From 1544de80e09b6fbd724047d61c82fb054bf01901 Mon Sep 17 00:00:00 2001 From: YongHwan Yoo Date: Sat, 9 May 2026 23:09:39 +0900 Subject: [PATCH] feat quick-start object storage secret refs --- deployments/charts/quick-start/README.md | 3 +++ .../charts/quick-start/templates/config-setup.yaml | 13 +++++++++++++ deployments/charts/quick-start/values.yaml | 8 ++++++++ 3 files changed, 24 insertions(+) diff --git a/deployments/charts/quick-start/README.md b/deployments/charts/quick-start/README.md index 200c7d7ca..8c92379a6 100644 --- a/deployments/charts/quick-start/README.md +++ b/deployments/charts/quick-start/README.md @@ -70,6 +70,9 @@ This chart installs and configures: | `global.objectStorage.overrideUrl` | Object storage override URL (changed for localstack-s3) | `"http://localstack-s3.osmo:4566"` | | `global.objectStorage.accessKeyId` | Object storage access key ID for authentication | `"test"` | | `global.objectStorage.accessKey` | Object storage access key for authentication | `"test"` | +| `global.objectStorage.existingSecret.name` | Existing Secret containing object storage credentials | `""` | +| `global.objectStorage.existingSecret.accessKeyIdKey` | Secret key for the object storage access key ID | `"access_key_id"` | +| `global.objectStorage.existingSecret.accessKeyKey` | Secret key for the object storage access key | `"access_key"` | | `global.objectStorage.region` | Object storage region where the bucket is located | `"us-east-1"` | ### Gateway Configuration diff --git a/deployments/charts/quick-start/templates/config-setup.yaml b/deployments/charts/quick-start/templates/config-setup.yaml index e7d3b4e56..e715cbbee 100644 --- a/deployments/charts/quick-start/templates/config-setup.yaml +++ b/deployments/charts/quick-start/templates/config-setup.yaml @@ -256,10 +256,23 @@ spec: value: {{ .Values.global.objectStorage.endpoint | quote }} - name: OBJECT_STORAGE_OVERRIDE_URL value: {{ .Values.global.objectStorage.overrideUrl | quote }} + {{- if .Values.global.objectStorage.existingSecret.name }} + - name: OBJECT_STORAGE_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: {{ .Values.global.objectStorage.existingSecret.name | quote }} + key: {{ .Values.global.objectStorage.existingSecret.accessKeyIdKey | quote }} + - name: OBJECT_STORAGE_ACCESS_KEY + valueFrom: + secretKeyRef: + name: {{ .Values.global.objectStorage.existingSecret.name | quote }} + key: {{ .Values.global.objectStorage.existingSecret.accessKeyKey | quote }} + {{- else }} - name: OBJECT_STORAGE_ACCESS_KEY_ID value: {{ .Values.global.objectStorage.accessKeyId | quote }} - name: OBJECT_STORAGE_ACCESS_KEY value: {{ .Values.global.objectStorage.accessKey | quote }} + {{- end }} - name: OBJECT_STORAGE_REGION value: {{ .Values.global.objectStorage.region | quote }} - name: CONTAINER_REGISTRY diff --git a/deployments/charts/quick-start/values.yaml b/deployments/charts/quick-start/values.yaml index 6170267cd..2fd8f1d37 100644 --- a/deployments/charts/quick-start/values.yaml +++ b/deployments/charts/quick-start/values.yaml @@ -66,6 +66,14 @@ global: ## Object storage access key for authentication ## accessKey: "test" + ## Existing Kubernetes Secret for object storage credentials. + ## When name is set, config-setup reads accessKeyId/accessKey from this Secret + ## instead of rendering the plain values above into the Job manifest. + ## + existingSecret: + name: "" + accessKeyIdKey: "access_key_id" + accessKeyKey: "access_key" ## Object storage region where the bucket is located ## region: "us-east-1"