From 706d723ca1f6ab14a2786639b6655adde6686533 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D1=80=D1=82=D0=B5=D0=BC=20=D0=94=D1=80=D0=BE=D0=B7?= =?UTF-8?q?=D0=B4=D0=BE=D0=B2?= Date: Thu, 29 Aug 2024 22:07:06 +0000 Subject: [PATCH] Update for minio --- yonote-chart-service/templates/mcJob.yaml | 83 ++++++++++++++++++++++- 1 file changed, 82 insertions(+), 1 deletion(-) diff --git a/yonote-chart-service/templates/mcJob.yaml b/yonote-chart-service/templates/mcJob.yaml index 7835bd2..787d6e6 100644 --- a/yonote-chart-service/templates/mcJob.yaml +++ b/yonote-chart-service/templates/mcJob.yaml @@ -21,11 +21,92 @@ spec: echo "Waiting for MinIO to be ready..." sleep 5 done + echo "MinIO is ready and alias is set." + + # Создание пользователя + if ! mc admin user add myminio {{ .Values.minio.customUser }} {{ .Values.minio.customAccessKey }}; then + echo "User {{ .Values.minio.customUser }} already exists or failed to create." + else + echo "User {{ .Values.minio.customUser }} created successfully." + fi + + # Назначение политики для нового пользователя + cat < /tmp/minio-user-policy.json + { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "VisualEditor", + "Effect": "Allow", + "Action": [ + "s3:DeleteObject", + "s3:GetObject", + "s3:PutObject" + ], + "Resource": [ + "arn:aws:s3:::yonote-bucket/*" + ] + } + ] + } + EOF + echo "User policy JSON file created." + + mc admin policy create myminio yonote-policy /tmp/minio-user-policy.json + echo "User policy created and applied." + + # Создание бакета if ! mc ls myminio/yonote-bucket; then mc mb myminio/yonote-bucket + echo "Bucket yonote-bucket created successfully." else echo "Bucket yonote-bucket already exists." fi + + # Установка политик для бакета + cat < /tmp/minio-bucket-policy.json + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "AWS": [ + "*" + ] + }, + "Action": [ + "s3:GetBucketLocation" + ], + "Resource": [ + "arn:aws:s3:::yonote-bucket" + ] + }, + { + "Effect": "Allow", + "Principal": { + "AWS": [ + "*" + ] + }, + "Action": [ + "s3:GetObject" + ], + "Resource": [ + "arn:aws:s3:::yonote-bucket/*" + ] + } + ] + } + EOF + echo "Bucket policy JSON file created." + + mc anonymous set-json /tmp/minio-bucket-policy.json myminio/yonote-bucket + echo "Bucket policy applied." + + mc admin policy attach myminio yonote-policy --user={{ .Values.minio.customUser }} + echo "Policy attached to user {{ .Values.minio.customUser }}." + resources: requests: memory: "128Mi" @@ -35,5 +116,5 @@ spec: cpu: "200m" restartPolicy: OnFailure backoffLimit: 5 - ttlSecondsAfterFinished: 100 + ttlSecondsAfterFinished: 180 {{- end }} \ No newline at end of file