diff --git a/apis/csiaddons/v1alpha1/networkfence_types.go b/apis/csiaddons/v1alpha1/networkfence_types.go index 8c82b692e..7f0373901 100644 --- a/apis/csiaddons/v1alpha1/networkfence_types.go +++ b/apis/csiaddons/v1alpha1/networkfence_types.go @@ -56,6 +56,8 @@ type SecretSpec struct { } // NetworkFenceSpec defines the desired state of NetworkFence +// +kubebuilder:validation:XValidation:rule="has(self.parameters) == has(oldSelf.parameters)",message="parameters are immutable" +// +kubebuilder:validation:XValidation:rule="has(self.secret) == has(oldSelf.secret)",message="secret is immutable" type NetworkFenceSpec struct { // Driver contains the name of CSI driver. // +kubebuilder:validation:Required diff --git a/apis/replication.storage/v1alpha1/volumereplicationclass_types.go b/apis/replication.storage/v1alpha1/volumereplicationclass_types.go index 274650310..25632a049 100644 --- a/apis/replication.storage/v1alpha1/volumereplicationclass_types.go +++ b/apis/replication.storage/v1alpha1/volumereplicationclass_types.go @@ -23,6 +23,7 @@ import ( // VolumeReplicationClassSpec specifies parameters that an underlying storage system uses // when creating a volume replica. A specific VolumeReplicationClass is used by specifying // its name in a VolumeReplication object. +// +kubebuilder:validation:XValidation:rule="has(self.parameters) == has(oldSelf.parameters)",message="parameters are immutable" type VolumeReplicationClassSpec struct { // Provisioner is the name of storage provisioner // +kubebuilder:validation:Required diff --git a/config/crd/bases/csiaddons.openshift.io_networkfences.yaml b/config/crd/bases/csiaddons.openshift.io_networkfences.yaml index 3234ca5fd..5aba29f2f 100644 --- a/config/crd/bases/csiaddons.openshift.io_networkfences.yaml +++ b/config/crd/bases/csiaddons.openshift.io_networkfences.yaml @@ -105,6 +105,11 @@ spec: - driver - fenceState type: object + x-kubernetes-validations: + - message: parameters are immutable + rule: has(self.parameters) == has(oldSelf.parameters) + - message: secret is immutable + rule: has(self.secret) == has(oldSelf.secret) status: description: NetworkFenceStatus defines the observed state of NetworkFence properties: diff --git a/config/crd/bases/replication.storage.openshift.io_volumereplicationclasses.yaml b/config/crd/bases/replication.storage.openshift.io_volumereplicationclasses.yaml index 8e22bd26c..53dc81c3e 100644 --- a/config/crd/bases/replication.storage.openshift.io_volumereplicationclasses.yaml +++ b/config/crd/bases/replication.storage.openshift.io_volumereplicationclasses.yaml @@ -61,6 +61,9 @@ spec: required: - provisioner type: object + x-kubernetes-validations: + - message: parameters are immutable + rule: has(self.parameters) == has(oldSelf.parameters) status: description: VolumeReplicationClassStatus defines the observed state of VolumeReplicationClass. diff --git a/deploy/controller/crds.yaml b/deploy/controller/crds.yaml index ccfe94de4..8171c0adb 100644 --- a/deploy/controller/crds.yaml +++ b/deploy/controller/crds.yaml @@ -213,6 +213,11 @@ spec: - driver - fenceState type: object + x-kubernetes-validations: + - message: parameters are immutable + rule: has(self.parameters) == has(oldSelf.parameters) + - message: secret is immutable + rule: has(self.secret) == has(oldSelf.secret) status: description: NetworkFenceStatus defines the observed state of NetworkFence properties: @@ -778,6 +783,9 @@ spec: required: - provisioner type: object + x-kubernetes-validations: + - message: parameters are immutable + rule: has(self.parameters) == has(oldSelf.parameters) status: description: VolumeReplicationClassStatus defines the observed state of VolumeReplicationClass. diff --git a/internal/connection/connection.go b/internal/connection/connection.go index 60463df66..d439ce9ec 100644 --- a/internal/connection/connection.go +++ b/internal/connection/connection.go @@ -38,8 +38,11 @@ type Connection struct { // NewConnection establishes connection with sidecar, fetches capability and returns Connection object // filled with required information. func NewConnection(ctx context.Context, endpoint, nodeID, driverName string) (*Connection, error) { - opts := grpc.WithTransportCredentials(insecure.NewCredentials()) - cc, err := grpc.Dial(endpoint, opts) + opts := []grpc.DialOption{ + grpc.WithTransportCredentials(insecure.NewCredentials()), + grpc.WithIdleTimeout(time.Duration(0)), + } + cc, err := grpc.Dial(endpoint, opts...) if err != nil { return nil, err }