Publish new changes in catalog

community/passbolt/1.1.9/questions.yaml

@@ -1,388 +0,0 @@
-groups:
-  - name: Passbolt Configuration
-    description: Configure Passbolt
-  - name: Network Configuration
-    description: Configure Network for Passbolt
-  - name: Storage Configuration
-    description: Configure Storage for Passbolt
-  - name: Resources Configuration
-    description: Configure Resources for Passbolt
-
-portals:
-  web_portal:
-    protocols:
-      - "$kubernetes-resource_configmap_portal_protocol"
-    host:
-      - "$kubernetes-resource_configmap_portal_host"
-    ports:
-      - "$kubernetes-resource_configmap_portal_port"
-    path: "$kubernetes-resource_configmap_portal_path"
-
-questions:
-  - variable: passboltConfig
-    label: ""
-    group: Passbolt Configuration
-    schema:
-      type: dict
-      attrs:
-        - variable: appUrl
-          label: App URL
-          description: |
-            The URL for the Passbolt WebUI.</br>
-            Format is: https://sub.domain.tld:port
-          schema:
-            type: uri
-            default: ''
-            required: true
-        - variable: additionalEnvs
-          label: Additional Environment Variables
-          description: Configure additional environment variables for Passbolt.
-          schema:
-            type: list
-            default: []
-            items:
-              - variable: env
-                label: Environment Variable
-                schema:
-                  type: dict
-                  attrs:
-                    - variable: name
-                      label: Name
-                      schema:
-                        type: string
-                        required: true
-                    - variable: value
-                      label: Value
-                      schema:
-                        type: string
-                        required: true
-
-  - variable: passboltNetwork
-    label: ""
-    group: Network Configuration
-    schema:
-      type: dict
-      attrs:
-        - variable: hostNetwork
-          label: Host Network
-          description: |
-            Bind to the host network. It's recommended to keep this disabled.</br>
-          schema:
-            type: boolean
-            default: false
-        - variable: webPort
-          label: Web Port
-          description: The port for the Passbolt WebUI.
-          schema:
-            type: int
-            default: 30097
-            show_if: [["hostNetwork", "=", false]]
-            min: 9000
-            max: 65535
-            required: true
-        - variable: certificateID
-          label: Certificate
-          description: The certificate to use for Passbolt.
-          schema:
-            type: int
-            "null": true
-            $ref:
-              - "definitions/certificate"
-
-  - variable: passboltStorage
-    label: ""
-    group: Storage Configuration
-    schema:
-      type: dict
-      attrs:
-        - variable: gpg
-          label: Passbolt GPG Storage
-          description: The path to store Passbolt GPG.
-          schema:
-            type: dict
-            attrs:
-              - variable: type
-                label: Type
-                description: |
-                  ixVolume: Is dataset created automatically by the system.</br>
-                  Host Path: Is a path that already exists on the system.
-                schema:
-                  type: string
-                  required: true
-                  immutable: true
-                  default: ixVolume
-                  enum:
-                    - value: hostPath
-                      description: Host Path (Path that already exists on the system)
-                    - value: ixVolume
-                      description: ixVolume (Dataset created automatically by the system)
-              - variable: datasetName
-                label: Dataset Name
-                schema:
-                  type: string
-                  show_if: [["type", "=", "ixVolume"]]
-                  required: true
-                  hidden: true
-                  immutable: true
-                  default: gpg
-                  $ref:
-                    - "normalize/ixVolume"
-              - variable: hostPath
-                label: Host Path
-                schema:
-                  type: hostpath
-                  show_if: [["type", "=", "hostPath"]]
-                  required: true
-        - variable: jwt
-          label: Passbolt JWT Storage
-          description: The path to store Passbolt JWT.
-          schema:
-            type: dict
-            attrs:
-              - variable: type
-                label: Type
-                description: |
-                  ixVolume: Is dataset created automatically by the system.</br>
-                  Host Path: Is a path that already exists on the system.
-                schema:
-                  type: string
-                  required: true
-                  immutable: true
-                  default: ixVolume
-                  enum:
-                    - value: hostPath
-                      description: Host Path (Path that already exists on the system)
-                    - value: ixVolume
-                      description: ixVolume (Dataset created automatically by the system)
-              - variable: datasetName
-                label: Dataset Name
-                schema:
-                  type: string
-                  show_if: [["type", "=", "ixVolume"]]
-                  required: true
-                  hidden: true
-                  immutable: true
-                  default: jwt
-                  $ref:
-                    - "normalize/ixVolume"
-              - variable: hostPath
-                label: Host Path
-                schema:
-                  type: hostpath
-                  show_if: [["type", "=", "hostPath"]]
-                  required: true
-        - variable: mariadbData
-          label: Passbolt MariaDB Data Storage
-          description: The path to store Passbolt MariaDB Data.
-          schema:
-            type: dict
-            attrs:
-              - variable: type
-                label: Type
-                description: |
-                  ixVolume: Is dataset created automatically by the system.</br>
-                  Host Path: Is a path that already exists on the system.
-                schema:
-                  type: string
-                  required: true
-                  immutable: true
-                  default: ixVolume
-                  enum:
-                    - value: hostPath
-                      description: Host Path (Path that already exists on the system)
-                    - value: ixVolume
-                      description: ixVolume (Dataset created automatically by the system)
-              - variable: datasetName
-                label: Dataset Name
-                schema:
-                  type: string
-                  show_if: [["type", "=", "ixVolume"]]
-                  required: true
-                  hidden: true
-                  immutable: true
-                  default: mariadbData
-                  $ref:
-                    - "normalize/ixVolume"
-              - variable: hostPath
-                label: Host Path
-                schema:
-                  type: hostpath
-                  show_if: [["type", "=", "hostPath"]]
-                  required: true
-        - variable: mariadbBackup
-          label: Passbolt MariaDB Backup Storage
-          description: The path to store Passbolt MariaDB Backup.
-          schema:
-            type: dict
-            attrs:
-              - variable: type
-                label: Type
-                description: |
-                  ixVolume: Is dataset created automatically by the system.</br>
-                  Host Path: Is a path that already exists on the system.
-                schema:
-                  type: string
-                  required: true
-                  immutable: true
-                  default: ixVolume
-                  enum:
-                    - value: hostPath
-                      description: Host Path (Path that already exists on the system)
-                    - value: ixVolume
-                      description: ixVolume (Dataset created automatically by the system)
-              - variable: datasetName
-                label: Dataset Name
-                schema:
-                  type: string
-                  show_if: [["type", "=", "ixVolume"]]
-                  required: true
-                  hidden: true
-                  immutable: true
-                  default: mariadbBackup
-                  $ref:
-                    - "normalize/ixVolume"
-              - variable: hostPath
-                label: Host Path
-                schema:
-                  type: hostpath
-                  show_if: [["type", "=", "hostPath"]]
-                  required: true
-        - variable: additionalStorages
-          label: Additional Storage
-          description: Additional storage for Passbolt.
-          schema:
-            type: list
-            default: []
-            items:
-              - variable: storageEntry
-                label: Storage Entry
-                schema:
-                  type: dict
-                  attrs:
-                    - variable: type
-                      label: Type
-                      description: |
-                        ixVolume: Is dataset created automatically by the system.</br>
-                        Host Path: Is a path that already exists on the system.</br>
-                        SMB Share: Is a SMB share that is mounted to a persistent volume claim.
-                      schema:
-                        type: string
-                        required: true
-                        default: "ixVolume"
-                        immutable: true
-                        enum:
-                          - value: "hostPath"
-                            description: Host Path (Path that already exists on the system)
-                          - value: "ixVolume"
-                            description: ixVolume (Dataset created automatically by the system)
-                          - value: "smb-pv-pvc"
-                            description: SMB Share (Mounts a persistent volume claim to a SMB share)
-                    - variable: mountPath
-                      label: Mount Path
-                      description: The path inside the container to mount the storage.
-                      schema:
-                        type: path
-                        required: true
-                    - variable: hostPath
-                      label: Host Path
-                      description: The host path to use for storage.
-                      schema:
-                        type: hostpath
-                        show_if: [["type", "=", "hostPath"]]
-                        required: true
-                    - variable: datasetName
-                      label: Dataset Name
-                      description: The name of the dataset to use for storage.
-                      schema:
-                        type: string
-                        show_if: [["type", "=", "ixVolume"]]
-                        required: true
-                        immutable: true
-                        default: "storage_entry"
-                        $ref:
-                          - "normalize/ixVolume"
-                    - variable: server
-                      label: Server
-                      description: The server for the SMB share.
-                      schema:
-                        type: string
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                        required: true
-                    - variable: share
-                      label: Share
-                      description: The share name for the SMB share.
-                      schema:
-                        type: string
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                        required: true
-                    - variable: domain
-                      label: Domain (Optional)
-                      description: The domain for the SMB share.
-                      schema:
-                        type: string
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                    - variable: username
-                      label: Username
-                      description: The username for the SMB share.
-                      schema:
-                        type: string
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                        required: true
-                    - variable: password
-                      label: Password
-                      description: The password for the SMB share.
-                      schema:
-                        type: string
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                        required: true
-                        private: true
-                    - variable: size
-                      label: Size (in Gi)
-                      description: The size of the volume quota.
-                      schema:
-                        type: int
-                        show_if: [["type", "=", "smb-pv-pvc"]]
-                        required: true
-                        min: 1
-                        default: 1
-
-  - variable: resources
-    label: ""
-    group: Resources Configuration
-    schema:
-      type: dict
-      attrs:
-        - variable: limits
-          label: Limits
-          schema:
-            type: dict
-            attrs:
-              - variable: cpu
-                label: CPU
-                description: CPU limit for Passbolt.
-                schema:
-                  type: string
-                  max_length: 6
-                  valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$'
-                  valid_chars_error: |
-                    Valid CPU limit formats are</br>
-                    - Plain Integer - eg. 1</br>
-                    - Float - eg. 0.5</br>
-                    - Milicpu - eg. 500m
-                  default: "4000m"
-                  required: true
-              - variable: memory
-                label: Memory
-                description: Memory limit for Passbolt.
-                schema:
-                  type: string
-                  max_length: 12
-                  valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$'
-                  valid_chars_error: |
-                    Valid Memory limit formats are</br>
-                    - Suffixed with E/P/T/G/M/K - eg. 1G</br>
-                    - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi</br>
-                    - Plain Integer in bytes - eg. 1024</br>
-                    - Exponent - eg. 134e6
-                  default: "8Gi"
-                  required: true

community/passbolt/1.1.9/Chart.yaml → community/passbolt/1.2.0/Chart.yaml

@@ -3,7 +3,7 @@ description: Passbolt is a security-first, open source password manager
 annotations:
   title: Passbolt
 type: application
-version: 1.1.9
+version: 1.2.0
 apiVersion: v2
 appVersion: 4.4.2.1
 kubeVersion: '>=1.16.0-0'

community/passbolt/1.1.9/ci/basic-values.yaml → community/passbolt/1.2.0/ci/basic-values.yaml

@@ -13,3 +13,6 @@ passboltStorage:
     type: pvc
   mariadbBackup:
     type: emptyDir
+    emptyDirConfig:
+      medium: ""
+      size: ""

community/passbolt/1.1.9/ci/host-values.yaml → community/passbolt/1.2.0/ci/host-values.yaml

@@ -13,3 +13,6 @@ passboltStorage:
     type: pvc
   mariadbBackup:
     type: emptyDir
+    emptyDirConfig:
+      medium: ""
+      size: ""

community/passbolt/1.1.9/ci/https-values.yaml → community/passbolt/1.2.0/ci/https-values.yaml

@@ -14,6 +14,9 @@ passboltStorage:
     type: pvc
   mariadbBackup:
     type: emptyDir
+    emptyDirConfig:
+      medium: ""
+      size: ""
 
 ixCertificates:
   "1":

community/passbolt/1.1.9/ix_values.yaml → community/passbolt/1.2.0/ix_values.yaml

@@ -23,13 +23,16 @@ passboltStorage:
     datasetName: gpg
   jwt:
     type: ixVolume
-    datasetName: jwt
+    ixVolumeConfig:
+      datasetName: jwt
   mariadbData:
     type: ixVolume
-    datasetName: mariadbData
+    ixVolumeConfig:
+      datasetName: mariadbData
   mariadbBackup:
     type: ixVolume
-    datasetName: mariadbBackup
+    ixVolumeConfig:
+      datasetName: mariadbBackup
   additionalStorages: []
 
 notes:

community/passbolt/1.2.0/migrations/migrate

@@ -0,0 +1,73 @@
+#!/usr/bin/python3
+import json
+import os
+import sys
+
+
+def storage_migrate(storage):
+    delete_keys = []
+    if storage['type'] == 'hostPath':
+        # Check if the key exists, if not we have already migrated
+        if not storage.get('hostPath'):
+            return storage
+
+        storage['hostPathConfig'] = {'hostPath': storage['hostPath']}
+        delete_keys.append('hostPath')
+
+    elif storage['type'] == 'ixVolume':
+        # Check if the key exists, if not we have already migrated
+        if not storage.get('datasetName'):
+            return storage
+
+        storage['ixVolumeConfig'] = {'datasetName': storage['datasetName']}
+        delete_keys.append('datasetName')
+
+    elif storage['type'] == 'smb-pv-pvc':
+        # Check if the key exists, if not we have already migrated
+        if not storage.get('server'):
+            return storage
+
+        storage['smbConfig'] = {
+            'server': storage['server'],
+            'share': storage['share'],
+            'domain': storage['domain'],
+            'username': storage['username'],
+            'password': storage['password'],
+            'size': storage['size'],
+        }
+        delete_keys.extend(['server', 'share', 'domain', 'username', 'password', 'size'])
+
+    for key in delete_keys:
+        storage.pop(key, None)
+
+    return storage
+
+
+def migrate(values):
+    storage_key = 'passboltStorage'
+    storages = ['gpg', 'jwt', 'mariadbData', 'mariadbBackup']
+
+    for storage in storages:
+        check_val = values.get(storage_key, {}).get(storage, {})
+        if not isinstance(check_val, dict) or not check_val:
+            raise Exception(f'Storage section {storage} is malformed')
+
+        values[storage_key][storage] = storage_migrate(check_val)
+
+    additionalStorages = values.get(storage_key, {}).get('additionalStorages', [])
+    for idx, storage in enumerate(additionalStorages):
+        if not isinstance(storage, dict) or not storage:
+            raise Exception(f'Item {idx} in additionalStorages is malformed')
+
+        values[storage_key]['additionalStorages'][idx] = storage_migrate(storage)
+
+    return values
+
+
+if __name__ == '__main__':
+    if len(sys.argv) != 2:
+        exit(1)
+
+    if os.path.exists(sys.argv[1]):
+        with open(sys.argv[1], 'r') as f:
+            print(json.dumps(migrate(json.loads(f.read()))))

community/passbolt/1.2.0/questions.yaml

@@ -0,0 +1,611 @@
+groups:
+  - name: Passbolt Configuration
+    description: Configure Passbolt
+  - name: Network Configuration
+    description: Configure Network for Passbolt
+  - name: Storage Configuration
+    description: Configure Storage for Passbolt
+  - name: Resources Configuration
+    description: Configure Resources for Passbolt
+
+portals:
+  web_portal:
+    protocols:
+      - "$kubernetes-resource_configmap_portal_protocol"
+    host:
+      - "$kubernetes-resource_configmap_portal_host"
+    ports:
+      - "$kubernetes-resource_configmap_portal_port"
+    path: "$kubernetes-resource_configmap_portal_path"
+
+questions:
+  - variable: passboltConfig
+    label: ""
+    group: Passbolt Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: appUrl
+          label: App URL
+          description: |
+            The URL for the Passbolt WebUI.</br>
+            Format is: https://sub.domain.tld:port
+          schema:
+            type: uri
+            default: ''
+            required: true
+        - variable: additionalEnvs
+          label: Additional Environment Variables
+          description: Configure additional environment variables for Passbolt.
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: env
+                label: Environment Variable
+                schema:
+                  type: dict
+                  attrs:
+                    - variable: name
+                      label: Name
+                      schema:
+                        type: string
+                        required: true
+                    - variable: value
+                      label: Value
+                      schema:
+                        type: string
+                        required: true
+
+  - variable: passboltNetwork
+    label: ""
+    group: Network Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: hostNetwork
+          label: Host Network
+          description: |
+            Bind to the host network. It's recommended to keep this disabled.</br>
+          schema:
+            type: boolean
+            default: false
+        - variable: webPort
+          label: Web Port
+          description: The port for the Passbolt WebUI.
+          schema:
+            type: int
+            default: 30097
+            show_if: [["hostNetwork", "=", false]]
+            min: 9000
+            max: 65535
+            required: true
+        - variable: certificateID
+          label: Certificate
+          description: The certificate to use for Passbolt.
+          schema:
+            type: int
+            "null": true
+            $ref:
+              - "definitions/certificate"
+
+  - variable: passboltStorage
+    label: ""
+    group: Storage Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: gpg
+          label: Passbolt GPG Storage
+          description: The path to store Passbolt GPG.
+          schema:
+            type: dict
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  immutable: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: gpg
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+
+        - variable: jwt
+          label: Passbolt JWT Storage
+          description: The path to store Passbolt JWT.
+          schema:
+            type: dict
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  immutable: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: jwt
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+
+        - variable: mariadbData
+          label: Passbolt MariaDB Data Storage
+          description: The path to store Passbolt MariaDB Data.
+          schema:
+            type: dict
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  immutable: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  # Nothing to show for the user
+                  hidden: true
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # MariaDB does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: mariadbData
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # MariaDB does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+        - variable: mariadbBackup
+          label: Passbolt MariaDB Backup Storage
+          description: The path to store Passbolt MariaDB Backup.
+          schema:
+            type: dict
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  immutable: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  # Nothing to show for the user
+                  hidden: true
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # MariaDB does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: mariadbBackup
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # MariaDB does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+        - variable: additionalStorages
+          label: Additional Storage
+          description: Additional storage for Passbolt.
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: storageEntry
+                label: Storage Entry
+                schema:
+                  type: dict
+                  attrs:
+                    - variable: type
+                      label: Type
+                      description: |
+                        ixVolume: Is dataset created automatically by the system.</br>
+                        Host Path: Is a path that already exists on the system.</br>
+                        SMB Share: Is a SMB share that is mounted to a persistent volume claim.
+                      schema:
+                        type: string
+                        required: true
+                        default: "ixVolume"
+                        immutable: true
+                        enum:
+                          - value: "hostPath"
+                            description: Host Path (Path that already exists on the system)
+                          - value: "ixVolume"
+                            description: ixVolume (Dataset created automatically by the system)
+                          - value: "smb-pv-pvc"
+                            description: SMB Share (Mounts a persistent volume claim to a SMB share)
+                    - variable: readOnly
+                      label: Read Only
+                      description: Mount the volume as read only.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: mountPath
+                      label: Mount Path
+                      description: The path inside the container to mount the storage.
+                      schema:
+                        type: path
+                        required: true
+                    - variable: hostPathConfig
+                      label: Host Path Configuration
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "hostPath"]]
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: acl
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                              $ref:
+                                - "normalize/acl"
+                          - variable: hostPath
+                            label: Host Path
+                            description: The host path to use for storage.
+                            schema:
+                              type: hostpath
+                              show_if: [["aclEnable", "=", false]]
+                              required: true
+                    - variable: ixVolumeConfig
+                      label: ixVolume Configuration
+                      description: The configuration for the ixVolume dataset.
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "ixVolume"]]
+                        $ref:
+                          - "normalize/ixVolume"
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: datasetName
+                            label: Dataset Name
+                            description: The name of the dataset to use for storage.
+                            schema:
+                              type: string
+                              required: true
+                              immutable: true
+                              default: "storage_entry"
+                          - variable: aclEntries
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                    - variable: smbConfig
+                      label: SMB Share Configuration
+                      description: The configuration for the SMB Share.
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "smb-pv-pvc"]]
+                        attrs:
+                          - variable: server
+                            label: Server
+                            description: The server for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: share
+                            label: Share
+                            description: The share name for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: domain
+                            label: Domain (Optional)
+                            description: The domain for the SMB share.
+                            schema:
+                              type: string
+                          - variable: username
+                            label: Username
+                            description: The username for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: password
+                            label: Password
+                            description: The password for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                              private: true
+                          - variable: size
+                            label: Size (in Gi)
+                            description: The size of the volume quota.
+                            schema:
+                              type: int
+                              required: true
+                              min: 1
+                              default: 1
+
+  - variable: resources
+    label: ""
+    group: Resources Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: limits
+          label: Limits
+          schema:
+            type: dict
+            attrs:
+              - variable: cpu
+                label: CPU
+                description: CPU limit for Passbolt.
+                schema:
+                  type: string
+                  max_length: 6
+                  valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$'
+                  valid_chars_error: |
+                    Valid CPU limit formats are</br>
+                    - Plain Integer - eg. 1</br>
+                    - Float - eg. 0.5</br>
+                    - Milicpu - eg. 500m
+                  default: "4000m"
+                  required: true
+              - variable: memory
+                label: Memory
+                description: Memory limit for Passbolt.
+                schema:
+                  type: string
+                  max_length: 12
+                  valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$'
+                  valid_chars_error: |
+                    Valid Memory limit formats are</br>
+                    - Suffixed with E/P/T/G/M/K - eg. 1G</br>
+                    - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi</br>
+                    - Plain Integer in bytes - eg. 1024</br>
+                    - Exponent - eg. 134e6
+                  default: "8Gi"
+                  required: true

community/passbolt/1.1.9/templates/_persistence.tpl → community/passbolt/1.2.0/templates/_persistence.tpl

@@ -2,26 +2,28 @@
 persistence:
   gpg:
     enabled: true
-    type: {{ .Values.passboltStorage.gpg.type }}
-    datasetName: {{ .Values.passboltStorage.gpg.datasetName | default "" }}
-    hostPath: {{ .Values.passboltStorage.gpg.hostPath | default "" }}
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.passboltStorage.gpg) | nindent 4 }}
     targetSelector:
       passbolt:
         passbolt:
           mountPath: /etc/passbolt/gpg
+        {{- if and (eq .Values.passboltStorage.gpg.type "ixVolume")
+                  (not (.Values.passboltStorage.gpg.ixVolumeConfig | default dict).aclEnable) }}
         01-permissions:
           mountPath: /mnt/directories/gpg
+        {{- end }}
   jwt:
     enabled: true
-    type: {{ .Values.passboltStorage.jwt.type }}
-    datasetName: {{ .Values.passboltStorage.jwt.datasetName | default "" }}
-    hostPath: {{ .Values.passboltStorage.jwt.hostPath | default "" }}
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.passboltStorage.jwt) | nindent 4 }}
     targetSelector:
       passbolt:
         passbolt:
           mountPath: /etc/passbolt/jwt
+        {{- if and (eq .Values.passboltStorage.jwt.type "ixVolume")
+                  (not (.Values.passboltStorage.jwt.ixVolumeConfig | default dict).aclEnable) }}
         01-permissions:
           mountPath: /mnt/directories/jwt
+        {{- end }}
   tmp:
     enabled: true
     type: emptyDir
@@ -38,37 +40,21 @@ persistence:
           mountPath: /var/run
   {{- range $idx, $storage := .Values.passboltStorage.additionalStorages }}
   {{ printf "passbolt-%v" (int $idx) }}:
-    {{- $size := "" -}}
-    {{- if $storage.size -}}
-      {{- $size = (printf "%vGi" $storage.size) -}}
-    {{- end }}
     enabled: true
-    type: {{ $storage.type }}
-    datasetName: {{ $storage.datasetName | default "" }}
-    hostPath: {{ $storage.hostPath | default "" }}
-    server: {{ $storage.server | default "" }}
-    share: {{ $storage.share | default "" }}
-    domain: {{ $storage.domain | default "" }}
-    username: {{ $storage.username | default "" }}
-    password: {{ $storage.password | default "" }}
-    size: {{ $size }}
-    {{- if eq $storage.type "smb-pv-pvc" }}
-    mountOptions:
-      - key: noperm
-    {{- end }}
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }}
     targetSelector:
       passbolt:
         passbolt:
           mountPath: {{ $storage.mountPath }}
+        {{- if and (eq $storage.type "ixVolume") (not ($storage.ixVolumeConfig | default dict).aclEnable) }}
         01-permissions:
           mountPath: /mnt/directories{{ $storage.mountPath }}
+        {{- end }}
   {{- end }}
 
   mariadbdata:
     enabled: true
-    type: {{ .Values.passboltStorage.mariadbData.type }}
-    datasetName: {{ .Values.passboltStorage.mariadbData.datasetName | default "" }}
-    hostPath: {{ .Values.passboltStorage.mariadbData.hostPath | default "" }}
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.passboltStorage.mariadbData) | nindent 4 }}
     targetSelector:
       # MariaDB pod
       mariadb:
@@ -80,9 +66,11 @@ persistence:
           mountPath: /mnt/directories/mariadb_data
   mariadbbackup:
     enabled: true
-    type: {{ .Values.passboltStorage.mariadbBackup.type }}
-    datasetName: {{ .Values.passboltStorage.mariadbBackup.datasetName | default "" }}
-    hostPath: {{ .Values.passboltStorage.mariadbBackup.hostPath | default "" }}
+    {{/* Remove on the next version (eg 1.2.0+) */}}
+    {{- if eq .Values.passboltStorage.mariadbBackup.type "emptyDir" }}
+      {{- $_ := set .Values.passboltStorage.mariadbBackup "emptyDirConfig" (dict "medium" "" "size" "") }}
+    {{- end }}
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.passboltStorage.mariadbBackup) | nindent 4 }}
     targetSelector:
       # MariaDB backup pod
       mariadbbackup: