taskcluster
diff --git a/‎changelog/issue-5039.md‎
Lines changed: 5 additions & 0 deletions b/‎changelog/issue-5039.md‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎dev-docs/dev-config-example.yml‎
Lines changed: 1 addition & 0 deletions b/‎dev-docs/dev-config-example.yml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎generated/references.json‎
Lines changed: 5 additions & 1 deletion b/‎generated/references.json‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎infrastructure/k8s/templates/taskcluster-queue-secret.yaml‎
Lines changed: 1 addition & 0 deletions b/‎infrastructure/k8s/templates/taskcluster-queue-secret.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎infrastructure/k8s/values.schema.json‎
Lines changed: 5 additions & 1 deletion b/‎infrastructure/k8s/values.schema.json‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎services/queue/config.yml‎
Lines changed: 1 addition & 0 deletions b/‎services/queue/config.yml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎ui/docs/manual/deploying/queue-config.mdx‎
Lines changed: 1 addition & 1 deletion b/‎ui/docs/manual/deploying/queue-config.mdx‎
Lines changed: 1 addition & 1 deletion
@@ -0,0 +1,5 @@
+audience: deployers
+level: patch
+reference: issue 5039
+---
+The new `queue.aws_endpoint` Helm configuration value allows setting the endpoint used to access S3 buckets.  This configuration enables use of non-AWS S3-compatible backends.
@@ -1025,6 +1025,9 @@
         "aws_access_key_id": {
           "type": "string"
         },
+        "aws_endpoint": {
+          "type": "string"
+        },
         "aws_secret_access_key": {
           "type": "string"
         },
@@ -1279,7 +1282,8 @@
         "pulse_password",
         "aws_access_key_id",
         "aws_secret_access_key",
-        "artifact_region"
+        "artifact_region",
+        "aws_endpoint"
       ],
       "title": "Configuration options for queue",
       "type": "object"
 
@@ -103,6 +103,7 @@ defaults:
     accessKeyId:      !env AWS_ACCESS_KEY_ID
     secretAccessKey:  !env AWS_SECRET_ACCESS_KEY
     region:           !env ARTIFACT_REGION
+    endpoint:         !env AWS_ENDPOINT
     apiVersion:       2014-01-01
 
   # new relic config (processed in services/prelude.js)
 
@@ -29,11 +29,11 @@ That involves the following Helm values:
 * `queue.public_artifact_bucket_cdn` (optional)
 * `queue.aws_access_key_id`
 * `queue.aws_secret_access_key`
+* `queue.aws_endpoint` (optional; use this to interface with non-AWS services' S3-compatibility support)
 
 The service uses the public bucket for artifacts having prefix `public/`, and the private bucket for all others.
 Both buckets must be in the given `artifact_region`.
 
-
 In a public deployment of Taskcluster, it may make sense to allow public read access to the public bucket, in which case setting `sign_public_artifact_urls` to false will allow simpler (unsigned) URLs for public artifacts.
 A further optional step is to configure a CDN such as CloudFront to serve artifacts from this bucket, with a URL prefix given in `public_artifact_bucket_cdn`.
 Paths on the CDN should match those on the bucket, and the configured URL must use `https` and must not end in a `/` character.