Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add loki user and bucket #41

Merged
merged 3 commits into from
Feb 16, 2024
Merged

feat: add loki user and bucket #41

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
856329a
feat: add loki user and bucket
rjferguson21 Feb 14, 2024
ad65c27
uds test user
rjferguson21 Feb 15, 2024
818c544
update docs
rjferguson21 Feb 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 13 additions & 5 deletions docs/MINIO.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,13 @@
# Minio Usage Examples

By default, the provided Minio instance provisions a minimal set up policies beyond the defaults. However, no service accounts, additional users or buckets are provisioned.
By default, the provided Minio instance provisions a minimal set up that includes a single bucket named `uds` that is accessible by the `uds` user:

```
users:
- accessKey: uds
secretKey: uds-secret
policy: readwrite-username-policy
```

You can port-forward ```kubectl port-forward service/minio 9000:9000 -n uds-dev-stack``` to access the service externally from where you can use any s3 compatible client to configure your buckets or the minio (mc) cli to handle other configurations, users or policy management. Similar functions could be performed in-cluster as well via a Job or other means.

Expand Down Expand Up @@ -90,10 +97,12 @@ If you are building a uds bundle and are using uds-k3d as a base for that bundle

This example will override the default users and buckets provisioned in the minio instance. These are bundle create time overrides.

> **_NOTE:_** Because the underlying fields for `users` and `buckets` are arrays, overriding these options via values will result in the default `uds` user and `uds` bucket not being created.

```yaml
# uds-bundle.yaml

zarf-packages:
packages:
- name: uds-k3d-dev
repository: ghcr.io/defenseunicorns/packages/uds-k3d
ref: 0.2.0
Expand Down Expand Up @@ -124,7 +133,7 @@ This example will show how to expose the ability to override the default users,
```yaml
# uds-bundle.yaml

zarf-packages:
packages:
- name: uds-k3d-dev
repository: ghcr.io/defenseunicorns/packages/uds-k3d
ref: 0.2.0
Expand Down Expand Up @@ -161,7 +170,7 @@ bundle:
users:
- accessKey: console
secretKey: "console-secret"
policy: consoleAdmin
policy: consoleAdmin
policies:
- name: example-policy
statements:
Expand All @@ -182,5 +191,4 @@ bundle:
- "s3:GetBucketLocation"
- "s3:ListBucket"
- "s3:ListBucketMultipartUploads"

```
8 changes: 7 additions & 1 deletion values/minio-values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,13 @@ persistence:
size: 50Gi

buckets:
- name: test
- name: uds

# uds test user
users:
- accessKey: uds
secretKey: uds-secret
policy: readwrite-username-policy

policies:
- name: readwrite-username-policy
Expand Down