[release-4.5] Bug 1848785: Fetch latest upstream patches

.prow.sh

@@ -0,0 +1,11 @@
+#! /bin/bash
+
+# A Prow job can override these defaults, but this shouldn't be necessary.
+
+# Only these tests make sense for csi-driver-nfs until we can integrate k/k
+# e2es.
+: ${CSI_PROW_TESTS:="unit"}
+
+. release-tools/prow.sh
+
+main

CHANGELOG/CHANGELOG-2.0.md

@@ -0,0 +1,22 @@
+# v2.0.0
+
+## Breaking Changes
+
+- Changing name of the driver from "csi-nfsplugin" to "nfs.csi.k8s.io" ([#26](https://github.com/kubernetes-csi/csi-driver-nfs/pull/26), [@wozniakjan](https://github.com/wozniakjan))
+
+## New Features
+
+- Add support for CSI spec 1.0.
+- Remove external-attacher and update deployment specs to apps/v1.
+  ([#24](https://github.com/kubernetes-csi/csi-driver-nfs/pull/24),
+  [@wozniakjan](https://github.com/wozniakjan))
+
+## Bug Fixes
+
+- Adds support for all access modes. ([#15](https://github.com/kubernetes-csi/csi-driver-nfs/pull/15), [@msau42](https://github.com/msau42))
+
+## Other Notable Changes
+
+- Update base image to centos8.
+  ([#28](https://github.com/kubernetes-csi/csi-driver-nfs/pull/28), [@wozniakjan](https://github.com/wozniakjan))
+- Switch to go mod and update dependencies. ([#22](https://github.com/kubernetes-csi/csi-driver-nfs/pull/22), [@wozniakjan](https://github.com/wozniakjan))

Dockerfile

@@ -1,8 +1,8 @@
-FROM centos:7.4.1708
+FROM centos:latest
 
 # Copy nfsplugin from build _output directory
 COPY bin/nfsplugin /nfsplugin
 
-RUN yum -y install nfs-utils && yum -y install epel-release && yum -y install jq && yum clean all
+RUN yum -y install nfs-utils epel-release jq && yum clean all
 
 ENTRYPOINT ["/nfsplugin"]

README.md

@@ -1,87 +1,79 @@
 # CSI NFS driver
 
-## Kubernetes
-### Requirements
+## Overview
 
-The folllowing feature gates and runtime config have to be enabled to deploy the driver
+This is a repository for [NFS](https://en.wikipedia.org/wiki/Network_File_System) [CSI](https://kubernetes-csi.github.io/docs/) Driver.
+Currently it implements bare minimum of the [CSI spec](https://github.com/container-storage-interface/spec) and is in the alpha state 
+of the development.
 
-```
-FEATURE_GATES=CSIPersistentVolume=true,MountPropagation=true
-RUNTIME_CONFIG="storage.k8s.io/v1alpha1=true"
-```
+#### CSI Feature matrix
 
-Mountprogpation requries support for privileged containers. So, make sure privileged containers are enabled in the cluster.
+| **nfs.csi.k8s.io** | K8s version compatibility | CSI versions compatibility | Dynamic Provisioning | Resize | Snapshots | Raw Block | AccessModes              | Status                                                                       |
+|--------------------|---------------------------|----------------------------|----------------------|--------|-----------|-----------|--------------------------|------------------------------------------------------------------------------|
+|master              | 1.14 +                    | v1.0 +                     |  no                  |  no    |  no       |  no       | Read/Write Multiple Pods | Alpha                                                                        |
+|v2.0.0              | 1.14 +                    | v1.0 +                     |  no                  |  no    |  no       |  no       | Read/Write Multiple Pods | Alpha                                                                        |
+|v1.0.0              | 1.9 - 1.15                | v1.0                       |  no                  |  no    |  no       |  no       | Read/Write Multiple Pods | [deprecated](https://github.com/kubernetes-csi/drivers/tree/master/pkg/nfs)  |
 
-### Example local-up-cluster.sh
+## Requirements
 
-```ALLOW_PRIVILEGED=true FEATURE_GATES=CSIPersistentVolume=true,MountPropagation=true RUNTIME_CONFIG="storage.k8s.io/v1alpha1=true" LOG_LEVEL=5 hack/local-up-cluster.sh```
+The CSI NFS driver requires Kubernetes cluster of version 1.14 or newer and 
+preexisting NFS server, whether it is deployed on cluster or provisioned 
+independently. The plugin itself provides only a communication layer between 
+resources in the cluser and the NFS server.
 
-### Deploy
+## Example
 
-```kubectl -f deploy/kubernetes create```
+There are multiple ways to create a kubernetes cluster, the NFS CSI plugin
+should work invariantly of your cluster setup. Very simple way of getting
+a local environment for testing can be achieved using for example
+[kind](https://github.com/kubernetes-sigs/kind).
 
-### Example Nginx application
-Please update the NFS Server & share information in nginx.yaml file.
+There are also multiple different NFS servers you can use for testing of 
+the plugin, the major versions of the protocol v2, v3 and v4 should be supported
+by the current implementation.
 
-```kubectl -f examples/kubernetes/nginx.yaml create```
+The example assumes you have your cluster created (e.g. `kind create cluster`)
+and working NFS server (e.g. https://github.com/rootfs/nfs-ganesha-docker)
 
-## Using CSC tool
+#### Deploy
 
-### Build nfsplugin
+Deploy the NFS plugin along with the `CSIDriver` info.
 ```
-$ make nfs
+kubectl -f deploy/kubernetes create
 ```
 
-### Start NFS driver
-```
-$ sudo ./_output/nfsplugin --endpoint tcp://127.0.0.1:10000 --nodeid CSINode -v=5
-```
+#### Example Nginx application
 
-## Test
-Get ```csc``` tool from https://github.com/rexray/gocsi/tree/master/csc
+The [/examples/kubernetes/nginx.yaml](/examples/kubernetes/nginx.yaml) contains a `PersistentVolume`,
+`PersistentVolumeClaim` and an nginx `Pod` mounting the NFS volume under `/var/www`.
 
-#### Get plugin info
-```
-$ csc identity plugin-info --endpoint tcp://127.0.0.1:10000
-"NFS"	"0.1.0"
-```
+You will need to update the NFS Server IP and the share information under 
+`volumeAttributes` inside `PersistentVolume` in `nginx.yaml` file to match your
+NFS server public end point and configuration. You can also provide additional 
+`mountOptions`, such as protocol version, in the `PersistentVolume` `spec` 
+relevant for your NFS Server.
 
-#### NodePublish a volume
 ```
-$ export NFS_SERVER="Your Server IP (Ex: 10.10.10.10)"
-$ export NFS_SHARE="Your NFS share"
-$ csc node publish --endpoint tcp://127.0.0.1:10000 --target-path /mnt/nfs --attrib server=$NFS_SERVER --attrib share=$NFS_SHARE nfstestvol
-nfstestvol
+kubectl -f examples/kubernetes/nginx.yaml create
 ```
 
-#### NodeUnpublish a volume
-```
-$ csc node unpublish --endpoint tcp://127.0.0.1:10000 --target-path /mnt/nfs nfstestvol
-nfstestvol
-```
-
-#### Get NodeID
-```
-$ csc node get-id --endpoint tcp://127.0.0.1:10000
-CSINode
-```
 ## Running Kubernetes End To End tests on an NFS Driver
 
 First, stand up a local cluster `ALLOW_PRIVILEGED=1 hack/local-up-cluster.sh` (from your Kubernetes repo)
 For Fedora/RHEL clusters, the following might be required:
-  ```
-  sudo chown -R $USER:$USER /var/run/kubernetes/
-  sudo chown -R $USER:$USER /var/lib/kubelet
-  sudo chcon -R -t svirt_sandbox_file_t /var/lib/kubelet
-  ```
+```
+sudo chown -R $USER:$USER /var/run/kubernetes/
+sudo chown -R $USER:$USER /var/lib/kubelet
+sudo chcon -R -t svirt_sandbox_file_t /var/lib/kubelet
+```
 If you are plannig to test using your own private image, you could either install your nfs driver using your own set of YAML files, or edit the existing YAML files to use that private image.
 
 When using the [existing set of YAML files](https://github.com/kubernetes-csi/csi-driver-nfs/tree/master/deploy/kubernetes), you would edit the [csi-attacher-nfsplugin.yaml](https://github.com/kubernetes-csi/csi-driver-nfs/blob/master/deploy/kubernetes/csi-attacher-nfsplugin.yaml#L46) and [csi-nodeplugin-nfsplugin.yaml](https://github.com/kubernetes-csi/csi-driver-nfs/blob/master/deploy/kubernetes/csi-nodeplugin-nfsplugin.yaml#L45) files to include your private image instead of the default one. After editing these files, skip to step 3 of the following steps.
 
 If you already have a driver installed, skip to step 4 of the following steps.
 
 1) Build the nfs driver by running `make`
-2) Create NFS Driver Image, where the image tag would be whatever that is required by your YAML deployment files        `docker build -t quay.io/k8scsi/nfsplugin:v1.0.0 .`
+2) Create NFS Driver Image, where the image tag would be whatever that is required by your YAML deployment files        `docker build -t quay.io/k8scsi/nfsplugin:v2.0.0 .`
 3) Install the Driver: `kubectl create -f deploy/kubernetes`
 4) Build E2E test binary: `make build-tests`
 5) Run E2E Tests using the following command: `./bin/tests --ginkgo.v --ginkgo.progress --kubeconfig=/var/run/kubernetes/admin.kubeconfig`

cloudbuild.sh

@@ -0,0 +1,6 @@
+#! /bin/bash
+
+# shellcheck disable=SC1091
+. release-tools/prow.sh
+
+gcr_cloud_build

cloudbuild.yaml

@@ -0,0 +1,46 @@
+# A configuration file for multi-arch image building with the Google cloud build service.
+#
+# Repos using this file must:
+# - import csi-release-tools
+# - add a symlink cloudbuild.yaml -> release-tools/cloudbuild.yaml
+# - add a .cloudbuild.sh which can be a custom file or a symlink
+#   to release-tools/cloudbuild.sh
+# - accept "binary" as build argument in their Dockerfile(s) (see
+#   https://github.com/pohly/node-driver-registrar/blob/3018101987b0bb6da2a2657de607174d6e3728f7/Dockerfile#L4-L6)
+#   because binaries will get built for different architectures and then
+#   get copied from the built host into the container image
+#
+# See https://github.com/kubernetes/test-infra/blob/master/config/jobs/image-pushing/README.md
+# for more details on image pushing process in Kubernetes.
+#
+# To promote release images, see https://github.com/kubernetes/k8s.io/tree/master/k8s.gcr.io/images/k8s-staging-sig-storage.
+
+# This must be specified in seconds. If omitted, defaults to 600s (10 mins).
+timeout: 1200s
+# This prevents errors if you don't use both _GIT_TAG and _PULL_BASE_REF,
+# or any new substitutions added in the future.
+options:
+  substitution_option: ALLOW_LOOSE
+steps:
+  # The image must contain bash and curl. Ideally it should also contain
+  # the desired version of Go (currently defined in release-tools/travis.yml),
+  # but that just speeds up the build and is not required.
+  - name: 'gcr.io/k8s-testimages/gcb-docker-gcloud:v20200421-a2bf5f8'
+    entrypoint: ./.cloudbuild.sh
+    env:
+    - GIT_TAG=${_GIT_TAG}
+    - PULL_BASE_REF=${_PULL_BASE_REF}
+    - REGISTRY_NAME=gcr.io/${_STAGING_PROJECT}
+    - HOME=/root
+substitutions:
+  # _GIT_TAG will be filled with a git-based tag for the image, of the form vYYYYMMDD-hash, and
+  # can be used as a substitution.
+  _GIT_TAG: '12345'
+  # _PULL_BASE_REF will contain the ref that was pushed to trigger this build -
+  # a branch like 'master' or 'release-0.2', or a tag like 'v0.2'.
+  _PULL_BASE_REF: 'master'
+  # The default gcr.io staging project for Kubernetes-CSI
+  # (=> https://console.cloud.google.com/gcr/images/k8s-staging-sig-storage/GLOBAL).
+  # Might be overridden in the Prow build job for a repo which wants
+  # images elsewhere.
+  _STAGING_PROJECT: 'k8s-staging-sig-storage'

cmd/nfsplugin/main.go

@@ -20,6 +20,7 @@ import (
 	"flag"
 	"fmt"
 	"os"
+	"strconv"
 
 	"github.com/spf13/cobra"
 
@@ -29,6 +30,7 @@ import (
 var (
 	endpoint string
 	nodeID   string
+	perm     string
 )
 
 func init() {
@@ -55,6 +57,8 @@ func main() {
 	cmd.PersistentFlags().StringVar(&endpoint, "endpoint", "", "CSI endpoint")
 	cmd.MarkPersistentFlagRequired("endpoint")
 
+	cmd.PersistentFlags().StringVar(&perm, "mount-permissions", "", "mounted folder permissions")
+
 	cmd.ParseFlags(os.Args[1:])
 	if err := cmd.Execute(); err != nil {
 		fmt.Fprintf(os.Stderr, "%s", err.Error())
@@ -65,6 +69,18 @@ func main() {
 }
 
 func handle() {
-	d := nfs.NewNFSdriver(nodeID, endpoint)
+	// Converting string permission representation to *uint32
+	var parsedPerm *uint32
+	if perm != "" {
+		permu64, err := strconv.ParseUint(perm, 8, 32)
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "Incorrect mount-permissions value: %q", perm)
+			os.Exit(1)
+		}
+		permu32 := uint32(permu64)
+		parsedPerm = &permu32
+	}
+
+	d := nfs.NewNFSdriver(nodeID, endpoint, parsedPerm)
 	d.Run()
 }

deploy/kubernetes/csi-nfs-driverinfo.yaml

@@ -0,0 +1,9 @@
+apiVersion: storage.k8s.io/v1beta1
+kind: CSIDriver
+metadata:
+  name: nfs.csi.k8s.io
+spec:
+  attachRequired: false
+  volumeLifecycleModes:
+  - Persistent
+  podInfoOnMount: true