From 3b5d8ffb70f42ecc8b0ba876d93b5166d8f70973 Mon Sep 17 00:00:00 2001 From: spastorclovr <134076845+spastorclovr@users.noreply.github.com> Date: Wed, 14 Feb 2024 23:33:05 +0100 Subject: [PATCH] Fix/s3 config secret (#5302) --- k8s/charts/seaweedfs/templates/filer-statefulset.yaml | 2 +- k8s/charts/seaweedfs/templates/s3-deployment.yaml | 2 +- k8s/charts/seaweedfs/templates/s3-secret.yaml | 2 +- k8s/charts/seaweedfs/values.yaml | 10 ++++------ 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/k8s/charts/seaweedfs/templates/filer-statefulset.yaml b/k8s/charts/seaweedfs/templates/filer-statefulset.yaml index 097a63cd3..c62ec45dc 100644 --- a/k8s/charts/seaweedfs/templates/filer-statefulset.yaml +++ b/k8s/charts/seaweedfs/templates/filer-statefulset.yaml @@ -286,7 +286,7 @@ spec: - name: db-schema-config-volume configMap: name: seaweedfs-db-init-config - {{- if .Values.filer.s3.enableAuth }} + {{- if and .Values.filer.s3.enabled .Values.filer.s3.enableAuth }} - name: config-users secret: defaultMode: 420 diff --git a/k8s/charts/seaweedfs/templates/s3-deployment.yaml b/k8s/charts/seaweedfs/templates/s3-deployment.yaml index 45b0d394b..0b04f6381 100644 --- a/k8s/charts/seaweedfs/templates/s3-deployment.yaml +++ b/k8s/charts/seaweedfs/templates/s3-deployment.yaml @@ -191,7 +191,7 @@ spec: - name: config-users secret: defaultMode: 420 - {{- if .Values.filer.s3.existingConfigSecret }} + {{- if .Values.s3.existingConfigSecret }} secretName: {{ .Values.s3.existingConfigSecret }} {{- else }} secretName: seaweedfs-s3-secret diff --git a/k8s/charts/seaweedfs/templates/s3-secret.yaml b/k8s/charts/seaweedfs/templates/s3-secret.yaml index 09e81adbf..969b31f52 100644 --- a/k8s/charts/seaweedfs/templates/s3-secret.yaml +++ b/k8s/charts/seaweedfs/templates/s3-secret.yaml @@ -1,4 +1,4 @@ -{{- if not (or .Values.filer.s3.skipAuthSecretCreation .Values.s3.skipAuthSecretCreation .Values.filer.s3.existingConfigSecret .Values.s3.existingConfigSecret ) }} +{{- if or (and .Values.filer.s3.enabled .Values.filer.s3.enableAuth (not .Values.filer.s3.existingConfigSecret)) (and .Values.s3.enabled .Values.s3.enableAuth (not .Values.s3.existingConfigSecret)) }} {{- $access_key_admin := randAlphaNum 16 -}} {{- $secret_key_admin := randAlphaNum 32 -}} {{- $access_key_read := randAlphaNum 16 -}} diff --git a/k8s/charts/seaweedfs/values.yaml b/k8s/charts/seaweedfs/values.yaml index 61393e8e7..527db2315 100644 --- a/k8s/charts/seaweedfs/values.yaml +++ b/k8s/charts/seaweedfs/values.yaml @@ -610,7 +610,7 @@ filer: # key: password s3: - enabled: true + enabled: false port: 8333 # add additional https port httpsPort: 0 @@ -619,11 +619,10 @@ filer: # Suffix of the host name, {bucket}.{domainName} domainName: "" # enable user & permission to s3 (need to inject to all services) - enableAuth: true - skipAuthSecretCreation: false + enableAuth: false # set to the name of an existing kubernetes Secret with the s3 json config file # should have a secret key called seaweedfs_s3_config with an inline json configure - existingConfigSecret: "" + existingConfigSecret: null auditLogConfig: {} # You may specify buckets to be created during the install process. # Buckets may be exposed publicly by setting `anonymousRead` to `true` @@ -650,10 +649,9 @@ s3: allowEmptyFolder: true # enable user & permission to s3 (need to inject to all services) enableAuth: false - skipAuthSecretCreation: false # set to the name of an existing kubernetes Secret with the s3 json config file # should have a secret key called seaweedfs_s3_config with an inline json config - existingConfigSecret: false + existingConfigSecret: null auditLogConfig: {} # Suffix of the host name, {bucket}.{domainName}