From 9ff010d15b87723ad3a5bea87585d7e6b1c19403 Mon Sep 17 00:00:00 2001 From: Max Roby Date: Thu, 23 Nov 2023 11:27:40 +0100 Subject: [PATCH] create a hook for setting up users --- .../templates/post-install-user-hook.yaml | 90 +++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 k8s/charts/seaweedfs/templates/post-install-user-hook.yaml diff --git a/k8s/charts/seaweedfs/templates/post-install-user-hook.yaml b/k8s/charts/seaweedfs/templates/post-install-user-hook.yaml new file mode 100644 index 000000000..40cf9b427 --- /dev/null +++ b/k8s/charts/seaweedfs/templates/post-install-user-hook.yaml @@ -0,0 +1,90 @@ +{{- if .Values.master.enabled }} +{{- if .Values.filer.s3.enabled }} +{{- if .Values.filer.s3.createUsers}} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: "{{ $.Release.Name }}" + labels: + app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + app.kubernetes.io/instance: {{ .Release.Name | quote }} + annotations: + "helm.sh/hook": post-install + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + name: "{{ .Release.Name }}" + labels: + app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + app.kubernetes.io/instance: {{ .Release.Name | quote }} + spec: + restartPolicy: Never + containers: + - name: post-install-job + image: {{ template "master.image" . }} + env: + - name: WEED_CLUSTER_DEFAULT + value: "sw" + - name: WEED_CLUSTER_SW_MASTER + value: "{{ template "seaweedfs.name" . }}-master.{{ .Release.Namespace }}:9333" + - name: WEED_CLUSTER_SW_FILER + value: "{{ template "seaweedfs.name" . }}-filer-client.{{ .Release.Namespace }}:8888" + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: SEAWEEDFS_FULLNAME + value: "{{ template "seaweedfs.name" . }}" + {{- range $reg, $props := $.Values.filer.s3.createUsers }} + - name: "{{ $props.secretName | upper }}-ID" + valueFrom: + secretKeyRef: + name: {{ $props.secretName }} + key: ACCESS_KEY_ID + - name: "{{ $props.secretName | upper }}-KEY" + valueFrom: + secretKeyRef: + name: {{ $props.secretName }} + key: ACCESS_SECRET_KEY + {{- end }} + command: + - "/bin/sh" + - "-ec" + - | + {{- range $reg, $props := $.Values.filer.s3.createUsers }} + exec /bin/echo \ + "s3.configure --user {{ $props.name }} \ + --buckets {{ $props.buckets }} \ + --actions {{ $props.actions }} \ + --access_key "{{ $props.secretName | upper }}-ID" \ + --secret_key "{{ $props.secretName | upper }}-KEY" \ + --apply true" |\ + /usr/bin/weed shell + {{- end }} + ports: + - containerPort: {{ .Values.master.port }} + name: swfs-master + {{- if and .Values.global.monitoring.enabled .Values.master.metricsPort }} + - containerPort: {{ .Values.master.metricsPort }} + name: metrics + {{- end }} + - containerPort: {{ .Values.master.grpcPort }} + #name: swfs-master-grpc + {{- if .Values.master.readinessProbe.enabled }} + {{- $hostpath_exists := include "master.hostpath_exists" . -}} + {{- $existing_claims := include "master.existing_claims" . -}} +{{- end }} +{{- end }} +{{- end }} +{{- end }}