feat: support privateDNSZoneName parameter in storage class

kubernetes-sigs · Jan 20, 2025 · 1a1efbf · 1a1efbf
1 parent ef8322c
commit 1a1efbf
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 1 deletion.
diff --git a/pkg/azurefile/azurefile.go b/pkg/azurefile/azurefile.go
@@ -145,6 +145,7 @@ const (
 	vhdSuffix                         = ".vhd"
 	metaDataNode                      = "node"
 	networkEndpointTypeField          = "networkendpointtype"
+	privateDNSZoneNameField           = "privatednszonename"
 	vnetResourceGroupField            = "vnetresourcegroup"
 	vnetNameField                     = "vnetname"
 	subnetNameField                   = "subnetname"

diff --git a/pkg/azurefile/controllerserver.go b/pkg/azurefile/controllerserver.go
@@ -116,7 +116,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 		parameters = make(map[string]string)
 	}
 	var sku, subsID, resourceGroup, location, account, fileShareName, diskName, fsType, secretName string
-	var secretNamespace, pvcNamespace, protocol, customTags, storageEndpointSuffix, networkEndpointType, shareAccessTier, accountAccessTier, rootSquashType, tagValueDelimiter string
+	var secretNamespace, pvcNamespace, protocol, customTags, storageEndpointSuffix, networkEndpointType, privateDNSZoneName, shareAccessTier, accountAccessTier, rootSquashType, tagValueDelimiter string
 	var createAccount, useDataPlaneAPI, useSeretCache, matchTags, selectRandomMatchingAccount, getLatestAccountKey bool
 	var vnetResourceGroup, vnetName, subnetName, shareNamePrefix, fsGroupChangePolicy string
 	var requireInfraEncryption, disableDeleteRetentionPolicy, enableLFS, isMultichannelEnabled, allowSharedKeyAccess *bool
@@ -195,6 +195,8 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 			storageEndpointSuffix = v
 		case networkEndpointTypeField:
 			networkEndpointType = v
+		case privateDNSZoneNameField:
+			privateDNSZoneName = v
 		case accessTierField:
 			shareAccessTier = v
 		case shareAccessTierField:
@@ -336,6 +338,11 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 		}
 		createPrivateEndpoint = ptr.To(true)
 	}
+
+	if !ptr.Deref(createPrivateEndpoint, false) && privateDNSZoneName != "" {
+		return nil, status.Errorf(codes.InvalidArgument, "privateDNSZoneName(%s) is only supported with private endpoint", privateDNSZoneName)
+	}
+
 	var vnetResourceIDs []string
 	if fsType == nfs || protocol == nfs {
 		if sku == "" {
@@ -474,6 +481,7 @@ func (d *Driver) CreateVolume(ctx context.Context, req *csi.CreateVolumeRequest)
 		VirtualNetworkResourceIDs:               vnetResourceIDs,
 		CreateAccount:                           createAccount,
 		CreatePrivateEndpoint:                   createPrivateEndpoint,
+		PrivateDNSZoneName:                      privateDNSZoneName,
 		EnableLargeFileShare:                    enableLFS,
 		DisableFileServiceDeleteRetentionPolicy: disableDeleteRetentionPolicy,
 		AllowBlobPublicAccess:                   allowBlobPublicAccess,

diff --git a/pkg/azurefile/controllerserver_test.go b/pkg/azurefile/controllerserver_test.go
@@ -529,6 +529,27 @@ var _ = ginkgo.Describe("TestCreateVolume", func() {
 			gomega.Expect(err).To(gomega.Equal(expectedErr))
 		})
 	})
+
+	ginkgo.When("privateDNSZoneName is only supported with private endpoint", func() {
+		ginkgo.It("should fail", func(ctx context.Context) {
+			allParam := map[string]string{
+				privateDNSZoneNameField:  "privatednszonename",
+			}
+			req := &csi.CreateVolumeRequest{
+				Name:               "privateDNSZoneName-only-supported-with-private-endpoint",
+				CapacityRange:      stdCapRange,
+				VolumeCapabilities: stdVolCap,
+				Parameters:         allParam,
+			}
+			d.cloud = &storage.AccountRepo{
+				Config: config.Config{},
+			}
+			expectedErr := status.Errorf(codes.InvalidArgument, "privateDNSZoneName(privatednszonename) is only supported with private endpoint")
+			_, err := d.CreateVolume(ctx, req)
+			gomega.Expect(err).To(gomega.Equal(expectedErr))
+		})
+	})
+
 	ginkgo.When("Failed to update subnet service endpoints", func() {
 		ginkgo.It("should fail", func(ctx context.Context) {
 			allParam := map[string]string{

diff --git a/test/e2e/dynamic_provisioning_test.go b/test/e2e/dynamic_provisioning_test.go
@@ -1479,6 +1479,7 @@ var _ = ginkgo.Describe("Dynamic Provisioning", func() {
 		scParameters := map[string]string{
 			"protocol":            "nfs",
 			"networkEndpointType": "privateEndpoint",
+			"privateDNSZoneName":  "privatednszone",
 			"skuName":             "Premium_LRS",
 			"rootSquashType":      "AllSquash",
 			"mountPermissions":    "0",