Skip to content

STOR-1591: Rebase to upstream v1.6.16 for OCP 4.17 #39

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
openshift-merge-bot merged 24 commits into from
Jul 11, 2024
Merged

STOR-1591: Rebase to upstream v1.6.16 for OCP 4.17 #39

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
ea62345
Fix issue where errors were reported as info
hsadoyan Dec 15, 2023
673e3c8
Merge pull request #769 from hsadoyan/automated-cherry-pick-of-#746-u…
k8s-ci-robot Jan 8, 2024
07557c0
Add NfsExportOptions parsing
hsadoyan Nov 28, 2023
9f1cd72
Refactor duplicate function
hsadoyan Jan 4, 2024
cf9681d
Disable NFSExportOptions by default
hsadoyan Jan 8, 2024
eaa6ce7
Merge pull request #779 from hsadoyan/automated-cherry-pick-of-#737-#…
k8s-ci-robot Feb 6, 2024
2798bf6
bump base image from bullseye to bookworm for CVE fixes
amacaskill Feb 21, 2024
6111b06
Merge pull request #801 from k8s-infra-cherrypick-robot/cherry-pick-7…
k8s-ci-robot Feb 23, 2024
0e043ab
CVE-2024-24786: bump google.golang.org/protobuf to v1.33.0
tyuchn Mar 19, 2024
515dc7c
fix CVE-2024-28085
dannawang0221 Apr 18, 2024
5383147
Merge pull request #838 from k8s-infra-cherrypick-robot/cherry-pick-8…
k8s-ci-robot Apr 20, 2024
a4674bd
Add dannawang0221 to OWNERS
dannawang0221 Apr 23, 2024
67c6bb1
Merge pull request #843 from k8s-infra-cherrypick-robot/cherry-pick-8…
tyuchn Apr 24, 2024
9d2d0a5
Update debian base image to fix CVE-2024-2961
Sneha-at Apr 30, 2024
0a7029d
Merge pull request #865 from k8s-infra-cherrypick-robot/cherry-pick-8…
k8s-ci-robot Jun 3, 2024
b2f4f2b
fix tier capacity check for expandVolume
leiyiz Jun 3, 2024
cdaa196
Merge pull request #882 from k8s-infra-cherrypick-robot/cherry-pick-8…
k8s-ci-robot Jun 11, 2024
8ee644b
Properly unwrap gce-compute error code.
hime May 31, 2024
f8af684
Manual cherrypick of #878: Update k8s.io/kubernetes to fix GO-2024-2746
hime Jun 13, 2024
71b89ba
Merge pull request #884 from hime/automated-cherry-pick-of-#864-upstr…
k8s-ci-robot Jun 14, 2024
4dacfce
Merge pull request #887 from hime/local-release-1.6
k8s-ci-robot Jun 14, 2024
74d5f88
Merge remote-tracking branch 'openshift/master' into rebase-1.6.16
dfajmon Jun 26, 2024
111b8e0
UPSTREAM: <carry>: Add OpenShift files
dfajmon Jun 27, 2024
3b87c68
UPSTREAM: <carry>: Add replaces in go.mod and generate go.sum
dfajmon Jun 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
23 changes: 13 additions & 10 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ RUN GOARCH=$(echo $TARGETPLATFORM | cut -f2 -d '/') make driver BINDIR=/bin GCP_
# Install nfs packages
# Note that the newer debian bullseye image does not work with nfs-common; I
# believe that libcap needs extra configuration.
FROM gke.gcr.io/debian-base:bullseye-v1.4.3-gke.5 as deps
FROM gke.gcr.io/debian-base:bookworm-v1.0.2-gke.2 as deps
ENV DEBIAN_FRONTEND noninteractive

# The netbase package is needed to get rpcbind to work correctly,
Expand All @@ -51,6 +51,8 @@ ENV DEBIAN_FRONTEND noninteractive
# Now in `nfs_services_start.sh` we call rpcbind start, this tries to source the `/lib/lsb/init-functions` file. This needs to be installed from the lsb-base package. In the debian-base image the lsb package is deleted (https://github.com/kubernetes/release/blob/v0.15.0/images/build/debian-base/bullseye/Dockerfile.build#L90). Hence using `apt-get install --reinstall` fixes the problem.
RUN apt-get update && apt-get dist-upgrade -y && apt-mark unhold libcap2 && apt-get install --reinstall -y --no-install-recommends \
lsb-base \
# New depenency of lsb-base in bookworm
sysvinit-utils \
mount \
rpcbind \
netbase \
Expand All @@ -62,14 +64,14 @@ RUN apt-get update && apt-get dist-upgrade -y && apt-mark unhold libcap2 && apt-
RUN mkdir /run/sendsigs.omit.d

# Hold required packages to avoid breaking the installation of packages
RUN apt-mark hold apt gnupg adduser passwd libsemanage1 libcap2 mount nfs-common init
RUN apt-mark hold apt gnupg adduser passwd libsemanage2 libcap2 mount nfs-common init

# Clean up unnecessary packages
# This list is copied from
# https://github.com/kubernetes/kubernetes/blob/master/build/debian-base/Dockerfile.build
# and modified to keep nfs dependencies
RUN echo "Yes, do as I say!" | apt-get purge \
# bash \
# We don't need to remove the packages that are already removed from the base image:
# https://github.com/kubernetes/release/blob/78ecea5a708046ee2d4e71be5dc73393b8d7d7cc/images/build/debian-base/bookworm/Dockerfile.build#L44-L54.
# The commented out packages are nfs dependencies, and should not be removed.
RUN echo "Yes, do as I say!" | apt-get purge -y --allow-remove-essential \
# bash \
e2fslibs \
e2fsprogs \
# init \
Expand All @@ -79,13 +81,14 @@ RUN echo "Yes, do as I say!" | apt-get purge \
# libsmartcols1 \
# libudev1 \
# libblkid1 \
libncursesw5 \
# Not able to be removed even though I don't think this is needed, but removing it causes:
# "Error, pkgProblemResolver::Resolve generated breaks, this may be caused by held packages."
# libncursesw6 \
libss2 \
ncurses-base \
ncurses-bin \
ncurses-bin
# systemd \
# systemd-sysv \
tzdata

# Cleanup cached and unnecessary files.
RUN apt-get autoremove -y && \
Expand Down
6 changes: 5 additions & 1 deletion cmd/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,8 @@ var (
coreInformerResyncPeriod = flag.Duration("core-informer-resync-repriod", 15*time.Minute, "Core informer resync period.")

// Feature multishare backups enabled
featureMultishareBackups = flag.Bool("feature-multishare-backups", false, "if set to true, the multishare backups will be enabled. enable-multishare must be set to true as well")
featureMultishareBackups = flag.Bool("feature-multishare-backups", false, "if set to true, the multishare backups will be enabled. enable-multishare must be set to true as well")
featureNFSExportOptionsOnCreate = flag.Bool("feature-nfs-export-options", false, "if set to true, the driver will accpet nfs-export-options-on-create parameter and configure IP Access rules")

// Feature stateful CSI driver specific parameters
featureStateful = flag.Bool("feature-stateful-multishare", false, "if set to true, the controller will run stateful multishare controller, if set to true, enable-multishare must be set to true as well")
Expand Down Expand Up @@ -183,6 +184,9 @@ func main() {
FeatureMultishareBackups: &driver.FeatureMultishareBackups{
Enabled: *featureMultishareBackups,
},
FeatureNFSExportOptionsOnCreate: &driver.FeatureNFSExportOptionsOnCreate{
Enabled: *featureNFSExportOptionsOnCreate,
},
}

mounter := mount.New("")
Expand Down
139 changes: 70 additions & 69 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,33 +4,34 @@ go 1.21

require (
cloud.google.com/go/compute/metadata v0.2.3
github.com/container-storage-interface/spec v1.7.0
github.com/container-storage-interface/spec v1.8.0
github.com/golang/protobuf v1.5.4
github.com/google/go-cmp v0.5.9
github.com/google/go-cmp v0.6.0
github.com/google/uuid v1.3.0
github.com/googleapis/gax-go/v2 v2.12.0
github.com/kubernetes-csi/csi-lib-utils v0.13.0
github.com/kubernetes-csi/csi-test/v3 v3.1.1
github.com/onsi/ginkgo v1.16.5
github.com/onsi/gomega v1.23.0
github.com/onsi/gomega v1.29.0
github.com/prashanthpai/sunrpc v0.0.0-20210303180433-689a3880d90a
github.com/spf13/cobra v1.6.0
github.com/spf13/cobra v1.7.0
github.com/spf13/pflag v1.0.5
golang.org/x/net v0.17.0
golang.org/x/net v0.23.0
golang.org/x/oauth2 v0.11.0
golang.org/x/sys v0.15.0
golang.org/x/sys v0.18.0
google.golang.org/api v0.138.0
google.golang.org/genproto/googleapis/rpc v0.0.0-20230815205213-6bfd019c3878
google.golang.org/grpc v1.57.1
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d
google.golang.org/grpc v1.58.3
google.golang.org/protobuf v1.33.0
gopkg.in/gcfg.v1 v1.2.0
k8s.io/api v0.26.0
k8s.io/apimachinery v0.26.0
gopkg.in/gcfg.v1 v1.2.3
k8s.io/api v0.29.4
k8s.io/apimachinery v0.29.4
k8s.io/client-go v11.0.1-0.20190805182717-6502b5e7b1b5+incompatible
k8s.io/component-base v0.26.0
k8s.io/klog/v2 v2.80.1
k8s.io/kubernetes v1.24.1
k8s.io/mount-utils v0.24.1
k8s.io/utils v0.0.0-20221107191617-1a15be271d1d
k8s.io/component-base v0.29.4
k8s.io/klog/v2 v2.110.1
k8s.io/kubernetes v1.29.4
k8s.io/mount-utils v0.29.4
k8s.io/utils v0.0.0-20230726121419-3b25d923346b
sigs.k8s.io/boskos v0.0.0-20201002225104-ae3497d24cd7
sigs.k8s.io/controller-runtime v0.12.1
)
Expand All @@ -41,87 +42,87 @@ require (
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/emicklei/go-restful/v3 v3.9.0 // indirect
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/evanphx/json-patch v5.6.0+incompatible // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
github.com/go-logr/logr v1.2.3 // indirect
github.com/go-openapi/jsonpointer v0.19.5 // indirect
github.com/go-openapi/jsonreference v0.20.0 // indirect
github.com/go-openapi/swag v0.21.1 // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/go-logr/logr v1.3.0 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/swag v0.22.3 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/google/gnostic v0.6.9 // indirect
github.com/google/gnostic-models v0.6.8 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/s2a-go v0.1.5 // indirect
github.com/google/s2a-go v0.1.7 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.2.5 // indirect
github.com/googleapis/gax-go/v2 v2.12.0 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-multierror v1.1.0 // indirect
github.com/imdario/mergo v0.3.13 // indirect
github.com/inconshreveable/mousetrap v1.0.1 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/mailru/easyjson v0.7.7 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
github.com/moby/sys/mountinfo v0.6.2 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/nxadm/tail v1.4.8 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/prometheus/client_golang v1.14.0 // indirect
github.com/prometheus/client_model v0.3.0 // indirect
github.com/prometheus/common v0.37.0 // indirect
github.com/prometheus/procfs v0.8.0 // indirect
github.com/rasky/go-xdr v0.0.0-20170124162913-1a41d1a06c93 // indirect
github.com/sirupsen/logrus v1.8.1 // indirect
github.com/prometheus/client_golang v1.16.0 // indirect
github.com/prometheus/client_model v0.4.0 // indirect
github.com/prometheus/common v0.44.0 // indirect
github.com/prometheus/procfs v0.10.1 // indirect
github.com/rasky/go-xdr v0.0.0-20170217172119-4930550ba2e2 // indirect
github.com/sirupsen/logrus v1.9.0 // indirect
go.opencensus.io v0.24.0 // indirect
golang.org/x/crypto v0.17.0 // indirect
golang.org/x/term v0.15.0 // indirect
golang.org/x/crypto v0.21.0 // indirect
golang.org/x/term v0.18.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/time v0.0.0-20220411224347-583f2d630306 // indirect
golang.org/x/time v0.3.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/apiextensions-apiserver v0.24.1 // indirect
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
k8s.io/apiextensions-apiserver v0.29.4 // indirect
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
k8s.io/test-infra v0.0.0-20201007205216-b54c51c3a44a // indirect
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
)

replace (
k8s.io/api => k8s.io/api v0.26.0
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.26.0
k8s.io/apimachinery => k8s.io/apimachinery v0.26.0
k8s.io/apiserver => k8s.io/apiserver v0.26.0
k8s.io/cli-runtime => k8s.io/cli-runtime v0.26.0
k8s.io/client-go => k8s.io/client-go v0.26.0
k8s.io/cloud-provider => k8s.io/cloud-provider v0.26.0
k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.26.0
k8s.io/code-generator => k8s.io/code-generator v0.26.0
k8s.io/component-base => k8s.io/component-base v0.26.0
k8s.io/component-helpers => k8s.io/component-helpers v0.26.0
k8s.io/controller-manager => k8s.io/controller-manager v0.26.0
k8s.io/cri-api => k8s.io/cri-api v0.26.0
k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.26.0
k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.26.0
k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.26.0
k8s.io/kube-proxy => k8s.io/kube-proxy v0.26.0
k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.26.0
k8s.io/kubectl => k8s.io/kubectl v0.26.0
k8s.io/kubelet => k8s.io/kubelet v0.26.0
k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.26.0
k8s.io/metrics => k8s.io/metrics v0.26.0
k8s.io/mount-utils => k8s.io/mount-utils v0.26.0
k8s.io/node-api => k8s.io/node-api v0.26.0
k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.26.0
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.26.0
k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.26.0
k8s.io/sample-controller => k8s.io/sample-controller v0.26.0
k8s.io/api => k8s.io/api v0.29.4
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.29.4
k8s.io/apimachinery => k8s.io/apimachinery v0.29.4
k8s.io/apiserver => k8s.io/apiserver v0.29.4
k8s.io/cli-runtime => k8s.io/cli-runtime v0.29.4
k8s.io/client-go => k8s.io/client-go v0.29.4
k8s.io/cloud-provider => k8s.io/cloud-provider v0.29.4
k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.29.4
k8s.io/code-generator => k8s.io/code-generator v0.29.4
k8s.io/component-base => k8s.io/component-base v0.29.4
k8s.io/component-helpers => k8s.io/component-helpers v0.29.4
k8s.io/controller-manager => k8s.io/controller-manager v0.29.4
k8s.io/cri-api => k8s.io/cri-api v0.29.4
k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.29.4
k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.29.4
k8s.io/endpointslice => k8s.io/endpointslice v0.29.4
k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.29.4
k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.29.4
k8s.io/kube-proxy => k8s.io/kube-proxy v0.29.4
k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.29.4
k8s.io/kubectl => k8s.io/kubectl v0.29.4
k8s.io/kubelet => k8s.io/kubelet v0.29.4
k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.29.4
k8s.io/metrics => k8s.io/metrics v0.29.4
k8s.io/mount-utils => k8s.io/mount-utils v0.29.4
k8s.io/node-api => k8s.io/node-api v0.29.4
k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.29.4
k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.29.4
k8s.io/sample-cli-plugin => k8s.io/sample-cli-plugin v0.29.4
k8s.io/sample-controller => k8s.io/sample-controller v0.29.4
)
Loading