Add KMS master key from Docker secret (#7825)

2025-11-07 04:42:56 -05:00 · 2019-07-17 21:55:26 +02:00
parent 55dd017e62
commit ea66a52ed1
5 changed files with 40 additions and 4 deletions
--- a/dockerscripts/docker-entrypoint.sh
+++ b/dockerscripts/docker-entrypoint.sh
@@ -39,6 +39,17 @@ docker_secrets_env() {
    fi
 }

+## Set SSE_MASTER_KEY from docker secrets if provided
+docker_sse_encryption_env() {
+    SSE_MASTER_KEY_FILE="/run/secrets/$MINIO_SSE_MASTER_KEY_FILE"
+
+    if [ -f "$SSE_MASTER_KEY_FILE" ]; then
+        MINIO_SSE_MASTER_KEY="$(cat "$SSE_MASTER_KEY_FILE")"
+        export MINIO_SSE_MASTER_KEY
+
+    fi
+}
+
 # su-exec to requested user, if service cannot run exec will fail.
 docker_switch_user() {
    if [ -z "${MINIO_USERNAME}" ] || [ -z "${MINIO_GROUPNAME}" ]; then
@@ -55,5 +66,8 @@ docker_switch_user() {
 ## Set access env from secrets if necessary.
 docker_secrets_env

+## Set sse encryption from secrets if necessary.
+docker_sse_encryption_env
+
 ## Switch to user if applicable.
 docker_switch_user "$@"