Added ability to specify gid and uid

livingroot · livingroot · commit 601b7ac72493 · 2025-02-22T00:19:16.000+03:00
diff --git a/deploy/kubernetes/examples/storageclass.yaml b/deploy/kubernetes/examples/storageclass.yaml
@@ -8,8 +8,14 @@ parameters:
   # specify which mounter to use
   # can be set to rclone, s3fs, goofys or s3backer
   mounter: rclone
+
   # to use an existing bucket, specify it here:
   # bucket: some-existing-bucket
+
+  # to use a non-root uid and gid, specify them here:
+  # uid: "33"
+  # gid: "33"
+
   csi.storage.k8s.io/provisioner-secret-name: csi-s3-secret
   csi.storage.k8s.io/provisioner-secret-namespace: kube-system
   csi.storage.k8s.io/controller-publish-secret-name: csi-s3-secret
diff --git a/pkg/driver/controllerserver.go b/pkg/driver/controllerserver.go
@@ -53,6 +53,16 @@ func (cs *controllerServer) CreateVolume(ctx context.Context, req *csi.CreateVol
 	prefix := ""
 	usePrefix, usePrefixError := strconv.ParseBool(params[mounter.UsePrefix])
 	defaultFsPath := defaultFsPath
+	gid := uint32(0)
+	uid := uint32(0)
+	if params[mounter.Gid] != "" {
+		parsed, _ := strconv.ParseInt(params[mounter.Gid], 10, 32)
+		gid = uint32(parsed)
+	}
+	if params[mounter.Uid] != "" {
+		parsed, _ := strconv.ParseInt(params[mounter.Uid], 10, 32)
+		uid = uint32(parsed)
+	}
 
 	// check if bucket name is overridden
 	if nameOverride, ok := params[mounter.BucketKey]; ok {
@@ -93,6 +103,8 @@ func (cs *controllerServer) CreateVolume(ctx context.Context, req *csi.CreateVol
 		Mounter:       mounterType,
 		CapacityBytes: capacityBytes,
 		FSPath:        defaultFsPath,
+		Uid:           uid,
+		Gid:           gid,
 	}
 
 	client, err := s3.NewClientFromSecret(req.GetSecrets())
diff --git a/pkg/driver/driver.go b/pkg/driver/driver.go
@@ -33,7 +33,7 @@ type driver struct {
 }
 
 var (
-	vendorVersion = "v1.2.0-rc.2"
+	vendorVersion = "v1.3.0"
 	driverName    = "ch.ctrox.csi.s3-driver"
 )
 
diff --git a/pkg/mounter/goofys.go b/pkg/mounter/goofys.go
@@ -61,6 +61,8 @@ func (goofys *goofysMounter) Mount(source string, target string) error {
 		Backend: &common.S3Config{
 			Region: goofys.region,
 		},
+		Gid: goofys.meta.Gid,
+		Uid: goofys.meta.Uid,
 	}
 
 	os.Setenv("AWS_ACCESS_KEY_ID", goofys.accessKeyID)
diff --git a/pkg/mounter/mounter.go b/pkg/mounter/mounter.go
@@ -33,6 +33,8 @@ const (
 	BucketKey           = "bucket"
 	VolumePrefix        = "prefix"
 	UsePrefix           = "usePrefix"
+	Gid                 = "gid"
+	Uid                 = "uid"
 )
 
 // New returns a new mounter depending on the mounterType parameter
diff --git a/pkg/mounter/rclone.go b/pkg/mounter/rclone.go
@@ -53,6 +53,14 @@ func (rclone *rcloneMounter) Mount(source string, target string) error {
 		// TODO: make this configurable
 		"--vfs-cache-mode=writes",
 	}
+
+	if rclone.meta.Gid != 0 {
+		args = append(args, fmt.Sprintf("--gid=%d", rclone.meta.Gid))
+	}
+	if rclone.meta.Uid != 0 {
+		args = append(args, fmt.Sprintf("--uid=%d", rclone.meta.Uid))
+	}
+
 	os.Setenv("AWS_ACCESS_KEY_ID", rclone.accessKeyID)
 	os.Setenv("AWS_SECRET_ACCESS_KEY", rclone.secretAccessKey)
 	return fuseMount(target, rcloneCmd, args)
diff --git a/pkg/mounter/s3backer.go b/pkg/mounter/s3backer.go
@@ -116,6 +116,13 @@ func (s3backer *s3backerMounter) mountInit(p string) error {
 		args = append(args, "--ssl")
 	}
 
+	if s3backer.meta.Gid != 0 {
+		args = append(args, fmt.Sprintf("--gid=%d", s3backer.meta.Gid))
+	}
+	if s3backer.meta.Uid != 0 {
+		args = append(args, fmt.Sprintf("--uid=%d", s3backer.meta.Uid))
+	}
+
 	return fuseMount(p, s3backerCmd, args)
 }
 
diff --git a/pkg/mounter/s3fs.go b/pkg/mounter/s3fs.go
@@ -50,6 +50,14 @@ func (s3fs *s3fsMounter) Mount(source string, target string) error {
 		"-o", "allow_other",
 		"-o", "mp_umask=000",
 	}
+
+	if s3fs.meta.Gid != 0 {
+		args = append(args, fmt.Sprintf("-o", fmt.Sprintf("gid=%d", s3fs.meta.Gid)))
+	}
+	if s3fs.meta.Uid != 0 {
+		args = append(args, fmt.Sprintf("-o", fmt.Sprintf("uid=%d", s3fs.meta.Uid)))
+	}
+
 	return fuseMount(target, s3fsCmd, args)
 }
 
diff --git a/pkg/s3/client.go b/pkg/s3/client.go
@@ -5,12 +5,13 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"github.com/golang/glog"
-	"github.com/minio/minio-go/v7"
-	"github.com/minio/minio-go/v7/pkg/credentials"
 	"io"
 	"net/url"
 	"path"
+
+	"github.com/golang/glog"
+	"github.com/minio/minio-go/v7"
+	"github.com/minio/minio-go/v7/pkg/credentials"
 )
 
 const (
@@ -39,6 +40,8 @@ type FSMeta struct {
 	Mounter       string `json:"Mounter"`
 	FSPath        string `json:"FSPath"`
 	CapacityBytes int64  `json:"CapacityBytes"`
+	Uid           uint32 `json:"Uid"`
+	Gid           uint32 `json:"Gid"`
 }
 
 func NewClient(cfg *Config) (*s3Client, error) {

Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ type driver struct {`
`33`	`33`	`}`
`34`	`34`
`35`	`35`	`var (`
`36`		`- vendorVersion = "v1.2.0-rc.2"`
	`36`	`+ vendorVersion = "v1.3.0"`
`37`	`37`	`driverName = "ch.ctrox.csi.s3-driver"`
`38`	`38`	`)`
`39`	`39`
Original file line number	Diff line number	Diff line change
`@@ -61,6 +61,8 @@ func (goofys *goofysMounter) Mount(source string, target string) error {`
`61`	`61`	`Backend: &common.S3Config{`
`62`	`62`	`Region: goofys.region,`
`63`	`63`	`},`
	`64`	`+ Gid: goofys.meta.Gid,`
	`65`	`+ Uid: goofys.meta.Uid,`
`64`	`66`	`}`
`65`	`67`
`66`	`68`	`os.Setenv("AWS_ACCESS_KEY_ID", goofys.accessKeyID)`
Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,8 @@ const (`
`33`	`33`	`BucketKey = "bucket"`
`34`	`34`	`VolumePrefix = "prefix"`
`35`	`35`	`UsePrefix = "usePrefix"`
	`36`	`+ Gid = "gid"`
	`37`	`+ Uid = "uid"`
`36`	`38`	`)`
`37`	`39`
`38`	`40`	`// New returns a new mounter depending on the mounterType parameter`
Original file line number	Diff line number	Diff line change
`@@ -116,6 +116,13 @@ func (s3backer *s3backerMounter) mountInit(p string) error {`
`116`	`116`	`args = append(args, "--ssl")`
`117`	`117`	`}`
`118`	`118`
	`119`	`+ if s3backer.meta.Gid != 0 {`
	`120`	`+ args = append(args, fmt.Sprintf("--gid=%d", s3backer.meta.Gid))`
	`121`	`+ }`
	`122`	`+ if s3backer.meta.Uid != 0 {`
	`123`	`+ args = append(args, fmt.Sprintf("--uid=%d", s3backer.meta.Uid))`
	`124`	`+ }`
	`125`	`+`
`119`	`126`	`return fuseMount(p, s3backerCmd, args)`
`120`	`127`	`}`
`121`	`128`
Original file line number	Diff line number	Diff line change
`@@ -50,6 +50,14 @@ func (s3fs *s3fsMounter) Mount(source string, target string) error {`
`50`	`50`	`"-o", "allow_other",`
`51`	`51`	`"-o", "mp_umask=000",`
`52`	`52`	`}`
	`53`	`+`
	`54`	`+ if s3fs.meta.Gid != 0 {`
	`55`	`+ args = append(args, fmt.Sprintf("-o", fmt.Sprintf("gid=%d", s3fs.meta.Gid)))`
	`56`	`+ }`
	`57`	`+ if s3fs.meta.Uid != 0 {`
	`58`	`+ args = append(args, fmt.Sprintf("-o", fmt.Sprintf("uid=%d", s3fs.meta.Uid)))`
	`59`	`+ }`
	`60`	`+`
`53`	`61`	`return fuseMount(target, s3fsCmd, args)`
`54`	`62`	`}`
`55`	`63`