release-1.3.0 (#14)

* release-1.3.0

Dockerfile

@@ -13,67 +13,48 @@ WORKDIR /go/src/
 RUN CGO_ENABLED=0 \
     make build
 
+# stage to grab drv_cfg from the PowerFlex SDC package
+FROM $BASEIMAGE as rpmgrabber
+RUN dnf install -y \
+    cpio \
+    wget
+# get SDC RPM file
+RUN wget --no-check-certificate RPM_FILE_LINK
+RUN rpm2cpio ./RPM_FILE_NAME i| cpio -idmv
+RUN find /usr -name drv_cfg -exec cp -u {} /tmp \;
+
 # Stage to build the driver image
 FROM $BASEIMAGE AS driver
 # install necessary packages
 # alphabetical order for easier maintenance
 RUN yum update -y && \
     yum install -y \
         e4fsprogs \
-        kmod \ 
+        kmod \
         libaio \
         libuuid \
         numactl \
         xfsprogs && \
     yum clean all && \
-    rpm -e  --nodeps sqlite-libs 
+    rpm -e  --nodeps sqlite-libs
 ENTRYPOINT ["/csi-vxflexos.sh"]
+# copy in the drv_cfg
+RUN mkdir -p /bin/emc/scaleio
+COPY --from=rpmgrabber /tmp/drv_cfg /bin/emc/scaleio/drv_cfg
 # copy in the driver
 COPY --from=builder /go/src/csi-vxflexos /
 COPY "csi-vxflexos.sh" /
 RUN chmod +x /csi-vxflexos.sh
 
-
-# stage to run gosec
-FROM builder as gosec
-RUN go get github.com/securego/gosec/cmd/gosec
-RUN cd /go/src && \
-    gosec ./...
 
-# Stage to check for critical and high CVE issues via Trivy (https://github.com/aquasecurity/trivy)
-# will break image build if CRITICAL issues found
-# will print out all HIGH issues found
-FROM driver as cvescan
-# run trivy and clean up all traces after
-RUN curl https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh && \
-    trivy fs -s CRITICAL --exit-code 1 / && \
-    trivy fs -s HIGH / && \
-    trivy image --reset && \
-    rm ./bin/trivy
-
-# Stage to run antivirus scans via clamav (https://www.clamav.net/))
-# will break image build if anything found
-FROM driver as virusscan
-# run trivy and clean up all traces after
-RUN curl -o sqlite.rpm  http://mirror.centos.org/centos/8/BaseOS/x86_64/os/Packages/sqlite-libs-3.26.0-6.el8.x86_64.rpm && \
-    rpm -iv  sqlite.rpm && \
-    cd /etc/pki/ca-trust/source/anchors && curl -o dell.crt http://pki.dell.com/linux/dellca2018-bundle.crt && \
-    curl -o emc.crt http://aia.dell.com/int/root/emcroot.crt && update-ca-trust && cd / && \ 
-    yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \
-    yum install -y clamav clamav-update && \
-    freshclam && \
-    clamscan -r -i --exclude-dir=/sys / && \
-    yum erase -y clamav clamav-update epel-release
-
 # final stage
 # simple stage to use the driver image as the resultant image 
-FROM driver as final 
+FROM driver as final
+
 LABEL vendor="Dell Inc." \
       name="csi-powerflex" \
       summary="CSI Driver for Dell EMC PowerFlex" \
       description="CSI Driver for provisioning persistent storage from Dell EMC PowerFlex" \
-      version="1.2.0" \
+      version="1.3.0" \
       license="Apache-2.0"
 COPY ./licenses /licenses
-
-

README.md

@@ -13,16 +13,15 @@ This project may be compiled as a stand-alone binary using Golang that, when
 run, provides a valid CSI endpoint. This project can also be built
 as a Golang plug-in in order to extend the functionality of other programs.
 
+For Documentation, please go to [Dell CSI Driver Documentation](https://dell.github.io/storage-plugin-docs/).
+
 ## Support
 The CSI Driver for Dell EMC PowerFlex image, which is the built driver code, is available on Dockerhub and is officially supported by Dell EMC.  
 
 The source code for CSI Driver for Dell EMC PowerFlex available on Github is unsupported and provided solely under the terms of the license attached to the source code. For clarity, Dell EMC does not provide support for any source code modifications.  
 
 For any CSI driver issues, questions or feedback, join the [Dell EMC Container community](https://www.dell.com/community/Containers/bd-p/Containers).
 
-## Patches  
-Patch notes for the CSI Driver for Dell EMC PowerFlex are described in [patch-notes.md](patch-notes.md) 
-
 ## Building
 
 This project is a Go module (see golang.org Module information for explanation).
@@ -32,7 +31,7 @@ To build the source, execute `make clean build`.
 
 To run unit tests, execute `make unit-test`.
 
-To build a docker image, execute `make docker`.
+To build a docker image, edit Dockerfile. Replace RPM_FILE_LINK with SDC rpm file download link and replace RPM_FILE_NAME with downloaded file name. Then execute `make docker`.
 
 You can run an integration test on a Linux system by populating the file `env.sh`
 with values for your PowerFlex system and then run "make integration-test".

ReleaseNotes.md

@@ -0,0 +1,18 @@
+# Release Notes - CSI PowerFlex v1.3.0
+
+## New Features/Changes
+- Added support for OpenShift 4.5/4.6 with RHEL and CoreOS worker nodes
+- Added automatic SDC deployment on OpenShift CoreOS nodes
+- Added support for Red Hat Enterprise Linux (RHEL) 7.9
+- Added support for Ubuntu 20.04
+- Added support for volume cloning
+- Added support for Controller high availability (multiple-controllers)
+
+## Fixed Issues
+There are no fixed issues in this release.
+
+## Known Issues
+
+| Issue | Workaround |
+|-------|------------|
+| Slow volume attached/detach | If your Kubernetes 1.17 or 1.18 cluster has a lot of VolumeAttachment objects, the attach/detach operations will be very slow. This is a known issue and affects all CSI plugins. It is tracked here: CSI VolumeAttachment slows pod startup time. To get around this problem you can upgrade to latest Kubernetes/OpenShift patches, which contains a partial fix: 1.17.8+, 1.18.5+|

csi-vxflexos.sh

@@ -11,4 +11,4 @@ else
     fi
     [ -e $socket_file ] && rm $socket_file
 fi
-exec "/csi-vxflexos"
+exec "/csi-vxflexos"  "$@"

dell-csi-helm-installer/.gitignore

@@ -0,0 +1,2 @@
+images.manifest
+images.tar

dell-csi-helm-installer/README.md

@@ -20,6 +20,7 @@ Installing any of the Dell EMC CSI Drivers requires a few utilities to be instal
 | ------------- | ----- |
 | `kubectl`     | Kubectl is used to validate that the Kubernetes system meets the requirements of the driver. |
 | `helm`        | Helm v3 is used as the deployment tool for Charts. See, [Install HELM 3](https://helm.sh/docs/intro/install/) for instructions to install HELM 3. |
+| `sshpass`     | sshpass is used to check certain pre-requisities in worker nodes (in chosen drivers). |
 
 
 In order to use these tools, a valid `KUBECONFIG` is required. Ensure that either a valid configuration is in the default location or that the `KUBECONFIG` environment variable points to a valid confiugration before using these tools.

dell-csi-helm-installer/common.sh

@@ -16,27 +16,44 @@ YELLOW='\033[1;33m'
 DARK_GRAY='\033[1;30m'
 NC='\033[0m' # No Color
 
+function decho() {
+  if [ -n "${DEBUGLOG}" ]; then
+    echo "$@" | tee -a "${DEBUGLOG}"
+  fi
+}
+
+function debuglog_only() {
+  if [ -n "${DEBUGLOG}" ]; then
+    echo "$@" >> "${DEBUGLOG}"
+  fi
+}
+
 function log() {
   case $1 in
   separator)
-    echo "------------------------------------------------------"
+    decho "------------------------------------------------------"
     ;;
   error)
-    echo
+    decho
     log separator
     printf "${RED}Error: $2\n"
     printf "${RED}Installation cannot continue${NC}\n"
+    debuglog_only "Error: $2"
+    debuglog_only "Installation cannot continue"
     exit 1
     ;;
   step)
     printf "|\n|- %-65s" "$2"
+    debuglog_only "${2}"
     ;;
   small_step)
     printf "%-61s" "$2"
+    debuglog_only "${2}"
     ;;
   section)
     log separator
     printf "> %s\n" "$2"
+    debuglog_only "${2}"
     log separator
     ;;
   smart_step)
@@ -91,7 +108,7 @@ function get_drivers() {
   D="${1}"
   TTT=$(pwd)
   while read -r line; do
-    DDD=$(echo $line | awk -F '/' '{print $(NF-1)}')
+    DDD=$(decho $line | awk -F '/' '{print $(NF-1)}')
     VALIDDRIVERS+=("$DDD")
   done < <(find "${D}" -maxdepth 2 -type f -name Chart.yaml | sort)
 }
@@ -104,11 +121,80 @@ function get_drivers() {
 function get_release_name() {
   local D="${1}"
   if [ ! -z "${RELEASE}" ]; then
-    echo "${RELEASE}"
+    decho "${RELEASE}"
     return
   fi
 
   local PREFIX="csi-"
   R=${D#"$PREFIX"}
-  echo "${R}"
+  decho "${R}"
 }
+
+function run_command() {
+  local RC=0
+  if [ -n "${DEBUGLOG}" ]; then
+    local ME=$(basename "${0}")
+    echo "---------------" >> "${DEBUGLOG}"
+    echo "${ME}:${BASH_LINENO[0]} - Running command: $@" >> "${DEBUGLOG}"
+    debuglog_only "Results:"
+    eval "$@" | tee -a "${DEBUGLOG}"
+    RC=${PIPESTATUS[0]}
+    echo "---------------" >> "${DEBUGLOG}"
+  else
+    eval "$@"
+    RC=$?
+  fi
+  return $RC
+}
+
+# dump out information about a helm chart to the debug file
+# takes a few arguments
+# $1 the namespace
+# $2 the release
+function debuglog_helm_status() {
+  local NS="${1}"
+  local RLS="${2}"
+
+  debuglog_only "Getting information about Helm release: ${RLS}"
+  debuglog_only "****************"
+  debuglog_only "Helm Status:"
+  helm status "${RLS}" -n "${NS}" >> "${DEBUGLOG}"
+  debuglog_only "****************"
+  debuglog_only "Manifest"
+  helm get manifest "${RLS}" -n "${NS}" >> "${DEBUGLOG}"
+  debuglog_only "****************"
+  debuglog_only "Status of resources"
+  helm get manifest "${RLS}" -n "${NS}" | kubectl get -f - >> "${DEBUGLOG}"
+
+}
+
+# determines if the current KUBECONFIG is pointing to an OpenShift cluster
+# echos "true" or "false" 
+function isOpenShift() {
+  # check if the securitycontextconstraints.security.openshift.io crd exists
+  run_command kubectl get crd | grep securitycontextconstraints.security.openshift.io --quiet >/dev/null 2>&1
+  local O=$?
+  if [[ ${O} == 0 ]]; then
+    # this is openshift
+    echo "true"
+  else
+    echo "false"
+  fi
+}
+
+# determines the version of OpenShift 
+# echos version, or empty string if not OpenShift
+function OpenShiftVersion() {
+  # check if this is OpenShift
+  local O=$(isOpenShift)
+  if [ "${O}" == "false" ]; then
+    # this is not openshift
+    echo ""
+  else
+    local V=$(run_command kubectl get clusterversions -o jsonpath="{.items[*].status.desired.version}")
+    local MAJOR=$(echo "${V}" | awk -F '.' '{print $1}')
+    local MINOR=$(echo "${V}" | awk -F '.' '{print $2}')
+    echo "${MAJOR}.${MINOR}"
+  fi
+}
+