Skip to content

Commit

Permalink
feat: add pre-defined secrets to csi-driver-smb addon (#1215)
Browse files Browse the repository at this point in the history 
* added ability to use pre-defined secrets

* renamed variables to existing_secret_name and existing_secret_namespace
  • Loading branch information
@brunnels
brunnels committed Jan 21, 2024
1 parent ef8af23 commit 7456164
Show file tree
Hide file tree
Showing 4 changed files with 36 additions and 2 deletions.
28 changes: 27 additions & 1 deletion .github/tests/addons.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,14 +26,40 @@ csi_driver_nfs:
csi_driver_smb:
enabled: true
storage_class:
- name: fake
- name: fake1
source: //localhost/fake
username: fake
password: fake
file_mode: 0755
dir_mode: 0644
uid: 100
gid: 100
- name: fake2
source: //localhost/fake
file_mode: 0755
dir_mode: 0644
uid: 100
gid: 100
existing_secret_name: fake
existing_secret_namespace: fake
- name: fake3
source: //localhost/fake
username: fake
password: fake
file_mode: 0755
dir_mode: 0644
uid: 100
gid: 100
existing_secret_name: fake
- name: fake4
source: //localhost/fake
username: fake
password: fake
file_mode: 0755
dir_mode: 0644
uid: 100
gid: 100
existing_secret_namespace: fake

system_upgrade_controller:
enabled: true
Expand Down
2 changes: 2 additions & 0 deletions bootstrap/templates/kubernetes/apps/storage/csi-driver-smb/app/secrets.sops.yaml.j2
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
#% if csi_driver_smb|default({}) and csi_driver_smb.enabled|default(false) %#
#% for item in csi_driver_smb.storage_class %#
#% if not item.existing_secret_name %#
---
apiVersion: v1
kind: Secret
Expand All @@ -8,5 +9,6 @@ metadata:
stringData:
username: "#{ item.username }#"
password: "#{ item.password }#"
#% endif %#
#% endfor %#
#% endif %#
6 changes: 5 additions & 1 deletion bootstrap/templates/kubernetes/apps/storage/csi-driver-smb/app/storageclass.yaml.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,12 @@ metadata:
provisioner: smb.csi.k8s.io
parameters:
source: "#{ item.source }#"
csi.storage.k8s.io/node-stage-secret-name: "#{ item.name }#-secret"
csi.storage.k8s.io/node-stage-secret-name: "#{ item.existing_secret_name|default(item.name+"-secret") }#"
#% if item.existing_secret_name and item.existing_secret_namespace %#
csi.storage.k8s.io/node-stage-secret-namespace: "#{ item.existing_secret_namespace }#"
#% else %#
csi.storage.k8s.io/node-stage-secret-namespace: "storage"
#% endif %#
createSubDir: "false"
reclaimPolicy: Retain
volumeBindingMode: Immediate
Expand Down
2 changes: 2 additions & 0 deletions bootstrap/vars/addons.sample.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,8 @@ csi_driver_smb:
# file_mode: # default 0666
# uid: # default 1000
# gid: # default 1000
# existing_secret_name: # If this is defined the username and password are ignored and the secret is not created
# existing_secret_namespace: # default storage. Ignored if existing_secret_name is not set
# ...

# https://github.com/rancher/system-upgrade-controller
Expand Down

0 comments on commit 7456164

Please sign in to comment.