From f2b3a3618c1769a6ff6712874ff8c23f4e85175f Mon Sep 17 00:00:00 2001 From: dberardo-com <65530457+dberardo-com@users.noreply.github.com> Date: Wed, 20 Dec 2023 14:21:07 +0100 Subject: [PATCH 01/10] Update deployment.yaml --- charts/s3-operator/templates/deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/s3-operator/templates/deployment.yaml b/charts/s3-operator/templates/deployment.yaml index 7ecc1f4..1bc44b3 100644 --- a/charts/s3-operator/templates/deployment.yaml +++ b/charts/s3-operator/templates/deployment.yaml @@ -58,7 +58,7 @@ spec: valueFrom: secretKeyRef: name: {{ .Values.s3.existingSecret }} - key: S3_ACCESS_KEY + key: {{ .Values.s3.secretKeyName | default 'S3_ACCESS_KEY'}} {{- else }} value: {{ .Values.s3.accessKey }} {{- end }} @@ -67,7 +67,7 @@ spec: valueFrom: secretKeyRef: name: {{ .Values.s3.existingSecret }} - key: S3_SECRET_KEY + key: {{ .Values.s3.accessKeyName | default 'S3_SECRET_KEY'}} {{- else }} value: {{ .Values.s3.secretKey }} {{- end }} @@ -93,4 +93,4 @@ spec: securityContext: runAsNonRoot: true serviceAccountName: {{ include "s3-operator.fullname" . }}-controller-manager - terminationGracePeriodSeconds: 10 \ No newline at end of file + terminationGracePeriodSeconds: 10 From 218bd1346dedb6834fccb3eecfad9fea691bba4f Mon Sep 17 00:00:00 2001 From: dberardo-com <65530457+dberardo-com@users.noreply.github.com> Date: Wed, 20 Dec 2023 14:29:22 +0100 Subject: [PATCH 02/10] Update deployment.yaml --- charts/s3-operator/templates/deployment.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/charts/s3-operator/templates/deployment.yaml b/charts/s3-operator/templates/deployment.yaml index 1bc44b3..f9bb5af 100644 --- a/charts/s3-operator/templates/deployment.yaml +++ b/charts/s3-operator/templates/deployment.yaml @@ -36,6 +36,19 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} + {{- if .Values.s3.mountCertsFromSecret }} + volumes: + - name: caCerts + secret: + secretName: "{{.Values.s3.mountCertsFromSecret}}" + {{- end }} + containers: + {{- if .Values.s3.mountCertsFromSecret }} + volumeMounts: + - name: caCerts + mountPath: "{{.Values.s3.caCertificateBundlePath}}" + subPath: "{{.Values.s3.mountCertsFromSecretKey | default('public.crt') }}" + {{- end }} containers: - args: - --health-probe-bind-address=:8081 @@ -45,6 +58,9 @@ spec: {{- if .Values.s3.caCertificateBundlePath }} - --s3-ca-certificate-bundle-path={{ .Values.s3.caCertificateBundlePath }} {{- end }} + {{- if .Values.s3.disableTls }} + - --useSsl=false + {{- end }} {{- range .Values.s3.caCertificatesBase64 }} - --s3-ca-certificate-base64={{ . }} {{- end }} From 471132a0acbbb68e9fbecfa595b3320f56ac3145 Mon Sep 17 00:00:00 2001 From: dberardo-com <65530457+dberardo-com@users.noreply.github.com> Date: Wed, 20 Dec 2023 14:29:48 +0100 Subject: [PATCH 03/10] Update values.yaml --- charts/s3-operator/values.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/charts/s3-operator/values.yaml b/charts/s3-operator/values.yaml index e453164..42d5db9 100644 --- a/charts/s3-operator/values.yaml +++ b/charts/s3-operator/values.yaml @@ -27,6 +27,9 @@ controllerManager: kubernetesClusterDomain: cluster.local s3: endpointUrl: "localhost:9000" + disableTls: false + # mountCertsFromSecret: + # mountCertsFromSecretKey # To manage access/secret keys, two options : # - (Poor) Directly set them using the accessKey/secretKey parameters below. From 339d59b8fd54aefdd14e026d272b9f67789ba4c8 Mon Sep 17 00:00:00 2001 From: dberardo-com <65530457+dberardo-com@users.noreply.github.com> Date: Wed, 20 Dec 2023 14:41:20 +0100 Subject: [PATCH 04/10] Update values.yaml --- charts/s3-operator/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/s3-operator/values.yaml b/charts/s3-operator/values.yaml index 42d5db9..37ddcd1 100644 --- a/charts/s3-operator/values.yaml +++ b/charts/s3-operator/values.yaml @@ -30,6 +30,8 @@ s3: disableTls: false # mountCertsFromSecret: # mountCertsFromSecretKey + accessKeyName: S3_ACCESS_KEY + secretKeyName: S3_SECRET_KEY # To manage access/secret keys, two options : # - (Poor) Directly set them using the accessKey/secretKey parameters below. From d185af69b108f6dfffa981baec3d5a97f390b0c6 Mon Sep 17 00:00:00 2001 From: dberardo-com <65530457+dberardo-com@users.noreply.github.com> Date: Wed, 20 Dec 2023 14:41:25 +0100 Subject: [PATCH 05/10] Update deployment.yaml --- charts/s3-operator/templates/deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/s3-operator/templates/deployment.yaml b/charts/s3-operator/templates/deployment.yaml index f9bb5af..ced0c91 100644 --- a/charts/s3-operator/templates/deployment.yaml +++ b/charts/s3-operator/templates/deployment.yaml @@ -47,7 +47,7 @@ spec: volumeMounts: - name: caCerts mountPath: "{{.Values.s3.caCertificateBundlePath}}" - subPath: "{{.Values.s3.mountCertsFromSecretKey | default('public.crt') }}" + subPath: {{.Values.s3.mountCertsFromSecretKey }} {{- end }} containers: - args: @@ -74,7 +74,7 @@ spec: valueFrom: secretKeyRef: name: {{ .Values.s3.existingSecret }} - key: {{ .Values.s3.secretKeyName | default 'S3_ACCESS_KEY'}} + key: {{ .Values.s3.secretKeyName }} {{- else }} value: {{ .Values.s3.accessKey }} {{- end }} @@ -83,7 +83,7 @@ spec: valueFrom: secretKeyRef: name: {{ .Values.s3.existingSecret }} - key: {{ .Values.s3.accessKeyName | default 'S3_SECRET_KEY'}} + key: {{ .Values.s3.accessKeyName }} {{- else }} value: {{ .Values.s3.secretKey }} {{- end }} From e5b4511e787fdf89f21f23c82b60f1124c401055 Mon Sep 17 00:00:00 2001 From: dberardo-com <65530457+dberardo-com@users.noreply.github.com> Date: Wed, 20 Dec 2023 14:42:04 +0100 Subject: [PATCH 06/10] Update deployment.yaml --- charts/s3-operator/templates/deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/s3-operator/templates/deployment.yaml b/charts/s3-operator/templates/deployment.yaml index ced0c91..3c377d8 100644 --- a/charts/s3-operator/templates/deployment.yaml +++ b/charts/s3-operator/templates/deployment.yaml @@ -74,7 +74,7 @@ spec: valueFrom: secretKeyRef: name: {{ .Values.s3.existingSecret }} - key: {{ .Values.s3.secretKeyName }} + key: {{ .Values.s3.accessKeyName }} {{- else }} value: {{ .Values.s3.accessKey }} {{- end }} @@ -83,7 +83,7 @@ spec: valueFrom: secretKeyRef: name: {{ .Values.s3.existingSecret }} - key: {{ .Values.s3.accessKeyName }} + key: {{ .Values.s3.secretKeyName }} {{- else }} value: {{ .Values.s3.secretKey }} {{- end }} From 747aee926225d368ed799c3fa688357fbfccf2a0 Mon Sep 17 00:00:00 2001 From: dberardo Date: Wed, 20 Dec 2023 14:43:53 +0100 Subject: [PATCH 07/10] depl --- charts/s3-operator/templates/deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/s3-operator/templates/deployment.yaml b/charts/s3-operator/templates/deployment.yaml index f9bb5af..3c377d8 100644 --- a/charts/s3-operator/templates/deployment.yaml +++ b/charts/s3-operator/templates/deployment.yaml @@ -47,7 +47,7 @@ spec: volumeMounts: - name: caCerts mountPath: "{{.Values.s3.caCertificateBundlePath}}" - subPath: "{{.Values.s3.mountCertsFromSecretKey | default('public.crt') }}" + subPath: {{.Values.s3.mountCertsFromSecretKey }} {{- end }} containers: - args: @@ -74,7 +74,7 @@ spec: valueFrom: secretKeyRef: name: {{ .Values.s3.existingSecret }} - key: {{ .Values.s3.secretKeyName | default 'S3_ACCESS_KEY'}} + key: {{ .Values.s3.accessKeyName }} {{- else }} value: {{ .Values.s3.accessKey }} {{- end }} @@ -83,7 +83,7 @@ spec: valueFrom: secretKeyRef: name: {{ .Values.s3.existingSecret }} - key: {{ .Values.s3.accessKeyName | default 'S3_SECRET_KEY'}} + key: {{ .Values.s3.secretKeyName }} {{- else }} value: {{ .Values.s3.secretKey }} {{- end }} From 5dafbd43871b37d0a3ed376c2aa8769314d7f425 Mon Sep 17 00:00:00 2001 From: dberardo Date: Wed, 20 Dec 2023 14:53:33 +0100 Subject: [PATCH 08/10] fix in cert path --- charts/s3-operator/templates/deployment.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/s3-operator/templates/deployment.yaml b/charts/s3-operator/templates/deployment.yaml index 3c377d8..b9ab2c0 100644 --- a/charts/s3-operator/templates/deployment.yaml +++ b/charts/s3-operator/templates/deployment.yaml @@ -38,16 +38,16 @@ spec: {{- end }} {{- if .Values.s3.mountCertsFromSecret }} volumes: - - name: caCerts + - name: ca-certs secret: secretName: "{{.Values.s3.mountCertsFromSecret}}" {{- end }} containers: {{- if .Values.s3.mountCertsFromSecret }} volumeMounts: - - name: caCerts + - name: ca-certs mountPath: "{{.Values.s3.caCertificateBundlePath}}" - subPath: {{.Values.s3.mountCertsFromSecretKey }} + subPath: {{.Values.s3.mountCertsFromSecretKey | default "public.crt" }} {{- end }} containers: - args: From f8c7adff98b17cddd03d9609f0e784bf883582e1 Mon Sep 17 00:00:00 2001 From: dberardo Date: Wed, 20 Dec 2023 14:55:33 +0100 Subject: [PATCH 09/10] fix in deployment --- charts/s3-operator/templates/deployment.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/charts/s3-operator/templates/deployment.yaml b/charts/s3-operator/templates/deployment.yaml index b9ab2c0..def62e4 100644 --- a/charts/s3-operator/templates/deployment.yaml +++ b/charts/s3-operator/templates/deployment.yaml @@ -49,7 +49,6 @@ spec: mountPath: "{{.Values.s3.caCertificateBundlePath}}" subPath: {{.Values.s3.mountCertsFromSecretKey | default "public.crt" }} {{- end }} - containers: - args: - --health-probe-bind-address=:8081 - --metrics-bind-address=127.0.0.1:8080 From 60d03036dce3efe722c633d53804eae702d4beef Mon Sep 17 00:00:00 2001 From: dberardo Date: Wed, 20 Dec 2023 14:56:27 +0100 Subject: [PATCH 10/10] fix in deployment --- charts/s3-operator/templates/deployment.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/s3-operator/templates/deployment.yaml b/charts/s3-operator/templates/deployment.yaml index def62e4..672ebba 100644 --- a/charts/s3-operator/templates/deployment.yaml +++ b/charts/s3-operator/templates/deployment.yaml @@ -43,12 +43,6 @@ spec: secretName: "{{.Values.s3.mountCertsFromSecret}}" {{- end }} containers: - {{- if .Values.s3.mountCertsFromSecret }} - volumeMounts: - - name: ca-certs - mountPath: "{{.Values.s3.caCertificateBundlePath}}" - subPath: {{.Values.s3.mountCertsFromSecretKey | default "public.crt" }} - {{- end }} - args: - --health-probe-bind-address=:8081 - --metrics-bind-address=127.0.0.1:8080 @@ -65,6 +59,12 @@ spec: {{- end }} command: - /manager + {{- if .Values.s3.mountCertsFromSecret }} + volumeMounts: + - name: ca-certs + mountPath: "{{.Values.s3.caCertificateBundlePath}}" + subPath: {{.Values.s3.mountCertsFromSecretKey | default "public.crt" }} + {{- end }} env: - name: KUBERNETES_CLUSTER_DOMAIN value: {{ quote .Values.kubernetesClusterDomain }}