[BUG] cannot use statefulsets in sidecar mode

[zxh326]

What happened:
yaml:

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: web
spec:
  serviceName: "nginx"
  replicas: 2
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: registry.k8s.io/nginx-slim:0.8
        ports:
        - containerPort: 80
          name: web
        volumeMounts:
        - name: www
          mountPath: /usr/share/nginx/html
  volumeClaimTemplates:
  - metadata:
      name: www
    spec:
      accessModes: [ "ReadWriteOnce" ]
      storageClassName: "juicefs-dev-sc"
      resources:
        requests:
          storage: 1Gi

Error:

  Warning  FailedUpdate      34s (x15 over 116s)  statefulset-controller  update Pod web-0 in StatefulSet web failed error: Pod "web-0" is invalid: spec: Forbidden: pod updates may not change fields other than `spec.containers[*].image`, `spec.initContainers[*].image`, `spec.activeDeadlineSeconds`, `spec.tolerations` (only additions to existing tolerations) or `spec.terminationGracePeriodSeconds` (allow it to be set to 1 if it was previously negative)
  core.PodSpec{
    Volumes: []core.Volume{
      {
        Name: "www",
        VolumeSource: core.VolumeSource{
-         HostPath:          nil,
+         HostPath:          &core.HostPathVolumeSource{Path: "/var/lib/juicefs/volume/gjaaia", Type: &""},
          EmptyDir:          nil,
          GCEPersistentDisk: nil,
          ... // 4 identical fields
          ISCSI:                 nil,
          Glusterfs:             nil,
-         PersistentVolumeClaim: &core.PersistentVolumeClaimVolumeSource{ClaimName: "www-web-0"},
+         PersistentVolumeClaim: nil,
          RBD:                   nil,
          Quobyte:               nil,
          ... // 17 identical fields
        },
      },
      {Name: "kube-api-access-lmhd5", VolumeSource: {Projected: &{Sources: {{ServiceAccountToken: &{ExpirationSeconds: 3607, Path: "token"}}, {ConfigMap: &{LocalObjectReference: {Name: "kube-root-ca.crt"}, Items: {{Key: "ca.crt", Path: "ca.crt"}}}}, {DownwardAPI: &{Items: {{Path: "namespace", FieldRef: &{APIVersion: "v1", FieldPath: "metadata.namespace"}}}}}}, DefaultMode: &420}}},
      {Name: "init-config", VolumeSource: {Secret: &{SecretName: "www-web-0-jfs-secret", Items: {{Key: "initconfig", Path: "poc.conf"}}, DefaultMode: &420}}},
      ... // 4 identical elements
    },
    InitContainers: nil,
    Containers:     {{Name: "jfs-mount", Image: "juicedata/mount:ee-5.0.16-c62bb16", Command: {"sh", "-c", "cp /etc/juicefs/poc.conf /root/.juicefs\n/usr/bin/juicefs auth po"...}, EnvFrom: {{SecretRef: &{LocalObjectReference: {Name: "www-web-0-jfs-secret"}}}}, ...}, {Name: "nginx", Image: "registry.k8s.io/nginx-slim:0.8", Ports: {{Name: "web", ContainerPort: 80, Protocol: "TCP"}}, VolumeMounts: {{Name: "www", MountPath: "/usr/share/nginx/html"}, {Name: "kube-api-access-lmhd5", ReadOnly: true, MountPath: "/var/run/secrets/kubernetes.io/serviceaccount"}}, ...}},
    ... // 27 identical fields
  }

What you expected to happen:

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know?

Environment:

• JuiceFS CSI Driver version (which image tag did your CSI Driver use): v0.24.0
• Kubernetes version (e.g. kubectl version): v1.28
• Object storage (cloud provider and region):
• Metadata engine info (version, cloud provider managed or self maintained):
• Network connectivity (JuiceFS to metadata engine, JuiceFS to object storage):
• Others:

[zxh326]

we've modified the original volume to cause a statefulset-controller conflict

https://github.com/kubernetes/kubernetes/blob/1d5589e4910ed859a69b3e57c25cbbd3439cd65f/pkg/controller/statefulset/stateful_set_utils.go#L140-L158