diff --git a/library/common-test/ci/autopermissions-values.yaml b/library/common-test/ci/autopermissions-values.yaml index f154dd8d..bc35ca93 100644 --- a/library/common-test/ci/autopermissions-values.yaml +++ b/library/common-test/ci/autopermissions-values.yaml @@ -44,7 +44,10 @@ persistence: autopermissions: enabled: true type: hostPath - setPermissions: true + autoPermissions: + enabled: true + chown: true + chmod: 775 hostPath: /usr mountPath: /hptest hostPathType: "" diff --git a/library/common-test/tests/addons/autoperms_test.yaml b/library/common-test/tests/addons/autoperms_test.yaml index f0cf93d0..b965b752 100644 --- a/library/common-test/tests/addons/autoperms_test.yaml +++ b/library/common-test/tests/addons/autoperms_test.yaml @@ -15,6 +15,7 @@ tests: enabled: true type: hostPath autoPermissions: + enabled: true chown: true chmod: 770 recursive: true @@ -24,6 +25,7 @@ tests: enabled: true type: hostPath autoPermissions: + enabled: true chown: true chmod: 770 recursive: false @@ -33,6 +35,7 @@ tests: enabled: true type: hostPath autoPermissions: + enabled: true chmod: 770 mountPath: /test3 hostPath: /testhost3 @@ -40,6 +43,7 @@ tests: enabled: true type: hostPath autoPermissions: + enabled: true chown: true mountPath: /test4 hostPath: /testhost4 @@ -56,6 +60,7 @@ tests: mountPath: /test6 hostPath: /testhost6 autoPermissions: + enabled: true chown: true chmod: 770 recursive: true @@ -65,6 +70,7 @@ tests: enabled: true type: emptyDir autoPermissions: + enabled: true chown: true chmod: 770 recursive: true @@ -75,8 +81,18 @@ tests: server: 1.1.1.1 path: /share autoPermissions: + enabled: true chown: true mountPath: /test9 + # Should not show up, without enabled true + test10: + type: hostPath + hostPath: /testhost10 + autoPermissions: + enabled: true + chown: true + mountPath: /test10 + asserts: - documentIndex: &jobDoc 0 isKind: @@ -317,6 +333,7 @@ tests: enabled: true type: hostPath autoPermissions: + enabled: true chown: true chmod: 770 recursive: true @@ -326,6 +343,7 @@ tests: enabled: true type: hostPath autoPermissions: + enabled: true chown: true chmod: 770 recursive: false @@ -335,6 +353,7 @@ tests: enabled: true type: hostPath autoPermissions: + enabled: true chmod: 770 mountPath: /test3 hostPath: /testhost3 @@ -342,6 +361,7 @@ tests: enabled: true type: hostPath autoPermissions: + enabled: true chown: true mountPath: /test4 hostPath: /testhost4 @@ -358,6 +378,7 @@ tests: mountPath: /test6 hostPath: /testhost6 autoPermissions: + enabled: true chown: true chmod: 770 recursive: true @@ -367,6 +388,7 @@ tests: enabled: true type: emptyDir autoPermissions: + enabled: true chown: true chmod: 770 recursive: true @@ -376,6 +398,7 @@ tests: type: ixVolume datasetName: test autoPermissions: + enabled: true chown: true chmod: 770 recursive: true @@ -386,8 +409,16 @@ tests: server: 1.1.1.1 path: /share autoPermissions: + enabled: true chown: true mountPath: /test9 + # Should not show up, without enabled true + test10: + type: ixVolume + datasetName: test + autoPermissions: + chown: true + mountPath: /test10 asserts: - documentIndex: *jobDoc isKind: @@ -662,6 +693,7 @@ tests: enabled: true type: hostPath autoPermissions: + enabled: true chown: true chmod: 770 recursive: true @@ -710,6 +742,7 @@ tests: type: device hostPath: /test autoPermissions: + enabled: true chown: true asserts: - failedTemplate: @@ -730,6 +763,7 @@ tests: hostPath: /test readOnly: true autoPermissions: + enabled: true chmod: 770 asserts: - failedTemplate: diff --git a/library/common/Chart.yaml b/library/common/Chart.yaml index f4c809af..6b65ceea 100644 --- a/library/common/Chart.yaml +++ b/library/common/Chart.yaml @@ -15,4 +15,4 @@ maintainers: name: common sources: null type: library -version: 12.14.6 +version: 12.14.7 diff --git a/library/common/templates/addons/vpn/_volume.tpl b/library/common/templates/addons/vpn/_volume.tpl index 956608f2..b6a8f1ac 100644 --- a/library/common/templates/addons/vpn/_volume.tpl +++ b/library/common/templates/addons/vpn/_volume.tpl @@ -52,6 +52,7 @@ type: hostPath hostPath: {{ .Values.addons.vpn.configFile | default "/vpn" }} hostPathType: "File" autoPermissions: + enabled: true chown: true user: 568 group: 568 @@ -73,6 +74,7 @@ enabled: true type: hostPath hostPath: {{ .Values.addons.vpn.configFolder | quote }} autoPermissions: + enabled: true chown: true user: 568 group: 568 diff --git a/library/common/templates/lib/container/_volumeMounts.tpl b/library/common/templates/lib/container/_volumeMounts.tpl index b19aa46d..027cdc4f 100644 --- a/library/common/templates/lib/container/_volumeMounts.tpl +++ b/library/common/templates/lib/container/_volumeMounts.tpl @@ -90,7 +90,7 @@ objectData: The object data to be used to render the container. {{- $return = true -}} {{/* Set custom path on autopermissions container */}} {{- if and (eq $objectData.shortName "autopermissions") $persistenceValues.autoPermissions -}} - {{- if or $persistenceValues.autoPermissions.chown $persistenceValues.autoPermissions.chmod -}} + {{- if $persistenceValues.autoPermissions.enabled -}} {{- $return = true -}} {{- $_ := set $volMount "mountPath" (printf "/mounts/%v" $persistenceName) -}} {{- end -}} @@ -99,7 +99,7 @@ objectData: The object data to be used to render the container. {{/* If the container is the autopermission */}} {{- else if (eq $objectData.shortName "autopermissions") -}} {{- if $persistenceValues.autoPermissions -}} - {{- if or $persistenceValues.autoPermissions.chown $persistenceValues.autoPermissions.chmod -}} + {{- if $persistenceValues.autoPermissions.enabled -}} {{- $return = true -}} {{- $_ := set $volMount "mountPath" (printf "/mounts/%v" $persistenceName) -}} {{- end -}} diff --git a/library/common/templates/lib/pod/_volumes.tpl b/library/common/templates/lib/pod/_volumes.tpl index bcd4cfc6..d054c2d0 100644 --- a/library/common/templates/lib/pod/_volumes.tpl +++ b/library/common/templates/lib/pod/_volumes.tpl @@ -22,7 +22,7 @@ objectData: The object data to be used to render the Pod. {{/* If the pod is the autopermission */}} {{- else if eq $objectData.shortName "autopermissions" -}} {{- if $persistence.autoPermissions -}} - {{- if or $persistence.autoPermissions.chown $persistence.autoPermissions.chmod -}} + {{- if $persistence.autoPermissions.enabled -}} {{- $selected = true -}} {{- end -}} {{- end -}} diff --git a/library/common/templates/lib/util/_autoperms.tpl b/library/common/templates/lib/util/_autoperms.tpl index 69261db8..3c46fe85 100644 --- a/library/common/templates/lib/util/_autoperms.tpl +++ b/library/common/templates/lib/util/_autoperms.tpl @@ -12,22 +12,24 @@ {{- range $name, $mount := .Values.persistence -}} {{- if and $mount.enabled $mount.autoPermissions -}} {{/* If autoPermissions is enabled...*/}} - {{- if or $mount.autoPermissions.chown $mount.autoPermissions.chmod -}} - {{- $type := $.Values.fallbackDefaults.persistenceType -}} - {{- if $mount.type -}} - {{- $type = $mount.type -}} - {{- end -}} + {{- if $mount.autoPermissions.enabled -}} + {{- if or $mount.autoPermissions.chown $mount.autoPermissions.chmod -}} + {{- $type := $.Values.fallbackDefaults.persistenceType -}} + {{- if $mount.type -}} + {{- $type = $mount.type -}} + {{- end -}} - {{- if not (mustHas $type $permAllowedTypes) -}} - {{- fail (printf "Auto Permissions - Allowed persistent types for auto permissions are [%v], but got [%v] on [%v]" (join ", " $permAllowedTypes) $type $name) -}} - {{- end -}} + {{- if not (mustHas $type $permAllowedTypes) -}} + {{- fail (printf "Auto Permissions - Allowed persistent types for auto permissions are [%v], but got [%v] on [%v]" (join ", " $permAllowedTypes) $type $name) -}} + {{- end -}} - {{- if $mount.readOnly -}} - {{- fail (printf "Auto Permissions - You cannot change permissions/ownership automatically on [%v] with readOnly enabled" $name) -}} - {{- end -}} + {{- if $mount.readOnly -}} + {{- fail (printf "Auto Permissions - You cannot change permissions/ownership automatically on [%v] with readOnly enabled" $name) -}} + {{- end -}} - {{/* Add some data regarding what actions to perform */}} - {{- $_ := set $mounts $name $mount.autoPermissions -}} + {{/* Add some data regarding what actions to perform */}} + {{- $_ := set $mounts $name $mount.autoPermissions -}} + {{- end -}} {{- end -}} {{- end -}} {{- end -}}