diff --git a/library/ix-dev/test/minio/Chart.lock b/library/ix-dev/test/minio/Chart.lock
new file mode 100644
index 0000000000..4bf65bf146
--- /dev/null
+++ b/library/ix-dev/test/minio/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: common
+ repository: file://../../../common
+ version: 1.2.2
+digest: sha256:fb077cb81f6acecd5c9e6adc22a18e156f780cd78f27198cdb47810f95364b56
+generated: "2023-11-09T15:45:47.242411019+02:00"
diff --git a/library/ix-dev/test/minio/Chart.yaml b/library/ix-dev/test/minio/Chart.yaml
new file mode 100644
index 0000000000..5ea5d2f62c
--- /dev/null
+++ b/library/ix-dev/test/minio/Chart.yaml
@@ -0,0 +1,26 @@
+name: minio
+description: High Performance, Kubernetes Native Object Storage
+annotations:
+ title: MinIO
+type: application
+version: 1.0.24
+apiVersion: v2
+appVersion: '2023-03-24'
+kubeVersion: '>=1.16.0-0'
+maintainers:
+ - name: truenas
+ url: https://www.truenas.com/
+ email: dev@ixsystems.com
+dependencies:
+ - name: common
+ repository: file://../../../common
+ version: 1.2.2
+home: https://min.io
+icon: https://media.sys.truenas.net/apps/minio/icons/icon.png
+sources:
+ - https://github.com/minio/minio
+ - https://github.com/truenas/charts/tree/master/enterprise/minio
+keywords:
+ - storage
+ - object-storage
+ - S3
diff --git a/library/ix-dev/test/minio/README.md b/library/ix-dev/test/minio/README.md
new file mode 100644
index 0000000000..f4c20c7e50
--- /dev/null
+++ b/library/ix-dev/test/minio/README.md
@@ -0,0 +1,16 @@
+# MinIO
+
+[MinIO](https://min.io) is a High Performance Object Storage released under Apache License v2.0.
+It is API compatible with Amazon S3 cloud storage service. Use MinIO to build high performance infrastructure
+for machine learning, analytics and application data workloads.
+
+> During the installation process, a container will be launched with **root** privileges. This is required
+> in order to apply the correct permissions to the MinIO data directory. Afterward, the `MinIO` container
+> will run as a **non**-root user (`568`).
+> Same applies to the `postgres` container. This will run afterwards as a **non**-root user (`999`).
+> On each upgrade, a container will be launched with **root** privileges in order to apply the correct
+> permissions to the `postgres` backups directory. Container that performs the backup will run as a **non**-root user (`999`) afterwards.
+> Keep in mind the permissions on the backup directory will be changed to `999:999` on **every** update.
+> But will only be changed once for the `MinIO` and `postgres` data directories.
+
+When Multi Mode is enabled and entries contain `://` (url) will enable Host Networking. Regardless of the selection in the `Networking` section.
diff --git a/library/ix-dev/test/minio/app-readme.md b/library/ix-dev/test/minio/app-readme.md
new file mode 100644
index 0000000000..f4c20c7e50
--- /dev/null
+++ b/library/ix-dev/test/minio/app-readme.md
@@ -0,0 +1,16 @@
+# MinIO
+
+[MinIO](https://min.io) is a High Performance Object Storage released under Apache License v2.0.
+It is API compatible with Amazon S3 cloud storage service. Use MinIO to build high performance infrastructure
+for machine learning, analytics and application data workloads.
+
+> During the installation process, a container will be launched with **root** privileges. This is required
+> in order to apply the correct permissions to the MinIO data directory. Afterward, the `MinIO` container
+> will run as a **non**-root user (`568`).
+> Same applies to the `postgres` container. This will run afterwards as a **non**-root user (`999`).
+> On each upgrade, a container will be launched with **root** privileges in order to apply the correct
+> permissions to the `postgres` backups directory. Container that performs the backup will run as a **non**-root user (`999`) afterwards.
+> Keep in mind the permissions on the backup directory will be changed to `999:999` on **every** update.
+> But will only be changed once for the `MinIO` and `postgres` data directories.
+
+When Multi Mode is enabled and entries contain `://` (url) will enable Host Networking. Regardless of the selection in the `Networking` section.
diff --git a/library/ix-dev/test/minio/charts/common-1.2.2.tgz b/library/ix-dev/test/minio/charts/common-1.2.2.tgz
new file mode 100644
index 0000000000..6a22173c74
Binary files /dev/null and b/library/ix-dev/test/minio/charts/common-1.2.2.tgz differ
diff --git a/library/ix-dev/test/minio/ci/snmd-https-values.yaml b/library/ix-dev/test/minio/ci/snmd-https-values.yaml
new file mode 100644
index 0000000000..05c5dac5a5
--- /dev/null
+++ b/library/ix-dev/test/minio/ci/snmd-https-values.yaml
@@ -0,0 +1,126 @@
+# When inside the versioned minio folder, run:
+# helm dependency update
+# helm template -f ix_values.yaml -f ci/basic-https-values.yaml .
+
+# Always use a unique hostPath for each test
+# Release.Namespace is guaranteed to be a unique value
+# in the test environment (ct-install)
+
+minioCreds:
+ rootUser: minio_test
+ rootPass: minio_test
+
+minioRunAs:
+ user: 1000
+ group: 1000
+
+minioNetwork:
+ certificateID: 1
+
+minioMultiMode:
+ - /data{1...4}
+
+minioStorage:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data1
+ datasetName: ""
+ mountPath: /data1
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data2
+ datasetName: ""
+ mountPath: /data2
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data3
+ datasetName: ""
+ mountPath: /data3
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data4
+ datasetName: ""
+ mountPath: /data4
+
+ixCertificates:
+ "1":
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL
+ MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV
+ BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX
+ Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1
+ P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW
+ 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H
+ PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t
+ AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3
+ AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB
+ hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E
+ AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww
+ CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH
+ DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB
+ FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/
+ BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD
+ KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR
+ h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx
+ fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj
+ x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz
+ MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB
+ -----END CERTIFICATE-----
+
+ -----BEGIN CERTIFICATE-----
+ MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx
+ CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE
+ CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB
+ IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt
+ 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf
+ iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd
+ M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL
+ Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H
+ VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID
+ AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE
+ wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T
+ AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw
+ pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL
+ MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG
+ SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+ BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr
+ zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql
+ PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX
+ TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d
+ 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/
+ +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w
+ M7Y3vwxshpo=
+ -----END CERTIFICATE-----
+ privatekey: |
+ -----BEGIN PRIVATE KEY-----
+ MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT
+ HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk
+ H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI
+ 4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d
+ NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB
+ +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7
+ A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu
+ eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5
+ N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe
+ EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL
+ PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR
+ 0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA
+ 6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z
+ FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo
+ L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL
+ d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA
+ 0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu
+ MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2
+ wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd
+ DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7
+ wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc
+ nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S
+ dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P
+ //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY
+ qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc
+ 3G15AKCXo7jjOUtHY01DCQ==
+ -----END PRIVATE KEY-----
diff --git a/library/ix-dev/test/minio/ci/snmd-logsearch-https-values.yaml b/library/ix-dev/test/minio/ci/snmd-logsearch-https-values.yaml
new file mode 100644
index 0000000000..048c0cb431
--- /dev/null
+++ b/library/ix-dev/test/minio/ci/snmd-logsearch-https-values.yaml
@@ -0,0 +1,139 @@
+# When inside the versioned minio folder, run:
+# helm dependency update
+# helm template -f ix_values.yaml -f ci/logsearch-https-values.yaml .
+
+# Always use a unique hostPath for each test
+# Release.Namespace is guaranteed to be a unique value
+# in the test environment (ct-install)
+
+minioCreds:
+ rootUser: minio_test
+ rootPass: minio_test
+
+minioNetwork:
+ certificateID: 1
+
+minioRunAs:
+ user: 1000
+ group: 1000
+
+minioMultiMode:
+ - /data{1...4}
+
+minioStorage:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data1
+ datasetName: ""
+ mountPath: /data1
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data2
+ datasetName: ""
+ mountPath: /data2
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data3
+ datasetName: ""
+ mountPath: /data3
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data4
+ datasetName: ""
+ mountPath: /data4
+
+minioLogging:
+ logsearch:
+ enabled: true
+ diskCapacityGB: 5
+ pgData:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/postgres_data
+ datasetName: ""
+ pgBackup:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/postgres_backup
+ datasetName: ""
+
+ixCertificates:
+ "1":
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL
+ MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV
+ BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX
+ Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1
+ P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW
+ 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H
+ PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t
+ AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3
+ AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB
+ hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E
+ AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww
+ CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH
+ DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB
+ FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/
+ BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD
+ KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR
+ h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx
+ fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj
+ x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz
+ MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB
+ -----END CERTIFICATE-----
+
+ -----BEGIN CERTIFICATE-----
+ MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx
+ CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE
+ CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB
+ IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt
+ 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf
+ iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd
+ M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL
+ Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H
+ VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID
+ AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE
+ wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T
+ AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw
+ pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL
+ MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG
+ SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+ BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr
+ zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql
+ PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX
+ TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d
+ 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/
+ +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w
+ M7Y3vwxshpo=
+ -----END CERTIFICATE-----
+ privatekey: |
+ -----BEGIN PRIVATE KEY-----
+ MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT
+ HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk
+ H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI
+ 4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d
+ NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB
+ +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7
+ A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu
+ eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5
+ N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe
+ EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL
+ PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR
+ 0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA
+ 6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z
+ FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo
+ L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL
+ d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA
+ 0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu
+ MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2
+ wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd
+ DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7
+ wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc
+ nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S
+ dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P
+ //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY
+ qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc
+ 3G15AKCXo7jjOUtHY01DCQ==
+ -----END PRIVATE KEY-----
diff --git a/library/ix-dev/test/minio/ci/snmd-logsearch-values.yaml b/library/ix-dev/test/minio/ci/snmd-logsearch-values.yaml
new file mode 100644
index 0000000000..3c13baae4e
--- /dev/null
+++ b/library/ix-dev/test/minio/ci/snmd-logsearch-values.yaml
@@ -0,0 +1,43 @@
+# When inside the versioned minio folder, run:
+# helm dependency update
+# helm template -f ix_values.yaml -f ci/logsearch-values.yaml .
+
+# Always use a unique hostPath for each test
+
+minioCreds:
+ rootUser: minio_test
+ rootPass: minio_test
+
+minioMultiMode:
+ - /data{1...4}
+
+minioStorage:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data1
+ datasetName: ""
+ mountPath: /data1
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data2
+ datasetName: ""
+ mountPath: /data2
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data3
+ datasetName: ""
+ mountPath: /data3
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data4
+ datasetName: ""
+ mountPath: /data4
+
+minioLogging:
+ logsearch:
+ enabled: true
+ diskCapacityGB: 5
+ pgData:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/postgres_data
+ datasetName: ""
+ pgBackup:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/postgres_backup
+ datasetName: ""
diff --git a/library/ix-dev/test/minio/ci/snmd-values.yaml b/library/ix-dev/test/minio/ci/snmd-values.yaml
new file mode 100644
index 0000000000..481dd5aaf6
--- /dev/null
+++ b/library/ix-dev/test/minio/ci/snmd-values.yaml
@@ -0,0 +1,30 @@
+# When inside the versioned minio folder, run:
+# helm dependency update
+# helm template -f ix_values.yaml -f ci/basic-values.yaml .
+
+# Always use a unique hostPath for each test
+
+minioCreds:
+ rootUser: minio_test
+ rootPass: minio_test
+
+minioMultiMode:
+ - /data{1...4}
+
+minioStorage:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data1
+ datasetName: ""
+ mountPath: /data1
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data2
+ datasetName: ""
+ mountPath: /data2
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data3
+ datasetName: ""
+ mountPath: /data3
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data4
+ datasetName: ""
+ mountPath: /data4
diff --git a/library/ix-dev/test/minio/ci/snsd-https-values.yaml b/library/ix-dev/test/minio/ci/snsd-https-values.yaml
new file mode 100644
index 0000000000..8d9f00b1a1
--- /dev/null
+++ b/library/ix-dev/test/minio/ci/snsd-https-values.yaml
@@ -0,0 +1,106 @@
+# When inside the versioned minio folder, run:
+# helm dependency update
+# helm template -f ix_values.yaml -f ci/basic-https-values.yaml .
+
+# Always use a unique hostPath for each test
+
+
+minioCreds:
+ rootUser: minio_test
+ rootPass: minio_test
+
+minioNetwork:
+ certificateID: 1
+
+minioStorage:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data1
+ datasetName: ""
+ mountPath: /data1
+
+ixCertificates:
+ "1":
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL
+ MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV
+ BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX
+ Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1
+ P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW
+ 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H
+ PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t
+ AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3
+ AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB
+ hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E
+ AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww
+ CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH
+ DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB
+ FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/
+ BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD
+ KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR
+ h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx
+ fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj
+ x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz
+ MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB
+ -----END CERTIFICATE-----
+
+ -----BEGIN CERTIFICATE-----
+ MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx
+ CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE
+ CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB
+ IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt
+ 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf
+ iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd
+ M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL
+ Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H
+ VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID
+ AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE
+ wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T
+ AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw
+ pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL
+ MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG
+ SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+ BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr
+ zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql
+ PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX
+ TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d
+ 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/
+ +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w
+ M7Y3vwxshpo=
+ -----END CERTIFICATE-----
+ privatekey: |
+ -----BEGIN PRIVATE KEY-----
+ MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT
+ HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk
+ H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI
+ 4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d
+ NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB
+ +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7
+ A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu
+ eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5
+ N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe
+ EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL
+ PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR
+ 0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA
+ 6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z
+ FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo
+ L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL
+ d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA
+ 0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu
+ MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2
+ wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd
+ DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7
+ wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc
+ nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S
+ dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P
+ //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY
+ qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc
+ 3G15AKCXo7jjOUtHY01DCQ==
+ -----END PRIVATE KEY-----
diff --git a/library/ix-dev/test/minio/ci/snsd-logsearch-https-values.yaml b/library/ix-dev/test/minio/ci/snsd-logsearch-https-values.yaml
new file mode 100644
index 0000000000..f882382a04
--- /dev/null
+++ b/library/ix-dev/test/minio/ci/snsd-logsearch-https-values.yaml
@@ -0,0 +1,118 @@
+# When inside the versioned minio folder, run:
+# helm dependency update
+# helm template -f ix_values.yaml -f ci/logsearch-https-values.yaml .
+
+# Always use a unique hostPath for each test
+
+minioCreds:
+ rootUser: minio_test
+ rootPass: minio_test
+
+minioNetwork:
+ certificateID: 1
+
+minioStorage:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data1
+ datasetName: ""
+ mountPath: /data1
+
+minioLogging:
+ logsearch:
+ enabled: true
+ diskCapacityGB: 5
+ pgData:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/postgres_data
+ datasetName: ""
+ pgBackup:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/postgres_backup
+ datasetName: ""
+
+ixCertificates:
+ "1":
+ certificate: |
+ -----BEGIN CERTIFICATE-----
+ MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL
+ MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV
+ BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX
+ Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1
+ P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW
+ 2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H
+ PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t
+ AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3
+ AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB
+ hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E
+ AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww
+ CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH
+ DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB
+ FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/
+ BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD
+ KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR
+ h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx
+ fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj
+ x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz
+ MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB
+ -----END CERTIFICATE-----
+
+ -----BEGIN CERTIFICATE-----
+ MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+ ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+ VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+ HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx
+ CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE
+ CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB
+ IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt
+ 2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf
+ iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd
+ M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL
+ Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H
+ VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID
+ AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE
+ wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T
+ AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw
+ pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL
+ MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG
+ SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+ BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr
+ zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql
+ PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX
+ TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d
+ 2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/
+ +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w
+ M7Y3vwxshpo=
+ -----END CERTIFICATE-----
+ privatekey: |
+ -----BEGIN PRIVATE KEY-----
+ MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT
+ HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk
+ H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI
+ 4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d
+ NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB
+ +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7
+ A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu
+ eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5
+ N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe
+ EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL
+ PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR
+ 0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA
+ 6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z
+ FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo
+ L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL
+ d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA
+ 0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu
+ MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2
+ wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd
+ DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7
+ wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc
+ nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S
+ dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P
+ //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY
+ qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc
+ 3G15AKCXo7jjOUtHY01DCQ==
+ -----END PRIVATE KEY-----
diff --git a/library/ix-dev/test/minio/ci/snsd-logsearch-values.yaml b/library/ix-dev/test/minio/ci/snsd-logsearch-values.yaml
new file mode 100644
index 0000000000..cde962dfb5
--- /dev/null
+++ b/library/ix-dev/test/minio/ci/snsd-logsearch-values.yaml
@@ -0,0 +1,28 @@
+# When inside the versioned minio folder, run:
+# helm dependency update
+# helm template -f ix_values.yaml -f ci/logsearch-values.yaml .
+
+# Always use a unique hostPath for each test
+
+minioCreds:
+ rootUser: minio_test
+ rootPass: minio_test
+
+minioStorage:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data1
+ datasetName: ""
+ mountPath: /data1
+
+minioLogging:
+ logsearch:
+ enabled: true
+ diskCapacityGB: 5
+ pgData:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/postgres_data
+ datasetName: ""
+ pgBackup:
+ type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/postgres_backup
+ datasetName: ""
diff --git a/library/ix-dev/test/minio/ci/snsd-values.yaml b/library/ix-dev/test/minio/ci/snsd-values.yaml
new file mode 100644
index 0000000000..6ce309e1cd
--- /dev/null
+++ b/library/ix-dev/test/minio/ci/snsd-values.yaml
@@ -0,0 +1,19 @@
+# When inside the versioned minio folder, run:
+# helm dependency update
+# helm template -f ix_values.yaml -f ci/basic-values.yaml .
+
+# Always use a unique hostPath for each test
+
+minioCreds:
+ rootUser: minio_test
+ rootPass: minio_test
+
+minioRunAs:
+ user: 1000
+ group: 1000
+
+minioStorage:
+ - type: hostPath
+ hostPath: /mnt/{{ .Release.Namespace }}/data1
+ datasetName: ""
+ mountPath: /data1
diff --git a/library/ix-dev/test/minio/item.yaml b/library/ix-dev/test/minio/item.yaml
new file mode 100644
index 0000000000..3ddd257656
--- /dev/null
+++ b/library/ix-dev/test/minio/item.yaml
@@ -0,0 +1,11 @@
+icon_url: https://media.sys.truenas.net/apps/minio/icons/icon.png
+categories:
+ - storage
+screenshots:
+ - https://media.sys.truenas.net/apps/minio/screenshots/screenshot1.png
+ - https://media.sys.truenas.net/apps/minio/screenshots/screenshot2.png
+ - https://media.sys.truenas.net/apps/minio/screenshots/screenshot3.png
+tags:
+ - object-storage
+ - S3
+ - file-sharing
diff --git a/library/ix-dev/test/minio/metadata.yaml b/library/ix-dev/test/minio/metadata.yaml
new file mode 100644
index 0000000000..8f8e56d261
--- /dev/null
+++ b/library/ix-dev/test/minio/metadata.yaml
@@ -0,0 +1,18 @@
+runAsContext:
+ - userName: minio
+ groupName: minio
+ gid: 568
+ uid: 568
+ description: Minio can run as any non-root user.
+ - userName: logsearch
+ groupName: logsearch
+ gid: 568
+ uid: 568
+ description: Minio's logsearch can run as any non-root user.
+ - userName: postgres
+ groupName: postgres
+ gid: 999
+ uid: 999
+ description: Postgres runs as a non-root user.
+capabilities: []
+hostMounts: []
diff --git a/library/ix-dev/test/minio/migrations/migrate b/library/ix-dev/test/minio/migrations/migrate
new file mode 100755
index 0000000000..4ad8ff5f66
--- /dev/null
+++ b/library/ix-dev/test/minio/migrations/migrate
@@ -0,0 +1,29 @@
+#!/usr/bin/python3
+import json
+import os
+import sys
+
+
+def migrate(values):
+ storageKey = 'minioLogging'
+ storageSubKey = 'logsearch'
+ storages = ['pgData', 'pgData']
+
+ for storage in storages:
+ check_val = values.get(storageKey, {}).get(storageSubKey, {}).get(storage, {})
+ if not isinstance(check_val, dict) or not check_val or check_val.get('type', 'hostPath') == 'hostPath':
+ continue
+
+ values[storageKey][storageSubKey][storage] = {key: value for key, value in check_val.items() if key != 'hostPath'}
+
+
+ return values
+
+
+if __name__ == '__main__':
+ if len(sys.argv) != 2:
+ exit(1)
+
+ if os.path.exists(sys.argv[1]):
+ with open(sys.argv[1], 'r') as f:
+ print(json.dumps(migrate(json.loads(f.read()))))
diff --git a/library/ix-dev/test/minio/questions.yaml b/library/ix-dev/test/minio/questions.yaml
new file mode 100644
index 0000000000..c31eceb879
--- /dev/null
+++ b/library/ix-dev/test/minio/questions.yaml
@@ -0,0 +1,371 @@
+groups:
+ - name: MinIO Credentials
+ description: Configure Credentials for MinIO
+ - name: User and Group Configuration
+ description: Configure User and Group for MinIO
+ - name: Network Configuration
+ description: Configure Network for MinIO
+ - name: Storage Configuration
+ description: Configure Storage for MinIO
+ - name: MultiMode Configuration
+ description: Configure MultiMode for MinIO
+ - name: MinIO Logging
+ description: Configure Logging for MinIO
+ - name: Resources Configuration
+ description: Configure Resources for MinIO
+
+portals:
+ web_portal:
+ protocols:
+ - "$kubernetes-resource_configmap_portal_protocol"
+ host:
+ - "$kubernetes-resource_configmap_portal_host"
+ ports:
+ - "$kubernetes-resource_configmap_portal_port"
+ path: "$kubernetes-resource_configmap_portal_path"
+
+questions:
+ - variable: minioCreds
+ label: ""
+ group: MinIO Credentials
+ schema:
+ type: dict
+ attrs:
+ - variable: rootUser
+ label: Root User
+ description: The access key for the root user.
+ schema:
+ type: string
+ min_length: 5
+ required: true
+ - variable: rootPass
+ label: Root Password
+ description: The secret key for the root user.
+ schema:
+ type: string
+ required: true
+ min_length: 8
+ private: true
+
+ - variable: minioRunAs
+ label: ""
+ group: User and Group Configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: user
+ label: User ID
+ description: |
+ The user id that MinIO will run as.
+ Can't be changed after initial install.
+ schema:
+ type: int
+ min: 568
+ default: 568
+ immutable: true
+ required: true
+ - variable: group
+ label: Group ID
+ description: |
+ The group id that MinIO will run as.
+ Can't be changed after initial install.
+ schema:
+ type: int
+ min: 568
+ default: 568
+ immutable: true
+ required: true
+
+ - variable: minioNetwork
+ label: ""
+ group: Network Configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: apiPort
+ label: API Port
+ description: The port for the MinIO API.
+ schema:
+ type: int
+ default: 30000
+ min: 9000
+ max: 65535
+ required: true
+ - variable: webPort
+ label: Web Port
+ description: The port for the MinIO Web UI.
+ schema:
+ type: int
+ default: 30001
+ min: 9000
+ max: 65535
+ required: true
+ - variable: hostNetwork
+ label: Host Network
+ description: |
+ Bind to the host network. It's recommended to keep this disabled.
+ schema:
+ type: boolean
+ default: true
+ - variable: certificateID
+ label: Certificate
+ description: The certificate to use for MinIO
+ schema:
+ type: int
+ "null": true
+ $ref:
+ - "definitions/certificate"
+ - variable: serverUrl
+ label: MinIO Server URL (API)
+ description: |
+ The URL that console will use to reach API
+ For example https://minio1.example.com.
+ schema:
+ type: string
+ required: true
+ - variable: consoleUrl
+ label: MinIO Browser Redirect URL
+ description: |
+ The URL that console will provide as a redirect URL
+ For example https://console.example.com.
+ schema:
+ type: string
+ required: true
+
+ - variable: enableMultiMode
+ label: Enable Multi Mode (SNMD or MNMD)
+ group: MultiMode Configuration
+ description: |
+ For Single Node Multi Drive (SNMD), the entry will look like this:
+ Example Entry - /data{1...4}
+ For Multi Node Multi Drive (MNMD), the entry will look like this:
+ Example Entry - https://minio{1...3}.example.com:30000/data{1...4}
+ Note that each host must use the same port number and the same number of storage items.
+ In both cases /data{1...4} is the directories to be used for MinIO.
+ You have to add additional storage for each data entry.
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: minioMultiMode
+ label: Multi Mode (SNMD or MNMD)
+ group: MultiMode Configuration
+ schema:
+ type: list
+ default: []
+ items:
+ - variable: item
+ label: ""
+ schema:
+ type: string
+ required: true
+
+ - variable: minioStorage
+ label: ""
+ group: Storage Configuration
+ schema:
+ type: list
+ default: [{"type": "ixVolume", "mountPath": "/data1", "datasetName": "data1"}]
+ empty: false
+ required: true
+ items:
+ - variable: item
+ label: Storage Item
+ schema:
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ description: |
+ ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system.
+ schema:
+ type: string
+ immutable: true
+ required: true
+ default: ixVolume
+ enum:
+ - value: hostPath
+ description: Host Path (Path that already exists on the system)
+ - value: ixVolume
+ description: ixVolume (Dataset created automatically by the system)
+ - variable: mountPath
+ label: Mount Path
+ description: The path inside the container to mount the storage.
+ schema:
+ type: path
+ required: true
+ immutable: true
+ default: /data1
+ - variable: hostPath
+ label: Host Path
+ description: The host path to use for storage.
+ schema:
+ type: hostpath
+ required: true
+ immutable: true
+ default: ""
+ show_if: [["type", "=", "hostPath"]]
+ - variable: datasetName
+ label: Dataset Name
+ description: The name of the dataset to use for storage.
+ schema:
+ type: string
+ show_if: [["type", "=", "ixVolume"]]
+ required: true
+ immutable: true
+ # Can we make this dynamic, so we can hide it?!
+ default: data1
+ $ref:
+ - "normalize/ixVolume"
+
+ - variable: minioLogging
+ label: ""
+ group: MinIO Logging
+ schema:
+ type: dict
+ attrs:
+ - variable: anonymous
+ label: Anonymous
+ description: Hides sensitive information from logging.
+ schema:
+ type: boolean
+ default: false
+ - variable: quiet
+ label: Quiet
+ description: Disables startup information.
+ schema:
+ type: boolean
+ default: false
+
+ - variable: logsearch
+ label: LogSearch Configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: enabled
+ label: Enable LogSearch
+ schema:
+ type: boolean
+ default: false
+ show_subquestions_if: true
+ subquestions:
+ - variable: diskCapacityGB
+ label: Disk Capacity (GB)
+ description: The disk capacity for LogSearch.
+ schema:
+ type: int
+ default: 5
+ required: true
+ - variable: pgData
+ label: Postgres Data Storage
+ description: The path to store Postgres data.
+ schema:
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ schema:
+ type: string
+ required: true
+ immutable: true
+ default: ixVolume
+ enum:
+ - value: hostPath
+ description: Host Path
+ - value: ixVolume
+ description: ixVolume
+ - variable: datasetName
+ label: Dataset Name
+ schema:
+ type: string
+ show_if: [["type", "=", "ixVolume"]]
+ required: true
+ hidden: true
+ immutable: true
+ default: postgres-data
+ $ref:
+ - "normalize/ixVolume"
+ - variable: hostPath
+ label: Host Path
+ schema:
+ type: hostpath
+ show_if: [["type", "=", "hostPath"]]
+ immutable: true
+ required: true
+ - variable: pgBackup
+ label: Postgres Backup Storage
+ description: The path to store Postgres backups.
+ schema:
+ type: dict
+ attrs:
+ - variable: type
+ label: Type
+ schema:
+ type: string
+ required: true
+ default: ixVolume
+ enum:
+ - value: hostPath
+ description: Host Path
+ - value: ixVolume
+ description: ixVolume
+ - variable: datasetName
+ label: Dataset Name
+ schema:
+ type: string
+ show_if: [["type", "=", "ixVolume"]]
+ required: true
+ hidden: true
+ immutable: true
+ default: postgres-backup
+ $ref:
+ - "normalize/ixVolume"
+ - variable: hostPath
+ label: Host Path
+ schema:
+ type: hostpath
+ show_if: [["type", "=", "hostPath"]]
+ required: true
+
+ - variable: resources
+ label: ""
+ group: Resources Configuration
+ schema:
+ type: dict
+ attrs:
+ - variable: limits
+ label: Limits
+ schema:
+ type: dict
+ attrs:
+ - variable: cpu
+ label: CPU
+ description: CPU limit for MinIO.
+ schema:
+ type: string
+ max_length: 6
+ valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$'
+ valid_chars_error: |
+ Valid CPU limit formats are
+ - Plain Integer - eg. 1
+ - Float - eg. 0.5
+ - Milicpu - eg. 500m
+ default: "4000m"
+ required: true
+ - variable: memory
+ label: Memory
+ description: Memory limit for MinIO.
+ schema:
+ type: string
+ max_length: 12
+ valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$'
+ valid_chars_error: |
+ Valid Memory limit formats are
+ - Suffixed with E/P/T/G/M/K - eg. 1G
+ - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi
+ - Plain Integer in bytes - eg. 1024
+ - Exponent - eg. 134e6
+ default: "8Gi"
+ required: true
diff --git a/library/ix-dev/test/minio/templates/NOTES.txt b/library/ix-dev/test/minio/templates/NOTES.txt
new file mode 100644
index 0000000000..ba4e01146c
--- /dev/null
+++ b/library/ix-dev/test/minio/templates/NOTES.txt
@@ -0,0 +1 @@
+{{ include "ix.v1.common.lib.chart.notes" $ }}
diff --git a/library/ix-dev/test/minio/templates/_configuration.tpl b/library/ix-dev/test/minio/templates/_configuration.tpl
new file mode 100644
index 0000000000..c3584dd385
--- /dev/null
+++ b/library/ix-dev/test/minio/templates/_configuration.tpl
@@ -0,0 +1,61 @@
+{{- define "minio.configuration" -}}
+
+ {{/* Validation */}}
+ {{ include "minio.validation" $ }}
+
+ {{ $config := fromJson (include "minio.prepare.config" $) }}
+
+{{/* Secrets */}}
+secret:
+ minio-creds:
+ enabled: true
+ data:
+ MINIO_ROOT_USER: {{ .Values.minioCreds.rootUser }}
+ MINIO_ROOT_PASSWORD: {{ .Values.minioCreds.rootPass }}
+ MINIO_VOLUMES: {{ $config.volumes }}
+ {{ with .Values.minioNetwork.serverUrl }}
+ MINIO_SERVER_URL: {{ . | quote }}
+ {{ end }}
+ {{ with .Values.minioNetwork.consoleUrl }}
+ MINIO_BROWSER_REDIRECT_URL: {{ . | quote }}
+ {{ end }}
+ {{ if .Values.minioLogging.logsearch.enabled }}
+ MINIO_AUDIT_WEBHOOK_ENABLE_ix_logsearch: "on"
+ MINIO_AUDIT_WEBHOOK_ENDPOINT_ix_logsearch: {{ $config.webhookURL }}
+ MINIO_LOG_QUERY_AUTH_TOKEN: {{ $config.queryToken }}
+ MINIO_LOG_QUERY_URL: {{ $config.logQueryURL }}
+ {{ end }}
+
+ # Always create the logsearch and postgres secret, even if logsearch is disabled.
+ # Because autogenerated passwords are stored in the secret, and disabling logsearch after
+ # the secret is created will cause the passwords to be lost (if the secret is conditionally rendered).
+ logsearch-creds:
+ enabled: true
+ data:
+ LOGSEARCH_PG_CONN_STR: {{ $config.postgresURL }}
+ LOGSEARCH_AUDIT_AUTH_TOKEN: {{ $config.auditToken }}
+ MINIO_LOG_QUERY_AUTH_TOKEN: {{ $config.queryToken }}
+ {{ if .Values.minioLogging.logsearch.enabled }}
+ LOGSEARCH_DISK_CAPACITY_GB: {{ $config.diskCapacity | quote }}
+ {{ end }}
+
+ postgres-creds:
+ enabled: true
+ data:
+ POSTGRES_PASSWORD: {{ $config.dbPass }}
+ POSTGRES_USER: {{ $config.dbUser }}
+ POSTGRES_DB: {{ $config.dbName }}
+ POSTGRES_HOST: {{ $config.dbHost }}
+ POSTGRES_URL: {{ $config.postgresURL }}
+
+{{/* MinIO Certificate */}}
+{{ if .Values.minioNetwork.certificateID }}
+scaleCertificate:
+ minio-cert:
+ enabled: true
+ labels: {}
+ annotations: {}
+ id: {{ .Values.minioNetwork.certificateID }}
+{{ end }}
+
+{{- end -}}
diff --git a/library/ix-dev/test/minio/templates/_helpers.tpl b/library/ix-dev/test/minio/templates/_helpers.tpl
new file mode 100644
index 0000000000..baf8f29064
--- /dev/null
+++ b/library/ix-dev/test/minio/templates/_helpers.tpl
@@ -0,0 +1,115 @@
+{{/* Scheme */}}
+{{- define "minio.scheme" -}}
+ {{- $scheme := "http" -}}
+ {{- if .Values.minioNetwork.certificateID -}}
+ {{- $scheme = "https" -}}
+ {{- end -}}
+
+ {{- $scheme -}}
+{{- end -}}
+
+{{- define "minio.hostnetwork" -}}
+ {{- $hostNet := .Values.minioNetwork.hostNetwork -}}
+
+ {{- range $entry := .Values.minioMultiMode -}}
+ {{/*
+ Only if multi mode has urls set hostnetwork,
+ Multi Mode can be used for single node, multi disk setup
+ */}}
+ {{- if contains "://" $entry -}}
+ {{- $hostNet = true -}}
+ {{- end -}}
+
+ {{- end -}}
+ {{- $hostNet -}}
+{{- end -}}
+
+{{/* Validation */}}
+{{- define "minio.validation" -}}
+ {{- if not .Values.minioCreds.rootUser -}}
+ {{- fail "Expected non-empty " -}}
+ {{- end -}}
+
+ {{- if not .Values.minioCreds.rootPass -}}
+ {{- fail "Expected non-empty " -}}
+ {{- end -}}
+
+ {{- if not .Values.minioStorage -}}
+ {{- fail "Expected at least 1 storage item added" -}}
+ {{- end -}}
+
+ {{- if and (ne (len .Values.minioStorage) 1) (not .Values.minioMultiMode) -}}
+ {{- fail "Expected Multi Mode to be enabled, when more than 1 storage mountPaths added" -}}
+ {{- end -}}
+
+ {{- $notAllowedKeys := (list "server") -}} {{/* Extend if needed */}}
+ {{- range $item := .Values.minioMultiMode -}}
+ {{- if (mustHas $item $notAllowedKeys) -}}
+ {{- fail (printf "Key [%v] is not allowed as a Multi Mode argument" $item) -}}
+ {{- end -}}
+
+ {{- if hasPrefix "/" $item -}}
+ {{- if or (contains "{" $item) (contains "}" $item) -}}
+ {{- if not (contains "..." $item) -}}
+ {{- fail "Expected Multi Mode Item to have 3 dots when its a path with expansion eg [/some_path{1...4}]" -}}
+ {{- end -}}
+ {{- end -}}
+ {{- end -}}
+ {{- end -}}
+
+ {{- $mountPaths := list -}}
+ {{- range $item := .Values.minioStorage -}}
+ {{- $mountPaths = mustAppend $mountPaths $item.mountPath -}}
+ {{- end -}}
+
+ {{- if not (deepEqual ($mountPaths) (uniq $mountPaths)) -}}
+ {{- fail (printf "Expected mountPaths to be unique, but got [%v]" (join ", " $mountPaths)) -}}
+ {{- end -}}
+{{- end -}}
+
+{{/* Config preparation */}}
+{{- define "minio.prepare.config" -}}
+ {{/* Prepare logsearch related config, shared across different configmaps */}}
+ {{- $config := dict -}}
+
+ {{- $fullname := (include "ix.v1.common.lib.chart.names.fullname" $) -}}
+
+ {{- if .Values.minioLogging.logsearch.enabled -}}
+ {{- $_ := set $config "diskCapacity" (required "Expected non-empty " .Values.minioLogging.logsearch.diskCapacityGB) -}}
+ {{- end -}}
+
+ {{- $_ := set $config "dbUser" "logsearch" -}}
+ {{- $_ := set $config "dbName" "logsearch" -}}
+
+ {{- $_ := set $config "dbPass" (randAlphaNum 32) -}}
+ {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-postgres-creds" $fullname)) -}}
+ {{- $_ := set $config "dbPass" ((index .data "POSTGRES_PASSWORD") | b64dec) -}}
+ {{- end -}}
+
+ {{- $_ := set $config "auditToken" (randAlphaNum 32) -}}
+ {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-logsearch-creds" $fullname)) -}}
+ {{- $_ := set $config "auditToken" ((index .data "LOGSEARCH_AUDIT_AUTH_TOKEN") | b64dec) -}}
+ {{- end -}}
+
+ {{- $_ := set $config "queryToken" (randAlphaNum 32) -}}
+ {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-logsearch-creds" $fullname)) -}}
+ {{- $_ := set $config "queryToken" ((index .data "MINIO_LOG_QUERY_AUTH_TOKEN") | b64dec) -}}
+ {{- end -}}
+
+ {{- $_ := set $config "dbHost" (printf "%s-postgres" $fullname ) -}}
+ {{- $_ := set $config "logQueryURL" (printf "http://%s-logsearch:8080" $fullname) -}}
+ {{- $_ := set $config "webhookURL" (printf "%s/api/ingest?token=%v" $config.logQueryURL $config.auditToken) -}}
+ {{- $_ := set $config "postgresURL" (printf "postgres://%s:%s@%s:5432/%s?sslmode=disable" $config.dbUser $config.dbPass $config.dbHost $config.dbName) -}}
+
+ {{/* When no multi mode, use the first storage entry */}}
+ {{- $_ := set $config "volumes" (.Values.minioStorage | first).mountPath -}}
+ {{- if .Values.minioMultiMode -}}
+ {{- $_ := set $config "volumes" (join " " .Values.minioMultiMode) -}}
+ {{- end -}}
+
+ {{- if not $config.volumes -}}
+ {{- fail "ERROR: Volumes can't be empty" -}}
+ {{- end -}}
+
+ {{- $config | toJson -}}
+{{- end -}}
diff --git a/library/ix-dev/test/minio/templates/_logsearch.tpl b/library/ix-dev/test/minio/templates/_logsearch.tpl
new file mode 100644
index 0000000000..f7c3ada148
--- /dev/null
+++ b/library/ix-dev/test/minio/templates/_logsearch.tpl
@@ -0,0 +1,51 @@
+{{- define "logsearch.workload" -}}
+workload:
+ logsearch:
+ enabled: true
+ type: Deployment
+ podSpec:
+ containers:
+ logsearch:
+ enabled: true
+ primary: true
+ imageSelector: logsearchImage
+ securityContext:
+ runAsUser: {{ .Values.minioRunAs.user }}
+ runAsGroup: {{ .Values.minioRunAs.group }}
+ envFrom:
+ - secretRef:
+ name: logsearch-creds
+ command: /logsearchapi
+ probes:
+ liveness:
+ enabled: true
+ type: http
+ port: 8080
+ path: /status
+ readiness:
+ enabled: true
+ type: http
+ port: 8080
+ path: /status
+ startup:
+ enabled: true
+ type: http
+ port: 8080
+ path: /status
+ initContainers:
+ {{- include "ix.v1.common.app.postgresWait" (dict "name" "postgres-wait"
+ "secretName" "postgres-creds") | nindent 8 }}
+
+{{/* Service */}}
+service:
+ logsearch:
+ enabled: true
+ type: ClusterIP
+ targetSelector: logsearch
+ ports:
+ logsearch:
+ enabled: true
+ primary: true
+ port: 8080
+ targetSelector: logsearch
+{{- end -}}
diff --git a/library/ix-dev/test/minio/templates/_minio.tpl b/library/ix-dev/test/minio/templates/_minio.tpl
new file mode 100644
index 0000000000..d2a47e8166
--- /dev/null
+++ b/library/ix-dev/test/minio/templates/_minio.tpl
@@ -0,0 +1,143 @@
+{{- define "minio.workload" -}}
+workload:
+ minio:
+ enabled: true
+ primary: true
+ type: Deployment
+ podSpec:
+ hostNetwork: {{ include "minio.hostnetwork" $ }}
+ containers:
+ minio:
+ enabled: true
+ primary: true
+ imageSelector: image
+ securityContext:
+ runAsUser: {{ .Values.minioRunAs.user }}
+ runAsGroup: {{ .Values.minioRunAs.group }}
+ envFrom:
+ - secretRef:
+ name: minio-creds
+ args:
+ - server
+ - "--address"
+ - {{ printf ":%v" .Values.minioNetwork.apiPort | quote }}
+ - "--console-address"
+ - {{ printf ":%v" .Values.minioNetwork.webPort | quote }}
+ {{- if .Values.minioNetwork.certificateID }}
+ - "--certs-dir"
+ - "/.minio/certs"
+ {{- end -}}
+ {{- if .Values.minioLogging.anonymous }}
+ - "--anonymous"
+ {{- end -}}
+ {{- if .Values.minioLogging.quiet }}
+ - "--quiet"
+ {{- end }}
+ probes:
+ liveness:
+ enabled: true
+ type: {{ include "minio.scheme" $ }}
+ port: "{{ .Values.minioNetwork.apiPort }}"
+ path: /minio/health/live
+ readiness:
+ enabled: true
+ type: {{ include "minio.scheme" $ }}
+ port: "{{ .Values.minioNetwork.apiPort }}"
+ path: /minio/health/live
+ startup:
+ enabled: true
+ type: {{ include "minio.scheme" $ }}
+ port: "{{ .Values.minioNetwork.apiPort }}"
+ path: /minio/health/live
+ initContainers:
+ {{- include "ix.v1.common.app.permissions" (dict "UID" .Values.minioRunAs.user
+ "GID" .Values.minioRunAs.group
+ "type" "install") | nindent 8 -}}
+ {{- if .Values.minioLogging.logsearch.enabled }}
+ logsearch-wait:
+ enabled: true
+ type: init
+ imageSelector: bashImage
+ resources:
+ limits:
+ cpu: 500m
+ memory: 256Mi
+ envFrom:
+ - secretRef:
+ name: minio-creds
+ command: bash
+ args:
+ - -c
+ - |
+ echo "Pinging Logsearch API for readiness..."
+ until wget --spider --quiet --timeout=3 --tries=1 ${MINIO_LOG_QUERY_URL}/status; do
+ echo "Waiting for Logsearch API (${MINIO_LOG_QUERY_URL}/status) to be ready..."
+ sleep 2
+ done
+ echo "Logsearch API is ready"
+ {{- end }}
+
+{{/* Service */}}
+service:
+ minio:
+ enabled: true
+ primary: true
+ type: NodePort
+ targetSelector: minio
+ ports:
+ api:
+ enabled: true
+ primary: true
+ port: {{ .Values.minioNetwork.apiPort }}
+ nodePort: {{ .Values.minioNetwork.apiPort }}
+ targetSelector: minio
+ webui:
+ enabled: true
+ port: {{ .Values.minioNetwork.webPort }}
+ nodePort: {{ .Values.minioNetwork.webPort }}
+ targetSelector: minio
+
+{{/* Persistence */}}
+persistence:
+ {{- range $idx, $storage := .Values.minioStorage }}
+ {{ printf "data%v" (int $idx) }}:
+ enabled: true
+ type: {{ $storage.type }}
+ datasetName: {{ $storage.datasetName | default "" }}
+ hostPath: {{ $storage.hostPath | default "" }}
+ targetSelector:
+ minio:
+ minio:
+ mountPath: {{ $storage.mountPath }}
+ permissions:
+ mountPath: /mnt/directories{{ $storage.mountPath }}
+ {{- end }}
+ # Minio writes temporary files to this directory. Adding this as an emptyDir,
+ # So we don't have to set readOnlyRootFilesystem to false
+ tempdir:
+ enabled: true
+ type: emptyDir
+ targetSelector:
+ minio:
+ minio:
+ mountPath: /.minio
+ {{- if .Values.minioNetwork.certificateID }}
+ cert:
+ enabled: true
+ type: secret
+ objectName: minio-cert
+ defaultMode: "0600"
+ items:
+ - key: tls.key
+ path: private.key
+ - key: tls.crt
+ path: public.crt
+ - key: tls.crt
+ path: CAs/public.crt
+ targetSelector:
+ minio:
+ minio:
+ mountPath: /.minio/certs
+ readOnly: true
+ {{- end -}}
+{{- end -}}
diff --git a/library/ix-dev/test/minio/templates/_portal.tpl b/library/ix-dev/test/minio/templates/_portal.tpl
new file mode 100644
index 0000000000..25d25a25ed
--- /dev/null
+++ b/library/ix-dev/test/minio/templates/_portal.tpl
@@ -0,0 +1,20 @@
+{{- define "minio.portal" -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: portal
+data:
+ {{- $url := urlParse .Values.minioNetwork.consoleUrl -}}
+ {{- $protocol := $url.scheme -}}
+ {{- $host := $url.hostname -}}
+ {{- $port := $url.host | replace $host "" | replace ":" "" -}}
+ {{/* If user used SCALE certificate, then force https */}}
+ {{- if eq "https" (include "minio.scheme" $) -}}
+ {{- $protocol = "https" -}}
+ {{- end }}
+ path: "/"
+ port: {{ $port | default .Values.minioNetwork.webPort | quote }}
+ protocol: {{ $protocol | default "http" }}
+ host: {{ $host | default "$node_ip" }}
+{{- end -}}
diff --git a/library/ix-dev/test/minio/templates/_postgres.tpl b/library/ix-dev/test/minio/templates/_postgres.tpl
new file mode 100644
index 0000000000..c8d97bdf84
--- /dev/null
+++ b/library/ix-dev/test/minio/templates/_postgres.tpl
@@ -0,0 +1,15 @@
+{{- define "postgres.workload" -}}
+workload:
+{{- include "ix.v1.common.app.postgres" (dict "secretName" "postgres-creds" "resources" .Values.resources) | nindent 2 }}
+
+{{/* Service */}}
+service:
+ {{- include "ix.v1.common.app.postgresService" $ | nindent 2 }}
+
+{{/* Persistence */}}
+persistence:
+ {{- include "ix.v1.common.app.postgresPersistence"
+ (dict "pgData" .Values.minioLogging.logsearch.pgData
+ "pgBackup" .Values.minioLogging.logsearch.pgBackup
+ ) | nindent 2 }}
+{{- end -}}
diff --git a/library/ix-dev/test/minio/templates/common.yaml b/library/ix-dev/test/minio/templates/common.yaml
new file mode 100644
index 0000000000..b013a2644c
--- /dev/null
+++ b/library/ix-dev/test/minio/templates/common.yaml
@@ -0,0 +1,15 @@
+{{- include "ix.v1.common.loader.init" . -}}
+
+{{/* Merge the templates with Values */}}
+{{- $_ := mustMergeOverwrite .Values (include "minio.configuration" $ | fromYaml) -}}
+
+{{- $_ := mustMergeOverwrite .Values (include "minio.workload" $ | fromYaml) -}}
+{{- if .Values.minioLogging.logsearch.enabled -}}
+ {{- $_ := mustMergeOverwrite .Values (include "logsearch.workload" $ | fromYaml) -}}
+ {{- $_ := mustMergeOverwrite .Values (include "postgres.workload" $ | fromYaml) -}}
+{{- end -}}
+
+{{/* Create the configmap for portal manually*/}}
+{{- include "minio.portal" $ -}}
+
+{{- include "ix.v1.common.loader.apply" . -}}
diff --git a/library/ix-dev/test/minio/upgrade_info.json b/library/ix-dev/test/minio/upgrade_info.json
new file mode 100644
index 0000000000..1477da7baf
--- /dev/null
+++ b/library/ix-dev/test/minio/upgrade_info.json
@@ -0,0 +1 @@
+{ "filename": "values.yaml", "keys": ["image", "logsearchImage"] }
diff --git a/library/ix-dev/test/minio/upgrade_strategy_disable b/library/ix-dev/test/minio/upgrade_strategy_disable
new file mode 100755
index 0000000000..0209796a7c
--- /dev/null
+++ b/library/ix-dev/test/minio/upgrade_strategy_disable
@@ -0,0 +1,62 @@
+#!/usr/bin/python3
+import json
+import re
+import sys
+
+from catalog_update.upgrade_strategy import semantic_versioning
+from catalog_update.upgrade_strategy import datetime_versioning
+
+
+ENUMS = {
+ 'image': {
+ 'RE_STABLE_VERSION': re.compile(r'RELEASE.\d{4}-\d{2}-\d{2}T\d{2}-\d{2}-\d{2}}Z'),
+ 'STRIP_TEXT': 'RELEASE.',
+ 'function': datetime_versioning,
+ 'function_arg': '%Y-%m-%dT%H-%M-%SZ'
+ },
+ 'logsearchImage': {
+ 'RE_STABLE_VERSION': re.compile(r'v\d+\.\d+\.\d+'),
+ 'STRIP_TEXT': 'v',
+ 'function': semantic_versioning
+ },
+}
+
+
+def newer_mapping(image_tags):
+
+ output = {
+ "tags": {},
+ "app_version": ""
+ }
+
+ for key in image_tags.keys():
+ STRIP_TEXT = ENUMS[key].get('STRIP_TEXT', None) if key in ENUMS else None
+ RE_STABLE_VERSION = ENUMS[key].get('RE_STABLE_VERSION', None) if key in ENUMS else None
+ VERSION_FUNCTION = ENUMS[key].get('function', None) if key in ENUMS else None
+
+ if (STRIP_TEXT is None) or (RE_STABLE_VERSION is None) or (VERSION_FUNCTION is None):
+ continue
+
+ tags = {t.strip(STRIP_TEXT): t for t in image_tags[key] if RE_STABLE_VERSION.fullmatch(t)}
+ if ENUMS[key].get('function_arg', None):
+ version = VERSION_FUNCTION(list(tags), ENUMS[key].get('function_arg'))
+ else:
+ version = VERSION_FUNCTION(list(tags))
+ if not version:
+ continue
+
+ if key == 'image':
+ output['app_version'] = version
+
+ output['tags'][key] = tags[version]
+
+ return output
+
+
+if __name__ == '__main__':
+ try:
+ versions_json = json.loads(sys.stdin.read())
+ except ValueError:
+ raise ValueError('Invalid json specified')
+
+ print(json.dumps(newer_mapping(versions_json)))
diff --git a/library/ix-dev/test/minio/values.yaml b/library/ix-dev/test/minio/values.yaml
new file mode 100644
index 0000000000..fe482ce6a9
--- /dev/null
+++ b/library/ix-dev/test/minio/values.yaml
@@ -0,0 +1,48 @@
+image:
+ repository: minio/minio
+ tag: RELEASE.2023-03-24T21-41-23Z
+ pullPolicy: IfNotPresent
+
+logsearchImage:
+ repository: minio/operator
+ tag: v4.5.8
+ pullPolicy: IfNotPresent
+
+resources:
+ limits:
+ cpu: 4000m
+ memory: 8Gi
+
+minioCreds:
+ rootUser: ''
+ rootPass: ''
+
+minioRunAs:
+ user: 568
+ group: 568
+
+minioNetwork:
+ apiPort: 30000
+ webPort: 30001
+ certificateID: null
+ hostNetwork: true
+ serverUrl: ''
+ consoleUrl: ''
+
+minioMultiMode: []
+
+minioStorage: []
+
+minioLogging:
+ anonymous: false
+ quiet: false
+
+ logsearch:
+ enabled: false
+ diskCapacityGB: 5
+ pgData:
+ type: ixVolume
+ datasetName: postgres-data
+ pgBackup:
+ type: ixVolume
+ datasetName: postgres-backup