From 3ca4593acadd008209c6b277f45e97d52f3e4146 Mon Sep 17 00:00:00 2001 From: ricky Date: Sat, 18 Mar 2023 21:03:16 +0800 Subject: [PATCH] fix: fix initContainers shareVolumePolicy Signed-off-by: ricky --- pkg/webhook/pod/mutating/sidecarset.go | 22 +++++-- pkg/webhook/pod/mutating/sidecarset_test.go | 69 +++++++++++++++++---- 2 files changed, 74 insertions(+), 17 deletions(-) diff --git a/pkg/webhook/pod/mutating/sidecarset.go b/pkg/webhook/pod/mutating/sidecarset.go index 987efdd1ca..df85689b04 100644 --- a/pkg/webhook/pod/mutating/sidecarset.go +++ b/pkg/webhook/pod/mutating/sidecarset.go @@ -362,15 +362,27 @@ func buildSidecars(isUpdated bool, pod *corev1.Pod, oldPod *corev1.Pod, matchedS if !isUpdated { for i := range sidecarSet.Spec.InitContainers { initContainer := &sidecarSet.Spec.InitContainers[i] - //add "IS_INJECTED" env in initContainer's envs - initContainer.Env = append(initContainer.Env, corev1.EnvVar{Name: sidecarcontrol.SidecarEnvKey, Value: "true"}) + // volumeMounts that injected into sidecar container + // when volumeMounts SubPathExpr contains expansions, then need copy container EnvVars(injectEnvs) + injectedMounts, injectedEnvs := sidecarcontrol.GetInjectedVolumeMountsAndEnvs(control, initContainer, pod) + // get injected env & mounts explicitly so that can be compared with old ones in pod transferEnvs := sidecarcontrol.GetSidecarTransferEnvs(initContainer, pod) - initContainer.Env = append(initContainer.Env, transferEnvs...) - sidecarInitContainers = append(sidecarInitContainers, initContainer) + // append volumeMounts SubPathExpr environments + transferEnvs = util.MergeEnvVar(transferEnvs, injectedEnvs) + klog.Infof("try to inject initContainer sidecar %v@%v/%v, with injected envs: %v, volumeMounts: %v", + initContainer.Name, pod.Namespace, pod.Name, transferEnvs, injectedMounts) // insert volumes that initContainers used for _, mount := range initContainer.VolumeMounts { volumesInSidecars = append(volumesInSidecars, *volumesMap[mount.Name]) } + // merge VolumeMounts from sidecar.VolumeMounts and shared VolumeMounts + initContainer.VolumeMounts = util.MergeVolumeMounts(initContainer.VolumeMounts, injectedMounts) + // add "IS_INJECTED" env in initContainer's envs + initContainer.Env = append(initContainer.Env, corev1.EnvVar{Name: sidecarcontrol.SidecarEnvKey, Value: "true"}) + // merged Env from sidecar.Env and transfer envs + initContainer.Env = util.MergeEnvVar(initContainer.Env, transferEnvs) + + sidecarInitContainers = append(sidecarInitContainers, initContainer) } //process imagePullSecrets sidecarSecrets = append(sidecarSecrets, sidecarSet.Spec.ImagePullSecrets...) @@ -389,7 +401,7 @@ func buildSidecars(isUpdated bool, pod *corev1.Pod, oldPod *corev1.Pod, matchedS transferEnvs := sidecarcontrol.GetSidecarTransferEnvs(sidecarContainer, pod) // append volumeMounts SubPathExpr environments transferEnvs = util.MergeEnvVar(transferEnvs, injectedEnvs) - klog.Infof("try to inject sidecar %v@%v/%v, with injected envs: %v, volumeMounts: %v", + klog.Infof("try to inject Container sidecar %v@%v/%v, with injected envs: %v, volumeMounts: %v", sidecarContainer.Name, pod.Namespace, pod.Name, transferEnvs, injectedMounts) //when update pod object if isUpdated { diff --git a/pkg/webhook/pod/mutating/sidecarset_test.go b/pkg/webhook/pod/mutating/sidecarset_test.go index 7fe7451672..ba00ff8a17 100644 --- a/pkg/webhook/pod/mutating/sidecarset_test.go +++ b/pkg/webhook/pod/mutating/sidecarset_test.go @@ -238,6 +238,32 @@ var ( "app": "suxing-test", }, }, + InitContainers: []appsv1alpha1.SidecarContainer{ + { + Container: corev1.Container{ + Name: "dns-e", + Image: "dns-e-image:1.0", + VolumeMounts: []corev1.VolumeMount{ + { + Name: "volume-3", + MountPath: "/g/h/i", + }, + { + Name: "volume-4", + MountPath: "/j/k/l", + }, + { + Name: "volume-staragent", + MountPath: "/staragent", + }, + }, + }, + PodInjectPolicy: appsv1alpha1.BeforeAppContainerType, + ShareVolumePolicy: appsv1alpha1.ShareVolumePolicy{ + Type: appsv1alpha1.ShareVolumePolicyEnabled, + }, + }, + }, Containers: []appsv1alpha1.SidecarContainer{ { Container: corev1.Container{ @@ -288,6 +314,8 @@ var ( {Name: "volume-1"}, {Name: "volume-2"}, {Name: "volume-staragent"}, + {Name: "volume-3"}, + {Name: "volume-4"}, }, }, } @@ -730,11 +758,12 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS // /a/b、/e/f podIn := podWithStaragent.DeepCopy() cases := []struct { - name string - getPod func() *corev1.Pod - getSidecarSets func() *appsv1alpha1.SidecarSet - exceptVolumeMounts []string - exceptEnvs []string + name string + getPod func() *corev1.Pod + getSidecarSets func() *appsv1alpha1.SidecarSet + exceptInitVolumeMounts []string + exceptVolumeMounts []string + exceptEnvs []string }{ { name: "append normal volumeMounts", @@ -744,7 +773,8 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS getSidecarSets: func() *appsv1alpha1.SidecarSet { return sidecarSetIn.DeepCopy() }, - exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent"}, + exceptInitVolumeMounts: []string{"/a/b", "/e/f", "/g/h/i", "/j/k/l", "/staragent"}, + exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent"}, }, { name: "append volumeMounts SubPathExpr, volumes with expanded subpath", @@ -768,8 +798,9 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS getSidecarSets: func() *appsv1alpha1.SidecarSet { return sidecarSetIn.DeepCopy() }, - exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"}, - exceptEnvs: []string{"POD_NAME", "OD_NAME"}, + exceptInitVolumeMounts: []string{"/a/b", "/e/f", "/g/h/i", "/j/k/l", "/staragent", "/e/expansion"}, + exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"}, + exceptEnvs: []string{"POD_NAME", "OD_NAME"}, }, { name: "append volumeMounts SubPathExpr, subpath with no expansion", @@ -785,7 +816,8 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS getSidecarSets: func() *appsv1alpha1.SidecarSet { return sidecarSetIn.DeepCopy() }, - exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"}, + exceptInitVolumeMounts: []string{"/a/b", "/e/f", "/g/h/i", "/j/k/l", "/staragent", "/e/expansion"}, + exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"}, }, { name: "append volumeMounts SubPathExpr, volumes expanded with empty subpath", @@ -801,7 +833,8 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS getSidecarSets: func() *appsv1alpha1.SidecarSet { return sidecarSetIn.DeepCopy() }, - exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"}, + exceptInitVolumeMounts: []string{"/a/b", "/e/f", "/g/h/i", "/j/k/l", "/staragent", "/e/expansion"}, + exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"}, }, } @@ -818,15 +851,27 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS t.Fatalf("inject sidecar into pod failed, err: %v", err) } + for _, mount := range cs.exceptInitVolumeMounts { + if util.GetContainerVolumeMount(&podOut.Spec.InitContainers[0], mount) == nil { + t.Fatalf("expect volume mounts in InitContainer %s but got nil", mount) + } + } + + for _, env := range cs.exceptEnvs { + if util.GetContainerEnvVar(&podOut.Spec.InitContainers[0], env) == nil { + t.Fatalf("expect env in InitContainer %s but got nil", env) + } + } + for _, mount := range cs.exceptVolumeMounts { if util.GetContainerVolumeMount(&podOut.Spec.Containers[1], mount) == nil { - t.Fatalf("expect volume mounts %s but got nil", mount) + t.Fatalf("expect volume mounts in Container %s but got nil", mount) } } for _, env := range cs.exceptEnvs { if util.GetContainerEnvVar(&podOut.Spec.Containers[1], env) == nil { - t.Fatalf("expect env %s but got nil", env) + t.Fatalf("expect env in Container %s but got nil", env) } } })