From 1614614837b16f20bb631ae9dee152d0ea3eb8ed Mon Sep 17 00:00:00 2001
From: drpsyko101 <drpsyko101@gmail.com>
Date: Sat, 13 Apr 2024 23:20:58 +0800
Subject: [PATCH] Fix minio secret handling

* Add note to vector volume mount
---
 charts/supabase/templates/secrets/_helpers.tpl   | 16 ++++++++++++++++
 .../supabase/templates/storage/deployment.yaml   | 12 +++++++++++-
 charts/supabase/values.example.yaml              |  3 +++
 3 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/charts/supabase/templates/secrets/_helpers.tpl b/charts/supabase/templates/secrets/_helpers.tpl
index 1b167a8..61d74ec 100644
--- a/charts/supabase/templates/secrets/_helpers.tpl
+++ b/charts/supabase/templates/secrets/_helpers.tpl
@@ -39,3 +39,19 @@ Expand the name of the s3 secret.
 {{- define "supabase.secret.s3" -}}
 {{- printf "%s-s3" (include "supabase.fullname" .) }}
 {{- end -}}
+
+{{/*
+Check if both s3 keys are valid
+*/}}
+{{- define "supabase.secret.s3.isValid" -}}
+{{- $isValid := "false" -}}
+{{- if .Values.secret.s3.keyId -}}
+{{- if .Values.secret.s3.accessKey -}}
+{{- printf "true" -}}
+{{- else -}}
+{{- printf "false" -}}
+{{- end -}}
+{{- else -}}
+{{- printf "false" -}}
+{{- end -}}
+{{- end -}}
diff --git a/charts/supabase/templates/storage/deployment.yaml b/charts/supabase/templates/storage/deployment.yaml
index 4b93977..b045429 100644
--- a/charts/supabase/templates/storage/deployment.yaml
+++ b/charts/supabase/templates/storage/deployment.yaml
@@ -170,17 +170,27 @@ spec:
             - name: IMGPROXY_URL
               value: http://{{ include "supabase.imgproxy.fullname" . }}:{{ .Values.imgproxy.service.port | int }}
             {{- end }}
-            {{- if .Values.secret.s3 }}
+            {{- if eq (include "supabase.secret.s3.isValid" .) "true" }}
             - name: AWS_ACCESS_KEY_ID
               valueFrom:
                 secretKeyRef:
+                {{- if .Values.secret.s3.secretRef }}
+                  name: {{ .Values.secret.s3.secretRef }}
+                  key: {{ .Values.secret.s3.secretRefKey.keyId | default "keyId" }}
+                {{- else }}
                   name: {{ include "supabase.secret.s3" . }}
                   key: keyId
+                {{- end }}
             - name: AWS_SECRET_ACCESS_KEY
               valueFrom:
                 secretKeyRef:
+                {{- if .Values.secret.s3.secretRef }}
+                  name: {{ .Values.secret.s3.secretRef }}
+                  key: {{ .Values.secret.s3.secretRefKey.keyId | default "accessKey" }}
+                {{- else }}
                   name: {{ include "supabase.secret.s3" . }}
                   key: accessKey
+                {{- end }}
             {{- end }}
             {{- if .Values.minio.enabled }}
             - name: GLOBAL_S3_ENDPOINT
diff --git a/charts/supabase/values.example.yaml b/charts/supabase/values.example.yaml
index 835c8b1..c8f46e0 100644
--- a/charts/supabase/values.example.yaml
+++ b/charts/supabase/values.example.yaml
@@ -138,6 +138,9 @@ vector:
       path: /health
       port: 9001
     initialDelaySeconds: 3
+  ## Vector requires logs from the control plane to function.
+  ## This is normally stored in /var/log/pods
+  ## Modify these values according to your environment.
   volumeMounts:
     - name: pod-logs
       mountPath: /var/log/pods
-- 
GitLab