Connectors CSI Driver
TOC
Overview
The Connectors CSI Driver is a storage driver implemented based on the Container Storage Interface (CSI) specification. It can mount configurations from the Connector as volumes into Kubernetes workloads. Key features include:
- Mounting configuration files from the Connector into Pods
- Supporting dynamic variable rendering in configuration files to automatically inject runtime information
- Supporting the simultaneous mounting of multiple configuration files
All configuration data comes from the ConnectorClass configuration associated with the Connector.
Quick Start
1. Create a ConnectorClass
First, create a ConnectorClass that includes Git configuration:
2. Create a Connector
Then, create a Connector that connects to GitHub:
3. Create a Pod Using the CSI Driver
Create a Pod that mounts the configuration:
Verify the mounted files:
Built-in Configurations
The CSI Driver automatically provides built-in configuration files that are always mounted into Pods.
Available Files
| File Name | Description |
|---|---|
context.token | Authentication token for the proxy service |
connector.status.proxyAddress | Proxy address (see connectors-proxy) |
http.proxy | Forward proxy URL with authentication for HTTP |
https.proxy | Forward proxy URL with authentication for HTTPS |
context.proxy.caCert | CA certificate for the connectors proxy |
Usage Examples
Forward proxy (if supported by your CLI and ConnectorClass):
Reverse proxy (if supported by your ConnectorClass):
CSI Volume Parameters
Volume Parameters
| Parameter | Required | Description |
|---|---|---|
| readOnly | Yes | Must be true |
| driver | Yes | Must be connectors-csi |
Volume Attributes
| Parameter | Required | Description |
|---|---|---|
| connector.name | Yes | Connector name |
| connector.namespace | No | Connector namespace (defaults to Pod's namespace) |
| configuration.names | No | Comma-separated configuration names (e.g., config1,config2), the configuration names are the names of the configurations in the ConnectorClass |
| token.expiration | No | Token expiration time (default: 30m) |
Examples
Mount a single configuration:
Mount multiple configurations:
Notes:
- If
configuration.namesis omitted, only built-in configurations are mounted - When multiple configurations contain files with the same name, later configurations overwrite earlier ones
Configuration File Rendering
The CSI Driver performs variable rendering when mounting configuration files, using Go template syntax.
Available Variables
| Variable | Description |
|---|---|
.connector.status.proxyAddress | Proxy address of the Connector; refer to connectors-proxy |
.connector.spec.* | Spec of the Connector, you can get all fields of the Connector Spec, eg. .connector.spec.address or .connector.spec.params |
.context.token | Authentication token for accessing the proxy service |
.context.proxy.caCert | CA certificate for accessing the connectors proxy (forward proxy); refer to connectors-proxy |
Built-in Functions
Refer to sprig for supported functions
For example: b64enc: Base64 encoding of a string
About the Proxy Service
Connectors provide a proxy service for each Connector, allowing clients to access target resources without needing to store the original credentials. For more details, please refer to connectors-proxy.
Configuration examples
Constant content
Using connector.spec.params
The following ConnectorClass defines a parameter sslVerify to control the SSL verification during git clone.
Using proxy service and token
The following ConnectorClass provides a file named .gitconfig, which automatically injects headers and replaces the git URL during git clone by using the proxy service and token.