Remove existingSecret option
This commit is contained in:
parent
d4cd85e0b0
commit
cca836e3dc
|
@ -136,7 +136,6 @@ The following table lists the configurable parameters of the MinIO chart and the
|
|||
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
|
||||
| `trustedCertsSecret` | Kubernetes secret with trusted certificates to be mounted on `{{ .Values.certsPath }}/CAs` | `""` |
|
||||
| `extraArgs` | Additional command line arguments to pass to the MinIO server | `[]` |
|
||||
| `existingSecret` | Name of existing secret with access and secret key. | `""` |
|
||||
| `accessKey` | Default access key (5 to 20 characters) | random 20 chars |
|
||||
| `secretKey` | Default secret key (8 to 40 characters) | random 40 chars |
|
||||
| `certsPath` | Default certs path location | `/etc/minio/certs` |
|
||||
|
@ -252,31 +251,6 @@ For more precise policy, set `networkPolicy.allowExternal=true`. This will
|
|||
only allow pods with the generated client label to connect to MinIO.
|
||||
This label will be displayed in the output of a successful install.
|
||||
|
||||
Existing secret
|
||||
---------------
|
||||
|
||||
Instead of having this chart create the secret for you, you can supply a preexisting secret, much
|
||||
like an existing PersistentVolumeClaim.
|
||||
|
||||
First, create the secret:
|
||||
```bash
|
||||
$ kubectl create secret generic my-minio-secret --from-literal=accesskey=foobarbaz --from-literal=secretkey=foobarbazqux
|
||||
```
|
||||
|
||||
Then install the chart, specifying that you want to use an existing secret:
|
||||
```bash
|
||||
$ helm install --set existingSecret=my-minio-secret minio/minio
|
||||
```
|
||||
|
||||
The following fields are expected in the secret:
|
||||
|
||||
| .data.<key> in Secret | Corresponding variable | Description |
|
||||
|:---------------------------|:------------------------|:----------------------------------------------------------------------------------|
|
||||
| `accesskey` | `accessKey` | Access key ID. Mandatory. |
|
||||
| `secretkey` | `secretKey` | Secret key. Mandatory. |
|
||||
|
||||
All corresponding variables will be ignored in values file.
|
||||
|
||||
Configure TLS
|
||||
-------------
|
||||
|
||||
|
|
|
@ -68,12 +68,8 @@ Return the appropriate apiVersion for statefulset.
|
|||
Determine secret name.
|
||||
*/}}
|
||||
{{- define "minio.secretName" -}}
|
||||
{{- if .Values.existingSecret -}}
|
||||
{{- .Values.existingSecret }}
|
||||
{{- else -}}
|
||||
{{- include "minio.fullname" . -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Determine service account name for deployment or statefulset.
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
{{- if not .Values.existingSecret }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
@ -12,4 +11,3 @@ type: Opaque
|
|||
data:
|
||||
accesskey: {{ if .Values.accessKey }}{{ .Values.accessKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 20 | b64enc | quote }}{{ end }}
|
||||
secretkey: {{ if .Values.secretKey }}{{ .Values.secretKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 40 | b64enc | quote }}{{ end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -44,18 +44,6 @@ secretKey: ""
|
|||
certsPath: "/etc/minio/certs/"
|
||||
mountPath: "/export"
|
||||
|
||||
## Use existing Secret that store following variables:
|
||||
##
|
||||
## | Chart var | .data.<key> in Secret |
|
||||
## |:----------------------|:-------------------------|
|
||||
## | accessKey | accesskey |
|
||||
## | secretKey | secretkey |
|
||||
##
|
||||
## All mentioned variables will be ignored in values file.
|
||||
## .data.accesskey and .data.secretkey are mandatory,
|
||||
## others depend on enabled status of corresponding sections.
|
||||
existingSecret: ""
|
||||
|
||||
## Override the root directory which the minio server should serve from.
|
||||
## If left empty, it defaults to the value of {{ .Values.mountPath }}
|
||||
## If defined, it must be a sub-directory of the path specified in {{ .Values.mountPath }}
|
||||
|
|
Loading…
Reference in New Issue