[bitnami/minio]: Option to use a secret. (#27837)

* [bitnami/minio]: Optio to use a secret. In some environments, Kubernetes secrets are not allowed and credentials are mounted using some other mechanism (i.e. Vault sidecar injector). This offers the option to operate without a Kubernetes secret. Signed-off-by: Kubeshop <174873053+ed382@users.noreply.github.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update bitnami/minio/templates/standalone/deployment.yaml Signed-off-by: Emil <174873053+ed382@users.noreply.github.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Kubeshop <174873053+ed382@users.noreply.github.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Emil <174873053+ed382@users.noreply.github.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
2026-03-08 08:47:24 +08:00 · 2024-08-12 17:33:39 +02:00
parent b449fa96b8
commit 5c2162370d
6 changed files with 10 additions and 6 deletions
--- a/bitnami/minio/CHANGELOG.md
+++ b/bitnami/minio/CHANGELOG.md
@@ -1,8 +1,8 @@
 # Changelog

-## 14.6.33 (2024-08-07)
+## 14.7.0 (2024-08-12)

-* [bitnami/minio] Release 14.6.33 ([#28731](https://github.com/bitnami/charts/pull/28731))
+* [bitnami/minio]: Option to use a secret. ([#27837](https://github.com/bitnami/charts/pull/27837))

 ## <small>14.6.32 (2024-08-03)</small>

--- a/bitnami/minio/Chart.yaml
+++ b/bitnami/minio/Chart.yaml
@@ -34,4 +34,4 @@ maintainers:
 name: minio
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/minio
-version: 14.6.33
+version: 14.7.0
--- a/bitnami/minio/README.md
+++ b/bitnami/minio/README.md
@@ -254,6 +254,7 @@ You can enable this initContainer by setting `volumePermissions.enabled` to `tru
 | `auth.rootPasswordSecretKey` | Key where the MINIO_ROOT_USER password is being stored inside the existing secret `auth.existingSecret`                               | `""`                           |
 | `auth.forcePassword`         | Force users to specify required passwords                                                                                             | `false`                        |
 | `auth.useCredentialsFiles`   | Mount credentials as a files instead of using an environment variable                                                                 | `false`                        |
+| `auth.useSecret`             | Uses a secret to mount the credential files.                                                                                          | `true`                         |
 | `auth.forceNewKeys`          | Force root credentials (user and password) to be reconfigured every time they change in the secrets                                   | `false`                        |
 | `defaultBuckets`             | Comma, semi-colon or space separated list of buckets to create at initialization (only in standalone mode)                            | `""`                           |
 | `disableWebUI`               | Disable MinIO&reg; Web UI                                                                                                             | `false`                        |
--- a/bitnami/minio/templates/_helpers.tpl
+++ b/bitnami/minio/templates/_helpers.tpl
@@ -113,7 +113,7 @@ Return true if a secret object should be created
 {{- define "minio.createSecret" -}}
 {{- if .Values.auth.existingSecret -}}
 {{- else -}}
-    {{- true -}}
+    {{- .Values.auth.useSecret -}}
 {{- end -}}
 {{- end -}}

--- a/bitnami/minio/templates/standalone/deployment.yaml
+++ b/bitnami/minio/templates/standalone/deployment.yaml
@@ -231,7 +231,7 @@ spec:
            - name: empty-dir
              mountPath: /.mc
              subPath: app-mc-dir
-            {{- if .Values.auth.useCredentialsFiles }}
+            {{- if and .Values.auth.useSecret .Values.auth.useCredentialsFiles }}
            - name: minio-credentials
              mountPath: /opt/bitnami/minio/secrets/
            {{- end }}
@@ -250,7 +250,7 @@ spec:
      volumes:
        - name: empty-dir
          emptyDir: {}
-        {{- if .Values.auth.useCredentialsFiles }}
+        {{- if and .Values.auth.useSecret .Values.auth.useCredentialsFiles }}
        - name: minio-credentials
          secret:
            secretName: {{ include "minio.secretName" . }}
--- a/bitnami/minio/values.yaml
+++ b/bitnami/minio/values.yaml
@@ -128,6 +128,9 @@ auth:
  ## @param auth.useCredentialsFiles Mount credentials as a files instead of using an environment variable
  ##
  useCredentialsFiles: false
+  ## @param auth.useSecret Uses a secret to mount the credential files.
+  ##
+  useSecret: true
  ## @param auth.forceNewKeys Force root credentials (user and password) to be reconfigured every time they change in the secrets
  ##
  forceNewKeys: false