mirror of https://git.rancher.io/charts
81 lines
2.9 KiB
YAML
81 lines
2.9 KiB
YAML
# defaulting s3 config with the user provided values
|
|
{{- $s3Endpoint := .Values.s3.endpoint }}
|
|
{{- $s3AccessKey := .Values.s3.accessKeyID }}
|
|
{{- $s3SecretKey := .Values.s3.secretAccessKey }}
|
|
{{- $s3Bucket := .Values.s3.bucket }}
|
|
{{- $s3UseSSL := .Values.s3.useSSL }}
|
|
{{- $s3Region := .Values.s3.region }}
|
|
# minio values if minio is enabled
|
|
{{- if .Values.minio.enabled }}
|
|
# Generated credentials for minio. Used only if minio is enabled.
|
|
{{- $oldkeys := (lookup "v1" "Secret" .Release.Namespace "minio-creds").data -}}
|
|
{{- $accessKey := empty $oldkeys | ternary (randAlphaNum 16) (b64dec (default "" $oldkeys.accesskey)) -}}
|
|
{{- $secretKey := empty $oldkeys | ternary (randAlphaNum 16) (b64dec (default "" $oldkeys.secretkey)) -}}
|
|
{{- $s3Endpoint = include "epinio.minio-url" . -}}
|
|
{{- $s3AccessKey = $accessKey }}
|
|
{{- $s3SecretKey = $secretKey }}
|
|
{{- $s3UseSSL = true }}
|
|
# s3gw values if s3gw is enabled
|
|
{{- else if .Values.s3gw.enabled }}
|
|
# Generated credentials for s3gw. Used only if s3gw is enabled.
|
|
{{- $oldkeys := (lookup "v1" "Secret" .Release.Namespace .Values.s3gw.defaultUserCredentialsSecret).data -}}
|
|
{{- $accessKey := empty $oldkeys | ternary (randAlphaNum 32) (b64dec (default "" $oldkeys.RGW_DEFAULT_USER_ACCESS_KEY)) -}}
|
|
{{- $secretKey := empty $oldkeys | ternary (randAlphaNum 32) (b64dec (default "" $oldkeys.RGW_DEFAULT_USER_SECRET_KEY)) -}}
|
|
{{- $s3Endpoint = include "epinio.s3gw-url" . -}}
|
|
{{- $s3AccessKey = $accessKey }}
|
|
{{- $s3SecretKey = $secretKey }}
|
|
{{- $s3UseSSL = true }}
|
|
{{- end }}
|
|
|
|
---
|
|
# The S3 connection details as required by the staging Job (in "ini" format)
|
|
apiVersion: v1
|
|
kind: Secret
|
|
type: Opaque
|
|
metadata:
|
|
name: epinio-s3-connection-details
|
|
namespace: {{ .Release.Namespace }}
|
|
stringData:
|
|
bucket: {{ $s3Bucket }}
|
|
config: |-
|
|
[default]
|
|
region={{ $s3Region }}
|
|
credentials: |-
|
|
[default]
|
|
aws_access_key_id={{ $s3AccessKey }}
|
|
aws_secret_access_key={{ $s3SecretKey }}
|
|
endpoint: {{ $s3Endpoint | quote }}
|
|
useSSL: {{ $s3UseSSL | quote }}
|
|
|
|
# Secrets get created first so Minio and s3gw should find them there when they needs them.
|
|
# https://github.com/helm/helm/blob/release-3.0/pkg/releaseutil/kind_sorter.go
|
|
|
|
{{- if .Values.minio.enabled }}
|
|
# The S3 connection details as required by Minio deployment
|
|
# https://github.com/minio/minio/blob/8ae46bce937567e682d14f7fe845b8ff67e549d2/helm/minio/values.yaml#L81
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
type: Opaque
|
|
metadata:
|
|
name: minio-creds
|
|
namespace: {{ .Release.Namespace }}
|
|
stringData:
|
|
rootUser: {{ $s3AccessKey | quote }}
|
|
rootPassword: {{ $s3SecretKey | quote }}
|
|
accesskey: {{ $s3AccessKey | quote }}
|
|
secretkey: {{ $s3SecretKey | quote }}
|
|
{{- else if .Values.s3gw.enabled }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: '{{ .Values.s3gw.defaultUserCredentialsSecret }}'
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
type: Opaque
|
|
stringData:
|
|
RGW_DEFAULT_USER_ACCESS_KEY: {{ $s3AccessKey | quote }}
|
|
RGW_DEFAULT_USER_SECRET_KEY: {{ $s3SecretKey | quote }}
|
|
{{- end }}
|