Enable bucket access poilcy for vpc clusters (#56)

* code changes to incorporate whitelisting ips for vpc clusters

* Add UT and respective mock packages

* review comments addressed

* add pvc name in the logger

Author: Bhagyashreek8

Makefile

@@ -28,6 +28,7 @@ BUILD_DATE="$(shell date -u +"%Y-%m-%dT%H:%M:%SZ")"
 #    endif
 #endif
 VERSION := latest
+export GO111MODULE=on
 
 .PHONY: all
 all: deps fmt vet test
@@ -41,7 +42,8 @@ driver: deps builddriver
 .PHONY: deps
 deps:
 	echo "Installing dependencies ..."
-	glide install --strip-vendor
+	#glide install --strip-vendor
+	go mod vendor
 	go get github.com/pierrre/gotestcover
 
 .PHONY: fmt

OPENSOURCE

@@ -44,6 +44,7 @@ golang.org/x/crypto,81e90905daefcd6fd217b62423c0908922eadb30
 golang.org/x/net,1c05540f6879653db88113bc4a2b70aec4bd491f
 golang.org/x/sys,a2e06a18b0d52d8cb2010e04b372a1965d8e3439
 golang.org/x/text,b19bf474d317b857955b12035d2c5acb57ce8b01
+google.golang.org/grpc,v1.27.0
 gopkg.in/go-playground/validator.v8,5f1438d3fca68893a817e4a66806cea46a9e4ebf
 gopkg.in/inf.v0,3887ee99ecf07df5b447e9b00d9c0b2adaa9f3e4
 gopkg.in/natefinch/lumberjack.v2,a96e63847dc3c67d17befa69c303767e2f84e54f

cmd/provisioner/main.go

@@ -15,9 +15,11 @@ import (
 	"strings"
 	"time"
 
+	ibmprovider "github.com/IBM/ibmcloud-object-storage-plugin/ibm-provider/provider"
 	s3fsprovisioner "github.com/IBM/ibmcloud-object-storage-plugin/provisioner"
 	"github.com/IBM/ibmcloud-object-storage-plugin/utils/backend"
 	cfg "github.com/IBM/ibmcloud-object-storage-plugin/utils/config"
+	grpcClient "github.com/IBM/ibmcloud-object-storage-plugin/utils/grpc-client"
 	log "github.com/IBM/ibmcloud-object-storage-plugin/utils/logger"
 	"github.com/IBM/ibmcloud-object-storage-plugin/utils/uuid"
 	"github.com/kubernetes-sigs/sig-storage-lib-external-provisioner/controller"
@@ -82,6 +84,18 @@ func main() {
 	if err != nil {
 		logger.Info("Failed to set flag:", zap.Error(err))
 	}
+
+	s3fsprovisioner.SockEndpoint = flag.String(
+		"endpoint",
+		"/ibmprovider/provider.sock",
+		"Provider endpoint",
+	)
+
+	s3fsprovisioner.ConfigBucketAccessPolicy = flag.Bool(
+		"bucketAccessPolicy",
+		false,
+		"set 'true' to configure bucket access policy",
+	)
 	flag.Parse()
 
 	// Enable debug trace
@@ -121,6 +135,9 @@ func main() {
 
 	s3fsProvisioner := &s3fsprovisioner.IBMS3fsProvisioner{
 		Backend:       &backend.COSSessionFactory{},
+		GRPCBackend:   &grpcClient.ConnObjFactory{},
+		AccessPolicy:  &backend.UpdateAPFactory{},
+		IBMProvider:   &ibmprovider.IBMProviderClntFactory{},
 		Logger:        logger,
 		Client:        clientset,
 		UUIDGenerator: uuid.NewCryptoGenerator(),

driver/driver.go

@@ -40,7 +40,7 @@ const (
 	SecretSecretKey = "secret-key"
 	// SecretAPIKey is the key name for the IBM API Key (IAM Authentication)
 	SecretAPIKey = "api-key"
-	//SecretAllowedNS is the key name for the Allowed Namespace
+	// SecretAllowedNS is the key name for the Allowed Namespace
 	SecretAllowedNS = "allowed_ns"
 	// SecretServiceInstanceID is the key name for the service instance ID (IAM Authentication)
 	SecretServiceInstanceID = "service-instance-id"

go.mod

@@ -0,0 +1,58 @@
+module github.com/IBM/ibmcloud-object-storage-plugin
+
+go 1.13
+
+require (
+	github.com/BurntSushi/toml v0.3.1
+	github.com/IBM/go-sdk-core/v3 v3.3.1
+	github.com/IBM/ibm-cos-sdk-go v1.3.2
+	github.com/IBM/ibm-cos-sdk-go-config v1.0.0
+	github.com/coreos/go-systemd v0.0.0-00010101000000-000000000000 // indirect
+	github.com/evanphx/json-patch v4.5.0+incompatible // indirect
+	github.com/godbus/dbus v4.1.0+incompatible // indirect
+	github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect
+	github.com/golang/protobuf v1.4.2
+	github.com/google/btree v1.0.0 // indirect
+	github.com/googleapis/gnostic v0.4.0 // indirect
+	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
+	github.com/hashicorp/golang-lru v0.5.4 // indirect
+	github.com/imdario/mergo v0.3.9 // indirect
+	github.com/jessevdk/go-flags v1.4.0
+	github.com/kubernetes-sigs/sig-storage-lib-external-provisioner v2.2.0+incompatible
+	github.com/miekg/dns v1.1.30 // indirect
+	github.com/mitchellh/mapstructure v1.3.2 // indirect
+	github.com/pborman/uuid v1.2.0 // indirect
+	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
+	github.com/pierrre/gotestcover v0.0.0-20160517101806-924dca7d15f0 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/prometheus/client_golang v1.7.1 // indirect
+	github.com/satori/go.uuid v1.2.0
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/stretchr/testify v1.6.1
+	go.uber.org/zap v1.15.0
+	golang.org/x/crypto v0.0.0-20200709230013-948cd5f35899 // indirect
+	golang.org/x/net v0.0.0-20200707034311-ab3426394381 // indirect
+	golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae // indirect
+	golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e // indirect
+	google.golang.org/appengine v1.6.6 // indirect
+	google.golang.org/grpc v1.27.0
+	google.golang.org/protobuf v1.23.0
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/natefinch/lumberjack.v2 v2.0.0
+	gopkg.in/yaml.v2 v2.3.0 // indirect
+	k8s.io/api v0.0.0-20190222213804-5cb15d344471
+	k8s.io/apimachinery v0.0.0-20190221213512-86fb29eff628
+	k8s.io/client-go v0.0.0-20190228174230-b40b2a5939e4
+	k8s.io/klog v1.0.0 // indirect
+	k8s.io/klog/v2 v2.3.0 // indirect
+	k8s.io/kube-openapi v0.0.0-20200615155156-dffdd1682719 // indirect
+	k8s.io/kubernetes v1.13.4 // indirect
+	k8s.io/utils v0.0.0-20200619165400-6e3d28b6ed19 // indirect
+	sigs.k8s.io/yaml v1.2.0 // indirect
+)
+
+replace (
+	github.com/coreos/go-systemd => github.com/coreos/go-systemd/v22 v22.1.0
+	github.com/googleapis/gnostic => github.com/googleapis/gnostic v0.4.0
+	k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20181109181836-c59034cc13d5
+)