Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: remove deprecated --driver-write-secrets flag #709

Merged
merged 3 commits into from
Nov 5, 2021
Merged

chore: remove deprecated --driver-write-secrets flag #709

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
d0259f2
chore: remove deprecated --driver-write-secrets flag
aramase Nov 4, 2021
da8beaa
chore: remove driver write secrets parameters from test pipeline
aramase Nov 4, 2021
698869c
Merge branch 'master' into remove-driver-write-secrets
aramase Nov 5, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 0 additions & 4 deletions .pipelines/nightly.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,6 @@ jobs:
# to get image scan results on nightly runs
- template: templates/unit-test.yaml
- template: templates/e2e-test-kind.yaml
parameters:
driverWriteSecrets:
- "true"
- "false"
- template: templates/load-test.yaml
- template: templates/e2e-test-azure.yaml
parameters:
Expand Down
7 changes: 0 additions & 7 deletions cmd/main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,6 @@ var (
healthzPath = flag.String("healthz-path", "/healthz", "path for health check")
healthzTimeout = flag.Duration("healthz-timeout", 5*time.Second, "RPC timeout for health check")

// driverWriteSecrets feature is enabled by default in v0.1.0 release. All writes to the pod filesystem will now be done by the CSI driver instead of provider.
// this flag will be removed in the future.
driverWriteSecrets = flag.Bool("driver-write-secrets", true, "[DEPRECATED] Return secrets in gRPC response to the driver (supported in driver v0.0.21+) instead of writing to filesystem")

metricsBackend = flag.String("metrics-backend", "Prometheus", "Backend used for metrics")
prometheusPort = flag.Int("prometheus-port", 8898, "Prometheus port for metrics backend")
)
Expand Down Expand Up @@ -86,9 +82,6 @@ func main() {
if *provider.ConstructPEMChain {
klog.Infof("construct pem chain feature enabled")
}
if !*driverWriteSecrets {
klog.Infof("driver write secrets feature can't be disabled. The --driver-write-secret flag will be removed in future releases.")
}
// Add csi-secrets-store user agent to adal requests
if err := adal.AddToUserAgent(version.GetUserAgent()); err != nil {
klog.ErrorS(err, "failed to add user agent to adal")
Expand Down
1 change: 0 additions & 1 deletion manifest_staging/charts/csi-secrets-store-provider-azure/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,4 +133,3 @@ The following table lists the configurable parameters of the csi-secrets-store-p
| `rbac.install` | Install default service account | true |
| `rbac.pspEnabled` | If `true`, create and use a restricted pod security policy for Secrets Store CSI Driver AKV provider pod(s) | false |
| `constructPEMChain` | Explicitly reconstruct the pem chain in the order: SERVER, INTERMEDIATE, ROOT | `true` |
| `driverWriteSecrets` | Return secrets in grpc response to the driver (supported in driver v0.0.21+) instead of writing to filesystem | `true` |
13 changes: 0 additions & 13 deletions ...g/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer-windows.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,9 +48,6 @@ spec:
- --healthz-port={{ .Values.windows.healthzPort }}
- --healthz-path={{ .Values.windows.healthzPath }}
- --healthz-timeout={{ .Values.windows.healthzTimeout }}
{{- if .Values.driverWriteSecrets }}
- --driver-write-secrets={{ .Values.driverWriteSecrets }}
{{- end }}
livenessProbe:
httpGet:
path: {{ .Values.windows.healthzPath }}
Expand All @@ -64,11 +61,6 @@ spec:
volumeMounts:
- name: provider-vol
mountPath: "C:\\provider"
{{- if not .Values.driverWriteSecrets }}
- name: mountpoint-dir
mountPath: {{ .Values.windows.kubeletRootDir }}\pods
mountPropagation: HostToContainer
{{- end }}
{{- if .Values.windows.volumeMounts }}
{{- toYaml .Values.windows.volumeMounts | nindent 12 }}
{{- end}}
Expand All @@ -82,11 +74,6 @@ spec:
hostPath:
path: C:\k\secrets-store-csi-providers
type: DirectoryOrCreate
{{- if not .Values.driverWriteSecrets }}
- name: mountpoint-dir
hostPath:
path: {{ .Values.windows.kubeletRootDir }}\pods\
{{- end }}
{{- if .Values.windows.volumes }}
{{- toYaml .Values.windows.volumes | nindent 8 }}
{{- end}}
Expand Down
13 changes: 0 additions & 13 deletions ...t_staging/charts/csi-secrets-store-provider-azure/templates/provider-azure-installer.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,9 +55,6 @@ spec:
- --healthz-port={{ .Values.linux.healthzPort }}
- --healthz-path={{ .Values.linux.healthzPath }}
- --healthz-timeout={{ .Values.linux.healthzTimeout }}
{{- if .Values.driverWriteSecrets }}
- --driver-write-secrets={{ .Values.driverWriteSecrets }}
{{- end }}
livenessProbe:
httpGet:
path: {{ .Values.linux.healthzPath }}
Expand Down Expand Up @@ -88,11 +85,6 @@ spec:
volumeMounts:
- name: provider-vol
mountPath: /provider
{{- if not .Values.driverWriteSecrets }}
- name: mountpoint-dir
mountPath: {{ .Values.linux.kubeletRootDir }}/pods
mountPropagation: HostToContainer
{{- end }}
{{- if .Values.linux.volumeMounts }}
{{- toYaml .Values.linux.volumeMounts | nindent 12 }}
{{- end}}
Expand All @@ -110,11 +102,6 @@ spec:
- name: provider-vol
hostPath:
path: "/etc/kubernetes/secrets-store-csi-providers"
{{- if not .Values.driverWriteSecrets }}
- name: mountpoint-dir
hostPath:
path: {{ .Values.linux.kubeletRootDir }}/pods
{{- end }}
{{- if .Values.linux.volumes }}
{{- toYaml .Values.linux.volumes | nindent 8 }}
{{- end}}
Expand Down
3 changes: 0 additions & 3 deletions manifest_staging/charts/csi-secrets-store-provider-azure/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,3 @@ rbac:

# explicitly reconstruct the pem chain in the order: SERVER, INTERMEDIATE, ROOT
constructPEMChain: true

# Return secrets in grpc response to the driver (supported in driver v0.0.21+) instead of writing to filesystem
driverWriteSecrets: true
1 change: 0 additions & 1 deletion manifest_staging/deployment/provider-azure-installer-windows.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@ spec:
- --healthz-port=8989
- --healthz-path=/healthz
- --healthz-timeout=5s
- --driver-write-secrets=true
livenessProbe:
httpGet:
path: /healthz
Expand Down
1 change: 0 additions & 1 deletion manifest_staging/deployment/provider-azure-installer.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ spec:
- --healthz-port=8989
- --healthz-path=/healthz
- --healthz-timeout=5s
- --driver-write-secrets=true
livenessProbe:
httpGet:
path: /healthz
Expand Down