From abc57e1d3637c702296a66073e8ac7aef40cad47 Mon Sep 17 00:00:00 2001
From: Christopher Tate <computate@computate.org>
Date: Wed, 27 Nov 2024 08:26:40 -0700
Subject: [PATCH] Adding 1Ti MinIO object storage to nerc-ocp-test

There are other projects like danni-ilab using the test cluster that
could use 300Gi object storage. We will increase the size of the MinIO
PVC from 10Gi to 1Ti.
---
 .../secretstores/danni-ilab/kustomization.yaml    |  5 +++++
 .../nerc-ocp-test/secretstores/kustomization.yaml |  1 +
 minio/overlays/nerc-ocp-test/kustomization.yaml   |  2 ++
 .../persistentvolumeclaims/patch-pvc.yaml         |  8 ++++++++
 .../nerc-ocp-test/projects/danni-ilab.yaml        | 15 +++++++++++++++
 .../nerc-ocp-test/projects/kustomization.yaml     |  4 ++++
 .../nerc-ocp-infra/config/nerc-ocp-test.yaml      |  1 +
 7 files changed, 36 insertions(+)
 create mode 100644 cluster-scope/overlays/nerc-ocp-test/secretstores/danni-ilab/kustomization.yaml
 create mode 100644 minio/overlays/nerc-ocp-test/persistentvolumeclaims/patch-pvc.yaml
 create mode 100644 minio/overlays/nerc-ocp-test/projects/danni-ilab.yaml
 create mode 100644 minio/overlays/nerc-ocp-test/projects/kustomization.yaml

diff --git a/cluster-scope/overlays/nerc-ocp-test/secretstores/danni-ilab/kustomization.yaml b/cluster-scope/overlays/nerc-ocp-test/secretstores/danni-ilab/kustomization.yaml
new file mode 100644
index 00000000..0c753aa6
--- /dev/null
+++ b/cluster-scope/overlays/nerc-ocp-test/secretstores/danni-ilab/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: danni-ilab
+components:
+  - ../../../../components/nerc-secret-store
diff --git a/cluster-scope/overlays/nerc-ocp-test/secretstores/kustomization.yaml b/cluster-scope/overlays/nerc-ocp-test/secretstores/kustomization.yaml
index 919c69a3..4790303a 100644
--- a/cluster-scope/overlays/nerc-ocp-test/secretstores/kustomization.yaml
+++ b/cluster-scope/overlays/nerc-ocp-test/secretstores/kustomization.yaml
@@ -8,3 +8,4 @@ resources:
 - curator-system
 - dex
 - minio
+- danni-ilab
diff --git a/minio/overlays/nerc-ocp-test/kustomization.yaml b/minio/overlays/nerc-ocp-test/kustomization.yaml
index c6f30db1..74b85e22 100644
--- a/minio/overlays/nerc-ocp-test/kustomization.yaml
+++ b/minio/overlays/nerc-ocp-test/kustomization.yaml
@@ -2,6 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
 - ../../base
+- projects
 
 configMapGenerator:
 - name: minio-config
@@ -11,3 +12,4 @@ configMapGenerator:
 
 patches:
   - path: externalsecrets/patch-minio-admin-credentials.yaml
+  - path: persistentvolumeclaims/patch-pvc.yaml
diff --git a/minio/overlays/nerc-ocp-test/persistentvolumeclaims/patch-pvc.yaml b/minio/overlays/nerc-ocp-test/persistentvolumeclaims/patch-pvc.yaml
new file mode 100644
index 00000000..bc74e1c8
--- /dev/null
+++ b/minio/overlays/nerc-ocp-test/persistentvolumeclaims/patch-pvc.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: minio-data
+spec:
+  resources:
+    requests:
+      storage: 1Ti
diff --git a/minio/overlays/nerc-ocp-test/projects/danni-ilab.yaml b/minio/overlays/nerc-ocp-test/projects/danni-ilab.yaml
new file mode 100644
index 00000000..f00d07a1
--- /dev/null
+++ b/minio/overlays/nerc-ocp-test/projects/danni-ilab.yaml
@@ -0,0 +1,15 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: minio-bucket
+  namespace: danni-ilab
+spec:
+  refreshInterval: "1h"
+  secretStoreRef:
+    name: nerc-secret-store
+    kind: SecretStore
+  target:
+    name: minio-bucket
+  dataFrom:
+    - extract:
+        key: nerc/nerc-ocp-test/minio/projects/danni-ilab
diff --git a/minio/overlays/nerc-ocp-test/projects/kustomization.yaml b/minio/overlays/nerc-ocp-test/projects/kustomization.yaml
new file mode 100644
index 00000000..a9fc4aaa
--- /dev/null
+++ b/minio/overlays/nerc-ocp-test/projects/kustomization.yaml
@@ -0,0 +1,4 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- danni-ilab.yaml
diff --git a/vault/config/overlays/nerc-ocp-infra/config/nerc-ocp-test.yaml b/vault/config/overlays/nerc-ocp-infra/config/nerc-ocp-test.yaml
index c3e1e79f..4baf2085 100644
--- a/vault/config/overlays/nerc-ocp-infra/config/nerc-ocp-test.yaml
+++ b/vault/config/overlays/nerc-ocp-infra/config/nerc-ocp-test.yaml
@@ -22,6 +22,7 @@ auth:
     - csi-wekafsplugin
     - dex
     - minio
+    - danni-ilab
     name: secret-reader
     policies:
     - nerc-common-reader