Support interpolated snapshot tags

charts/aws-ebs-csi-driver/templates/controller.yaml

@@ -268,6 +268,9 @@ spec:
           args:
             - --csi-address=$(ADDRESS)
             - --leader-election=true
+            {{- if .Values.controller.extraCreateMetadata }}
+            - --extra-create-metadata
+            {{- end}}
           env:
             - name: ADDRESS
               value: /var/lib/csi/sockets/pluginproxy/csi.sock

deploy/kubernetes/base/controller.yaml

@@ -184,6 +184,7 @@ spec:
           args:
             - --csi-address=$(ADDRESS)
             - --leader-election=true
+            - --extra-create-metadata
           env:
             - name: ADDRESS
               value: /var/lib/csi/sockets/pluginproxy/csi.sock

docs/tagging.md

@@ -96,6 +96,40 @@ backup=true
 billingID=ABCDEF
 ```
 
+# Snapshot Tagging
+The AWS EBS CSI Driver supports tagging snapshots through `VolumeSnapshotClass.parameters`, similarly to StorageClass tagging.
+
+The CSI driver supports runtime string interpolation on the snapshot tag values. You can specify placeholders for VolumeSnapshot namespace, VolumeSnapshot name and VolumeSnapshotContent name, which will then be dynamically computed at runtime. You can also use the functions provided by the CSI Driver to apply more expressive tags. **Note: Interpolated tags require the `--extra-create-metadata` flag to be enabled on the `external-snapshotter` sidecar.**
+
+**Example**
+```
+apiVersion: snapshot.storage.k8s.io/v1
+kind: VolumeSnapshotClass
+metadata:
+  name: csi-aws-vsc
+driver: ebs.csi.aws.com
+deletionPolicy: Delete
+parameters:
+  tagSpecification_1: "key1=value1"
+  tagSpecification_2: "key2="
+  # Interpolated tag
+  tagSpecification_3: "snapshotnamespace={{ .VolumeSnapshotNamespace }}"
+  tagSpecification_4: "snapshotname={{ .VolumeSnapshotName }}"
+  tagSpecification_5: "snapshotcontentname={{ .VolumeSnapshotContentName }}"
+  # Interpolated tag w/ function
+  tagSpecification_6: 'key6={{ .VolumeSnapshotNamespace | contains "prod" }}'
+```
+
+Provisioning a snapshot in namespace 'ns-prod' with `VolumeSnapshot` name being 'ebs-snapshot' using this VolumeSnapshotClass, will apply the following tags to the snapshot:
+
+```
+key1=value1
+key2=<empty string>
+snapshotnamespace=ns-prod
+snapshotname=ebs-snapshot
+snapshotcontentname=<the computed VolumeSnapshotContent name>
+key6=true
+```
 ____
 
 ## Failure Modes

pkg/driver/constants.go

@@ -69,6 +69,16 @@ const (
 	// provisioned volume
 	PVNameKey = "csi.storage.k8s.io/pv/name"
 
+	// VolumeSnapshotNameKey contains name of the snapshot
+	VolumeSnapshotNameKey = "csi.storage.k8s.io/volumesnapshot/name"
+
+	// VolumeSnapshotNamespaceKey contains namespace of the snapshot
+	VolumeSnapshotNamespaceKey = "csi.storage.k8s.io/volumesnapshot/namespace"
+
+	// VolumeSnapshotCotentNameKey contains name of the VolumeSnapshotContent that is the source
+	// for the snapshot
+	VolumeSnapshotContentNameKey = "csi.storage.k8s.io/volumesnapshotcontent/name"
+
 	// BlockExpressKey increases the iops limit for io2 volumes to the block express limit
 	BlockExpressKey = "blockexpress"
 

pkg/driver/controller.go

@@ -135,7 +135,7 @@ func (d *controllerService) CreateVolume(ctx context.Context, req *csi.CreateVol
 		blockSize string
 	)
 
-	tProps := new(template.Props)
+	tProps := new(template.PVProps)
 
 	for key, value := range req.GetParameters() {
 		switch strings.ToLower(key) {
@@ -605,15 +605,25 @@ func (d *controllerService) CreateSnapshot(ctx context.Context, req *csi.CreateS
 	}
 
 	var vscTags []string
+	vsProps := new(template.VolumeSnapshotProps)
 	for key, value := range req.GetParameters() {
-		if strings.HasPrefix(key, TagKeyPrefix) {
-			vscTags = append(vscTags, value)
-		} else {
-			return nil, status.Errorf(codes.InvalidArgument, "Invalid parameter key %s for CreateSnapshot", key)
+		switch key {
+		case VolumeSnapshotNameKey:
+			vsProps.VolumeSnapshotName = value
+		case VolumeSnapshotNamespaceKey:
+			vsProps.VolumeSnapshotNamespace = value
+		case VolumeSnapshotContentNameKey:
+			vsProps.VolumeSnapshotContentName = value
+		default:
+			if strings.HasPrefix(key, TagKeyPrefix) {
+				vscTags = append(vscTags, value)
+			} else {
+				return nil, status.Errorf(codes.InvalidArgument, "Invalid parameter key %s for CreateSnapshot", key)
+			}
 		}
 	}
 
-	addTags, err := template.Evaluate(vscTags, nil, d.driverOptions.warnOnInvalidTag)
+	addTags, err := template.Evaluate(vscTags, vsProps, d.driverOptions.warnOnInvalidTag)
 	if err != nil {
 		return nil, status.Errorf(codes.InvalidArgument, "Error interpolating the tag value: %v", err)
 	}

pkg/util/template/template.go

@@ -8,13 +8,19 @@ import (
 	"k8s.io/klog/v2"
 )
 
-type Props struct {
+type PVProps struct {
 	PVCName      string
 	PVCNamespace string
 	PVName       string
 }
 
-func Evaluate(tm []string, props *Props, warnOnly bool) (map[string]string, error) {
+type VolumeSnapshotProps struct {
+	VolumeSnapshotName        string
+	VolumeSnapshotNamespace   string
+	VolumeSnapshotContentName string
+}
+
+func Evaluate(tm []string, props interface{}, warnOnly bool) (map[string]string, error) {
 	md := make(map[string]string)
 	for _, s := range tm {
 		st := strings.SplitN(s, "=", 2)
@@ -39,7 +45,7 @@ func Evaluate(tm []string, props *Props, warnOnly bool) (map[string]string, erro
 	return md, nil
 }
 
-func execTemplate(value string, props *Props, t *template.Template) (string, error) {
+func execTemplate(value string, props interface{}, t *template.Template) (string, error) {
 	tmpl, err := t.Parse(value)
 	if err != nil {
 		return "", err

pkg/util/template/template_test.go

@@ -189,7 +189,7 @@ func TestEvaluate(t *testing.T) {
 	for _, tc := range testCases {
 		t.Run(tc.name, func(t *testing.T) {
 
-			props := &Props{
+			props := &PVProps{
 				PVCName:      tc.pvcName,
 				PVCNamespace: tc.pvcNamespace,
 				PVName:       tc.pvName,
@@ -212,3 +212,144 @@ func TestEvaluate(t *testing.T) {
 		})
 	}
 }
+
+func TestEvaluateVolumeSnapshotTemplate(t *testing.T) {
+	testCases := []struct {
+		name                      string
+		input                     []string
+		volumeSnapshotName        string
+		volumeSnapshotNamespace   string
+		volumeSnapshotContentName string
+		warnOnly                  bool
+		expectErr                 bool
+		expectedTags              map[string]string
+	}{
+		{
+			name: "simple substitution",
+			input: []string{
+				"key1={{ .VolumeSnapshotName }}",
+				"key2={{ .VolumeSnapshotNamespace }}",
+				"key3={{ .VolumeSnapshotContentName }}",
+			},
+			volumeSnapshotName:        "ebs-vs",
+			volumeSnapshotNamespace:   "default",
+			volumeSnapshotContentName: "ebs-vs-content-012345",
+			expectedTags: map[string]string{
+				"key1": "ebs-vs",
+				"key2": "default",
+				"key3": "ebs-vs-content-012345",
+			},
+		},
+		{
+			name: "template parsing error",
+			input: []string{
+				"key1={{ .VolumeSnapshotName }",
+			},
+			expectErr: true,
+		},
+		{
+			name: "template parsing error warn only",
+			input: []string{
+				"key1={{ .VolumeSnapshotName }",
+				"key2={{ .VolumeSnapshotNamespace }}",
+			},
+			volumeSnapshotName:      "ebs-vs",
+			volumeSnapshotNamespace: "default",
+			warnOnly:                true,
+			expectedTags: map[string]string{
+				"key2": "default",
+			},
+		},
+		{
+			name: "test unsupported func - returns error",
+			input: []string{
+				`backup={{ .VolumeSnapshotNamespace | html }}`,
+			},
+			volumeSnapshotNamespace: "ns-prod",
+			expectErr:               true,
+		},
+		{
+			name: "test function - contains",
+			input: []string{
+				`backup={{ .VolumeSnapshotNamespace | contains "prod" }}`,
+			},
+			volumeSnapshotNamespace: "ns-prod",
+			expectedTags: map[string]string{
+				"backup": "true",
+			},
+		},
+		{
+			name: "test function - toUpper",
+			input: []string{
+				`backup={{ .VolumeSnapshotNamespace | toUpper }}`,
+			},
+			volumeSnapshotNamespace: "ns-prod",
+			expectedTags: map[string]string{
+				"backup": "NS-PROD",
+			},
+		},
+		{
+			name: "test function - toLower",
+			input: []string{
+				`backup={{ .VolumeSnapshotNamespace | toLower }}`,
+			},
+			volumeSnapshotNamespace: "ns-PROD",
+			expectedTags: map[string]string{
+				"backup": "ns-prod",
+			},
+		},
+		{
+			name: "test function - field",
+			input: []string{
+				`backup={{ .VolumeSnapshotNamespace | field "-" 1 }}`,
+			},
+			volumeSnapshotNamespace: "ns-prod-default",
+			expectedTags: map[string]string{
+				"backup": "prod",
+			},
+		},
+		{
+			name: "test function - substring",
+			input: []string{
+				`key1={{ .VolumeSnapshotNamespace | substring 0 4 }}`,
+			},
+			volumeSnapshotNamespace: "prod-12345",
+			expectedTags: map[string]string{
+				"key1": "prod",
+			},
+		},
+		{
+			name: "field returns error",
+			input: []string{
+				`key1={{ .VolumeSnapshotNamespace | field "-" 1 }}`,
+			},
+			expectErr: true,
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+
+			props := &VolumeSnapshotProps{
+				VolumeSnapshotName:        tc.volumeSnapshotName,
+				VolumeSnapshotNamespace:   tc.volumeSnapshotNamespace,
+				VolumeSnapshotContentName: tc.volumeSnapshotContentName,
+			}
+
+			tags, err := Evaluate(tc.input, props, tc.warnOnly)
+
+			if tc.expectErr {
+				if err == nil {
+					t.Fatalf("expected an error; got nil")
+				}
+			} else {
+				if err != nil {
+					t.Fatalf("err is not nil; err = %v", err)
+				}
+				if diff := cmp.Diff(tc.expectedTags, tags); diff != "" {
+					t.Fatalf("tags are different; diff = %v", diff)
+				}
+			}
+		})
+	}
+}