diff --git a/.drone.yml b/.drone.yml index dcc7d9f..4fda616 100644 --- a/.drone.yml +++ b/.drone.yml @@ -14,3 +14,25 @@ steps: - cargo clippy -- -D warnings - cargo test +- name: doc + image: python + environment: + AWS_ACCESS_KEY_ID: + from_secret: AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY: + from_secret: AWS_SECRET_ACCESS_KEY + AWS_DEFAULT_REGION: us-east-1 + when: + branch: + - master + commands: + # Build website + - pip install mkdocs-material + - mkdocs build --site-dir public + # Install AWS + - curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" + - unzip awscliv2.zip + - ./aws/install + - aws configure set default.s3.signature_version s3v4 + # Upload to bucket + - cd public && aws --endpoint-url https://s3.communiquons.org s3 sync . s3://miniok8sbucketsoperator-website \ No newline at end of file diff --git a/README.md b/README.md index fd7ff4a..380d709 100644 --- a/README.md +++ b/README.md @@ -1,24 +1,6 @@ # MinioK8sBuckets +[![Build Status](https://drone.communiquons.org/api/badges/pierre/MinioK8sBuckets/status.svg)](https://drone.communiquons.org/pierre/MinioK8sBuckets) Automatically create Minio buckets based on K8S Custom Resources. -## Installation -1. Run the following commands: -```bash -kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/crd.yaml -kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/deployment.yaml -``` - -2. Deploy Minio -3. Create a MinioInstance & a MinioBucket (like in [our test](test/test-inside-cluster.yaml)) -4. That's it! - - -## Development -Apply all K8s config files manually: - -```bash -cat yaml/*.yaml | kubectl apply -f - -``` - -Note : [mc tool](https://min.io/download) is required \ No newline at end of file +See the [docs](docs) to learn more. \ No newline at end of file diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 0000000..22c0503 --- /dev/null +++ b/docs/README.md @@ -0,0 +1,116 @@ +# Minio K8S bucket operator + +An operator to automatically create and update S3 buckets on Minio, with their accounts. + +One deployed, this tool will allow you to automatically create Minio accounts associated with buckets. + + +## Pre-requisites +You will need: + +* `kubectl` access to the target cluster +* A running Minio instance, and especially: + * The URL where the API of the instance can be reached + * The root credentials + + +## Installation +The operator can be installed using the following commands: + +```bash +kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/crd.yaml +kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/deployment.yaml +``` + +!!! warning "Known limitation" + The operator install a deployment on the `default` namespace. Currently, only this namespace is supported! + +## Configure instance +In order to create buckets, the operator needs to know how to reach the Minio instance. + +You first need to secret similar to that one: + +```yaml +apiVersion: v1 +kind: Secret +metadata: + name: minio-root +type: Opaque +dyringData: + accessKey: + secretKey: +``` + +Replace `` and `` with the appropriate values. + + + +You can then declare a Minio instance simiarl to that one: + +```yaml +apiVersion: "communiquons.org/v1" +kind: MinioInstance +metadata: + name: my-minio-instance +spec: + endpoint: https://minio.example.com/ + credentials: minio-root +``` + +!!! note + Minio itself can be located outside of the Kubernetes cluster. + + +## Create a bucket +You are not ready to create your first bucket! + +Here is a basic bucket example: + +```yaml +apiVersion: "communiquons.org/v1" +kind: MinioBucket +metadata: + name: first-bucket +spec: + # The name of the minio instance + instance: my-minio-instance + # The name of the bucket to create + name: first-bucket + # The name of the secret that will be created + # by the operator which contains credentials to + # use to access the bucket + secret: first-bucket-secret +``` + +## More complete example +Here is a more complete example that makes use of all the available options: + +```yaml +apiVersion: "communiquons.org/v1" +kind: MinioBucket +metadata: + name: my-bucket +spec: + instance: my-minio-instance + name: my-bucket + secret: my-bucket-secret + # This must be set to true to allow unauthenticated + # access to the bucket resources. Use this to host a + # static website for example + anonymous_read_access: true + # Enable versioning on the bucket => keep old versions + # of uploaded files + versioning: true + # If specified, a quota will be applied to the bucket, in bytes + quota: 1000000000 + # Prevent files from being removed from the bucket. This parameter + # can not be changed, once the bucket has been created + lock: true + # Data retention policy. Versioning must be enabled to allow this + retention: + # The number of days data shall be kept + validity: 100 + # compliance => nobody can bypass the policy + # governance => users with privileges might bypass policy restrictions + mode: compliance +``` \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml new file mode 100644 index 0000000..64fea61 --- /dev/null +++ b/mkdocs.yml @@ -0,0 +1,20 @@ +site_name: Minio K8S buckets operator +theme: + language: en + name: material + palette: + # Palette toggle for dark mode + - media: "(prefers-color-scheme: dark)" + scheme: slate + + +markdown_extensions: + - admonition + - pymdownx.details + - pymdownx.superfences + +repo_url: https://gitea.communiquons.org/pierre/MinioK8sBuckets +edit_uri: src/branch/master/docs/ + +plugins: + - search