Merge pull request #1429 from kubernetes-sigs/fix-createPrivateEndpoint

fix: match account if PrivateEndpoint is not set in storage class
kubernetes-sigs · Sep 7, 2023 · e92bfcb · e92bfcb
2 parents a33034f + 870e7bd
commit e92bfcb
Show file tree

Hide file tree

Showing 22 changed files with 1,113 additions and 21 deletions.
diff --git a/go.mod b/go.mod
@@ -32,7 +32,7 @@ require (
 	k8s.io/kubernetes v1.28.1
 	k8s.io/mount-utils v0.0.0
 	k8s.io/utils v0.0.0-20230406110748-d93618cff8a2
-	sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230825065334-8b1cf948b7ed
+	sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230907063607-e9994a5f9c7a
 	sigs.k8s.io/yaml v1.3.0
 )
 

diff --git a/go.sum b/go.sum
@@ -889,8 +889,8 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
 sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2 h1:trsWhjU5jZrx6UvFu4WzQDrN7Pga4a7Qg+zcfcj64PA=
 sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2/go.mod h1:+qG7ISXqCDVVcyO8hLn12AKVYYUjM7ftlqsqmrhMZE0=
-sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230825065334-8b1cf948b7ed h1:tT1CT8ff+GPVYtcPxeopAnUbyapzZ0MaCFz2vgAp14U=
-sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230825065334-8b1cf948b7ed/go.mod h1:T86YMaSDRFlMqX5Kmb+KqeASg4Px75GQfcs0sD0yqAw=
+sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230907063607-e9994a5f9c7a h1:7/WSpSvXdr/mwDoEMjz0tqlyaACPT9dL/+c1FnbhV6U=
+sigs.k8s.io/cloud-provider-azure v1.27.1-0.20230907063607-e9994a5f9c7a/go.mod h1:T86YMaSDRFlMqX5Kmb+KqeASg4Px75GQfcs0sD0yqAw=
 sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
 sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
 sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=

diff --git a/pkg/azurefile/controllerserver.go b/pkg/azurefile/controllerserver.go
@@ -314,9 +314,9 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 
 	enableHTTPSTrafficOnly := true
 	shareProtocol := storage.EnabledProtocolsSMB
-	createPrivateEndpoint := false
+	var createPrivateEndpoint *bool
 	if strings.EqualFold(networkEndpointType, privateEndpoint) {
-		createPrivateEndpoint = true
+		createPrivateEndpoint = pointer.BoolPtr(true)
 	}
 	var vnetResourceIDs []string
 	if fsType == nfs || protocol == nfs {
@@ -332,7 +332,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 		// reset protocol field (compatble with "fsType: nfs")
 		setKeyValueInMap(parameters, protocolField, protocol)
 
-		if !createPrivateEndpoint {
+		if !pointer.BoolDeref(createPrivateEndpoint, false) {
 			// set VirtualNetworkResourceIDs for storage account firewall setting
 			vnetResourceID := d.getSubnetResourceID(vnetResourceGroup, vnetName, subnetName)
 			klog.V(2).Infof("set vnetResourceID(%s) for NFS protocol", vnetResourceID)
@@ -435,7 +435,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 			accountName = v.(string)
 		} else {
 			lockKey = fmt.Sprintf("%s%s%s%s%s%s%s%v%v%v%v%v", sku, accountKind, resourceGroup, location, protocol, subsID, accountAccessTier,
-				createPrivateEndpoint, pointer.BoolDeref(allowBlobPublicAccess, false), pointer.BoolDeref(requireInfraEncryption, false),
+				pointer.BoolDeref(createPrivateEndpoint, false), pointer.BoolDeref(allowBlobPublicAccess, false), pointer.BoolDeref(requireInfraEncryption, false),
 				pointer.BoolDeref(enableLFS, false), pointer.BoolDeref(disableDeleteRetentionPolicy, false))
 			// search in cache first
 			cache, err := d.accountSearchCache.Get(lockKey, azcache.CacheReadTypeDefault)
@@ -485,7 +485,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 		}
 	}
 
-	if createPrivateEndpoint {
+	if pointer.BoolDeref(createPrivateEndpoint, false) {
 		setKeyValueInMap(parameters, serverNameField, fmt.Sprintf("%s.privatelink.file.%s", accountName, storageEndpointSuffix))
 	}
 

diff --git a/vendor/k8s.io/cloud-provider/api/retry_error.go b/vendor/k8s.io/cloud-provider/api/retry_error.go
diff --git a/vendor/k8s.io/cloud-provider/api/well_known_annotations.go b/vendor/k8s.io/cloud-provider/api/well_known_annotations.go
diff --git a/vendor/k8s.io/cloud-provider/api/well_known_taints.go b/vendor/k8s.io/cloud-provider/api/well_known_taints.go
diff --git a/vendor/k8s.io/cloud-provider/node/helpers/address.go b/vendor/k8s.io/cloud-provider/node/helpers/address.go