From 2483d356400ec3083e4699c7684a6c2a7bccf2a8 Mon Sep 17 00:00:00 2001 From: Steve Wilkerson Date: Sat, 12 Jan 2019 13:27:04 -0600 Subject: [PATCH] Helm-toolkit: Check radosgw endpoint scheme for bucket creation This updates the helm-toolkit s3 bucket creation script and job manifest to account for situations where the radosgw endpoint might require the --no-ssl flag. The update checks for the radosgw endpoint scheme to determine whether to use the flag in order to preserve previous behavior Change-Id: I75f441f55ca29b7864c09c70d875e48b366ebf52 --- .../templates/manifests/_job-s3-bucket.yaml.tpl | 2 ++ .../templates/scripts/_create-s3-bucket.sh.tpl | 12 ++++++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl index 70cd03417..a8c064fac 100644 --- a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl @@ -68,6 +68,8 @@ spec: value: {{ $s3Bucket }} - name: RGW_HOST value: {{ tuple "ceph_object_store" "internal" "api" $envAll | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }} + - name: RGW_PROTO + value: {{ tuple "ceph_object_store" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" }} volumeMounts: - name: s3-bucket-sh mountPath: /tmp/create-s3-bucket.sh diff --git a/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl b/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl index 365b4a5ec..3fbc498d9 100644 --- a/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl +++ b/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl @@ -19,7 +19,11 @@ limitations under the License. function create_rgw_s3_bucket () { - create_bucket=$(s3cmd mb s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate) + if [ "$RGW_PROTO" = "http" ]; then + create_bucket=$(s3cmd mb s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate --no-ssl) + else + create_bucket=$(s3cmd mb s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate) + fi if [ $? -eq 0 ]; then echo "Bucket $S3_BUCKET created" else @@ -30,7 +34,11 @@ function create_rgw_s3_bucket () function modify_bucket_acl () { - modify_acl=$(s3cmd setacl s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate --acl-grant=read:$S3_USERNAME --acl-grant=write:$S3_USERNAME) + if [ "$RGW_PROTO" = "http" ]; then + modify_acl=$(s3cmd setacl s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate --no-ssl --acl-grant=read:$S3_USERNAME --acl-grant=write:$S3_USERNAME) + else + modify_acl=$(s3cmd setacl s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate --acl-grant=read:$S3_USERNAME --acl-grant=write:$S3_USERNAME) + fi if [ $? -eq 0 ]; then echo "Bucket $S3_BUCKET ACL updated" else