apiVersion: batch/v1 kind: Job metadata: name: minio-setup-users namespace: minio spec: ttlSecondsAfterFinished: 600 backoffLimit: 5 template: spec: restartPolicy: OnFailure volumes: - name: policies configMap: name: minio-policies containers: - name: mc image: minio/mc:latest volumeMounts: - name: policies mountPath: /policies env: - name: MINIO_ROOT_PASSWORD valueFrom: secretKeyRef: name: minio key: root-password - name: TATORT_ACCESS valueFrom: secretKeyRef: name: minio-users key: tatort-access-key - name: TATORT_SECRET valueFrom: secretKeyRef: name: minio-users key: tatort-secret-key - name: TATORT_DEV_ACCESS valueFrom: secretKeyRef: name: minio-users key: tatort-dev-access-key - name: TATORT_DEV_SECRET valueFrom: secretKeyRef: name: minio-users key: tatort-dev-secret-key command: - /bin/sh - -c - | set -e echo "Warte auf MinIO..." sleep 10 echo "Verbinde mit MinIO..." mc alias set myminio http://minio:9000 admin $MINIO_ROOT_PASSWORD echo "Erstelle Buckets (falls nicht vorhanden)..." mc mb --ignore-existing myminio/tatort mc mb --ignore-existing myminio/tatort-dev echo "Erstelle Policies..." mc admin policy create myminio policy-tatort /policies/policy-tatort.json || true mc admin policy create myminio policy-tatort-dev /policies/policy-tatort-dev.json || true echo "Erstelle Benutzer..." mc admin user add myminio $TATORT_ACCESS $TATORT_SECRET || true mc admin user add myminio $TATORT_DEV_ACCESS $TATORT_DEV_SECRET || true echo "Weise Policies zu..." mc admin policy attach myminio policy-tatort --user $TATORT_ACCESS mc admin policy attach myminio policy-tatort-dev --user $TATORT_DEV_ACCESS echo "Setup abgeschlossen!" mc admin user list myminio