Skip to content

Commit 6ee94a9

Browse files
ashimagarg27ashimagarg27
committed
address review comments
Signed-off-by: Ashima-Ashima1 <[email protected]>
1 parent 35fdd15 commit 6ee94a9

File tree

3 files changed

+40
-3
lines changed

3 files changed

+40
-3
lines changed

.secrets.baseline

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
"files": "go.sum|^.secrets.baseline$",
44
"lines": null
55
},
6-
"generated_at": "2024-11-21T04:40:19Z",
6+
"generated_at": "2024-11-25T03:29:33Z",
77
"plugins_used": [
88
{
99
"name": "AWSKeyDetector"
@@ -76,7 +76,17 @@
7676
"name": "TwilioKeyDetector"
7777
}
7878
],
79-
"results": {},
79+
"results": {
80+
"README.md": [
81+
{
82+
"hashed_secret": "325778ab9d49a6df7bc13a83563bec2de2a84c95",
83+
"is_verified": false,
84+
"line_number": 36,
85+
"type": "Secret Keyword",
86+
"verified_result": null
87+
}
88+
]
89+
},
8090
"version": "0.13.1+ibm.62.dss",
8191
"word_list": {
8292
"file": null,

README.md

Lines changed: 28 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,12 +29,39 @@ make deploy IMG=<image-registry>/ibm-object-csi-driver-operator:<image-tag>
2929
kubectl apply -k config/samples/
3030
```
3131

32-
**Note**: By default, in the IBM Object CSI Driver, the secret name is not tied to the PVC name. This allows you to use a single secret across multiple PVCs. For this, you’ll need to add two specific annotations in the PVC YAML. These annotations help the driver map the PVC to the correct secret.
32+
**Note**:
33+
- By default, in the IBM Object CSI Driver, the secret name is not tied to the PVC name. This allows you to use a single secret across multiple PVCs. For this, you’ll need to add two specific annotations in the PVC YAML. These annotations help the driver map the PVC to the correct secret.
3334
```
3435
annotations:
3536
cos.csi.driver/secret: "custom-secret"
3637
cos.csi.driver/secret-namespace: "default"
3738
```
39+
- If you want to have 1-to-1 mapping between each PVC and secret(using same name for both) i.e., specific secret tied to respective PVC, then you need to create a custom storage class as below and use it to create PVC.
40+
```
41+
apiVersion: storage.k8s.io/v1
42+
kind: StorageClass
43+
metadata:
44+
name: custom-object-csi-storage-class
45+
labels:
46+
provisioner: cos.s3.csi.ibm.io
47+
mountOptions:
48+
- "multipart_size=62"
49+
- "max_dirty_data=51200"
50+
- "parallel_count=8"
51+
- "max_stat_cache_size=100000"
52+
- "retries=5"
53+
- "kernel_cache"
54+
parameters:
55+
mounter: <"s3fs" or "rclone">
56+
client: "awss3"
57+
cosEndpoint: "https://s3.direct.us-west.cloud-object-storage.appdomain.cloud"
58+
locationConstraint: "us-west-smart"
59+
csi.storage.k8s.io/provisioner-secret-name: ${pvc.name}
60+
csi.storage.k8s.io/provisioner-secret-namespace: ${pvc.namespace}
61+
csi.storage.k8s.io/node-publish-secret-name: ${pvc.name}
62+
csi.storage.k8s.io/node-publish-secret-namespace: ${pvc.namespace}
63+
reclaimPolicy: <Retain or Delete>
64+
```
3865

3966
### Uninstall CRDs
4067
To delete the CRDs from the cluster:

bin/controller-gen

-22.8 MB
Binary file not shown.

0 commit comments

Comments
 (0)