Skip to content

feat(helm)!: Replace hostPath-based aws_config_directory with chart-managed Secret (resolves #2162). #2164

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
junhaoliao merged 11 commits into from
May 14, 2026
Merged

feat(helm)!: Replace hostPath-based aws_config_directory with chart-managed Secret (resolves #2162). #2164

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
7249b3e
feat(helm)!: Replace `hostPath`-based `aws_config_directory` with cha…
junhaoliao Apr 1, 2026
de74347
chore(helm): Bump chart version to 0.3.0-dev.1 and app version to 0.1…
junhaoliao Apr 1, 2026
48424d4
add missing template
junhaoliao Apr 1, 2026
4dc834b
Merge branch 'main' into aws-hostpath
junhaoliao May 4, 2026
edb90fc
refactor(helm): Extract aws_config mount path into a shared helper te…
junhaoliao May 4, 2026
48d0ce4
docs(aws-s3): Use tab-set for aws_config_directory instructions in pr…
junhaoliao May 4, 2026
043d50b
docs(clp-config): Update aws_config_directory instructions and add He…
junhaoliao May 4, 2026
1797113
Merge branch 'main' into aws-hostpath
junhaoliao May 4, 2026
73cf6e7
Merge branch 'main' into aws-hostpath
junhaoliao May 12, 2026
bc3333f
Merge branch 'main' into aws-hostpath
hoophalab May 14, 2026
3bd0af3
chore(helm): Bump chart version to 0.3.2-dev.6.
junhaoliao May 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 27 additions & 2 deletions docs/src/user-docs/guides-using-object-storage/aws-s3/clp-config.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -149,16 +149,40 @@ aws_authentication:
`<profile-name>` should be the name of an existing [AWS CLI profile](index.md#named-profiles).

In addition, the *top-level* config `aws_config_directory` must be set to the directory containing
the profile configurations (typically `~/.aws`):
the profile configurations:

::::{tab-set}
:::{tab-item} Docker Compose
:sync: docker

Typically `~/.aws`:

```yaml
aws_config_directory: "<aws-config-dir>"
```

:::{note}
```{note}
If profiles are not used for AWS authentication, `aws_config_directory` should be commented or set
to `null`.
```

:::

:::{tab-item} Kubernetes (Helm)
:sync: kind

Provide your AWS config file contents via `--set-file`:

```bash
helm install <release> clp/clp \
--set-file clpConfig.aws_config.credentials=$HOME/.aws/credentials \
--set-file clpConfig.aws_config.config=$HOME/.aws/config
```

See [Installing the Helm chart][k8s-install-helm-chart] for details.

:::
::::

### env_vars

Expand Down Expand Up @@ -198,4 +222,5 @@ Credentials are resolved in priority order. Common sources include:

[aws-region-codes]: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html#Concepts.RegionsAndAvailabilityZones.Availability
[boto3-credentials]: https://docs.aws.amazon.com/boto3/latest/guide/credentials.html#configuring-credentials
[k8s-install-helm-chart]: ../../guides-k8s-deployment.md#installing-the-helm-chart
[rust-sdk-credentials]: https://docs.aws.amazon.com/sdk-for-rust/latest/dg/credproviders.html
2 changes: 1 addition & 1 deletion tools/deployment/package-helm/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: "v2"
name: "clp"
version: "0.3.2-dev.5"
version: "0.3.2-dev.6"
description: "A Helm chart for CLP's (Compressed Log Processor) package deployment"
type: "application"
appVersion: "0.12.1-dev"
Expand Down
16 changes: 11 additions & 5 deletions tools/deployment/package-helm/templates/_helpers.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -354,6 +354,13 @@ hostPath:
type: "Directory"
{{- end }}

{{/*
The mount path for the AWS config directory inside containers.

@return {string} Path string
*/}}
{{- define "clp.awsConfigMountPath" -}}/opt/clp/.aws{{- end }}

{{/*
Creates a volumeMount for the AWS config directory.

Expand All @@ -362,21 +369,20 @@ Creates a volumeMount for the AWS config directory.
*/}}
{{- define "clp.awsConfigVolumeMount" -}}
name: "aws-config"
mountPath: {{ .Values.clpConfig.aws_config_directory | quote }}
mountPath: {{ include "clp.awsConfigMountPath" . | quote }}
readOnly: true
{{- end }}

{{/*
Creates a volume for the AWS config directory.
Creates a volume for the AWS config directory backed by the chart-managed Secret.

@param {object} . Root template context
@return {string} YAML-formatted volume definition
*/}}
{{- define "clp.awsConfigVolume" -}}
name: "aws-config"
hostPath:
path: {{ .Values.clpConfig.aws_config_directory | quote }}
type: "Directory"
secret:
secretName: {{ include "clp.fullname" . }}-aws-config
{{- end }}

{{/*
Expand Down
15 changes: 15 additions & 0 deletions tools/deployment/package-helm/templates/aws-config-secret.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{{- if .Values.clpConfig.aws_config }}
apiVersion: "v1"
kind: "Secret"
metadata:
name: {{ include "clp.fullname" . }}-aws-config
labels:
{{- include "clp.labels" . | nindent 4 }}
stringData:
{{- with .Values.clpConfig.aws_config.credentials }}
credentials: {{ . | quote }}
{{- end }}
{{- with .Values.clpConfig.aws_config.config }}
config: {{ . | quote }}
{{- end }}
{{- end }}
4 changes: 2 additions & 2 deletions tools/deployment/package-helm/templates/compression-scheduler-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ spec:
mountPath: "/etc/clp-config.yaml"
subPath: "clp-config.yaml"
readOnly: true
{{- if .Values.clpConfig.aws_config_directory }}
{{- if .Values.clpConfig.aws_config }}
- {{- include "clp.awsConfigVolumeMount" . | nindent 14 }}
{{- end }}
{{- if eq .Values.clpConfig.logs_input.type "fs" }}
Expand All @@ -97,7 +97,7 @@ spec:
- name: "config"
configMap:
name: {{ include "clp.fullname" . }}-config
{{- if .Values.clpConfig.aws_config_directory }}
{{- if .Values.clpConfig.aws_config }}
- {{- include "clp.awsConfigVolume" . | nindent 10 }}
{{- end }}
{{- if eq .Values.clpConfig.logs_input.type "fs" }}
Expand Down
4 changes: 2 additions & 2 deletions tools/deployment/package-helm/templates/compression-worker-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ spec:
) | quote }}
mountPath: "/var/data/staged-archives"
{{- end }}
{{- if .Values.clpConfig.aws_config_directory }}
{{- if .Values.clpConfig.aws_config }}
- {{- include "clp.awsConfigVolumeMount" . | nindent 14 }}
{{- end }}
{{- if eq .Values.clpConfig.logs_input.type "fs" }}
Expand Down Expand Up @@ -116,7 +116,7 @@ spec:
) | quote }}
emptyDir: {}
{{- end }}
{{- if .Values.clpConfig.aws_config_directory }}
{{- if .Values.clpConfig.aws_config }}
- {{- include "clp.awsConfigVolume" . | nindent 10 }}
{{- end }}
{{- if eq .Values.clpConfig.logs_input.type "fs" }}
Expand Down
4 changes: 2 additions & 2 deletions tools/deployment/package-helm/templates/configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,8 +205,8 @@ data:
target_uncompressed_size: {{ .target_uncompressed_size | int }}
{{- end }}{{/* with .Values.clpConfig.stream_output */}}
tmp_directory: "/var/tmp"
{{- if .Values.clpConfig.aws_config_directory }}
aws_config_directory: {{ .Values.clpConfig.aws_config_directory | quote }}
{{- if .Values.clpConfig.aws_config }}
aws_config_directory: {{ include "clp.awsConfigMountPath" . | quote }}
{{- end }}
webui:
host: "localhost"
Expand Down
4 changes: 2 additions & 2 deletions tools/deployment/package-helm/templates/garbage-collector-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ spec:
) | quote }}
mountPath: "/var/data/archives"
{{- end }}
{{- if .Values.clpConfig.aws_config_directory }}
{{- if .Values.clpConfig.aws_config }}
- {{- include "clp.awsConfigVolumeMount" . | nindent 14 }}
{{- end }}
{{- if eq .Values.clpConfig.stream_output.storage.type "fs" }}
Expand Down Expand Up @@ -106,7 +106,7 @@ spec:
"name" "archives"
) | nindent 10 }}
{{- end }}
{{- if .Values.clpConfig.aws_config_directory }}
{{- if .Values.clpConfig.aws_config }}
- {{- include "clp.awsConfigVolume" . | nindent 10 }}
{{- end }}
{{- if eq .Values.clpConfig.stream_output.storage.type "fs" }}
Expand Down
4 changes: 2 additions & 2 deletions tools/deployment/package-helm/templates/query-worker-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ spec:
) | quote }}
mountPath: "/var/data/archives"
{{- end }}
{{- if .Values.clpConfig.aws_config_directory }}
{{- if .Values.clpConfig.aws_config }}
- {{- include "clp.awsConfigVolumeMount" . | nindent 14 }}
{{- end }}
{{- if eq .Values.clpConfig.stream_output.storage.type "fs" }}
Expand Down Expand Up @@ -105,7 +105,7 @@ spec:
"name" "archives"
) | nindent 10 }}
{{- end }}
{{- if .Values.clpConfig.aws_config_directory }}
{{- if .Values.clpConfig.aws_config }}
- {{- include "clp.awsConfigVolume" . | nindent 10 }}
{{- end }}
{{- if eq .Values.clpConfig.stream_output.storage.type "fs" }}
Expand Down
4 changes: 2 additions & 2 deletions tools/deployment/package-helm/templates/webui-deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ spec:
mountPath: "/opt/clp/var/www/webui/server/dist/settings.json"
subPath: "webui-server-settings.json"
readOnly: true
{{- if .Values.clpConfig.aws_config_directory }}
{{- if .Values.clpConfig.aws_config }}
- {{- include "clp.awsConfigVolumeMount" . | nindent 14 }}
{{- end }}
{{- if eq .Values.clpConfig.logs_input.type "fs" }}
Expand Down Expand Up @@ -112,7 +112,7 @@ spec:
- name: "server-settings"
configMap:
name: {{ include "clp.fullname" . }}-config
{{- if .Values.clpConfig.aws_config_directory }}
{{- if .Values.clpConfig.aws_config }}
- {{- include "clp.awsConfigVolume" . | nindent 10 }}
{{- end }}
{{- if eq .Values.clpConfig.logs_input.type "fs" }}
Expand Down
9 changes: 7 additions & 2 deletions tools/deployment/package-helm/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -243,8 +243,13 @@ clpConfig:
archive: 60
search_result: 30

# Location of the AWS tools' config files (e.g., `~/.aws`). Set to null to disable.
aws_config_directory: null
# AWS config content (e.g., `~/.aws/config`). Provide file contents via `--set-file` to create a
# chart-managed Secret that is mounted into pods. Set to null to disable.
# Usage:
# helm install <release> <chart> \
# --set-file clpConfig.aws_config.credentials=$HOME/.aws/credentials \
# --set-file clpConfig.aws_config.config=$HOME/.aws/config
aws_config: null

credentials:
database:
Expand Down
Loading