fix: address PR review comments

- Set localSocket in rebuildVolumeFromStaging to fix invalid gRPC target - Use SHA256 hash (16 hex chars) in LocalSocketPath to minimize collision risk - Update GitHub Actions to latest versions (checkout@v4, metadata-action@v5, etc.) - Fix volumeMounts/volumes conditional mismatch in helm templates - Add documentation for mountService defaults in values.yaml
author: chrislusf <chris.lu@gmail.com> 2025-12-06 12:02:18 -0800
committer: Chris Lu <chrislusf@users.noreply.github.com> 2025-12-06 18:53:22 -0800
commit: 70ad54f12e2e1bbf0a841b2604f150464fab1e8f (patch)
tree: 8737109aaa604a9f8daea493d814f23404d92b7b
parent: 8888825ea9999fd07ce8a3d9bbce039c98694e4d (diff)
download: seaweedfs-csi-driver-70ad54f12e2e1bbf0a841b2604f150464fab1e8f.tar.xz
seaweedfs-csi-driver-70ad54f12e2e1bbf0a841b2604f150464fab1e8f.zip
6 files changed, 39 insertions, 25 deletions
diff --git a/.github/workflows/versioned_release.yaml b/.github/workflows/versioned_release.yaml
index 91e8241..61b3faf 100644
--- a/.github/workflows/versioned_release.yaml
+++ b/.github/workflows/versioned_release.yaml
@@ -16,11 +16,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Docker meta (csi-driver)
         id: docker_meta_csi
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v5
         with:
           images: |
             chrislusf/seaweedfs-csi-driver
@@ -35,7 +35,7 @@ jobs:
 
       - name: Docker meta (mount-service)
         id: docker_meta_mount
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v5
         with:
           images: |
             chrislusf/seaweedfs-mount
@@ -60,16 +60,16 @@ jobs:
         run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" | sed 's/\//_/g' >> $GITHUB_ENV
 
       - name: Setup QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v3
 
       - name: Setup Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
         with:
           buildkitd-flags: "--debug"
 
       - name: Login to DockerHub
         # if: ${{ startsWith(github.ref, 'refs/tags/') }}
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           # username: ${{ secrets.DOCKERHUB_USERNAME }}
           username: chrislusf
@@ -77,7 +77,7 @@ jobs:
 
       - name: Build csi-driver image
         # if: ${{ startsWith(github.ref, 'refs/tags/') }}
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v6
         with:
           context: .
           push: ${{ github.event_name != 'pull_request' }}
@@ -87,7 +87,7 @@ jobs:
           labels: ${{ steps.docker_meta_csi.outputs.labels }}
 
       - name: Build mount-service image
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v6
         with:
           context: .
           push: ${{ github.event_name != 'pull_request' }}
diff --git a/deploy/helm/seaweedfs-csi-driver/templates/daemonset-mount.yaml b/deploy/helm/seaweedfs-csi-driver/templates/daemonset-mount.yaml
index 31b3508..16a2f2d 100644
--- a/deploy/helm/seaweedfs-csi-driver/templates/daemonset-mount.yaml
+++ b/deploy/helm/seaweedfs-csi-driver/templates/daemonset-mount.yaml
@@ -50,7 +50,7 @@ spec:
               mountPath: /dev
             - name: cache
               mountPath: /var/cache/seaweedfs
-            {{- if and $mountEndpoint $mountSocketDir }}
+            {{- if and $mountEndpoint $mountSocketDir $mountHostPath }}
             - name: mount-socket-dir
               mountPath: {{ $mountSocketDir }}
             {{- end }}
@@ -69,7 +69,7 @@ spec:
             path: /dev
         - name: cache
           emptyDir: {}
-        {{- if and $mountEndpoint $mountHostPath }}
+        {{- if and $mountEndpoint $mountSocketDir $mountHostPath }}
         - name: mount-socket-dir
           hostPath:
             path: {{ $mountHostPath }}
diff --git a/deploy/helm/seaweedfs-csi-driver/templates/daemonset.yaml b/deploy/helm/seaweedfs-csi-driver/templates/daemonset.yaml
index bec6d26..f3e97c3 100644
--- a/deploy/helm/seaweedfs-csi-driver/templates/daemonset.yaml
+++ b/deploy/helm/seaweedfs-csi-driver/templates/daemonset.yaml
@@ -134,7 +134,7 @@ spec:
             {{- end }}
             - name: cache
               mountPath: /var/cache/seaweedfs
-            {{- if and $mountEndpoint $mountSocketDir }}
+            {{- if and $mountEndpoint $mountSocketDir $mountHostPath }}
             - name: mount-socket-dir
               mountPath: {{ $mountSocketDir }}
             {{- end }}
@@ -233,7 +233,7 @@ spec:
           secret:
             secretName: {{ .Values.tlsSecret }}
         {{- end }}
-        {{- if and $mountEndpoint $mountHostPath }}
+        {{- if and $mountEndpoint $mountSocketDir $mountHostPath }}
         - name: mount-socket-dir
           hostPath:
             path: {{ $mountHostPath }}
diff --git a/deploy/helm/seaweedfs-csi-driver/values.yaml b/deploy/helm/seaweedfs-csi-driver/values.yaml
index 224a169..e2de520 100644
--- a/deploy/helm/seaweedfs-csi-driver/values.yaml
+++ b/deploy/helm/seaweedfs-csi-driver/values.yaml
@@ -71,11 +71,21 @@ seaweedfsCsiPlugin:
       add: ["SYS_ADMIN"]
     allowPrivilegeEscalation: true
 
+# Mount Service Configuration
+# The mount service runs as a separate DaemonSet to provide mount resilience.
+# When enabled, FUSE mounts survive CSI driver restarts/upgrades.
+# The node.mountEndpoint, node.mountSocketDir, and node.mountHostPath values
+# default to the corresponding mountService.* values when left empty.
 mountService:
+  # Set to true (default) for mount resilience - mounts survive CSI driver restarts
+  # Set to false to disable the separate mount service (mounts managed by CSI driver directly)
   enabled: true
   image:  chrislusf/seaweedfs-mount:latest
+  # Endpoint for communication between CSI driver and mount service
   endpoint: unix:///var/lib/seaweedfs-mount/seaweedfs-mount.sock
+  # Host directory for mount service socket files
   hostPath: /var/lib/seaweedfs-mount
+  # Container path where socket directory is mounted
   socketDir: /var/lib/seaweedfs-mount
   securityContext:
     privileged: true
@@ -114,9 +124,12 @@ dataLocality: "none"
 node:
   # Deploy node daemonset
   enabled: true
-  mountEndpoint: ""
-  mountSocketDir: ""
-  mountHostPath: ""
+  # Mount service connection settings for the CSI node driver.
+  # When empty (default), these inherit from mountService.* values above.
+  # Only set these to override the mountService defaults.
+  mountEndpoint: ""    # defaults to mountService.endpoint
+  mountSocketDir: ""   # defaults to mountService.socketDir
+  mountHostPath: ""    # defaults to mountService.hostPath
   # When seaweedfs-csi-driver-node pod on node is recreated, all pods on same node using seaweed-csi PV will stop working.
   # For safe update set updateStrategy.type: OnDelete and manually move pods who use seaweed-csi PV, then delete  seaweedfs-csi-driver-node damonset pod
   updateStrategy:
diff --git a/pkg/driver/nodeserver.go b/pkg/driver/nodeserver.go
index 9371d09..96ed31d 100644
--- a/pkg/driver/nodeserver.go
+++ b/pkg/driver/nodeserver.go
@@ -8,6 +8,7 @@ import (
 
 	"github.com/container-storage-interface/spec/lib/go/csi"
 	"github.com/seaweedfs/seaweedfs-csi-driver/pkg/k8s"
+	"github.com/seaweedfs/seaweedfs-csi-driver/pkg/mountmanager"
 	"github.com/seaweedfs/seaweedfs/weed/glog"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
@@ -185,9 +186,10 @@ func (ns *NodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublis
 // Note: The returned Volume won't have an unmounter, so Unstage will need special handling.
 func (ns *NodeServer) rebuildVolumeFromStaging(volumeID string, stagingPath string) *Volume {
 	return &Volume{
-		VolumeId:   volumeID,
-		StagedPath: stagingPath,
-		driver:     ns.Driver,
+		VolumeId:    volumeID,
+		StagedPath:  stagingPath,
+		driver:      ns.Driver,
+		localSocket: mountmanager.LocalSocketPath(ns.Driver.volumeSocketDir, volumeID),
 		// mounter and unmounter are nil - this is intentional
 		// The FUSE process is already running, we just need to track the volume
 		// The mount service will have the mount tracked if it's still alive
diff --git a/pkg/mountmanager/socket.go b/pkg/mountmanager/socket.go
index f327dcb..95d63c0 100644
--- a/pkg/mountmanager/socket.go
+++ b/pkg/mountmanager/socket.go
@@ -1,10 +1,10 @@
 package mountmanager
 
 import (
+	"crypto/sha256"
+	"encoding/hex"
 	"fmt"
 	"path/filepath"
-
-	"github.com/seaweedfs/seaweedfs/weed/util"
 )
 
 // DefaultSocketDir is the default directory for volume sockets.
@@ -12,13 +12,12 @@ const DefaultSocketDir = "/var/lib/seaweedfs-mount"
 
 // LocalSocketPath returns the unix socket path used to communicate with the weed mount process.
 // The baseDir parameter should be the directory where sockets are stored (e.g., derived from mountEndpoint).
+// Uses SHA256 hash (first 16 hex chars = 64 bits) to minimize collision risk.
 func LocalSocketPath(baseDir, volumeID string) string {
 	if baseDir == "" {
 		baseDir = DefaultSocketDir
 	}
-	hash := util.HashToInt32([]byte(volumeID))
-	if hash < 0 {
-		hash = -hash
-	}
-	return filepath.Join(baseDir, fmt.Sprintf("seaweedfs-mount-%d.sock", hash))
+	h := sha256.Sum256([]byte(volumeID))
+	hashStr := hex.EncodeToString(h[:8]) // 16 hex chars = 64 bits
+	return filepath.Join(baseDir, fmt.Sprintf("seaweedfs-mount-%s.sock", hashStr))
 }
author	chrislusf <chris.lu@gmail.com>	2025-12-06 12:02:18 -0800
committer	Chris Lu <chrislusf@users.noreply.github.com>	2025-12-06 18:53:22 -0800
commit	70ad54f12e2e1bbf0a841b2604f150464fab1e8f (patch)
tree	8737109aaa604a9f8daea493d814f23404d92b7b
parent	8888825ea9999fd07ce8a3d9bbce039c98694e4d (diff)
download	seaweedfs-csi-driver-70ad54f12e2e1bbf0a841b2604f150464fab1e8f.tar.xz seaweedfs-csi-driver-70ad54f12e2e1bbf0a841b2604f150464fab1e8f.zip