Merge pull request #23 from avoltz/echairez/readd-blocking-reprovision

nodeserver, pvc_annotator: readd check to block stage volume from re …
avoltz · Aug 7, 2023 · 7a49195 · 7a49195
2 parents 5982ae7 + 1135f3a
commit 7a49195
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 2 deletions.
diff --git a/pkg/blob/nodeserver.go b/pkg/blob/nodeserver.go
@@ -362,7 +362,9 @@ func (d *Driver) NodeStageVolume(ctx context.Context, req *csi.NodeStageVolumeRe
 		providedAuth := cv.NewBlobAuth(accountName, containerName, secretName, secretNamespace, storageAuthType)
 
 		err = annotator.SendProvisionVolume(pv, d.cloud.Config.AzureAuthConfig, providedAuth)
-		if err != nil {
+		if err == cv.ErrVolumeAlreadyBeingProvisioned {
+			klog.V(2).Infof("NodeStageVolume: volume has already been provisioned")
+		} else if err != nil {
 			return nil, err
 		}
 

diff --git a/pkg/edgecache/cachevolume/pvc_annotator.go b/pkg/edgecache/cachevolume/pvc_annotator.go
@@ -17,6 +17,7 @@ limitations under the License.
 package cachevolume
 
 import (
+	"errors"
 	"fmt"
 
 	"golang.org/x/exp/maps"
@@ -41,7 +42,8 @@ const (
 )
 
 var (
-	validStorageAuthentications = []string{"WorkloadIdentity", "AccountKey"}
+	validStorageAuthentications      = []string{"WorkloadIdentity", "AccountKey"}
+	ErrVolumeAlreadyBeingProvisioned = errors.New("pv is already being provisioned")
 )
 
 type BlobAuth struct {
@@ -122,7 +124,27 @@ func (c *PVCAnnotator) buildAnnotations(pv *v1.PersistentVolume, cfg config.Azur
 	return annotations, nil
 }
 
+func (c *PVCAnnotator) needsToBeProvisioned(pvc *v1.PersistentVolumeClaim) bool {
+	// check if pv connected to the pvc has already been passed to be created
+	pvState, pvStateOk := pvc.ObjectMeta.Annotations[createVolumeAnnotation]
+	if pvStateOk && pvState == "no" {
+		return false
+	}
+
+	return true
+}
+
 func (c *PVCAnnotator) SendProvisionVolume(pv *v1.PersistentVolume, cloudConfig config.AzureAuthConfig, providedAuth BlobAuth) error {
+	pvc, err := blobcsiutil.GetPVCByName(c.client, pv.Spec.ClaimRef.Name, pv.Spec.ClaimRef.Namespace)
+	if err != nil {
+		return err
+	}
+
+	if !c.needsToBeProvisioned(pvc) {
+		klog.Info("pv is already being provisioned")
+		return ErrVolumeAlreadyBeingProvisioned
+	}
+
 	if valid := c.requestAuthIsValid(providedAuth.authType); !valid {
 		err := fmt.Errorf("requested storage auth %s is not a member of valid auths %+v", providedAuth.authType, validStorageAuthentications)
 		klog.Error(err)