From 108dbb6ead624999c9f40609bf10d834b8402935 Mon Sep 17 00:00:00 2001 From: Phillip Schichtel Date: Fri, 22 Sep 2023 22:16:01 +0200 Subject: [PATCH] also enable encryption when the KMS secret is given as a file this allows passing in the KMS secret as a file using additional volumes --- api/tenant-get-handlers.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/api/tenant-get-handlers.go b/api/tenant-get-handlers.go index 3d8fe82bdcf..9026ceee581 100644 --- a/api/tenant-get-handlers.go +++ b/api/tenant-get-handlers.go @@ -67,7 +67,8 @@ func getTenantDetailsResponse(session *models.Principal, params operator_api.Ten oidcEnabled := tenantConfiguration["MINIO_IDENTITY_OPENID_CONFIG_URL"] != "" // detect if encryption is enabled - info.EncryptionEnabled = minTenant.HasKESEnabled() || tenantConfiguration["MINIO_KMS_SECRET_KEY"] != "" + hasKmsSecret := tenantConfiguration["MINIO_KMS_SECRET_KEY"] != "" || tenantConfiguration["MINIO_KMS_SECRET_KEY_FILE"] != "" + info.EncryptionEnabled = minTenant.HasKESEnabled() || hasKmsSecret info.IdpAdEnabled = ldapEnabled info.IdpOidcEnabled = oidcEnabled info.MinioTLS = minTenant.TLS()