| gio | c916187 | 2024-04-21 10:46:35 +0400 | [diff] [blame] | 1 | {{- if .Values.s3.enabled }} |
| 2 | --- |
| 3 | apiVersion: "v1" |
| 4 | kind: "Secret" |
| 5 | metadata: |
| 6 | name: "{{ include "common.names.fullname" . }}-s3" |
| 7 | labels: |
| 8 | {{- include "common.labels.standard" . | nindent 4 }} |
| 9 | stringData: |
| 10 | OPENPROJECT_ATTACHMENTS__STORAGE: fog |
| 11 | OPENPROJECT_FOG_CREDENTIALS_PROVIDER: AWS |
| 12 | {{/* Fall back to '_' as secret name if the name is not given. This way `lookup` will return null (since secrets with this name will and cannot exist) which it doesn't with an empty string. */}} |
| 13 | {{ $secret := (lookup "v1" "Secret" .Release.Namespace (default "_" .Values.s3.auth.existingSecret)) | default (dict "data" dict) -}} |
| 14 | OPENPROJECT_FOG_CREDENTIALS_AWS__ACCESS__KEY__ID: {{ |
| 15 | default .Values.s3.auth.accessKeyId (get $secret.data .Values.s3.auth.secretKeys.accessKeyId | b64dec) | quote |
| 16 | }} |
| 17 | OPENPROJECT_FOG_CREDENTIALS_AWS__SECRET__ACCESS__KEY: {{ |
| 18 | default .Values.s3.auth.secretAccessKey (get $secret.data .Values.s3.auth.secretKeys.secretAccessKey | b64dec) | quote |
| 19 | }} |
| 20 | {{ if .Values.s3.endpoint -}} |
| 21 | OPENPROJECT_FOG_CREDENTIALS_ENDPOINT: {{ .Values.s3.endpoint }} |
| 22 | {{- end }} |
| 23 | {{ if .Values.s3.host -}} |
| 24 | OPENPROJECT_FOG_CREDENTIALS_HOST: {{ .Values.s3.host }} |
| 25 | {{- end }} |
| 26 | {{ if .Values.s3.port -}} |
| 27 | OPENPROJECT_FOG_CREDENTIALS_PORT: "{{ .Values.s3.port }}" |
| 28 | {{- end }} |
| 29 | OPENPROJECT_FOG_DIRECTORY: {{ .Values.s3.bucketName }} |
| 30 | OPENPROJECT_FOG_CREDENTIALS_REGION: {{ .Values.s3.region }} |
| 31 | OPENPROJECT_FOG_CREDENTIALS_PATH__STYLE: "{{ .Values.s3.pathStyle }}" |
| 32 | OPENPROJECT_FOG_CREDENTIALS_AWS__SIGNATURE__VERSION: "{{ .Values.s3.signatureVersion }}" |
| 33 | # remove use_iam_profile fallback after some point |
| 34 | OPENPROJECT_FOG_CREDENTIALS_USE__IAM__PROFILE: {{ if or .Values.s3.use_iam_profile .Values.s3.useIamProfile }}"true"{{else}}"false"{{end}} |
| 35 | OPENPROJECT_FOG_CREDENTIALS_ENABLE__SIGNATURE__V4__STREAMING: {{ if .Values.s3.enableSignatureV4Streaming }}"true"{{else}}"false"{{end}} |
| 36 | OPENPROJECT_DIRECT__UPLOADS: {{ if .Values.s3.directUploads }}"true"{{else}}"false"{{end}} |
| 37 | ... |
| 38 | {{- end }} |