diff --git a/config/samples/storage_v1_csipowerstore.yaml b/config/samples/storage_v1_csipowerstore.yaml index 6c8e6db..1461b99 100644 --- a/config/samples/storage_v1_csipowerstore.yaml +++ b/config/samples/storage_v1_csipowerstore.yaml @@ -20,6 +20,25 @@ spec: value: "csi" - name: X_CSI_FC_PORTS_FILTER_FILE_PATH value: "/etc/fc-ports-filter" + controller: + envs: + # X_CSI_NFS_ACLS: enables setting permissions on NFS mount directory + # This value will be the default value if a storage class and array config in secret + # do not contain the NFS ACL (nfsAcls) parameter specified + # Permissions can be specified in two formats: + # 1) Unix mode (NFSv3) + # 2) NFSv4 ACLs (NFSv4) + # NFSv4 ACLs are supported on NFSv4 share only. + # Allowed values: + # 1) Unix mode: valid octal mode number + # Examples: "0777", "777", "0755" + # 2) NFSv4 acls: valid NFSv4 acls, seperated by comma + # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" + # Optional: true + # Default value: "0777" + # nfsAcls: "0777" + - name: X_CSI_NFS_ACLS + value: "0777" node: envs: # Set to "true" to enable ISCSI CHAP Authentication diff --git a/driverconfig/powerstore_v220_v121.json b/driverconfig/powerstore_v220_v121.json index 67d38f4..899359e 100644 --- a/driverconfig/powerstore_v220_v121.json +++ b/driverconfig/powerstore_v220_v121.json @@ -114,6 +114,14 @@ "SetForNode": true, "DefaultValueForController": "false", "DefaultValueForNode": "false" + }, + { + "Name": "X_CSI_NFS_ACLS", + "CSIEnvType": "String", + "SetForController": true, + "SetForNode": false, + "DefaultValueForController": "0777", + "DefaultValueForNode": "" } ], "driverNodeVolumes": [ diff --git a/driverconfig/powerstore_v220_v122.json b/driverconfig/powerstore_v220_v122.json index 67d38f4..899359e 100644 --- a/driverconfig/powerstore_v220_v122.json +++ b/driverconfig/powerstore_v220_v122.json @@ -114,6 +114,14 @@ "SetForNode": true, "DefaultValueForController": "false", "DefaultValueForNode": "false" + }, + { + "Name": "X_CSI_NFS_ACLS", + "CSIEnvType": "String", + "SetForController": true, + "SetForNode": false, + "DefaultValueForController": "0777", + "DefaultValueForNode": "" } ], "driverNodeVolumes": [ diff --git a/driverconfig/powerstore_v220_v123.json b/driverconfig/powerstore_v220_v123.json index 67d38f4..899359e 100644 --- a/driverconfig/powerstore_v220_v123.json +++ b/driverconfig/powerstore_v220_v123.json @@ -114,6 +114,14 @@ "SetForNode": true, "DefaultValueForController": "false", "DefaultValueForNode": "false" + }, + { + "Name": "X_CSI_NFS_ACLS", + "CSIEnvType": "String", + "SetForController": true, + "SetForNode": false, + "DefaultValueForController": "0777", + "DefaultValueForNode": "" } ], "driverNodeVolumes": [ diff --git a/samples/powerstore_v220_k8s_121.yaml b/samples/powerstore_v220_k8s_121.yaml index 155cf66..3726328 100644 --- a/samples/powerstore_v220_k8s_121.yaml +++ b/samples/powerstore_v220_k8s_121.yaml @@ -37,6 +37,24 @@ spec: # Default value: false - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" + + # X_CSI_NFS_ACLS: enables setting permissions on NFS mount directory + # This value will be the default value if a storage class and array config in secret + # do not contain the NFS ACL (nfsAcls) parameter specified + # Permissions can be specified in two formats: + # 1) Unix mode (NFSv3) + # 2) NFSv4 ACLs (NFSv4) + # NFSv4 ACLs are supported on NFSv4 share only. + # Allowed values: + # 1) Unix mode: valid octal mode number + # Examples: "0777", "777", "0755" + # 2) NFSv4 acls: valid NFSv4 acls, seperated by comma + # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" + # Optional: true + # Default value: "0777" + # nfsAcls: "0777" + - name: X_CSI_NFS_ACLS + value: "0777" # nodeSelector: Define node selection constraints for controller pods. # For the pod to be eligible to run on a node, the node must have each diff --git a/samples/powerstore_v220_k8s_122.yaml b/samples/powerstore_v220_k8s_122.yaml index db122e8..dd40163 100644 --- a/samples/powerstore_v220_k8s_122.yaml +++ b/samples/powerstore_v220_k8s_122.yaml @@ -37,6 +37,24 @@ spec: # Default value: false - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" + + # X_CSI_NFS_ACLS: enables setting permissions on NFS mount directory + # This value will be the default value if a storage class and array config in secret + # do not contain the NFS ACL (nfsAcls) parameter specified + # Permissions can be specified in two formats: + # 1) Unix mode (NFSv3) + # 2) NFSv4 ACLs (NFSv4) + # NFSv4 ACLs are supported on NFSv4 share only. + # Allowed values: + # 1) Unix mode: valid octal mode number + # Examples: "0777", "777", "0755" + # 2) NFSv4 acls: valid NFSv4 acls, seperated by comma + # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" + # Optional: true + # Default value: "0777" + # nfsAcls: "0777" + - name: X_CSI_NFS_ACLS + value: "0777" # nodeSelector: Define node selection constraints for controller pods. # For the pod to be eligible to run on a node, the node must have each diff --git a/samples/powerstore_v220_k8s_123.yaml b/samples/powerstore_v220_k8s_123.yaml index f6fc4b3..6d14ef4 100644 --- a/samples/powerstore_v220_k8s_123.yaml +++ b/samples/powerstore_v220_k8s_123.yaml @@ -38,6 +38,25 @@ spec: - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" + # X_CSI_NFS_ACLS: enables setting permissions on NFS mount directory + # This value will be the default value if a storage class and array config in secret + # do not contain the NFS ACL (nfsAcls) parameter specified + # Permissions can be specified in two formats: + # 1) Unix mode (NFSv3) + # 2) NFSv4 ACLs (NFSv4) + # NFSv4 ACLs are supported on NFSv4 share only. + # Allowed values: + # 1) Unix mode: valid octal mode number + # Examples: "0777", "777", "0755" + # 2) NFSv4 acls: valid NFSv4 acls, seperated by comma + # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" + # Optional: true + # Default value: "0777" + # nfsAcls: "0777" + - name: X_CSI_NFS_ACLS + value: "0777" + + # nodeSelector: Define node selection constraints for controller pods. # For the pod to be eligible to run on a node, the node must have each # of the indicated key-value pairs as labels. diff --git a/samples/powerstore_v220_ops_48.yaml b/samples/powerstore_v220_ops_48.yaml index 96a2c2f..2cbb881 100644 --- a/samples/powerstore_v220_ops_48.yaml +++ b/samples/powerstore_v220_ops_48.yaml @@ -21,7 +21,26 @@ spec: value: "csi" - name: X_CSI_FC_PORTS_FILTER_FILE_PATH value: "/etc/fc-ports-filter" - controller: + controller: + envs: + # X_CSI_NFS_ACLS: enables setting permissions on NFS mount directory + # This value will be the default value if a storage class and array config in secret + # do not contain the NFS ACL (nfsAcls) parameter specified + # Permissions can be specified in two formats: + # 1) Unix mode (NFSv3) + # 2) NFSv4 ACLs (NFSv4) + # NFSv4 ACLs are supported on NFSv4 share only. + # Allowed values: + # 1) Unix mode: valid octal mode number + # Examples: "0777", "777", "0755" + # 2) NFSv4 acls: valid NFSv4 acls, seperated by comma + # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" + # Optional: true + # Default value: "0777" + # nfsAcls: "0777" + - name: X_CSI_NFS_ACLS + value: "0777" + # nodeSelector: Define node selection constraints for controller pods. # For the pod to be eligible to run on a node, the node must have each # of the indicated key-value pairs as labels. diff --git a/samples/powerstore_v220_ops_49.yaml b/samples/powerstore_v220_ops_49.yaml index 7502ffe..6a57dfd 100644 --- a/samples/powerstore_v220_ops_49.yaml +++ b/samples/powerstore_v220_ops_49.yaml @@ -21,7 +21,26 @@ spec: value: "csi" - name: X_CSI_FC_PORTS_FILTER_FILE_PATH value: "/etc/fc-ports-filter" - controller: + controller: + envs: + # X_CSI_NFS_ACLS: enables setting permissions on NFS mount directory + # This value will be the default value if a storage class and array config in secret + # do not contain the NFS ACL (nfsAcls) parameter specified + # Permissions can be specified in two formats: + # 1) Unix mode (NFSv3) + # 2) NFSv4 ACLs (NFSv4) + # NFSv4 ACLs are supported on NFSv4 share only. + # Allowed values: + # 1) Unix mode: valid octal mode number + # Examples: "0777", "777", "0755" + # 2) NFSv4 acls: valid NFSv4 acls, seperated by comma + # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" + # Optional: true + # Default value: "0777" + # nfsAcls: "0777" + - name: X_CSI_NFS_ACLS + value: "0777" + # nodeSelector: Define node selection constraints for controller pods. # For the pod to be eligible to run on a node, the node must have each # of the indicated key-value pairs as labels. diff --git a/test/testdata/csipowerstore/01-simple-deployment/in-csipowerstore.yaml b/test/testdata/csipowerstore/01-simple-deployment/in-csipowerstore.yaml index a09366c..ca74d76 100644 --- a/test/testdata/csipowerstore/01-simple-deployment/in-csipowerstore.yaml +++ b/test/testdata/csipowerstore/01-simple-deployment/in-csipowerstore.yaml @@ -23,6 +23,25 @@ spec: sideCars: - name: external-health-monitor args: ["--monitor-interval=60s"] + controller: + envs: + # X_CSI_NFS_ACLS: enables setting permissions on NFS mount directory + # This value will be the default value if a storage class and array config in secret + # do not contain the NFS ACL (nfsAcls) parameter specified + # Permissions can be specified in two formats: + # 1) Unix mode (NFSv3) + # 2) NFSv4 ACLs (NFSv4) + # NFSv4 ACLs are supported on NFSv4 share only. + # Allowed values: + # 1) Unix mode: valid octal mode number + # Examples: "0777", "777", "0755" + # 2) NFSv4 acls: valid NFSv4 acls, seperated by comma + # Examples: "A::OWNER@:RWX,A::GROUP@:RWX", "A::OWNER@:rxtncy" + # Optional: true + # Default value: "0777" + # nfsAcls: "0777" + - name: X_CSI_NFS_ACLS + value: "0777" node: envs: # Set to "true" to enable ISCSI CHAP Authentication diff --git a/test/testdata/csipowerstore/01-simple-deployment/out-csipowerstore.yaml b/test/testdata/csipowerstore/01-simple-deployment/out-csipowerstore.yaml index 57d0da3..0a242dc 100644 --- a/test/testdata/csipowerstore/01-simple-deployment/out-csipowerstore.yaml +++ b/test/testdata/csipowerstore/01-simple-deployment/out-csipowerstore.yaml @@ -31,6 +31,10 @@ spec: image: dellemc/csi-powerstore:v2.2.0 imagePullPolicy: IfNotPresent configVersion: v2.2.0 + controller: + envs: + - name: X_CSI_NFS_ACLS + value: "0777" node: envs: - name: "X_CSI_POWERSTORE_ENABLE_CHAP" diff --git a/test/testdata/csipowerstore/01-simple-deployment/out-statefulset.yaml b/test/testdata/csipowerstore/01-simple-deployment/out-statefulset.yaml index 66f1288..068356d 100644 --- a/test/testdata/csipowerstore/01-simple-deployment/out-statefulset.yaml +++ b/test/testdata/csipowerstore/01-simple-deployment/out-statefulset.yaml @@ -48,6 +48,8 @@ spec: value: /powerstore-config-params/driver-config-params.yaml - name: X_CSI_HEALTH_MONITOR_ENABLED value: "false" + - name: X_CSI_NFS_ACLS + value: "0777" - name: X_CSI_POWERSTORE_NODE_NAME_PREFIX value: csi - name: X_CSI_FC_PORTS_FILTER_FILE_PATH