k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/test/e2e/testing-manifests/storage-csi/update-hostpath.sh

k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/test/e2e/testing-manifests/storage-csi/update-hostpath.sh (about)

     1  #!/bin/sh
     2  
     3  # Copyright 2021 The Kubernetes Authors.
     4  #
     5  # Licensed under the Apache License, Version 2.0 (the "License");
     6  # you may not use this file except in compliance with the License.
     7  # You may obtain a copy of the License at
     8  #
     9  #     http://www.apache.org/licenses/LICENSE-2.0
    10  #
    11  # Unless required by applicable law or agreed to in writing, software
    12  # distributed under the License is distributed on an "AS IS" BASIS,
    13  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    14  # See the License for the specific language governing permissions and
    15  # limitations under the License.
    16  
    17  # This script will update all sidecar RBAC files and the CSI hostpath
    18  # deployment files such that they match what is in a hostpath driver
    19  # release.
    20  #
    21  # Beware that this will wipe out all local modifications!
    22  
    23  # Can be a tag or a branch.
    24  script="$0"
    25  hostpath_version="$1"
    26  
    27  if ! [ "$hostpath_version" ]; then
    28      cat >&2 <<EOF
    29  Usage: $0 <hostpath tag or branch name>
    30  
    31  Required parameter is missing.
    32  EOF
    33      exit 1
    34  fi
    35  
    36  set -xe
    37  cd "$(dirname "$0")"
    38  
    39  # Remove stale files.
    40  rm -rf external-attacher external-provisioner external-resizer external-snapshotter external-health-monitor hostpath csi-driver-host-path
    41  
    42  # Check out desired release.
    43  git clone https://github.com/kubernetes-csi/csi-driver-host-path.git
    44  (cd csi-driver-host-path && git checkout "$hostpath_version")
    45  trap "rm -rf csi-driver-host-path" EXIT
    46  
    47  # Main YAML files.
    48  mkdir hostpath
    49  cat >hostpath/README.md <<EOF
    50  The files in this directory are exact copies of "kubernetes-latest" in
    51  https://github.com/kubernetes-csi/csi-driver-host-path/tree/$hostpath_version/deploy/
    52  
    53  Do not edit manually. Run $script to refresh the content.
    54  EOF
    55  cp -r csi-driver-host-path/deploy/kubernetes-latest/hostpath hostpath/
    56  cat >hostpath/hostpath/e2e-test-rbac.yaml <<EOF
    57  # privileged Pod Security Policy, previously defined just for gcePD via PrivilegedTestPSPClusterRoleBinding()
    58  kind: ClusterRoleBinding
    59  apiVersion: rbac.authorization.k8s.io/v1
    60  metadata:
    61    name: psp-csi-hostpath-role
    62  subjects:
    63    # This list of ServiceAccount intentionally covers everything that might
    64    # be needed. In practice, only some of these accounts are actually
    65    # used.
    66    - kind: ServiceAccount
    67      name: csi-attacher
    68      namespace: default
    69    - kind: ServiceAccount
    70      name: csi-provisioner
    71      namespace: default
    72    - kind: ServiceAccount
    73      name: csi-snapshotter
    74      namespace: default
    75    - kind: ServiceAccount
    76      name: csi-resizer
    77      namespace: default
    78    - kind: ServiceAccount
    79      name: csi-external-health-monitor-controller
    80      namespace: default
    81    - kind: ServiceAccount
    82      name: csi-hostpathplugin-sa
    83      namespace: default
    84  roleRef:
    85    kind: ClusterRole
    86    name: e2e-test-privileged-psp
    87    apiGroup: rbac.authorization.k8s.io
    88  EOF
    89  
    90  download () {
    91      project="$1"
    92      path="$2"
    93      tag="$3"
    94      rbac="$4"
    95  
    96      mkdir -p "$project/$path"
    97      url="https://github.com/kubernetes-csi/$project/raw/$tag/deploy/kubernetes/$path/$rbac"
    98      cat >"$project/$path/$rbac" <<EOF
    99  # Do not edit, downloaded from $url
   100  # for csi-driver-host-path $hostpath_version
   101  # by $script
   102  #
   103  EOF
   104      curl --fail --location "$url" >>"$project/$path/$rbac"
   105  }
   106  
   107  # RBAC files for each sidecar.
   108  # This relies on the convention that "external-something" has "csi-something" as image name.
   109  # external-health-monitor is special, it has two images.
   110  # The repository for each image is ignored.
   111  images=$(grep -r '^ *image:.*csi' hostpath/hostpath | sed -e 's;.*image:.*/;;' | grep -v 'node-driver-registrar' | sort -u)
   112  for image in $images; do
   113      tag=$(echo "$image" | sed -e 's/.*://')
   114      path=
   115      rbac="rbac.yaml"
   116      case $image in
   117          csi-external-*)
   118              # csi-external-health-monitor-agent:v0.2.0
   119              project=$(echo "$image" | sed -e 's/csi-\(.*\)-[^:]*:.*/\1/')
   120              path=$(echo "$image" | sed -e 's/csi-\([^:]*\):.*/\1/')
   121              ;;
   122          *)
   123              project=$(echo "$image" | sed -e 's/:.*//' -e 's/^csi/external/')
   124              case $project in
   125                  external-snapshotter)
   126                      # Another special case...
   127                      path="csi-snapshotter"
   128                      rbac="rbac-csi-snapshotter.yaml"
   129                      ;;
   130              esac
   131              ;;
   132      esac
   133      download "$project" "$path" "$tag" "$rbac"
   134  done
   135  
   136  # Update the mock driver manifests, too.
   137  grep -r image: hostpath/hostpath/csi-hostpath-plugin.yaml | while read -r image; do
   138      version=$(echo "$image" | sed -e 's/.*:\(.*\)/\1/')
   139      image=$(echo "$image" | sed -e 's/.*image: \([^:]*\).*/\1/')
   140      sed -i '' -e "s;$image:.*;$image:$version;" mock/*.yaml
   141  done