diff --git a/pkg/driver/controllerserver.go b/pkg/driver/controllerserver.go index a2ee8de8..9483d353 100644 --- a/pkg/driver/controllerserver.go +++ b/pkg/driver/controllerserver.go @@ -115,20 +115,17 @@ func (cs *controllerServer) CreateVolume(_ context.Context, req *csi.CreateVolum pvcAnnotations := pvcRes.Annotations customSecretName = pvcAnnotations[constants.SecretNameKey] - secretNamespace := pvcAnnotations[constants.SecretNamespaceKey] if customSecretName == "" { return nil, status.Error(codes.InvalidArgument, fmt.Sprintf("secretName annotation 'cos.csi.driver/secret' not specified in the PVC annotations, could not fetch the secret %v", err)) } - if secretNamespace == "" { - klog.Info("secretNamespace annotation 'cos.csi.driver/secret-namespace' not specified in PVC annotations:\t", pvcRes.Annotations, "\t trying to fetch the secret in default namespace") - secretNamespace = constants.DefaultNamespace - } + secretNamespace := pvcNamespace + klog.Infof("Using secret '%s' from PVC namespace '%s'", customSecretName, secretNamespace) secret, err := cs.Stats.GetSecret(customSecretName, secretNamespace) if err != nil { - return nil, status.Error(codes.InvalidArgument, fmt.Sprintf("Secret resource not found %v", err)) + return nil, status.Error(codes.InvalidArgument, fmt.Sprintf("error getting Secret: %v", err)) } secretMapCustom := parseCustomSecret(secret) @@ -382,7 +379,7 @@ func (cs *controllerServer) DeleteVolume(_ context.Context, req *csi.DeleteVolum secret, err := cs.Stats.GetSecret(secretName, secretNamespace) if err != nil { - return nil, status.Error(codes.InvalidArgument, fmt.Sprintf("Secret resource not found %v", err)) + return nil, status.Error(codes.InvalidArgument, fmt.Sprintf("error getting Secret: %v", err)) } secretMapCustom := parseCustomSecret(secret) diff --git a/pkg/driver/controllerserver_test.go b/pkg/driver/controllerserver_test.go index b91826da..90f80aed 100644 --- a/pkg/driver/controllerserver_test.go +++ b/pkg/driver/controllerserver_test.go @@ -164,8 +164,7 @@ func TestCreateVolume(t *testing.T) { return &v1.PersistentVolumeClaim{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - constants.SecretNameKey: testSecretName, - constants.SecretNamespaceKey: testSecretNs, + constants.SecretNameKey: testSecretName, }, }, }, nil @@ -434,11 +433,45 @@ func TestCreateVolume(t *testing.T) { }, nil }, GetSecretFn: func(secretName, secretNamespace string) (*v1.Secret, error) { - return nil, errors.New("failed to get secret") + return nil, errors.New("secrets \"test-cos-secret1\" not found") + }, + }), + expectedResp: nil, + expectedErr: errors.New("error getting Secret"), + }, + { + testCaseName: "Negative: Secret not found in PVC namespace", + req: &csi.CreateVolumeRequest{ + Name: testVolumeName, + VolumeCapabilities: []*csi.VolumeCapability{ + { + AccessMode: &csi.VolumeCapability_AccessMode{ + Mode: volumeCapabilities[0], + }, + }, + }, + Parameters: map[string]string{ + constants.PVCNameKey: testPVCName, + constants.PVCNamespaceKey: testPVCNs, + }, + }, + cosSession: &s3client.FakeCOSSessionFactory{}, + driverStatsUtils: utils.NewFakeStatsUtilsImpl(utils.FakeStatsUtilsFuncStruct{ + GetPVCFn: func(pvcName, pvcNamespace string) (*v1.PersistentVolumeClaim, error) { + return &v1.PersistentVolumeClaim{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + constants.SecretNameKey: testSecretName, + }, + }, + }, nil + }, + GetSecretFn: func(secretName, secretNamespace string) (*v1.Secret, error) { + return nil, errors.New("secrets \"testSecretName\" not found") }, }), expectedResp: nil, - expectedErr: errors.New("Secret resource not found"), + expectedErr: errors.New("error getting Secret"), }, { testCaseName: "Negative: Invalid bucket versioning name in secret", @@ -489,8 +522,7 @@ func TestCreateVolume(t *testing.T) { return &v1.PersistentVolumeClaim{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - constants.SecretNameKey: testSecretName, - constants.SecretNamespaceKey: testSecretNs, + constants.SecretNameKey: testSecretName, }, }, }, nil @@ -717,9 +749,10 @@ func TestCreateVolume(t *testing.T) { VolumeId: testVolumeName, CapacityBytes: 1073741824, VolumeContext: map[string]string{ + "bucketName": "", "userProvidedBucket": "false", - "locationConstraint": "test-region", "cosEndpoint": "test-endpoint", + "locationConstraint": "test-region", "mounter": "s3fs", }, }, @@ -755,6 +788,9 @@ func TestCreateVolume(t *testing.T) { actualResp.Volume.VolumeContext != nil { if bucketNameVal, ok := actualResp.Volume.VolumeContext["bucketName"]; ok { if strings.Contains(bucketNameVal, actualResp.Volume.VolumeId) { + if tc.expectedResp.Volume.VolumeContext == nil { + tc.expectedResp.Volume.VolumeContext = make(map[string]string) + } tc.expectedResp.Volume.VolumeContext["bucketName"] = bucketNameVal } } @@ -898,11 +934,11 @@ func TestDeleteVolume(t *testing.T) { }, nil }, GetSecretFn: func(secretName, secretNamespace string) (*v1.Secret, error) { - return nil, errors.New("secret not found") + return nil, errors.New("secrets \"testSecretName\" not found") }, }), expectedResp: nil, - expectedErr: errors.New("Secret resource not found"), + expectedErr: errors.New("error getting Secret"), }, { testCaseName: "Negative: Access Key not provided", diff --git a/pkg/utils/driver_utils.go b/pkg/utils/driver_utils.go index d88568d5..5cd30b15 100644 --- a/pkg/utils/driver_utils.go +++ b/pkg/utils/driver_utils.go @@ -220,7 +220,7 @@ func (su *DriverStatsUtils) GetSecret(secretName, secretNamespace string) (*v1.S secret, err := k8sClient.CoreV1().Secrets(secretNamespace).Get(context.TODO(), secretName, metav1.GetOptions{}) if err != nil { - return nil, fmt.Errorf("error getting Secret: %v", err) + return nil, err } return secret, nil