Merge pull request #103001 from zshihang/csi

CSIServiceAccountToken ga
2021-06-26 19:31:23 -07:00
parent 2d1026c664 8231a3e921
commit a0f9c8c277
19 changed files with 45 additions and 148 deletions
--- a/pkg/registry/storage/csidriver/strategy.go
+++ b/pkg/registry/storage/csidriver/strategy.go
@@ -56,10 +56,6 @@ func (csiDriverStrategy) PrepareForCreate(ctx context.Context, obj runtime.Objec
 	if !utilfeature.DefaultFeatureGate.Enabled(features.CSIVolumeFSGroupPolicy) {
 		csiDriver.Spec.FSGroupPolicy = nil
 	}
-	if !utilfeature.DefaultFeatureGate.Enabled(features.CSIServiceAccountToken) {
-		csiDriver.Spec.TokenRequests = nil
-		csiDriver.Spec.RequiresRepublish = nil
-	}
 }

 func (csiDriverStrategy) Validate(ctx context.Context, obj runtime.Object) field.ErrorList {
@@ -100,14 +96,6 @@ func (csiDriverStrategy) PrepareForUpdate(ctx context.Context, obj, old runtime.
 		!utilfeature.DefaultFeatureGate.Enabled(features.CSIVolumeFSGroupPolicy) {
 		newCSIDriver.Spec.FSGroupPolicy = nil
 	}
-	if oldCSIDriver.Spec.TokenRequests == nil &&
-		!utilfeature.DefaultFeatureGate.Enabled(features.CSIServiceAccountToken) {
-		newCSIDriver.Spec.TokenRequests = nil
-	}
-	if oldCSIDriver.Spec.RequiresRepublish == nil &&
-		!utilfeature.DefaultFeatureGate.Enabled(features.CSIServiceAccountToken) {
-		newCSIDriver.Spec.RequiresRepublish = nil
-	}

 	// Any changes to the mutable fields increment the generation number.
 	if !apiequality.Semantic.DeepEqual(oldCSIDriver.Spec.TokenRequests, newCSIDriver.Spec.TokenRequests) || !apiequality.Semantic.DeepEqual(oldCSIDriver.Spec.RequiresRepublish, newCSIDriver.Spec.RequiresRepublish) {
--- a/pkg/registry/storage/csidriver/strategy_test.go
+++ b/pkg/registry/storage/csidriver/strategy_test.go
@@ -92,10 +92,9 @@ func TestCSIDriverPrepareForCreate(t *testing.T) {
 	requiresRepublish := true

 	tests := []struct {
-		name                    string
-		withCapacity            bool
-		withInline              bool
-		withServiceAccountToken bool
+		name         string
+		withCapacity bool
+		withInline   bool
 	}{
 		{
 			name:       "inline enabled",
@@ -113,21 +112,12 @@ func TestCSIDriverPrepareForCreate(t *testing.T) {
 			name:         "capacity disabled",
 			withCapacity: false,
 		},
-		{
-			name:                    "serviceAccountToken enabled",
-			withServiceAccountToken: true,
-		},
-		{
-			name:                    "serviceAccountToken disabled",
-			withServiceAccountToken: false,
-		},
 	}

 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {
 			defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CSIStorageCapacity, test.withCapacity)()
 			defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CSIInlineVolume, test.withInline)()
-			defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CSIServiceAccountToken, test.withServiceAccountToken)()

 			csiDriver := &storage.CSIDriver{
 				ObjectMeta: metav1.ObjectMeta{
@@ -167,21 +157,6 @@ func TestCSIDriverPrepareForCreate(t *testing.T) {
 					t.Errorf("VolumeLifecycleModes not stripped: %v", csiDriver.Spec)
 				}
 			}
-			if test.withServiceAccountToken {
-				if csiDriver.Spec.TokenRequests == nil {
-					t.Errorf("TokenRequests modified: %v", csiDriver.Spec)
-				}
-				if csiDriver.Spec.RequiresRepublish == nil {
-					t.Errorf("RequiresRepublish modified: %v", csiDriver.Spec)
-				}
-			} else {
-				if csiDriver.Spec.TokenRequests != nil {
-					t.Errorf("TokenRequests stripped: %v", csiDriver.Spec)
-				}
-				if csiDriver.Spec.RequiresRepublish != nil {
-					t.Errorf("RequiresRepublish stripped: %v", csiDriver.Spec)
-				}
-			}
 		})
 	}
 }
@@ -227,7 +202,6 @@ func TestCSIDriverPrepareForUpdate(t *testing.T) {
 	enabled := true
 	disabled := false
 	gcp := "gcp"
-	vault := "vault"
 	driverWithCapacityEnabled := &storage.CSIDriver{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: "foo",
@@ -253,29 +227,19 @@ func TestCSIDriverPrepareForUpdate(t *testing.T) {
 			RequiresRepublish: &enabled,
 		},
 	}
-	driverWithServiceAccountTokenVault := &storage.CSIDriver{
-		ObjectMeta: metav1.ObjectMeta{
-			Name: "foo",
-		},
-		Spec: storage.CSIDriverSpec{
-			TokenRequests:     []storage.TokenRequest{{Audience: vault}},
-			RequiresRepublish: &enabled,
-		},
-	}

 	resultPersistent := []storage.VolumeLifecycleMode{storage.VolumeLifecyclePersistent}

 	tests := []struct {
-		name                          string
-		old, update                   *storage.CSIDriver
-		csiStorageCapacityEnabled     bool
-		csiInlineVolumeEnabled        bool
-		csiServiceAccountTokenEnabled bool
-		wantCapacity                  *bool
-		wantModes                     []storage.VolumeLifecycleMode
-		wantTokenRequests             []storage.TokenRequest
-		wantRequiresRepublish         *bool
-		wantGeneration                int64
+		name                      string
+		old, update               *storage.CSIDriver
+		csiStorageCapacityEnabled bool
+		csiInlineVolumeEnabled    bool
+		wantCapacity              *bool
+		wantModes                 []storage.VolumeLifecycleMode
+		wantTokenRequests         []storage.TokenRequest
+		wantRequiresRepublish     *bool
+		wantGeneration            int64
 	}{
 		{
 			name:                      "capacity feature enabled, before: none, update: enabled",
@@ -316,25 +280,9 @@ func TestCSIDriverPrepareForUpdate(t *testing.T) {
 			wantModes: resultPersistent,
 		},
 		{
-			name:                          "service account token feature enabled, before: none, update: audience=gcp",
-			csiServiceAccountTokenEnabled: true,
-			old:                           driverWithNothing,
-			update:                        driverWithServiceAccountTokenGCP,
-			wantTokenRequests:             []storage.TokenRequest{{Audience: gcp}},
-			wantRequiresRepublish:         &enabled,
-			wantGeneration:                1,
-		},
-		{
-			name:                  "service account token feature disabled, before: none, update: audience=gcp",
+			name:                  "service account token feature enabled, before: none, update: audience=gcp",
 			old:                   driverWithNothing,
 			update:                driverWithServiceAccountTokenGCP,
-			wantTokenRequests:     nil,
-			wantRequiresRepublish: nil,
-		},
-		{
-			name:                  "service account token feature disabled, before: audience=vault, update: audience=gcp",
-			old:                   driverWithServiceAccountTokenVault,
-			update:                driverWithServiceAccountTokenGCP,
 			wantTokenRequests:     []storage.TokenRequest{{Audience: gcp}},
 			wantRequiresRepublish: &enabled,
 			wantGeneration:        1,
@@ -345,7 +293,6 @@ func TestCSIDriverPrepareForUpdate(t *testing.T) {
 		t.Run(test.name, func(t *testing.T) {
 			defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CSIStorageCapacity, test.csiStorageCapacityEnabled)()
 			defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CSIInlineVolume, test.csiInlineVolumeEnabled)()
-			defer featuregatetesting.SetFeatureGateDuringTest(t, utilfeature.DefaultFeatureGate, features.CSIServiceAccountToken, test.csiServiceAccountTokenEnabled)()

 			csiDriver := test.update.DeepCopy()
 			Strategy.PrepareForUpdate(ctx, csiDriver, test.old)