Add support for emptydir rw access and e2e testing

[skonto]

Part of the work in #11664.

• adds an e2e test that serves data in an emptyDir volume. Test run here. It will be run along with the rest when the feature is on by default.
• allows rw access to emptyDir volumes only (extends logic to allow more types of volumes eg. pvc in the future).

/cc @julz @dprotaso @markusthoemmes @nak3

[codecov]

Codecov Report

Merging #11705 (3b17ad7) into main (11abffd) will increase coverage by 0.02%.
The diff coverage is 80.00%.

@@            Coverage Diff             @@
##             main   #11705      +/-   ##
==========================================
+ Coverage   87.80%   87.83%   +0.02%     
==========================================
  Files         190      190              
  Lines        9275     9279       +4     
==========================================
+ Hits         8144     8150       +6     
  Misses        878      878              
+ Partials      253      251       -2     

Impacted Files	Coverage Δ
pkg/apis/serving/v1/revision_defaults.go	97.05% <60.00%> (-2.95%)	⬇️
pkg/apis/serving/k8s_validation.go	96.12% <100.00%> (ø)
pkg/autoscaler/statforwarder/leases.go	78.41% <0.00%> (+1.43%)	⬆️
pkg/reconciler/configuration/configuration.go	86.15% <0.00%> (+1.53%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 11abffd...3b17ad7. Read the comment docs.

[skonto]

/retest

[skonto]

/assign @dprotaso

[julz]

the variable is called nonReadOnlyVolumes, but it seems like it actually contains nonEmptyDirVolumes. When we actually use it we end up negating it again (!nonReadOnlyValumes.Has(..)) which is a lot of negations for my mind to follow and confused me a bit: maybe this could be emptyDirVolumes or allowedReadWriteVolumes or something like that?

[julz]

(see suggested alternative approach in 3rd comment though which makes this comment and the next redundant if it works!)

[skonto]

I can change the name but the var contains only emptyDirs as they are the only ones which are supported and can have rw access. At least this is the intention here.

but it seems like it actually contains nonEmptyDirVolumes

Don't parse this part. Could you explain a bit more?

[julz]

since we have two sets.String in the return section now I'd probably add variable names for them and maybe add to the method comment to indicate what each is

[skonto]

Yes ok.

[julz]

thinking out loud: a nice alternative approach might be to make the return value of this method a map[string]corev1.Volume (rather than two sets.Strings each with different semantics, which is maybe a bit unwieldy and slightly hard to document). The volume.EmptyDir != nil in this method would then not be needed at all, and in validateVolumeMounts you could do: if volumes[vm.Name].EmptyDir != nil && !vm.ReadOnly (which means the logic would only be in only one place).

[skonto]

Yeah I also thought of returning volumes instead or some data structure but didnt want to change the signature for existing code (less changes).

[julz]

Right but we have to change the signature anyway since we pass two sets.Strings around everywhere now?

[skonto]

Yes but didnt touch some other parts though eg. accessing the first string set stayed the same. Anyway I can take a look and refactor it ;)

[julz]

Heheheh yeah, worth a go anyway I think since it'd move all the logic to one place and avoid having two pass two things up and down the stack

[julz]

probably worth a unit test for the new behaviour here too I think

[skonto]

Yes we can cover more cases there by adding a test case field.

[julz]

nice! lgtm bar a formatting nit in the tests and I think it's probably worth logging the errors in the test image in this case

[julz]

total nit, but I think for consistency the formatting here should be:

Suggested change

	volumes: map[string]corev1.Volume{
	"the-name": {
	Name: "the-name",
	VolumeSource: corev1.VolumeSource{
	ConfigMap: &corev1.ConfigMapVolumeSource{
	LocalObjectReference: corev1.LocalObjectReference{
	Name: "test-cm",
	}},
	},
	}},
	volumes: map[string]corev1.Volume{
	"the-name": {
	Name: "the-name",
	VolumeSource: corev1.VolumeSource{
	ConfigMap: &corev1.ConfigMapVolumeSource{
	LocalObjectReference: corev1.LocalObjectReference{
	Name: "test-cm",
	},
	},
	},
	},
	},

(basically line the braces up under the first column of where the opening brace is)

[skonto]

ok

[julz]

I dont think we actually try reading/writing to this, but I guess we just want to test the validation allows this since we tested read/write on the other volume?

[skonto]

Yes to show that we can have multiple ones.

[julz]

worth logging the error here, since it may help with debugging if e.g. the volume was mounted read-only?

[skonto]

Ok let me add that

[skonto]

/assign @julz

[julz]

/lgtm
/approve

nice, thanks @skonto!

[knative-prow-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: julz, skonto

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• pkg/apis/OWNERS [julz]
• test/OWNERS [julz]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment