yZDEyMyIsCiAgICAgICAgInN5c3RlbUlEIjogIjRkNGEyZTVhMzYwODBlMGYiLAogICAgICAgICJlbmRwb2ludCI6ICJodHRwczovLzEwLjI0Ny4zOC40NyIsCiAgICAgICAgImluc2VjdXJlIjogdHJ1ZSwKICAgICAgICAibWRtIjogIjEwLjI0Ny4zOC40MSwxMC4yNDcuMzguNDQiCiAgICB9Cl0K 5 | kind: Secret 6 | metadata: 7 | name: vxflexos-config 8 | # Set driver namespace 9 | namespace: test-vxflexos 10 | type: Opaque 11 | 12 | -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/out-csivxflexos.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: storage.dell.com/v1 2 | kind: CSIVXFlexOS 3 | metadata: 4 | annotations: 5 | storage.dell.com/CSIDriverConfigVersion: v2.7.0 6 | storage.dell.com/attacher.Image: registry.k8s.io/sig-storage/csi-attacher:v4.3.0 7 | storage.dell.com/attacher.Image.IsDefault: "true" 8 | storage.dell.com/external-health-monitor.Image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.9.0 9 | storage.dell.com/external-health-monitor.Image.IsDefault: "true" 10 | storage.dell.com/provisioner.Image: registry.k8s.io/sig-storage/csi-provisioner:v3.5.0 11 | storage.dell.com/provisioner.Image.IsDefault: "true" 12 | storage.dell.com/registrar.Image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0 13 | storage.dell.com/registrar.Image.IsDefault: "true" 14 | storage.dell.com/resizer.Image: registry.k8s.io/sig-storage/csi-resizer:v1.8.0 15 | storage.dell.com/resizer.Image.IsDefault: "true" 16 | storage.dell.com/snapshotter.Image: registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2 17 | storage.dell.com/snapshotter.Image.IsDefault: "true" 18 | name: test-vxflexos 19 | namespace: test-vxflexos 20 | finalizers: 21 | - "finalizer.dell.emc.com" 22 | spec: 23 | driver: 24 | common: 25 | envs: 26 | - name: X_CSI_VXFLEXOS_ENABLELISTVOLUMESNAPSHOT 27 | value: "false" 28 | - name: X_CSI_VXFLEXOS_ENABLESNAPSHOTCGDELETE 29 | value: "false" 30 | - name: X_CSI_DEBUG 31 | value: "true" 32 | - name: X_CSI_ALLOW_RWO_MULTI_POD_ACCESS 33 | value: "false" 34 | image: dellemc/csi-vxflexos:v2.7.0 35 | imagePullPolicy: IfNotPresent 36 | node: 37 | envs: 38 | - name: X_CSI_APPROVE_SDC_ENABLED 39 | value: "false" 40 | - name: X_CSI_RENAME_SDC_ENABLED 41 | value: "false" 42 | - name: X_CSI_RENAME_SDC_PREFIX 43 | value: "" 44 | configVersion: v2.7.0 45 | controller: {} 46 | initContainers: 47 | - envs: 48 | - name: MDM 49 | value: 10.247.32.32,10.247.90.21 50 | image: dellemc/sdc:3.6.0.6 51 | imagePullPolicy: IfNotPresent 52 | name: sdc 53 | replicas: 1 54 | dnsPolicy: ClusterFirstWithHostNet 55 | fsGroupPolicy: File 56 | sideCars: 57 | - args: 58 | - --monitor-interval=60s 59 | image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.9.0 60 | imagePullPolicy: IfNotPresent 61 | name: external-health-monitor 62 | - image: registry.k8s.io/sig-storage/csi-provisioner:v3.5.0 63 | imagePullPolicy: IfNotPresent 64 | name: provisioner 65 | - image: registry.k8s.io/sig-storage/csi-attacher:v4.3.0 66 | imagePullPolicy: IfNotPresent 67 | name: attacher 68 | - image: registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2 69 | imagePullPolicy: IfNotPresent 70 | name: snapshotter 71 | - image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.8.0 72 | imagePullPolicy: IfNotPresent 73 | name: registrar 74 | - image: registry.k8s.io/sig-storage/csi-resizer:v1.8.0 75 | imagePullPolicy: IfNotPresent 76 | name: resizer 77 | status: 78 | controllerStatus: 79 | stopped: 80 | - "vxflexos-controller" 81 | nodeStatus: 82 | stopped: 83 | - "vxflexos-node" 84 | driverHash: 4237823723 85 | state: "Succeeded" 86 | lastUpdate: 87 | condition: "Succeeded" 88 | time: "2021-07-23T06:35:25Z" 89 | -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/out-dummyclusterrole.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | labels: 5 | name: test-vxflexos-test-vxflexos-dummy 6 | name: test-vxflexos-test-vxflexos-dummy 7 | rules: null -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/out-serviceaccount-controller.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: vxflexos-controller 5 | namespace: test-vxflexos 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIVXFlexOS 11 | name: test-vxflexos 12 | uid: "" 13 | -------------------------------------------------------------------------------- /test/testdata/csivxflexos/01-simple-deployment/out-serviceaccount-node.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: vxflexos-node 5 | namespace: test-vxflexos 6 | ownerReferences: 7 | - apiVersion: storage.dell.com/v1 8 | blockOwnerDeletion: true 9 | controller: true 10 | kind: CSIVXFlexOS 11 | name: test-vxflexos 12 | uid: "" 13 | 14 | --------------------------------------------------------------------------------