From 402bbe5c7d1b3c0b2d068e5983fb3ff2f1aa0962 Mon Sep 17 00:00:00 2001
From: Roman Bednar <rbednar@redhat.com>
Date: Fri, 28 Jun 2024 14:11:51 +0200
Subject: [PATCH] UPSTREAM: <carry>: Add OpenShift files

Additional changes:
- remove .github files
- add .snyk file
---
 .ci-operator.yaml                     |  4 ++
 .github/ISSUE_TEMPLATE/bug-report.md  | 29 ------------
 .github/ISSUE_TEMPLATE/enhancement.md | 18 --------
 .github/ISSUE_TEMPLATE/support.md     | 15 ------
 .github/PULL_REQUEST_TEMPLATE.md      | 66 ---------------------------
 .github/dependabot.yaml               | 39 ----------------
 .github/workflows/codeql-analysis.yml | 66 ---------------------------
 .github/workflows/codespell.yml       | 16 -------
 .github/workflows/darwin.yaml         | 21 ---------
 .github/workflows/linux.yaml          | 36 ---------------
 .github/workflows/pluto.yaml          | 25 ----------
 .github/workflows/shellcheck.yaml     | 29 ------------
 .github/workflows/static.yaml         | 19 --------
 .github/workflows/trivy.yaml          | 40 ----------------
 .github/workflows/windows.yaml        | 39 ----------------
 .snyk                                 |  7 +++
 Dockerfile.openshift                  | 13 ++++++
 OWNERS                                | 10 +---
 OWNERS_ALIASES                        |  9 ++++
 19 files changed, 35 insertions(+), 466 deletions(-)
 create mode 100644 .ci-operator.yaml
 delete mode 100644 .github/ISSUE_TEMPLATE/bug-report.md
 delete mode 100644 .github/ISSUE_TEMPLATE/enhancement.md
 delete mode 100644 .github/ISSUE_TEMPLATE/support.md
 delete mode 100644 .github/PULL_REQUEST_TEMPLATE.md
 delete mode 100644 .github/dependabot.yaml
 delete mode 100644 .github/workflows/codeql-analysis.yml
 delete mode 100644 .github/workflows/codespell.yml
 delete mode 100644 .github/workflows/darwin.yaml
 delete mode 100644 .github/workflows/linux.yaml
 delete mode 100644 .github/workflows/pluto.yaml
 delete mode 100644 .github/workflows/shellcheck.yaml
 delete mode 100644 .github/workflows/static.yaml
 delete mode 100644 .github/workflows/trivy.yaml
 delete mode 100644 .github/workflows/windows.yaml
 create mode 100644 .snyk
 create mode 100644 Dockerfile.openshift
 create mode 100644 OWNERS_ALIASES

diff --git a/.ci-operator.yaml b/.ci-operator.yaml
new file mode 100644
index 0000000000..7c15f83e3e
--- /dev/null
+++ b/.ci-operator.yaml
@@ -0,0 +1,4 @@
+build_root_image:
+  name: release
+  namespace: openshift
+  tag: rhel-9-release-golang-1.23-openshift-4.19
diff --git a/.github/ISSUE_TEMPLATE/bug-report.md b/.github/ISSUE_TEMPLATE/bug-report.md
deleted file mode 100644
index acb432d207..0000000000
--- a/.github/ISSUE_TEMPLATE/bug-report.md
+++ /dev/null
@@ -1,29 +0,0 @@
----
-name: Bug Report
-about: Create a report to help us improve this project
-
----
-
-<!-- Please use this template while reporting a bug and provide as much info as possible. Not doing so may result in your bug not being addressed in a timely manner. Thanks!
--->
-
-
-**What happened**:
-
-**What you expected to happen**:
-
-**How to reproduce it**:
-
-**Anything else we need to know?**:
-
-**Environment**:
-<!-- 
-*Run following command to get CSI driver version:
-kubectl get po -n kube-system -o yaml | grep mcr | grep azurefile
--->
-- CSI Driver version:
-- Kubernetes version (use `kubectl version`):
-- OS (e.g. from /etc/os-release):
-- Kernel (e.g. `uname -a`):
-- Install tools:
-- Others:
diff --git a/.github/ISSUE_TEMPLATE/enhancement.md b/.github/ISSUE_TEMPLATE/enhancement.md
deleted file mode 100644
index a9d33a2af0..0000000000
--- a/.github/ISSUE_TEMPLATE/enhancement.md
+++ /dev/null
@@ -1,18 +0,0 @@
----
-name: Enhancement Request
-about: Suggest an idea for this project
-
----
-
-
-**Is your feature request related to a problem?/Why is this needed**
-<!-- A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] -->
-
-**Describe the solution you'd like in detail**
-<!-- A clear and concise description of what you want to happen. -->
-
-**Describe alternatives you've considered**
-<!-- A clear and concise description of any alternative solutions or features you've considered. -->
-
-**Additional context**
-<!-- Add any other context or screenshots about the feature request here. -->
diff --git a/.github/ISSUE_TEMPLATE/support.md b/.github/ISSUE_TEMPLATE/support.md
deleted file mode 100644
index 28d30caacd..0000000000
--- a/.github/ISSUE_TEMPLATE/support.md
+++ /dev/null
@@ -1,15 +0,0 @@
----
-name: Support Request
-about: Ask questions about this project
-
----
-
-<!-- 
-STOP -- PLEASE READ!
-
-GitHub is not the right place for support requests.
-
-If you're looking for help, post your question on the [Kubernetes Slack ](http://slack.k8s.io/) Sig-AZURE Channel.
-
-If the matter is security related, please disclose it privately via https://kubernetes.io/security/.
--->
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
deleted file mode 100644
index 238d8e4f59..0000000000
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ /dev/null
@@ -1,66 +0,0 @@
-<!--  Thanks for sending a pull request!  Here are some tips for you:
-
-1. If this is your first time, please read our contributor guidelines: https://git.k8s.io/community/contributors/guide#your-first-contribution and developer guide https://git.k8s.io/community/contributors/devel/development.md#development-guide
-2. Please label this pull request according to what type of issue you are addressing, especially if this is a release targeted pull request. For reference on required PR/issue labels, read here:
-https://git.k8s.io/community/contributors/devel/release.md#issue-kind-label
-3. Ensure you have added or ran the appropriate tests for your PR: https://git.k8s.io/community/contributors/devel/testing.md
-4. If you want *faster* PR reviews, read how: https://git.k8s.io/community/contributors/guide/pull-requests.md#best-practices-for-faster-reviews
-5. Follow the instructions for writing a release note: https://git.k8s.io/community/contributors/guide/release-notes.md
-6. If the PR is unfinished, see how to mark it: https://git.k8s.io/community/contributors/guide/pull-requests.md#marking-unfinished-pull-requests
--->
-
-**What type of PR is this?**
-
-<!--
-Add one of the following kinds:
-/kind bug
-/kind cleanup
-/kind documentation
-/kind feature
-/kind test
-/kind design
-
-Optionally add one or more of the following kinds if applicable:
-/kind api-change
-/kind deprecation
-/kind failing-test
-/kind flake
-/kind regression
--->
-
-**What this PR does / why we need it**:
-
-**Which issue(s) this PR fixes**:
-<!-- 
-*Automatically closes linked issue when PR is merged.
-Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`.
-_If PR is about `failing-tests or flakes`, please post the related issues/tests in a comment and do not use `Fixes`_*
--->
-Fixes #
-
-**Requirements**:
-- [ ] uses [conventional commit messages](https://www.conventionalcommits.org/)
-  <!-- Common commit types:
-        build: Build 🏭
-        chore: Maintenance 🔧
-        ci: Continuous Integration 💜
-        docs: Documentation 📘
-        feat: Features 🌈
-        fix: Bug Fixes 🐞
-        perf: Performance Improvements 🚀
-        refactor: Code Refactoring 💎
-        revert: Revert Change ◀️
-        style: Code Style 🎶
-        security: Security Fix 🛡️
-        test: Testing 💚 -->
-- [ ] includes documentation
-- [ ] adds unit tests
-- [ ] tested upgrade from previous version
-
-**Special notes for your reviewer**:
-
-
-**Release note**:
-```
-none
-```
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
deleted file mode 100644
index c02428d11f..0000000000
--- a/.github/dependabot.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-version: 2
-updates:
-- package-ecosystem: gomod
-  directory: "/"
-  schedule:
-    interval: daily
-  labels:
-    - "area/dependency"
-    - "release-note-none"
-    - "ok-to-test"
-  open-pull-requests-limit: 2
-  groups:
-    k8s:
-      applies-to: version-updates
-      patterns:
-      - "k8s.io*"
-      update-types:
-      - "patch"
-      - "minor"
-- package-ecosystem: "github-actions"
-  directory: "/"
-  schedule:
-      interval: "daily"
-  labels:
-    - "area/dependency"
-    - "release-note-none"
-    - "ok-to-test"
-  open-pull-requests-limit: 2
-- package-ecosystem: "docker"
-  directory: "/pkg/azurefileplugin/"
-  schedule:
-    interval: "daily"
-    time: "01:00"
-    timezone: "Asia/Shanghai"
-  labels:
-    - "area/dependency"
-    - "release-note-none"
-    - "ok-to-test"
-    - "kind/cleanup"
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
deleted file mode 100644
index 162131cc52..0000000000
--- a/.github/workflows/codeql-analysis.yml
+++ /dev/null
@@ -1,66 +0,0 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
-name: "CodeQL"
-
-on:
-  push:
-    branches: [ master, 'release-**' ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ master, 'release-**' ]
-  schedule:
-    - cron: '0 */24 * * *'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'go' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://git.io/codeql-language-support
-
-    steps:
-    - name: Set up Go 1.x
-      uses: actions/setup-go@v5
-      with:
-        go-version: ^1.18
-      id: go
-
-    - name: Checkout repository
-      uses: actions/checkout@v4
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      run: |
-        make all
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml
deleted file mode 100644
index 8b802001df..0000000000
--- a/.github/workflows/codespell.yml
+++ /dev/null
@@ -1,16 +0,0 @@
-# GitHub Action to automate the identification of common misspellings in text files.
-# https://github.com/codespell-project/actions-codespell
-# https://github.com/codespell-project/codespell
-name: codespell
-on: [push, pull_request]
-jobs:
-  codespell:
-    name: Check for spelling errors
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: codespell-project/actions-codespell@master
-        with:
-          check_filenames: true
-          skip: ./.git,./.github/workflows/codespell.yml,.git,*.png,*.jpg,*.svg,*.sum,./vendor,go.sum,crd-csi-snapshot-ga.yaml,crd-csi-snapshot.yaml
-          ignore_words_list: "AKS,aks,complies,ro,NotIn"
diff --git a/.github/workflows/darwin.yaml b/.github/workflows/darwin.yaml
deleted file mode 100644
index 663304e626..0000000000
--- a/.github/workflows/darwin.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-name: MacOS Build & Unit Test
-on:
-    pull_request: {}
-    push: {}
-jobs:
-  build:
-    name: Build
-    runs-on: macos-latest
-    steps:
-      - name: Set up Go 1.x
-        uses: actions/setup-go@v5
-        with:
-          go-version: ^1.16
-        id: go
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v4
-      - name: Build Test
-        run: |
-          make azurefile-darwin
-      - name: Run unit tests on MacOS
-        run: go test -v -race ./pkg/...
diff --git a/.github/workflows/linux.yaml b/.github/workflows/linux.yaml
deleted file mode 100644
index f4680f0607..0000000000
--- a/.github/workflows/linux.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-name: Ubuntu Build & Unit Test
-
-on:
-    pull_request: {}
-    push: {}
-
-jobs:
-
-  build:
-    name: Build
-    runs-on: ubuntu-latest
-    steps:
-
-    - name: Set up Go 1.x
-      uses: actions/setup-go@v5
-      with:
-        go-version: ^1.16
-      id: go
-
-    - name: Check out code into the Go module directory
-      uses: actions/checkout@v4
-
-    - name: Build Test
-      run: |
-        make
-
-    - name: Unit Test
-      run: go test -race -covermode=atomic -coverprofile=profile.cov ./pkg/...
-
-    - name: Install goveralls
-      run: go install github.com/mattn/goveralls@latest
-
-    - name: Send coverage
-      env:
-        COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      run: goveralls -coverprofile=profile.cov -service=github
diff --git a/.github/workflows/pluto.yaml b/.github/workflows/pluto.yaml
deleted file mode 100644
index 48714f2f51..0000000000
--- a/.github/workflows/pluto.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-name: k8s api version check
-on:
-    pull_request: {}
-    push: {}
-
-jobs:
-
-  build:
-    name: Build
-    runs-on: ubuntu-latest
-    steps:
-
-    - name: Checkout
-      uses: actions/checkout@v4
-
-    - name: Download pluto
-      uses: FairwindsOps/pluto/github-action@master
-
-    - name: Check deploy folder
-      run: |
-        pluto detect-files -d deploy --ignore-deprecations --ignore-removals
-
-    - name: Check example folder
-      run: |
-        pluto detect-files -d deploy/example
diff --git a/.github/workflows/shellcheck.yaml b/.github/workflows/shellcheck.yaml
deleted file mode 100644
index 716f2f7d4a..0000000000
--- a/.github/workflows/shellcheck.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-name: ShellCheck
-on:
-  push:
-    tags:
-      - v*
-    branches:
-      - master
-      - release-*
-  pull_request:
-    branches:
-      - master
-      - release-*
-
-jobs:
-  shellcheck:
-    name: Shellcheck
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - name: Run ShellCheck
-      uses: ludeeus/action-shellcheck@master
-      env:
-         SHELLCHECK_OPTS: -e SC2034
-      with:
-        severity: warning
-        check_together: 'yes'
-        disable_matcher: false
-        ignore_paths: vendor release-tools hack
-        format: gcc
diff --git a/.github/workflows/static.yaml b/.github/workflows/static.yaml
deleted file mode 100644
index 6336054b56..0000000000
--- a/.github/workflows/static.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-name: Static Checks
-on:
-    pull_request: {}
-    push: {}
-jobs:
-    go_lint:
-        name: Go Lint
-        runs-on: ubuntu-latest
-        steps:
-            - name: Set up Go 1.x
-              uses: actions/setup-go@v5
-              with:
-                go-version: 1.23.0
-            - uses: actions/checkout@master
-            - name: Run linter
-              uses: golangci/golangci-lint-action@v6
-              with:
-                  version: v1.60
-                  args: -E=gofmt,unused,ineffassign,revive,misspell,copyloopvar,asciicheck,bodyclose,depguard,dogsled,dupl,durationcheck,errname,forbidigo -D=staticcheck --timeout=30m0s
diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
deleted file mode 100644
index 1099fc221c..0000000000
--- a/.github/workflows/trivy.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-name: Trivy vulnerability scanner
-on:
-  push:
-    branches:
-      - master
-  pull_request:
-jobs:
-  build:
-    name: Build
-    runs-on: ubuntu-latest
-    steps:
-      - name: Set up Go 1.x
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.23.1
-        id: go
-
-      - name: Checkout code
-        uses: actions/checkout@v4
-      
-      - name: Build an image from Dockerfile
-        run: |
-          export PUBLISH=true
-          export REGISTRY=test
-          export IMAGE_VERSION=latest
-          export DOCKER_CLI_EXPERIMENTAL=enabled
-          make container
-
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
-        env:
-          TRIVY_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-db:2"
-        with:
-          image-ref: 'test/azurefile-csi:latest'
-          format: 'table'
-          exit-code: '1'
-          ignore-unfixed: true
-          vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH,MEDIUM,LOW,UNKNOWN'
-
diff --git a/.github/workflows/windows.yaml b/.github/workflows/windows.yaml
deleted file mode 100644
index 1c09f5cd76..0000000000
--- a/.github/workflows/windows.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-name: Windows Build & Unit Test
-
-on:
-    pull_request: {}
-    push: {}
-
-jobs:
-  build:
-    strategy:
-      matrix:
-        go-versions: [1.16.x]
-        platform: [windows-latest]
-    runs-on: ${{ matrix.platform }}
-    steps:
-      - name: Set up Go 1.x
-        uses: actions/setup-go@v5
-        with:
-          go-version: ^1.16
-        id: go
-      - name: Checkout code
-        uses: actions/checkout@v4
-      - name: Build
-        run: |
-          go build -a -o _output/azurefileplugin.exe ./pkg/azurefileplugin    
-      - name: Run Windows Unit Tests
-        run: |
-          # start the CSI Proxy before running tests on windows
-          Start-Job -Name CSIProxy -ScriptBlock {
-            Invoke-WebRequest https://acs-mirror.azureedge.net/csi-proxy/v1.1.1./binaries/csi-proxy-v1.1.1.tar.gz -OutFile csi-proxy.tar.gz;
-            tar -xvf csi-proxy.tar.gz
-            .\bin\csi-proxy.exe --kubelet-path $pwd --v=5
-          };
-
-          Start-Sleep -Seconds 30;
-
-          Write-Output "getting named pipes"
-          [System.IO.Directory]::GetFiles("\\.\\pipe\\")
-
-          go test -v -race ./pkg/...
diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000000..3549f9a096
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,7 @@
+# References:
+# https://docs.snyk.io/scan-applications/snyk-code/using-snyk-code-from-the-cli/excluding-directories-and-files-from-the-snyk-code-cli-test
+# https://docs.snyk.io/snyk-cli/commands/ignore
+exclude:
+  global:
+    - vendor/**
+    - hack/boilerplate/boilerplate.py
diff --git a/Dockerfile.openshift b/Dockerfile.openshift
new file mode 100644
index 0000000000..73f7fcf1cc
--- /dev/null
+++ b/Dockerfile.openshift
@@ -0,0 +1,13 @@
+FROM registry.ci.openshift.org/ocp/builder:rhel-9-golang-1.23-openshift-4.19 AS builder
+WORKDIR /go/src/github.com/openshift/azure-file-csi-driver
+COPY . .
+RUN make azurefile ARCH=$(go env GOARCH) && cp _output/$(go env GOARCH)/azurefileplugin .
+
+# Use base image with azcopy installed
+FROM registry.ci.openshift.org/ocp/4.19:azure-storage-azcopy-base
+COPY --from=builder /go/src/github.com/openshift/azure-file-csi-driver/azurefileplugin /bin/azurefileplugin
+RUN yum install -y cifs-utils util-linux nfs-utils e2fsprogs xfsprogs ca-certificates && yum clean all && rm -rf /var/cache/yum
+
+LABEL description="Azure File CSI Driver"
+
+ENTRYPOINT ["/bin/azurefileplugin"]
diff --git a/OWNERS b/OWNERS
index a5bee233c3..660fd9dbd4 100644
--- a/OWNERS
+++ b/OWNERS
@@ -1,9 +1,3 @@
-reviewers:
-- andyzhangx
-- ZeroMagic
-- gnufied
-- cvvz
-
 approvers:
-- andyzhangx
-- feiskyer
+- openshift-storage-maintainers
+component: "Storage / Kubernetes External Components"
diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES
new file mode 100644
index 0000000000..d9406d6c04
--- /dev/null
+++ b/OWNERS_ALIASES
@@ -0,0 +1,9 @@
+aliases:
+  openshift-storage-maintainers:
+    - bertinatto
+    - gnufied
+    - dobsonj
+    - jsafrane
+    - tsmetana
+    - RomanBednar
+    - mpatlasov