feat: inject volumes into init-containers too

flashbots · Aug 11, 2024 · a0e0ef3 · a0e0ef3
1 parent 9544552
commit a0e0ef3
Show file tree

Hide file tree

Showing 2 changed files with 79 additions and 2 deletions.
diff --git a/patch/add_init_container_volume_mounts.go b/patch/add_init_container_volume_mounts.go
@@ -0,0 +1,43 @@
+package patch
+
+import (
+	"strconv"
+
+	json_patch "github.com/evanphx/json-patch"
+	"github.com/flashbots/kube-sidecar-injector/operation"
+	core_v1 "k8s.io/api/core/v1"
+)
+
+func AddInitContainerVolumeMounts(
+	idx int,
+	container *core_v1.Container,
+	volumeMounts []core_v1.VolumeMount,
+) (json_patch.Patch, error) {
+	if len(volumeMounts) == 0 {
+		return nil, nil
+	}
+
+	res := make(json_patch.Patch, 0, len(volumeMounts))
+
+	notEmpty := len(container.VolumeMounts) > 0
+	for _, vm := range volumeMounts {
+		var (
+			op  json_patch.Operation
+			err error
+		)
+
+		if notEmpty {
+			op, err = operation.Add("/spec/initContainers/"+strconv.Itoa(idx)+"/volumeMounts/-", vm)
+		} else {
+			notEmpty = true
+			op, err = operation.Add("/spec/initContainers/"+strconv.Itoa(idx)+"/volumeMounts", []core_v1.VolumeMount{vm})
+		}
+
+		if err != nil {
+			return nil, err
+		}
+		res = append(res, op)
+	}
+
+	return res, nil
+}
diff --git a/server/k8s.go b/server/k8s.go
@@ -278,6 +278,40 @@ func (s *Server) mutatePod(
 
 	// inject volume mounts
 	if len(inject.VolumeMounts) > 0 {
+		for idx, c := range pod.Spec.InitContainers {
+			existing := make(map[string]struct{}, len(c.VolumeMounts))
+			for _, vm := range c.VolumeMounts {
+				existing[vm.MountPath] = struct{}{}
+			}
+
+			volumeMounts := make([]core_v1.VolumeMount, 0, len(inject.VolumeMounts))
+			for _, vm := range inject.VolumeMounts {
+				if _, collision := existing[vm.MountPath]; collision {
+					l.Warn("Volume mount with the same mount path already exists in the init-container => skipping...",
+						zap.String("initContainer", c.Name),
+						zap.String("mountPath", vm.MountPath),
+					)
+					continue
+				}
+
+				l.Info("Injecting volume mount into the init-container",
+					zap.String("initContainer", c.Name),
+					zap.String("volumeMount", vm.Name),
+				)
+				volumeMount, err := vm.VolumeMount()
+				if err != nil {
+					return nil, err
+				}
+				volumeMounts = append(volumeMounts, *volumeMount)
+			}
+
+			p, err := patch.AddInitContainerVolumeMounts(idx, &c, volumeMounts)
+			if err != nil {
+				return nil, err
+			}
+			res = append(res, p...)
+		}
+
 		for idx, c := range pod.Spec.Containers {
 			existing := make(map[string]struct{}, len(c.VolumeMounts))
 			for _, vm := range c.VolumeMounts {
@@ -287,14 +321,14 @@ func (s *Server) mutatePod(
 			volumeMounts := make([]core_v1.VolumeMount, 0, len(inject.VolumeMounts))
 			for _, vm := range inject.VolumeMounts {
 				if _, collision := existing[vm.MountPath]; collision {
-					l.Warn("Volume mount with the same mount path already exists => skipping...",
+					l.Warn("Volume mount with the same mount path already exists in the container => skipping...",
 						zap.String("container", c.Name),
 						zap.String("mountPath", vm.MountPath),
 					)
 					continue
 				}
 
-				l.Info("Injecting volume mount",
+				l.Info("Injecting volume mount into the container",
 					zap.String("container", c.Name),
 					zap.String("volumeMount", vm.Name),
 				)