Reconstruct SELinux mount option

When reconstructing volumes from disk after kubelet restart, reconstruct also context=XYZ mount option and add it to the ActualStateOfWorld.
2022-11-03 17:40:16 +01:00
parent 95bd687a28
commit e575e60ea4
16 changed files with 225 additions and 28 deletions
--- a/pkg/volume/plugins.go
+++ b/pkg/volume/plugins.go
@@ -573,7 +573,11 @@ type VolumeConfig struct {
 // ReconstructedVolume contains information about a volume reconstructed by
 // ConstructVolumeSpec().
 type ReconstructedVolume struct {
+	// Spec is the volume spec of a mounted volume
 	Spec *Spec
+	// SELinuxMountContext is value of -o context=XYZ mount option.
+	// If empty, no such mount option is used.
+	SELinuxMountContext string
 }

 // NewSpecFromVolume creates an Spec from an v1.Volume