OpsMx · raghuramopsmx · Jan 26, 2021 · Jan 26, 2021 · Jan 26, 2021 · Jan 26, 2021
diff --git a/charts/oes/charts/spinnaker/templates/configmap/halyard-init-script.yaml b/charts/oes/charts/spinnaker/templates/configmap/halyard-init-script.yaml
@@ -44,16 +44,32 @@ data:
     # additionalInitScript
     {{ tpl .Values.halyard.additionalInitScript $ | indent 4 }}
     {{- end }}
-    {{- else }}
+
+    {{- else if eq .Values.gitopsHalyard.repoType "git" }}
     #!/bin/bash -x
+    echo "+++++++++++running git commands+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
     git clone $GIT_CLONE_PARAM /tmp/spinnaker/.hal
     GIT_USER=`echo $GIT_USER | sed 's/ *$//g'`
     GIT_TOKEN=`echo $GIT_TOKEN | sed 's/ *$//g'`
-    DYNAMIC_ACCOUNTS_REPO=`echo $DYNAMIC_ACCOUNTS_REPO | sed 's/ *$//g'`
-    sed -i  s/SPINNAKER_NAMESPACE/${SPINNAKER_NAMESPACE}/ /tmp/spinnaker/.hal/config
+    {{- end }}
+
+    {{- else }}
+    #!/bin/bash -x
+    echo "+++++++++++++++++++++++++++++++++++running s3 script++++++++++++++++++++++++++++++++++++++++++"
+    AWS_ACCESS_KEY_ID=$S3_ACCESSKEY AWS_SECRET_ACCESS_KEY=$S3_SECRETKEY aws s3 cp s3://$S3_BUCKET/config /tmp/spinnaker/.hal/config
+    AWS_ACCESS_KEY_ID=$S3_ACCESSKEY AWS_SECRET_ACCESS_KEY=$S3_SECRETKEY aws s3 cp s3://$S3_BUCKET/default/ /tmp/spinnaker/.hal/default --recursive
+    AWS_ACCESS_KEY_ID=$S3_ACCESSKEY AWS_SECRET_ACCESS_KEY=$S3_SECRETKEY aws s3 cp s3://$S3_BUCKET/halyard.yaml /tmp/spinnaker/.hal/halyard.yaml
+    {{- end }}
+
     {{- if .Values.gitopsHalyard.mTLS.enabled }}
     sed -i  s/SPINNAKER_NAMESPACE/${SPINNAKER_NAMESPACE}/g /tmp/spinnaker/.hal/default/service-settings/*
     {{- end }}
+
+    {{- if .Values.gitopsHalyard.enabled }}
+    GIT_USER=`echo $GIT_USER | sed 's/ *$//g'`
+    GIT_TOKEN=`echo $GIT_TOKEN | sed 's/ *$//g'`
+    DYNAMIC_ACCOUNTS_REPO=`echo $DYNAMIC_ACCOUNTS_REPO | sed 's/ *$//g'`
+    sed -i  s/SPINNAKER_NAMESPACE/${SPINNAKER_NAMESPACE}/ /tmp/spinnaker/.hal/config
     sed -i  s/RELEASE_NAME/{{ .Release.Name }}/g /tmp/spinnaker/.hal/config
     sed -i  s/GIT_USER/${GIT_USER}/g /tmp/spinnaker/.hal/default/profiles/spinnakerconfig.yml
     sed -i  s/GIT_TOKEN/${GIT_TOKEN}/g /tmp/spinnaker/.hal/default/profiles/spinnakerconfig.yml

diff --git a/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml b/charts/oes/charts/spinnaker/templates/statefulsets/halyard.yaml
@@ -41,7 +41,7 @@ spec:
       initContainers:
       - name: "create-halyard-local"
       {{- if .Values.gitopsHalyard.enabled }}
-        image: alpine/git:v2.26.2
+        image: quay.io/opsmxpublic/awsgit:v1
       {{- else }}
         image: {{ .Values.halyard.image.repository }}:{{ .Values.halyard.image.tag }}
       {{- end }}
@@ -78,6 +78,21 @@ spec:
             secretKeyRef:
               name: {{ .Values.gitopsHalyard.secretName }}
               key: dynamicaccountsgituri
+        - name: S3_ACCESSKEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.gitopsHalyard.secretName }}
+              key: s3accesskey
+        - name: S3_SECRETKEY
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.gitopsHalyard.secretName }}
+              key: s3secretkey 
+        - name: S3_BUCKET
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.gitopsHalyard.secretName }}
+              key: s3bucket
         {{- end }}
         volumeMounts:
         - name: halyard-config

diff --git a/charts/oes/templates/secrets/opsmx-gitops-secret.yaml b/charts/oes/templates/secrets/opsmx-gitops-secret.yaml
@@ -8,6 +8,9 @@ data:
   dynamicaccountsgituri: https://github.com/OpsMx/gitops-accounts-sample.git # In base64 format
   gittoken: <gittoken>
   gituser: <gituserID>
+  s3accesskey: <S3_ACCESSKEY>
+  s3secretkey: <S3_SECRETKEY>
+  s3bucket: <S3_BUCKET>
 kind: Secret
 metadata:
   name: opsmx-gitops-auth

diff --git a/charts/oes/values.yaml b/charts/oes/values.yaml
@@ -872,7 +872,7 @@ spinnaker:
       enabled: false   # Enable mTLS for Spinnaker Services and SSL for Deck and Gate
       deckIngressHost: spindeck.{{ .Release.Name }}.domain.com  # Used by OES to create ingress for deck
       gateIngressHost: spingate.{{ .Release.Name }}.domain.com  # Used by OES to create ingress for gate
-    repo-type: git # git, S3, vault, only git support at this point
+    repoType: git # git, S3, vault, only git support at this point
     secretName: opsmx-gitops-auth
     # Max time(in secs) that an init container of halyard should wait
     # to fetch External Load Balancer IP of spin-deck and spin-gate