Add ocp4_workload_seaweedfs role for SeaweedFS S3-compatible storage#135
Merged
Add ocp4_workload_seaweedfs role for SeaweedFS S3-compatible storage#135
Conversation
Add SeaweedFS as a fourth S3-compatible storage backend option for Quay, alongside Noobaa, Garage, and S4. SeaweedFS (Apache 2.0 licensed) provides a lightweight distributed object storage that supports Clair vulnerability scanning, addressing Garage's limitation with Clair layer fetching. New role deploys SeaweedFS via ArgoCD/Helm with master, volume, and filer components, pre-configured S3 IAM credentials, bucket creation via weed shell, and credential Secret for downstream consumption. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
wkulhanek
requested review from
agonzalezrh,
fridim,
rut31337 and
stencell
as code owners
Replace embedded {{ }} inside lookup strings with Jinja2 string
concatenation (~) to avoid the deprecation warning that will become
an error in ansible-core 2.23.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The weed shell binary does not support a -shell.command flag. Instead, pipe the s3.bucket.create command via stdin using echo and shell. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The Quay operator rejects the config bundle when it contains Clair-related fields (FEATURE_SECURITY_SCANNER, SECURITY_SCANNER_V4_ENDPOINT, CLAIR_CONFIG) while clair.managed is true, as the operator manages those fields itself. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
ocp4_workload_seaweedfsrole that deploys SeaweedFS S3-compatible distributed object storage on OpenShift via ArgoCD/Helmocp4_workload_quay_operator(alongside Noobaa, Garage, and S4)Details
New role (
ocp4_workload_seaweedfs):weed shellexec into filer podseaweedfs-s3-credentials) for consumption by downstream rolesagnosticd_user_infoQuay operator updates:
ocp4_workload_quay_operator_seaweedfs_*configuration variablesRadosGWStorageconfig block in Quay'sDISTRIBUTED_STORAGE_CONFIGobjectstoragemanaged condition in QuayRegistry CR