From 09f1d9be78c63afbac95919a95740100f9f28eff Mon Sep 17 00:00:00 2001
From: andyzhangx <xiazhang@microsoft.com>
Date: Mon, 20 Jan 2025 09:24:21 +0000
Subject: [PATCH] feat: support privateDNSZoneName parameter in storage class

fix
---
 pkg/azurefile/azurefile.go             |  1 +
 pkg/azurefile/controllerserver.go      | 10 +++++++++-
 pkg/azurefile/controllerserver_test.go | 21 +++++++++++++++++++++
 test/e2e/dynamic_provisioning_test.go  |  1 +
 4 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/pkg/azurefile/azurefile.go b/pkg/azurefile/azurefile.go
index e79f617ad4..571d2bed3d 100644
--- a/pkg/azurefile/azurefile.go
+++ b/pkg/azurefile/azurefile.go
@@ -145,6 +145,7 @@ const (
 	vhdSuffix                         = ".vhd"
 	metaDataNode                      = "node"
 	networkEndpointTypeField          = "networkendpointtype"
+	privateDNSZoneNameField           = "privatednszonename"
 	vnetResourceGroupField            = "vnetresourcegroup"
 	vnetNameField                     = "vnetname"
 	subnetNameField                   = "subnetname"
diff --git a/pkg/azurefile/controllerserver.go b/pkg/azurefile/controllerserver.go
index fd83c18d4f..7194e40488 100644
--- a/pkg/azurefile/controllerserver.go
+++ b/pkg/azurefile/controllerserver.go
@@ -116,7 +116,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 		parameters = make(map[string]string)
 	}
 	var sku, subsID, resourceGroup, location, account, fileShareName, diskName, fsType, secretName string
-	var secretNamespace, pvcNamespace, protocol, customTags, storageEndpointSuffix, networkEndpointType, shareAccessTier, accountAccessTier, rootSquashType, tagValueDelimiter string
+	var secretNamespace, pvcNamespace, protocol, customTags, storageEndpointSuffix, networkEndpointType, privateDNSZoneName, shareAccessTier, accountAccessTier, rootSquashType, tagValueDelimiter string
 	var createAccount, useDataPlaneAPI, useSeretCache, matchTags, selectRandomMatchingAccount, getLatestAccountKey bool
 	var vnetResourceGroup, vnetName, subnetName, shareNamePrefix, fsGroupChangePolicy string
 	var requireInfraEncryption, disableDeleteRetentionPolicy, enableLFS, isMultichannelEnabled, allowSharedKeyAccess *bool
@@ -195,6 +195,8 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 			storageEndpointSuffix = v
 		case networkEndpointTypeField:
 			networkEndpointType = v
+		case privateDNSZoneNameField:
+			privateDNSZoneName = v
 		case accessTierField:
 			shareAccessTier = v
 		case shareAccessTierField:
@@ -336,6 +338,11 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 		}
 		createPrivateEndpoint = ptr.To(true)
 	}
+
+	if !ptr.Deref(createPrivateEndpoint, false) && privateDNSZoneName != "" {
+		return nil, status.Errorf(codes.InvalidArgument, "privateDNSZoneName(%s) is only supported with private endpoint", privateDNSZoneName)
+	}
+
 	var vnetResourceIDs []string
 	if fsType == nfs || protocol == nfs {
 		if sku == "" {
@@ -474,6 +481,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 		VirtualNetworkResourceIDs:               vnetResourceIDs,
 		CreateAccount:                           createAccount,
 		CreatePrivateEndpoint:                   createPrivateEndpoint,
+		PrivateDNSZoneName:                      privateDNSZoneName,
 		EnableLargeFileShare:                    enableLFS,
 		DisableFileServiceDeleteRetentionPolicy: disableDeleteRetentionPolicy,
 		AllowBlobPublicAccess:                   allowBlobPublicAccess,
diff --git a/pkg/azurefile/controllerserver_test.go b/pkg/azurefile/controllerserver_test.go
index e42a74c672..961cae7891 100644
--- a/pkg/azurefile/controllerserver_test.go
+++ b/pkg/azurefile/controllerserver_test.go
@@ -529,6 +529,27 @@ var _ = ginkgo.Describe("TestCreateVolume", func() {
 			gomega.Expect(err).To(gomega.Equal(expectedErr))
 		})
 	})
+
+	ginkgo.When("privateDNSZoneName is only supported with private endpoint", func() {
+		ginkgo.It("should fail", func(ctx context.Context) {
+			allParam := map[string]string{
+				privateDNSZoneNameField: "privatednszonename",
+			}
+			req := &csi.CreateVolumeRequest{
+				Name:               "privateDNSZoneName-only-supported-with-private-endpoint",
+				CapacityRange:      stdCapRange,
+				VolumeCapabilities: stdVolCap,
+				Parameters:         allParam,
+			}
+			d.cloud = &storage.AccountRepo{
+				Config: config.Config{},
+			}
+			expectedErr := status.Errorf(codes.InvalidArgument, "privateDNSZoneName(privatednszonename) is only supported with private endpoint")
+			_, err := d.CreateVolume(ctx, req)
+			gomega.Expect(err).To(gomega.Equal(expectedErr))
+		})
+	})
+
 	ginkgo.When("Failed to update subnet service endpoints", func() {
 		ginkgo.It("should fail", func(ctx context.Context) {
 			allParam := map[string]string{
diff --git a/test/e2e/dynamic_provisioning_test.go b/test/e2e/dynamic_provisioning_test.go
index 235b9b2823..c2acbc9a6e 100644
--- a/test/e2e/dynamic_provisioning_test.go
+++ b/test/e2e/dynamic_provisioning_test.go
@@ -1479,6 +1479,7 @@ var _ = ginkgo.Describe("Dynamic Provisioning", func() {
 		scParameters := map[string]string{
 			"protocol":            "nfs",
 			"networkEndpointType": "privateEndpoint",
+			"privateDNSZoneName":  "privatednszone",
 			"skuName":             "Premium_LRS",
 			"rootSquashType":      "AllSquash",
 			"mountPermissions":    "0",