diff --git a/charts/minio/1.1.0/charts/common-2101.0.0.tgz b/charts/minio/1.1.0/charts/common-2101.0.0.tgz deleted file mode 100644 index 3a22457ea6..0000000000 Binary files a/charts/minio/1.1.0/charts/common-2101.0.0.tgz and /dev/null differ diff --git a/charts/minio/1.1.0/templates/_helpers.tpl b/charts/minio/1.1.0/templates/_helpers.tpl deleted file mode 100644 index c769c2fb2a..0000000000 --- a/charts/minio/1.1.0/templates/_helpers.tpl +++ /dev/null @@ -1,6 +0,0 @@ -{{/* -Determine secret name. -*/}} -{{- define "minio.secretName" -}} -{{- include "common.names.fullname" . -}} -{{- end -}} diff --git a/charts/minio/1.1.0/.helmignore b/charts/minio/1.2.1/.helmignore similarity index 100% rename from charts/minio/1.1.0/.helmignore rename to charts/minio/1.2.1/.helmignore diff --git a/charts/minio/1.1.0/Chart.yaml b/charts/minio/1.2.1/Chart.yaml similarity index 88% rename from charts/minio/1.1.0/Chart.yaml rename to charts/minio/1.2.1/Chart.yaml index 52ba59d832..5fe99fe60f 100644 --- a/charts/minio/1.1.0/Chart.yaml +++ b/charts/minio/1.2.1/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 description: High Performance, Kubernetes Native Object Storage name: minio -version: 1.1.0 -appVersion: master +version: 1.2.1 +appVersion: RELEASE.2021-02-19T04-38-02Z keywords: - storage - object-storage diff --git a/charts/minio/1.1.0/README.md b/charts/minio/1.2.1/README.md similarity index 100% rename from charts/minio/1.1.0/README.md rename to charts/minio/1.2.1/README.md diff --git a/charts/minio/1.1.0/app-readme.md b/charts/minio/1.2.1/app-readme.md similarity index 100% rename from charts/minio/1.1.0/app-readme.md rename to charts/minio/1.2.1/app-readme.md diff --git a/charts/minio/1.2.1/charts/common-2101.0.0.tgz b/charts/minio/1.2.1/charts/common-2101.0.0.tgz new file mode 100644 index 0000000000..91e9592a56 Binary files /dev/null and b/charts/minio/1.2.1/charts/common-2101.0.0.tgz differ diff --git a/charts/minio/1.1.0/default_values.yaml b/charts/minio/1.2.1/default_values.yaml similarity index 100% rename from charts/minio/1.1.0/default_values.yaml rename to charts/minio/1.2.1/default_values.yaml diff --git a/charts/minio/1.2.1/ix_values.yaml b/charts/minio/1.2.1/ix_values.yaml new file mode 100644 index 0000000000..3a1e63df71 --- /dev/null +++ b/charts/minio/1.2.1/ix_values.yaml @@ -0,0 +1,4 @@ +image: + repository: minio/minio + tag: RELEASE.2021-02-19T04-38-02Z + pullPolicy: IfNotPresent diff --git a/charts/minio/1.1.0/migrations/migrate b/charts/minio/1.2.1/migrations/migrate_from_1.0.0 similarity index 90% rename from charts/minio/1.1.0/migrations/migrate rename to charts/minio/1.2.1/migrations/migrate_from_1.0.0 index f65d82b628..d9772faa1d 100755 --- a/charts/minio/1.1.0/migrations/migrate +++ b/charts/minio/1.2.1/migrations/migrate_from_1.0.0 @@ -5,6 +5,9 @@ import sys def migrate(values): + if values.get('appVolumeMounts'): + return values + values.update({ 'appVolumeMounts': { 'export': { diff --git a/charts/minio/1.1.0/questions.yaml b/charts/minio/1.2.1/questions.yaml similarity index 77% rename from charts/minio/1.1.0/questions.yaml rename to charts/minio/1.2.1/questions.yaml index e4753328ae..19fd540b8d 100644 --- a/charts/minio/1.1.0/questions.yaml +++ b/charts/minio/1.2.1/questions.yaml @@ -11,49 +11,13 @@ groups: portals: web_portal: protocols: - - "http" + - "$kubernetes-resource_configmap_minio-config_protocol" host: - "$node_ip" ports: - "$variable-service.nodePort" questions: - # Image related - - variable: image - description: "Docker Image Details" - label: "Docker Image" - group: "Container Images" - schema: - type: dict - required: true - attrs: - - variable: repository - description: "Docker image repository" - label: "Image repository" - schema: - type: string - default: "minio/minio" - required: true - - variable: tag - description: "Tag to use for specified image" - label: "Image Tag" - schema: - type: string - default: "RELEASE.2020-11-19T23-48-16Z" - - variable: pullPolicy - description: "Docker Image Pull Policy" - label: "Image Pull Policy" - schema: - type: string - default: "IfNotPresent" - enum: - - value: "IfNotPresent" - description: "Only pull image if not present on host" - - value: "Always" - description: "Always pull image even if present on host" - - value: "Never" - description: "Never pull image even if it's not present on host" - - variable: updateStrategy label: "Minio update strategy" group: "Workload Configuration" @@ -138,6 +102,15 @@ questions: default: 9000 required: true + - variable: certificate + description: "Minio Certificate" + label: "Minio Certificate" + group: "Minio Configuration" + schema: + type: int + $ref: + - "definitions/certificate" + - variable: appVolumeMounts label: "Minio Storage" group: "Storage" diff --git a/charts/minio/1.1.0/requirements.lock b/charts/minio/1.2.1/requirements.lock similarity index 100% rename from charts/minio/1.1.0/requirements.lock rename to charts/minio/1.2.1/requirements.lock diff --git a/charts/minio/1.1.0/templates/NOTES.txt b/charts/minio/1.2.1/templates/NOTES.txt similarity index 100% rename from charts/minio/1.1.0/templates/NOTES.txt rename to charts/minio/1.2.1/templates/NOTES.txt diff --git a/charts/minio/1.2.1/templates/_cert.tpl b/charts/minio/1.2.1/templates/_cert.tpl new file mode 100644 index 0000000000..f34777f65a --- /dev/null +++ b/charts/minio/1.2.1/templates/_cert.tpl @@ -0,0 +1,33 @@ +{{/* +Formats volumeMount for Minio tls keys and trusted certs +*/}} +{{- define "minio.tlsKeysVolumeMount" -}} +{{- if eq (include "minio.certAvailable" .) "true" -}} +- name: cert-secret-volume + mountPath: "/etc/minio/certs" +- name: trusted-cert-secret-volume + mountPath: "/etc/minio/certs/CAs" +{{- end }} +{{- end -}} + +{{/* +Formats volume for Minio tls keys and trusted certs +*/}} +{{- define "minio.tlsKeysVolume" -}} +{{- if eq (include "minio.certAvailable" .) "true" -}} +- name: cert-secret-volume + secret: + secretName: {{ include "minio.secretName" . }} + items: + - key: certPublicKey + path: public.crt + - key: certPrivateKey + path: private.key +- name: trusted-cert-secret-volume + secret: + secretName: {{ include "minio.secretName" . }} + items: + - key: certPublicKey + path: public.crt +{{- end }} +{{- end -}} diff --git a/charts/minio/1.2.1/templates/_helpers.tpl b/charts/minio/1.2.1/templates/_helpers.tpl new file mode 100644 index 0000000000..f4d59c96f8 --- /dev/null +++ b/charts/minio/1.2.1/templates/_helpers.tpl @@ -0,0 +1,40 @@ +{{/* +Determine secret name. +*/}} +{{- define "minio.secretName" -}} +{{- include "common.names.fullname" . -}} +{{- end -}} + + +{{/* +Retrieve true/false if minio certificate is configured +*/}} +{{- define "minio.certAvailable" -}} +{{- if .Values.certificate -}} +{{- $values := (. | mustDeepCopy) -}} +{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}} +{{- template "common.resources.cert_present" $values -}} +{{- else -}} +{{- false -}} +{{- end -}} +{{- end -}} + + +{{/* +Retrieve public key of minio certificate +*/}} +{{- define "minio.cert.publicKey" -}} +{{- $values := (. | mustDeepCopy) -}} +{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate "publicKey" true) -}} +{{ include "common.resources.cert" $values }} +{{- end -}} + + +{{/* +Retrieve private key of minio certificate +*/}} +{{- define "minio.cert.privateKey" -}} +{{- $values := (. | mustDeepCopy) -}} +{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}} +{{ include "common.resources.cert" $values }} +{{- end -}} diff --git a/charts/minio/1.2.1/templates/configmap.yaml b/charts/minio/1.2.1/templates/configmap.yaml new file mode 100644 index 0000000000..0c9aeea644 --- /dev/null +++ b/charts/minio/1.2.1/templates/configmap.yaml @@ -0,0 +1,10 @@ +{{ $scheme := "http" }} +{{ if eq (include "minio.certAvailable" .) "true" }} +{{ $scheme = "https" }} +{{ end }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: minio-config +data: + protocol: {{ $scheme }} diff --git a/charts/minio/1.1.0/templates/deployment.yaml b/charts/minio/1.2.1/templates/deployment.yaml similarity index 82% rename from charts/minio/1.1.0/templates/deployment.yaml rename to charts/minio/1.2.1/templates/deployment.yaml index aed4ad032b..f6eb4c5c90 100644 --- a/charts/minio/1.1.0/templates/deployment.yaml +++ b/charts/minio/1.2.1/templates/deployment.yaml @@ -1,4 +1,3 @@ -{{ $scheme := "http" }} apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: @@ -29,13 +28,14 @@ spec: containers: - name: {{ .Chart.Name }} {{ include "common.containers.imageConfig" .Values.image | nindent 10 }} - {{ include "common.storage.allContainerVolumeMounts" .Values | nindent 10 }} + volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }} + {{- include "minio.tlsKeysVolumeMount" . | nindent 12 }} command: - "/bin/sh" - "-ce" - - "/usr/bin/docker-entrypoint.sh minio server /export {{ (.Values.extraArgs | default list) | join " " }}" + - "/usr/bin/docker-entrypoint.sh minio -S /etc/minio/certs server /export {{ (.Values.extraArgs | default list) | join " " }}" ports: - - name: {{ $scheme }} + - name: http containerPort: 9000 env: {{ $secretName := (include "minio.secretName" .) }} @@ -44,3 +44,4 @@ spec: {{ $envList = mustAppend $envList (dict "name" "MINIO_SECRET_KEY" "valueFromSecret" true "secretName" $secretName "secretKey" "secretkey") }} {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }} {{ include "common.storage.allAppVolumes" .Values | nindent 6 }} +{{- include "minio.tlsKeysVolume" . | nindent 8 }} diff --git a/charts/minio/1.1.0/templates/secrets.yaml b/charts/minio/1.2.1/templates/secrets.yaml similarity index 65% rename from charts/minio/1.1.0/templates/secrets.yaml rename to charts/minio/1.2.1/templates/secrets.yaml index f44495e5e1..4085fd585b 100644 --- a/charts/minio/1.1.0/templates/secrets.yaml +++ b/charts/minio/1.2.1/templates/secrets.yaml @@ -7,3 +7,7 @@ type: Opaque data: accesskey: {{ if .Values.accessKey }}{{ .Values.accessKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 20 | b64enc | quote }}{{ end }} secretkey: {{ if .Values.secretKey }}{{ .Values.secretKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 40 | b64enc | quote }}{{ end }} + {{ if eq (include "minio.certAvailable" .) "true" }} + certPublicKey: {{ (include "minio.cert.publicKey" .) | toString | b64enc | quote }} + certPrivateKey: {{ (include "minio.cert.privateKey" .) | toString | b64enc | quote }} + {{ end }} diff --git a/charts/minio/1.1.0/templates/service.yaml b/charts/minio/1.2.1/templates/service.yaml similarity index 100% rename from charts/minio/1.1.0/templates/service.yaml rename to charts/minio/1.2.1/templates/service.yaml diff --git a/charts/minio/1.1.0/templates/serviceaccount.yaml b/charts/minio/1.2.1/templates/serviceaccount.yaml similarity index 100% rename from charts/minio/1.1.0/templates/serviceaccount.yaml rename to charts/minio/1.2.1/templates/serviceaccount.yaml diff --git a/charts/minio/1.1.0/test_values.yaml b/charts/minio/1.2.1/test_values.yaml similarity index 89% rename from charts/minio/1.1.0/test_values.yaml rename to charts/minio/1.2.1/test_values.yaml index 383d0bbdd5..ce8e11fdac 100644 --- a/charts/minio/1.1.0/test_values.yaml +++ b/charts/minio/1.2.1/test_values.yaml @@ -2,7 +2,7 @@ ## image: repository: minio/minio - tag: RELEASE.2020-11-19T23-48-16Z + tag: RELEASE.2021-02-19T04-38-02Z pullPolicy: IfNotPresent ## Additional arguments to pass to minio binary @@ -11,7 +11,7 @@ extraArgs: [] updateStrategy: RollingUpdate service: - nodePort: 32001 + nodePort: 32324 environmentVariables: [] ## Please refer for comprehensive list https://docs.minio.io/docs/minio-server-configuration-guide.html diff --git a/charts/minio/1.1.0/values.yaml b/charts/minio/1.2.1/values.yaml similarity index 100% rename from charts/minio/1.1.0/values.yaml rename to charts/minio/1.2.1/values.yaml