diff --git a/elasticsearch/Chart.yaml b/elasticsearch/Chart.yaml index 8cb3ff4fd..30dbb464d 100644 --- a/elasticsearch/Chart.yaml +++ b/elasticsearch/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v7.6.2 description: OpenStack-Helm ElasticSearch name: elasticsearch -version: 0.2.6 +version: 0.2.7 home: https://www.elastic.co/ sources: - https://github.com/elastic/elasticsearch diff --git a/elasticsearch/templates/bin/_create_s3_buckets.sh.tpl b/elasticsearch/templates/bin/_create_s3_buckets.sh.tpl index ed9ed1f07..c21df0661 100644 --- a/elasticsearch/templates/bin/_create_s3_buckets.sh.tpl +++ b/elasticsearch/templates/bin/_create_s3_buckets.sh.tpl @@ -38,6 +38,7 @@ ADMIN_AUTH_ARGS=" --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRE S3_BUCKET={{ $bucket.name }} S3_BUCKET_OPTS={{ $bucket.options | default nil | include "helm-toolkit.utils.joinListWithSpace" }} +S3_SSL_OPT={{ $bucket.ssl_connection_option | default "" }} S3_USERNAME=${{ printf "%s_S3_USERNAME" ( $bucket.client | replace "-" "_" | upper) }} S3_ACCESS_KEY=${{ printf "%s_S3_ACCESS_KEY" ( $bucket.client | replace "-" "_" | upper) }} @@ -54,7 +55,7 @@ CONNECTION_ARGS="--host=$RGW_HOST --host-bucket=$RGW_HOST" if [ "$RGW_PROTO" = "http" ]; then CONNECTION_ARGS+=" --no-ssl" else - CONNECTION_ARGS+=" ${TLS_OPTION}" + CONNECTION_ARGS+=" $S3_SSL_OPT" fi USER_AUTH_ARGS=" --access_key=$S3_ACCESS_KEY --secret_key=$S3_SECRET_KEY" diff --git a/elasticsearch/values.yaml b/elasticsearch/values.yaml index 6f5760f77..572d3bf39 100644 --- a/elasticsearch/values.yaml +++ b/elasticsearch/values.yaml @@ -928,10 +928,14 @@ storage: # client: default # options: # list of extra options for s3cmd # - --region="default:osh-infra" + # # SSL connection option for s3cmd + # ssl_connecton_option: --ca-certs={path to mounted ca.crt} # - name: backup-bucket # client: backup # options: # list of extra options for s3cmd # - --region="default:backup" + # # SSL connection option for s3cmd + # ssl_connecton_option: --ca-certs={path to mounted ca.crt} manifests: certificates: false diff --git a/helm-toolkit/Chart.yaml b/helm-toolkit/Chart.yaml index f9fe2138b..c5808b856 100644 --- a/helm-toolkit/Chart.yaml +++ b/helm-toolkit/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Helm-Toolkit name: helm-toolkit -version: 0.2.13 +version: 0.2.14 home: https://docs.openstack.org/openstack-helm icon: https://www.openstack.org/themes/openstack/images/project-mascots/OpenStack-Helm/OpenStack_Project_OpenStackHelm_vertical.png sources: diff --git a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl index b26bdb4f2..bea68762d 100644 --- a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl @@ -75,10 +75,6 @@ spec: - -c - /tmp/create-s3-bucket.sh env: -{{- if and ($tlsCertificatePath) ($tlsCertificateSecret) }} - - name: TLS_OPTION - value: {{ printf "--ca-certs=%s" $tlsCertificatePath | quote }} -{{- end }} {{- with $env := dict "s3AdminSecret" $envAll.Values.secrets.rgw.admin }} {{- include "helm-toolkit.snippets.rgw_s3_admin_env_vars" $env | indent 12 }} {{- end }} diff --git a/releasenotes/notes/elasticsearch.yaml b/releasenotes/notes/elasticsearch.yaml index 3fd8df180..156e79295 100644 --- a/releasenotes/notes/elasticsearch.yaml +++ b/releasenotes/notes/elasticsearch.yaml @@ -16,4 +16,5 @@ elasticsearch: - 0.2.4 Update helm-test script - 0.2.5 Enable TLS with Kibana - 0.2.6 Enable TLS path between nodes in cluster and TLS path between ceph-rgw + - 0.2.7 Get connection option from values.yaml ... diff --git a/releasenotes/notes/helm-toolkit.yaml b/releasenotes/notes/helm-toolkit.yaml index 7e270fcf5..363742f8f 100644 --- a/releasenotes/notes/helm-toolkit.yaml +++ b/releasenotes/notes/helm-toolkit.yaml @@ -20,4 +20,5 @@ helm-toolkit: - 0.2.11 Revert S3 User & Bucket job scripts to v0.2.9 - 0.2.12 Remove hook-delete-policy - 0.2.13 Modify connection args for s3 bucket creation when TLS is enabled + - 0.2.14 Remove TLS_OPTION argument from s3 bucket creation job ...