Update for minio
This commit is contained in:
parent
823f6bbb5c
commit
706d723ca1
|
|
@ -21,11 +21,92 @@ spec:
|
||||||
echo "Waiting for MinIO to be ready..."
|
echo "Waiting for MinIO to be ready..."
|
||||||
sleep 5
|
sleep 5
|
||||||
done
|
done
|
||||||
|
echo "MinIO is ready and alias is set."
|
||||||
|
|
||||||
|
# Создание пользователя
|
||||||
|
if ! mc admin user add myminio {{ .Values.minio.customUser }} {{ .Values.minio.customAccessKey }}; then
|
||||||
|
echo "User {{ .Values.minio.customUser }} already exists or failed to create."
|
||||||
|
else
|
||||||
|
echo "User {{ .Values.minio.customUser }} created successfully."
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Назначение политики для нового пользователя
|
||||||
|
cat <<EOF > /tmp/minio-user-policy.json
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Statement": [
|
||||||
|
{
|
||||||
|
"Sid": "VisualEditor",
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Action": [
|
||||||
|
"s3:DeleteObject",
|
||||||
|
"s3:GetObject",
|
||||||
|
"s3:PutObject"
|
||||||
|
],
|
||||||
|
"Resource": [
|
||||||
|
"arn:aws:s3:::yonote-bucket/*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
echo "User policy JSON file created."
|
||||||
|
|
||||||
|
mc admin policy create myminio yonote-policy /tmp/minio-user-policy.json
|
||||||
|
echo "User policy created and applied."
|
||||||
|
|
||||||
|
# Создание бакета
|
||||||
if ! mc ls myminio/yonote-bucket; then
|
if ! mc ls myminio/yonote-bucket; then
|
||||||
mc mb myminio/yonote-bucket
|
mc mb myminio/yonote-bucket
|
||||||
|
echo "Bucket yonote-bucket created successfully."
|
||||||
else
|
else
|
||||||
echo "Bucket yonote-bucket already exists."
|
echo "Bucket yonote-bucket already exists."
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Установка политик для бакета
|
||||||
|
cat <<EOF > /tmp/minio-bucket-policy.json
|
||||||
|
{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Statement": [
|
||||||
|
{
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Principal": {
|
||||||
|
"AWS": [
|
||||||
|
"*"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"Action": [
|
||||||
|
"s3:GetBucketLocation"
|
||||||
|
],
|
||||||
|
"Resource": [
|
||||||
|
"arn:aws:s3:::yonote-bucket"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Principal": {
|
||||||
|
"AWS": [
|
||||||
|
"*"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"Action": [
|
||||||
|
"s3:GetObject"
|
||||||
|
],
|
||||||
|
"Resource": [
|
||||||
|
"arn:aws:s3:::yonote-bucket/*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
echo "Bucket policy JSON file created."
|
||||||
|
|
||||||
|
mc anonymous set-json /tmp/minio-bucket-policy.json myminio/yonote-bucket
|
||||||
|
echo "Bucket policy applied."
|
||||||
|
|
||||||
|
mc admin policy attach myminio yonote-policy --user={{ .Values.minio.customUser }}
|
||||||
|
echo "Policy attached to user {{ .Values.minio.customUser }}."
|
||||||
|
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
memory: "128Mi"
|
memory: "128Mi"
|
||||||
|
|
@ -35,5 +116,5 @@ spec:
|
||||||
cpu: "200m"
|
cpu: "200m"
|
||||||
restartPolicy: OnFailure
|
restartPolicy: OnFailure
|
||||||
backoffLimit: 5
|
backoffLimit: 5
|
||||||
ttlSecondsAfterFinished: 100
|
ttlSecondsAfterFinished: 180
|
||||||
{{- end }}
|
{{- end }}
|
||||||
Loading…
Reference in New Issue