diff --git a/pkg/blobplugin/Dockerfile b/pkg/blobplugin/Dockerfile index 8153961fa..9f572f968 100644 --- a/pkg/blobplugin/Dockerfile +++ b/pkg/blobplugin/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM registry.k8s.io/build-image/debian-base:bookworm-v1.0.0 +FROM mcr.microsoft.com/cbl-mariner/base/core:2.0 ARG ARCH=amd64 ARG binary=./_output/${ARCH}/blobplugin @@ -21,44 +21,19 @@ COPY ${binary} /blobplugin RUN mkdir /blobfuse-proxy/ COPY ./pkg/blobfuse-proxy/init.sh /blobfuse-proxy/ -COPY ./pkg/blobfuse-proxy/install-proxy-ubuntu.sh /blobfuse-proxy/ -COPY ./pkg/blobfuse-proxy/install-proxy-rhcos.sh /blobfuse-proxy/ -COPY ./pkg/blobfuse-proxy/install-proxy-mariner.sh /blobfuse-proxy/ COPY ./pkg/blobfuse-proxy/blobfuse-proxy.service /blobfuse-proxy/ COPY ./_output/${ARCH}/blobfuse-proxy /blobfuse-proxy/ RUN chmod +x /blobfuse-proxy/init.sh && \ - chmod +x /blobfuse-proxy/install-proxy-ubuntu.sh && \ - chmod +x /blobfuse-proxy/install-proxy-rhcos.sh && \ - chmod +x /blobfuse-proxy/install-proxy-mariner.sh && \ chmod +x /blobfuse-proxy/blobfuse-proxy.service && \ chmod +x /blobfuse-proxy/blobfuse-proxy -# packages that are only needed by aznfs: procps conntrack iptables bind9-host iproute2 bash netcat sysvinit-utils. -RUN apt update && apt upgrade -y && apt-mark unhold libcap2 && clean-install ca-certificates uuid-dev util-linux mount udev wget e2fsprogs nfs-common netbase procps conntrack iptables bind9-host iproute2 bash netcat-traditional sysvinit-utils kmod +# Currently no CBL-Mariner image with fix for "curl"/"zlib" CVE-2023-38545/CVE-2023-38546/CVE-2023-45853. +# So, temporarily do update here. Remove "curl"/"zlib" when image is updated. +RUN tdnf updateinfo && \ + tdnf install -y util-linux e2fsprogs nfs-utils quota-rpc rpcbind blobfuse2 fuse3 libcap-ng libcap ca-certificates curl zlib && \ + tdnf clean all -# install aznfs -RUN if [ "$ARCH" = "amd64" ] ; then \ - wget -O aznfs.tar.gz https://github.com/Azure/AZNFS-mount/releases/download/1.0.8/aznfs-1.0.8-1.x86_64.tar.gz; \ -else \ - wget -O aznfs.tar.gz https://github.com/Azure/AZNFS-mount/releases/download/1.0.8/aznfs-1.0.8-1.arm64.tar.gz;fi -RUN tar xvzf aznfs.tar.gz -C / --keep-directory-symlink && rm aznfs.tar.gz - -# install azcopy -ARG azcopyURL=https://azcopyvnext.azureedge.net/releases/release-10.21.2-20231106/azcopy_linux_amd64_10.21.2.tar.gz -RUN if [ "$ARCH" == "arm64" ] ; then \ - azcopyURL=https://azcopyvnext.azureedge.net/releases/release-10.21.2-20231106/azcopy_linux_arm64_10.21.2.tar.gz; fi -RUN wget -O azcopy.tar.gz ${azcopyURL} && \ - tar xvzf azcopy.tar.gz -C . && rm azcopy.tar.gz && \ - mv ./azcopy_linux_$ARCH_*/azcopy /usr/local/bin/azcopy && \ - rm -rf ./azcopy_linux_$ARCH_* -RUN chmod +x /usr/local/bin/azcopy - -RUN if [ "$ARCH" = "amd64" ] ; then \ - clean-install libcurl4-gnutls-dev && \ - wget -O /blobfuse-proxy/packages-microsoft-prod-22.04.deb https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb && \ - wget -O /blobfuse-proxy/packages-microsoft-prod-18.04.deb https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb && \ - dpkg -i /blobfuse-proxy/packages-microsoft-prod-18.04.deb && apt update && apt install blobfuse blobfuse2 fuse -y && apt remove wget -y; fi LABEL maintainers="andyzhangx" LABEL description="Azure Blob Storage CSI driver" diff --git a/pkg/edgecache/manager.go b/pkg/edgecache/manager.go index 3bebd255c..069ff2b6f 100644 --- a/pkg/edgecache/manager.go +++ b/pkg/edgecache/manager.go @@ -145,8 +145,11 @@ func (m *Manager) MountVolume(account string, container string, suffix string, t }, m.mountEndpoint) } +//revive:disable:unused-parameter func (m *Manager) UnmountVolume(volumeID string, targetPath string) error { return m.callWithConnection(func(conn grpc.ClientConnInterface) error { return sendUnmount(csi_mounts.NewCSIMountsClient(conn), targetPath) }, m.mountEndpoint) } + +//revive:enable:unused-parameter diff --git a/pkg/util/pvutil_test.go b/pkg/util/pvutil_test.go index 1652600fc..07ae4c592 100644 --- a/pkg/util/pvutil_test.go +++ b/pkg/util/pvutil_test.go @@ -71,11 +71,14 @@ func pv() *v1.PersistentVolume { } } +//revive:disable:unused-parameter func conflictError(action kubetesting.Action) (bool, runtime.Object, error) { conflictError := kuberrors.NewApplyConflict([]metav1.StatusCause{}, "OperationNotPermitted") return true, nil, conflictError } +//revive:enable:unused-parameter + func TestGetPVByVolumeID(t *testing.T) { t.Run("ListFail", func(t *testing.T) { client := fake.NewSimpleClientset()