From 7c044c6dd368b65e136c95a03b70a9ed275ccc5f Mon Sep 17 00:00:00 2001 From: Humble Chirammal Date: Mon, 24 Jan 2022 11:59:14 +0530 Subject: [PATCH] e2e: add podsecuritycontext fsgroup for normal user validation considering the pod has run as normal user, the fsgroup has also set to the same. Signed-off-by: Humble Chirammal --- e2e/utils.go | 1 + internal/rbd/nodeserver.go | 10 +++++----- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/e2e/utils.go b/e2e/utils.go index ca6da4ac066..70233cab07d 100644 --- a/e2e/utils.go +++ b/e2e/utils.go @@ -333,6 +333,7 @@ func validateNormalUserPVCAccess(pvcPath string, f *framework.Framework) error { }, }, Spec: v1.PodSpec{ + SecurityContext: &v1.PodSecurityContext{FSGroup: &user}, Containers: []v1.Container{ { Name: "write-pod", diff --git a/internal/rbd/nodeserver.go b/internal/rbd/nodeserver.go index 209c4610e30..f64ef21c087 100644 --- a/internal/rbd/nodeserver.go +++ b/internal/rbd/nodeserver.go @@ -420,7 +420,7 @@ func (ns *NodeServer) stageTransaction( transaction.isStagePathCreated = true // nodeStage Path - _, err = ns.mountVolumeToStagePath(ctx, req, staticVol, stagingTargetPath, devicePath) + err = ns.mountVolumeToStagePath(ctx, req, staticVol, stagingTargetPath, devicePath) if err != nil { return transaction, err } @@ -678,7 +678,7 @@ func (ns *NodeServer) mountVolumeToStagePath( ctx context.Context, req *csi.NodeStageVolumeRequest, staticVol bool, - stagingPath, devicePath string) (bool, error) { + stagingPath, devicePath string) error { readOnly := false fsType := req.GetVolumeCapability().GetMount().GetFsType() diskMounter := &mount.SafeFormatAndMount{Interface: ns.Mounter, Exec: utilexec.New()} @@ -696,7 +696,7 @@ func (ns *NodeServer) mountVolumeToStagePath( if err != nil { log.ErrorLog(ctx, "failed to get disk format for path %s, error: %v", devicePath, err) - return readOnly, err + return err } opt := []string{"_netdev"} @@ -736,7 +736,7 @@ func (ns *NodeServer) mountVolumeToStagePath( if cmdErr != nil { log.ErrorLog(ctx, "failed to run mkfs error: %v, output: %v", cmdErr, string(cmdOut)) - return readOnly, cmdErr + return cmdErr } } } @@ -757,7 +757,7 @@ func (ns *NodeServer) mountVolumeToStagePath( err) } - return readOnly, err + return err } func (ns *NodeServer) mountVolume(ctx context.Context, stagingPath string, req *csi.NodePublishVolumeRequest) error {