openkruise · kruise-bot · Mar 27, 2023 · Mar 18, 2023
diff --git a/pkg/webhook/pod/mutating/sidecarset.go b/pkg/webhook/pod/mutating/sidecarset.go
@@ -362,15 +362,27 @@ func buildSidecars(isUpdated bool, pod *corev1.Pod, oldPod *corev1.Pod, matchedS
 		if !isUpdated {
 			for i := range sidecarSet.Spec.InitContainers {
 				initContainer := &sidecarSet.Spec.InitContainers[i]
-				//add "IS_INJECTED" env in initContainer's envs
-				initContainer.Env = append(initContainer.Env, corev1.EnvVar{Name: sidecarcontrol.SidecarEnvKey, Value: "true"})
+				// volumeMounts that injected into sidecar container
+				// when volumeMounts SubPathExpr contains expansions, then need copy container EnvVars(injectEnvs)
+				injectedMounts, injectedEnvs := sidecarcontrol.GetInjectedVolumeMountsAndEnvs(control, initContainer, pod)
+				// get injected env & mounts explicitly so that can be compared with old ones in pod
 				transferEnvs := sidecarcontrol.GetSidecarTransferEnvs(initContainer, pod)
-				initContainer.Env = append(initContainer.Env, transferEnvs...)
-				sidecarInitContainers = append(sidecarInitContainers, initContainer)
+				// append volumeMounts SubPathExpr environments
+				transferEnvs = util.MergeEnvVar(transferEnvs, injectedEnvs)
+				klog.Infof("try to inject initContainer sidecar %v@%v/%v, with injected envs: %v, volumeMounts: %v",
+					initContainer.Name, pod.Namespace, pod.Name, transferEnvs, injectedMounts)
 				// insert volumes that initContainers used
 				for _, mount := range initContainer.VolumeMounts {
 					volumesInSidecars = append(volumesInSidecars, *volumesMap[mount.Name])
 				}
+				// merge VolumeMounts from sidecar.VolumeMounts and shared VolumeMounts
+				initContainer.VolumeMounts = util.MergeVolumeMounts(initContainer.VolumeMounts, injectedMounts)
+				// add "IS_INJECTED" env in initContainer's envs
+				initContainer.Env = append(initContainer.Env, corev1.EnvVar{Name: sidecarcontrol.SidecarEnvKey, Value: "true"})
+				// merged Env from sidecar.Env and transfer envs
+				initContainer.Env = util.MergeEnvVar(initContainer.Env, transferEnvs)
+
+				sidecarInitContainers = append(sidecarInitContainers, initContainer)
 			}
 			//process imagePullSecrets
 			sidecarSecrets = append(sidecarSecrets, sidecarSet.Spec.ImagePullSecrets...)
@@ -389,7 +401,7 @@ func buildSidecars(isUpdated bool, pod *corev1.Pod, oldPod *corev1.Pod, matchedS
 			transferEnvs := sidecarcontrol.GetSidecarTransferEnvs(sidecarContainer, pod)
 			// append volumeMounts SubPathExpr environments
 			transferEnvs = util.MergeEnvVar(transferEnvs, injectedEnvs)
-			klog.Infof("try to inject sidecar %v@%v/%v, with injected envs: %v, volumeMounts: %v",
+			klog.Infof("try to inject Container sidecar %v@%v/%v, with injected envs: %v, volumeMounts: %v",
 				sidecarContainer.Name, pod.Namespace, pod.Name, transferEnvs, injectedMounts)
 			//when update pod object
 			if isUpdated {

diff --git a/pkg/webhook/pod/mutating/sidecarset_test.go b/pkg/webhook/pod/mutating/sidecarset_test.go
@@ -238,6 +238,32 @@ var (
 					"app": "suxing-test",
 				},
 			},
+			InitContainers: []appsv1alpha1.SidecarContainer{
+				{
+					Container: corev1.Container{
+						Name:  "dns-e",
+						Image: "dns-e-image:1.0",
+						VolumeMounts: []corev1.VolumeMount{
+							{
+								Name:      "volume-3",
+								MountPath: "/g/h/i",
+							},
+							{
+								Name:      "volume-4",
+								MountPath: "/j/k/l",
+							},
+							{
+								Name:      "volume-staragent",
+								MountPath: "/staragent",
+							},
+						},
+					},
+					PodInjectPolicy: appsv1alpha1.BeforeAppContainerType,
+					ShareVolumePolicy: appsv1alpha1.ShareVolumePolicy{
+						Type: appsv1alpha1.ShareVolumePolicyEnabled,
+					},
+				},
+			},
 			Containers: []appsv1alpha1.SidecarContainer{
 				{
 					Container: corev1.Container{
@@ -288,6 +314,8 @@ var (
 				{Name: "volume-1"},
 				{Name: "volume-2"},
 				{Name: "volume-staragent"},
+				{Name: "volume-3"},
+				{Name: "volume-4"},
 			},
 		},
 	}
@@ -730,11 +758,12 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS
 	// /a/b、/e/f
 	podIn := podWithStaragent.DeepCopy()
 	cases := []struct {
-		name               string
-		getPod             func() *corev1.Pod
-		getSidecarSets     func() *appsv1alpha1.SidecarSet
-		exceptVolumeMounts []string
-		exceptEnvs         []string
+		name                   string
+		getPod                 func() *corev1.Pod
+		getSidecarSets         func() *appsv1alpha1.SidecarSet
+		exceptInitVolumeMounts []string
+		exceptVolumeMounts     []string
+		exceptEnvs             []string
 	}{
 		{
 			name: "append normal volumeMounts",
@@ -744,7 +773,8 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS
 			getSidecarSets: func() *appsv1alpha1.SidecarSet {
 				return sidecarSetIn.DeepCopy()
 			},
-			exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent"},
+			exceptInitVolumeMounts: []string{"/a/b", "/e/f", "/g/h/i", "/j/k/l", "/staragent"},
+			exceptVolumeMounts:     []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent"},
 		},
 		{
 			name: "append volumeMounts SubPathExpr, volumes with expanded subpath",
@@ -768,8 +798,9 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS
 			getSidecarSets: func() *appsv1alpha1.SidecarSet {
 				return sidecarSetIn.DeepCopy()
 			},
-			exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"},
-			exceptEnvs:         []string{"POD_NAME", "OD_NAME"},
+			exceptInitVolumeMounts: []string{"/a/b", "/e/f", "/g/h/i", "/j/k/l", "/staragent", "/e/expansion"},
+			exceptVolumeMounts:     []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"},
+			exceptEnvs:             []string{"POD_NAME", "OD_NAME"},
 		},
 		{
 			name: "append volumeMounts SubPathExpr, subpath with no expansion",
@@ -785,7 +816,8 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS
 			getSidecarSets: func() *appsv1alpha1.SidecarSet {
 				return sidecarSetIn.DeepCopy()
 			},
-			exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"},
+			exceptInitVolumeMounts: []string{"/a/b", "/e/f", "/g/h/i", "/j/k/l", "/staragent", "/e/expansion"},
+			exceptVolumeMounts:     []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"},
 		},
 		{
 			name: "append volumeMounts SubPathExpr, volumes expanded with empty subpath",
@@ -801,7 +833,8 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS
 			getSidecarSets: func() *appsv1alpha1.SidecarSet {
 				return sidecarSetIn.DeepCopy()
 			},
-			exceptVolumeMounts: []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"},
+			exceptInitVolumeMounts: []string{"/a/b", "/e/f", "/g/h/i", "/j/k/l", "/staragent", "/e/expansion"},
+			exceptVolumeMounts:     []string{"/a/b", "/e/f", "/a/b/c", "/d/e/f", "/staragent", "/e/expansion"},
 		},
 	}
 
@@ -818,15 +851,27 @@ func testPodVolumeMountsAppend(t *testing.T, sidecarSetIn *appsv1alpha1.SidecarS
 				t.Fatalf("inject sidecar into pod failed, err: %v", err)
 			}
 
+			for _, mount := range cs.exceptInitVolumeMounts {
+				if util.GetContainerVolumeMount(&podOut.Spec.InitContainers[0], mount) == nil {
+					t.Fatalf("expect volume mounts in InitContainer %s but got nil", mount)
+				}
+			}
+
+			for _, env := range cs.exceptEnvs {
+				if util.GetContainerEnvVar(&podOut.Spec.InitContainers[0], env) == nil {
+					t.Fatalf("expect env in InitContainer %s but got nil", env)
+				}
+			}
+
 			for _, mount := range cs.exceptVolumeMounts {
 				if util.GetContainerVolumeMount(&podOut.Spec.Containers[1], mount) == nil {
-					t.Fatalf("expect volume mounts %s but got nil", mount)
+					t.Fatalf("expect volume mounts in Container %s but got nil", mount)
 				}
 			}
 
 			for _, env := range cs.exceptEnvs {
 				if util.GetContainerEnvVar(&podOut.Spec.Containers[1], env) == nil {
-					t.Fatalf("expect env %s but got nil", env)
+					t.Fatalf("expect env in Container %s but got nil", env)
 				}
 			}
 		})