Make other backend configs consistent with gcs

Author: CRThaze

charts/s3proxy/override-values.example.yaml

@@ -67,55 +67,76 @@ config:
       region: "us-west-2"
       # endpoint: "https://s3.amazonaws.com"  # Optional custom endpoint (e.g., MinIO, Ceph)
       accessKeyID: "AKIAIOSFODNN7EXAMPLE"
-      secretAccessKey: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
+      secretAccessKey:
+        value: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
+        # existingSecret: "my-s3-secret"
+        # secretKey: "secretAccessKey"
 
     # Azure Blob Storage backend
     azureblob:
       enabled: false  # Set to true to use Azure Blob backend
       provider: "azureblob"  # Can be "azureblob" or "azureblob-sdk"
       account: "mystorageaccount"
-      key: "base64encodedkey=="
+      key:
+        value: "base64encodedkey=="
+        # existingSecret: "my-azure-secret"
+        # secretKey: "accountKey"
       # endpoint: "https://mystorageaccount.blob.core.windows.net"  # Optional
-      # sasToken: ""  # Optional SAS token
+      sasToken:
+        value: ""  # Optional SAS token
+        # existingSecret: "my-azure-sas-secret"
+        # secretKey: "sasToken"
 
     # Google Cloud Storage backend
     googleCloudStorage:
       enabled: false  # Set to true to use GCS backend
       projectID: "my-project"
 
-      # Service account email or user email (required for GCS authentication)
+      # Service account email or user email
       clientEmail: "[email protected]"
 
       # Private key configuration
       privateKey:
+        # Option 1: Provide private key directly
         # value: |-
-        #   "-----BEGIN RSA PRIVATE KEY-----..."
+        #   -----BEGIN RSA PRIVATE KEY-----
+        #   ...
+        #   -----END RSA PRIVATE KEY-----
 
-        # Option 2: Reference an existing secret containing the private key (recommended)
+        # Option 2: Reference an existing secret containing the private key
         # existingSecret: "my-gcs-privatekey-secret"
-        # secretKey: "gcs-private.key"  # Key in the secret containing the private key.
+        # secretKey: "privateKey"
 
     # Backblaze B2 backend
     b2:
       enabled: false  # Set to true to use B2 backend
       account: "account-id"
-      applicationKey: "application-key"
+      applicationKey:
+        value: "application-key"
+        # existingSecret: "my-b2-secret"
+        # secretKey: "applicationKey"
 
     # OpenStack Swift backend
     openstackSwift:
       enabled: false  # Set to true to use Swift backend
       authURL: "https://auth.cloud.com/v2.0"
       tenantName: "my-tenant"
       userName: "my-user"
-      password: "my-password"
+      password:
+        value: "my-password"
+        # existingSecret: "my-swift-secret"
+        # secretKey: "password"
       region: "RegionOne"
 
     # Rackspace Cloud Files backend
     rackspaceCloudfiles:
       enabled: false  # Set to true to use Rackspace Cloud Files backend
       region: "us"  # Region: "us" or "uk"
       userName: "my-user"
-      apiKey: "my-api-key"
+      apiKey:
+        value: "my-api-key"
+        # existingSecret: "my-rackspace-secret"
+        # secretKey: "apiKey"
 
 # Persistence settings for filesystem backend
 persistence:

charts/s3proxy/templates/configmap.yaml

@@ -109,8 +109,12 @@ data:
   {{- if .Values.config.backends.s3.endpoint }}
     jclouds.endpoint={{ .Values.config.backends.s3.endpoint }}
   {{- end }}
-    # Credentials will be merged from the secret properties file
-    # jclouds.identity and jclouds.credential will be provided by the secret
+  {{- if .Values.config.backends.s3.accessKeyID }}
+    jclouds.identity={{ .Values.config.backends.s3.accessKeyID }}
+  {{- end }}
+  {{- if .Values.config.backends.s3.secretAccessKey.value }}
+    # Credential will be merged from the secret properties file
+  {{- end }}
 {{- end }}
 
 {{- if .Values.config.backends.azureblob.enabled }}
@@ -122,8 +126,12 @@ data:
   {{- if .Values.config.backends.azureblob.endpoint }}
     jclouds.azureblob.endpoint={{ .Values.config.backends.azureblob.endpoint }}
   {{- end }}
+  {{- if .Values.config.backends.azureblob.account }}
+    jclouds.identity={{ .Values.config.backends.azureblob.account }}
+  {{- end }}
+  {{- if or .Values.config.backends.azureblob.key.value .Values.config.backends.azureblob.sasToken.value }}
     # Credentials will be merged from the secret properties file
-    # jclouds.identity, jclouds.credential, and jclouds.azureblob.sas will be provided by the secret
+  {{- end }}
 {{- end }}
 
 {{- if .Values.config.backends.googleCloudStorage.enabled }}
@@ -153,8 +161,12 @@ data:
 
     # Backblaze B2 backend configuration
     jclouds.provider=b2
-    # Credentials will be merged from the secret properties file
-    # jclouds.identity and jclouds.credential will be provided by the secret
+  {{- if .Values.config.backends.b2.account }}
+    jclouds.identity={{ .Values.config.backends.b2.account }}
+  {{- end }}
+  {{- if .Values.config.backends.b2.applicationKey.value }}
+    # Credential will be merged from the secret properties file
+  {{- end }}
 {{- end }}
 
 {{- if .Values.config.backends.openstackSwift.enabled }}
@@ -169,8 +181,12 @@ data:
   {{- if .Values.config.backends.openstackSwift.region }}
     jclouds.region={{ .Values.config.backends.openstackSwift.region }}
   {{- end }}
-    # Credentials will be merged from the secret properties file
-    # jclouds.identity and jclouds.credential will be provided by the secret
+  {{- if and .Values.config.backends.openstackSwift.tenantName .Values.config.backends.openstackSwift.userName }}
+    jclouds.identity={{ printf "%s:%s" .Values.config.backends.openstackSwift.tenantName .Values.config.backends.openstackSwift.userName }}
+  {{- end }}
+  {{- if .Values.config.backends.openstackSwift.password.value }}
+    # Credential will be merged from the secret properties file
+  {{- end }}
 {{- end }}
 
 {{- if .Values.config.backends.rackspaceCloudfiles.enabled }}
@@ -183,6 +199,10 @@ data:
   {{- else }}
     jclouds.provider=rackspace-cloudfiles-us
   {{- end }}
-    # Credentials will be merged from the secret properties file
-    # jclouds.identity and jclouds.credential will be provided by the secret
+  {{- if .Values.config.backends.rackspaceCloudfiles.userName }}
+    jclouds.identity={{ .Values.config.backends.rackspaceCloudfiles.userName }}
+  {{- end }}
+  {{- if .Values.config.backends.rackspaceCloudfiles.apiKey.value }}
+    # Credential will be merged from the secret properties file
+  {{- end }}
 {{- end }}

charts/s3proxy/templates/secret.yaml

@@ -16,53 +16,38 @@ stringData:
 {{- end }}
 
 {{- if .Values.config.backends.s3.enabled }}
+  {{- if .Values.config.backends.s3.secretAccessKey.value }}
     # S3 backend credentials
-  {{- if .Values.config.backends.s3.accessKeyID }}
-    jclouds.identity={{ .Values.config.backends.s3.accessKeyID }}
-  {{- end }}
-  {{- if .Values.config.backends.s3.secretAccessKey }}
-    jclouds.credential={{ .Values.config.backends.s3.secretAccessKey }}
+    jclouds.credential={{ .Values.config.backends.s3.secretAccessKey.value }}
   {{- end }}
 {{- else if .Values.config.backends.azureblob.enabled }}
+  {{- if or .Values.config.backends.azureblob.key.value .Values.config.backends.azureblob.sasToken.value }}
     # Azure Blob backend credentials
-  {{- if .Values.config.backends.azureblob.account }}
-    jclouds.identity={{ .Values.config.backends.azureblob.account }}
   {{- end }}
-  {{- if .Values.config.backends.azureblob.key }}
-    jclouds.credential={{ .Values.config.backends.azureblob.key }}
+  {{- if .Values.config.backends.azureblob.key.value }}
+    jclouds.credential={{ .Values.config.backends.azureblob.key.value }}
   {{- end }}
-  {{- if .Values.config.backends.azureblob.sasToken }}
-    jclouds.azureblob.sas={{ .Values.config.backends.azureblob.sasToken }}
+  {{- if .Values.config.backends.azureblob.sasToken.value }}
+    jclouds.azureblob.sas={{ .Values.config.backends.azureblob.sasToken.value }}
   {{- end }}
 {{- else if .Values.config.backends.googleCloudStorage.enabled }}
   {{- if .Values.config.backends.googleCloudStorage.privateKey.value }}
     # Google Cloud Storage backend credentials (privateKey stored in secret)
     jclouds.credential=jclouds.credential={{ .Values.config.backends.googleCloudStorage.privateKey.value | trim | replace "\n" "\\n\\" }}
   {{- end }}
 {{- else if .Values.config.backends.b2.enabled }}
+  {{- if .Values.config.backends.b2.applicationKey.value }}
     # Backblaze B2 backend credentials
-  {{- if .Values.config.backends.b2.account }}
-    jclouds.identity={{ .Values.config.backends.b2.account }}
-  {{- end }}
-  {{- if .Values.config.backends.b2.applicationKey }}
-    jclouds.credential={{ .Values.config.backends.b2.applicationKey }}
+    jclouds.credential={{ .Values.config.backends.b2.applicationKey.value }}
   {{- end }}
 {{- else if .Values.config.backends.openstackSwift.enabled }}
+  {{- if .Values.config.backends.openstackSwift.password.value }}
     # OpenStack Swift backend credentials
-  {{- if .Values.config.backends.openstackSwift.tenantName }}
-    {{- if .Values.config.backends.openstackSwift.userName }}
-    jclouds.identity={{ printf "%s:%s" .Values.config.backends.openstackSwift.tenantName .Values.config.backends.openstackSwift.userName }}
-    {{- end }}
-  {{- end }}
-  {{- if .Values.config.backends.openstackSwift.password }}
-    jclouds.credential={{ .Values.config.backends.openstackSwift.password }}
+    jclouds.credential={{ .Values.config.backends.openstackSwift.password.value }}
   {{- end }}
 {{- else if .Values.config.backends.rackspaceCloudfiles.enabled }}
+  {{- if .Values.config.backends.rackspaceCloudfiles.apiKey.value }}
     # Rackspace Cloud Files backend credentials
-  {{- if .Values.config.backends.rackspaceCloudfiles.userName }}
-    jclouds.identity={{ .Values.config.backends.rackspaceCloudfiles.userName }}
-  {{- end }}
-  {{- if .Values.config.backends.rackspaceCloudfiles.apiKey }}
-    jclouds.credential={{ .Values.config.backends.rackspaceCloudfiles.apiKey }}
+    jclouds.credential={{ .Values.config.backends.rackspaceCloudfiles.apiKey.value }}
   {{- end }}
 {{- end }}

charts/s3proxy/values.yaml

@@ -183,8 +183,14 @@ config:
       endpoint: ""
       # -- S3 Access Key ID for backend
       accessKeyID: ""
-      # -- S3 Secret Access Key for backend
-      secretAccessKey: ""
+      # -- S3 Secret Access Key configuration
+      secretAccessKey:
+        # -- Secret access key value
+        value: ""
+        # -- Name of existing secret containing the secret access key
+        existingSecret: ""
+        # -- Key in the existing secret containing the secret access key
+        secretKey: "secretAccessKey"
 
     azureblob:
       # -- Enable Azure Blob Storage backend
@@ -193,12 +199,24 @@ config:
       provider: "azureblob"
       # -- Storage account name
       account: ""
-      # -- Storage account key
-      key: ""
+      # -- Storage account key configuration
+      key:
+        # -- Storage account key value
+        value: ""
+        # -- Name of existing secret containing the storage account key
+        existingSecret: ""
+        # -- Key in the existing secret containing the storage account key
+        secretKey: "accountKey"
       # -- Azure endpoint
       endpoint: ""
-      # -- SAS token
-      sasToken: ""
+      # -- SAS token configuration
+      sasToken:
+        # -- SAS token value
+        value: ""
+        # -- Name of existing secret containing the SAS token
+        existingSecret: ""
+        # -- Key in the existing secret containing the SAS token
+        secretKey: "sasToken"
 
     googleCloudStorage:
       # -- Enable Google Cloud Storage backend
@@ -221,8 +239,14 @@ config:
       enabled: false
       # -- B2 account ID
       account: ""
-      # -- B2 application key
-      applicationKey: ""
+      # -- B2 application key configuration
+      applicationKey:
+        # -- Application key value
+        value: ""
+        # -- Name of existing secret containing the application key
+        existingSecret: ""
+        # -- Key in the existing secret containing the application key
+        secretKey: "applicationKey"
 
     openstackSwift:
       # -- Enable OpenStack Swift backend
@@ -233,8 +257,14 @@ config:
       tenantName: ""
       # -- Username
       userName: ""
-      # -- Password
-      password: ""
+      # -- Password configuration
+      password:
+        # -- Password value
+        value: ""
+        # -- Name of existing secret containing the password
+        existingSecret: ""
+        # -- Key in the existing secret containing the password
+        secretKey: "password"
       # -- Region
       region: ""
 
@@ -245,8 +275,14 @@ config:
       region: "us"
       # -- Username
       userName: ""
-      # -- API key
-      apiKey: ""
+      # -- API key configuration
+      apiKey:
+        # -- API key value
+        value: ""
+        # -- Name of existing secret containing the API key
+        existingSecret: ""
+        # -- Key in the existing secret containing the API key
+        secretKey: "apiKey"
 
 persistence:
   # -- Enable persistence using PVC