Skip to content

Commit 04b5509

Browse files
committed
add rbac rules to support deletion of snaps
1 parent f869c42 commit 04b5509

3 files changed

Lines changed: 37 additions & 3 deletions

File tree

cmd/cloudstack-csi-driver/Dockerfile

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,9 @@ RUN apk add --no-cache \
1414
# blkid, mount and umount are required by k8s.io/mount-utils \
1515
blkid \
1616
mount \
17-
umount
17+
umount \
18+
# Provides udevadm for device path detection \
19+
udev
1820

1921
COPY ./bin/cloudstack-csi-driver /cloudstack-csi-driver
20-
ENTRYPOINT ["/cloudstack-csi-driver"]
22+
ENTRYPOINT ["/cloudstack-csi-driver"]

deploy/k8s/rbac.yaml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -86,3 +86,35 @@ roleRef:
8686
kind: ClusterRole
8787
name: cloudstack-csi-node-role
8888
apiGroup: rbac.authorization.k8s.io
89+
---
90+
apiVersion: rbac.authorization.k8s.io/v1
91+
kind: ClusterRole
92+
metadata:
93+
name: cloudstack-csi-snapshotter-role
94+
rules:
95+
- apiGroups: ["snapshot.storage.k8s.io"]
96+
resources: ["volumesnapshotclasses"]
97+
verbs: ["get", "list", "watch"]
98+
- apiGroups: ["snapshot.storage.k8s.io"]
99+
resources: ["volumesnapshotcontents"]
100+
verbs: ["create", "get", "list", "watch", "update", "delete"]
101+
- apiGroups: ["snapshot.storage.k8s.io"]
102+
resources: ["volumesnapshots"]
103+
verbs: ["get", "list", "watch", "update"]
104+
- apiGroups: ["snapshot.storage.k8s.io"]
105+
resources: ["volumesnapshotcontents/status"]
106+
verbs: ["update"]
107+
108+
---
109+
apiVersion: rbac.authorization.k8s.io/v1
110+
kind: ClusterRoleBinding
111+
metadata:
112+
name: cloudstack-csi-snapshotter-binding
113+
subjects:
114+
- kind: ServiceAccount
115+
name: cloudstack-csi-controller
116+
namespace: kube-system
117+
roleRef:
118+
kind: ClusterRole
119+
name: cloudstack-csi-snapshotter-role
120+
apiGroup: rbac.authorization.k8s.io

pkg/driver/controller.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -286,7 +286,7 @@ func determineSize(req *csi.CreateVolumeRequest) (int64, error) {
286286

287287
func (cs *controllerServer) DeleteVolume(ctx context.Context, req *csi.DeleteVolumeRequest) (*csi.DeleteVolumeResponse, error) {
288288
logger := klog.FromContext(ctx)
289-
logger.V(6).Info("DeleteVolume: called", "args", *req)
289+
logger.Info("DeleteVolume: called", "args", *req)
290290

291291
if req.GetVolumeId() == "" {
292292
return nil, status.Error(codes.InvalidArgument, "Volume ID missing in request")

0 commit comments

Comments
 (0)