diff --git a/.secrets.baseline b/.secrets.baseline index 3f350e56..476111cc 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "go.sum|^.secrets.baseline$", "lines": null }, - "generated_at": "2025-05-12T04:31:57Z", + "generated_at": "2025-05-14T06:55:53Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -195,7 +195,7 @@ "hashed_secret": "39f69c278f46165447f30d10acf54277aaa3d5fc", "is_secret": false, "is_verified": false, - "line_number": 75, + "line_number": 77, "type": "Secret Keyword", "verified_result": null } diff --git a/pkg/constants/constants.go b/pkg/constants/constants.go index 367b5cf9..2a007e5b 100644 --- a/pkg/constants/constants.go +++ b/pkg/constants/constants.go @@ -27,7 +27,9 @@ const ( // NodeRegionLabel Region Label attached to node NodeRegionLabel = "topology.kubernetes.io/region" - Timeout = 3 * time.Minute - DefaultSocketPath = "/tmp/mysocket.sock" - WorkerNodeMounterPath = "/var/lib/cos-csi" + Timeout = 3 * time.Minute + DefaultSocketPath = "/tmp/mysocket.sock" + MounterConfigPathOnHost = "/var/lib/cos-csi" + MounterConfigPathOnPodS3fs = "/var/lib/ibmc-s3fs" + MounterConfigPathOnPodRclone = "/root/.config/rclone" ) diff --git a/pkg/mounter/mounter-rclone.go b/pkg/mounter/mounter-rclone.go index 036bfbf4..1c1fb9f5 100644 --- a/pkg/mounter/mounter-rclone.go +++ b/pkg/mounter/mounter-rclone.go @@ -174,9 +174,9 @@ func (rclone *RcloneMounter) Mount(source string, target string) error { var configPath string if mountWorker { - configPath = constants.WorkerNodeMounterPath + configPath = constants.MounterConfigPathOnHost } else { - configPath = "/root/.config/rclone" + configPath = constants.MounterConfigPathOnPodRclone } configPathWithVolID := path.Join(configPath, fmt.Sprintf("%x", sha256.Sum256([]byte(target)))) diff --git a/pkg/mounter/mounter-s3fs.go b/pkg/mounter/mounter-s3fs.go index 0852e1c0..f42d3cdf 100644 --- a/pkg/mounter/mounter-s3fs.go +++ b/pkg/mounter/mounter-s3fs.go @@ -15,8 +15,10 @@ import ( "crypto/sha256" "encoding/json" "fmt" + "os" "path" "strings" + "time" "github.com/IBM/ibm-object-csi-driver/pkg/constants" "github.com/IBM/ibm-object-csi-driver/pkg/mounter/utils" @@ -103,9 +105,9 @@ func (s3fs *S3fsMounter) Mount(source string, target string) error { var metaRoot string if mountWorker { - metaRoot = constants.WorkerNodeMounterPath + metaRoot = constants.MounterConfigPathOnHost } else { - metaRoot = "/var/lib/ibmc-s3fs" + metaRoot = constants.MounterConfigPathOnPodS3fs } var bucketName string @@ -174,6 +176,7 @@ var writePassWrap = func(pwFileName string, pwFileContent string) error { func (s3fs *S3fsMounter) Unmount(target string) error { klog.Info("-S3FSMounter Unmount-") + klog.Infof("Unmount args:\n\ttarget: <%s>", target) if mountWorker { klog.Info("Worker Unmounting...") @@ -185,10 +188,18 @@ func (s3fs *S3fsMounter) Unmount(target string) error { if err != nil { return err } + + cleanupOfs3fsPasswordFile(target) return nil } klog.Info("NodeServer Unmounting...") - return s3fs.MounterUtils.FuseUnmount(target) + err := s3fs.MounterUtils.FuseUnmount(target) + if err != nil { + return err + } + + cleanupOfs3fsPasswordFile(target) + return nil } func updateS3FSMountOptions(defaultMountOp []string, secretMap map[string]string) []string { @@ -323,3 +334,37 @@ func (s3fs *S3fsMounter) formulateMountOptions(bucket, target, passwdFile string } return } + +func cleanupOfs3fsPasswordFile(target string) { + var metaRoot string + if mountWorker { + metaRoot = constants.MounterConfigPathOnHost + } else { + metaRoot = constants.MounterConfigPathOnPodS3fs + } + + metaPath := path.Join(metaRoot, fmt.Sprintf("%x", sha256.Sum256([]byte(target)))) + + for retry := 1; retry <= 3; retry++ { + _, err := os.Stat(metaPath) + if err == nil { + passwdFile := path.Join(metaPath, passFile) + err = os.Remove(passwdFile) + if err != nil { + klog.Errorf("S3FSMounter Unmount: Cannot remove password file %s: %v", metaPath, err) + time.Sleep(500 * time.Millisecond) + continue + } + return + } else { + if os.IsNotExist(err) { + klog.Infof("S3FSMounter Unmount: Password file does not exists%s", metaPath) + return + } + klog.Errorf("S3FSMounter Unmount: Error occurred while fetching path stats for password file") + time.Sleep(500 * time.Millisecond) + continue + } + } + return +}