Merge pull request #50843 from TerraTech/fvs-selinuxRelabel-init-1.8.x

Automatic merge from submit-queue (batch tested with PRs 51105, 51097, 51110, 50843, 51107) FlexVolume: Add ability to control 'SupportsSELinux' during driver's init phase **What this PR does / why we need it**: Adds the ability to disable FlexVolume SELinux relabeling for filesystems that don't support it, e.g. fuse **Which issue this PR fixes**: This was reported in: https://github.com/lizardfs/lizardfs/issues/581 This is a reworked solution as per feedback from #50548 https://github.com/kubernetes/kubernetes/pull/50548#issuecomment-322328679 **Special notes for your reviewer**: /assign @thockin /cc @chakri-nelluri @verult @saad-ali **Release note**: ```release-note NONE ```
2017-08-23 05:51:28 -07:00
parent fd31c3a5cf 07cfade1fc
commit 4fb6c2891c
3 changed files with 40 additions and 28 deletions
--- a/pkg/volume/flexvolume/plugin.go
+++ b/pkg/volume/flexvolume/plugin.go
@@ -42,6 +42,7 @@ type flexVolumePlugin struct {
 	runner     exec.Interface

 	sync.Mutex
+	capabilities        *driverCapabilities
 	unsupportedCommands []string
 }

@@ -64,44 +65,29 @@ func NewFlexVolumePlugin(pluginDir, name string) (volume.VolumePlugin, error) {
 		unsupportedCommands: []string{},
 	}

-	// Check whether the plugin is attachable.
-	ok, err := isAttachable(flexPlugin)
+	// Retrieve driver reported capabilities
+	call := flexPlugin.NewDriverCall(initCmd)
+	ds, err := call.Run()
 	if err != nil {
 		return nil, err
 	}

-	if ok {
-		// Plugin supports attach/detach, so return flexVolumeAttachablePlugin
+	driverCaps := ds.getDriverCapabilities()
+	flexPlugin.capabilities = driverCaps
+
+	// Check whether the plugin is attachable.
+	if driverCaps.attach {
+		// Plugin supports attach/detach by default, so return flexVolumeAttachablePlugin
 		return &flexVolumeAttachablePlugin{flexVolumePlugin: flexPlugin}, nil
 	} else {
 		return flexPlugin, nil
 	}
 }

-func isAttachable(plugin *flexVolumePlugin) (bool, error) {
-	call := plugin.NewDriverCall(initCmd)
-	res, err := call.Run()
-	if err != nil {
-		return false, err
-	}
-
-	// By default all plugins are attachable, unless they report otherwise.
-	cap, ok := res.Capabilities[attachCapability]
-	if ok {
-		// cap is false, so plugin does not support attach/detach calls.
-		return cap, nil
-	}
-
-	return true, nil
-}
-
 // Init is part of the volume.VolumePlugin interface.
 func (plugin *flexVolumePlugin) Init(host volume.VolumeHost) error {
-	plugin.host = host
-	// call the init script
-	call := plugin.NewDriverCall(initCmd)
-	_, err := call.Run()
-	return err
+	// Hardwired 'success' as any errors from calling init() will be caught by NewFlexVolumePlugin()
+	return nil
 }

 func (plugin *flexVolumePlugin) getExecutable() string {