Merge https://github.com/kubernetes-csi/csi-driver-nfs:master into master

.github/workflows/linux.yaml

@@ -13,7 +13,7 @@ jobs:
     - name: Set up Go 1.x
       uses: actions/setup-go@v2
       with:
-        go-version: ^1.16
+        go-version: ^1.17
       id: go
 
     - name: Check out code into the Go module directory

.github/workflows/static.yaml

@@ -12,8 +12,8 @@ jobs:
             - name: Run linter
               uses: golangci/golangci-lint-action@v2
               with:
-                  version: v1.29
-                  args: -E=gofmt,deadcode,unused,varcheck,ineffassign,golint,misspell --timeout=30m0s
+                  version: v1.43
+                  args: -E=gofmt,deadcode,unused,varcheck,ineffassign,revive,misspell,exportloopref,asciicheck,bodyclose,contextcheck --timeout=30m0s
     verify-helm:
         name: Verify Helm
         runs-on: ubuntu-latest

Dockerfile

@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-FROM k8s.gcr.io/build-image/debian-base:bullseye-v1.0.0
+FROM k8s.gcr.io/build-image/debian-base:bullseye-v1.1.0
 
 # Architecture for bin folder
 ARG ARCH
@@ -23,6 +23,6 @@ COPY bin/${ARCH}/nfsplugin /nfsplugin
 RUN apt update && apt-mark unhold libcap2
 RUN clean-install ca-certificates mount nfs-common netbase
 # install updated packages to fix CVE issues
-RUN clean-install libssl1.1 libgssapi-krb5-2 libk5crypto3 libkrb5-3 libkrb5support0 libgmp10
+RUN clean-install libgmp10 bsdutils
 
 ENTRYPOINT ["/nfsplugin"]

Makefile

@@ -27,7 +27,7 @@ include release-tools/build.make
 
 GIT_COMMIT = $(shell git rev-parse HEAD)
 BUILD_DATE = $(shell date -u +"%Y-%m-%dT%H:%M:%SZ")
-IMAGE_VERSION ?= v3.1.0
+IMAGE_VERSION ?= v3.2.0
 LDFLAGS = -X ${PKG}/pkg/nfs.driverVersion=${IMAGE_VERSION} -X ${PKG}/pkg/nfs.gitCommit=${GIT_COMMIT} -X ${PKG}/pkg/nfs.buildDate=${BUILD_DATE}
 EXT_LDFLAGS = -s -w -extldflags "-static"
 # Use a custom version for E2E tests if we are testing in CI
@@ -42,7 +42,7 @@ REGISTRY_NAME ?= $(shell echo $(REGISTRY) | sed "s/.azurecr.io//g")
 IMAGE_TAG = $(REGISTRY)/$(IMAGENAME):$(IMAGE_VERSION)
 IMAGE_TAG_LATEST = $(REGISTRY)/$(IMAGENAME):latest
 
-E2E_HELM_OPTIONS ?= --set image.nfs.repository=$(REGISTRY)/$(IMAGENAME) --set image.nfs.tag=$(IMAGE_VERSION) --set image.nfs.pullPolicy=Always
+E2E_HELM_OPTIONS ?= --set image.nfs.repository=$(REGISTRY)/$(IMAGENAME) --set image.nfs.tag=$(IMAGE_VERSION) --set image.nfs.pullPolicy=Always --set feature.enableInlineVolume=true
 E2E_HELM_OPTIONS += ${EXTRA_HELM_OPTIONS}
 
 # Output type of docker buildx build

README.md

@@ -10,7 +10,8 @@ This is a repository for [NFS](https://en.wikipedia.org/wiki/Network_File_System
 ### Container Images & Kubernetes Compatibility:
 |driver version  | supported k8s version | status |
 |----------------|-----------------------|--------|
-|master branch   | 1.19+                 | beta   |
+|master branch   | 1.20+                 | beta   |
+|v3.1.0          | 1.19+                 | beta   |
 |v3.0.0          | 1.19+                 | beta   |
 |v2.0.0          | 1.14+                 | alpha  |
 

charts/README.md

@@ -5,17 +5,16 @@
 
 ### Tips
  - make controller only run on master node: `--set controller.runOnMaster=true`
- - set replica of controller as `1`: `--set controller.replicas=1`
- - enable `fsGroupPolicy` on a k8s 1.20+ cluster (this feature is in beta, check details [here](../deploy/example/fsgroup)): `--set feature.enableFSGroupPolicy=true`
+ - set replica of controller as `2`: `--set controller.replicas=2`
 
 ### install a specific version
 ```console
 helm repo add csi-driver-nfs https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts
-helm install csi-driver-nfs csi-driver-nfs/csi-driver-nfs --namespace kube-system --version v3.0.0
+helm install csi-driver-nfs csi-driver-nfs/csi-driver-nfs --namespace kube-system --version v3.1.0
 ```
 
 ### install driver with customized driver name, deployment name
-> only supported from `v3.0.0`+
+> only supported from `v3.1.0`+
  - following example would install a driver with name `nfs2`
 ```console
 helm install csi-driver-nfs2 csi-driver-nfs/csi-driver-nfs --namespace kube-system --set driver.name="nfs2.csi.k8s.io" --set controller.name="csi-nfs2-controller" --set rbac.name=nfs2 --set serviceAccount.controller=csi-nfs2-controller-sa --set serviceAccount.node=csi-nfs2-node-sa --set node.name=csi-nfs2-node --set node.livenessProbe.healthPort=39653
@@ -39,12 +38,14 @@ The following table lists the configurable parameters of the latest NFS CSI Driv
 |---------------------------------------------------|------------------------------------------------------------|-------------------------------------------------------------------|
 | `driver.name`                                     | alternative driver name                                    | `nfs.csi.k8s.io` |
 | `driver.mountPermissions`                         | mounted folder permissions name                            | `0777`
-| `feature.enableFSGroupPolicy`                     | enable `fsGroupPolicy` on a k8s 1.20+ cluster              | `false`                      |
+| `feature.enableFSGroupPolicy`                     | enable `fsGroupPolicy` on a k8s 1.20+ cluster              | `true`                      |
+| `feature.enableInlineVolume`                      | enable inline volume                     | `false`                      |
+| `kubeletDir`                                      | alternative kubelet directory                              | `/var/lib/kubelet`                                                  |
 | `image.nfs.repository`                            | csi-driver-nfs image                                       | `mcr.microsoft.com/k8s/csi/nfs-csi`                          |
 | `image.nfs.tag`                                   | csi-driver-nfs image tag                                   | `latest`                                                |
 | `image.nfs.pullPolicy`                            | csi-driver-nfs image pull policy                           | `IfNotPresent`                                                      |
 | `image.csiProvisioner.repository`                 | csi-provisioner docker image                               | `k8s.gcr.io/sig-storage/csi-provisioner`                            |
-| `image.csiProvisioner.tag`                        | csi-provisioner docker image tag                           | `v2.0.4`                                                            |
+| `image.csiProvisioner.tag`                        | csi-provisioner docker image tag                           | `v3.1.0`                                                            |
 | `image.csiProvisioner.pullPolicy`                 | csi-provisioner image pull policy                          | `IfNotPresent`                                                      |
 | `image.livenessProbe.repository`                  | liveness-probe docker image                                | `k8s.gcr.io/sig-storage/livenessprobe`                              |
 | `image.livenessProbe.tag`                         | liveness-probe docker image tag                            | `v2.5.0`                                                            |
@@ -55,9 +56,10 @@ The following table lists the configurable parameters of the latest NFS CSI Driv
 | `imagePullSecrets`                                | Specify docker-registry secret names as an array           | [] (does not add image pull secrets to deployed pods)                                                           |
 | `serviceAccount.create`                           | whether create service account of csi-nfs-controller       | `true`                                                              |
 | `rbac.create`                                     | whether create rbac of csi-nfs-controller                  | `true`                                                              |
-| `controller.replicas`                             | the replicas of csi-nfs-controller                         | `2`                                                                 |
+| `controller.replicas`                             | replica number of csi-nfs-controller                         | `1`                                                                 |
 | `controller.runOnMaster`                          | run controller on master node                              | `false`                                                             |
 | `controller.logLevel`                             | controller driver log level                                                          |`5`                                                           |
+| `controller.workingMountDir`                      | working directory for provisioner to mount nfs shares temporarily                  | `/tmp`                                                             |
 | `controller.tolerations`                              | controller pod tolerations                            |                                                              |
 | `controller.resources.csiProvisioner.limits.memory`   | csi-provisioner memory limits                         | 100Mi                                                          |
 | `controller.resources.csiProvisioner.requests.cpu`    | csi-provisioner cpu requests limits                   | 10m                                                            |

charts/index.yaml

@@ -3,16 +3,25 @@ entries:
   csi-driver-nfs:
   - apiVersion: v1
     appVersion: latest
-    created: "2021-12-03T09:32:27.922454757Z"
+    created: "2022-01-16T02:03:42.985827759Z"
     description: CSI NFS Driver for Kubernetes
-    digest: 12bfa47c9b4d8d70374af58c3ffcb17f063587ec374422290ddbaeba8be1e2d7
+    digest: 327a5a82966527f18eebfd36b66b45c467eda0046cc0ac87271123cc9b788fd1
     name: csi-driver-nfs
     urls:
-    - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts/latest/csi-driver-nfs-v3.1.0.tgz
+    - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts/latest/csi-driver-nfs-v3.2.0.tgz
+    version: v3.2.0
+  - apiVersion: v1
+    appVersion: v3.1.0
+    created: "2022-01-16T02:03:42.988838576Z"
+    description: CSI NFS Driver for Kubernetes
+    digest: be2757357ed0a4c5c689b1c06de8eaa75da43430f08f04c8fb42fd17fffb0959
+    name: csi-driver-nfs
+    urls:
+    - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts/v3.1.0/csi-driver-nfs-v3.1.0.tgz
     version: v3.1.0
   - apiVersion: v1
     appVersion: v3.0.0
-    created: "2021-12-03T09:32:27.923670465Z"
+    created: "2022-01-16T02:03:42.987551869Z"
     description: CSI NFS Driver for Kubernetes
     digest: c19a1780bbdf240ff4628666a5cf70fea9d44fc20966b63796550e83a45ef50a
     name: csi-driver-nfs
@@ -21,11 +30,11 @@ entries:
     version: v3.0.0
   - apiVersion: v1
     appVersion: v2.0.0
-    created: "2021-12-03T09:32:27.92288436Z"
+    created: "2022-01-16T02:03:42.986145361Z"
     description: CSI NFS Driver for Kubernetes
     digest: f537a133eaa965f1c053ffac130f82c9b2b624e1f8bd42937c9c48818464eaac
     name: csi-driver-nfs
     urls:
     - https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts/v2.0.0/csi-driver-nfs-v2.0.0.tgz
     version: v2.0.0
-generated: "2021-12-03T09:32:27.921439951Z"
+generated: "2022-01-16T02:03:42.985065955Z"

charts/latest/csi-driver-nfs/Chart.yaml

@@ -2,4 +2,4 @@ apiVersion: v1
 appVersion: latest
 description: CSI NFS Driver for Kubernetes
 name: csi-driver-nfs
-version: v3.1.0
+version: v3.2.0

charts/latest/csi-driver-nfs/templates/csi-nfs-controller.yaml

@@ -73,6 +73,7 @@ spec:
             - "--endpoint=$(CSI_ENDPOINT)"
             - "--drivername={{ .Values.driver.name }}"
             - "--mount-permissions={{ .Values.driver.mountPermissions }}"
+            - "--working-mount-dir={{ .Values.controller.workingMountDir }}"
           env:
             - name: NODE_ID
               valueFrom:
@@ -94,15 +95,15 @@ spec:
             periodSeconds: 30
           volumeMounts:
             - name: pods-mount-dir
-              mountPath: /var/lib/kubelet/pods
+              mountPath: {{ .Values.kubeletDir }}/pods
               mountPropagation: "Bidirectional"
             - mountPath: /csi
               name: socket-dir
           resources: {{- toYaml .Values.controller.resources.nfs | nindent 12 }}
       volumes:
         - name: pods-mount-dir
           hostPath:
-            path: /var/lib/kubelet/pods
+            path: {{ .Values.kubeletDir }}/pods
             type: Directory
         - name: socket-dir
           emptyDir: {}

charts/latest/csi-driver-nfs/templates/csi-nfs-driverinfo.yaml

@@ -6,6 +6,9 @@ spec:
   attachRequired: false
   volumeLifecycleModes:
     - Persistent
+  {{- if .Values.feature.enableInlineVolume}}
+    - Ephemeral
+  {{- end}}
   {{- if .Values.feature.enableFSGroupPolicy}}
   fsGroupPolicy: File
   {{- end}}

charts/latest/csi-driver-nfs/templates/csi-nfs-node.yaml

@@ -60,7 +60,7 @@ spec:
             - --kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)
           env:
             - name: DRIVER_REG_SOCK_PATH
-              value: /var/lib/kubelet/plugins/csi-nfsplugin/csi.sock
+              value: {{ .Values.kubeletDir }}/plugins/csi-nfsplugin/csi.sock
             - name: KUBE_NODE_NAME
               valueFrom:
                 fieldRef:
@@ -109,19 +109,19 @@ spec:
             - name: socket-dir
               mountPath: /csi
             - name: pods-mount-dir
-              mountPath: /var/lib/kubelet/pods
+              mountPath: {{ .Values.kubeletDir }}/pods
               mountPropagation: "Bidirectional"
           resources: {{- toYaml .Values.node.resources.nfs | nindent 12 }}
       volumes:
         - name: socket-dir
           hostPath:
-            path: /var/lib/kubelet/plugins/csi-nfsplugin
+            path: {{ .Values.kubeletDir }}/plugins/csi-nfsplugin
             type: DirectoryOrCreate
         - name: pods-mount-dir
           hostPath:
-            path: /var/lib/kubelet/pods
+            path: {{ .Values.kubeletDir }}/pods
             type: Directory
         - hostPath:
-            path: /var/lib/kubelet/plugins_registry
+            path: {{ .Values.kubeletDir }}/plugins_registry
             type: Directory
           name: registration-dir

charts/latest/csi-driver-nfs/values.yaml

@@ -5,7 +5,7 @@ image:
         pullPolicy: IfNotPresent
     csiProvisioner:
         repository: k8s.gcr.io/sig-storage/csi-provisioner
-        tag: v2.2.2
+        tag: v3.1.0
         pullPolicy: IfNotPresent
     livenessProbe:
         repository: k8s.gcr.io/sig-storage/livenessprobe
@@ -26,18 +26,22 @@ rbac:
 
 driver:
   name: nfs.csi.k8s.io
-  mountPermissions: "0777"
+  mountPermissions: 0777
 
 feature:
-  enableFSGroupPolicy: false
+  enableFSGroupPolicy: true
+  enableInlineVolume: false
+
+kubeletDir: /var/lib/kubelet
 
 controller:
   name: csi-nfs-controller
-  replicas: 2
+  replicas: 1
   runOnMaster: false
   livenessProbe:
     healthPort: 29652
   logLevel: 5
+  workingMountDir: "/tmp"
   tolerations:
     - key: "node-role.kubernetes.io/master"
       operator: "Exists"

charts/v3.1.0/csi-driver-nfs/.helmignore

@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/v3.1.0/csi-driver-nfs/Chart.yaml

@@ -0,0 +1,5 @@
+apiVersion: v1
+appVersion: v3.1.0
+description: CSI NFS Driver for Kubernetes
+name: csi-driver-nfs
+version: v3.1.0

charts/v3.1.0/csi-driver-nfs/templates/NOTES.txt

@@ -0,0 +1,5 @@
+ The CSI NFS Driver is getting deployed to your cluster.
+
+To check CSI NFS Driver pods status, please run:
+
+  kubectl --namespace={{ .Release.Namespace }} get pods --selector="release={{ .Release.Name }}" --watch

charts/v3.1.0/csi-driver-nfs/templates/_helpers.tpl

@@ -0,0 +1,16 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{/* Expand the name of the chart.*/}}
+{{- define "nfs.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/* labels for helm resources */}}
+{{- define "nfs.labels" -}}
+labels:
+  app.kubernetes.io/instance: "{{ .Release.Name }}"
+  app.kubernetes.io/managed-by: "{{ .Release.Service }}"
+  app.kubernetes.io/name: "{{ template "nfs.name" . }}"
+  app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
+  helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+{{- end -}}