MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-01-11 23:13:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

helm: allow special characters in access/secret key (#15243)

Browse Source
This commit is contained in:
dorman 2022-07-08 22:20:10 +08:00 committed by GitHub
parent 4bfe849409
commit ab9544c0d3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 27 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
helm/minio/templates/_helper_create_user.txt
View File

@ -8,6 +8,10 @@ MC="/usr/bin/mc --insecure --config-dir ${MC_CONFIG_DIR}"
MC="/usr/bin/mc --insecure" MC="/usr/bin/mc --insecure"
{{- end }} {{- end }}
# AccessKey and secretkey credentials file are added to prevent shell execution errors caused by special characters.
# Special characters for example : ',",<,>,{,}
MINIO_ACCESSKEY_SECRETKEY_TMP="/config/accessKey_and_secretKey_tmp"
# connectToMinio # connectToMinio
# Use a check-sleep-check loop to wait for MinIO service to be available # Use a check-sleep-check loop to wait for MinIO service to be available
connectToMinio() { connectToMinio() {
@ -35,28 +39,35 @@ connectToMinio() {
return 0 return 0
} }
# checkUserExists ($username) # checkUserExists ()
# Check if the user exists, by using the exit code of `mc admin user info` # Check if the user exists, by using the exit code of `mc admin user info`
checkUserExists() { checkUserExists() {
USER=$1 CMD=$(${MC} admin user info myminio $(head -1 $MINIO_ACCESSKEY_SECRETKEY_TMP) > /dev/null 2>&1)
CMD=$(${MC} admin user info myminio $USER > /dev/null 2>&1)
return $? return $?
} }
# createUser ($username, $password, $policy) # createUser ($policy)
createUser() { createUser() {
USER=$1 POLICY=$1
PASS=$2 #check accessKey_and_secretKey_tmp file
POLICY=$3 if [[ ! -f $MINIO_ACCESSKEY_SECRETKEY_TMP ]];then
echo "credentials file does not exist"
return 1
fi
if [[ $(cat $MINIO_ACCESSKEY_SECRETKEY_TMP|wc -l) -ne 2 ]];then
echo "credentials file is invalid"
rm -f $MINIO_ACCESSKEY_SECRETKEY_TMP
return 1
fi
# Create the user if it does not exist # Create the user if it does not exist
if ! checkUserExists $USER ; then if ! checkUserExists ; then
echo "Creating user '$USER'" echo "Creating user '$USER'"
${MC} admin user add myminio $USER $PASS cat $MINIO_ACCESSKEY_SECRETKEY_TMP | ${MC} admin user add myminio
else else
echo "User '$USER' already exists." echo "User '$USER' already exists."
fi fi
#clean up credentials files.
rm -f $MINIO_ACCESSKEY_SECRETKEY_TMP
# set policy for user # set policy for user
if [ ! -z $POLICY -a $POLICY != " " ] ; then if [ ! -z $POLICY -a $POLICY != " " ] ; then
@ -79,10 +90,13 @@ connectToMinio $scheme
{{ $global := . }} {{ $global := . }}
# Create the users # Create the users
{{- range .Values.users }} {{- range .Values.users }}
echo {{ tpl .accessKey $global }} > $MINIO_ACCESSKEY_SECRETKEY_TMP
{{- if .existingSecret }} {{- if .existingSecret }}
createUser {{ tpl .accessKey $global }} $(cat /config/secrets/{{ tpl .accessKey $global }}) {{ .policy }} cat /config/secrets/{{ tpl .secretKey $global }} >> $MINIO_ACCESSKEY_SECRETKEY_TMP
createUser {{ .policy }}
{{ else }} {{ else }}
createUser {{ tpl .accessKey $global }} {{ .secretKey }} {{ .policy }} echo {{ .secretKey }} >> $MINIO_ACCESSKEY_SECRETKEY_TMP
createUser {{ .policy }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}