From 88f679174b11da6f4e7f15ddaa022039bbc6a1ac Mon Sep 17 00:00:00 2001 From: Kaan Yagci Date: Tue, 20 Feb 2024 16:10:40 +0100 Subject: [PATCH] refactor: change objectstore authentication based on helpers Signed-off-by: Kaan Yagci --- charts/substra-backend/templates/_helpers.tpl | 37 +++++++++++++++++++ .../templates/secret-objectstore.yaml | 4 +- charts/substra-backend/values.yaml | 8 ++-- 3 files changed, 43 insertions(+), 6 deletions(-) diff --git a/charts/substra-backend/templates/_helpers.tpl b/charts/substra-backend/templates/_helpers.tpl index a83282d2d..65c2e73f0 100644 --- a/charts/substra-backend/templates/_helpers.tpl +++ b/charts/substra-backend/templates/_helpers.tpl @@ -287,3 +287,40 @@ Define service URL based on MinIO or LocalStack enablement {{- printf "%s-localstack:4566" .Release.Name -}} {{- end -}} {{- end -}} + + +{{/* +Define objectstore access key based on MinIO or LocalStack enablement +*/}} +{{- define "substra-backend.objectStore.accessKey" -}} + {{- if .Values.minio.enabled -}} + {{- .Values.minio.auth.rootUser }} + {{- else if .Values.localstack.enabled -}} + {{- include "substra-backend.localstack.envValue" "AWS_ACCESS_KEY_ID" }} + {{- end -}} +{{- end -}} + +{{/* +Define objectstore secret key bassed on MinIO and Localstack enablemement +*/}} +{{- define "substra-backend.objectStore.secretKey" -}} + {{- if .Values.minio.enabled -}} + {{- .Values.minio.auth.rootPassword }} + {{- else if .Values.localstack.enabled -}} + {{- include "substra-backend.localstack.envValue" "AWS_SECRET_ACCESS_KEY" }} + {{- end -}} +{{- end -}} + +{{/* +Retrieve AWS environment variable value +*/}} +{{- define "substra-backend.localstack.envValue" -}} +{{- $envName := . -}} +{{- $value := "" -}} +{{- range .Values.localstack.environment -}} + {{- if eq .name $envName -}} + {{- $value = .value -}} + {{- end -}} +{{- end -}} +{{- $value -}} +{{- end -}} diff --git a/charts/substra-backend/templates/secret-objectstore.yaml b/charts/substra-backend/templates/secret-objectstore.yaml index 49f4d2941..8ea87c52e 100644 --- a/charts/substra-backend/templates/secret-objectstore.yaml +++ b/charts/substra-backend/templates/secret-objectstore.yaml @@ -7,5 +7,5 @@ metadata: app.kubernetes.io/name: {{ include "substra.name" . }} type: Opaque data: - OBJECTSTORE_ACCESSKEY: {{ .Values.minio.auth.rootUser | b64enc }} - OBJECTSTORE_SECRETKEY: {{ .Values.minio.auth.rootPassword | b64enc }} + OBJECTSTORE_ACCESSKEY: {{- include "substra-backend.objectStore.accessKey" | b64enc }} + OBJECTSTORE_SECRETKEY: {{- include "substra-backend.objectStore.secretKey" | b64enc }} diff --git a/charts/substra-backend/values.yaml b/charts/substra-backend/values.yaml index 3504f24cb..d925575fb 100644 --- a/charts/substra-backend/values.yaml +++ b/charts/substra-backend/values.yaml @@ -856,8 +856,8 @@ docker-registry: minio: enabled: false auth: - rootUser: &objecStoreRootUser minio - rootPassword: &objectStoreRootPassword minio1234 + rootUser: minio + rootPassword: minio1234 ## required for helm upgrade to work well (https://github.com/bitnami/charts/blob/1d7e62b47f525fca5ecdc2f34a4e9fa69f1532f5/bitnami/minio/values.yaml#L106) forcePassword: true ## required to take into account new access and secret keys @@ -885,9 +885,9 @@ localstack: - name: DOCKER_HOST value: "unix:///var/run/docker.sock" - name: AWS_ACCESS_KEY_ID - value: *objecStoreRootUser + value: "helloAws" - name: AWS_SECRET_ACCESS_KEY - value: *objectStoreRootPassword + value: "mySuperSecureAWSAccessKey1234" persistence: enabled: true