chore(volumes): do not allow RWO vols on daemonsets (#739)

This commit is contained in:
Stavros Kois
2024-03-10 01:17:40 +02:00
committed by GitHub
parent 46d02b354c
commit fc655247a5
3 changed files with 56 additions and 1 deletions

View File

@@ -53,3 +53,44 @@ tests:
name: pvc-vol
persistentVolumeClaim:
claimName: some-existing-claim
# Failures
- it: should fail when DaemonSet and RWO volume from fallback
set:
fallbackDefaults:
accessModes:
- ReadWriteOnce
workload:
workload-name1:
enabled: true
primary: true
type: DaemonSet
podSpec: {}
persistence:
pvc-vol:
enabled: true
type: pvc
asserts:
- failedTemplate:
errorMessage: Expected [accessMode] to not be [ReadWriteOnce] when used on a [DaemonSet]
- it: should fail when DaemonSet and RWO volume from persistence
set:
fallbackDefaults:
accessModes:
- ReadWriteMany
workload:
workload-name1:
enabled: true
primary: true
type: DaemonSet
podSpec: {}
persistence:
pvc-vol:
enabled: true
accessModes:
- ReadWriteOnce
type: pvc
asserts:
- failedTemplate:
errorMessage: Expected [accessMode] to not be [ReadWriteOnce] when used on a [DaemonSet]

View File

@@ -15,7 +15,7 @@ maintainers:
name: common
sources: null
type: library
version: 19.0.2
version: 19.0.3
annotations:
artifacthub.io/category: "integration-delivery"
artifacthub.io/license: "BUSL-1.1"

View File

@@ -51,6 +51,20 @@ objectData: The object data to be used to render the Pod.
{{/* Define the volume based on type */}}
{{- $type := ($persistence.type | default $rootCtx.Values.fallbackDefaults.persistenceType) -}}
{{- if eq $objectData.type "DaemonSet" -}}
{{/* Only check accessModes if persistence is one of those types */}}
{{- $typesWithAccessMode := (list "pvc") -}}
{{- if (mustHas $type $typesWithAccessMode) -}}
{{- $modes := include "tc.v1.common.lib.pvc.accessModes" (dict "rootCtx" $rootCtx "objectData" $persistence "caller" "Volumes") | fromYamlArray -}}
{{- range $m := $modes -}}
{{- if eq $m "ReadWriteOnce" -}}
{{- fail "Expected [accessMode] to not be [ReadWriteOnce] when used on a [DaemonSet]" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- if eq "pvc" $type -}}
{{- include "tc.v1.common.lib.pod.volume.pvc" (dict "rootCtx" $rootCtx "objectData" $persistence) | trim | nindent 0 -}}
{{- else if eq "hostPath" $type -}}