add vault integration

clusters/yc-k8s-test/infrastructure/patches/minio.yaml

@@ -10,6 +10,13 @@ spec:
     mode: standalone
     imagePullSecrets:
       - name: regcred
+    vaultRoot:
+      enabled: true
+      role: minio
+      authPath: auth/kubernetes
+      secretPath: secrets/data/minio/admin
+      rootUserKey: rootUser
+      rootPasswordKey: rootPassword
     drivesPerNode: 1
     replicas: 1
     nodeSelector:
@@ -25,39 +32,3 @@ spec:
     resources:
       requests:
         memory: 1Gi
-    buckets:
-      - name: dumps
-        policy: none
-        purge: false
-        versioning: false
-        objectlocking: false
-    policies:
-      - name: dumps-owner
-        statements:
-          - resources:
-              - 'arn:aws:s3:::dumps'
-            actions:
-              - "s3:GetBucketLocation"
-              - "s3:ListBucket"
-              - "s3:ListBucketMultipartUploads"
-              - "s3:PutBucketPolicy"
-              - "s3:GetBucketPolicy"
-          - resources:
-              - 'arn:aws:s3:::dumps/*'
-            actions:
-              - "s3:AbortMultipartUpload"
-              - "s3:GetObject"
-              - "s3:DeleteObject"
-              - "s3:PutObject"
-              - "s3:ListMultipartUploadParts"
-    users:
-      - existingSecret: minio-user-console
-        existingSecretAccessKeyKey: accessKey
-        existingSecretKey: secretKey
-        bucket: console
-        policy: consoleAdmin
-      - existingSecret: minio-user-s3-proxy
-        existingSecretAccessKeyKey: accessKey
-        existingSecretKey: secretKey
-        bucket: dumps
-        policy: dumps-owner

infrastructure/minio/base/helmrelease.yaml

@@ -8,7 +8,7 @@ spec:
   chart:
     spec:
       chart: minio-contour
-      version: "5.4.2"
+      version: "5.4.3"
       sourceRef:
         kind: HelmRepository
         name: yc-oci-charts