= Create SharedVolume

== Resources
- [1] AWS EFS Operator: https://github.com/openshift/aws-efs-operator
- [2] AWS EFS Operator Installation/Configuration: https://access.redhat.com/articles/5025181

=== Creating the SharedVolume
The `communishift` ansible role will create the AWS EFS filesystem and accesspoint, and then creates a Secret called `communishift-project-name-efs-credentials` in the tenants project. The structure of the secret is as follows:

----
data:
  efs_filesystem_id: "fsap-xxxxxxxx"
  efs_accesspoint_id: "fs-xxxxxxxxxx"
----

The values are base64 encoded, to retrieve the values do the following:

----
oc get secret communishift-project-name-efs-credentials -o jsonpath="{.data['efs_accesspoint_id']}" | base64 -d
oc get secret communishift-project-name-efs-credentials -o jsonpath="{.data['efs_filesystem_id']}" | base64 -d
----

Next create a yaml file and populate the values for the `accessPointID` and the `fileSystemID`.

----
apiVersion: aws-efs.managed.openshift.io/v1alpha1
kind: SharedVolume
metadata:
  name: PROJECTNAME-sharedvolume
  namespace: PROJECTNAME
spec:
  accessPointID: fsap-xxxxx
  fileSystemID: fs-xxxxx
----

Then create the `SharedVolume` object:

----
oc apply -f project-name-sharedvolume.yml
----

Once created, the AWS EFS Operator should automatically create a PersistentVolume, then a PersistentVolumeClaim in the project namespace. Tenants can then mount this volume as normal.

The following Pod defintion maybe used to verify the storage is working correctly.

----
apiVersion: v1
kind: Pod
metadata:
  name: volume-test
  namespace: communishift-dev-test
spec:
  securityContext:
    runAsUser: 1001
    runAsGroup: 1001
    fsGroup: 1001
    fsGroupChangePolicy: "OnRootMismatch"
  serviceAccount: volume-test
  volumes:
    - name: test-volume
      persistentVolumeClaim:
        claimName: pvc-communishift-dev-test-sharedvolume
  containers:
    - image: quay.io/operator-framework/ansible-operator:v1.23.0
      command:
        - /bin/sh
        - "-c"
        - "sleep 60m"
      imagePullPolicy: IfNotPresent
      name: alpine
      volumeMounts:
        - name: test-volume
          mountPath: /tmp/volume_test
      restartPolicy: Always
      resources:
        requests:
          memory: "2Gi"
----