Skip to content

Commit 3f1abbe

Browse files
Merge pull request #373 from shiftstack/OSASINFRA-3675
OSASINFRA-3675: Rework authentication in Manila CSI Driver Operator
2 parents 9b5dbf9 + 6dd0da4 commit 3f1abbe

13 files changed

Lines changed: 97 additions & 210 deletions

File tree

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
apiVersion: v1
2+
kind: Secret
3+
metadata:
4+
name: csi-manila-secrets
5+
namespace: openshift-manila-csi-driver
6+
stringData:
7+
os-cloud: openstack
8+
os-cloudsFile: /etc/openstack/clouds.yaml
9+
os-useClouds: "true"
Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
# Generated file. Do not edit. Update using "make update".
2+
#
3+
# Loaded from overlays/openstack-manila/base/config_secret.yaml
4+
#
5+
#
6+
7+
apiVersion: v1
8+
kind: Secret
9+
metadata:
10+
name: csi-manila-secrets
11+
namespace: openshift-manila-csi-driver
12+
stringData:
13+
os-cloud: openstack
14+
os-cloudsFile: /etc/openstack/clouds.yaml
15+
os-useClouds: "true"

assets/overlays/openstack-manila/generated/hypershift/controller.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -148,6 +148,9 @@ spec:
148148
name: socket-dir
149149
- mountPath: /etc/kubernetes/static-pod-resources/configmaps/cloud-config
150150
name: cacert
151+
- mountPath: /etc/openstack
152+
name: cloud-credentials
153+
readOnly: true
151154
- args:
152155
- --nodeid=$(NODE_ID)
153156
- --endpoint=unix://plugin/csi-nfs.sock
@@ -374,6 +377,12 @@ spec:
374377
- name: metrics-serving-cert
375378
secret:
376379
secretName: manila-csi-driver-controller-metrics-serving-cert
380+
- name: cloud-credentials
381+
secret:
382+
items:
383+
- key: clouds.yaml
384+
path: clouds.yaml
385+
secretName: manila-cloud-credentials
377386
- configMap:
378387
items:
379388
- key: ca-bundle.pem

assets/overlays/openstack-manila/generated/hypershift/manifests.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ controllerStaticAssetNames:
55
- controller_sa.yaml
66
- service.yaml
77
guestStaticAssetNames:
8+
- config_secret.yaml
89
- csidriver.yaml
910
- kube_rbac_proxy_binding.yaml
1011
- kube_rbac_proxy_role.yaml

assets/overlays/openstack-manila/generated/hypershift/node.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,9 @@ spec:
8282
readOnlyRootFilesystem: true
8383
terminationMessagePolicy: FallbackToLogsOnError
8484
volumeMounts:
85+
- mountPath: /etc/openstack
86+
name: cloud-credentials
87+
readOnly: true
8588
- mountPath: /var/lib/kubelet/plugins/manila.csi.openstack.org
8689
name: plugin-dir
8790
- mountPath: /var/lib/kubelet/plugins/csi-nfsplugin
@@ -189,6 +192,12 @@ spec:
189192
- name: metrics-serving-cert
190193
secret:
191194
secretName: manila-csi-driver-node-metrics-serving-cert
195+
- name: cloud-credentials
196+
secret:
197+
items:
198+
- key: clouds.yaml
199+
path: clouds.yaml
200+
secretName: manila-cloud-credentials
192201
- hostPath:
193202
path: /var/lib/kubelet/plugins/manila.csi.openstack.org
194203
type: DirectoryOrCreate
Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
# Generated file. Do not edit. Update using "make update".
2+
#
3+
# Loaded from overlays/openstack-manila/base/config_secret.yaml
4+
#
5+
#
6+
7+
apiVersion: v1
8+
kind: Secret
9+
metadata:
10+
name: csi-manila-secrets
11+
namespace: openshift-manila-csi-driver
12+
stringData:
13+
os-cloud: openstack
14+
os-cloudsFile: /etc/openstack/clouds.yaml
15+
os-useClouds: "true"

assets/overlays/openstack-manila/generated/standalone/controller.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -112,6 +112,9 @@ spec:
112112
name: socket-dir
113113
- mountPath: /etc/kubernetes/static-pod-resources/configmaps/cloud-config
114114
name: cacert
115+
- mountPath: /etc/openstack
116+
name: cloud-credentials
117+
readOnly: true
115118
- args:
116119
- --nodeid=$(NODE_ID)
117120
- --endpoint=unix://plugin/csi-nfs.sock
@@ -317,6 +320,12 @@ spec:
317320
- name: metrics-serving-cert
318321
secret:
319322
secretName: manila-csi-driver-controller-metrics-serving-cert
323+
- name: cloud-credentials
324+
secret:
325+
items:
326+
- key: clouds.yaml
327+
path: clouds.yaml
328+
secretName: manila-cloud-credentials
320329
- configMap:
321330
items:
322331
- key: ca-bundle.pem

assets/overlays/openstack-manila/generated/standalone/manifests.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ controllerStaticAssetNames:
66
- service.yaml
77
- servicemonitor.yaml
88
guestStaticAssetNames:
9+
- config_secret.yaml
910
- csidriver.yaml
1011
- kube_rbac_proxy_binding.yaml
1112
- kube_rbac_proxy_role.yaml

assets/overlays/openstack-manila/generated/standalone/node.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,9 @@ spec:
8282
readOnlyRootFilesystem: true
8383
terminationMessagePolicy: FallbackToLogsOnError
8484
volumeMounts:
85+
- mountPath: /etc/openstack
86+
name: cloud-credentials
87+
readOnly: true
8588
- mountPath: /var/lib/kubelet/plugins/manila.csi.openstack.org
8689
name: plugin-dir
8790
- mountPath: /var/lib/kubelet/plugins/csi-nfsplugin
@@ -189,6 +192,12 @@ spec:
189192
- name: metrics-serving-cert
190193
secret:
191194
secretName: manila-csi-driver-node-metrics-serving-cert
195+
- name: cloud-credentials
196+
secret:
197+
items:
198+
- key: clouds.yaml
199+
path: clouds.yaml
200+
secretName: manila-cloud-credentials
192201
- hostPath:
193202
path: /var/lib/kubelet/plugins/manila.csi.openstack.org
194203
type: DirectoryOrCreate

assets/overlays/openstack-manila/patches/controller_add_driver.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,9 @@ spec:
8282
mountPath: /plugin
8383
- name: cacert
8484
mountPath: /etc/kubernetes/static-pod-resources/configmaps/cloud-config
85+
- name: cloud-credentials
86+
mountPath: /etc/openstack
87+
readOnly: true
8588
resources:
8689
requests:
8790
cpu: 10m
@@ -111,6 +114,12 @@ spec:
111114
memory: 50Mi
112115
terminationMessagePolicy: FallbackToLogsOnError
113116
volumes:
117+
- name: cloud-credentials
118+
secret:
119+
secretName: manila-cloud-credentials
120+
items:
121+
- key: clouds.yaml
122+
path: clouds.yaml
114123
- name: socket-dir
115124
emptyDir: {}
116125
- name: cacert

0 commit comments

Comments
 (0)