allow FSGroupPolicy and PodInfoOnMount to be mutable in CSIDriver.Spec

2023-03-02 16:27:50 +08:00
parent fc479f41b3
commit 531324cb1d
9 changed files with 355 additions and 102 deletions
--- a/pkg/apis/storage/types.go
+++ b/pkg/apis/storage/types.go
@@ -284,7 +284,7 @@ type CSIDriverSpec struct {
 	// permission of the volume before being mounted.
 	// Refer to the specific FSGroupPolicy values for additional details.
 	//
-	// This field is immutable.
+	// This field was immutable in Kubernetes < 1.29 and now is mutable.
 	//
 	// Defaults to ReadWriteOnceWithFSType, which will examine each volume
 	// to determine if Kubernetes should modify ownership and permissions of the volume.
@@ -318,7 +318,7 @@ type CSIDriverSpec struct {
 	// deployed on such a cluster and the deployment determines which mode that is, for example
 	// via a command line parameter of the driver.
 	//
-	// This field is immutable.
+	// This field was immutable in Kubernetes < 1.29 and now is mutable.
 	//
 	// +optional
 	PodInfoOnMount *bool
--- a/pkg/apis/storage/validation/validation.go
+++ b/pkg/apis/storage/validation/validation.go
@@ -414,8 +414,6 @@ func ValidateCSIDriverUpdate(new, old *storage.CSIDriver) field.ErrorList {

 	// immutable fields should not be mutated.
 	allErrs = append(allErrs, apimachineryvalidation.ValidateImmutableField(new.Spec.AttachRequired, old.Spec.AttachRequired, field.NewPath("spec", "attachedRequired"))...)
-	allErrs = append(allErrs, apimachineryvalidation.ValidateImmutableField(new.Spec.FSGroupPolicy, old.Spec.FSGroupPolicy, field.NewPath("spec", "fsGroupPolicy"))...)
-	allErrs = append(allErrs, apimachineryvalidation.ValidateImmutableField(new.Spec.PodInfoOnMount, old.Spec.PodInfoOnMount, field.NewPath("spec", "podInfoOnMount"))...)
 	allErrs = append(allErrs, apimachineryvalidation.ValidateImmutableField(new.Spec.VolumeLifecycleModes, old.Spec.VolumeLifecycleModes, field.NewPath("spec", "volumeLifecycleModes"))...)

 	allErrs = append(allErrs, validateTokenRequests(new.Spec.TokenRequests, field.NewPath("spec", "tokenRequests"))...)
--- a/pkg/apis/storage/validation/validation_test.go
+++ b/pkg/apis/storage/validation/validation_test.go
@@ -1715,6 +1715,17 @@ func TestCSIDriverValidationUpdate(t *testing.T) {
 		modify: func(new *storage.CSIDriver) {
 			new.Spec.SELinuxMount = &notSELinuxMount
 		},
+	}, {
+		name: "change PodInfoOnMount",
+		modify: func(new *storage.CSIDriver) {
+			new.Spec.PodInfoOnMount = &podInfoOnMount
+		},
+	}, {
+		name: "change FSGroupPolicy",
+		modify: func(new *storage.CSIDriver) {
+			fileFSGroupPolicy := storage.FileFSGroupPolicy
+			new.Spec.FSGroupPolicy = &fileFSGroupPolicy
+		},
 	}}
 	for _, test := range successCases {
 		t.Run(test.name, func(t *testing.T) {
@@ -1755,11 +1766,6 @@ func TestCSIDriverValidationUpdate(t *testing.T) {
 		modify: func(new *storage.CSIDriver) {
 			new.Spec.PodInfoOnMount = nil
 		},
-	}, {
-		name: "PodInfoOnMount changed",
-		modify: func(new *storage.CSIDriver) {
-			new.Spec.PodInfoOnMount = &podInfoOnMount
-		},
 	}, {
 		name: "invalid volume lifecycle mode",
 		modify: func(new *storage.CSIDriver) {
@@ -1792,12 +1798,6 @@ func TestCSIDriverValidationUpdate(t *testing.T) {
 			invalidFSGroupPolicy := storage.FSGroupPolicy("invalid")
 			new.Spec.FSGroupPolicy = &invalidFSGroupPolicy
 		},
-	}, {
-		name: "FSGroupPolicy changed",
-		modify: func(new *storage.CSIDriver) {
-			fileFSGroupPolicy := storage.FileFSGroupPolicy
-			new.Spec.FSGroupPolicy = &fileFSGroupPolicy
-		},
 	}, {
 		name: "TokenRequests invalidated",
 		modify: func(new *storage.CSIDriver) {