diff --git a/charts/aws-ingress/templates/ELB_s3minio_https.yaml b/charts/aws-ingress/templates/ELB_s3_https.yaml similarity index 90% rename from charts/aws-ingress/templates/ELB_s3minio_https.yaml rename to charts/aws-ingress/templates/ELB_s3_https.yaml index 6b96001f0c0..efff7de1e83 100644 --- a/charts/aws-ingress/templates/ELB_s3minio_https.yaml +++ b/charts/aws-ingress/templates/ELB_s3_https.yaml @@ -20,7 +20,7 @@ spec: - name: https protocol: TCP port: {{ .https.externalPort }} - # NOTE: This value should match s3 http listening port on the s3 service (minio) + # NOTE: This value should match the S3-compatible HTTP listening port on the selected service. targetPort: {{ .http.s3Port }} {{- end }} {{- end }} diff --git a/charts/aws-ingress/values.yaml b/charts/aws-ingress/values.yaml index eff6b721e4f..4291533431c 100644 --- a/charts/aws-ingress/values.yaml +++ b/charts/aws-ingress/values.yaml @@ -33,7 +33,7 @@ ingress: ws: wsPort: 8081 s3minio: - enabled: false # set to true if you wish to use minio on AWS instead of using real S3 + enabled: false # set to true if you wish to expose the in-cluster S3-compatible service instead of real S3 https: externalPort: 443 sslCert: arn:aws:iam::00000-accountnumber-00000:server-certificate/wire.example @@ -44,7 +44,7 @@ ingress: s3Port: 9000 selector: key: app - value: minio # (currently) fake-aws-s3 chart uses 'minio', minio-external chart uses 'minio-external' + value: fake-aws-s3 teamSettings: https: externalPort: 443 diff --git a/charts/fake-aws-s3-legacy-minio/Chart.yaml b/charts/fake-aws-s3-legacy-minio/Chart.yaml new file mode 100644 index 00000000000..d8c9f067076 --- /dev/null +++ b/charts/fake-aws-s3-legacy-minio/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: Legacy wrapper chart for MinIO used by fake-aws-s3 +name: fake-aws-s3-legacy-minio +version: 0.0.42 diff --git a/charts/fake-aws-s3/requirements.yaml b/charts/fake-aws-s3-legacy-minio/requirements.yaml similarity index 100% rename from charts/fake-aws-s3/requirements.yaml rename to charts/fake-aws-s3-legacy-minio/requirements.yaml diff --git a/charts/fake-aws-s3-legacy-minio/templates/_helpers.tpl b/charts/fake-aws-s3-legacy-minio/templates/_helpers.tpl new file mode 100644 index 00000000000..6ecbd30d5a9 --- /dev/null +++ b/charts/fake-aws-s3-legacy-minio/templates/_helpers.tpl @@ -0,0 +1,16 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 53 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 53 chars (63 - len("-discovery")) because some Kubernetes name fields are limited to 63 (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s" $name | trunc 53 | trimSuffix "-" -}} +{{- end -}} diff --git a/charts/fake-aws-s3-legacy-minio/templates/reaper.yaml b/charts/fake-aws-s3-legacy-minio/templates/reaper.yaml new file mode 100644 index 00000000000..0687875de32 --- /dev/null +++ b/charts/fake-aws-s3-legacy-minio/templates/reaper.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "fullname" . }}-reaper + labels: + app: {{ template "fullname" . }}-reaper + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + replicas: 1 + selector: + matchLabels: + app: {{ template "fullname" . }}-reaper + template: + metadata: + labels: + app: {{ template "fullname" . }}-reaper + spec: + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: "kubernetes.io/hostname" + whenUnsatisfiable: ScheduleAnyway + labelSelector: + matchLabels: + app: {{ template "fullname" . }}-reaper + volumes: + - name: minio-configuration + projected: + # These are created by the minio chart and used for create buckets and + # users after deployment. + sources: + - configMap: + name: {{ .Values.minio.fullnameOverride }} + - secret: + name: {{ .Values.minio.fullnameOverride }} + containers: + - name: initiate-fake-aws-s3 + image: "{{ .Values.minio.mcImage.repository }}:{{ .Values.minio.mcImage.tag }}" + imagePullPolicy: {{ .Values.minio.mcImage.pullPolicy }} + command: [/bin/sh] + args: + - -c + - | + echo 'Creating MinIO Users and Buckets' + while true + do + /bin/sh /config/initialize + /bin/sh /config/add-user + sleep 10 + done + env: + - name: MINIO_ENDPOINT + value: {{ .Values.minio.fullnameOverride | quote }} + - name: MINIO_PORT + value: {{ .Values.minio.service.port | quote }} + volumeMounts: + - name: minio-configuration + mountPath: /config diff --git a/charts/fake-aws-s3-legacy-minio/values.yaml b/charts/fake-aws-s3-legacy-minio/values.yaml new file mode 100644 index 00000000000..bf36bdf4a93 --- /dev/null +++ b/charts/fake-aws-s3-legacy-minio/values.yaml @@ -0,0 +1,27 @@ +# See defaults in https://github.com/minio/minio/blob/RELEASE.2023-07-07T07-13-57Z/helm/minio/values.yaml +minio: + fullnameOverride: fake-aws-s3 + service: + port: "9000" + mode: standalone + users: + - accessKey: dummykey + secretKey: dummysecret + policy: consoleAdmin + persistence: + enabled: false + environment: + MINIO_BROWSER: "off" + resources: + requests: + memory: 200Mi + buckets: + - name: dummy-bucket + purge: false + policy: none + - name: assets + purge: false + policy: none + - name: public + purge: false + policy: public diff --git a/charts/fake-aws-s3/Chart.yaml b/charts/fake-aws-s3/Chart.yaml index 711a80137b7..f7a7ba50b48 100644 --- a/charts/fake-aws-s3/Chart.yaml +++ b/charts/fake-aws-s3/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 -description: Wrapper chart for stable/minio +description: Wrapper chart for RustFS used by fake-aws-s3 name: fake-aws-s3 version: 0.0.42 diff --git a/charts/fake-aws-s3/templates/_helpers.tpl b/charts/fake-aws-s3/templates/_helpers.tpl index 6ecbd30d5a9..f4ab0209625 100644 --- a/charts/fake-aws-s3/templates/_helpers.tpl +++ b/charts/fake-aws-s3/templates/_helpers.tpl @@ -1,16 +1,8 @@ {{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "name" -}} +{{- define "fake-aws-s3.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 53 | trimSuffix "-" -}} {{- end -}} -{{/* -Create a default fully qualified app name. -We truncate at 53 chars (63 - len("-discovery")) because some Kubernetes name fields are limited to 63 (by the DNS naming spec). -*/}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s" $name | trunc 53 | trimSuffix "-" -}} +{{- define "fake-aws-s3.fullname" -}} +{{- default .Chart.Name .Values.fullnameOverride | trunc 53 | trimSuffix "-" -}} {{- end -}} diff --git a/charts/fake-aws-s3/templates/reaper.yaml b/charts/fake-aws-s3/templates/reaper.yaml index 0687875de32..b1c0e55139d 100644 --- a/charts/fake-aws-s3/templates/reaper.yaml +++ b/charts/fake-aws-s3/templates/reaper.yaml @@ -1,9 +1,61 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "fake-aws-s3.fullname" . }}-bootstrap + labels: + app: {{ include "fake-aws-s3.fullname" . }}-bootstrap + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + backoffLimit: 6 + template: + metadata: + labels: + app: {{ include "fake-aws-s3.fullname" . }}-bootstrap + spec: + restartPolicy: OnFailure + containers: + - name: bootstrap-fake-aws-s3 + image: "{{ .Values.bootstrap.image.repository }}:{{ .Values.bootstrap.image.tag }}" + imagePullPolicy: {{ .Values.bootstrap.image.pullPolicy }} + command: [/bin/sh] + args: + - -c + - | + set -euo pipefail + + export AWS_ACCESS_KEY_ID="$RUSTFS_ACCESS_KEY" + export AWS_SECRET_ACCESS_KEY="$RUSTFS_SECRET_KEY" + export AWS_REGION="${AWS_REGION:-eu-west-1}" + + endpoint="http://{{ include "fake-aws-s3.fullname" . }}:{{ .Values.service.port }}" + + until aws --endpoint-url="$endpoint" s3api list-buckets >/dev/null 2>&1; do + echo "waiting for RustFS" + sleep 2 + done + + {{- range .Values.bootstrap.buckets }} + if aws --endpoint-url="$endpoint" s3api head-bucket --bucket {{ .name | quote }} >/dev/null 2>&1; then + echo "bucket {{ .name }} already exists" + else + aws --endpoint-url="$endpoint" s3api create-bucket --bucket {{ .name | quote }} + aws --endpoint-url="$endpoint" s3api wait bucket-exists --bucket {{ .name | quote }} + fi + {{- end }} + env: + - name: RUSTFS_ACCESS_KEY + value: {{ .Values.credentials.accessKey | quote }} + - name: RUSTFS_SECRET_KEY + value: {{ .Values.credentials.secretKey | quote }} +--- apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "fullname" . }}-reaper + name: {{ include "fake-aws-s3.fullname" . }} labels: - app: {{ template "fullname" . }}-reaper + app: {{ include "fake-aws-s3.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.Name }}" heritage: "{{ .Release.Service }}" @@ -11,11 +63,11 @@ spec: replicas: 1 selector: matchLabels: - app: {{ template "fullname" . }}-reaper + app: {{ include "fake-aws-s3.fullname" . }} template: metadata: labels: - app: {{ template "fullname" . }}-reaper + app: {{ include "fake-aws-s3.fullname" . }} spec: topologySpreadConstraints: - maxSkew: 1 @@ -23,37 +75,60 @@ spec: whenUnsatisfiable: ScheduleAnyway labelSelector: matchLabels: - app: {{ template "fullname" . }}-reaper - volumes: - - name: minio-configuration - projected: - # These are created by the minio chart and used for create buckets and - # users after deployment. - sources: - - configMap: - name: {{ .Values.minio.fullnameOverride }} - - secret: - name: {{ .Values.minio.fullnameOverride }} + app: {{ include "fake-aws-s3.fullname" . }} containers: - - name: initiate-fake-aws-s3 - image: "{{ .Values.minio.mcImage.repository }}:{{ .Values.minio.mcImage.tag }}" - imagePullPolicy: {{ .Values.minio.mcImage.pullPolicy }} - command: [/bin/sh] + - name: fake-aws-s3 + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} args: - - -c - - | - echo 'Creating MinIO Users and Buckets' - while true - do - /bin/sh /config/initialize - /bin/sh /config/add-user - sleep 10 - done + - {{ .Values.storage.dataPath | quote }} env: - - name: MINIO_ENDPOINT - value: {{ .Values.minio.fullnameOverride | quote }} - - name: MINIO_PORT - value: {{ .Values.minio.service.port | quote }} + - name: RUSTFS_ACCESS_KEY + value: {{ .Values.credentials.accessKey | quote }} + - name: RUSTFS_SECRET_KEY + value: {{ .Values.credentials.secretKey | quote }} + - name: RUSTFS_VOLUMES + value: {{ .Values.storage.dataPath | quote }} + - name: RUSTFS_ADDRESS + value: ":{{ .Values.service.port }}" + - name: RUSTFS_CONSOLE_ENABLE + value: "false" + ports: + - containerPort: {{ .Values.service.port }} + name: s3 + readinessProbe: + tcpSocket: + port: s3 + initialDelaySeconds: 5 + periodSeconds: 5 + livenessProbe: + tcpSocket: + port: s3 + initialDelaySeconds: 15 + periodSeconds: 10 + resources: +{{ toYaml .Values.resources | indent 10 }} volumeMounts: - - name: minio-configuration - mountPath: /config + - name: data + mountPath: {{ .Values.storage.dataPath }} + volumes: + - name: data + emptyDir: {} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "fake-aws-s3.fullname" . }} + labels: + app: {{ include "fake-aws-s3.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + type: ClusterIP + ports: + - name: s3 + port: {{ .Values.service.port }} + targetPort: s3 + selector: + app: {{ include "fake-aws-s3.fullname" . }} diff --git a/charts/fake-aws-s3/values.yaml b/charts/fake-aws-s3/values.yaml index bf36bdf4a93..29490c16539 100644 --- a/charts/fake-aws-s3/values.yaml +++ b/charts/fake-aws-s3/values.yaml @@ -1,27 +1,30 @@ -# See defaults in https://github.com/minio/minio/blob/RELEASE.2023-07-07T07-13-57Z/helm/minio/values.yaml -minio: - fullnameOverride: fake-aws-s3 - service: - port: "9000" - mode: standalone - users: - - accessKey: dummykey - secretKey: dummysecret - policy: consoleAdmin - persistence: - enabled: false - environment: - MINIO_BROWSER: "off" - resources: - requests: - memory: 200Mi +fullnameOverride: fake-aws-s3 + +image: + repository: rustfs/rustfs + tag: latest + pullPolicy: IfNotPresent + +service: + port: 9000 + +credentials: + accessKey: dummykey + secretKey: dummysecret + +storage: + dataPath: /data + +resources: + requests: + memory: 200Mi + +bootstrap: + image: + repository: amazon/aws-cli + tag: 2.17.49 + pullPolicy: IfNotPresent buckets: - name: dummy-bucket - purge: false - policy: none - name: assets - purge: false - policy: none - name: public - purge: false - policy: public diff --git a/charts/fake-aws/requirements.yaml b/charts/fake-aws/requirements.yaml index 55b8cca7144..8d87c32dcfe 100644 --- a/charts/fake-aws/requirements.yaml +++ b/charts/fake-aws/requirements.yaml @@ -26,6 +26,14 @@ dependencies: - fake-aws-s3 - aws-mocks - demo +- name: fake-aws-s3-legacy-minio + version: "0.0.42" + repository: "file://../fake-aws-s3-legacy-minio" + condition: fake-aws-s3-legacy-minio.enabled,global.fake-aws-s3-legacy-minio.enabled + tags: + - fake-aws-s3-legacy-minio + - aws-mocks + - demo - name: fake-aws-ses version: "0.0.42" repository: "file://../fake-aws-ses" diff --git a/charts/fake-aws/templates/NOTES.txt b/charts/fake-aws/templates/NOTES.txt index 81d394e5dda..35afc43a9a6 100644 --- a/charts/fake-aws/templates/NOTES.txt +++ b/charts/fake-aws/templates/NOTES.txt @@ -20,7 +20,11 @@ SQS : http://fake-aws-sqs:{{ index .Values "fake-aws-sqs" "service" "httpPo {{- end }} {{- if index .Values "fake-aws-s3" "enabled" }} S3 : http://fake-aws-s3:9000 - bucket: {{ index .Values "fake-aws-s3" "minio" "buckets" 0 "name" }} + bucket: {{ index .Values "fake-aws-s3" "bootstrap" "buckets" 0 "name" }} +{{- end }} +{{- if index .Values "fake-aws-s3-legacy-minio" "enabled" }} +S3 : http://fake-aws-s3:9000 + bucket: {{ index .Values "fake-aws-s3-legacy-minio" "minio" "buckets" 0 "name" }} {{- end }} {{- if index .Values "fake-aws-ses" "enabled" }} SES : http://fake-aws-ses:{{ index .Values "fake-aws-ses" "service" "externalPort" }} diff --git a/charts/fake-aws/values.yaml b/charts/fake-aws/values.yaml index a82983b2435..786da6f291f 100644 --- a/charts/fake-aws/values.yaml +++ b/charts/fake-aws/values.yaml @@ -8,5 +8,7 @@ fake-aws-sns: enabled: true fake-aws-s3: enabled: true +fake-aws-s3-legacy-minio: + enabled: false fake-aws-ses: enabled: false diff --git a/charts/nginx-ingress-services/templates/_helpers.tpl b/charts/nginx-ingress-services/templates/_helpers.tpl index 63095902b4c..792b3e501ff 100644 --- a/charts/nginx-ingress-services/templates/_helpers.tpl +++ b/charts/nginx-ingress-services/templates/_helpers.tpl @@ -83,17 +83,17 @@ nginx-ingress-{{ .Values.ingressName }} {{- end -}} {{/* -Name of the minio ingress. Extracted as helper to reduce the complexity in the template -itself. The default name is 'minio-ingress' for backwards compatibility (it has -been this name since version 5.7.0.) +Name of the S3 ingress. Extracted as helper to reduce the complexity in the template +itself. The default name is 's3-ingress' for consistency with the current RustFS-backed +fake S3 setup. Why do we need to be able to change this name? For multi-ingress setups, we'll have multiple of these ingresses (which need unique names). */}} -{{- define "nginx-ingress-services.getMinioIngressName" -}} +{{- define "nginx-ingress-services.getS3IngressName" -}} {{- if (eq .Values.ingressName "") -}} -minio-ingress +s3-ingress {{- else -}} -minio-ingress-{{ .Values.ingressName }} +s3-ingress-{{ .Values.ingressName }} {{- end -}} {{- end -}} diff --git a/charts/nginx-ingress-services/templates/ingress_minio.yaml b/charts/nginx-ingress-services/templates/ingress_s3.yaml similarity index 67% rename from charts/nginx-ingress-services/templates/ingress_minio.yaml rename to charts/nginx-ingress-services/templates/ingress_s3.yaml index fed523e9e99..af0bdf9d89e 100644 --- a/charts/nginx-ingress-services/templates/ingress_minio.yaml +++ b/charts/nginx-ingress-services/templates/ingress_s3.yaml @@ -1,15 +1,8 @@ {{- if .Values.fakeS3.enabled }} -# We use a separate ingress for minio because we want to restrict access to /minio/ path -# for security reasons apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: {{ include "nginx-ingress-services.getMinioIngressName" . | quote }} - annotations: - nginx.ingress.kubernetes.io/server-snippet: | - location /minio/ { - return 403; - } + name: {{ include "nginx-ingress-services.getS3IngressName" . | quote }} spec: ingressClassName: "{{ .Values.config.ingressClass }}" tls: diff --git a/charts/nginx-ingress-services/values.yaml b/charts/nginx-ingress-services/values.yaml index e77de580fb9..35f6719d5ff 100644 --- a/charts/nginx-ingress-services/values.yaml +++ b/charts/nginx-ingress-services/values.yaml @@ -165,7 +165,8 @@ config: # useFakeS3: true # ^ useFakeS3 should be enabled if S3 access is to be # provided by fake-aws-s3, inside of the kubernetes cluster. -# when it is something outside of the cluster (like minio-external), +# when it is something outside of the cluster (like a dedicated external +# S3-compatible service), # we should leave this setting off. this setting creates a # fake-aws-s3 service inside of the cluster, which should be # what is referred to in the brig configuration. diff --git a/charts/wire-server/templates/cargohold/tests/cargohold-integration.yaml b/charts/wire-server/templates/cargohold/tests/cargohold-integration.yaml index df6518e0bbe..1d2b1542625 100644 --- a/charts/wire-server/templates/cargohold/tests/cargohold-integration.yaml +++ b/charts/wire-server/templates/cargohold/tests/cargohold-integration.yaml @@ -14,7 +14,8 @@ spec: name: "cargohold" containers: # NOTE: the bucket for these tests must be created. - # If using the wire-server/fake-aws-s3 chart, `dummy-bucket` will already be created. + # If using the wire-server/fake-aws-s3 chart, `dummy-bucket` will already be created + # by the configured S3 bootstrap logic. - name: integration image: "{{ .Values.cargohold.image.repository }}-integration:{{ .Values.cargohold.image.tag }}" {{- if eq (include "includeSecurityContext" .) "true" }} diff --git a/deploy/dockerephemeral/docker-compose.legacy-minio.yaml b/deploy/dockerephemeral/docker-compose.legacy-minio.yaml new file mode 100644 index 00000000000..1b754f987d4 --- /dev/null +++ b/deploy/dockerephemeral/docker-compose.legacy-minio.yaml @@ -0,0 +1,7 @@ +services: + fake_s3: + image: minio/minio:RELEASE.2023-07-07T07-13-57Z + environment: + MINIO_ACCESS_KEY: dummykey + MINIO_SECRET_KEY: dummysecret # minio requires a secret of at least 8 chars + command: server /tmp diff --git a/deploy/dockerephemeral/docker-compose.yaml b/deploy/dockerephemeral/docker-compose.yaml index f96f794b019..7b420424bbc 100644 --- a/deploy/dockerephemeral/docker-compose.yaml +++ b/deploy/dockerephemeral/docker-compose.yaml @@ -68,13 +68,17 @@ services: fake_s3: container_name: demo_wire_s3 - image: minio/minio:RELEASE.2023-07-07T07-13-57Z + image: rustfs/rustfs:latest ports: - "127.0.0.1:4570:9000" environment: - MINIO_ACCESS_KEY: dummykey - MINIO_SECRET_KEY: dummysecret # minio requires a secret of at least 8 chars - command: server /tmp + RUSTFS_ACCESS_KEY: dummykey + RUSTFS_SECRET_KEY: dummysecret + RUSTFS_VOLUMES: /data + RUSTFS_ADDRESS: :9000 + RUSTFS_CONSOLE_ENABLE: "false" + command: + - /data networks: - demo_wire diff --git a/deploy/dockerephemeral/run.sh b/deploy/dockerephemeral/run.sh index bbb51d13370..8950f60bb92 100755 --- a/deploy/dockerephemeral/run.sh +++ b/deploy/dockerephemeral/run.sh @@ -1,13 +1,15 @@ #!/usr/bin/env bash # To start the federation v0, v1, v2 backends, set ENABLE_FEDERATION_V0=1, ENABLE_FEDERATION_V1=1, ENABLE_FEDERATION_V2=1 -# in the env where this script is run +# in the env where this script is run. +# Set WIRE_S3_MODE=minio to use the legacy MinIO-backed fake S3 service. set -e # run.sh should work no matter what is the current directory SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" DOCKER_FILE="$SCRIPT_DIR/docker-compose.yaml" +S3_MODE="${WIRE_S3_MODE:-rustfs}" FED_VERSIONS=(0 1 2) if [[ -e "${SCRIPT_DIR}/run.before.hook.local" ]]; then @@ -16,6 +18,17 @@ if [[ -e "${SCRIPT_DIR}/run.before.hook.local" ]]; then fi opts=("--file" "$DOCKER_FILE") +case "$S3_MODE" in + rustfs) + ;; + minio) + opts+=("--file" "$SCRIPT_DIR/docker-compose.legacy-minio.yaml") + ;; + *) + echo "Unsupported WIRE_S3_MODE: $S3_MODE" >&2 + exit 1 + ;; +esac for v in "${FED_VERSIONS[@]}"; do var="ENABLE_FEDERATION_V$v" if [[ "${!var}" == 1 ]]; then diff --git a/hack/helm_vars/fake-aws/values.yaml b/hack/helm_vars/fake-aws/values.yaml.gotmpl similarity index 88% rename from hack/helm_vars/fake-aws/values.yaml rename to hack/helm_vars/fake-aws/values.yaml.gotmpl index ca99419b479..9af5d074f32 100644 --- a/hack/helm_vars/fake-aws/values.yaml +++ b/hack/helm_vars/fake-aws/values.yaml.gotmpl @@ -1,8 +1,14 @@ +{{- $s3Mode := env "WIRE_S3_MODE" | default "rustfs" -}} + fake-aws-ses: enabled: true sesSender: "backend-integrationk8s@wire.com" fake-aws-s3: + enabled: {{ eq $s3Mode "rustfs" }} + +fake-aws-s3-legacy-minio: + enabled: {{ eq $s3Mode "minio" }} minio: mcImage: {} diff --git a/hack/helmfile-federation-v0.yaml.gotmpl b/hack/helmfile-federation-v0.yaml.gotmpl index 5400307d84b..546129cfd5b 100644 --- a/hack/helmfile-federation-v0.yaml.gotmpl +++ b/hack/helmfile-federation-v0.yaml.gotmpl @@ -55,10 +55,9 @@ releases: - name: 'fake-aws' namespace: wire-federation-v0 - chart: wire/fake-aws - version: 4.38.0-mandarin.14 + chart: '../.local/charts/fake-aws' values: - - './helm_vars/fake-aws/values.yaml' + - './helm_vars/fake-aws/values.yaml.gotmpl' - name: 'databases-ephemeral' namespace: wire-federation-v0 @@ -107,4 +106,3 @@ releases: needs: - 'cert-manager/cert-manager' - 'cert-manager/federation-certs' - diff --git a/hack/helmfile.yaml.gotmpl b/hack/helmfile.yaml.gotmpl index c64cc8bbf46..ee9d2effc11 100644 --- a/hack/helmfile.yaml.gotmpl +++ b/hack/helmfile.yaml.gotmpl @@ -100,13 +100,13 @@ releases: namespace: '{{ .Values.namespace1 }}' chart: '../.local/charts/fake-aws' values: - - './helm_vars/fake-aws/values.yaml' + - './helm_vars/fake-aws/values.yaml.gotmpl' - name: 'fake-aws' namespace: '{{ .Values.namespace2 }}' chart: '../.local/charts/fake-aws' values: - - './helm_vars/fake-aws/values.yaml' + - './helm_vars/fake-aws/values.yaml.gotmpl' - name: 'certs' namespace: '{{ .Values.namespace1 }}'