Skip to content

Commit

Permalink
fix: mount dirs not files (#326)
Browse files Browse the repository at this point in the history
Signed-off-by: Todd Baert <toddbaert@gmail.com>
  • Loading branch information
toddbaert authored Jan 28, 2023
1 parent 256894f commit 089ab3c
Show file tree
Hide file tree
Showing 8 changed files with 32 additions and 24 deletions.
12 changes: 9 additions & 3 deletions apis/core/v1alpha1/featureflagconfiguration_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -128,11 +128,17 @@ func GenerateFfConfigMap(name string, namespace string, references []metav1.Owne
OwnerReferences: references,
},
Data: map[string]string{
FeatureFlagConfigurationConfigMapDataKeyName(namespace, name): spec.FeatureFlagSpec,
FeatureFlagConfigurationConfigMapKey(namespace, name): spec.FeatureFlagSpec,
},
}
}

func FeatureFlagConfigurationConfigMapDataKeyName(namespace, name string) string {
return fmt.Sprintf("%s_%s.json", namespace, name)
// unique string used to create unique volume mount and file name
func FeatureFlagConfigurationId(namespace, name string) string {
return fmt.Sprintf("%s_%s", namespace, name)
}

// unique key (and filename) for configMap data
func FeatureFlagConfigurationConfigMapKey(namespace, name string) string {
return fmt.Sprintf("%s.json", FeatureFlagConfigurationId(namespace, name))
}
2 changes: 1 addition & 1 deletion apis/core/v1alpha1/flagsourceconfiguration_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ type FlagSourceConfigurationSpec struct {
// +optional
SocketPath string `json:"socketPath"`

//SyncProviderArgs are string arguments passed to all sync providers, defined as key values separated by =
// SyncProviderArgs are string arguments passed to all sync providers, defined as key values separated by =
// +optional
SyncProviderArgs []string `json:"syncProviderArgs"`

Expand Down
2 changes: 1 addition & 1 deletion apis/core/v1alpha2/flagsourceconfiguration_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ type FlagSourceConfigurationSpec struct {
// +optional
SocketPath string `json:"socketPath"`

//SyncProviderArgs are string arguments passed to all sync providers, defined as key values separated by =
// SyncProviderArgs are string arguments passed to all sync providers, defined as key values separated by =
// +optional
SyncProviderArgs []string `json:"syncProviderArgs"`

Expand Down
2 changes: 1 addition & 1 deletion controllers/featureflagconfiguration_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -150,7 +150,7 @@ func (r *FeatureFlagConfigurationReconciler) Reconcile(ctx context.Context, req
// Update ConfigMap Spec
r.Log.Info("Updating ConfigMap Spec " + cm.Name)
cm.Data = map[string]string{
corev1alpha1.FeatureFlagConfigurationConfigMapDataKeyName(cm.Namespace, cm.Name): ffconf.Spec.FeatureFlagSpec,
corev1alpha1.FeatureFlagConfigurationConfigMapKey(cm.Namespace, cm.Name): ffconf.Spec.FeatureFlagSpec,
}
err := r.Client.Update(ctx, &cm)
if err != nil {
Expand Down
4 changes: 1 addition & 3 deletions webhooks/featureflagconfiguration_webhook_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,7 @@ const (
featureFlagConfigurationNamespace = "test-validate-featureflagconfiguration"
)

var (
featureFlagSpec = `
var featureFlagSpec = `
{
"flags": {
"new-welcome-message": {
Expand All @@ -28,7 +27,6 @@ var (
}
}
`
)

func setupValidateFeatureFlagConfigurationResources() {
ns := &corev1.Namespace{}
Expand Down
21 changes: 12 additions & 9 deletions webhooks/pod_webhook.go
Original file line number Diff line number Diff line change
Expand Up @@ -247,8 +247,10 @@ func podOwnerIsOwner(pod *corev1.Pod, cm corev1.ConfigMap) bool {
}

func (m *PodMutator) enableClusterRoleBinding(ctx context.Context, pod *corev1.Pod) error {
var serviceAccount = client.ObjectKey{Name: pod.Spec.ServiceAccountName,
Namespace: pod.Namespace}
serviceAccount := client.ObjectKey{
Name: pod.Spec.ServiceAccountName,
Namespace: pod.Namespace,
}
if pod.Spec.ServiceAccountName == "" {
serviceAccount.Name = "default"
}
Expand All @@ -266,7 +268,7 @@ func (m *PodMutator) enableClusterRoleBinding(ctx context.Context, pod *corev1.P
m.Log.V(1).Info(fmt.Sprintf("ClusterRoleBinding not found: %s", clusterRoleBindingName))
return err
}
var found = false
found := false
for _, subject := range crb.Subjects {
if subject.Kind == "ServiceAccount" && subject.Name == serviceAccount.Name && subject.Namespace == serviceAccount.Namespace {
m.Log.V(1).Info(fmt.Sprintf("ClusterRoleBinding already exists for service account: %s/%s", serviceAccount.Namespace, serviceAccount.Name))
Expand Down Expand Up @@ -385,7 +387,9 @@ func (m *PodMutator) injectSidecar(
commandSequence = append(
commandSequence,
"--uri",
fmt.Sprintf("file:%s", fileSyncMountPath(featureFlag)),
fmt.Sprintf("file:%s/%s",
fileSyncMountPath(featureFlag),
corev1alpha1.FeatureFlagConfigurationConfigMapKey(featureFlag.Namespace, featureFlag.Name)),
)
pod.Spec.Volumes = append(pod.Spec.Volumes, corev1.Volume{
Name: featureFlag.Name,
Expand All @@ -398,9 +402,10 @@ func (m *PodMutator) injectSidecar(
},
})
volumeMounts = append(volumeMounts, corev1.VolumeMount{
Name: featureFlag.Name,
Name: featureFlag.Name,
// create a directory mount per featureFlag spec
// file mounts will not work
MountPath: fileSyncMountPath(featureFlag),
SubPath: corev1alpha1.FeatureFlagConfigurationConfigMapDataKeyName(featureFlag.Namespace, featureFlag.Name),
})
default:
err := fmt.Errorf(
Expand Down Expand Up @@ -475,9 +480,7 @@ func setSecurityContext() *corev1.SecurityContext {
}

func fileSyncMountPath(featureFlag *corev1alpha1.FeatureFlagConfiguration) string {
return fmt.Sprintf("%s/%s", rootFileSyncMountPath,
corev1alpha1.FeatureFlagConfigurationConfigMapDataKeyName(featureFlag.Namespace, featureFlag.Name),
)
return fmt.Sprintf("%s/%s", rootFileSyncMountPath, corev1alpha1.FeatureFlagConfigurationId(featureFlag.Namespace, featureFlag.Name))
}

func OpenFeatureEnabledAnnotationIndex(o client.Object) []string {
Expand Down
3 changes: 1 addition & 2 deletions webhooks/pod_webhook_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -167,7 +167,6 @@ func podMutationWebhookCleanup() {
}

var _ = Describe("pod mutation webhook", func() {

It("should backfill role binding subjects when annotated pods already exist in the cluster", func() {
// this integration test confirms the proper execution of the podMutator.BackfillPermissions method
// this method is responsible for backfilling the subjects of the open-feature-operator-flagd-kubernetes-sync
Expand Down Expand Up @@ -456,7 +455,7 @@ var _ = Describe("pod mutation webhook", func() {
Expect(pod.Spec.Containers[1].Args).To(Equal([]string{
"start",
"--uri",
"file:/etc/flagd/test-mutate-pod_test-feature-flag-configuration.json",
"file:/etc/flagd/test-mutate-pod_test-feature-flag-configuration/test-mutate-pod_test-feature-flag-configuration.json",
"--sync-provider-args",
"key=value",
"--sync-provider-args",
Expand Down
10 changes: 6 additions & 4 deletions webhooks/suite_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,10 +32,12 @@ import (
// These tests use Ginkgo (BDD-style Go testing framework). Refer to
// http://onsi.github.io/ginkgo/ to learn more about Ginkgo.

var cfg *rest.Config
var k8sClient client.Client
var testEnv *envtest.Environment
var testCtx, testCancel = context.WithCancel(context.Background())
var (
cfg *rest.Config
k8sClient client.Client
testEnv *envtest.Environment
testCtx, testCancel = context.WithCancel(context.Background())
)

const (
podMutatingWebhookPath = "/mutate-v1-pod"
Expand Down

0 comments on commit 089ab3c

Please sign in to comment.