From 9625615a2b11375e7964e73f2d3515fbfd4c3311 Mon Sep 17 00:00:00 2001 From: Grant Griffiths Date: Fri, 10 May 2019 15:07:31 -0700 Subject: [PATCH] Add secret support for Delete from pvc name and namespace Signed-off-by: Grant Griffiths --- pkg/controller/controller.go | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/pkg/controller/controller.go b/pkg/controller/controller.go index 6ebe3a37d..9c9a4d61e 100644 --- a/pkg/controller/controller.go +++ b/pkg/controller/controller.go @@ -663,15 +663,23 @@ func (p *csiProvisioner) Delete(volume *v1.PersistentVolume) error { storageClassName := volume.Spec.StorageClassName if len(storageClassName) != 0 { if storageClass, err := p.client.StorageV1().StorageClasses().Get(storageClassName, metav1.GetOptions{}); err == nil { + + // Get PVC for secret reference if the volume is bound. + var pvc *v1.PersistentVolumeClaim + if volume.Spec.ClaimRef != nil { + pvc, _ = p.client.CoreV1().PersistentVolumeClaims(volume.Spec.ClaimRef.Namespace).Get(volume.Spec.ClaimRef.Name, metav1.GetOptions{}) + // If we do not find the PVC, continue with deletion. + } + // Resolve provision secret credentials. - // No PVC is provided when resolving provision/delete secret names, since the PVC may or may not exist at delete time. - provisionerSecretRef, err := getSecretReference(provisionerSecretParams, storageClass.Parameters, volume.Name, nil) + provisionerSecretRef, err := getSecretReference(provisionerSecretParams, storageClass.Parameters, volume.Name, pvc) if err != nil { return err } credentials, err := getCredentials(p.client, provisionerSecretRef) if err != nil { - return err + // Continue with deletion, as the secret may have already been deleted. + klog.Warningf("Failed to get credentials for volume %s: %s", volume.Name, err.Error()) } req.Secrets = credentials }