From c04284cdd7b53c155d20b5091efe57c81a656152 Mon Sep 17 00:00:00 2001 From: Max Roby Date: Thu, 23 Nov 2023 13:47:58 +0100 Subject: [PATCH] remove user job since bucket job can now create public buckets, update values.yaml --- .../templates/post-install-user-hook.yaml | 90 ------------------- k8s/charts/seaweedfs/values.yaml | 12 +-- 2 files changed, 3 insertions(+), 99 deletions(-) delete mode 100644 k8s/charts/seaweedfs/templates/post-install-user-hook.yaml diff --git a/k8s/charts/seaweedfs/templates/post-install-user-hook.yaml b/k8s/charts/seaweedfs/templates/post-install-user-hook.yaml deleted file mode 100644 index 7c1c37cda..000000000 --- a/k8s/charts/seaweedfs/templates/post-install-user-hook.yaml +++ /dev/null @@ -1,90 +0,0 @@ -{{- if .Values.master.enabled }} -{{- if .Values.filer.s3.enabled }} -{{- if .Values.filer.s3.createUsers}} ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: "{{ $.Release.Name }}-user-hook" - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - annotations: - "helm.sh/hook": post-install - "helm.sh/hook-weight": "-4" - "helm.sh/hook-delete-policy": hook-succeeded -spec: - template: - metadata: - name: "{{ .Release.Name }}" - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - spec: - restartPolicy: Never - containers: - - name: post-install-job - image: {{ template "master.image" . }} - env: - - name: WEED_CLUSTER_DEFAULT - value: "sw" - - name: WEED_CLUSTER_SW_MASTER - value: "{{ template "seaweedfs.name" . }}-master.{{ .Release.Namespace }}:9333" - - name: WEED_CLUSTER_SW_FILER - value: "{{ template "seaweedfs.name" . }}-filer-client.{{ .Release.Namespace }}:8888" - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: SEAWEEDFS_FULLNAME - value: "{{ template "seaweedfs.name" . }}" - {{- range $reg, $props := $.Values.filer.s3.createUsers }} - - name: {{ $props.name | upper }}_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: {{ $props.secretName }} - key: ACCESS_KEY_ID - - name: {{ $props.name | upper }}_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: {{ $props.secretName }} - key: ACCESS_SECRET_KEY - {{- end }} - command: - - "/bin/sh" - - "-ec" - - | - {{- range $reg, $props := $.Values.filer.s3.createUsers }} - exec /bin/echo \ - "s3.configure --user {{ $props.name }} \ - --buckets {{ $props.buckets }} \ - --actions {{ $props.actions }} \ - --access_key ${{ $props.name | upper }}_ACCESS_KEY_ID \ - --secret_key ${{ $props.name | upper }}_SECRET_ACCESS_KEY \ - --apply true" |\ - /usr/bin/weed shell - {{- end }} - ports: - - containerPort: {{ .Values.master.port }} - name: swfs-master - {{- if and .Values.global.monitoring.enabled .Values.master.metricsPort }} - - containerPort: {{ .Values.master.metricsPort }} - name: metrics - {{- end }} - - containerPort: {{ .Values.master.grpcPort }} - #name: swfs-master-grpc - {{- if .Values.master.readinessProbe.enabled }} - {{- $hostpath_exists := include "master.hostpath_exists" . -}} - {{- $existing_claims := include "master.existing_claims" . -}} -{{- end }} -{{- end }} -{{- end }} -{{- end }} diff --git a/k8s/charts/seaweedfs/values.yaml b/k8s/charts/seaweedfs/values.yaml index 0a76a4436..04360837b 100644 --- a/k8s/charts/seaweedfs/values.yaml +++ b/k8s/charts/seaweedfs/values.yaml @@ -576,20 +576,14 @@ filer: # should have a secret key called seaweedfs_s3_config with an inline json configure existingConfigSecret: "" auditLogConfig: {} - # You may specify buckets and users to be created during the install process - # The user's credentials must be in an existing secret using the key names: - # 'ACCESS_KEY_ID' and 'ACCESS_SECRET_KEY' + # You may specify buckets to be created during the install process. + # Buckets may be exposed publicly by setting `anonymousRead` to `true` # createBuckets: # - name: bucket-a # anonymousRead: true # - name: bucket-b # anonymousRead: false - # createUsers: - # - name: friend - # actions: "Read,Write,List" - # buckets: "bucket-b" - # secretName: friend_s3_creds - + s3: enabled: false