Fix Helm chart does not support special characters in access/secret key

[dormanze]

Description

fix #15221

Motivation and Context

Fix Helm chart does not support special characters in access/secret key.

How to test this PR?

prefabricate users with access/secretkey containing special characters.
like:

users:
  - accessKey: "tv:(()KW5$`>@/c:dB6_=.4|{jv?@!"
    secretKey: ".B_ES205}Mjzrh}G{emJi'LEuUE#:R"
    policy: consoleAdmin

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Optimization (provides speedup with no functional changes)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• Fixes a regression (If yes, please add commit-id or PR # here)
• Documentation updated
• Unit tests added/updated

[harshavardhana]

@dormanze do not see any files changed ?

[dormanze]

@dormanze do not see any files changed ?
Sorry, there is something wrong with my Internet.

[harshavardhana]

This change is too complicated what is the issue with helm chart not supporting these characters?

[dormanze]

This change is too complicated what is the issue with helm chart not supporting these characters?
Thank you for your attention.
It has nothing to do with helm.
In the shell, characters like {,',< will be parsed as keywords, so it will cause error messages.
You can create users by executing the following commands in the shell.

#accessKey is : tv:(()KW5$`>@/c:dB6_=.4|{jv?@!
#secretKey is : .B_ES205}Mjzrh}G{emJi'LEuUE#:R
mc admin user add myminio tv:(()KW5$`>@/c:dB6_=.4|{jv?@! .B_ES205}Mjzrh}G{emJi'LEuUE#:R --insecure

[harshavardhana]

#accessKey is : tv:(()KW5$>@/c:dB6_=.4|{jv?@! #secretKey is : .B_ES205}Mjzrh}G{emJi'LEuUE#:R mc admin user add myminio tv:(()KW5$>@/c:dB6_=.4|{jv?@! .B_ES205}Mjzrh}G{emJi'LEuUE#:R --insecure

All we need to do is save both the credentials in a file

tv:(()KW5$`>@/c:dB6_=.4|{jv?@!
.B_ES205}Mjzrh}G{emJi'LEuUE#:R

and then

cat credentials.txt | mc admin user add alias/

The PR should be simplified and not add new confusing variables.

[dormanze]

#accessKey is : tv:(()KW5$>@/c:dB6_=.4|{jv?@! #secretKey is : .B_ES205}Mjzrh}G{emJi'LEuUE#:R mc admin user add myminio tv:(()KW5$>@/c:dB6_=.4|{jv?@! .B_ES205}Mjzrh}G{emJi'LEuUE#:R --insecure

All we need to do is save both the credentials in a file

tv:(()KW5$`>@/c:dB6_=.4|{jv?@!
.B_ES205}Mjzrh}G{emJi'LEuUE#:R

and then

cat credentials.txt | mc admin user add alias/

The PR should be simplified and not add new confusing variables.

#accessKey is : tv:(()KW5$>@/c:dB6_=.4|{jv?@! #secretKey is : .B_ES205}Mjzrh}G{emJi'LEuUE#:R mc admin user add myminio tv:(()KW5$>@/c:dB6_=.4|{jv?@! .B_ES205}Mjzrh}G{emJi'LEuUE#:R --insecure

All we need to do is save both the credentials in a file

tv:(()KW5$`>@/c:dB6_=.4|{jv?@!
.B_ES205}Mjzrh}G{emJi'LEuUE#:R

and then

cat credentials.txt | mc admin user add alias/

The PR should be simplified and not add new confusing variables.

This is really a good idea. I'll revise my pr.

[dormanze]

@harshavardhana Please review again.thank you very much.

[minio-trusted]

Mint Automation

Test	Result
mint-large-bucket.sh	✔️
mint-gateway-s3.sh	✔️
mint-erasure.sh	✔️
mint-dist-erasure.sh	✔️
mint-compress-encrypt-dist-erasure.sh	✔️
mint-pools.sh	✔️
mint-fs.sh	❌ more...

15243-5c1451f/mint-fs.sh.log:

Running with
SERVER_ENDPOINT:      minio-k8s7:32587
ACCESS_KEY:           minio
SECRET_KEY:           ***REDACTED***
ENABLE_HTTPS:         0
SERVER_REGION:        us-east-1
MINT_DATA_DIR:        /mint/data
MINT_MODE:            full
ENABLE_VIRTUAL_STYLE: 0
RUN_ON_FAIL:          0

To get logs, run 'docker cp :/mint/log /tmp/mint-logs'

(1/15) Running aws-sdk-go tests ... done in 8 seconds
(2/15) Running aws-sdk-java tests ... done in 1 seconds
(3/15) Running aws-sdk-php tests ... done in 42 seconds
(4/15) Running aws-sdk-ruby tests ... done in 5 seconds
(5/15) Running awscli tests ... done in 52 seconds
(6/15) Running healthcheck tests ... done in 0 seconds
(7/15) Running mc tests ... done in 22 seconds
FAILED in 5 minutes and 10 seconds
Unhandled exception. System.AggregateException: One or more errors occurred. (A task was canceled.)
 ---> System.Threading.Tasks.TaskCanceledException: A task was canceled.
   at System.Threading.Tasks.Task.GetExceptions(Boolean includeTaskCanceledExceptions)
   at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
   at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
   at System.Threading.Tasks.Task.Wait()
   at Minio.Functional.Tests.Program.Main(String[] args) in /mint/run/core/minio-dotnet/temp/Minio.Functional.Tests/Program.cs:line 156
--- End of stack trace from previous location ---

   --- End of inner exception stack trace ---
   at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
   at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
   at System.Threading.Tasks.Task.Wait()
   at Minio.Functional.Tests.Program.Main(String[] args) in /mint/run/core/minio-dotnet/temp/Minio.Functional.Tests/Program.cs:line 156
(8/15) Running minio-go tests ... done in 56 seconds
(9/15) Running minio-java tests ... done in 19 seconds
(10/15) Running minio-js tests ... done in 59 seconds
(11/15) Running minio-py tests ... done in 45 seconds
(12/15) Running s3cmd tests ... done in 42 seconds
(13/15) Running s3select tests ... done in 1 seconds
(14/15) Running versioning tests ... done in 3 minutes and 2 seconds

Executed 14 out of 15 tests successfully.

Deleting image on docker hub
Deleting image locally

[sathieu]

@dormanze The chart is now broken with:

  users:
  - accessKey: "foobar"
    existingSecret: minio-secretkeys-gitops
    existingSecretKey: "foobar"
    policy: "readwrite_test"

[sathieu]

Proposed fix: #15386

[dormanze]

@dormanze The chart is now broken with:

  users:
  - accessKey: "foobar"
    existingSecret: minio-secretkeys-gitops
    existingSecretKey: "foobar"
    policy: "readwrite_test"

LGTM