Minio-client job.
This commit is contained in:
parent
82a21a9b85
commit
93f7f1da98
120
loop-enterprise-stack/templates/mcjob.yaml
Normal file
120
loop-enterprise-stack/templates/mcjob.yaml
Normal file
@ -0,0 +1,120 @@
|
||||
{{- if .Values.mcJob.enabled }}
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: loop-minio-mc-job
|
||||
labels:
|
||||
app: loop-minio
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: loop-minio
|
||||
spec:
|
||||
containers:
|
||||
- name: mc-client
|
||||
image: "minio/mc:RELEASE.2025-01-17T23-25-50Z"
|
||||
command: ["/bin/sh", "-c"]
|
||||
args:
|
||||
- |
|
||||
until mc alias set myminio http://loop-minio:9000 {{ .Values.minio.rootUser }} {{ .Values.minio.rootPassword }}; do
|
||||
echo "Waiting for MinIO to be ready..."
|
||||
sleep 5
|
||||
done
|
||||
echo "MinIO is ready and alias is set."
|
||||
|
||||
# Создание пользователя
|
||||
#if ! mc admin user add myminio {{ .Values.minio.customUser }} {{ .Values.minio.customAccessKey }}; then
|
||||
# echo "User {{ .Values.minio.customUser }} already exists or failed to create."
|
||||
#else
|
||||
# echo "User {{ .Values.minio.customUser }} created successfully."
|
||||
#fi
|
||||
|
||||
# Назначение политики для нового пользователя
|
||||
cat <<EOF > /tmp/minio-user-policy.json
|
||||
{
|
||||
"Version": "2012-10-17",
|
||||
"Statement": [
|
||||
{
|
||||
"Sid": "VisualEditor",
|
||||
"Effect": "Allow",
|
||||
"Action": [
|
||||
"s3:DeleteObject",
|
||||
"s3:GetObject",
|
||||
"s3:PutObject"
|
||||
],
|
||||
"Resource": [
|
||||
"arn:aws:s3:::loop-bucket/*"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
EOF
|
||||
echo "User policy JSON file created."
|
||||
|
||||
mc admin policy create myminio loop-policy /tmp/minio-user-policy.json
|
||||
echo "User policy created and applied."
|
||||
|
||||
# Создание бакета
|
||||
if ! mc ls myminio/loop-bucket; then
|
||||
mc mb myminio/loop-bucket
|
||||
echo "Bucket loop-bucket created successfully."
|
||||
else
|
||||
echo "Bucket loop-bucket already exists."
|
||||
fi
|
||||
|
||||
# Установка политик для бакета
|
||||
cat <<EOF > /tmp/minio-bucket-policy.json
|
||||
{
|
||||
"Version": "2012-10-17",
|
||||
"Statement": [
|
||||
{
|
||||
"Effect": "Allow",
|
||||
"Principal": {
|
||||
"AWS": [
|
||||
"*"
|
||||
]
|
||||
},
|
||||
"Action": [
|
||||
"s3:GetBucketLocation"
|
||||
],
|
||||
"Resource": [
|
||||
"arn:aws:s3:::loop-bucket"
|
||||
]
|
||||
},
|
||||
{
|
||||
"Effect": "Allow",
|
||||
"Principal": {
|
||||
"AWS": [
|
||||
"*"
|
||||
]
|
||||
},
|
||||
"Action": [
|
||||
"s3:GetObject"
|
||||
],
|
||||
"Resource": [
|
||||
"arn:aws:s3:::loop-bucket/*"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
EOF
|
||||
echo "Bucket policy JSON file created."
|
||||
|
||||
mc anonymous set-json /tmp/minio-bucket-policy.json myminio/loop-bucket
|
||||
echo "Bucket policy applied."
|
||||
|
||||
mc admin policy attach myminio loop-policy --user={{ .Values.minio.customUser }}
|
||||
echo "Policy attached to user {{ .Values.minio.customUser }}."
|
||||
|
||||
resources:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "256Mi"
|
||||
cpu: "200m"
|
||||
restartPolicy: OnFailure
|
||||
backoffLimit: 5
|
||||
ttlSecondsAfterFinished: 180
|
||||
{{- end }}
|
||||
Loading…
x
Reference in New Issue
Block a user