refactor: change objectstore authentication based on helpers

Signed-off-by: Kaan Yagci <[email protected]>
Substra · Feb 20, 2024 · 88f6791 · 88f6791
1 parent 8b6006d
commit 88f6791
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 6 deletions.
diff --git a/charts/substra-backend/templates/_helpers.tpl b/charts/substra-backend/templates/_helpers.tpl
@@ -287,3 +287,40 @@ Define service URL based on MinIO or LocalStack enablement
         {{- printf "%s-localstack:4566" .Release.Name -}}
     {{- end -}}
 {{- end -}}
+
+
+{{/*
+Define objectstore access key based on MinIO or LocalStack enablement
+*/}}
+{{- define "substra-backend.objectStore.accessKey" -}}
+    {{- if .Values.minio.enabled -}}
+        {{- .Values.minio.auth.rootUser }}
+    {{- else if .Values.localstack.enabled -}}
+        {{- include "substra-backend.localstack.envValue" "AWS_ACCESS_KEY_ID" }}
+    {{- end -}}
+{{- end -}}
+
+{{/*
+Define objectstore secret key bassed on MinIO and Localstack enablemement
+*/}}
+{{- define "substra-backend.objectStore.secretKey" -}}
+  {{- if .Values.minio.enabled -}}
+        {{- .Values.minio.auth.rootPassword }}
+    {{- else if .Values.localstack.enabled -}}
+        {{- include "substra-backend.localstack.envValue" "AWS_SECRET_ACCESS_KEY" }}
+    {{- end -}}
+{{- end -}}
+
+{{/*
+Retrieve AWS environment variable value
+*/}}
+{{- define "substra-backend.localstack.envValue" -}}
+{{- $envName := . -}}
+{{- $value := "" -}}
+{{- range .Values.localstack.environment -}}
+  {{- if eq .name $envName -}}
+    {{- $value = .value -}}
+  {{- end -}}
+{{- end -}}
+{{- $value -}}
+{{- end -}}
diff --git a/charts/substra-backend/templates/secret-objectstore.yaml b/charts/substra-backend/templates/secret-objectstore.yaml
@@ -7,5 +7,5 @@ metadata:
     app.kubernetes.io/name: {{ include "substra.name" . }}
 type: Opaque
 data:
-  OBJECTSTORE_ACCESSKEY: {{ .Values.minio.auth.rootUser | b64enc }}
-  OBJECTSTORE_SECRETKEY: {{ .Values.minio.auth.rootPassword | b64enc }}
+  OBJECTSTORE_ACCESSKEY: {{- include "substra-backend.objectStore.accessKey" | b64enc }}
+  OBJECTSTORE_SECRETKEY: {{- include "substra-backend.objectStore.secretKey" | b64enc }}
diff --git a/charts/substra-backend/values.yaml b/charts/substra-backend/values.yaml
@@ -856,8 +856,8 @@ docker-registry:
 minio:
   enabled: false
   auth:
-    rootUser: &objecStoreRootUser minio
-    rootPassword: &objectStoreRootPassword minio1234
+    rootUser: minio
+    rootPassword: minio1234
     ## required for helm upgrade to work well (https://github.com/bitnami/charts/blob/1d7e62b47f525fca5ecdc2f34a4e9fa69f1532f5/bitnami/minio/values.yaml#L106)
     forcePassword: true
     ## required to take into account new access and secret keys
@@ -885,9 +885,9 @@ localstack:
     - name: DOCKER_HOST
       value: "unix:///var/run/docker.sock"
     - name: AWS_ACCESS_KEY_ID
-      value: *objecStoreRootUser
+      value: "helloAws"
     - name: AWS_SECRET_ACCESS_KEY
-      value: *objectStoreRootPassword
+      value: "mySuperSecureAWSAccessKey1234"
 
   persistence:
     enabled: true