From 85f0f3e266b6275e5dba42d2fc9df8e4d0a4ef0c Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Tue, 27 Dec 2022 11:19:58 +0200 Subject: [PATCH] upgrade minio to newer version in charts --- charts/minio/1.6.62/ix_values.yaml | 6 -- charts/minio/1.6.62/test_values.yaml | 23 ---- charts/minio/{1.6.62 => 1.7.0}/.helmignore | 0 charts/minio/{1.6.62 => 1.7.0}/CHANGELOG.md | 0 charts/minio/{1.6.62 => 1.7.0}/Chart.yaml | 4 +- charts/minio/{1.6.62 => 1.7.0}/README.md | 0 charts/minio/{1.6.62 => 1.7.0}/app-readme.md | 0 .../charts/common-2207.0.0.tgz | Bin charts/minio/1.7.0/ix_values.yaml | 13 +++ .../{1.6.62 => 1.7.0}/migrations/migrate | 0 .../migrations/migrate_from_1.0.0 | 0 charts/minio/{1.6.62 => 1.7.0}/questions.yaml | 100 ++++++++++++++++++ .../minio/{1.6.62 => 1.7.0}/requirements.lock | 0 .../{1.6.62 => 1.7.0}/templates/NOTES.txt | 0 .../{1.6.62 => 1.7.0}/templates/_cert.tpl | 0 .../{1.6.62 => 1.7.0}/templates/_helpers.tpl | 0 .../minio/1.7.0/templates/_logsearchapi.tpl | 34 ++++++ charts/minio/1.7.0/templates/_postgres.tpl | 71 +++++++++++++ .../templates/backup-postgres-config.yaml | 15 +++ .../1.7.0/templates/backup-postgres-hook.yaml | 40 +++++++ .../templates/configmap.yaml | 0 .../templates/deployment.yaml | 25 +++++ .../templates/logsearchapi-deployment.yaml | 51 +++++++++ .../1.7.0/templates/logsearchapi-secret.yaml | 25 +++++ .../1.7.0/templates/logsearchapi-service.yaml | 6 ++ .../1.7.0/templates/postgres-deployment.yaml | 56 ++++++++++ .../1.7.0/templates/postgres-secret.yaml | 22 ++++ .../1.7.0/templates/postgres-service.yaml | 6 ++ .../templates/pre-install-job.yaml | 0 .../{1.6.62 => 1.7.0}/templates/secrets.yaml | 0 .../{1.6.62 => 1.7.0}/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../templates/tests/deployment-check.yaml | 0 charts/minio/1.7.0/test_values.yaml | 45 ++++++++ 34 files changed, 511 insertions(+), 31 deletions(-) delete mode 100644 charts/minio/1.6.62/ix_values.yaml delete mode 100644 charts/minio/1.6.62/test_values.yaml rename charts/minio/{1.6.62 => 1.7.0}/.helmignore (100%) rename charts/minio/{1.6.62 => 1.7.0}/CHANGELOG.md (100%) rename charts/minio/{1.6.62 => 1.7.0}/Chart.yaml (91%) rename charts/minio/{1.6.62 => 1.7.0}/README.md (100%) rename charts/minio/{1.6.62 => 1.7.0}/app-readme.md (100%) rename charts/minio/{1.6.62 => 1.7.0}/charts/common-2207.0.0.tgz (100%) create mode 100644 charts/minio/1.7.0/ix_values.yaml rename charts/minio/{1.6.62 => 1.7.0}/migrations/migrate (100%) rename charts/minio/{1.6.62 => 1.7.0}/migrations/migrate_from_1.0.0 (100%) rename charts/minio/{1.6.62 => 1.7.0}/questions.yaml (69%) rename charts/minio/{1.6.62 => 1.7.0}/requirements.lock (100%) rename charts/minio/{1.6.62 => 1.7.0}/templates/NOTES.txt (100%) rename charts/minio/{1.6.62 => 1.7.0}/templates/_cert.tpl (100%) rename charts/minio/{1.6.62 => 1.7.0}/templates/_helpers.tpl (100%) create mode 100644 charts/minio/1.7.0/templates/_logsearchapi.tpl create mode 100644 charts/minio/1.7.0/templates/_postgres.tpl create mode 100644 charts/minio/1.7.0/templates/backup-postgres-config.yaml create mode 100644 charts/minio/1.7.0/templates/backup-postgres-hook.yaml rename charts/minio/{1.6.62 => 1.7.0}/templates/configmap.yaml (100%) rename charts/minio/{1.6.62 => 1.7.0}/templates/deployment.yaml (69%) create mode 100644 charts/minio/1.7.0/templates/logsearchapi-deployment.yaml create mode 100644 charts/minio/1.7.0/templates/logsearchapi-secret.yaml create mode 100644 charts/minio/1.7.0/templates/logsearchapi-service.yaml create mode 100644 charts/minio/1.7.0/templates/postgres-deployment.yaml create mode 100644 charts/minio/1.7.0/templates/postgres-secret.yaml create mode 100644 charts/minio/1.7.0/templates/postgres-service.yaml rename charts/minio/{1.6.62 => 1.7.0}/templates/pre-install-job.yaml (100%) rename charts/minio/{1.6.62 => 1.7.0}/templates/secrets.yaml (100%) rename charts/minio/{1.6.62 => 1.7.0}/templates/service.yaml (100%) rename charts/minio/{1.6.62 => 1.7.0}/templates/serviceaccount.yaml (100%) rename charts/minio/{1.6.62 => 1.7.0}/templates/tests/deployment-check.yaml (100%) create mode 100644 charts/minio/1.7.0/test_values.yaml diff --git a/charts/minio/1.6.62/ix_values.yaml b/charts/minio/1.6.62/ix_values.yaml deleted file mode 100644 index 8e7e933b63..0000000000 --- a/charts/minio/1.6.62/ix_values.yaml +++ /dev/null @@ -1,6 +0,0 @@ -image: - pullPolicy: IfNotPresent - repository: minio/minio - tag: RELEASE.2022-11-10T18-20-21Z -runAsGroup: 473 -runAsUser: 473 diff --git a/charts/minio/1.6.62/test_values.yaml b/charts/minio/1.6.62/test_values.yaml deleted file mode 100644 index 9ecabb02c7..0000000000 --- a/charts/minio/1.6.62/test_values.yaml +++ /dev/null @@ -1,23 +0,0 @@ -appVolumeMounts: - export: - emptyDir: true - mountPath: /export -distributedIps: [] -distributedMode: false -dnsConfig: - options: [] -emptyDirVolumes: true -environmentVariables: [] -extraAppVolumeMounts: [] -extraArgs: [] -image: - pullPolicy: IfNotPresent - repository: minio/minio - tag: RELEASE.2022-11-10T18-20-21Z -minioDomain: null -runAsGroup: 473 -runAsUser: 473 -service: - consolePort: 32325 - nodePort: 32324 -updateStrategy: RollingUpdate diff --git a/charts/minio/1.6.62/.helmignore b/charts/minio/1.7.0/.helmignore similarity index 100% rename from charts/minio/1.6.62/.helmignore rename to charts/minio/1.7.0/.helmignore diff --git a/charts/minio/1.6.62/CHANGELOG.md b/charts/minio/1.7.0/CHANGELOG.md similarity index 100% rename from charts/minio/1.6.62/CHANGELOG.md rename to charts/minio/1.7.0/CHANGELOG.md diff --git a/charts/minio/1.6.62/Chart.yaml b/charts/minio/1.7.0/Chart.yaml similarity index 91% rename from charts/minio/1.6.62/Chart.yaml rename to charts/minio/1.7.0/Chart.yaml index 774f64afd2..aef01954c6 100644 --- a/charts/minio/1.6.62/Chart.yaml +++ b/charts/minio/1.7.0/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: '2022-11-10' +appVersion: '2022-10-24' dependencies: - name: common repository: file://../../../library/common/2207.0.0 @@ -16,4 +16,4 @@ sources: - https://github.com/minio/minio - https://github.com/minio/charts upstream_version: 8.0.5 -version: 1.6.62 +version: 1.7.0 diff --git a/charts/minio/1.6.62/README.md b/charts/minio/1.7.0/README.md similarity index 100% rename from charts/minio/1.6.62/README.md rename to charts/minio/1.7.0/README.md diff --git a/charts/minio/1.6.62/app-readme.md b/charts/minio/1.7.0/app-readme.md similarity index 100% rename from charts/minio/1.6.62/app-readme.md rename to charts/minio/1.7.0/app-readme.md diff --git a/charts/minio/1.6.62/charts/common-2207.0.0.tgz b/charts/minio/1.7.0/charts/common-2207.0.0.tgz similarity index 100% rename from charts/minio/1.6.62/charts/common-2207.0.0.tgz rename to charts/minio/1.7.0/charts/common-2207.0.0.tgz diff --git a/charts/minio/1.7.0/ix_values.yaml b/charts/minio/1.7.0/ix_values.yaml new file mode 100644 index 0000000000..ce25a89d77 --- /dev/null +++ b/charts/minio/1.7.0/ix_values.yaml @@ -0,0 +1,13 @@ +image: + pullPolicy: IfNotPresent + repository: minio/minio + tag: RELEASE.2022-11-10T18-20-21Z +logSearchImage: + pullPolicy: IfNotPresent + repository: minio/operator + tag: v4.5.4 +logsearchapi: + enabled: false + diskCapacityGB: 5 +runAsGroup: 473 +runAsUser: 473 diff --git a/charts/minio/1.6.62/migrations/migrate b/charts/minio/1.7.0/migrations/migrate similarity index 100% rename from charts/minio/1.6.62/migrations/migrate rename to charts/minio/1.7.0/migrations/migrate diff --git a/charts/minio/1.6.62/migrations/migrate_from_1.0.0 b/charts/minio/1.7.0/migrations/migrate_from_1.0.0 similarity index 100% rename from charts/minio/1.6.62/migrations/migrate_from_1.0.0 rename to charts/minio/1.7.0/migrations/migrate_from_1.0.0 diff --git a/charts/minio/1.6.62/questions.yaml b/charts/minio/1.7.0/questions.yaml similarity index 69% rename from charts/minio/1.6.62/questions.yaml rename to charts/minio/1.7.0/questions.yaml index 54b54b30b4..4c6fb76d2d 100644 --- a/charts/minio/1.6.62/questions.yaml +++ b/charts/minio/1.7.0/questions.yaml @@ -184,6 +184,27 @@ questions: $ref: - "definitions/certificate" + - variable: logsearchapi + label: Log Search API Configuration + description: Log Search API Configuration + group: Minio Configuration + schema: + type: dict + attrs: + - variable: enabled + label: Enable Log Search API + description: Enables Log Search API and configures MinIO to use it. It also deploys a postgres DB for it. + schema: + type: boolean + default: false + - variable: diskCapacityGB + label: Disk Capacity in GB + description: Capacity in GB that logs are allowed to occupy. + schema: + type: int + show_if: [["enabled", "=", true]] + default: 5 + - variable: appVolumeMounts label: "Minio Storage" group: "Storage" @@ -252,6 +273,85 @@ questions: type: hostpath required: true + - variable: postgresAppVolumeMounts + label: Postgres Storage + group: Storage + schema: + type: dict + attrs: + - variable: postgres-data + label: Postgres Data Volume + schema: + type: dict + attrs: + - variable: datasetName + label: Postgres Data Volume Name + schema: + type: string + hidden: true + $ref: + - normalize/ixVolume + default: ix-postgres_data + show_if: [["hostPathEnabled", "=", false]] + editable: false + - variable: mountPath + label: Postgresql Data Mount Path + description: Path where the volume will be mounted inside the pod + schema: + type: path + hidden: true + editable: false + default: /var/lib/postgresql/data + - variable: hostPathEnabled + label: Enable Host Path for Postgres Data Volume + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostPath + label: Host Path for Postgres Data Volume + schema: + type: hostpath + required: true + immutable: true + + - variable: postgres-backup + label: Postgres Backup Volume + schema: + type: dict + attrs: + - variable: datasetName + label: Postgres Backup Volume Name + schema: + type: string + hidden: true + $ref: + - normalize/ixVolume + default: ix-postgres_backups + show_if: [["hostPathEnabled", "=", false]] + editable: false + - variable: mountPath + label: Postgresql Backup Mount Path + description: Path where the volume will be mounted inside the pod + schema: + type: path + hidden: true + editable: false + default: /postgres_backups + - variable: hostPathEnabled + label: Enable Host Path for Postgres Backup Volume + schema: + type: boolean + default: false + show_subquestions_if: true + subquestions: + - variable: hostPath + label: Host Path for Postgres Backup Volume + schema: + type: hostpath + required: true + - variable: enableResourceLimits label: "Enable Pod resource limits" group: "Resource Limits" diff --git a/charts/minio/1.6.62/requirements.lock b/charts/minio/1.7.0/requirements.lock similarity index 100% rename from charts/minio/1.6.62/requirements.lock rename to charts/minio/1.7.0/requirements.lock diff --git a/charts/minio/1.6.62/templates/NOTES.txt b/charts/minio/1.7.0/templates/NOTES.txt similarity index 100% rename from charts/minio/1.6.62/templates/NOTES.txt rename to charts/minio/1.7.0/templates/NOTES.txt diff --git a/charts/minio/1.6.62/templates/_cert.tpl b/charts/minio/1.7.0/templates/_cert.tpl similarity index 100% rename from charts/minio/1.6.62/templates/_cert.tpl rename to charts/minio/1.7.0/templates/_cert.tpl diff --git a/charts/minio/1.6.62/templates/_helpers.tpl b/charts/minio/1.7.0/templates/_helpers.tpl similarity index 100% rename from charts/minio/1.6.62/templates/_helpers.tpl rename to charts/minio/1.7.0/templates/_helpers.tpl diff --git a/charts/minio/1.7.0/templates/_logsearchapi.tpl b/charts/minio/1.7.0/templates/_logsearchapi.tpl new file mode 100644 index 0000000000..7ca162d970 --- /dev/null +++ b/charts/minio/1.7.0/templates/_logsearchapi.tpl @@ -0,0 +1,34 @@ +{{- define "logsearchapi.imageName" -}} +{{- printf "%s:%s" .Values.logSearchImage.repository .Values.logSearchImage.tag -}} +{{- end -}} + +{{- define "logsearchapi.nameSuffix" -}} +{{- print "logsearchapi" -}} +{{- end -}} + +{{- define "logsearchapi.command" -}} +{{- print "/logsearchapi" -}} +{{- end -}} + +{{- define "logsearchapi.secretName" -}} +{{- print "logsearchapi-details" -}} +{{- end -}} + +{{- define "logsearchapi.envVariableConfiguration" -}} +{{- $envList := list -}} +{{- $secretName := (include "logsearchapi.secretName" .) -}} +{{- $postgresSecretName := (include "postgres.secretName" .) -}} +{{- $envList = mustAppend $envList (dict "name" "MINIO_LOG_QUERY_AUTH_TOKEN" "valueFromSecret" true "secretName" $secretName "secretKey" "queryToken") -}} +{{- $envList = mustAppend $envList (dict "name" "LOGSEARCH_AUDIT_AUTH_TOKEN" "valueFromSecret" true "secretName" $secretName "secretKey" "auditToken") -}} +{{- $envList = mustAppend $envList (dict "name" "LOGSEARCH_PG_CONN_STR" "valueFromSecret" true "secretName" $postgresSecretName "secretKey" "postgresURL") -}} +{{- $envList = mustAppend $envList (dict "name" "LOGSEARCH_DISK_CAPACITY_GB" "value" .Values.logsearchapi.diskCapacityGB) -}} +{{- include "common.containers.environmentVariables" (dict "environmentVariables" $envList) -}} +{{- end -}} + +{{/* Used in the minio init container (checks that logsearchapi is available) */}} +{{- define "logsearchapiInit.envVariableConfiguration" -}} +{{- $envList := list -}} +{{- $secretName := (include "logsearchapi.secretName" .) -}} +{{- $envList = mustAppend $envList (dict "name" "apiURL" "valueFromSecret" true "secretName" $secretName "secretKey" "logQueryURL") -}} +{{- include "common.containers.environmentVariables" (dict "environmentVariables" $envList) -}} +{{- end -}} diff --git a/charts/minio/1.7.0/templates/_postgres.tpl b/charts/minio/1.7.0/templates/_postgres.tpl new file mode 100644 index 0000000000..63b577ee1c --- /dev/null +++ b/charts/minio/1.7.0/templates/_postgres.tpl @@ -0,0 +1,71 @@ +{{- define "postgres.imageName" -}} +{{- print "postgres:14.5" -}} +{{- end -}} + +{{- define "postgres.nameSuffix" -}} +{{- print "postgres" -}} +{{- end -}} + +{{- define "postgres.secretName" -}} +{{- print "postgres-details" -}} +{{- end -}} + +{{- define "postgres.dbName" -}} +{{- print "logsearchapi" -}} +{{- end -}} + +{{- define "postgres.dbUser" -}} +{{- print "logsearchapi" -}} +{{- end -}} + +{{/* +Retrieve postgres backup name +This will return a unique name based on revision and chart numbers specified. +*/}} +{{- define "postgres.backupName" -}} +{{- $upgradeDict := .Values.ixChartContext.upgradeMetadata -}} +{{- printf "postgres-backup-from-%s-to-%s-revision-%d" $upgradeDict.oldChartVersion $upgradeDict.newChartVersion (int64 $upgradeDict.preUpgradeRevision) -}} +{{- end -}} + +{{- define "postgres.envVariableConfiguration" -}} +{{- $envList := list -}} +{{- $secretName := (include "postgres.secretName" .) -}} +{{- $envList = mustAppend $envList (dict "name" "POSTGRES_USER" "valueFromSecret" true "secretName" $secretName "secretKey" "db_user") -}} +{{- $envList = mustAppend $envList (dict "name" "POSTGRES_DB" "valueFromSecret" true "secretName" $secretName "secretKey" "db_name") -}} +{{- $envList = mustAppend $envList (dict "name" "POSTGRES_PASSWORD" "valueFromSecret" true "secretName" $secretName "secretKey" "db_password") -}} +{{- include "common.containers.environmentVariables" (dict "environmentVariables" $envList) -}} +{{- end -}} + +{{- define "postgresBackup.envVariableConfiguration" -}} +{{- $envList := list -}} +{{- $secretName := (include "postgres.secretName" .) -}} +{{- $envList = mustAppend $envList (dict "name" "POSTGRES_USER" "valueFromSecret" true "secretName" $secretName "secretKey" "db_user") -}} +{{- $envList = mustAppend $envList (dict "name" "POSTGRES_DB" "valueFromSecret" true "secretName" $secretName "secretKey" "db_name") -}} +{{/* PGPASSWORD is used by pg_dump */}} +{{- $envList = mustAppend $envList (dict "name" "PGPASSWORD" "valueFromSecret" true "secretName" $secretName "secretKey" "db_password") -}} +{{- $envList = mustAppend $envList (dict "name" "pgHost" "valueFromSecret" true "secretName" $secretName "secretKey" "postgresHost") -}} +{{- include "common.containers.environmentVariables" (dict "environmentVariables" $envList) -}} +{{- end -}} + +{{/* Used in the logsearchapi init container (checks that postgres is available) */}} +{{- define "postgresInit.envVariableConfiguration" -}} +{{- $envList := list -}} +{{- $secretName := (include "postgres.secretName" .) -}} +{{- $envList = mustAppend $envList (dict "name" "pgHost" "valueFromSecret" true "secretName" $secretName "secretKey" "postgresHost") -}} +{{- $envList = mustAppend $envList (dict "name" "pguser" "valueFromSecret" true "secretName" $secretName "secretKey" "db_user") -}} +{{- include "common.containers.environmentVariables" (dict "environmentVariables" $envList) -}} +{{- end -}} + +{{/* +Retrieve postgres volume configuration +*/}} +{{- define "postgres.volumeConfiguration" -}} +{{ include "common.storage.configureAppVolumes" (dict "appVolumeMounts" .Values.postgresAppVolumeMounts "emptyDirVolumes" .Values.emptyDirVolumes "ixVolumes" .Values.ixVolumes) | nindent 0 }} +{{- end -}} + +{{/* +Retrieve postgres volume mounts configuration +*/}} +{{- define "postgres.volumeMountsConfiguration" -}} +{{ include "common.storage.configureAppVolumeMountsInContainer" (dict "appVolumeMounts" .Values.postgresAppVolumeMounts ) | nindent 0 }} +{{- end -}} diff --git a/charts/minio/1.7.0/templates/backup-postgres-config.yaml b/charts/minio/1.7.0/templates/backup-postgres-config.yaml new file mode 100644 index 0000000000..e5892b8222 --- /dev/null +++ b/charts/minio/1.7.0/templates/backup-postgres-config.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: postgres-backup-hook-config-map + annotations: + rollme: {{ randAlphaNum 5 | quote }} +data: + entrypoint.sh: |- + #!/bin/sh + cmd="/docker-entrypoint.sh postgres" + eval "${cmd}" & disown; + until pg_isready -U "$POSTGRES_USER" -h "$pgHost"; do + sleep 5; + done; + pg_dump -U "$POSTGRES_USER" -d "$POSTGRES_DB" -h "$pgHost" -f /postgres_backups/$BACKUP_NAME.sql; diff --git a/charts/minio/1.7.0/templates/backup-postgres-hook.yaml b/charts/minio/1.7.0/templates/backup-postgres-hook.yaml new file mode 100644 index 0000000000..5a576900b3 --- /dev/null +++ b/charts/minio/1.7.0/templates/backup-postgres-hook.yaml @@ -0,0 +1,40 @@ +{{- if .Values.logsearchapi.enabled -}} +{{- if .Values.ixChartContext.isUpgrade -}} +{{ $values := (. | mustDeepCopy) }} +{{ $_ := set $values "common" (dict "nameSuffix" (include "postgres.nameSuffix" .)) }} +apiVersion: batch/v1 +kind: Job +metadata: + name: pre-upgrade-hook + annotations: + "helm.sh/hook": pre-upgrade + "helm.sh/hook-weight": "1" + "helm.sh/hook-delete-policy": hook-succeeded + rollme: {{ randAlphaNum 5 | quote }} +spec: + template: + metadata: + name: pre-upgrade-hook + spec: + restartPolicy: Never + containers: + - name: {{ .Chart.Name }}-postgres-backup + image: {{ include "postgres.imageName" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: {{ include "postgresBackup.envVariableConfiguration" $values | nindent 10 }} + - name: BACKUP_NAME + value: {{ include "postgres.backupName" . }} + volumeMounts: {{ include "postgres.volumeMountsConfiguration" $values | nindent 10 }} + - name: backup-script-configmap + mountPath: /bin/backup_entrypoint.sh + readOnly: true + subPath: entrypoint.sh + command: + - /bin/backup_entrypoint.sh + volumes: {{ include "postgres.volumeConfiguration" $values | nindent 8 }} + - name: backup-script-configmap + configMap: + defaultMode: 0700 + name: postgres-backup-hook-config-map +{{- end -}} +{{- end -}} diff --git a/charts/minio/1.6.62/templates/configmap.yaml b/charts/minio/1.7.0/templates/configmap.yaml similarity index 100% rename from charts/minio/1.6.62/templates/configmap.yaml rename to charts/minio/1.7.0/templates/configmap.yaml diff --git a/charts/minio/1.6.62/templates/deployment.yaml b/charts/minio/1.7.0/templates/deployment.yaml similarity index 69% rename from charts/minio/1.6.62/templates/deployment.yaml rename to charts/minio/1.7.0/templates/deployment.yaml index 05d3ebe366..f952770526 100644 --- a/charts/minio/1.6.62/templates/deployment.yaml +++ b/charts/minio/1.7.0/templates/deployment.yaml @@ -1,4 +1,6 @@ {{ include "common.storage.hostPathValidate" .Values }} +{{ $logsearchValues := (. | mustDeepCopy) }} +{{ $_ := set $logsearchValues "common" (dict "nameSuffix" (include "logsearchapi.nameSuffix" .)) }} apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: @@ -32,6 +34,17 @@ spec: runAsGroup: {{ .Values.runAsGroup }} serviceAccountName: {{ include "common.names.serviceAccountName" . | quote }} hostNetwork: {{ include "minio.hostNetworking" . }} + {{ if .Values.logsearchapi.enabled }} + initContainers: + - name: {{ .Chart.Name }}-waitapi + image: alpine/curl + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: {{ include "logsearchapiInit.envVariableConfiguration" $logsearchValues | nindent 10 }} + command: + - sh + - -c + - "until curl $apiURL/status; do sleep 2; done" + {{ end }} containers: - name: {{ .Chart.Name }} {{ include "common.resources.limitation" . | nindent 10 }} @@ -60,6 +73,18 @@ spec: {{ end }} {{ $envList = mustAppend $envList (dict "name" "MINIO_ROOT_USER" "valueFromSecret" true "secretName" $secretName "secretKey" "accesskey") }} {{ $envList = mustAppend $envList (dict "name" "MINIO_ROOT_PASSWORD" "valueFromSecret" true "secretName" $secretName "secretKey" "secretkey") }} + {{ if .Values.logsearchapi.enabled }} + {{/* + We can put any ID we want here. Just make sure it's unique + It can be rolled on each startup without problems, or se can set a static one. + */}} + {{ $webhookID := (printf "ix-%v" (randAlphaNum 5)) }} + {{ $logsearchSecretName := (include "logsearchapi.secretName" .) }} + {{ $envList = mustAppend $envList (dict "name" "MINIO_LOG_QUERY_AUTH_TOKEN" "valueFromSecret" true "secretName" $logsearchSecretName "secretKey" "queryToken") }} + {{ $envList = mustAppend $envList (dict "name" "MINIO_LOG_QUERY_URL" "valueFromSecret" true "secretName" $logsearchSecretName "secretKey" "logQueryURL") }} + {{ $envList = mustAppend $envList (dict "name" (printf "MINIO_AUDIT_WEBHOOK_ENDPOINT_%v" $webhookID) "valueFromSecret" true "secretName" $logsearchSecretName "secretKey" "webhookURL") }} + {{ $envList = mustAppend $envList (dict "name" (printf "MINIO_AUDIT_WEBHOOK_ENABLE_%v" $webhookID) "value" "on") }} + {{ end }} {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }} {{ include "common.networking.dnsConfiguration" .Values | nindent 6 }} volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }} diff --git a/charts/minio/1.7.0/templates/logsearchapi-deployment.yaml b/charts/minio/1.7.0/templates/logsearchapi-deployment.yaml new file mode 100644 index 0000000000..9a88dd46b3 --- /dev/null +++ b/charts/minio/1.7.0/templates/logsearchapi-deployment.yaml @@ -0,0 +1,51 @@ +{{ if .Values.logsearchapi.enabled }} +{{ $values := (. | mustDeepCopy) }} +{{ $_ := set $values "common" (dict "nameSuffix" (include "logsearchapi.nameSuffix" .)) }} +{{ $pg_values := (. | mustDeepCopy) }} +{{ $_ := set $pg_values "common" (dict "nameSuffix" (include "postgres.nameSuffix" .)) }} +{{ include "common.deployment.common_config" $values | nindent 0 }} +spec: {{ include "common.deployment.common_spec" $values | nindent 2 }} + template: {{ include "common.deployment.pod.metadata" $values | nindent 4 }} + spec: + initContainers: + - name: {{ .Chart.Name }}-{{ include "logsearchapi.nameSuffix" . }}-waitdb + image: {{ include "postgres.imageName" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: {{ include "postgresInit.envVariableConfiguration" $pg_values | nindent 10 }} + command: + - sh + - -c + - 'until pg_isready -U "$pgUser" -h "$pgHost"; do sleep 2; done' + containers: + - name: {{ .Chart.Name }}-{{ include "logsearchapi.nameSuffix" . }} + image: {{ include "logsearchapi.imageName" . }} + imagePullPolicy: {{ .Values.logSearchImage.pullPolicy }} + env: {{ include "logsearchapi.envVariableConfiguration" $values | nindent 10 }} + command: + - {{ include "logsearchapi.command" . }} + ports: + - name: logsearchapi + containerPort: 8080 + protocol: TCP + readinessProbe: + httpGet: + path: /status + port: 8080 + failureThreshold: 5 + periodSeconds: 15 + initialDelaySeconds: 15 + livenessProbe: + httpGet: + path: /status + port: 8080 + failureThreshold: 5 + periodSeconds: 15 + initialDelaySeconds: 15 + startupProbe: + httpGet: + path: /status + port: 8080 + failureThreshold: 5 + periodSeconds: 15 + initialDelaySeconds: 15 +{{ end }} diff --git a/charts/minio/1.7.0/templates/logsearchapi-secret.yaml b/charts/minio/1.7.0/templates/logsearchapi-secret.yaml new file mode 100644 index 0000000000..a8a233d7e7 --- /dev/null +++ b/charts/minio/1.7.0/templates/logsearchapi-secret.yaml @@ -0,0 +1,25 @@ +{{ if .Values.logsearchapi.enabled }} +{{ $logSearchValues := (. | mustDeepCopy) }} +{{ $_ := set $logSearchValues "common" (dict "nameSuffix" (include "logsearchapi.nameSuffix" .)) }} + +{{ $auditToken := randAlphaNum 32 | b64enc }} +{{ $queryToken := randAlphaNum 32 | b64enc }} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "logsearchapi.secretName" . }} +data: + {{ with (lookup "v1" "Secret" .Release.Namespace (include "logsearchapi.secretName" .)) }} + {{ $auditToken = (index .data "auditToken") }} + {{ end }} + auditToken: {{ $auditToken }} + + {{ with (lookup "v1" "Secret" .Release.Namespace (include "logsearchapi.secretName" .)) }} + {{ $queryToken = (index .data "queryToken") }} + {{ end }} + queryToken: {{ $queryToken }} + + logQueryURL: {{ (printf "http://%v:8080" (include "common.names.fullname" $logSearchValues)) | b64enc }} + webhookURL: {{ (printf "http://%v:8080/api/ingest?token=%v" (include "common.names.fullname" $logSearchValues) ($auditToken | b64dec)) | b64enc }} +{{ end }} diff --git a/charts/minio/1.7.0/templates/logsearchapi-service.yaml b/charts/minio/1.7.0/templates/logsearchapi-service.yaml new file mode 100644 index 0000000000..f9db1a86cf --- /dev/null +++ b/charts/minio/1.7.0/templates/logsearchapi-service.yaml @@ -0,0 +1,6 @@ +{{ $ports := list }} +{{ $ports = mustAppend $ports (dict "name" "logsearchapi-tcp" "port" 8080 "targetPort" 8080) }} +{{ $values := (. | mustDeepCopy) }} +{{ $_ := set $values "common" (dict "nameSuffix" (include "logsearchapi.nameSuffix" .)) }} +{{ $_1 := set $values "commonService" (dict "type" "ClusterIP" "ports" $ports ) }} +{{ include "common.classes.service" $values }} diff --git a/charts/minio/1.7.0/templates/postgres-deployment.yaml b/charts/minio/1.7.0/templates/postgres-deployment.yaml new file mode 100644 index 0000000000..521fd7b152 --- /dev/null +++ b/charts/minio/1.7.0/templates/postgres-deployment.yaml @@ -0,0 +1,56 @@ +{{ if .Values.logsearchapi.enabled }} +{{ $values := (. | mustDeepCopy) }} +{{ $_ := set $values "common" (dict "nameSuffix" (include "postgres.nameSuffix" .)) }} +{{ include "common.deployment.common_config" $values | nindent 0 }} +spec: + replicas: {{ (default 1 .Values.replicas) }} + strategy: + type: Recreate + selector: + matchLabels: + app: {{ template "common.names.name" . }} + release: {{ .Release.Name }} + template: {{ include "common.deployment.pod.metadata" $values | nindent 4 }} + spec: + containers: + - name: {{ .Chart.Name }}-{{ include "postgres.nameSuffix" .}} + image: {{ template "postgres.imageName" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: {{ include "postgres.envVariableConfiguration" $values | nindent 10 }} + volumeMounts: {{ include "postgres.volumeMountsConfiguration" $values | nindent 10 }} + ports: + - name: postgres-tcp + containerPort: 5432 + protocol: TCP + readinessProbe: + exec: + command: + - sh + - -c + - "until pg_isready -U${POSTGRES_USER} -h localhost; do sleep 2; done" + initialDelaySeconds: 15 + failureThreshold: 5 + periodSeconds: 15 + timeoutSeconds: 2 + livenessProbe: + exec: + command: + - sh + - -c + - "until pg_isready -U${POSTGRES_USER} -h localhost; do sleep 2; done" + initialDelaySeconds: 15 + failureThreshold: 5 + periodSeconds: 15 + timeoutSeconds: 2 + startupProbe: + exec: + command: + - sh + - -c + - "until pg_isready -U${POSTGRES_USER} -h localhost; do sleep 2; done" + initialDelaySeconds: 15 + failureThreshold: 20 + periodSeconds: 15 + timeoutSeconds: 2 + volumes: {{ include "postgres.volumeConfiguration" $values | nindent 8 }} +{{ end }} diff --git a/charts/minio/1.7.0/templates/postgres-secret.yaml b/charts/minio/1.7.0/templates/postgres-secret.yaml new file mode 100644 index 0000000000..563c2b2d15 --- /dev/null +++ b/charts/minio/1.7.0/templates/postgres-secret.yaml @@ -0,0 +1,22 @@ +{{ if .Values.logsearchapi.enabled }} +{{ $pgValues := (. | mustDeepCopy) }} +{{ $_ := set $pgValues "common" (dict "nameSuffix" (include "postgres.nameSuffix" .)) }} + +{{ $dbPass := randAlphaNum 32 | b64enc }} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "postgres.secretName" . }} +data: + {{ with (lookup "v1" "Secret" .Release.Namespace (include "postgres.secretName" .)) }} + {{ $dbPass = (index .data "db_password") }} + {{ end }} + db_password: {{ $dbPass }} + + db_user: {{ include "postgres.dbUser" . | b64enc }} + db_name: {{ include "postgres.dbName" . | b64enc }} + + postgresURL: {{ printf "postgres://%v:%v@%v:5432/%v?sslmode=disable" (include "postgres.dbUser" .) ($dbPass | b64dec) (include "common.names.fullname" $pgValues) (include "postgres.dbName" .) | b64enc }} + postgresHost: {{ printf "%v" (include "common.names.fullname" $pgValues) | b64enc }} +{{ end }} diff --git a/charts/minio/1.7.0/templates/postgres-service.yaml b/charts/minio/1.7.0/templates/postgres-service.yaml new file mode 100644 index 0000000000..2bdb1e8a97 --- /dev/null +++ b/charts/minio/1.7.0/templates/postgres-service.yaml @@ -0,0 +1,6 @@ +{{ $ports := list }} +{{ $ports = mustAppend $ports (dict "name" "postgres-tcp" "port" 5432 "targetPort" 5432) }} +{{ $values := (. | mustDeepCopy) }} +{{ $_ := set $values "common" (dict "nameSuffix" (include "postgres.nameSuffix" .)) }} +{{ $_1 := set $values "commonService" (dict "type" "ClusterIP" "ports" $ports ) }} +{{ include "common.classes.service" $values }} diff --git a/charts/minio/1.6.62/templates/pre-install-job.yaml b/charts/minio/1.7.0/templates/pre-install-job.yaml similarity index 100% rename from charts/minio/1.6.62/templates/pre-install-job.yaml rename to charts/minio/1.7.0/templates/pre-install-job.yaml diff --git a/charts/minio/1.6.62/templates/secrets.yaml b/charts/minio/1.7.0/templates/secrets.yaml similarity index 100% rename from charts/minio/1.6.62/templates/secrets.yaml rename to charts/minio/1.7.0/templates/secrets.yaml diff --git a/charts/minio/1.6.62/templates/service.yaml b/charts/minio/1.7.0/templates/service.yaml similarity index 100% rename from charts/minio/1.6.62/templates/service.yaml rename to charts/minio/1.7.0/templates/service.yaml diff --git a/charts/minio/1.6.62/templates/serviceaccount.yaml b/charts/minio/1.7.0/templates/serviceaccount.yaml similarity index 100% rename from charts/minio/1.6.62/templates/serviceaccount.yaml rename to charts/minio/1.7.0/templates/serviceaccount.yaml diff --git a/charts/minio/1.6.62/templates/tests/deployment-check.yaml b/charts/minio/1.7.0/templates/tests/deployment-check.yaml similarity index 100% rename from charts/minio/1.6.62/templates/tests/deployment-check.yaml rename to charts/minio/1.7.0/templates/tests/deployment-check.yaml diff --git a/charts/minio/1.7.0/test_values.yaml b/charts/minio/1.7.0/test_values.yaml new file mode 100644 index 0000000000..3d44f1fa70 --- /dev/null +++ b/charts/minio/1.7.0/test_values.yaml @@ -0,0 +1,45 @@ +appVolumeMounts: + export: + emptyDir: true + mountPath: /export +postgresAppVolumeMounts: + postgres-backup: + emptyDir: true + mountPath: /postgres_backups + postgres-data: + emptyDir: true + mountPath: /var/lib/postgresql/data +postgresql: + backupVolume: + datasetName: ix-postgres_backups + mountPath: /postgres_backups + dataVolume: + datasetName: ix-postgres_data + mountPath: /var/lib/postgresql/data +ixChartContext: {} +distributedIps: [] +distributedMode: false +dnsConfig: + options: [] +emptyDirVolumes: true +environmentVariables: [] +extraAppVolumeMounts: [] +extraArgs: [] +image: + pullPolicy: IfNotPresent + repository: minio/minio + tag: RELEASE.2022-10-24T18-35-07Z +logSearchImage: + pullPolicy: IfNotPresent + repository: minio/operator + tag: v4.5.4 +logsearchapi: + enabled: true + diskCapacityGB: 5 +minioDomain: null +runAsGroup: 473 +runAsUser: 473 +service: + consolePort: 32325 + nodePort: 32324 +updateStrategy: RollingUpdate