From 2483d356400ec3083e4699c7684a6c2a7bccf2a8 Mon Sep 17 00:00:00 2001
From: Steve Wilkerson <wilkers.steve@gmail.com>
Date: Sat, 12 Jan 2019 13:27:04 -0600
Subject: [PATCH] Helm-toolkit: Check radosgw endpoint scheme for bucket
 creation

This updates the helm-toolkit s3 bucket creation script and job
manifest to account for situations where the radosgw endpoint
might require the --no-ssl flag. The update checks for the
radosgw endpoint scheme to determine whether to use the flag in
order to preserve previous behavior

Change-Id: I75f441f55ca29b7864c09c70d875e48b366ebf52
---
 .../templates/manifests/_job-s3-bucket.yaml.tpl      |  2 ++
 .../templates/scripts/_create-s3-bucket.sh.tpl       | 12 ++++++++++--
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
index 70cd03417..a8c064fac 100644
--- a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
+++ b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
@@ -68,6 +68,8 @@ spec:
               value: {{ $s3Bucket }}
             - name: RGW_HOST
               value: {{ tuple "ceph_object_store" "internal" "api" $envAll | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
+            - name: RGW_PROTO
+              value: {{ tuple "ceph_object_store" "internal" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" }}
           volumeMounts:
             - name: s3-bucket-sh
               mountPath: /tmp/create-s3-bucket.sh
diff --git a/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl b/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl
index 365b4a5ec..3fbc498d9 100644
--- a/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl
+++ b/helm-toolkit/templates/scripts/_create-s3-bucket.sh.tpl
@@ -19,7 +19,11 @@ limitations under the License.
 
 function create_rgw_s3_bucket ()
 {
-  create_bucket=$(s3cmd mb s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate)
+  if [ "$RGW_PROTO" = "http" ]; then
+    create_bucket=$(s3cmd mb s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate --no-ssl)
+  else
+    create_bucket=$(s3cmd mb s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate)
+  fi
   if [ $? -eq 0 ]; then
     echo "Bucket $S3_BUCKET created"
   else
@@ -30,7 +34,11 @@ function create_rgw_s3_bucket ()
 
 function modify_bucket_acl ()
 {
-  modify_acl=$(s3cmd setacl s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate --acl-grant=read:$S3_USERNAME --acl-grant=write:$S3_USERNAME)
+  if [ "$RGW_PROTO" = "http" ]; then
+    modify_acl=$(s3cmd setacl s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate --no-ssl --acl-grant=read:$S3_USERNAME --acl-grant=write:$S3_USERNAME)
+  else
+    modify_acl=$(s3cmd setacl s3://$S3_BUCKET --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate --acl-grant=read:$S3_USERNAME --acl-grant=write:$S3_USERNAME)
+  fi
   if [ $? -eq 0 ]; then
     echo "Bucket $S3_BUCKET ACL updated"
   else