From e8d901c325dc71a6d6f48e81dfcbbf8c78066906 Mon Sep 17 00:00:00 2001
From: Leandro Salgado <lmocs98@gmail.com>
Date: Thu, 19 Mar 2026 15:49:02 +0000
Subject: [PATCH 1/6] fix: remove static secret and access keys

---
 .do/Makefile       | 4 ++++
 codacy/values.yaml | 2 --
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/.do/Makefile b/.do/Makefile
index 6ecda9cf..ad71c4b8 100644
--- a/.do/Makefile
+++ b/.do/Makefile
@@ -2,6 +2,8 @@ CODACY_URL?="https://dev.k8s.dev.codacy.org"
 GRAFANA_URL?="https://grafana.k8s.dev.codacy.org"
 RELEASE_NAME?="codacy"
 NAMESPACE?="codacy"
+MINIO_ACCESS_KEY=$(shell openssl rand -hex 14)
+MINIO_SECRET_KEY=$(shell openssl rand -base64 14)
 HELM_REPOSITORY?=codacy-incubator
 DEPLOYMENTS?=$(shell kubectl get deployments -n "${NAMESPACE}" | awk '{print $$1}' | tail -n +2 | grep -v minio)
 WORKER_VERSION?=$(shell grep "engine" -A 2 ../codacy/requirements.lock | grep version | cut -d : -f 2 | tr -d '[:blank:]')
@@ -17,6 +19,8 @@ define call_helm_install
 	-f ../codacy/values-production.yaml \
 	-f values.yaml \
 	--namespace ${2} \
+	--set global.minio.secretKey=$${MINIO_SECRET_KEY} \
+	--set global.minio.accessKey=$${MINIO_ACCESS_KEY} \
 	--set global.imagePullSecrets[0].name=docker-credentials \
 	--set global.play.cryptoSecret=$${SHARED_PLAY_CRYPTO_SECRET} \
 	--set global.akka.sessionSecret=$${SHARED_AKKA_SESSION_SECRET} \
diff --git a/codacy/values.yaml b/codacy/values.yaml
index 343286ff..1e16e9cd 100644
--- a/codacy/values.yaml
+++ b/codacy/values.yaml
@@ -124,8 +124,6 @@ global:
     create: true
     location: codacy-minio
     port: 9000
-    accessKey: "AKIAIOSFODNN7EXAMPLE"
-    secretKey: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
 
   s3:
     bucket:

From f5c13ff0c7c2e055e2552ced70ae2abb4857f46f Mon Sep 17 00:00:00 2001
From: Leandro Salgado <lmocs98@gmail.com>
Date: Fri, 20 Mar 2026 09:28:45 +0000
Subject: [PATCH 2/6] add variable reference to helm config

---
 .circleci/config.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 5325488f..3750d242 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -81,6 +81,8 @@ references:
       minio:
         persistence:
           size: 10Gi
+        accessKey: ${MINIO_ACCESS_KEY}
+        secretKey: ${MINIO_SECRET_KEY}
       rabbitmq-ha:
         replicaCount: 1
         ulimitNofiles: 32768

From 48e117e288b13836cc97f5a5d7e65e30bdc6dea5 Mon Sep 17 00:00:00 2001
From: Leandro Salgado <lmocs98@gmail.com>
Date: Fri, 20 Mar 2026 09:46:07 +0000
Subject: [PATCH 3/6] test minio credentials

---
 .circleci/config.yml | 2 --
 codacy/values.yaml   | 2 ++
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 3750d242..5325488f 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -81,8 +81,6 @@ references:
       minio:
         persistence:
           size: 10Gi
-        accessKey: ${MINIO_ACCESS_KEY}
-        secretKey: ${MINIO_SECRET_KEY}
       rabbitmq-ha:
         replicaCount: 1
         ulimitNofiles: 32768
diff --git a/codacy/values.yaml b/codacy/values.yaml
index 1e16e9cd..343286ff 100644
--- a/codacy/values.yaml
+++ b/codacy/values.yaml
@@ -124,6 +124,8 @@ global:
     create: true
     location: codacy-minio
     port: 9000
+    accessKey: "AKIAIOSFODNN7EXAMPLE"
+    secretKey: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
 
   s3:
     bucket:

From b061cc32050ef24f57f9ff7daf2df515a270ee7f Mon Sep 17 00:00:00 2001
From: Leandro Salgado <lmocs98@gmail.com>
Date: Fri, 20 Mar 2026 15:01:44 +0000
Subject: [PATCH 4/6] test

---
 .circleci/config.yml | 2 ++
 codacy/values.yaml   | 2 --
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 5325488f..3750d242 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -81,6 +81,8 @@ references:
       minio:
         persistence:
           size: 10Gi
+        accessKey: ${MINIO_ACCESS_KEY}
+        secretKey: ${MINIO_SECRET_KEY}
       rabbitmq-ha:
         replicaCount: 1
         ulimitNofiles: 32768
diff --git a/codacy/values.yaml b/codacy/values.yaml
index 343286ff..1e16e9cd 100644
--- a/codacy/values.yaml
+++ b/codacy/values.yaml
@@ -124,8 +124,6 @@ global:
     create: true
     location: codacy-minio
     port: 9000
-    accessKey: "AKIAIOSFODNN7EXAMPLE"
-    secretKey: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
 
   s3:
     bucket:

From bab5429cb75f7458c982152d44765eac67d92c89 Mon Sep 17 00:00:00 2001
From: Leandro Salgado <lmocs98@gmail.com>
Date: Fri, 20 Mar 2026 15:40:20 +0000
Subject: [PATCH 5/6] remove reference in Makefile

---
 .do/Makefile | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.do/Makefile b/.do/Makefile
index ad71c4b8..5c047444 100644
--- a/.do/Makefile
+++ b/.do/Makefile
@@ -19,8 +19,6 @@ define call_helm_install
 	-f ../codacy/values-production.yaml \
 	-f values.yaml \
 	--namespace ${2} \
-	--set global.minio.secretKey=$${MINIO_SECRET_KEY} \
-	--set global.minio.accessKey=$${MINIO_ACCESS_KEY} \
 	--set global.imagePullSecrets[0].name=docker-credentials \
 	--set global.play.cryptoSecret=$${SHARED_PLAY_CRYPTO_SECRET} \
 	--set global.akka.sessionSecret=$${SHARED_AKKA_SESSION_SECRET} \

From 920685dd7fe2f6aaef7d91557c26513c88a4e88c Mon Sep 17 00:00:00 2001
From: Leandro Salgado <lmocs98@gmail.com>
Date: Fri, 20 Mar 2026 16:04:51 +0000
Subject: [PATCH 6/6] add reference

---
 .do/Makefile | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.do/Makefile b/.do/Makefile
index 5c047444..d8e17daa 100644
--- a/.do/Makefile
+++ b/.do/Makefile
@@ -3,7 +3,7 @@ GRAFANA_URL?="https://grafana.k8s.dev.codacy.org"
 RELEASE_NAME?="codacy"
 NAMESPACE?="codacy"
 MINIO_ACCESS_KEY=$(shell openssl rand -hex 14)
-MINIO_SECRET_KEY=$(shell openssl rand -base64 14)
+MINIO_SECRET_KEY=$(shell openssl rand -hex 14)
 HELM_REPOSITORY?=codacy-incubator
 DEPLOYMENTS?=$(shell kubectl get deployments -n "${NAMESPACE}" | awk '{print $$1}' | tail -n +2 | grep -v minio)
 WORKER_VERSION?=$(shell grep "engine" -A 2 ../codacy/requirements.lock | grep version | cut -d : -f 2 | tr -d '[:blank:]')
@@ -19,6 +19,8 @@ define call_helm_install
 	-f ../codacy/values-production.yaml \
 	-f values.yaml \
 	--namespace ${2} \
+	--set global.minio.secretKey=$${MINIO_SECRET_KEY} \
+	--set global.minio.accessKey=$${MINIO_ACCESS_KEY} \
 	--set global.imagePullSecrets[0].name=docker-credentials \
 	--set global.play.cryptoSecret=$${SHARED_PLAY_CRYPTO_SECRET} \
 	--set global.akka.sessionSecret=$${SHARED_AKKA_SESSION_SECRET} \
@@ -45,6 +47,8 @@ define call_helm_install_infrastructure
 	-f ../codacy/values-production.yaml \
 	-f values.yaml \
 	--namespace ${2} \
+	--set global.minio.secretKey=$${MINIO_SECRET_KEY} \
+  --set global.minio.accessKey=$${MINIO_ACCESS_KEY} \
 	--set codacy-ingress.create=false \
 	--set portal.create=false \
 	--set ragnaros.create=false \