kubernetes/test/e2e/testing-manifests/storage-csi/update-hostpath.sh

#!/bin/sh

# Copyright 2021 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This script will update all sidecar RBAC files and the CSI hostpath
# deployment files such that they match what is in a hostpath driver
# release.
#
# Beware that this will wipe out all local modifications!

# Can be a tag or a branch.
script="$0"
hostpath_version="$1"

if ! [ "$hostpath_version" ]; then
    cat >&2 <<EOF
Usage: $0 <hostpath tag or branch name>

Required parameter is missing.
EOF
    exit 1
fi

set -xe
cd "$(dirname "$0")"

# Remove stale files.
rm -rf external-attacher external-provisioner external-resizer external-snapshotter external-health-monitor hostpath csi-driver-host-path

# Check out desired release.
git clone https://github.com/kubernetes-csi/csi-driver-host-path.git
(cd csi-driver-host-path && git checkout "$hostpath_version")
trap "rm -rf csi-driver-host-path" EXIT

# Main YAML files.
mkdir hostpath
cat >hostpath/README.md <<EOF
The files in this directory are exact copies of "kubernetes-latest" in
https://github.com/kubernetes-csi/csi-driver-host-path/tree/$hostpath_version/deploy/

Do not edit manually. Run $script to refresh the content.
EOF
cp -r csi-driver-host-path/deploy/kubernetes-latest/hostpath hostpath/
cat >hostpath/hostpath/e2e-test-rbac.yaml <<EOF
# privileged Pod Security Policy, previously defined just for gcePD via PrivilegedTestPSPClusterRoleBinding()
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: psp-csi-hostpath-role
subjects:
  # This list of ServiceAccount intentionally covers everything that might
  # be needed. In practice, only some of these accounts are actually
  # used.
  - kind: ServiceAccount
    name: csi-attacher
    namespace: default
  - kind: ServiceAccount
    name: csi-provisioner
    namespace: default
  - kind: ServiceAccount
    name: csi-snapshotter
    namespace: default
  - kind: ServiceAccount
    name: csi-resizer
    namespace: default
  - kind: ServiceAccount
    name: csi-external-health-monitor-controller
    namespace: default
  - kind: ServiceAccount
    name: csi-hostpathplugin-sa
    namespace: default
roleRef:
  kind: ClusterRole
  name: e2e-test-privileged-psp
  apiGroup: rbac.authorization.k8s.io
EOF

download () {
    project="$1"
    path="$2"
    tag="$3"
    rbac="$4"

    mkdir -p "$project/$path"
    url="https://github.com/kubernetes-csi/$project/raw/$tag/deploy/kubernetes/$path/$rbac"
    cat >"$project/$path/$rbac" <<EOF
# Do not edit, downloaded from $url
# for csi-driver-host-path $hostpath_version
# by $script
#
EOF
    curl --fail --location "$url" >>"$project/$path/$rbac"
}

# RBAC files for each sidecar.
# This relies on the convention that "external-something" has "csi-something" as image name.
# external-health-monitor is special, it has two images.
# The repository for each image is ignored.
images=$(grep -r '^ *image:.*csi' hostpath/hostpath | sed -e 's;.*image:.*/;;' | grep -v 'node-driver-registrar' | sort -u)
for image in $images; do
    tag=$(echo "$image" | sed -e 's/.*://')
    path=
    rbac="rbac.yaml"
    case $image in
        csi-external-*)
            # csi-external-health-monitor-agent:v0.2.0
            project=$(echo "$image" | sed -e 's/csi-\(.*\)-[^:]*:.*/\1/')
            path=$(echo "$image" | sed -e 's/csi-\([^:]*\):.*/\1/')
            ;;
        *)
            project=$(echo "$image" | sed -e 's/:.*//' -e 's/^csi/external/')
            case $project in
                external-snapshotter)
                    # Another special case...
                    path="csi-snapshotter"
                    rbac="rbac-csi-snapshotter.yaml"
                    ;;
            esac
            ;;
    esac
    download "$project" "$path" "$tag" "$rbac"
done

# Update the mock driver manifests, too.
grep -r image: hostpath/hostpath/csi-hostpath-plugin.yaml | while read -r image; do
    version=$(echo "$image" | sed -e 's/.*:\(.*\)/\1/')
    image=$(echo "$image" | sed -e 's/.*image: \([^:]*\).*/\1/')
    sed -i '' -e "s;$image:.*;$image:$version;" mock/*.yaml
done