Merge pull request #24 from cybertec-postgresql/updateGCSReadme

Schmaetz · web-flow · commit 58a91d4e121a · 2024-08-09T15:58:22.000+02:00
update readme for gcs
diff --git a/cluster-tutorials/pgbackrest_with_gcs/README.md b/cluster-tutorials/pgbackrest_with_gcs/README.md
@@ -1,29 +1,11 @@
 # pgbackrest with GCS
 
-## Creating the key.json file
+## Creating the gcs.json file
 
-The key.json file should be created on an appropriate GCP IAM service account with at least the minimum permissions for
-GCS to read/write to your bucket.  Once the keyfile is downloaded, it should be created as a secret within kubernetes using
-either the appropriate ci/cd pipelines (leveraging an engine like Vault), or via:
+The key.json file should be created on a suitable GCP IAM service account that has at least the minimum permissions for
+GCS to read/write in your bucket.  Once the key file is downloaded, we need to integrate it into the secret used in the backup definition. 
+To do this, you only need to save the file names as gcs.json in this folder. The kustomize file ensure that gcs.json is integrated into the secret 
 
 ```
-kubectl create secret generic gcs-credentials --from-file=/path/to/key.json
+kubectl -k .
 ```
-
-## Method 1: operator configuration
-
-The operator needs the following configuration enabled to mount the gcs-credentials secret in all postgres containers:
-
-```
-configuration:
-  aws_or_gcp:
-    additional_secret_mount: gcs-credentials
-    additional_secret_mount_path: /var/secrets/google
-    gcp_credentials: /var/secrets/google/key.json
-```
-
-## Method 2: per-cluster configuration
-
-Alternatively you could utilize additionalVolumes in postgres.yaml to mount cluster-specific secrets in the postgresql cluster, 
-but if you change the name or the path that the keyfile is mounted to, you need to update spec.backup.pgbackrest.global.repo1-gcs-key
-in postgres.yaml to match.
