From 6ac48aff469310556f4e084de8182d850185680a Mon Sep 17 00:00:00 2001
From: Christian Niessner <marvkis@users.noreply.github.com>
Date: Mon, 6 Feb 2023 06:51:10 +0100
Subject: [PATCH] helm: shared secrets handling for user and svcacct's (#16379)

---
 helm/minio/templates/_helper_create_svcacct.txt |  2 +-
 helm/minio/templates/_helper_create_user.txt    |  2 +-
 helm/minio/templates/post-job.yaml              | 11 ++++++++++-
 3 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/helm/minio/templates/_helper_create_svcacct.txt b/helm/minio/templates/_helper_create_svcacct.txt
index 285d50cfe..59f51b177 100644
--- a/helm/minio/templates/_helper_create_svcacct.txt
+++ b/helm/minio/templates/_helper_create_svcacct.txt
@@ -91,7 +91,7 @@ connectToMinio $scheme
 {{- range $idx, $svc := .Values.svcaccts }}
 echo {{ tpl .accessKey $global }} > $MINIO_ACCESSKEY_SECRETKEY_TMP
 {{- if .existingSecret }}
-cat /config/secrets/{{ tpl .existingSecret $global }}/{{ tpl .existingSecretKey $global }} >> $MINIO_ACCESSKEY_SECRETKEY_TMP
+cat /config/secrets-svc/{{ tpl .existingSecret $global }}/{{ tpl .existingSecretKey $global }} >> $MINIO_ACCESSKEY_SECRETKEY_TMP
 # Add a new line if it doesn't exist
 sed -i '$a\' $MINIO_ACCESSKEY_SECRETKEY_TMP
 {{ else }}
diff --git a/helm/minio/templates/_helper_create_user.txt b/helm/minio/templates/_helper_create_user.txt
index ea2b3b675..324bc9d48 100644
--- a/helm/minio/templates/_helper_create_user.txt
+++ b/helm/minio/templates/_helper_create_user.txt
@@ -93,7 +93,7 @@ connectToMinio $scheme
 {{- range .Values.users }}
 echo {{ tpl .accessKey $global }} > $MINIO_ACCESSKEY_SECRETKEY_TMP
 {{- if .existingSecret }}
-cat /config/secrets/{{ tpl .existingSecretKey $global }} >> $MINIO_ACCESSKEY_SECRETKEY_TMP
+cat /config/secrets/{{ tpl .existingSecret $global }}/{{ tpl .existingSecretKey $global }} >> $MINIO_ACCESSKEY_SECRETKEY_TMP
 # Add a new line if it doesn't exist
 sed -i '$a\' $MINIO_ACCESSKEY_SECRETKEY_TMP
 createUser {{ .policy }}
diff --git a/helm/minio/templates/post-job.yaml b/helm/minio/templates/post-job.yaml
index 28f38860b..11728c3ff 100644
--- a/helm/minio/templates/post-job.yaml
+++ b/helm/minio/templates/post-job.yaml
@@ -63,7 +63,16 @@ spec:
                   name: {{ tpl .existingSecret $ }}
                   items:
                     - key: {{ .existingSecretKey }}
-                      path: secrets/{{ tpl .existingSecretKey $ }}
+                      path: secrets/{{ tpl .existingSecret $ }}/{{ tpl .existingSecretKey $ }}
+              {{- end }}
+              {{- end }}
+              {{- range ( default list .Values.svcaccts ) }}
+              {{- if .existingSecret }}
+              - secret:
+                  name: {{ tpl .existingSecret $ }}
+                  items:
+                    - key: {{ .existingSecretKey }}
+                      path: secrets-svc/{{ tpl .existingSecret $ }}/{{ tpl .existingSecretKey $ }}
               {{- end }}
               {{- end }}
         {{- if .Values.tls.enabled }}