From f6660f36494e006ad9e5aaa9a6ca2e779b7e1f8b Mon Sep 17 00:00:00 2001
From: duanhongyi <duanhongyi@doopai.com>
Date: Tue, 4 Dec 2018 10:49:58 +0800
Subject: [PATCH] feat(workflow): add parameters to determine that s3 enabled
 SSE

---
 charts/workflow/templates/objectstorage-secret.yaml | 1 +
 charts/workflow/values.yaml                         | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/charts/workflow/templates/objectstorage-secret.yaml b/charts/workflow/templates/objectstorage-secret.yaml
index ddaa86a78..cbd9efaad 100644
--- a/charts/workflow/templates/objectstorage-secret.yaml
+++ b/charts/workflow/templates/objectstorage-secret.yaml
@@ -19,6 +19,7 @@ data: {{ if eq .Values.global.storage "gcs"}}
   registry-container: {{ .Values.azure.registry_container | b64enc }}{{ else if eq .Values.global.storage "s3"}}
   accesskey: {{ .Values.s3.accesskey | b64enc }}
   secretkey: {{ .Values.s3.secretkey | b64enc }}
+  sse: {{ .Values.s3.sse | b64enc }}
   region: {{ .Values.s3.region | b64enc }}
   builder-bucket: {{ .Values.s3.builder_bucket | b64enc }}
   registry-bucket: {{.Values.s3.registry_bucket | b64enc }}
diff --git a/charts/workflow/values.yaml b/charts/workflow/values.yaml
index 2bb44afb8..5c10d8cb4 100644
--- a/charts/workflow/values.yaml
+++ b/charts/workflow/values.yaml
@@ -81,6 +81,12 @@ s3:
   accesskey: ""
   # Your AWS secret key. Leave it empty if you want to use IAM credentials.
   secretkey: ""
+  #
+  # Set to the algorithm to use when storing the objects in S3.
+  # Currently only `None` and `AES256` are supported
+  # To disable S3 server-side encryption, set it to `None`.
+  # This property will be ignored if minio is used.
+  sse: "AES256"
   # Any S3 region
   region: "us-west-1"
   # Your buckets.