38 lines
1.1 KiB
YAML
38 lines
1.1 KiB
YAML
apiVersion: batch/v1
|
|
kind: Job
|
|
metadata:
|
|
name: minio-oidc-bootstrap
|
|
namespace: infra
|
|
spec:
|
|
template:
|
|
spec:
|
|
restartPolicy: OnFailure
|
|
containers:
|
|
- name: mc
|
|
image: quay.io/minio/mc
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- |
|
|
set -e
|
|
|
|
echo "🔐 Setting up alias..."
|
|
mc alias set myminio http://minio-bitnami.infra.svc.cluster.local:9000 minioadmin minioadmin
|
|
|
|
echo "📜 Creating policies..."
|
|
mc admin policy create myminio admin-policy /config/admin-policy.json || true
|
|
mc admin policy create myminio user-policy /config/user-policy.json || true
|
|
|
|
echo "👥 Mapping groups..."
|
|
mc admin group add myminio minio-admins --policy admin-policy || true
|
|
mc admin group add myminio minio-users --policy user-policy || true
|
|
|
|
echo "✅ Bootstrap complete."
|
|
volumeMounts:
|
|
- name: policy-config
|
|
mountPath: /config
|
|
volumes:
|
|
- name: policy-config
|
|
configMap:
|
|
name: minio-policies
|