From 19ffc11f00ddf1caf3901a8ec6a247b61cd74a03 Mon Sep 17 00:00:00 2001 From: Pierre Hubert Date: Tue, 9 May 2023 18:45:59 +0200 Subject: [PATCH 1/6] Add basic documentation --- README.md | 22 +--------- docs/README.md | 116 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 118 insertions(+), 20 deletions(-) create mode 100644 docs/README.md diff --git a/README.md b/README.md index fd7ff4a..380d709 100644 --- a/README.md +++ b/README.md @@ -1,24 +1,6 @@ # MinioK8sBuckets +[![Build Status](https://drone.communiquons.org/api/badges/pierre/MinioK8sBuckets/status.svg)](https://drone.communiquons.org/pierre/MinioK8sBuckets) Automatically create Minio buckets based on K8S Custom Resources. -## Installation -1. Run the following commands: -```bash -kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/crd.yaml -kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/deployment.yaml -``` - -2. Deploy Minio -3. Create a MinioInstance & a MinioBucket (like in [our test](test/test-inside-cluster.yaml)) -4. That's it! - - -## Development -Apply all K8s config files manually: - -```bash -cat yaml/*.yaml | kubectl apply -f - -``` - -Note : [mc tool](https://min.io/download) is required \ No newline at end of file +See the [docs](docs) to learn more. \ No newline at end of file diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 0000000..118dc34 --- /dev/null +++ b/docs/README.md @@ -0,0 +1,116 @@ +# Minio K8S bucket + +An operator to automatically create and update S3 buckets on Minio, with their accounts. + +One deployed, this tool will allow you to automatically create Minio accounts associated with buckets. + + +## Pre-requisites +You will need: + +* `kubectl` access to the target cluster +* A running Minio instance, and especially: + * The URL where the API of the instance can be reached + * The root credentials + + +## Installation +The operator can be installed using the following commands: + +```bash +kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/crd.yaml +kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/master/yaml/deployment.yaml +``` + +!!! warning "Known limitation" + The operator install a deployment on the `default` namespace. Currently, only this namespace is supported! + +## Configure instance +In order to create buckets, the operator needs to know how to reach the Minio instance. + +You first need to secret similar to that one: + +```yaml +apiVersion: v1 +kind: Secret +metadata: + name: minio-root +type: Opaque +dyringData: + accessKey: + secretKey: +``` + +Replace `` and `` with the appropriate values. + + + +You can then declare a Minio instance simiarl to that one: + +```yaml +apiVersion: "communiquons.org/v1" +kind: MinioInstance +metadata: + name: my-minio-instance +spec: + endpoint: https://minio.example.com/ + credentials: minio-root +``` + +!!! note + Minio itself can be located outside of the Kubernetes cluster. + + +## Create a bucket +You are not ready to create your first bucket! + +Here is a basic bucket example: + +```yaml +apiVersion: "communiquons.org/v1" +kind: MinioBucket +metadata: + name: first-bucket +spec: + # The name of the minio instance + instance: my-minio-instance + # The name of the bucket to create + name: first-bucket + # The name of the secret that will be created + # by the operator which contains credentials to + # use to access the bucket + secret: first-bucket-secret +``` + +## More complete example +Here is a more complete example that makes use of all the available options: + +```yaml +apiVersion: "communiquons.org/v1" +kind: MinioBucket +metadata: + name: my-bucket +spec: + instance: my-minio-instance + name: my-bucket + secret: my-bucket-secret + # This must be set to true to allow unauthenticated + # access to the bucket resources. Use this to host a + # static website for example + anonymous_read_access: true + # Enable versioning on the bucket => keep old versions + # of uploaded files + versioning: true + # If specified, a quota will be applied to the bucket, in bytes + quota: 1000000000 + # Prevent files from being removed from the bucket. This parameter + # can not be changed, once the bucket has been created + lock: true + # Data retention policy. Versioning must be enabled to allow this + retention: + # The number of days data shall be kept + validity: 100 + # compliance => nobody can bypass the policy + # governance => users with privileges might bypass policy restrictions + mode: compliance +``` \ No newline at end of file -- 2.45.2 From cbc3a63e266860fdb2094c67346d229106868c44 Mon Sep 17 00:00:00 2001 From: Pierre Hubert Date: Tue, 9 May 2023 18:49:02 +0200 Subject: [PATCH 2/6] Update CI --- .drone.yml | 5 +++++ mkdocs.yml | 20 ++++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 mkdocs.yml diff --git a/.drone.yml b/.drone.yml index dcc7d9f..f6e5145 100644 --- a/.drone.yml +++ b/.drone.yml @@ -14,3 +14,8 @@ steps: - cargo clippy -- -D warnings - cargo test +- name: doc + image: python + commands: + - pip install mkdocs-material + - mkdocs build --site-dir public \ No newline at end of file diff --git a/mkdocs.yml b/mkdocs.yml new file mode 100644 index 0000000..64fea61 --- /dev/null +++ b/mkdocs.yml @@ -0,0 +1,20 @@ +site_name: Minio K8S buckets operator +theme: + language: en + name: material + palette: + # Palette toggle for dark mode + - media: "(prefers-color-scheme: dark)" + scheme: slate + + +markdown_extensions: + - admonition + - pymdownx.details + - pymdownx.superfences + +repo_url: https://gitea.communiquons.org/pierre/MinioK8sBuckets +edit_uri: src/branch/master/docs/ + +plugins: + - search -- 2.45.2 From 3c34bb9962a24ce3ae55d3adacd3b4be61913a4e Mon Sep 17 00:00:00 2001 From: Pierre Hubert Date: Tue, 9 May 2023 19:13:51 +0200 Subject: [PATCH 3/6] Attempt to publish docs --- .drone.yml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index f6e5145..51573c6 100644 --- a/.drone.yml +++ b/.drone.yml @@ -17,5 +17,17 @@ steps: - name: doc image: python commands: + # Build website - pip install mkdocs-material - - mkdocs build --site-dir public \ No newline at end of file + - mkdocs build --site-dir public + # Install AWS + - curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" + - unzip awscliv2.zip + - ./aws/install + - aws configure set default.s3.signature_version s3v4 + # Upload to bucket + # Note: the following environment variable are required: + # - AWS_ACCESS_KEY_ID + # - AWS_SECRET_ACCESS_KEY + # - AWS_DEFAULT_REGION + - cd public && aws --endpoint-url https://s3.communiquons.org s3 sync . s3://miniok8sbucketsoperator-website \ No newline at end of file -- 2.45.2 From b0b0c1f1c235a0f6e2c7f7896b8f33baef0e5fc1 Mon Sep 17 00:00:00 2001 From: Pierre Hubert Date: Tue, 9 May 2023 19:26:16 +0200 Subject: [PATCH 4/6] Fix missing environment variables --- .drone.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.drone.yml b/.drone.yml index 51573c6..2d3b44c 100644 --- a/.drone.yml +++ b/.drone.yml @@ -16,6 +16,12 @@ steps: - name: doc image: python + environment: + AWS_ACCESS_KEY_ID: + from_secret: AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY: + from_secret: AWS_SECRET_ACCESS_KEY + AWS_DEFAULT_REGION: us-east-1 commands: # Build website - pip install mkdocs-material @@ -26,8 +32,4 @@ steps: - ./aws/install - aws configure set default.s3.signature_version s3v4 # Upload to bucket - # Note: the following environment variable are required: - # - AWS_ACCESS_KEY_ID - # - AWS_SECRET_ACCESS_KEY - # - AWS_DEFAULT_REGION - cd public && aws --endpoint-url https://s3.communiquons.org s3 sync . s3://miniok8sbucketsoperator-website \ No newline at end of file -- 2.45.2 From 75a5c84b635aa8bfdbd8581fadd646a94c2346a0 Mon Sep 17 00:00:00 2001 From: Pierre Hubert Date: Tue, 9 May 2023 19:33:02 +0200 Subject: [PATCH 5/6] Fix documentation issue --- docs/README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/README.md b/docs/README.md index 118dc34..22c0503 100644 --- a/docs/README.md +++ b/docs/README.md @@ -1,4 +1,4 @@ -# Minio K8S bucket +# Minio K8S bucket operator An operator to automatically create and update S3 buckets on Minio, with their accounts. @@ -10,8 +10,8 @@ You will need: * `kubectl` access to the target cluster * A running Minio instance, and especially: - * The URL where the API of the instance can be reached - * The root credentials + * The URL where the API of the instance can be reached + * The root credentials ## Installation @@ -23,7 +23,7 @@ kubectl apply -f https://raw.githubusercontent.com/pierre42100/MinioK8sBuckets/m ``` !!! warning "Known limitation" - The operator install a deployment on the `default` namespace. Currently, only this namespace is supported! + The operator install a deployment on the `default` namespace. Currently, only this namespace is supported! ## Configure instance In order to create buckets, the operator needs to know how to reach the Minio instance. @@ -58,7 +58,7 @@ spec: ``` !!! note - Minio itself can be located outside of the Kubernetes cluster. + Minio itself can be located outside of the Kubernetes cluster. ## Create a bucket -- 2.45.2 From bf8b814792310d4739160eb6790ef8a0ce438255 Mon Sep 17 00:00:00 2001 From: Pierre Hubert Date: Tue, 9 May 2023 19:34:33 +0200 Subject: [PATCH 6/6] Build website only on master branch --- .drone.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.drone.yml b/.drone.yml index 2d3b44c..4fda616 100644 --- a/.drone.yml +++ b/.drone.yml @@ -22,6 +22,9 @@ steps: AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY AWS_DEFAULT_REGION: us-east-1 + when: + branch: + - master commands: # Build website - pip install mkdocs-material -- 2.45.2