diff --git a/loop-enterprise-stack/templates/mcjob.yaml b/loop-enterprise-stack/templates/mcjob.yaml new file mode 100644 index 0000000..0befe03 --- /dev/null +++ b/loop-enterprise-stack/templates/mcjob.yaml @@ -0,0 +1,120 @@ +{{- if .Values.mcJob.enabled }} +apiVersion: batch/v1 +kind: Job +metadata: + name: loop-minio-mc-job + labels: + app: loop-minio +spec: + template: + metadata: + labels: + app: loop-minio + spec: + containers: + - name: mc-client + image: "minio/mc:RELEASE.2025-01-17T23-25-50Z" + command: ["/bin/sh", "-c"] + args: + - | + until mc alias set myminio http://loop-minio:9000 {{ .Values.minio.rootUser }} {{ .Values.minio.rootPassword }}; do + echo "Waiting for MinIO to be ready..." + sleep 5 + done + echo "MinIO is ready and alias is set." + + # Создание пользователя + #if ! mc admin user add myminio {{ .Values.minio.customUser }} {{ .Values.minio.customAccessKey }}; then + # echo "User {{ .Values.minio.customUser }} already exists or failed to create." + #else + # echo "User {{ .Values.minio.customUser }} created successfully." + #fi + + # Назначение политики для нового пользователя + cat < /tmp/minio-user-policy.json + { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "VisualEditor", + "Effect": "Allow", + "Action": [ + "s3:DeleteObject", + "s3:GetObject", + "s3:PutObject" + ], + "Resource": [ + "arn:aws:s3:::loop-bucket/*" + ] + } + ] + } + EOF + echo "User policy JSON file created." + + mc admin policy create myminio loop-policy /tmp/minio-user-policy.json + echo "User policy created and applied." + + # Создание бакета + if ! mc ls myminio/loop-bucket; then + mc mb myminio/loop-bucket + echo "Bucket loop-bucket created successfully." + else + echo "Bucket loop-bucket already exists." + fi + + # Установка политик для бакета + cat < /tmp/minio-bucket-policy.json + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "AWS": [ + "*" + ] + }, + "Action": [ + "s3:GetBucketLocation" + ], + "Resource": [ + "arn:aws:s3:::loop-bucket" + ] + }, + { + "Effect": "Allow", + "Principal": { + "AWS": [ + "*" + ] + }, + "Action": [ + "s3:GetObject" + ], + "Resource": [ + "arn:aws:s3:::loop-bucket/*" + ] + } + ] + } + EOF + echo "Bucket policy JSON file created." + + mc anonymous set-json /tmp/minio-bucket-policy.json myminio/loop-bucket + echo "Bucket policy applied." + + mc admin policy attach myminio loop-policy --user={{ .Values.minio.customUser }} + echo "Policy attached to user {{ .Values.minio.customUser }}." + + resources: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "256Mi" + cpu: "200m" + restartPolicy: OnFailure + backoffLimit: 5 + ttlSecondsAfterFinished: 180 +{{- end }} \ No newline at end of file