Allow Setting Default Mode In Secret Volumes

[wesmcouch]

Addressing JENKINS-49641

This change allows you to specify defaultMode for a secretVolume in the podtemplate.

Currently when using SSH private keys in a secret volume, you must specify using YAML in the podTemplate in order to get the correct permissions on the files.

I have tested this it works with and without the defaultMode specified to maintain backwards compatibility.

[wesmcouch]

@carlossg Let me know if there is anything I can do to improve this, the changes are pretty benign.

[carlossg]

why 420 ?
the default in kubernetes is 0644 https://kubernetes.io/docs/concepts/configuration/secret/

I would set the default to empty string and then add it to the buildVolume if not empty

[wesmcouch]

Checkout this link under 'Secret files permissions' https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-files-from-a-pod

Using JSON for kubernetes requests does not support Octal notation. 420 maps to 0644. Specifying octal notation in the YAML (without these changes) does not work, you have to use the JSON spec. I haven't dived too deep into the plugin but I am assuming that it uses JSON for requests.

[wesmcouch]

I have adjusted the code a bit. The new implementation gets rid of the defaults and only sets the defaultMode in the buildVolume method if that variable is set.

[carlossg]

use StringUtils.isBlank because the UI will set it to "" IIRC

[wesmcouch]

Perfect thanks

[wesmcouch]

I updated my branch to latest and rebased the commits, it should be ready to go. Thanks!

[carlossg]

thanks!

[carlossg]

JENKINS-49641 JENKINS-42851