[mesos] 04/05: Disallowed `DESTROY_DISK` on persistent volumes.

Tue, 12 Feb 2019 19:51:57 -0800 

This is an automated email from the ASF dual-hosted git repository.

chhsiao pushed a commit to branch 1.7.x
in repository https://gitbox.apache.org/repos/asf/mesos.git

commit d8458ae078862e706f985b2749d987f5c5cb3823
Author: Chun-Hung Hsiao <chhs...@mesosphere.io>
AuthorDate: Mon Feb 4 23:26:20 2019 -0800

    Disallowed `DESTROY_DISK` on persistent volumes.
    
    `DESTROY_DISK` would bypass persistent volume cleanup and directly ask
    the CSI plugin to delete the backed volume. Since the CSI spec does not
    require the plugin to do data cleanup, to avoid data leakage, we require
    that if there is persistent volume on the CSI volume, it should be
    destroyed first.
    
    Review: https://reviews.apache.org/r/69894
---
 src/master/validation.cpp             |  7 +++++++
 src/tests/master_validation_tests.cpp | 12 ++++++++++++
 2 files changed, 19 insertions(+)

diff --git a/src/master/validation.cpp b/src/master/validation.cpp
index 249e6b2..4144bc1 100644
--- a/src/master/validation.cpp
+++ b/src/master/validation.cpp
@@ -2548,6 +2548,13 @@ Option<Error> validate(const 
Offer::Operation::DestroyDisk& destroyDisk)
     return Error("'source' is neither a MOUNT or BLOCK disk resource");
   }
 
+  if (Resources::isPersistentVolume(source)) {
+    return Error(
+        "A disk resource containing a persistent volume " + stringify(source) +
+        " cannot be destroyed directly. Please destroy the persistent volume"
+        " first then destroy the disk resource");
+  }
+
   return None();
 }
 
diff --git a/src/tests/master_validation_tests.cpp 
b/src/tests/master_validation_tests.cpp
index 726d677..137841c 100644
--- a/src/tests/master_validation_tests.cpp
+++ b/src/tests/master_validation_tests.cpp
@@ -1864,9 +1864,13 @@ TEST(OperationValidationTest, DestroyDisk)
   Resource disk4 = createDiskResource(
       "40", "*", None(), None(), createDiskSourceMount());
 
+  Resource disk5 = createPersistentVolume(
+      Megabytes(50), "role", "id", "path", None(), createDiskSourceMount());
+
   disk1.mutable_provider_id()->set_value("provider1");
   disk2.mutable_provider_id()->set_value("provider2");
   disk3.mutable_provider_id()->set_value("provider3");
+  disk5.mutable_provider_id()->set_value("provider5");
 
   Offer::Operation::DestroyDisk destroyDisk;
   destroyDisk.mutable_source()->CopyFrom(disk1);
@@ -1894,6 +1898,14 @@ TEST(OperationValidationTest, DestroyDisk)
   EXPECT_TRUE(strings::contains(
       error->message,
       "'source' is not managed by a resource provider"));
+
+  destroyDisk.mutable_source()->CopyFrom(disk5);
+
+  error = operation::validate(destroyDisk);
+  ASSERT_SOME(error);
+  EXPECT_TRUE(strings::contains(
+      error->message,
+      "Please destroy the persistent volume first"));
 }

Reply via email to