- Maintain one single server binary and image

- Change direct-csi references to directpv - Bugfixes
minio · Jan 4, 2022 · 7052a80 · 7052a80
1 parent 23425fd
commit 7052a80
Show file tree

Hide file tree

Showing 17 changed files with 41 additions and 114 deletions.
diff --git a/.github/workflows/functional-test-1.18.20.yaml b/.github/workflows/functional-test-1.18.20.yaml
@@ -29,13 +29,13 @@ jobs:
           CGO_ENABLED: 0
           GO111MODULE: on
         run: |
-          go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/direct-csi
+          go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/directpv
           go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/kubectl-direct_csi
-          echo "BUILD_TAG=v0.0.0-$(./direct-csi --version)" >> $GITHUB_ENV
+          echo "BUILD_TAG=v0.0.0-$(./directpv --version)" >> $GITHUB_ENV
 
       - name: Build docker image
         run: |
-          docker build -t quay.io/minio/direct-csi:${BUILD_TAG} .
+          docker build -t quay.io/minio/directpv:${BUILD_TAG} .
 
       - name: Setup Minikube
         uses: manusa/[email protected]

diff --git a/.github/workflows/functional-test-1.19.16.yaml b/.github/workflows/functional-test-1.19.16.yaml
@@ -29,13 +29,13 @@ jobs:
           CGO_ENABLED: 0
           GO111MODULE: on
         run: |
-          go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/direct-csi
+          go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/directpv
           go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/kubectl-direct_csi
-          echo "BUILD_TAG=v0.0.0-$(./direct-csi --version)" >> $GITHUB_ENV
+          echo "BUILD_TAG=v0.0.0-$(./directpv --version)" >> $GITHUB_ENV
 
       - name: Build docker image
         run: |
-          docker build -t quay.io/minio/direct-csi:${BUILD_TAG} .
+          docker build -t quay.io/minio/directpv:${BUILD_TAG} .
 
       - name: Setup Minikube
         uses: manusa/[email protected]

diff --git a/.github/workflows/functional-test-1.20.12.yaml b/.github/workflows/functional-test-1.20.12.yaml
@@ -29,13 +29,13 @@ jobs:
           CGO_ENABLED: 0
           GO111MODULE: on
         run: |
-          go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/direct-csi
+          go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/directpv
           go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/kubectl-direct_csi
-          echo "BUILD_TAG=v0.0.0-$(./direct-csi --version)" >> $GITHUB_ENV
+          echo "BUILD_TAG=v0.0.0-$(./directpv --version)" >> $GITHUB_ENV
 
       - name: Build docker image
         run: |
-          docker build -t quay.io/minio/direct-csi:${BUILD_TAG} .
+          docker build -t quay.io/minio/directpv:${BUILD_TAG} .
 
       - name: Setup Minikube
         uses: manusa/[email protected]

diff --git a/.github/workflows/functional-test-1.21.6.yaml b/.github/workflows/functional-test-1.21.6.yaml
@@ -29,13 +29,13 @@ jobs:
           CGO_ENABLED: 0
           GO111MODULE: on
         run: |
-          go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/direct-csi
+          go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/directpv
           go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/kubectl-direct_csi
-          echo "BUILD_TAG=v0.0.0-$(./direct-csi --version)" >> $GITHUB_ENV
+          echo "BUILD_TAG=v0.0.0-$(./directpv --version)" >> $GITHUB_ENV
 
       - name: Build docker image
         run: |
-          docker build -t quay.io/minio/direct-csi:${BUILD_TAG} .
+          docker build -t quay.io/minio/directpv:${BUILD_TAG} .
 
       - name: Setup Minikube
         uses: manusa/[email protected]

diff --git a/.github/workflows/functional-test-1.22.2.yaml b/.github/workflows/functional-test-1.22.2.yaml
@@ -29,13 +29,13 @@ jobs:
           CGO_ENABLED: 0
           GO111MODULE: on
         run: |
-          go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/direct-csi
+          go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/directpv
           go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${VERSION} -extldflags=-static" github.com/minio/directpv/cmd/kubectl-direct_csi
-          echo "BUILD_TAG=v0.0.0-$(./direct-csi --version)" >> $GITHUB_ENV
+          echo "BUILD_TAG=v0.0.0-$(./directpv --version)" >> $GITHUB_ENV
 
       - name: Build docker image
         run: |
-          docker build -t quay.io/minio/direct-csi:${BUILD_TAG} .
+          docker build -t quay.io/minio/directpv:${BUILD_TAG} .
 
       - name: Setup Minikube
         uses: manusa/[email protected]

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -53,7 +53,7 @@ jobs:
           go test -v ./... -tags skip -coverprofile="codecov-coverage.txt" -covermode=atomic
           ./build.sh
           curl -s https://codecov.io/bash | bash -s -- -f "codecov-coverage.txt" -F ubuntu-latest
-          docker build . -t "direct-csi:latest"
+          docker build . -t "directpv:latest"
 
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v2

diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -17,24 +17,6 @@ before:
     - go mod download
 
 builds:
-  -
-    main: ./cmd/direct-csi
-    id: direct-csi
-    binary: direct-csi
-    goos:
-      - linux
-    goarch:
-      - amd64
-      - arm64
-      - ppc64le
-    env:
-      - CGO_ENABLED=0
-    flags:
-      - -trimpath
-      - -tags="osusergo netgo static_build"
-    ldflags:
-      - -s -w -X main.Version={{ .Tag }}
-
   -
     main: ./cmd/directpv
     id: directpv
@@ -112,48 +94,6 @@ changelog:
   sort: asc
 
 dockers:
-- image_templates:
-  - "quay.io/minio/direct-csi:{{ .Tag }}-amd64"
-  use: buildx
-  goarch: amd64
-  ids:
-    - direct-csi
-  dockerfile: Dockerfile
-  extra_files:
-    - LICENSE
-    - CREDITS
-    - centos.repo
-  build_flag_templates:
-  - "--platform=linux/amd64"
-  - "--build-arg=BINARY=direct-csi"
-- image_templates:
-  - "quay.io/minio/direct-csi:{{ .Tag }}-ppc64le"
-  use: buildx
-  goarch: ppc64le
-  ids:
-    - direct-csi
-  dockerfile: Dockerfile
-  extra_files:
-    - LICENSE
-    - CREDITS
-    - centos.repo
-  build_flag_templates:
-  - "--platform=linux/ppc64le"
-  - "--build-arg=BINARY=direct-csi"
-- image_templates:
-  - "quay.io/minio/direct-csi:{{ .Tag }}-arm64"
-  use: buildx
-  goarch: arm64
-  ids:
-    - direct-csi
-  dockerfile: Dockerfile
-  extra_files:
-    - LICENSE
-    - CREDITS
-    - centos.repo
-  build_flag_templates:
-  - "--platform=linux/arm64"
-  - "--build-arg=BINARY=direct-csi"
 - image_templates:
   - "quay.io/minio/directpv:{{ .Tag }}-amd64"
   use: buildx
@@ -167,7 +107,6 @@ dockers:
     - centos.repo
   build_flag_templates:
   - "--platform=linux/amd64"
-  - "--build-arg=BINARY=directpv"
 - image_templates:
   - "quay.io/minio/directpv:{{ .Tag }}-ppc64le"
   use: buildx
@@ -181,7 +120,6 @@ dockers:
     - centos.repo
   build_flag_templates:
   - "--platform=linux/ppc64le"
-  - "--build-arg=BINARY=directpv"
 - image_templates:
   - "quay.io/minio/directpv:{{ .Tag }}-arm64"
   use: buildx
@@ -195,18 +133,7 @@ dockers:
     - centos.repo
   build_flag_templates:
   - "--platform=linux/arm64"
-  - "--build-arg=BINARY=directpv"
 docker_manifests:
-- name_template: quay.io/minio/direct-csi:{{ .Tag }}
-  image_templates:
-  - quay.io/minio/direct-csi:{{ .Tag }}-amd64
-  - quay.io/minio/direct-csi:{{ .Tag }}-arm64
-  - quay.io/minio/direct-csi:{{ .Tag }}-ppc64le
-- name_template: quay.io/minio/direct-csi:latest
-  image_templates:
-  - quay.io/minio/direct-csi:{{ .Tag }}-amd64
-  - quay.io/minio/direct-csi:{{ .Tag }}-arm64
-  - quay.io/minio/direct-csi:{{ .Tag }}-ppc64le
 - name_template: quay.io/minio/directpv:{{ .Tag }}
   image_templates:
   - quay.io/minio/directpv:{{ .Tag }}-amd64

diff --git a/Dockerfile b/Dockerfile
@@ -2,6 +2,7 @@ FROM registry.access.redhat.com/ubi8/ubi-minimal:8.5
 
 WORKDIR /
 
+COPY directpv /directpv
 COPY CREDITS /licenses/CREDITS
 COPY LICENSE /licenses/LICENSE
 
@@ -15,6 +16,4 @@ RUN \
     microdnf clean all && \
     rm -f /etc/yum.repos.d/CentOS.repo
 
-COPY direct-csi direct-csi
-
-ENTRYPOINT ["/direct-csi"]
+ENTRYPOINT ["/directpv"]
diff --git a/apparmor.profile b/apparmor.profile
@@ -43,6 +43,7 @@ profile directpv flags=(attach_disconnected,mediate_deleted) {
   /usr/sbin/mkfs ix,
   /usr/sbin/mkfs.xfs ix,
   /direct-csi ix,
+  /directpv ix,
 
   deny /bin/sh mrwklx,
   deny /bin/bash mrwklx,

diff --git a/cmd/direct-csi b/cmd/direct-csi
diff --git a/cmd/kubectl-directpv/install.go b/cmd/kubectl-directpv/install.go
@@ -41,7 +41,7 @@ var installCmd = &cobra.Command{
 var (
 	installCRD             = false
 	admissionControl       = false
-	image                  = "direct-csi:" + Version
+	image                  = "directpv:" + Version
 	registry               = "quay.io"
 	org                    = "minio"
 	loopbackOnly           = false
@@ -55,10 +55,10 @@ var (
 
 func init() {
 	installCmd.PersistentFlags().BoolVarP(&installCRD, "crd", "c", installCRD, "register crds along with installation")
-	installCmd.PersistentFlags().StringVarP(&image, "image", "i", image, "direct-csi image")
-	installCmd.PersistentFlags().StringVarP(&registry, "registry", "r", registry, "registry where direct-csi images are available")
-	installCmd.PersistentFlags().StringVarP(&org, "org", "g", org, "organization name where direct-csi images are available")
-	installCmd.PersistentFlags().BoolVarP(&admissionControl, "admission-control", "", admissionControl, "turn on direct-csi admission controller")
+	installCmd.PersistentFlags().StringVarP(&image, "image", "i", image, "DirectPV image")
+	installCmd.PersistentFlags().StringVarP(&registry, "registry", "r", registry, "registry where DirectPV images are available")
+	installCmd.PersistentFlags().StringVarP(&org, "org", "g", org, "organization name where DirectPV images are available")
+	installCmd.PersistentFlags().BoolVarP(&admissionControl, "admission-control", "", admissionControl, "turn on DirectPV admission controller")
 	installCmd.PersistentFlags().MarkDeprecated("crd", "Will be removed in version 1.5 or greater")
 	installCmd.PersistentFlags().StringSliceVarP(&nodeSelectorParameters, "node-selector", "n", nodeSelectorParameters, "node selector parameters")
 	installCmd.PersistentFlags().StringSliceVarP(&tolerationParameters, "tolerations", "t", tolerationParameters, "tolerations parameters")
@@ -89,8 +89,10 @@ func install(ctx context.Context, args []string) (err error) {
 		return fmt.Errorf("invalid tolerations. format of '--tolerations' must be <key>[=value]:<NoSchedule|PreferNoSchedule|NoExecute>")
 	}
 
-	klog.Infof("Enable dynamic drive change management using " + utils.Bold("--dynamic-drive-discovery") + " flag")
-	klog.Infof("This flag will be made default in the next major release version")
+	if !dynamicDriveDiscovery {
+		klog.Infof("Enable dynamic drive change management using " + utils.Bold("--enable-dynamic-discovery") + " flag")
+		klog.Infof("This flag will be made default in the next major release version")
+	}
 
 	file, err := utils.OpenAuditFile(auditInstall)
 	if err != nil {

diff --git a/functests/common.sh b/functests/common.sh
@@ -90,7 +90,10 @@ function _wait_directcsi_to_start() {
 }
 
 function install_directcsi() {
-    image="direct-csi:${DIRECT_CSI_VERSION}"
+    image="directpv:${DIRECT_CSI_VERSION}"
+    if [[ "$DIRECT_CSI_VERSION" == "v1.3.6" ]] || [[ "$DIRECT_CSI_VERSION" == "v1.4.3" ]]; then
+        image="direct-csi:${DIRECT_CSI_VERSION}"
+    fi
     if [ -n "$1" ]; then
         image="$1"
     fi
@@ -99,7 +102,7 @@ function install_directcsi() {
 }
 
 function install_directcsi_with_dynamic_discovery() {
-    "${DIRECT_CSI_CLIENT}" install --image "direct-csi:${DIRECT_CSI_VERSION}" --enable-dynamic-discovery
+    "${DIRECT_CSI_CLIENT}" install --image "directpv:${DIRECT_CSI_VERSION}" --enable-dynamic-discovery
     _wait_directcsi_to_start
 }
 
@@ -194,7 +197,7 @@ function uninstall_minio() {
     "${DIRECT_CSI_CLIENT}" volumes ls
 
     while true; do
-        count=$("${DIRECT_CSI_CLIENT}" volumes ls | grep -vc WARNING)
+        count=$("${DIRECT_CSI_CLIENT}" volumes ls | awk '!/WARNING/ {count++} END {print count}')
         # Includes Header line and WARNING line for deprecation notice
         if [[ $count -eq 1 ]]; then
             break

diff --git a/functests/tests.sh b/functests/tests.sh
@@ -94,7 +94,7 @@ function do_upgrade_test() {
     # Show output for manual debugging.
     "${DIRECT_CSI_CLIENT}" volumes list --all -o wide
 
-    mapfile -t upgraded_volumes < <("${DIRECT_CSI_CLIENT}" volumes list --status published | grep -v WARNING | awk '{print $1}')
+    mapfile -t upgraded_volumes < <("${DIRECT_CSI_CLIENT}" volumes list --status published | awk '!/WARNING/ {print $1}')
     if [[ ${#upgraded_volumes[@]} -ne ${#volumes[@]} ]]; then
         echo "$ME: volume count is not matching in version compatibility client tests"
         return 1
@@ -117,7 +117,7 @@ function do_upgrade_test() {
     # Show output for manual debugging.
     "${DIRECT_CSI_CLIENT}" volumes list --all -o wide
 
-    mapfile -t upgraded_volumes < <("${DIRECT_CSI_CLIENT}" volumes list --status published | grep -v WARNING | awk '{print $1}')
+    mapfile -t upgraded_volumes < <("${DIRECT_CSI_CLIENT}" volumes list --status published | awk '!/WARNING/ {print $1}')
     if [[ ${#upgraded_volumes[@]} -ne ${#volumes[@]} ]]; then
         echo "$ME: volume count is not matching after upgrade"
         return 1

diff --git a/hack/build-without-docker.sh b/hack/build-without-docker.sh
@@ -33,10 +33,6 @@ gofmt -s -w "${SCRIPT_DIR}/../pkg/installer/crd_bindata.go"
 
 export GO111MODULE=on
 
-go build -tags "osusergo netgo static_build" \
-   -ldflags="-X main.Version=${BUILD_VERSION} -extldflags=-static" \
-   github.com/minio/directpv/cmd/direct-csi
-
 go build -tags "osusergo netgo static_build" \
    -ldflags="-X main.Version=${BUILD_VERSION} -extldflags=-static" \
    github.com/minio/directpv/cmd/directpv

diff --git a/install.sh b/install.sh
@@ -23,7 +23,7 @@ warn() {
 fatal() {
     echo "[ERROR] " "$@" >&2
     if [ -n "${SUFFIX}" ]; then
-        echo "[ALT] Please visit 'https://github.com/minio/directpv/releases' directly and download the latest direct-csi_${SUFFIX}" >&2
+        echo "[ALT] Please visit 'https://github.com/minio/directpv/releases' directly and download the latest directpv-${SUFFIX}" >&2
     fi
     exit 1
 }

diff --git a/run-functests-on-centos7-vm.sh b/run-functests-on-centos7-vm.sh
@@ -89,7 +89,7 @@ function build_directcsi() {
     export BUILD_TAG
 
     export CGO_ENABLED=0 GO111MODULE=on
-    go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${BUILD_TAG} -extldflags=-static" github.com/minio/directpv/cmd/direct-csi
+    go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${BUILD_TAG} -extldflags=-static" github.com/minio/directpv/cmd/directpv
     go build -tags "osusergo netgo static_build" -ldflags="-X main.Version=${BUILD_TAG} -extldflags=-static" github.com/minio/directpv/cmd/kubectl-direct_csi
 }
 
@@ -117,7 +117,7 @@ function run_functional_test() {
     start_test_vm
 
     scp_cmd CREDITS LICENSE centos.repo direct-csi kubectl-direct_csi Dockerfile "root@${VM_IPADDR}:"
-    ssh_cmd "${VM_IPADDR}" "docker build -t quay.io/minio/direct-csi:${BUILD_TAG} -f Dockerfile ."
+    ssh_cmd "${VM_IPADDR}" "docker build -t quay.io/minio/directpv:${BUILD_TAG} -f Dockerfile ."
     ssh_cmd "${VM_IPADDR}" "minikube start --driver=none"
     scp_cmd -r functests "root@${VM_IPADDR}:"
     ssh_cmd "${VM_IPADDR}" "RHEL7_TEST=1 functests/run.sh ${BUILD_TAG}"

diff --git a/security-checklist.md b/security-checklist.md
@@ -10,9 +10,9 @@ DirectCSI runs with elevated privileges, which are needed for reading block devi
 | mount       | CAP_SYS_ADMIN               | privileged: true     | Seccomp & Apparmor        |
 | umount      | CAP_SYS_ADMIN               | privileged: true     | Seccomp & Apparmor        |
 
-The [Apparmor profile](./apparmor.profile) restricts mounts/unmounts to directories specified [here](#file-permissions). In addition, it prevents execution of all binaries in direct-csi pods except ones listed [here](#external-binary-execution).
+The [Apparmor profile](./apparmor.profile) restricts mounts/unmounts to directories specified [here](#file-permissions). In addition, it prevents execution of all binaries in DirectPV pods except ones listed [here](#external-binary-execution).
 
-The [Seccomp profile](./seccomp.json) restricts syscalls to the minimum required by direct-csi.
+The [Seccomp profile](./seccomp.json) restricts syscalls to the minimum required by DirectPV.
 
 ### Host Access