Skip to content

Commit

Permalink
Add support for external s3 secrets
Browse files Browse the repository at this point in the history
  • Loading branch information
@joaosa
joaosa committed Aug 9, 2021
1 parent 5a68bb5 commit 45daca1
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 3 deletions.
1 change: 1 addition & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,7 @@ their default values.
| `secrets.htpasswd` | Htpasswd authentication | `nil` |
| `secrets.s3.accessKey` | Access Key for S3 configuration | `nil` |
| `secrets.s3.secretKey` | Secret Key for S3 configuration | `nil` |
| `secrets.s3.secretRef` | The ref for an external secret containing the accessKey and secretKey keys | `""` |
| `secrets.swift.username` | Username for Swift configuration | `nil` |
| `secrets.swift.password` | Password for Swift configuration | `nil` |
| `haSharedSecret` | Shared secret for Registry | `nil` |
Expand Down
6 changes: 3 additions & 3 deletions templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,16 +110,16 @@ spec:
name: {{ template "docker-registry.fullname" . }}-secret
key: azureContainer
{{- else if eq .Values.storage "s3" }}
{{- if and .Values.secrets.s3.secretKey .Values.secrets.s3.accessKey }}
{{- if or (and .Values.secrets.s3.secretKey .Values.secrets.s3.accessKey) .Values.secrets.s3.secretRef }}
- name: REGISTRY_STORAGE_S3_ACCESSKEY
valueFrom:
secretKeyRef:
name: {{ template "docker-registry.fullname" . }}-secret
name: {{ if .Values.secrets.s3.secretRef }}{{ .Values.secrets.s3.secretRef }}{{ else }}{{ template "docker-registry.fullname" . }}-secret{{ end }}
key: s3AccessKey
- name: REGISTRY_STORAGE_S3_SECRETKEY
valueFrom:
secretKeyRef:
name: {{ template "docker-registry.fullname" . }}-secret
name: {{ if .Values.secrets.s3.secretRef }}{{ .Values.secrets.s3.secretRef }}{{ else }}{{ template "docker-registry.fullname" . }}-secret{{ end }}
key: s3SecretKey
{{- end }}
- name: REGISTRY_STORAGE_S3_REGION
Expand Down
2 changes: 2 additions & 0 deletions values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,9 @@ secrets:
# accountKey: ""
# container: ""
# Secrets for S3 access and secret keys
# Use a secretRef with keys (accessKey, secretKey) for secrets stored outside the chart
# s3:
# secretRef: ""
# accessKey: ""
# secretKey: ""
# Secrets for Swift username and password
Expand Down

0 comments on commit 45daca1

Please sign in to comment.