Remove existingSecret option

This commit is contained in:
Waqar Ahmed 2020-12-09 01:48:46 +05:00
parent d4cd85e0b0
commit cca836e3dc
4 changed files with 0 additions and 44 deletions

View File

@ -136,7 +136,6 @@ The following table lists the configurable parameters of the MinIO chart and the
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `trustedCertsSecret` | Kubernetes secret with trusted certificates to be mounted on `{{ .Values.certsPath }}/CAs` | `""` |
| `extraArgs` | Additional command line arguments to pass to the MinIO server | `[]` |
| `existingSecret` | Name of existing secret with access and secret key. | `""` |
| `accessKey` | Default access key (5 to 20 characters) | random 20 chars |
| `secretKey` | Default secret key (8 to 40 characters) | random 40 chars |
| `certsPath` | Default certs path location | `/etc/minio/certs` |
@ -252,31 +251,6 @@ For more precise policy, set `networkPolicy.allowExternal=true`. This will
only allow pods with the generated client label to connect to MinIO.
This label will be displayed in the output of a successful install.
Existing secret
---------------
Instead of having this chart create the secret for you, you can supply a preexisting secret, much
like an existing PersistentVolumeClaim.
First, create the secret:
```bash
$ kubectl create secret generic my-minio-secret --from-literal=accesskey=foobarbaz --from-literal=secretkey=foobarbazqux
```
Then install the chart, specifying that you want to use an existing secret:
```bash
$ helm install --set existingSecret=my-minio-secret minio/minio
```
The following fields are expected in the secret:
| .data.<key> in Secret | Corresponding variable | Description |
|:---------------------------|:------------------------|:----------------------------------------------------------------------------------|
| `accesskey` | `accessKey` | Access key ID. Mandatory. |
| `secretkey` | `secretKey` | Secret key. Mandatory. |
All corresponding variables will be ignored in values file.
Configure TLS
-------------

View File

@ -68,12 +68,8 @@ Return the appropriate apiVersion for statefulset.
Determine secret name.
*/}}
{{- define "minio.secretName" -}}
{{- if .Values.existingSecret -}}
{{- .Values.existingSecret }}
{{- else -}}
{{- include "minio.fullname" . -}}
{{- end -}}
{{- end -}}
{{/*
Determine service account name for deployment or statefulset.

View File

@ -1,4 +1,3 @@
{{- if not .Values.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
@ -12,4 +11,3 @@ type: Opaque
data:
accesskey: {{ if .Values.accessKey }}{{ .Values.accessKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 20 | b64enc | quote }}{{ end }}
secretkey: {{ if .Values.secretKey }}{{ .Values.secretKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 40 | b64enc | quote }}{{ end }}
{{- end }}

View File

@ -44,18 +44,6 @@ secretKey: ""
certsPath: "/etc/minio/certs/"
mountPath: "/export"
## Use existing Secret that store following variables:
##
## | Chart var | .data.<key> in Secret |
## |:----------------------|:-------------------------|
## | accessKey | accesskey |
## | secretKey | secretkey |
##
## All mentioned variables will be ignored in values file.
## .data.accesskey and .data.secretkey are mandatory,
## others depend on enabled status of corresponding sections.
existingSecret: ""
## Override the root directory which the minio server should serve from.
## If left empty, it defaults to the value of {{ .Values.mountPath }}
## If defined, it must be a sub-directory of the path specified in {{ .Values.mountPath }}