From c4f7f736b910d851daf709aa1d83dfeecae4ac53 Mon Sep 17 00:00:00 2001 From: panigs7 <92028646+panigs7@users.noreply.github.com> Date: Thu, 3 Mar 2022 19:11:37 +0530 Subject: [PATCH 1/3] Maintain uniform volume health monitor param name (#30) --- driverconfig/unity_v210_v120.json | 2 +- driverconfig/unity_v210_v121.json | 2 +- driverconfig/unity_v210_v122.json | 2 +- driverconfig/unity_v220_v121.json | 2 +- driverconfig/unity_v220_v122.json | 2 +- driverconfig/unity_v220_v123.json | 2 +- samples/unity_v210_k8s_120.yaml | 10 +++++----- samples/unity_v210_k8s_121.yaml | 10 +++++----- samples/unity_v210_k8s_122.yaml | 10 +++++----- samples/unity_v220_k8s_121.yaml | 10 +++++----- samples/unity_v220_k8s_122.yaml | 10 +++++----- samples/unity_v220_k8s_123.yaml | 10 +++++----- 12 files changed, 36 insertions(+), 36 deletions(-) diff --git a/driverconfig/unity_v210_v120.json b/driverconfig/unity_v210_v120.json index 35d5da5..f56efab 100644 --- a/driverconfig/unity_v210_v120.json +++ b/driverconfig/unity_v210_v120.json @@ -100,7 +100,7 @@ "DefaultValueForNode": "0" }, { - "Name": "X_CSI_ENABLE_VOL_HEALTH_MONITOR", + "Name": "X_CSI_HEALTH_MONITOR_ENABLED", "CSIEnvType": "Boolean", "SetForController": true, "SetForNode": true, diff --git a/driverconfig/unity_v210_v121.json b/driverconfig/unity_v210_v121.json index 35d5da5..f56efab 100644 --- a/driverconfig/unity_v210_v121.json +++ b/driverconfig/unity_v210_v121.json @@ -100,7 +100,7 @@ "DefaultValueForNode": "0" }, { - "Name": "X_CSI_ENABLE_VOL_HEALTH_MONITOR", + "Name": "X_CSI_HEALTH_MONITOR_ENABLED", "CSIEnvType": "Boolean", "SetForController": true, "SetForNode": true, diff --git a/driverconfig/unity_v210_v122.json b/driverconfig/unity_v210_v122.json index 35d5da5..f56efab 100644 --- a/driverconfig/unity_v210_v122.json +++ b/driverconfig/unity_v210_v122.json @@ -100,7 +100,7 @@ "DefaultValueForNode": "0" }, { - "Name": "X_CSI_ENABLE_VOL_HEALTH_MONITOR", + "Name": "X_CSI_HEALTH_MONITOR_ENABLED", "CSIEnvType": "Boolean", "SetForController": true, "SetForNode": true, diff --git a/driverconfig/unity_v220_v121.json b/driverconfig/unity_v220_v121.json index 35d5da5..f56efab 100644 --- a/driverconfig/unity_v220_v121.json +++ b/driverconfig/unity_v220_v121.json @@ -100,7 +100,7 @@ "DefaultValueForNode": "0" }, { - "Name": "X_CSI_ENABLE_VOL_HEALTH_MONITOR", + "Name": "X_CSI_HEALTH_MONITOR_ENABLED", "CSIEnvType": "Boolean", "SetForController": true, "SetForNode": true, diff --git a/driverconfig/unity_v220_v122.json b/driverconfig/unity_v220_v122.json index 35d5da5..f56efab 100644 --- a/driverconfig/unity_v220_v122.json +++ b/driverconfig/unity_v220_v122.json @@ -100,7 +100,7 @@ "DefaultValueForNode": "0" }, { - "Name": "X_CSI_ENABLE_VOL_HEALTH_MONITOR", + "Name": "X_CSI_HEALTH_MONITOR_ENABLED", "CSIEnvType": "Boolean", "SetForController": true, "SetForNode": true, diff --git a/driverconfig/unity_v220_v123.json b/driverconfig/unity_v220_v123.json index 35d5da5..f56efab 100644 --- a/driverconfig/unity_v220_v123.json +++ b/driverconfig/unity_v220_v123.json @@ -100,7 +100,7 @@ "DefaultValueForNode": "0" }, { - "Name": "X_CSI_ENABLE_VOL_HEALTH_MONITOR", + "Name": "X_CSI_HEALTH_MONITOR_ENABLED", "CSIEnvType": "Boolean", "SetForController": true, "SetForNode": true, diff --git a/samples/unity_v210_k8s_120.yaml b/samples/unity_v210_k8s_120.yaml index ca1ac84..b9ba23c 100644 --- a/samples/unity_v210_k8s_120.yaml +++ b/samples/unity_v210_k8s_120.yaml @@ -18,29 +18,29 @@ spec: - name: snapshotter args: ["--snapshot-name-prefix=csiunitysnap"] # Uncomment the following to install 'external-health-monitor' sidecar to enable health monitor of CSI volumes from Controller plugin. - # Also set the env variable controller.envs.X_CSI_ENABLE_VOL_HEALTH_MONITOR to "true". + # Also set the env variable controller.envs.X_CSI_HEALTH_MONITOR_ENABLED to "true". # - name: external-health-monitor # args: ["--monitor-interval=60s"] controller: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. # Install the 'external-health-monitor' sidecar accordingly. # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" node: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" --- apiVersion: v1 diff --git a/samples/unity_v210_k8s_121.yaml b/samples/unity_v210_k8s_121.yaml index 190c968..b2e2e21 100644 --- a/samples/unity_v210_k8s_121.yaml +++ b/samples/unity_v210_k8s_121.yaml @@ -18,29 +18,29 @@ spec: - name: snapshotter args: ["--snapshot-name-prefix=csiunitysnap"] # Uncomment the following to install 'external-health-monitor' sidecar to enable health monitor of CSI volumes from Controller plugin. - # Also set the env variable controller.envs.X_CSI_ENABLE_VOL_HEALTH_MONITOR to "true". + # Also set the env variable controller.envs.X_CSI_HEALTH_MONITOR_ENABLED to "true". # - name: external-health-monitor # args: ["--monitor-interval=60s"] controller: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. # Install the 'external-health-monitor' sidecar accordingly. # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" node: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" --- apiVersion: v1 diff --git a/samples/unity_v210_k8s_122.yaml b/samples/unity_v210_k8s_122.yaml index ca1ac84..b9ba23c 100644 --- a/samples/unity_v210_k8s_122.yaml +++ b/samples/unity_v210_k8s_122.yaml @@ -18,29 +18,29 @@ spec: - name: snapshotter args: ["--snapshot-name-prefix=csiunitysnap"] # Uncomment the following to install 'external-health-monitor' sidecar to enable health monitor of CSI volumes from Controller plugin. - # Also set the env variable controller.envs.X_CSI_ENABLE_VOL_HEALTH_MONITOR to "true". + # Also set the env variable controller.envs.X_CSI_HEALTH_MONITOR_ENABLED to "true". # - name: external-health-monitor # args: ["--monitor-interval=60s"] controller: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. # Install the 'external-health-monitor' sidecar accordingly. # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" node: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" --- apiVersion: v1 diff --git a/samples/unity_v220_k8s_121.yaml b/samples/unity_v220_k8s_121.yaml index 9afd23f..8ece75d 100644 --- a/samples/unity_v220_k8s_121.yaml +++ b/samples/unity_v220_k8s_121.yaml @@ -18,29 +18,29 @@ spec: - name: snapshotter args: ["--snapshot-name-prefix=csiunitysnap"] # Uncomment the following to install 'external-health-monitor' sidecar to enable health monitor of CSI volumes from Controller plugin. - # Also set the env variable controller.envs.X_CSI_ENABLE_VOL_HEALTH_MONITOR to "true". + # Also set the env variable controller.envs.X_CSI_HEALTH_MONITOR_ENABLED to "true". # - name: external-health-monitor # args: ["--monitor-interval=60s"] controller: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. # Install the 'external-health-monitor' sidecar accordingly. # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" node: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" --- apiVersion: v1 diff --git a/samples/unity_v220_k8s_122.yaml b/samples/unity_v220_k8s_122.yaml index f8fe1e7..0d06058 100644 --- a/samples/unity_v220_k8s_122.yaml +++ b/samples/unity_v220_k8s_122.yaml @@ -18,29 +18,29 @@ spec: - name: snapshotter args: ["--snapshot-name-prefix=csiunitysnap"] # Uncomment the following to install 'external-health-monitor' sidecar to enable health monitor of CSI volumes from Controller plugin. - # Also set the env variable controller.envs.X_CSI_ENABLE_VOL_HEALTH_MONITOR to "true". + # Also set the env variable controller.envs.X_CSI_HEALTH_MONITOR_ENABLED to "true". # - name: external-health-monitor # args: ["--monitor-interval=60s"] controller: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. # Install the 'external-health-monitor' sidecar accordingly. # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" node: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" --- apiVersion: v1 diff --git a/samples/unity_v220_k8s_123.yaml b/samples/unity_v220_k8s_123.yaml index f8fe1e7..0d06058 100644 --- a/samples/unity_v220_k8s_123.yaml +++ b/samples/unity_v220_k8s_123.yaml @@ -18,29 +18,29 @@ spec: - name: snapshotter args: ["--snapshot-name-prefix=csiunitysnap"] # Uncomment the following to install 'external-health-monitor' sidecar to enable health monitor of CSI volumes from Controller plugin. - # Also set the env variable controller.envs.X_CSI_ENABLE_VOL_HEALTH_MONITOR to "true". + # Also set the env variable controller.envs.X_CSI_HEALTH_MONITOR_ENABLED to "true". # - name: external-health-monitor # args: ["--monitor-interval=60s"] controller: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from Controller plugin - volume condition. # Install the 'external-health-monitor' sidecar accordingly. # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" node: envs: - # X_CSI_ENABLE_VOL_HEALTH_MONITOR: Enable/Disable health monitor of CSI volumes from node plugin - volume usage + # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage # Allowed values: # true: enable checking of health condition of CSI volumes # false: disable checking of health condition of CSI volumes # Default value: false - - name: X_CSI_ENABLE_VOL_HEALTH_MONITOR + - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" --- apiVersion: v1 From 84b6745836cb1cdd84ec3a360154a7a2d31cb771 Mon Sep 17 00:00:00 2001 From: karthikk92 <92289639+karthikk92@users.noreply.github.com> Date: Fri, 4 Mar 2022 12:31:38 +0530 Subject: [PATCH 2/3] Unity node selector and tolerations addition in Operator (#28) --- samples/unity_v220_k8s_121.yaml | 38 +++++++++++++++++++++++++++++++ samples/unity_v220_k8s_122.yaml | 37 ++++++++++++++++++++++++++++++ samples/unity_v220_k8s_123.yaml | 37 ++++++++++++++++++++++++++++++ samples/unity_v220_ops_48.yaml | 40 +++++++++++++++++++++++++++++++++ samples/unity_v220_ops_49.yaml | 40 +++++++++++++++++++++++++++++++++ 5 files changed, 192 insertions(+) diff --git a/samples/unity_v220_k8s_121.yaml b/samples/unity_v220_k8s_121.yaml index 8ece75d..73e692f 100644 --- a/samples/unity_v220_k8s_121.yaml +++ b/samples/unity_v220_k8s_121.yaml @@ -33,6 +33,25 @@ spec: - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" + # nodeSelector: Define node selection constraints for controller pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/master: "" + nodeSelector: + # node-role.kubernetes.io/master: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + node: envs: # X_CSI_HEALTH_MONITOR_ENABLED: Enable/Disable health monitor of CSI volumes from node plugin - volume usage @@ -42,6 +61,25 @@ spec: # Default value: false - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" + # nodeSelector: Define node selection constraints for node pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/master: "" + nodeSelector: + # node-role.kubernetes.io/master: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + --- apiVersion: v1 kind: ConfigMap diff --git a/samples/unity_v220_k8s_122.yaml b/samples/unity_v220_k8s_122.yaml index 0d06058..69920e8 100644 --- a/samples/unity_v220_k8s_122.yaml +++ b/samples/unity_v220_k8s_122.yaml @@ -32,6 +32,24 @@ spec: # Default value: false - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" + # nodeSelector: Define node selection constraints for controller pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/master: "" + nodeSelector: + # node-role.kubernetes.io/master: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" node: envs: @@ -42,6 +60,25 @@ spec: # Default value: false - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" + # nodeSelector: Define node selection constraints for node pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/master: "" + nodeSelector: + # node-role.kubernetes.io/master: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + --- apiVersion: v1 kind: ConfigMap diff --git a/samples/unity_v220_k8s_123.yaml b/samples/unity_v220_k8s_123.yaml index 0d06058..69920e8 100644 --- a/samples/unity_v220_k8s_123.yaml +++ b/samples/unity_v220_k8s_123.yaml @@ -32,6 +32,24 @@ spec: # Default value: false - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" + # nodeSelector: Define node selection constraints for controller pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/master: "" + nodeSelector: + # node-role.kubernetes.io/master: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" node: envs: @@ -42,6 +60,25 @@ spec: # Default value: false - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" + # nodeSelector: Define node selection constraints for node pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/master: "" + nodeSelector: + # node-role.kubernetes.io/master: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + --- apiVersion: v1 kind: ConfigMap diff --git a/samples/unity_v220_ops_48.yaml b/samples/unity_v220_ops_48.yaml index 3c41bf6..8178aac 100644 --- a/samples/unity_v220_ops_48.yaml +++ b/samples/unity_v220_ops_48.yaml @@ -17,6 +17,46 @@ spec: args: ["--volume-name-prefix=csiunity","--default-fstype=ext4"] - name: snapshotter args: ["--snapshot-name-prefix=csiunitysnap"] + controller: + # nodeSelector: Define node selection constraints for controller pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/master: "" + nodeSelector: + # node-role.kubernetes.io/master: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + + node: + # nodeSelector: Define node selection constraints for node pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/master: "" + nodeSelector: + # node-role.kubernetes.io/master: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + --- apiVersion: v1 kind: ConfigMap diff --git a/samples/unity_v220_ops_49.yaml b/samples/unity_v220_ops_49.yaml index 3c41bf6..8178aac 100644 --- a/samples/unity_v220_ops_49.yaml +++ b/samples/unity_v220_ops_49.yaml @@ -17,6 +17,46 @@ spec: args: ["--volume-name-prefix=csiunity","--default-fstype=ext4"] - name: snapshotter args: ["--snapshot-name-prefix=csiunitysnap"] + controller: + # nodeSelector: Define node selection constraints for controller pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/master: "" + nodeSelector: + # node-role.kubernetes.io/master: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + + node: + # nodeSelector: Define node selection constraints for node pods. + # For the pod to be eligible to run on a node, the node must have each + # of the indicated key-value pairs as labels. + # Leave as blank to consider all nodes + # Allowed values: map of key-value pairs + # Default value: None + # Examples: + # node-role.kubernetes.io/master: "" + nodeSelector: + # node-role.kubernetes.io/master: "" + + # tolerations: Define tolerations for the controllers, if required. + # Leave as blank to install controller on worker nodes + # Default value: None + tolerations: + # - key: "node-role.kubernetes.io/master" + # operator: "Exists" + # effect: "NoSchedule" + --- apiVersion: v1 kind: ConfigMap From 3d4022104e1a724d6ca18b610f6cf84dd43fb619 Mon Sep 17 00:00:00 2001 From: Rajendra Indukuri <82365588+rajendraindukuri@users.noreply.github.com> Date: Fri, 4 Mar 2022 13:28:05 +0530 Subject: [PATCH 3/3] update github actions for unit test and container scans (#31) --- .github/containerscan/allowedlist.yaml | 12 +++++++++ .github/workflows/actions.yaml | 36 +++++++++++++++++++++----- 2 files changed, 42 insertions(+), 6 deletions(-) create mode 100644 .github/containerscan/allowedlist.yaml diff --git a/.github/containerscan/allowedlist.yaml b/.github/containerscan/allowedlist.yaml new file mode 100644 index 0000000..7d24971 --- /dev/null +++ b/.github/containerscan/allowedlist.yaml @@ -0,0 +1,12 @@ +general: + vulnerabilities: + # list of CVEs that are currently unfixed + - CVE-2022-24407 + - CVE-2021-25741 + bestPracticeViolations: + # list of best practies violatied that needs a fix + - DKL-DI-0006 + - CIS-DI-0005 + - CIS-DI-0006 + - CIS-DI-0008 + - DKL-LI-0003 \ No newline at end of file diff --git a/.github/workflows/actions.yaml b/.github/workflows/actions.yaml index a925c1f..0ae7293 100644 --- a/.github/workflows/actions.yaml +++ b/.github/workflows/actions.yaml @@ -29,6 +29,11 @@ jobs: name: Run Go unit tests and check package coverage runs-on: ubuntu-latest steps: + - name: Set up Go 1.17+ + uses: actions/setup-go@v2 + with: + go-version: ^1.17 + id: go - name: Checkout the code uses: actions/checkout@v2 - name: Checkout dell-csi-operator @@ -36,12 +41,12 @@ jobs: with: repository: 'dell/dell-csi-operator' path: 'dell-csi-operator' + # Not able to use dell common git hub actions as there is + # no way to skip integration tests currently. And this + # way of using 'run' to execute run do not allow us to + # check for threshold.But it ensures there are no failures - name: Run unit tests and check package coverage - uses: dell/common-github-actions/go-code-tester@main - with: - threshold: 60 - test-folder: "./test" - skip-list: "./test/integration-tests" + run: make unit-test malware_security_scan: name: Malware Scanner runs-on: ubuntu-latest @@ -53,4 +58,23 @@ jobs: with: directories: . options: -ri - + image_security_scan: + name: Image Scanner + runs-on: ubuntu-latest + env: + BASE_IMG : ubuntu:latest + steps: + - name: Set up Go 1.17+ + uses: actions/setup-go@v2 + with: + go-version: ^1.17 + id: go + - name: Checkout the code + uses: actions/checkout@v2 + - name: Build Docker Images + run: docker build . -t dell-csi-operator:latest + - name: Scan operator Image + uses: Azure/container-scan@v0 + with: + image-name: dell-csi-operator:latest + severity-threshold: HIGH