From 7ed385b66491b0e87f47b02f631251a5c86cd668 Mon Sep 17 00:00:00 2001 From: Cyril Rohr Date: Mon, 25 Mar 2024 16:12:07 +0100 Subject: [PATCH] Allow to override enableSignatureV4Streaming for s3 storage (#96) --- charts/openproject/templates/secret_s3.yaml | 6 ++++-- charts/openproject/values.yaml | 15 +++++++-------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/charts/openproject/templates/secret_s3.yaml b/charts/openproject/templates/secret_s3.yaml index 3f06e2a..352f0fc 100644 --- a/charts/openproject/templates/secret_s3.yaml +++ b/charts/openproject/templates/secret_s3.yaml @@ -27,7 +27,9 @@ stringData: OPENPROJECT_FOG_CREDENTIALS_REGION: {{ .Values.s3.region }} OPENPROJECT_FOG_CREDENTIALS_PATH__STYLE: "{{ .Values.s3.pathStyle }}" OPENPROJECT_FOG_CREDENTIALS_AWS__SIGNATURE__VERSION: "{{ .Values.s3.signatureVersion }}" - OPENPROJECT_FOG_CREDENTIALS_USE__IAM__PROFILE: "{{ .Values.s3.use_iam_profile }}" - OPENPROJECT_DIRECT__UPLOADS: "{{ .Values.s3.directUploads }}" + # remove use_iam_profile fallback after some point + OPENPROJECT_FOG_CREDENTIALS_USE__IAM__PROFILE: {{ .Values.s3.useIamProfile | default .Values.s3.use_iam_profile | default "false" | quote }} + OPENPROJECT_FOG_CREDENTIALS_ENABLE__SIGNATURE__V4__STREAMING: {{ .Values.s3.enableSignatureV4Streaming | default "true" | quote }} + OPENPROJECT_DIRECT__UPLOADS: {{ .Values.s3.directUploads | default "true" | quote }} ... {{- end }} diff --git a/charts/openproject/values.yaml b/charts/openproject/values.yaml index 329874e..947b89c 100644 --- a/charts/openproject/values.yaml +++ b/charts/openproject/values.yaml @@ -21,7 +21,6 @@ global: # imagePullSecrets: [] - ## Affinity for pod assignment. ## ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity @@ -255,7 +254,6 @@ workers: ## Ref.: https://www.openproject.org/docs/installation-and-operations/configuration/environment/#supported-environment-variables # openproject: - ## Enable https in backend response. # https: true @@ -290,10 +288,10 @@ openproject: # only applicable on first installation # Note: Only applicable for versions >= 13.0 admin_user: - password: 'admin' - password_reset: 'true' - name: 'OpenProject Admin' - mail: 'admin@example.net' + password: "admin" + password_reset: "true" + name: "OpenProject Admin" + mail: "admin@example.net" ## Define OpenID Connect providers oidc: @@ -312,7 +310,6 @@ openproject: # Optional attribute mappings from the id token attribute_map: {} - ## To avoid having sensitive credentials in your values.yaml, the preferred way is to ## use an existing secret containing the OIDC compatible access credentials. ## Specify the name of this existing secret here. @@ -409,7 +406,9 @@ s3: host: pathStyle: false signatureVersion: 4 - use_iam_profile: false + useIamProfile: false + # Some providers do not properly support signature v4 streaming (e.g. Scaleway) + enableSignatureV4Streaming: true ## If enabled, upload files directly to S3 from the browser instead of going through OpenProject. ## May not be supported by providers other than AWS S3 itself.