From 8cfda3e7285c4feaf0ac951166dab3407af0c4f3 Mon Sep 17 00:00:00 2001 From: Derek Su Date: Tue, 26 Dec 2023 07:58:33 +0000 Subject: [PATCH] Explicitly reject encrypted and backing image for v2 volumes Longhorn 7404 Signed-off-by: Derek Su --- webhook/resources/volume/mutator.go | 7 ------- webhook/resources/volume/validator.go | 6 +++++- 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/webhook/resources/volume/mutator.go b/webhook/resources/volume/mutator.go index fce8a53a8b..53ee9618e4 100644 --- a/webhook/resources/volume/mutator.go +++ b/webhook/resources/volume/mutator.go @@ -182,13 +182,6 @@ func (v *volumeMutator) Create(request *admission.Request, newObj runtime.Object // TODO: Remove the mutations below after they are implemented for SPDK volumes if datastore.IsBackendStoreDriverV2(volume.Spec.BackendStoreDriver) { - if volume.Spec.Encrypted { - patchOps = append(patchOps, `{"op": "replace", "path": "/spec/encrypted", "value": false}`) - } - - if volume.Spec.BackingImage != "" { - patchOps = append(patchOps, `{"op": "replace", "path": "/spec/backingImage", "value": ""}`) - } if volume.Spec.DataLocality != longhorn.DataLocalityDisabled { patchOps = append(patchOps, fmt.Sprintf(`{"op": "replace", "path": "/spec/dataLocality", "value": "%s"}`, longhorn.DataLocalityDisabled)) } diff --git a/webhook/resources/volume/validator.go b/webhook/resources/volume/validator.go index b55524a121..3d30fab333 100644 --- a/webhook/resources/volume/validator.go +++ b/webhook/resources/volume/validator.go @@ -141,10 +141,14 @@ func (v *volumeValidator) Create(request *admission.Request, newObj runtime.Obje } } - if volume.Spec.BackendStoreDriver == longhorn.BackendStoreDriverTypeV2 { + // TODO: remove this check when we support the following features for SPDK volumes + if datastore.IsBackendStoreDriverV2(volume.Spec.BackendStoreDriver) { if volume.Spec.Encrypted { return werror.NewInvalidError("encrypted volume is not supported for backend store driver v2", "") } + if volume.Spec.BackingImage != "" { + return werror.NewInvalidError("backing image is not supported for backend store driver v2", "") + } } return nil