Add sample driver

Dockerfile.sample-driver

@@ -0,0 +1,6 @@
+FROM gcr.io/distroless/static:latest
+LABEL maintainers="Kubernetes Authors"
+LABEL description="Object Storage Sidecar Sample Driver"
+
+COPY ./bin/sample-driver /sample-driver
+ENTRYPOINT ["/sample-driver"]

Makefile

@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-CMDS=objectstorage-sidecar
+CMDS=objectstorage-sidecar sample-driver
 
 all: reltools build
 .PHONY: reltools

README.md

@@ -4,7 +4,7 @@ COSI repos and images:
 [API](https://github.com/kubernetes-sigs/container-object-storage-interface-api) \
 [Controller](https://github.com/kubernetes-sigs/container-object-storage-interface-controller) <br/>
 &emsp; - [images: cosi-controller](https://quay.io/repository/containerobjectstorage/objectstorage-controller?tab=tags) \
- [Provisioner Sidecar](https://github.com/kubernetes-sigs/container-object-storage-interface-provisioner-sidecar) <br /> 
+ [Provisioner Sidecar](https://sigs.k8s.io/container-object-storage-interface-provisioner-sidecar) <br /> 
  &emsp; -  images: cosi-provisioner \
  [CSI Adapter](https://github.com/kubernetes-sigs/container-object-storage-interface-csi-adapter) <br /> 
  &emsp; - images: cosi-node-adapter 

cmd/objectstorage-sidecar/app/objectstorage-sidecar.go

@@ -5,9 +5,9 @@ import (
 	"os"
 	"time"
 
-	"github.com/kubernetes-sigs/container-object-storage-interface-provisioner-sidecar/pkg/controller/bucket"
-	"github.com/kubernetes-sigs/container-object-storage-interface-provisioner-sidecar/pkg/controller/bucketaccess"
-	"github.com/kubernetes-sigs/container-object-storage-interface-provisioner-sidecar/pkg/grpcclient"
+	"sigs.k8s.io/container-object-storage-interface-provisioner-sidecar/pkg/controller/bucket"
+	"sigs.k8s.io/container-object-storage-interface-provisioner-sidecar/pkg/controller/bucketaccess"
+	"sigs.k8s.io/container-object-storage-interface-provisioner-sidecar/pkg/grpcclient"
 
 	osspec "github.com/kubernetes-sigs/container-object-storage-interface-spec"
 

cmd/objectstorage-sidecar/main.go

@@ -19,7 +19,7 @@ package main
 import (
 	"os"
 
-	"github.com/kubernetes-sigs/container-object-storage-interface-provisioner-sidecar/cmd/objectstorage-sidecar/app"
+	"sigs.k8s.io/container-object-storage-interface-provisioner-sidecar/cmd/objectstorage-sidecar/app"
 )
 
 func main() {

cmd/sample-driver/driver-server.go

@@ -0,0 +1,142 @@
+/*
+Copyright 2020 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"fmt"
+
+	"github.com/minio/minio-go"
+	"github.com/minio/minio/pkg/auth"
+	"github.com/minio/minio/pkg/bucket/policy"
+	"github.com/minio/minio/pkg/bucket/policy/condition"
+	iampolicy "github.com/minio/minio/pkg/iam/policy"
+	"github.com/minio/minio/pkg/madmin"
+
+	"golang.org/x/net/context"
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
+	"k8s.io/klog"
+
+	cosi "github.com/kubernetes-sigs/container-object-storage-interface-spec"
+)
+
+var (
+	PROVISIONER_NAME = "sample-provisioner.objectstorage.k8s.io"
+	VERSION          = "dev"
+)
+
+type DriverServer struct {
+	Name, Version string
+	S3Client      *minio.Client
+	S3AdminClient *madmin.AdminClient
+}
+
+func (ds *DriverServer) ProvisionerGetInfo(context.Context, *cosi.ProvisionerGetInfoRequest) (*cosi.ProvisionerGetInfoResponse, error) {
+	rsp := &cosi.ProvisionerGetInfoResponse{}
+	rsp.Name = fmt.Sprintf("%s-%s", ds.Name, ds.Version)
+	return rsp, nil
+}
+
+func (ds DriverServer) ProvisionerCreateBucket(ctx context.Context, req *cosi.ProvisionerCreateBucketRequest) (*cosi.ProvisionerCreateBucketResponse, error) {
+	klog.Infof("Using minio to create Backend Bucket")
+
+	if ds.Name == "" {
+		return nil, status.Error(codes.Unavailable, "Driver name not configured")
+	}
+
+	if ds.Version == "" {
+		return nil, status.Error(codes.Unavailable, "Driver is missing version")
+	}
+
+	err := ds.S3Client.MakeBucket(req.BucketName, "")
+	if err != nil {
+		// Check to see if the bucket already exists
+		exists, errBucketExists := ds.S3Client.BucketExists(req.BucketName)
+		if errBucketExists == nil && exists {
+			klog.Info("Backend Bucket already exists", req.BucketName)
+			return &cosi.ProvisionerCreateBucketResponse{}, nil
+		} else {
+			klog.Error(err)
+			return &cosi.ProvisionerCreateBucketResponse{}, err
+		}
+	}
+	klog.Info("Successfully created Backend Bucket", req.BucketName)
+
+	return &cosi.ProvisionerCreateBucketResponse{}, nil
+}
+
+func (ds *DriverServer) ProvisionerDeleteBucket(ctx context.Context, req *cosi.ProvisionerDeleteBucketRequest) (*cosi.ProvisionerDeleteBucketResponse, error) {
+
+	if err := ds.S3Client.RemoveBucket(req.BucketName); err != nil {
+		klog.Info("failed to delete bucket", req.BucketName)
+		return nil, err
+
+	}
+	return &cosi.ProvisionerDeleteBucketResponse{}, nil
+}
+
+func (ds *DriverServer) ProvisionerGrantBucketAccess(ctx context.Context, req *cosi.ProvisionerGrantBucketAccessRequest) (*cosi.ProvisionerGrantBucketAccessResponse, error) {
+
+	creds, err := auth.GetNewCredentials()
+	if err != nil {
+		klog.Error("failed to generate new credentails")
+		return nil, err
+	}
+
+	if err := ds.S3AdminClient.AddUser(context.Background(), creds.AccessKey, creds.SecretKey); err != nil {
+		klog.Error("failed to create user", err)
+		return nil, err
+	}
+
+	// Create policy
+	p := iampolicy.Policy{
+		Version: iampolicy.DefaultVersion,
+		Statements: []iampolicy.Statement{
+			iampolicy.NewStatement(
+				policy.Allow,
+				iampolicy.NewActionSet("s3:*"),
+				iampolicy.NewResourceSet(iampolicy.NewResource(req.GetBucketName()+"/*", "")),
+				condition.NewFunctions(),
+			)},
+	}
+
+	if err := ds.S3AdminClient.AddCannedPolicy(context.Background(), "s3:*", &p); err != nil {
+		klog.Error("failed to add canned policy", err)
+		return nil, err
+	}
+
+	if err := ds.S3AdminClient.SetPolicy(context.Background(), "s3:*", creds.AccessKey, false); err != nil {
+		klog.Error("failed to set policy", err)
+		return nil, err
+	}
+
+	return &cosi.ProvisionerGrantBucketAccessResponse{
+		Principal:               req.Principal,
+		CredentialsFileContents: fmt.Sprintf("[default]\naws_access_key %s\naws_secret_key %s", creds.AccessKey, creds.SecretKey),
+		CredentialsFilePath:     ".aws/credentials",
+	}, nil
+}
+
+func (ds *DriverServer) ProvisionerRevokeBucketAccess(ctx context.Context, req *cosi.ProvisionerRevokeBucketAccessRequest) (*cosi.ProvisionerRevokeBucketAccessResponse, error) {
+
+	// revokes user access to bucket
+	if err := ds.S3AdminClient.RemoveUser(ctx, req.GetPrincipal()); err != nil {
+		klog.Error("falied to Revoke Bucket Access")
+		return nil, err
+	}
+	return &cosi.ProvisionerRevokeBucketAccessResponse{}, nil
+}

cmd/sample-driver/sample-driver.go

@@ -0,0 +1,126 @@
+/*
+Copyright 2020 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package main
+
+import (
+	"context"
+	"flag"
+	"fmt"
+	"os"
+	"os/signal"
+	"strings"
+	"syscall"
+
+	"github.com/minio/minio-go"
+	"github.com/minio/minio/pkg/madmin"
+	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
+	"k8s.io/klog"
+
+	"sigs.k8s.io/container-object-storage-interface-provisioner-sidecar/pkg/grpcserver"
+)
+
+var (
+	cosiAddress = "tcp://0.0.0.0:9000"
+	s3Endpoint  = "tcp://0.0.0.0:9000"
+	accessKey   = "AKIAIOSFODNN7EXAMPLE"
+	secretKey   = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
+	ctx         context.Context
+)
+
+var cmd = &cobra.Command{
+	Use:           os.Args[0],
+	Short:         "sample provisoner for provisioning bucket instance to the backend bucket",
+	SilenceErrors: true,
+	SilenceUsage:  true,
+	RunE: func(c *cobra.Command, args []string) error {
+		return run(args, cosiAddress)
+	},
+	DisableFlagsInUseLine: true,
+	Version:               VERSION,
+}
+
+func init() {
+	viper.AutomaticEnv()
+
+	cmd.PersistentFlags().AddGoFlagSet(flag.CommandLine)
+	flag.Set("logtostderr", "true")
+
+	strFlag := func(c *cobra.Command, ptr *string, name string, short string, dfault string, desc string) {
+		c.PersistentFlags().
+			StringVarP(ptr, name, short, dfault, desc)
+	}
+	strFlag(cmd, &cosiAddress, "listen-address", "", cosiAddress, "The address for the driver to listen on")
+	strFlag(cmd, &s3Endpoint, "s3-endpoint", "", "", "S3-endpont")
+	strFlag(cmd, &accessKey, "access-key", "", "", "S3-AccessKey")
+	strFlag(cmd, &secretKey, "secret-key", "", "", "S3-SecretKey")
+	hideFlag := func(name string) {
+		cmd.PersistentFlags().MarkHidden(name)
+	}
+	hideFlag("alsologtostderr")
+	hideFlag("log_backtrace_at")
+	hideFlag("log_dir")
+	hideFlag("logtostderr")
+	hideFlag("master")
+	hideFlag("stderrthreshold")
+	hideFlag("vmodule")
+
+	// Substitute _ for -
+	replacer := strings.NewReplacer("-", "_")
+	viper.SetEnvKeyReplacer(replacer)
+
+	// suppress the incorrect prefix in glog output
+	flag.CommandLine.Parse([]string{})
+	viper.BindPFlags(cmd.PersistentFlags())
+
+	var cancel context.CancelFunc
+
+	ctx, cancel = context.WithCancel(context.Background())
+	sigs := make(chan os.Signal, 1)
+	signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM, syscall.SIGSEGV)
+
+	go func() {
+		s := <-sigs
+		cancel()
+		klog.Error(fmt.Sprintf("%s %s", s.String(), "Signal received. Exiting"))
+	}()
+
+}
+
+func main() {
+	if err := cmd.Execute(); err != nil {
+		klog.Fatal(err.Error())
+
+	}
+}
+
+func run(args []string, endpoint string) error {
+	// Initialize minio client object.
+	minioClient, err := minio.New(s3Endpoint, accessKey, secretKey, false)
+	if err != nil {
+		klog.Fatalln(err)
+	}
+	minioAdminClient, err := madmin.New(s3Endpoint, accessKey, secretKey, false)
+	if err != nil {
+		klog.Fatalln(err)
+	}
+	cds := DriverServer{Name: PROVISIONER_NAME, Version: VERSION, S3Client: minioClient, S3AdminClient: minioAdminClient}
+	s := grpcserver.NewNonBlockingGRPCServer()
+	s.Start(endpoint, &cds)
+	s.Wait()
+	return nil
+}

go.mod

@@ -1,13 +1,17 @@
-module github.com/kubernetes-sigs/container-object-storage-interface-provisioner-sidecar
+module sigs.k8s.io/container-object-storage-interface-provisioner-sidecar
 
 go 1.15
 
 require (
+	github.com/go-ini/ini v1.62.0 // indirect
 	github.com/kubernetes-csi/csi-lib-utils v0.9.0
-	github.com/kubernetes-sigs/container-object-storage-interface-api v0.0.0-20201217233824-6b4158ff7e28
-	github.com/kubernetes-sigs/container-object-storage-interface-spec v0.0.0-20201217184109-8cbf84dde8d3
+	github.com/kubernetes-sigs/container-object-storage-interface-api v0.0.0-20210112203836-a74c106d3ab3
+	github.com/kubernetes-sigs/container-object-storage-interface-spec v0.0.0-20210107181053-ef523592ca74
+	github.com/minio/minio v0.0.0-20210112204746-e09196d62633
+	github.com/minio/minio-go v6.0.14+incompatible
 	github.com/spf13/cobra v0.0.5
-	golang.org/x/net v0.0.0-20200707034311-ab3426394381
+	github.com/spf13/viper v1.3.2
+	golang.org/x/net v0.0.0-20201216054612-986b41b23924
 	golang.org/x/time v0.0.0-20201208040808-7e3f01d25324
 	google.golang.org/grpc v1.34.0
 	k8s.io/api v0.19.4