This is an automated email from the ASF dual-hosted git repository. chhsiao pushed a commit to branch 1.7.x in repository https://gitbox.apache.org/repos/asf/mesos.git
commit d8458ae078862e706f985b2749d987f5c5cb3823 Author: Chun-Hung Hsiao <chhs...@mesosphere.io> AuthorDate: Mon Feb 4 23:26:20 2019 -0800 Disallowed `DESTROY_DISK` on persistent volumes. `DESTROY_DISK` would bypass persistent volume cleanup and directly ask the CSI plugin to delete the backed volume. Since the CSI spec does not require the plugin to do data cleanup, to avoid data leakage, we require that if there is persistent volume on the CSI volume, it should be destroyed first. Review: https://reviews.apache.org/r/69894 --- src/master/validation.cpp | 7 +++++++ src/tests/master_validation_tests.cpp | 12 ++++++++++++ 2 files changed, 19 insertions(+) diff --git a/src/master/validation.cpp b/src/master/validation.cpp index 249e6b2..4144bc1 100644 --- a/src/master/validation.cpp +++ b/src/master/validation.cpp @@ -2548,6 +2548,13 @@ Option<Error> validate(const Offer::Operation::DestroyDisk& destroyDisk) return Error("'source' is neither a MOUNT or BLOCK disk resource"); } + if (Resources::isPersistentVolume(source)) { + return Error( + "A disk resource containing a persistent volume " + stringify(source) + + " cannot be destroyed directly. Please destroy the persistent volume" + " first then destroy the disk resource"); + } + return None(); } diff --git a/src/tests/master_validation_tests.cpp b/src/tests/master_validation_tests.cpp index 726d677..137841c 100644 --- a/src/tests/master_validation_tests.cpp +++ b/src/tests/master_validation_tests.cpp @@ -1864,9 +1864,13 @@ TEST(OperationValidationTest, DestroyDisk) Resource disk4 = createDiskResource( "40", "*", None(), None(), createDiskSourceMount()); + Resource disk5 = createPersistentVolume( + Megabytes(50), "role", "id", "path", None(), createDiskSourceMount()); + disk1.mutable_provider_id()->set_value("provider1"); disk2.mutable_provider_id()->set_value("provider2"); disk3.mutable_provider_id()->set_value("provider3"); + disk5.mutable_provider_id()->set_value("provider5"); Offer::Operation::DestroyDisk destroyDisk; destroyDisk.mutable_source()->CopyFrom(disk1); @@ -1894,6 +1898,14 @@ TEST(OperationValidationTest, DestroyDisk) EXPECT_TRUE(strings::contains( error->message, "'source' is not managed by a resource provider")); + + destroyDisk.mutable_source()->CopyFrom(disk5); + + error = operation::validate(destroyDisk); + ASSERT_SOME(error); + EXPECT_TRUE(strings::contains( + error->message, + "Please destroy the persistent volume first")); }