From b0f39d7fcd96a020a16b497140658bf748d2db1d Mon Sep 17 00:00:00 2001
From: "v.oleynikov" <vasily.oleynikov@flant.com>
Date: Tue, 23 Apr 2024 17:57:18 +0300
Subject: [PATCH] fix

Signed-off-by: v.oleynikov <vasily.oleynikov@flant.com>
---
 images/csi-nfs/werf.inc.yaml  | 78 +++++++++++++++++++++++++++++++++++
 templates/csi/controller.yaml |  2 +-
 werf-giterminism.yaml         |  5 +++
 3 files changed, 84 insertions(+), 1 deletion(-)
 create mode 100644 images/csi-nfs/werf.inc.yaml

diff --git a/images/csi-nfs/werf.inc.yaml b/images/csi-nfs/werf.inc.yaml
new file mode 100644
index 00000000..6735109b
--- /dev/null
+++ b/images/csi-nfs/werf.inc.yaml
@@ -0,0 +1,78 @@
+{{- $_ := set . "BASE_GOLANG_22_ALPINE" "registry.deckhouse.io/base_images/golang:1.22.1-alpine@sha256:0de6cf7cceab6ecbf0718bdfb675b08b78113c3709c5e4b99456cdb2ae8c2495" }}
+{{- $_ := set . "BASE_SCRATCH"    "registry.deckhouse.io/base_images/scratch@sha256:b054705fcc9f2205777d80a558d920c0b4209efdc3163c22b5bfcb5dda1db5fc" }}
+{{- $_ := set . "BASE_ALPINE_DEV" "registry.deckhouse.io/base_images/dev-alpine:3.16.3@sha256:c706fa83cc129079e430480369a3f062b8178cac9ec89266ebab753a574aca8e" }}
+{{- $_ := set . "BASE_ALT_DEV"    "registry.deckhouse.io/base_images/dev-alt:p10@sha256:76e6e163fa982f03468166203488b569e6d9fc10855d6a259c662706436cdcad" }}
+
+---
+image: {{ $.ImageName }}-golang-artifact
+from: {{ $.BASE_GOLANG_22_ALPINE }}
+
+mount:
+  - fromPath: ~/go-pkg-cache
+    to: /go/pkg
+shell:
+  beforeInstall:
+    - apk add --no-cache ca-certificates make git
+  install:
+    - export GO_VERSION=${{ vars.GOLANG_VERSION }}
+    - export GOPROXY=${{ secrets.GOPROXY }}
+    - git clone --depth 1 --branch ${{ vars.SOURCE_REPO_TAG }} ${{ secrets.SOURCE_REPO }}/kubernetes-csi/csi-driver-nfs.git /csi-driver-nfs
+    - cd /csi-driver-nfs/cmd/nfsplugin
+    - GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="-s -w" -o /nfsplugin
+    - chmod +x /nfsplugin
+
+---
+{{ $csiBinaries := "/bin/mount /bin/umount /sbin/mount.nfs /sbin/mount.nfs4" }}
+---
+image: {{ $.ImageName }}-binaries-artifact
+from: {{ $.BASE_ALT_DEV }}
+
+shell:
+  install:
+    - /binary_replace.sh -i "{{ $csiBinaries }}" -o /relocate
+
+---
+image: {{ $.ImageName }}-distroless-artifact
+from: {{ $.BASE_ALPINE_DEV }}
+
+shell:
+  install:
+    - mkdir -p /relocate/bin /relocate/sbin /relocate/etc /relocate/etc/ssl /relocate/usr/bin /relocate/usr/sbin /relocate/usr/share
+    - cp -pr /tmp /relocate
+    - cp -pr /etc/passwd /etc/group /etc/hostname /etc/hosts /etc/shadow /etc/protocols /etc/services /etc/nsswitch.conf /relocate/etc
+    - cp -pr /usr/share/ca-certificates /relocate/usr/share
+    - cp -pr /usr/share/zoneinfo /relocate/usr/share
+    - cp -pr etc/ssl/cert.pem /relocate/etc/ssl
+    - cp -pr /etc/ssl/certs /relocate/etc/ssl
+    - echo "deckhouse:x:64535:64535:deckhouse:/:/sbin/nologin" >> /relocate/etc/passwd
+    - echo "deckhouse:x:64535:" >> /relocate/etc/group
+    - echo "deckhouse:!::0:::::" >> /relocate/etc/shadow
+
+---
+image: {{ $.ImageName }}-distroless
+from: {{ $.BASE_SCRATCH }}
+
+import:
+  - image: {{ $.ImageName }}-distroless-artifact
+    add: /relocate
+    to: /
+    before: setup
+
+---
+image: {{ $.ImageName }}
+fromImage: {{ $.ImageName }}-distroless
+
+import:
+  - image: {{ $.ImageName }}-golang-artifact
+    add: /nfsplugin
+    to: /nfsplugin
+    before: setup
+  - image: {{ $.ImageName }}-binaries-artifact
+    add: /relocate
+    to: /
+    before: install
+    includePaths:
+      - '**/*'
+
+docker:
+  ENTRYPOINT: ["/nfsplugin"]
diff --git a/templates/csi/controller.yaml b/templates/csi/controller.yaml
index 995eee24..7cdc485e 100644
--- a/templates/csi/controller.yaml
+++ b/templates/csi/controller.yaml
@@ -40,7 +40,7 @@
   name: tmp-dir
 {{- end }}
 
-{{- $csiControllerImage := include "helm_lib_module_image" (list . "csiNfsController") }}
+{{- $csiControllerImage := include "helm_lib_module_image" (list . "csiNfs") }}
 
 {{- $csiControllerConfig := dict }}
 {{- $_ := set $csiControllerConfig "controllerImage" $csiControllerImage }}
diff --git a/werf-giterminism.yaml b/werf-giterminism.yaml
index 5ded0e07..ebc7c739 100644
--- a/werf-giterminism.yaml
+++ b/werf-giterminism.yaml
@@ -2,3 +2,8 @@ giterminismConfigVersion: 1
 config:
   goTemplateRendering:	# The rules for the Go-template functions to be able to pass build context to the release
     allowEnvVariables: [ /CI_.+/, MODULES_MODULE_TAG ]
+  stapel:
+    mount:
+      allowBuildDir: true
+      allowFromPaths:
+        - ~/go-pkg-cache