diff --git a/charts/storj/2.0.0/Chart.lock b/charts/storj/2.0.0/Chart.lock new file mode 100644 index 0000000000..b6ab3f799b --- /dev/null +++ b/charts/storj/2.0.0/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../common + version: 1.2.9 +digest: sha256:af1a9a1f87e3e48453c9f25f909f5ebcd7fa6e25162b7b425448ba752bcdbc5c +generated: "2024-02-23T17:46:31.084498341+02:00" diff --git a/charts/storj/2.0.0/Chart.yaml b/charts/storj/2.0.0/Chart.yaml new file mode 100644 index 0000000000..7423f0dfd9 --- /dev/null +++ b/charts/storj/2.0.0/Chart.yaml @@ -0,0 +1,27 @@ +name: storj +description: Share your storage on the internet and earn. +annotations: + title: Storj +type: application +version: 2.0.0 +apiVersion: v2 +appVersion: v1.68.2 +kubeVersion: '>=1.16.0-0' +maintainers: + - name: truenas + url: https://www.truenas.com/ + email: dev@ixsystems.com +dependencies: + - name: common + repository: file://../../../common + version: 1.2.9 +home: https://www.storj.io +icon: https://media.sys.truenas.net/apps/storj/icons/icon.svg +sources: + - https://www.storj.io + - https://github.com/truenas/charts/tree/master/charts/storj +keywords: + - storage + - dapps + - networking + - financial diff --git a/charts/storj/2.0.0/README.md b/charts/storj/2.0.0/README.md new file mode 100644 index 0000000000..40ef8c95cc --- /dev/null +++ b/charts/storj/2.0.0/README.md @@ -0,0 +1,7 @@ +# Storj + +[Storj](https://www.storj.io/) - share your extra storage and earn money + +During the first startup a container with root privileges is created. +And it will generate an identity (if it doesn't exist) +After the identity is created, the container will run as a non-root user. diff --git a/charts/storj/2.0.0/app-readme.md b/charts/storj/2.0.0/app-readme.md new file mode 100644 index 0000000000..40ef8c95cc --- /dev/null +++ b/charts/storj/2.0.0/app-readme.md @@ -0,0 +1,7 @@ +# Storj + +[Storj](https://www.storj.io/) - share your extra storage and earn money + +During the first startup a container with root privileges is created. +And it will generate an identity (if it doesn't exist) +After the identity is created, the container will run as a non-root user. diff --git a/charts/storj/2.0.0/charts/common-1.2.9.tgz b/charts/storj/2.0.0/charts/common-1.2.9.tgz new file mode 100644 index 0000000000..c69e6d479f Binary files /dev/null and b/charts/storj/2.0.0/charts/common-1.2.9.tgz differ diff --git a/charts/storj/2.0.0/ci/basic-values.yaml b/charts/storj/2.0.0/ci/basic-values.yaml new file mode 100644 index 0000000000..11d029099f --- /dev/null +++ b/charts/storj/2.0.0/ci/basic-values.yaml @@ -0,0 +1,20 @@ +storjConfig: + wallet: 0xab00000999999aaaaaaaccccccdddddddfffffff + authToken: user:sasjkadkjhakdlaskdlkajsd + email: user@example.com + domainAddress: localhost + gracePeriod: 120 + storageSizeGB: 500 + wallets: + zkSync: true + zkSyncEra: true + +storjStorage: + data: + type: pvc + identity: + type: pvc + +storjNetwork: + webPort: 30909 + p2pPort: 32767 diff --git a/charts/storj/2.0.0/ix_values.yaml b/charts/storj/2.0.0/ix_values.yaml new file mode 100644 index 0000000000..73eb0654ee --- /dev/null +++ b/charts/storj/2.0.0/ix_values.yaml @@ -0,0 +1,49 @@ +image: + pullPolicy: IfNotPresent + repository: storjlabs/storagenode + tag: 1d42f9ac3-v1.68.2-go1.18.8 +curlImage: + pullPolicy: IfNotPresent + repository: alpine/curl + tag: latest + +podOptions: + dnsConfig: + options: [] + +resources: + limits: + cpu: 4000m + memory: 8Gi + +storjConfig: + wallet: '' + authToken: '' + email: '' + domainAddress: '' + gracePeriod: 30 + storageSizeGB: 500 + wallets: + zkSync: false + zkSyncEra: false + additionalEnvs: [] + +storjRunAs: + user: 568 + group: 568 + +storjNetwork: + webPort: 20909 + p2pPort: 28967 + hostNetwork: false + +storjStorage: + data: + type: ixVolume + ixVolumeConfig: + datasetName: data + identity: + type: ixVolume + ixVolumeConfig: + datasetName: identity + additionalStorages: [] diff --git a/charts/storj/2.0.0/metadata.yaml b/charts/storj/2.0.0/metadata.yaml new file mode 100644 index 0000000000..ff77dff102 --- /dev/null +++ b/charts/storj/2.0.0/metadata.yaml @@ -0,0 +1,36 @@ +runAsContext: + - userName: storj + groupName: storj + gid: 568 + uid: 568 + description: Storj runs as non-root user. +capabilities: + - name: CHOWN + description: Storj is able to chown files. + - name: FOWNER + description: Storj is able to bypass permission checks for it's sub-processes. + - name: SYS_CHROOT + description: Storj is able to use chroot. + - name: MKNOD + description: Storj is able to create device nodes. + - name: DAC_OVERRIDE + description: Storj is able to bypass permission checks. + - name: FSETID + description: Storj is able to set file capabilities. + - name: KILL + description: Storj is able to kill processes. + - name: SETGID + description: Storj is able to set group ID for it's sub-processes. + - name: SETUID + description: Storj is able to set user ID for it's sub-processes. + - name: SETPCAP + description: Storj is able to set process capabilities. + - name: NET_BIND_SERVICE + description: Storj is able to bind to privileged ports. + - name: SETFCAP + description: Storj is able to set file capabilities. + - name: NET_RAW + description: Storj is able to use raw sockets. + - name: AUDIT_WRITE + description: Storj is able to write to audit log. +hostMounts: [] diff --git a/charts/storj/2.0.0/migrations/migrate b/charts/storj/2.0.0/migrations/migrate new file mode 100755 index 0000000000..00d7ba6d80 --- /dev/null +++ b/charts/storj/2.0.0/migrations/migrate @@ -0,0 +1,104 @@ +#!/usr/bin/python3 +import json +import os +import sys + +def migrate_volume(volume): + return { + 'type': 'hostPath', + 'hostPathConfig': { + 'hostPath': volume['hostPath'] + }, + } if volume.get('hostPathEnabled', False) else { + 'type': 'ixVolume', + 'ixVolumeConfig': { + 'datasetName': volume['datasetName'], + }, + } + +def migrate_common_lib(values): + delete_keys = [ + 'enableResourceLimits', 'cpuLimit', 'memLimit', 'dnsConfig', + 'environmentVariables', 'runAsUser', 'runAsGroup', 'webPort', + 'nodePort', 'wallet', 'authToken', 'email', 'domainAddress', + 'terminationGracePeriod', 'storageSize', 'zksync', 'zksyncEra', + 'extraAppVolumeMounts', 'appVolumeMounts', 'identityCreationMountPath', + ] + + values.update({ + # Migrate Network + 'storjNetwork': { + 'webPort': values['webPort'], + 'p2pPort': values['nodePort'], + }, + # Migrate Resources + 'resources': { + 'limits': { + 'cpu': values.get('cpuLimit', '4000m'), + 'memory': values.get('memLimit', '8Gi'), + } + }, + # Migrate DNS + 'podOptions': { + 'dnsConfig': { + 'options': [ + {'name': opt['name'], 'value': opt['value']} + for opt in values.get('dnsConfig', {}).get('options', []) + ] + } + }, + # Migrate ID + 'storjRunAs': { + 'user': values['runAsUser'], + 'group': values['runAsGroup'], + }, + # Migrate Config + 'storjConfig': { + 'wallet': values['wallet'], + 'authToken': values['authToken'], + 'email': values['email'], + 'domainAddress': values['domainAddress'], + 'storageSizeGB': values['storageSize'], + 'gracePeriod': values['terminationGracePeriod'], + 'wallets': { + 'zkSync': values['zksync'], + 'zkSyncEra': values['zksyncEra'], + }, + 'additionalEnvs': [e for e in values.get('environmentVariables', [])], + }, + # Migrate Storage + 'storjStorage': { + 'data': migrate_volume(values['appVolumeMounts']['data']), + 'identity': migrate_volume(values['appVolumeMounts']['identity']), + 'additionalStorages': [ + { + 'type': 'hostPath', + 'hostPathConfig': {'hostPath': e['hostPath']}, + 'mountPath': e['mountPath'], + } + for e in values.get('extraAppVolumeMounts', []) + ], + }, + + }) + + for k in delete_keys: + values.pop(k, None) + + return values + +def migrate(values): + # If this missing, we have already migrated + if not 'appVolumeMounts' in values.keys(): + return values + + return migrate_common_lib(values) + + +if __name__ == '__main__': + if len(sys.argv) != 2: + exit(1) + + if os.path.exists(sys.argv[1]): + with open(sys.argv[1], 'r') as f: + print(json.dumps(migrate(json.loads(f.read())))) diff --git a/charts/storj/2.0.0/questions.yaml b/charts/storj/2.0.0/questions.yaml new file mode 100644 index 0000000000..c8d0b0782f --- /dev/null +++ b/charts/storj/2.0.0/questions.yaml @@ -0,0 +1,551 @@ +groups: + - name: Storj Configuration + description: Configure Storj + - name: User and Group Configuration + description: Configure User and Group for Storj + - name: Advanced Pod Configuration + description: Configure Advanced Pod Options for Storj + - name: Network Configuration + description: Configure Network for Storj + - name: Storage Configuration + description: Configure Storage for Storj + - name: Resources Configuration + description: Configure Resources for Storj + +portals: + web_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" + path: "$kubernetes-resource_configmap_portal_path" + +questions: + - variable: storjConfig + label: "" + group: Storj Configuration + schema: + type: dict + attrs: + - variable: wallet + label: Wallet + description: The wallet to use for Storj. + schema: + type: string + required: true + private: true + - variable: authToken + label: Auth Token + description: The auth token to use for Storj. + schema: + type: string + required: true + private: true + - variable: email + label: Email + description: The email to use for Storj. + schema: + type: string + required: true + - variable: domainAddress + label: Domain Address + description: The domain address to use for Storj. + schema: + type: string + required: true + private: true + - variable: gracePeriod + label: Grace Period + description: The grace period to use for Storj. + schema: + type: int + min: 30 + default: 30 + required: true + - variable: storageSizeGB + label: Storage Size + description: The storage size to use for Storj. + schema: + type: int + min: 500 + default: 500 + required: true + - variable: wallets + label: Opt-in to additional Wallets + schema: + type: dict + attrs: + - variable: zkSync + label: zkSync + description: Appends "zksync" to --operator.wallet-features flag to the storagenode command + schema: + type: boolean + default: false + - variable: zkSyncEra + label: zkSync Era + description: Appends "zksync-era" to --operator.wallet-features flag to the storagenode command + schema: + type: boolean + default: false + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for Storj. + schema: + type: list + default: [] + items: + - variable: env + label: Environment Variable + schema: + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + + - variable: storjRunAs + label: "" + group: User and Group Configuration + schema: + type: dict + attrs: + - variable: user + label: User ID + description: The user id that Storj will run as. + schema: + type: int + min: 568 + default: 568 + required: true + - variable: group + label: Group ID + description: The group id that Storj will run as. + schema: + type: int + min: 568 + default: 568 + required: true + + - variable: podOptions + label: "" + group: Advanced Pod Configuration + schema: + type: dict + attrs: + - variable: dnsConfig + label: Advanced DNS Configuration + schema: + type: dict + attrs: + - variable: options + label: DNS Options + schema: + type: list + items: + - variable: optionsEntry + label: DNS Option Entry + schema: + type: dict + attrs: + - variable: name + label: Option Name + schema: + type: string + required: true + - variable: value + label: Option Value + schema: + type: string + required: true + + - variable: storjNetwork + label: "" + group: Network Configuration + schema: + type: dict + attrs: + - variable: webPort + label: Web Port + description: The port for the Storj Web UI. + schema: + type: int + default: 20909 + min: 9000 + max: 65535 + required: true + - variable: p2pPort + label: P2P Port + description: | + This port will be used for both TCP and UDP traffic.
+ Note that this port must be open on your firewall and that internal + Storj port will not be affected by this change, but only the external (Node Port) + schema: + type: int + default: 28967 + min: 9000 + max: 65535 + required: true + - variable: hostNetwork + label: Host Network + description: | + Enable host network for Storj + schema: + type: boolean + default: false + + - variable: storjStorage + label: "" + group: Storage Configuration + schema: + type: dict + attrs: + - variable: data + label: Storj Data Storage + description: The path to store Storj Data. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + immutable: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "data" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Config + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + - variable: identity + label: Storj Identity Storage + description: The path to store Storj Identity. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + immutable: true + default: "ixVolume" + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "identity" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Config + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + + - variable: additionalStorages + label: Additional Storage + description: Additional storage for Storj. + schema: + type: list + default: [] + items: + - variable: storageEntry + label: Storage Entry + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system.
+ SMB Share: Is a SMB share that is mounted to a persistent volume claim. + schema: + type: string + required: true + default: "ixVolume" + immutable: true + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - value: "smb-pv-pvc" + description: SMB Share (Mounts a persistent volume claim to a SMB share) + - variable: readOnly + label: Read Only + description: Mount the volume as read only. + schema: + type: boolean + default: false + - variable: mountPath + label: Mount Path + description: The path inside the container to mount the storage. + schema: + type: path + required: true + - variable: hostPathConfig + label: Host Path Config + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + default: "storage_entry" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: smbConfig + label: SMB Share Configuration + description: The configuration for the SMB Share. + schema: + type: dict + show_if: [["type", "=", "smb-pv-pvc"]] + attrs: + - variable: server + label: Server + description: The server for the SMB share. + schema: + type: string + required: true + - variable: share + label: Share + description: The share name for the SMB share. + schema: + type: string + required: true + - variable: domain + label: Domain (Optional) + description: The domain for the SMB share. + schema: + type: string + - variable: username + label: Username + description: The username for the SMB share. + schema: + type: string + required: true + - variable: password + label: Password + description: The password for the SMB share. + schema: + type: string + required: true + private: true + - variable: size + label: Size (in Gi) + description: The size of the volume quota. + schema: + type: int + required: true + min: 1 + default: 1 + + - variable: resources + group: Resources Configuration + label: "" + schema: + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for Storj. + schema: + type: string + max_length: 6 + valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$' + valid_chars_error: | + Valid CPU limit formats are
+ - Plain Integer - eg. 1
+ - Float - eg. 0.5
+ - Milicpu - eg. 500m + default: "4000m" + required: true + - variable: memory + label: Memory + description: Memory limit for Storj. + schema: + type: string + max_length: 12 + valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$' + valid_chars_error: | + Valid Memory limit formats are
+ - Suffixed with E/P/T/G/M/K - eg. 1G
+ - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi
+ - Plain Integer in bytes - eg. 1024
+ - Exponent - eg. 134e6 + default: "8Gi" + required: true diff --git a/charts/storj/2.0.0/templates/NOTES.txt b/charts/storj/2.0.0/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/charts/storj/2.0.0/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/charts/storj/2.0.0/templates/_configuration.tpl b/charts/storj/2.0.0/templates/_configuration.tpl new file mode 100644 index 0000000000..0d963c3be3 --- /dev/null +++ b/charts/storj/2.0.0/templates/_configuration.tpl @@ -0,0 +1,56 @@ +{{- define "storj.configuration" -}} +secret: + storj: + enabled: true + data: + authToken: {{ .Values.storjConfig.authToken | quote }} + storj-config: + enabled: true + data: + EMAIL: {{ .Values.storjConfig.email }} + STORAGE: {{ printf "%vGB" .Values.storjConfig.storageSizeGB }} + ADDRESS: {{ printf "%s:%v" .Values.storjConfig.domainAddress .Values.storjNetwork.p2pPort }} + WALLET: {{ .Values.storjConfig.wallet | quote }} +configmap: + storj: + enabled: true + data: + init_config.sh: | + #!/bin/sh + echo "Checking for identity certificate" + if ! [ -f ${DEFAULT_CERT_PATH} ] && ! [ -f ${DEFAULT_IDENTITY_CERT_PATH} ]; then + echo "Downloading identity generator tool" + curl -L https://github.com/storj/storj/releases/latest/download/identity_linux_amd64.zip -o identity_linux_amd64.zip + unzip -o identity_linux_amd64.zip + chmod +x identity + echo "Generating identity certificate" + ./identity create storagenode + echo "Authorizing identity certificate" + ./identity authorize storagenode ${AUTH_KEY} + echo "Storagenode identity certificate generated" + chown -R {{ .Values.storjRunAs.user }}:{{ .Values.storjRunAs.group }} {{ template "storj.idPath" }} + else + echo "Identity certificate already exists" + fi +{{- end -}} + +{{- define "storj.args" -}} + {{- $wallets := list -}} + {{- if .Values.storjConfig.wallets.zkSync -}} + {{- $wallets = mustAppend $wallets "zksync" -}} + {{- end -}} + + {{- if .Values.storjConfig.wallets.zkSyncEra -}} + {{- $wallets = mustAppend $wallets "zksync-era" -}} + {{- end -}} + +{{- if $wallets -}} +args: + - --operator.wallet-features={{ join "," $wallets }} +{{- end -}} + +{{- end -}} + +{{- define "storj.idPath" -}} + {{- print "/root/.local/share/storj/identity/storagenode" -}} +{{- end -}} diff --git a/charts/storj/2.0.0/templates/_migration.tpl b/charts/storj/2.0.0/templates/_migration.tpl new file mode 100644 index 0000000000..5bee683e00 --- /dev/null +++ b/charts/storj/2.0.0/templates/_migration.tpl @@ -0,0 +1,35 @@ +{{- define "storj.get-versions" -}} + {{- $oldChartVersion := "" -}} + {{- $newChartVersion := "" -}} + + {{/* Safely access the context, so it wont block CI */}} + {{- if hasKey .Values.global "ixChartContext" -}} + {{- if .Values.global.ixChartContext.upgradeMetadata -}} + + {{- $oldChartVersion = .Values.global.ixChartContext.upgradeMetadata.oldChartVersion -}} + {{- $newChartVersion = .Values.global.ixChartContext.upgradeMetadata.newChartVersion -}} + {{- if and (not $oldChartVersion) (not $newChartVersion) -}} + {{- fail "Upgrade Metadata is missing. Cannot proceed" -}} + {{- end -}} + {{- end -}} + {{- end -}} + + {{- toYaml (dict "old" $oldChartVersion "new" $newChartVersion) -}} +{{- end -}} + +{{- define "storj.migration" -}} + {{- $versions := (fromYaml (include "storj.get-versions" $)) -}} + {{- if and $versions.old $versions.new -}} + {{- $oldV := semver $versions.old -}} + {{- $newV := semver $versions.new -}} + + {{/* If new is v2.x.x */}} + {{- if eq ($newV.Major | int) 2 -}} + {{/* And old is v1.x.x, but lower than .0.18 */}} + {{- if and (eq $oldV.Major 1) (lt ($oldV.Patch | int) 18) -}} + {{/* Block the upgrade */}} + {{- fail "Migration to 2.x.x is only allowed from 1.0.18 or higher" -}} + {{- end -}} + {{- end -}} + {{- end -}} +{{- end -}} diff --git a/charts/storj/2.0.0/templates/_persistence.tpl b/charts/storj/2.0.0/templates/_persistence.tpl new file mode 100644 index 0000000000..ee8dad3a8d --- /dev/null +++ b/charts/storj/2.0.0/templates/_persistence.tpl @@ -0,0 +1,63 @@ +{{- define "storj.persistence" -}} +persistence: + data: + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.storjStorage.data) | nindent 4 }} + targetSelector: + storj: + storj: + mountPath: /app/config + {{- if and (eq .Values.storjStorage.data.type "ixVolume") + (not (.Values.storjStorage.data.ixVolumeConfig | default dict).aclEnable) }} + 01-permissions: + mountPath: /mnt/directories/data + {{- end }} + 03-setup: + mountPath: /app/config + identity: + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.storjStorage.identity) | nindent 4 }} + targetSelector: + storj: + storj: + mountPath: /app/identity + {{- if and (eq .Values.storjStorage.identity.type "ixVolume") + (not (.Values.storjStorage.identity.ixVolumeConfig | default dict).aclEnable) }} + 01-permissions: + mountPath: /mnt/directories/identity + {{- end }} + 02-generateid: + mountPath: {{ template "storj.idPath" }} + 03-setup: + mountPath: /app/identity + initscript: + enabled: true + type: configmap + objectName: storj + defaultMode: "0755" + targetSelector: + storj: + 02-generateid: + mountPath: /init_script/init_config.sh + subPath: init_config.sh + tmp: + enabled: true + type: emptyDir + targetSelector: + storj: + storj: + mountPath: /tmp + 02-generateid: + mountPath: /tmp + 03-setup: + mountPath: /tmp + {{- range $idx, $storage := .Values.storjStorage.additionalStorages }} + {{ printf "storj-%v:" (int $idx) }} + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }} + targetSelector: + storj: + storj: + mountPath: {{ $storage.mountPath }} + {{- end }} +{{- end -}} diff --git a/charts/storj/2.0.0/templates/_portal.tpl b/charts/storj/2.0.0/templates/_portal.tpl new file mode 100644 index 0000000000..b388b4b41a --- /dev/null +++ b/charts/storj/2.0.0/templates/_portal.tpl @@ -0,0 +1,12 @@ +{{- define "storj.portal" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + port: {{ .Values.storjNetwork.webPort | quote }} + path: "/" + protocol: "http" + host: $node_ip +{{- end -}} diff --git a/charts/storj/2.0.0/templates/_service.tpl b/charts/storj/2.0.0/templates/_service.tpl new file mode 100644 index 0000000000..308b3797e7 --- /dev/null +++ b/charts/storj/2.0.0/templates/_service.tpl @@ -0,0 +1,29 @@ +{{- define "storj.service" -}} +service: + storj: + enabled: true + primary: true + type: NodePort + targetSelector: storj + ports: + webui: + enabled: true + primary: true + port: {{ .Values.storjNetwork.webPort }} + nodePort: {{ .Values.storjNetwork.webPort }} + targetPort: 14002 + targetSelector: storj + p2p-tcp: + enabled: true + port: {{ .Values.storjNetwork.p2pPort }} + nodePort: {{ .Values.storjNetwork.p2pPort }} + targetPort: 28967 + targetSelector: storj + p2p-udp: + enabled: true + port: {{ .Values.storjNetwork.p2pPort }} + nodePort: {{ .Values.storjNetwork.p2pPort }} + targetPort: 28967 + protocol: udp + targetSelector: storj +{{- end -}} diff --git a/charts/storj/2.0.0/templates/_storj.tpl b/charts/storj/2.0.0/templates/_storj.tpl new file mode 100644 index 0000000000..9866ad44ec --- /dev/null +++ b/charts/storj/2.0.0/templates/_storj.tpl @@ -0,0 +1,93 @@ +{{- define "storj.workload" -}} +workload: + storj: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: {{ .Values.storjNetwork.hostNetwork }} + terminationGracePeriodSeconds: {{ .Values.storjConfig.gracePeriod }} + containers: + storj: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: {{ .Values.storjRunAs.user }} + runAsGroup: {{ .Values.storjRunAs.group }} + readOnlyRootFilesystem: false + # capabilities: + # add: + # - CHOWN + # - DAC_OVERRIDE + # - FOWNER + # - SETGID + # - SETUID + # - KILL + {{- include "storj.args" $ | nindent 10 }} + envFrom: + - secretRef: + name: storj-config + {{ with .Values.storjConfig.additionalEnvs }} + envList: + {{ range $env := . }} + - name: {{ $env.name }} + value: {{ $env.value }} + {{ end }} + {{ end }} + probes: + liveness: + enabled: false + readiness: + enabled: false + startup: + enabled: false + initContainers: + {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions" + "UID" .Values.storjRunAs.user + "GID" .Values.storjRunAs.group + "mode" "check" + "type" "install") | nindent 8 }} + 02-generateid: + enabled: true + type: init + imageSelector: curlImage + securityContext: + runAsUser: 0 + runAsGroup: 0 + runAsNonRoot: false + readOnlyRootFilesystem: false + capabilities: + add: + - CHOWN + - FOWNER + - DAC_OVERRIDE + command: + - /bin/sh + - -c + args: + - ./init_script/init_config.sh + env: + DEFAULT_CERT_PATH: {{ template "storj.idPath" }}/ca.cert + DEFAULT_IDENTITY_CERT_PATH: {{ template "storj.idPath" }}/identity.cert + AUTH_KEY: + secretKeyRef: + name: storj + key: authToken + 03-setup: + enabled: true + type: init + imageSelector: image + envFrom: + - secretRef: + name: storj-config + securityContext: + runAsUser: {{ .Values.storjRunAs.user }} + runAsGroup: {{ .Values.storjRunAs.group }} + readOnlyRootFilesystem: false + command: + - /bin/sh + - -c + - | + test ! -f /app/config/config.yaml && export SETUP="true"; /entrypoint +{{- end -}} diff --git a/charts/storj/2.0.0/templates/common.yaml b/charts/storj/2.0.0/templates/common.yaml new file mode 100644 index 0000000000..f90117abfb --- /dev/null +++ b/charts/storj/2.0.0/templates/common.yaml @@ -0,0 +1,14 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{- include "storj.migration" $ -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "storj.workload" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "storj.configuration" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "storj.service" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "storj.persistence" $ | fromYaml) -}} + +{{/* Create the configmap for portal manually*/}} +{{- include "storj.portal" $ -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/charts/storj/2.0.0/to_keep_versions.md b/charts/storj/2.0.0/to_keep_versions.md new file mode 100644 index 0000000000..2645025a35 --- /dev/null +++ b/charts/storj/2.0.0/to_keep_versions.md @@ -0,0 +1,4 @@ +# 1.0.18 + +This version is kept because it contains a fix that is needed for migration to v2.x.x +It should be safe to remove few months after v2.x.x is released. diff --git a/charts/storj/2.0.0/upgrade_strategy_disable b/charts/storj/2.0.0/upgrade_strategy_disable new file mode 100755 index 0000000000..3b5142fed1 --- /dev/null +++ b/charts/storj/2.0.0/upgrade_strategy_disable @@ -0,0 +1,51 @@ +#!/usr/bin/python3 +import json +import sys +import re + +from catalog_update.upgrade_strategy import semantic_versioning +from catalog_validation.exceptions import ValidationException + +version_regx = r'[\w]*-v[0-9]+.[0-9]+.[0-9]+-go[0-9]+.[0-9].+[0-9]+' +version_with_arch = version_regx + r'[-\w]*' +sub_go_version = r'-go[0-9]+.[0-9].+[0-9]+[-\w]*' +version_hash = r'[\w]*-v' +app_version_regx = 'v[0-9]+.[0-9]+.[0-9]' + + +def newer_mapping(image_tags): + key = list(image_tags.keys())[0] + tags = {} + for tag in image_tags[key]: + match = re.fullmatch(version_with_arch, tag) + if match: + removed_go_arch_version = re.sub(sub_go_version, '', tag) + app_version = re.sub(version_hash, '', removed_go_arch_version) + if tags.get(app_version): + tags.get(app_version).append(tag) + else: + tags[app_version] = [tag] + version = semantic_versioning(list(tags)) + if not version: + return {} + + version_tag = tags[version][0] + for tag in tags.get(version): + archi = re.sub(version_regx, '', tag) + if archi == 'amd64' or archi == '': + version_tag = tag + break + app_version = re.findall(app_version_regx, version_tag).pop() + return { + 'tags': {key: f'{version_tag}'}, + 'app_version': f'{app_version}', + } + + +if __name__ == '__main__': + try: + versions_json = json.loads(sys.stdin.read()) + except ValueError: + raise ValidationException('Invalid JSON') + + print(json.dumps(newer_mapping(versions_json)))