feat: allow providers to have the driver write files #481
Conversation
|
Skipping CI for Draft Pull Request. |
k8s-ci-robot
added
do-not-merge/work-in-progress
k8s-ci-robot
added
the
size/XL
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
/retest |
|
/test pull-secrets-store-csi-driver-e2e-vault |
|
vault e2e tests should be fixed with #483 |
|
/test pull-secrets-store-csi-driver-e2e-vault |
| ) | ||
|
|
||
| const ( | ||
| maxFileNameLength = 255 |
There was a problem hiding this comment.
For Azure Key vault, the max object name length is 128 and I assume this is a reasonable limit for the Google Secrets Manager as well. Is there a restriction for Hashicorp vault? Since this limit is being imposed now we should make sure we aren't breaking any exist cases.
There was a problem hiding this comment.
It does not seem like the vault provider includes an restrictions on path lengths: https://github.com/hashicorp/vault-csi-provider/blob/20173a0f069739c2e9236c3b23bbe98a4af2c3ba/internal/provider/provider.go#L254
The GCP plugin has a length of 253 since IsConfigMapKey is currently used:
https://github.com/kubernetes/apimachinery/blob/2456ebdaba229616fab2161a615148884b46644b/pkg/util/validation/validation.go#L424
There was a problem hiding this comment.
@tomhjp Do you see anything breaking with imposing this limit on the secret name length for the vault provider?
There was a problem hiding this comment.
There's no explicit limit currently but I'm ok with introducing this limit 👍
pkg/util/fileutil/writer.go
Outdated
| if targetPath == "" { | ||
| return fmt.Errorf("invalid path: must not be empty: %q", targetPath) | ||
| } | ||
| if path.IsAbs(targetPath) { |
There was a problem hiding this comment.
We should use filepath so this is valid for windows too
There was a problem hiding this comment.
Looking at path.IsAbs and filepath.IsAbs I'm fairly certain that their implementations are equivalent, so I'll move to filepath as that seems more semantically correct. Think we should propose a change to automic_writer.go too?
There was a problem hiding this comment.
Yeah, we should propose a change to atomic_writer.go. We can open a PR and get feedback from the community.
| string path = 1; | ||
| // The mode bits used to set permissions on this file. | ||
| // Must be a decimal value between 0 and 511. | ||
| int32 mode = 2; |
There was a problem hiding this comment.
Today, the mode is sent to the provider from the driver. Having this will make it extensible in the future if we decide to support user configuration for mode.
There was a problem hiding this comment.
Ack. My initial thoughts here are that we should deprecate permission in MountRequest and that permissions should be specified in the provider specific portion of the SecretProviderClass yaml at the same spot that secrets->files are mapped.
|
|
||
| // File holds secret file contents and location in the mount path to write the | ||
| // file. | ||
| message File { |
There was a problem hiding this comment.
Could we also add a comment with the limitations on the size of the payload?
There was a problem hiding this comment.
Ah, i completely forgot about that. Do you think I should also add a configurable message size flag to this PR?
There was a problem hiding this comment.
I'm assuming bigger size than default supported would mean we would need to use grpc stream? I would be open to keeping the default with the limitation documented. If there are users with additional size, then we can add an option to configure. WDYT?
There was a problem hiding this comment.
I updated the repeated File files = 3 comment but we can just add a flag to control the MaxCallRecvMsgSize option when creating the plugin grpc client. This would require config/deploy from the user but would not require switching to grpc streaming. I believe this was what @tomhjp preferred in the design doc
|
/test pull-secrets-store-csi-driver-e2e-azure |
1 similar comment
|
/test pull-secrets-store-csi-driver-e2e-azure |
|
@tam7t: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
| }, | ||
| }, | ||
| { | ||
| name: "provider response with multiple files", |
There was a problem hiding this comment.
maybe add a test for 0 file returned
There was a problem hiding this comment.
The "provider successful response" case covers this, but I've updated it to be explicit and this gave me the idea to use filepath.walk + go-cmp for better file comparisons
| @@ -59,6 +61,27 @@ message MountRequest { | |||
| message MountResponse { | |||
| repeated ObjectVersion object_version = 1; | |||
| Error error = 2; | |||
| // files contains the entire mount volume filesystem. | |||
| // | |||
| // The total size of all files should not exceed 1MiB or syncing to | |||
There was a problem hiding this comment.
Do we want to validate the file content size if this is a known limit?
There was a problem hiding this comment.
We could add it for the 1 MiB case but over 4MiB the RPC will fail. I've added a klog to MountContent for when the proto is > 1MiB.
tam7t
force-pushed
the
tam7t/obj-write-spike
branch
from
171ef9a
to
b7a9369
Compare
tam7t
force-pushed
the
tam7t/obj-write-spike
branch
from
b7a9369
to
bc3ec81
Compare
|
/test pull-secrets-store-csi-driver-e2e-windows |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: aramase, tam7t The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
What this PR does / why we need it:
Expands the provider<->driver interface to allow the providers to have the driver write all files to the mount.
Which issue(s) this PR fixes (optional, using
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when the PR gets merged):Fixes #460
Special notes for your reviewer: