# This example demonstrates the loading of a hard-wired input artifact from an S3 compliant
# store. This can be AWS S3, Google Cloud Storage (GCS) with interoperability enabled,
# or a self-hosted minio service. S3 guards access to buckets using an access key and
# secret key, which will be stored as regular Kubernetes secrets, and referenced in the
# workflow using secret selectors. To create the secret required for this example, first
# run the following command:
# $ kubectl create secret generic my-s3-credentials --from-literal=accessKey=<YOUR-ACCESS-KEY> --from-literal=secretKey=<YOUR-SECRET-KEY>
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
  generateName: input-artifact-s3-
spec:
  entrypoint: input-artifact-s3-example
  templates:
  - name: input-artifact-s3-example
    inputs:
      artifacts:
      - name: my-art
        path: /my-artifact
        s3:
          # Use the corresponding endpoint depending on your S3 provider:
          #   AWS: s3.amazonaws.com
          #   GCS: storage.googleapis.com
          #   Minio: my-minio-endpoint.default:9000
          endpoint: s3.amazonaws.com
          bucket: my-bucket-name
          key: path/in/bucket
          # accessKeySecret and secretKeySecret are secret selectors.
          # It references the k8s secret named 'my-s3-credentials'.
          # This secret is expected to have have the keys 'accessKey'
          # and 'secretKey', containing the base64 encoded credentials
          # to the bucket.
          accessKeySecret:
            name: my-s3-credentials
            key: accessKey
          secretKeySecret:
            name: my-s3-credentials
            key: secretKey
    container:
      image: debian:latest
      command: [sh, -c]
      args: ["ls -l /my-artifact"]