Publish new changes in catalog

charts/minio/2.0.0/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+# OWNERS file for Kubernetes
+OWNERS

charts/minio/2.0.0/CHANGELOG.md

@@ -0,0 +1,15 @@
+# Change Log
+
+This contains all the notable changes to the MinIO application.
+
+## [1.5.0]
+
+1. On fresh installation, minIO data directory's ownership will be updated to minio:minio.
+2. For existing installations that are exhibiting the upgrade, the minIO data directory's ownership will be migrated to minio:minio.
+
+## [1.6.2]
+
+1. Users with existing instances are advised to not update to the newer version.
+  MinIO released a major version change with no backwards compatibility.
+  In order to use newer versions of MinIO, a manual migration is needed.
+  For more information, visit https://min.io/docs/minio/linux/operations/install-deploy-manage/migrate-fs-gateway.html

charts/minio/2.0.0/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: common
+  repository: file://../../../common
+  version: 1.2.9
+digest: sha256:af1a9a1f87e3e48453c9f25f909f5ebcd7fa6e25162b7b425448ba752bcdbc5c
+generated: "2024-03-05T19:01:30.381261596+02:00"

charts/minio/2.0.0/Chart.yaml

@@ -0,0 +1,26 @@
+name: minio
+description: High Performance, Kubernetes Native Object Storage
+annotations:
+  title: MinIO
+type: application
+version: 2.0.0
+apiVersion: v2
+appVersion: "2023-03-13"
+kubeVersion: ">=1.16.0-0"
+maintainers:
+  - name: truenas
+    url: https://www.truenas.com/
+    email: dev@ixsystems.com
+dependencies:
+  - name: common
+    repository: file://../../../common
+    version: 1.2.9
+home: https://min.io
+icon: https://media.sys.truenas.net/apps/minio/icons/icon.png
+sources:
+  - https://github.com/minio/minio
+  - https://github.com/minio/charts
+keywords:
+  - storage
+  - object-storage
+  - S3

charts/minio/2.0.0/README.md

@@ -0,0 +1,8 @@
+# MinIO
+
+[MinIO](https://min.io) is a High Performance Object Storage released under Apache License v2.0. It is API compatible with Amazon S3 cloud storage service. Use MinIO to build high performance infrastructure for machine learning, analytics and application data workloads.
+
+**NOTE**
+
+- On fresh installation, minIO data directory's ownership will be updated to minio:minio.
+- For existing installations that are exhibiting the upgrade to >=1.5.0, the minIO data directory's ownership will be migrated to minio:minio.

charts/minio/2.0.0/app-readme.md

@@ -0,0 +1,8 @@
+# MinIO
+
+[MinIO](https://min.io) is a High Performance Object Storage released under Apache License v2.0. It is API compatible with Amazon S3 cloud storage service. Use MinIO to build high performance infrastructure for machine learning, analytics and application data workloads.
+
+**NOTE**
+
+- On fresh installation, minIO data directory's ownership will be updated to minio:minio.
+- For existing installations that are exhibiting the upgrade to >=1.5.0, the minIO data directory's ownership will be migrated to minio:minio.

charts/minio/2.0.0/ci/basic-values.yaml

@@ -0,0 +1,20 @@
+minioConfig:
+  rootUser: super-admin
+  rootPassword: super-admin-password
+
+minioNetwork:
+  apiPort: 31000
+  consolePort: 31001
+
+minioStorage:
+  export:
+    type: pvc
+  logSearchApi: true
+  logSearchDiskCapacityGB: 5
+  pgData:
+    type: pvc
+  pgBackup:
+    type: emptyDir
+    emptyDirConfig:
+      medium: ""
+      size: ""

charts/minio/2.0.0/ci/https-values.yaml

@@ -0,0 +1,107 @@
+minioStorage:
+  export:
+    type: pvc
+  logSearchApi: true
+  logSearchDiskCapacityGB: 5
+  pgData:
+    type: pvc
+  pgBackup:
+    type: emptyDir
+    emptyDirConfig:
+      medium: ""
+      size: ""
+
+minioConfig:
+  rootUser: super-admin
+  rootPassword: super-admin-password
+
+minioNetwork:
+  apiPort: 31000
+  consolePort: 31001
+  certificateID: 1
+
+ixCertificates:
+  "1":
+    certificate: |
+      -----BEGIN CERTIFICATE-----
+      MIIEdjCCA16gAwIBAgIDYFMYMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+      ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+      VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+      HhcNMjEwODMwMjMyMzU0WhcNMjMxMjAzMjMyMzU0WjBuMQswCQYDVQQDDAJhZDEL
+      MAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxDTALBgNVBAcMBGFzZGYxDTALBgNV
+      BAoMBGFkc2YxDTALBgNVBAsMBGFzZGYxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+      ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7+1xOHRQyOnQTHFcrdasX
+      Zl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/AbkH7oVFWC1
+      P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI4vQCdYgW
+      2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2dNgsxKU0H
+      PGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB+Zie331t
+      AzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7A/FuDVg3
+      AgMBAAGjggEdMIIBGTAnBgNVHREEIDAehwTAqAADhwTAqAAFhwTAqAC2hwTAqACB
+      hwTAqACSMB0GA1UdDgQWBBQ4G2ff4tgZl4vmo4xCfqmJhdqShzAMBgNVHRMBAf8E
+      AjAAMIGYBgNVHSMEgZAwgY2AFLlYf9L99nxJDcpCM/LT3V5hQ/a3oXCkbjBsMQww
+      CgYDVQQDDANhc2QxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQH
+      DAJhZjENMAsGA1UECgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkB
+      FgdhQGEuY29tggNgUxcwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/
+      BAQDAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQA6FpOInEHB5iVk3FP67GybJ29vHZTD
+      KQHbQgmg8s4L7qIsA1HQ+DMCbdylpA11x+t/eL/n48BvGw2FNXpN6uykhLHJjbKR
+      h8yITa2KeD3LjLYhScwIigXmTVYSP3km6s8jRL6UKT9zttnIHyXVpBDya6Q4WTMx
+      fmfC6O7t1PjQ5ZyVtzizIUP8ah9n4TKdXU4A3QIM6WsJXpHb+vqp1WDWJ7mKFtgj
+      x5TKv3wcPnktx0zMPfLb5BTSE9rc9djcBG0eIAsPT4FgiatCUChe7VhuMnqskxEz
+      MymJLoq8+mzucRwFkOkR2EIt1x+Irl2mJVMeBow63rVZfUQBD8h++LqB
+      -----END CERTIFICATE-----
+      -----BEGIN CERTIFICATE-----
+      MIIEhDCCA2ygAwIBAgIDYFMXMA0GCSqGSIb3DQEBCwUAMGwxDDAKBgNVBAMMA2Fz
+      ZDELMAkGA1UEBhMCVVMxDTALBgNVBAgMBGFzZGYxCzAJBgNVBAcMAmFmMQ0wCwYD
+      VQQKDARhc2RmMQwwCgYDVQQLDANhc2QxFjAUBgkqhkiG9w0BCQEWB2FAYS5jb20w
+      HhcNMjEwODMwMjMyMDQ1WhcNMzEwODI4MjMyMDQ1WjBsMQwwCgYDVQQDDANhc2Qx
+      CzAJBgNVBAYTAlVTMQ0wCwYDVQQIDARhc2RmMQswCQYDVQQHDAJhZjENMAsGA1UE
+      CgwEYXNkZjEMMAoGA1UECwwDYXNkMRYwFAYJKoZIhvcNAQkBFgdhQGEuY29tMIIB
+      IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq//c0hEEr83CS1pMgsHX50jt
+      2MqIbcf63UUNJTiYpUUvUQSFJFc7m/dr+RTZvu97eDCnD5K2qkHHvTPaPZwY+Djf
+      iy7N641Sz6u/y3Yo3xxs1Aermsfedh48vusJpjbkT2XS44VjbkrpKcWDNVpp3Evd
+      M7oJotXeUsZ+imiyVCfr4YhoY5gbGh/r+KN9Wf9YKoUyfLLZGwdZkhtX2zIbidsL
+      Thqi9YTaUHttGinjiBBum234u/CfvKXsfG3yP2gvBGnlvZnM9ktv+lVffYNqlf7H
+      VmB1bKKk84HtzuW5X76SGAgOG8eHX4x5ZLI1WQUuoQOVRl1I0UCjBtbz8XhwvQID
+      AQABo4IBLTCCASkwLQYDVR0RBCYwJIcEwKgABYcEwKgAA4cEwKgAkocEwKgAtYcE
+      wKgAgYcEwKgAtjAdBgNVHQ4EFgQUuVh/0v32fEkNykIz8tPdXmFD9rcwDwYDVR0T
+      AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBS5WH/S/fZ8SQ3KQjPy091eYUP2t6Fw
+      pG4wbDEMMAoGA1UEAwwDYXNkMQswCQYDVQQGEwJVUzENMAsGA1UECAwEYXNkZjEL
+      MAkGA1UEBwwCYWYxDTALBgNVBAoMBGFzZGYxDDAKBgNVBAsMA2FzZDEWMBQGCSqG
+      SIb3DQEJARYHYUBhLmNvbYIDYFMXMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+      BQcDAjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKEocOmVuWlr
+      zegtKYMe8NhHIkFY9oVn5ym6RHNOJpPH4QF8XYC3Z5+iC5yGh4P/jVe/4I4SF6Ql
+      PtofU0jNq5vzapt/y+m008eXqPQFmoUOvu+JavoRVcRx2LIP5AgBA1mF56CSREsX
+      TkuJAA9IUQ8EjnmAoAeKINuPaKxGDuU8BGCMqr/qd564MKNf9XYL+Fb2rlkA0O2d
+      2No34DQLgqSmST/LAvPM7Cbp6knYgnKmGr1nETCXasg1cueHLnWWTvps2HiPp2D/
+      +Fq0uqcZLu4Mdo0CPs4e5sHRyldEnRSKh0DVLprq9zr/GMipmPLJUsT5Jed3sj0w
+      M7Y3vwxshpo=
+      -----END CERTIFICATE-----
+    privatekey: |
+      -----BEGIN PRIVATE KEY-----
+      MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC7+1xOHRQyOnQT
+      HFcrdasXZl0gzutVlA890a1wiQpdD5dOtCLo7+eqVYjqVKo9W8RUIArXWmBu/Abk
+      H7oVFWC1P973W1+ArF5sA70f7BZgqRKJTIisuIFIlRETgfnP2pfQmHRZtGaIJRZI
+      4vQCdYgW2g0KOvvNcZJCVq1OrhKiNiY1bWCp66DGg0ic6OEkZFHTm745zUNQaf2d
+      NgsxKU0HPGjVLJI//yrRFAOSBUqgD4c50krnMF7fU/Fqh+UyOu8t6Y/HsySh3urB
+      +Zie331tAzV6QV39KKxRflNx/yuWrtIEslGTm+xHKoCYJEk/nZ3mX8Y5hG6wWAb7
+      A/FuDVg3AgMBAAECggEAapt30rj9DitGTtxAt13pJMEhyYxvvD3WkvmJwguF/Bbu
+      eW0Ba1c668fMeRCA54FWi1sMqusPS4HUqqUvk+tmyAOsAF4qgD/A4MMSC7uJSVI5
+      N/JWhJWyhCY94/FPakiO1nbPbVw41bcqtzU2qvparpME2CtxSCbDiqm7aaag3Kqe
+      EF0fGSUdZ+TYl9JM05+eIyiX+UY19Fg0OjTHMn8nGpxcNTfDBdQ68TKvdo/dtIKL
+      PLKzJUNNdM8odC4CvQtfGMqaslwZwXkiOl5VJcW21ncj/Y0ngEMKeD/i65ZoqGdR
+      0FKCQYEAGtM2FvJcZQ92Wsw7yj2bK2MSegVUyLK32QKBgQDe8syVCepPzRsfjfxA
+      6TZlWcGuTZLhwIx97Ktw3VcQ1f4rLoEYlv0xC2VWBORpzIsJo4I/OLmgp8a+Ga8z
+      FkVRnq90dV3t4NP9uJlHgcODHnOardC2UUka4olBSCG6zmK4Jxi34lOxhGRkshOo
+      L4IBeOIB5g+ZrEEXkzfYJHESRQKBgQDX2YhFhGIrT8BAnC5BbXbhm8h6Bhjz8DYL
+      d+qhVJjef7L/aJxViU0hX9Ba2O8CLK3FZeREFE3hJPiJ4TZSlN4evxs5p+bbNDcA
+      0mhRI/o3X4ac6IxdRebyYnCOB/Cu94/MzppcZcotlCekKNike7eorCcX4Qavm7Pu
+      MUuQ+ifmSwKBgEnchoqZzlbBzMqXb4rRuIO7SL9GU/MWp3TQg7vQmJerTZlgvsQ2
+      wYsOC3SECmhCq4117iCj2luvOdihCboTFsQDnn0mpQe6BIF6Ns3J38wAuqv0CcFd
+      DKsrge1uyD3rQilgSoAhKzkUc24o0PpXQurZ8YZPgbuXpbj5vPaOnCdBAoGACYc7
+      wb3XS4wos3FxhUfcwJbM4b4VKeeHqzfu7pI6cU/3ydiHVitKcVe2bdw3qMPqI9Wc
+      nvi6e17Tbdq4OCsEJx1OiVwFD9YdO3cOTc6lw/3+hjypvZBRYo+/4jUthbu96E+S
+      dtOzehGZMmDvN0uSzupSi3ZOgkAAUFpyuIKickMCgYAId0PCRjonO2thn/R0rZ7P
+      //L852uyzYhXKw5/fjFGhQ6LbaLgIRFaCZ0L2809u0HFnNvJjHv4AKP6j+vFQYYY
+      qQ+66XnfsA9G/bu4MDS9AX83iahD9IdLXQAy8I19prAbpVumKegPbMnNYNB/TYEc
+      3G15AKCXo7jjOUtHY01DCQ==
+      -----END PRIVATE KEY-----

charts/minio/2.0.0/ix_values.yaml

@@ -0,0 +1,73 @@
+image:
+  pullPolicy: IfNotPresent
+  repository: minio/minio
+  tag: RELEASE.2023-07-21T21-12-44Z
+logSearchImage:
+  pullPolicy: IfNotPresent
+  repository: minio/operator
+  tag: v4.5.4
+logPostgresImage:
+  pullPolicy: IfNotPresent
+  repository: postgres
+  tag: "14.5"
+
+resources:
+  limits:
+    cpu: 4000m
+    memory: 8Gi
+
+podOptions:
+  dnsConfig:
+    options: []
+
+minioConfig:
+  rootUser: ""
+  rootPassword: ""
+  domain: ""
+  extraArgs: []
+  additionalEnvs: []
+
+minioNetwork:
+  apiPort: 9000
+  consolePort: 9002
+  certificateID:
+
+minioStorage:
+  distributedMode: false
+  distributedIps: []
+  export:
+    type: ixVolume
+    mountPath: /export
+    ixVolumeConfig:
+      datasetName: export
+  logSearchApi: false
+  logSearchDiskCapacityGB: 5
+  pgData:
+    type: ixVolume
+    ixVolumeConfig:
+      datasetName: pgData
+  pgBackup:
+    type: ixVolume
+    ixVolumeConfig:
+      datasetName: pgBackup
+  additionalStorages: []
+
+notes:
+  custom: |
+    {{ if .Values.minioStorage.logSearchApi }}
+    ## Database
+    You can connect to the database using the pgAdmin App from the catalog
+
+    <details>
+      <summary>Database Details</summary>
+
+      - Database: `logsearchapi`
+      - Username: `logsearchapi`
+      - Password: `{{ .Values.minioDbPass }}`
+      - Host:     `{{ .Values.minioDbHost }}.{{ .Release.Namespace }}.svc.cluster.local`
+      - Port:     `5432`
+
+    </details>
+    {{ end }}
+    {{- $_ := unset .Values "haDbPass" }}
+    {{- $_ := unset .Values "haDbHost" }}

charts/minio/2.0.0/migrations/migrate

@@ -0,0 +1,102 @@
+#!/usr/bin/python3
+import json
+import os
+import sys
+
+
+def migrate_volume(volume):
+    return {
+        'type': 'hostPath',
+        'hostPathConfig': {
+            'hostPath': volume['hostPath']
+        },
+    } if volume.get('hostPathEnabled', False) else {
+        'type': 'ixVolume',
+        'ixVolumeConfig': {
+            'datasetName': volume['datasetName'],
+        },
+    }
+
+
+def migrate_common_lib(values):
+    delete_keys = [
+        'dnsConfig', 'updateStrategy', 'enableResourceLimits', 'cpuLimit',
+        'memLimit', 'certificate', 'service', 'environmentVariables', 'minioDomain',
+        'accessKey', 'secretKey', 'distributedMode', 'distributedIps', 'logsearchapi',
+        'appVolumeMounts', 'extraAppVolumeMounts', 'postgresAppVolumeMounts'
+    ]
+
+    values.update({
+        # Migrate Config
+        'minioConfig': {
+            'rootUser': values['accessKey'],
+            'rootPassword': values['secretKey'],
+            'domain': values.get('minioDomain', ''),
+            'extraArgs': values.get('extraArgs', []),
+            'additionalEnvs': [e for e in values.get('environmentVariables', []) if e['name'] not in ['PLEX_UID', 'PLEX_GID'] ],
+        },
+        # Migrate Network
+        'minioNetwork': {
+            'apiPort': values['service']['nodePort'],
+            'consolePort': values['service']['consolePort'],
+            'certificateID': values['certificate'],
+        },
+        # Migrate Resources
+        'resources': {
+            'limits': {
+                'cpu': values.get('cpuLimit', '4000m'),
+                'memory': values.get('memLimit', '8Gi'),
+            }
+        },
+        # Migrate DNS
+        'podOptions': {
+            'dnsConfig': {
+                'options': [
+                    {'name': opt['name'], 'value': opt['value']}
+                    for opt in values.get('dnsConfig', {}).get('options', [])
+                ]
+            }
+        },
+        # Migrate Storage
+        'minioStorage': {
+            'distributedMode': values['distributedMode']
+            'distributedIps': values['distributedIps'] if values['distributedMode'] else [],
+            'logSearchApi': values['logsearchapi']['enabled'],
+            'logSearchDiskCapacityGB': values['logsearchapi']['diskCapacityGB'] if values['logsearchapi']['enabled'] else 5,
+            'export': migrate_volume(values['appVolumeMounts']['export']).update({
+                mountPath: values['appVolumeMounts']['export'][mountPath]
+            }),
+            'pgData': migrate_volume(values['postgresAppVolumeMounts']['postgres-data']),
+            'pgBackup': migrate_volume(values['postgresAppVolumeMounts']['postgres-backup']),
+            'additionalStorages': [
+                {
+                    'type': 'hostPath',
+                    'hostPathConfig': {'hostPath': e['hostPath']},
+                    'mountPath': e['mountPath'],
+                    'readOnly': e['readOnly'],
+                }
+                for e in values.get('extraAppVolumeMounts', [])
+            ],
+        },
+    })
+
+    for k in delete_keys:
+        values.pop(k, None)
+
+    return values
+
+def migrate(values):
+    # If this missing, we have already migrated
+    if not 'nodePort' in values.keys():
+        return values
+
+    return migrate_common_lib(values)
+
+
+if __name__ == '__main__':
+    if len(sys.argv) != 2:
+        exit(1)
+
+    if os.path.exists(sys.argv[1]):
+        with open(sys.argv[1], 'r') as f:
+            print(json.dumps(migrate(json.loads(f.read()))))

charts/minio/2.0.0/questions.yaml

@@ -0,0 +1,634 @@
+groups:
+  - name: Minio Configuration
+    description: Configure Minio
+  - name: Advanced Pod Configuration
+    description: Configure Advanced Pod Options for Minio
+  - name: Network Configuration
+    description: Configure Network for Minio
+  - name: Storage Configuration
+    description: Configure Storage for Minio
+  - name: Resources Configuration
+    description: Configure Resources for Minio
+
+portals:
+  web_portal:
+    protocols:
+      - "$kubernetes-resource_configmap_portal_protocol"
+    host:
+      - "$kubernetes-resource_configmap_portal_host"
+    ports:
+      - "$kubernetes-resource_configmap_portal_port"
+    path: "$kubernetes-resource_configmap_portal_path"
+
+questions:
+  - variable: minioConfig
+    label: ""
+    group: Minio Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: rootUser
+          label: Root User
+          description: The root user for Minio.
+          schema:
+            type: string
+            private: true
+            required: true
+            min_length: 5
+            max_length: 20
+        - variable: rootPassword
+          label: Root Password
+          description: The root password for Minio.
+          schema:
+            type: string
+            private: true
+            required: true
+            min_length: 8
+            max_length: 40
+        - variable: domain
+          label: Domain (Optional)
+          description: |
+            Depending on your setup/environment, you may need to leave this blank.
+            Check MinIO documentation for more information.
+          schema:
+            type: string
+        - variable: extraArgs
+          label: Extra Arguments
+          description: Extra arguments for Minio.
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: arg
+                label: Argument
+                schema:
+                  type: string
+                  required: true
+
+        - variable: additionalEnvs
+          label: Additional Environment Variables
+          description: Configure additional environment variables for Netdata.
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: env
+                label: Environment Variable
+                schema:
+                  type: dict
+                  attrs:
+                    - variable: name
+                      label: Name
+                      schema:
+                        type: string
+                        required: true
+                    - variable: value
+                      label: Value
+                      schema:
+                        type: string
+                        required: true
+
+  - variable: podOptions
+    label: ""
+    group: Advanced Pod Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: dnsConfig
+          label: Advanced DNS Configuration
+          schema:
+            type: dict
+            attrs:
+              - variable: options
+                label: DNS Options
+                schema:
+                  type: list
+                  items:
+                    - variable: optionsEntry
+                      label: DNS Option Entry
+                      schema:
+                        type: dict
+                        attrs:
+                          - variable: name
+                            label: Option Name
+                            schema:
+                              type: string
+                              required: true
+                          - variable: value
+                            label: Option Value
+                            schema:
+                              type: string
+                              required: true
+
+  - variable: minioNetwork
+    label: ""
+    group: Network Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: apiPort
+          label: API Port
+          description: The port for the Minio API.
+          schema:
+            type: int
+            default: 9000
+            min: 9000
+            max: 65535
+            required: true
+        - variable: consolePort
+          label: Console Port
+          description: The port for the Minio WebUI.
+          schema:
+            type: int
+            default: 9002
+            min: 9000
+            max: 65535
+            required: true
+        - variable: certificateID
+          label: Certificate
+          description: The certificate to use for Minio.
+          schema:
+            type: int
+            "null": true
+            $ref:
+              - "definitions/certificate"
+
+  - variable: minioStorage
+    label: ""
+    group: Storage Configuration
+    schema:
+      type: dict
+      attrs:
+        - variable: distributedMode
+          label: Enable Distributed Mode
+          schema:
+            type: boolean
+            default: false
+        - variable: distributedIps
+          label: Distributed Minio Instance URI(s)
+          schema:
+            type: list
+            show_if: [["distributedMode", "==", true]]
+            required: true
+            default: []
+            items:
+              - variable: ip
+                label: Distributed Minio Instance URI
+                schema:
+                  type: string
+                  required: true
+        - variable: export
+          label: Minio Export Storage
+          description: The path to store Minio Export.
+          schema:
+            type: dict
+            show_if: [["distributedMode", "==", true]]
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: mountPath
+                label: Mount Path
+                description: The path inside the container to mount the storage.
+                schema:
+                  type: path
+                  default: /export
+                  required: true
+                  immutable: true
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "export"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+
+        - variable: logSearchApi
+          label: Enable Log Search API
+          schema:
+            type: boolean
+            default: false
+        - variable: logSearchDiskCapacityGB
+          label: Log Search Disk Capacity
+          schema:
+            type: int
+            show_if: [["logSearchApi", "==", true]]
+            default: 5
+        - variable: pgData
+          label: Minio Postgres Data Storage
+          description: The path to store Minio Postgres Data.
+          schema:
+            type: dict
+            show_if: [["logSearchApi", "==", true]]
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  # Nothing to show for the user
+                  hidden: true
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # Postgres does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "pgData"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # Postgres does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+        - variable: pgBackup
+          label: Minio Postgres Backup Storage
+          description: The path to store Minio Postgres Backup.
+          schema:
+            type: dict
+            show_if: [["logSearchApi", "==", true]]
+            attrs:
+              - variable: type
+                label: Type
+                description: |
+                  ixVolume: Is dataset created automatically by the system.</br>
+                  Host Path: Is a path that already exists on the system.
+                schema:
+                  type: string
+                  required: true
+                  immutable: true
+                  default: ixVolume
+                  enum:
+                    - value: hostPath
+                      description: Host Path (Path that already exists on the system)
+                    - value: ixVolume
+                      description: ixVolume (Dataset created automatically by the system)
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
+                schema:
+                  type: dict
+                  # Nothing to show for the user
+                  hidden: true
+                  show_if: [["type", "=", "ixVolume"]]
+                  $ref:
+                    - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # Postgres does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        hidden: true
+                        default: "pgBackup"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # Postgres does a CHMOD at startup
+                        # Which fails with ACL
+                        hidden: true
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
+
+        - variable: additionalStorages
+          label: Additional Storage
+          description: Additional storage for Minio.
+          schema:
+            type: list
+            default: []
+            items:
+              - variable: storageEntry
+                label: Storage Entry
+                schema:
+                  type: dict
+                  attrs:
+                    - variable: type
+                      label: Type
+                      description: |
+                        ixVolume: Is dataset created automatically by the system.</br>
+                        Host Path: Is a path that already exists on the system.</br>
+                        SMB Share: Is a SMB share that is mounted to a persistent volume claim.
+                      schema:
+                        type: string
+                        required: true
+                        default: "ixVolume"
+                        enum:
+                          - value: "hostPath"
+                            description: Host Path (Path that already exists on the system)
+                          - value: "ixVolume"
+                            description: ixVolume (Dataset created automatically by the system)
+                          - value: "smb-pv-pvc"
+                            description: SMB Share (Mounts a persistent volume claim to a SMB share)
+                    - variable: readOnly
+                      label: Read Only
+                      description: Mount the volume as read only.
+                      schema:
+                        type: boolean
+                        default: false
+                    - variable: mountPath
+                      label: Mount Path
+                      description: The path inside the container to mount the storage.
+                      schema:
+                        type: path
+                        required: true
+                    - variable: hostPathConfig
+                      label: Host Path Configuration
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "hostPath"]]
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: acl
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                              $ref:
+                                - "normalize/acl"
+                          - variable: hostPath
+                            label: Host Path
+                            description: The host path to use for storage.
+                            schema:
+                              type: hostpath
+                              show_if: [["aclEnable", "=", false]]
+                              required: true
+                    - variable: ixVolumeConfig
+                      label: ixVolume Configuration
+                      description: The configuration for the ixVolume dataset.
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "ixVolume"]]
+                        $ref:
+                          - "normalize/ixVolume"
+                        attrs:
+                          - variable: aclEnable
+                            label: Enable ACL
+                            description: Enable ACL for the dataset.
+                            schema:
+                              type: boolean
+                              default: false
+                          - variable: datasetName
+                            label: Dataset Name
+                            description: The name of the dataset to use for storage.
+                            schema:
+                              type: string
+                              required: true
+                              immutable: true
+                              default: "storage_entry"
+                          - variable: aclEntries
+                            label: ACL Configuration
+                            schema:
+                              type: dict
+                              show_if: [["aclEnable", "=", true]]
+                              attrs: []
+                    - variable: smbConfig
+                      label: SMB Share Configuration
+                      description: The configuration for the SMB Share.
+                      schema:
+                        type: dict
+                        show_if: [["type", "=", "smb-pv-pvc"]]
+                        attrs:
+                          - variable: server
+                            label: Server
+                            description: The server for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: share
+                            label: Share
+                            description: The share name for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: domain
+                            label: Domain (Optional)
+                            description: The domain for the SMB share.
+                            schema:
+                              type: string
+                          - variable: username
+                            label: Username
+                            description: The username for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                          - variable: password
+                            label: Password
+                            description: The password for the SMB share.
+                            schema:
+                              type: string
+                              required: true
+                              private: true
+                          - variable: size
+                            label: Size (in Gi)
+                            description: The size of the volume quota.
+                            schema:
+                              type: int
+                              required: true
+                              min: 1
+                              default: 1
+
+  - variable: resources
+    group: Resources Configuration
+    label: ""
+    schema:
+      type: dict
+      attrs:
+        - variable: limits
+          label: Limits
+          schema:
+            type: dict
+            attrs:
+              - variable: cpu
+                label: CPU
+                description: CPU limit for WG-Easy.
+                schema:
+                  type: string
+                  max_length: 6
+                  valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$'
+                  valid_chars_error: |
+                    Valid CPU limit formats are</br>
+                    - Plain Integer - eg. 1</br>
+                    - Float - eg. 0.5</br>
+                    - Milicpu - eg. 500m
+                  default: "4000m"
+                  required: true
+              - variable: memory
+                label: Memory
+                description: Memory limit for WG-Easy.
+                schema:
+                  type: string
+                  max_length: 12
+                  valid_chars: "^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$"
+                  valid_chars_error: |
+                    Valid Memory limit formats are</br>
+                    - Suffixed with E/P/T/G/M/K - eg. 1G</br>
+                    - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi</br>
+                    - Plain Integer in bytes - eg. 1024</br>
+                    - Exponent - eg. 134e6
+                  default: "8Gi"
+                  required: true

charts/minio/2.0.0/templates/NOTES.txt

@@ -0,0 +1 @@
+{{ include "ix.v1.common.lib.chart.notes" $ }}

charts/minio/2.0.0/templates/_configuration.tpl

@@ -0,0 +1,91 @@
+{{- define "minio.configuration" -}}
+
+  {{- $fullname := (include "ix.v1.common.lib.chart.names.fullname" $) -}}
+
+  {{- $auditToken := randAlphaNum 32 -}}
+  {{- $queryToken := randAlphaNum 32 -}}
+  {{/* Fetch secrets from pre-migration secret */}}
+  {{- with (lookup "v1" "Secret" .Release.Namespace "logsearchapi-details") -}}
+    {{- $auditToken = ((index .data "auditToken") | b64dec) -}}
+    {{- $queryToken = ((index .data "queryToken") | b64dec) -}}
+  {{- end -}}
+
+  {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-logsearch-creds" $fullname)) -}}
+    {{- $auditToken = ((index .data "LOGSEARCH_AUDIT_AUTH_TOKEN") | b64dec) -}}
+    {{- $queryToken = ((index .data "MINIO_LOG_QUERY_AUTH_TOKEN") | b64dec) -}}
+  {{- end -}}
+  {{- $queryURL := printf "http://%v-log:8080" $fullname -}}
+  {{- $webhookURL := printf "http://%v-log:8080/api/ingest?token=%v" $fullname $auditToken -}}
+
+  {{/* DB details */}}
+  {{- $dbHost := (printf "%s-postgres" $fullname) -}}
+  {{- $dbUser := "logsearchapi" -}}
+  {{- $dbName := "logsearchapi" -}}
+  {{- $dbPass := randAlphaNum 32 -}}
+
+  {{/* Fetch secrets from pre-migration secret */}}
+  {{- $tmpBackupHost := "" -}}
+  {{- with (lookup "v1" "Secret" .Release.Namespace "postgres-details") -}}
+    {{- $dbPass = ((index .data "db_password") | b64dec) -}}
+    {{- $tmpBackupHost = ((index .data "postgresHost") | b64dec) -}}
+  {{- end -}}
+
+  {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-postgres-creds" $fullname)) -}}
+    {{- $dbPass = ((index .data "POSTGRES_PASSWORD") | b64dec) -}}
+  {{- end -}}
+
+  {{/* Temporary set dynamic db details on values,
+  so we can print them on the notes */}}
+  {{- $_ := set .Values "minioDbPass" $dbPass -}}
+  {{- $_ := set .Values "minioDbHost" $dbHost -}}
+
+  {{- $dbURL := (printf "postgres://%s:%s@%s:5432/%s?sslmode=disable" $dbUser $dbPass $dbHost $dbName) }}
+secret:
+  minio-creds:
+    enabled: true
+    data:
+      MINIO_ROOT_USER: {{ .Values.minioConfig.rootUser | quote }}
+      MINIO_ROOT_PASSWORD: {{ .Values.minioConfig.rootPassword | quote }}
+
+    {{ if and .Values.minioNetwork.certificateID .Values.minioConfig.domain }}
+      MINIO_BROWSER_REDIRECT_URL: {{ printf "https://%s:%v" .Values.minioConfig.domain .Values.minioNetwork.consolePort }}
+      MINIO_SERVER_URL: {{ printf "https://%s:%v" .Values.minioConfig.domain .Values.minioNetwork.apiPort }}
+    {{ end }}
+
+    {{ if .Values.minioStorage.logSearchApi }}
+      MINIO_LOG_QUERY_AUTH_TOKEN: {{ $queryToken }}
+      MINIO_LOG_QUERY_URL: {{ $queryURL }}
+      MINIO_AUDIT_WEBHOOK_ENDPOINT_ix-logsearch: {{ $webhookURL }}
+      MINIO_AUDIT_WEBHOOK_ENABLE_ix-logsearch: "on"
+    {{ end }}
+
+  logsearch-creds:
+    enabled: true
+    data:
+      MINIO_LOG_QUERY_AUTH_TOKEN: {{ $queryToken | quote }}
+      LOGSEARCH_AUDIT_AUTH_TOKEN: {{ $auditToken | quote }}
+      LOGSEARCH_PG_CONN_STR: {{ $dbURL | quote }}
+      LOGSEARCH_DISK_CAPACITY_GB: {{ .Values.minioStorage.logSearchDiskCapacityGB | quote }}
+  postgres-creds:
+    enabled: true
+    data:
+      POSTGRES_USER: {{ $dbUser }}
+      POSTGRES_DB: {{ $dbName }}
+      POSTGRES_PASSWORD: {{ $dbPass }}
+      POSTGRES_HOST: {{ $dbHost }}
+      POSTGRES_URL: {{ $dbURL }}
+  {{- if eq (include "minio.is-migration" $) "true" }}
+  postgres-backup-creds:
+    enabled: true
+    annotations:
+      helm.sh/hook: "pre-upgrade"
+      helm.sh/hook-delete-policy: "hook-succeeded"
+      helm.sh/hook-weight: "1"
+    data:
+      POSTGRES_USER: {{ $dbUser }}
+      POSTGRES_DB: {{ $dbName }}
+      POSTGRES_PASSWORD: {{ $dbPass }}
+      POSTGRES_HOST: {{ $tmpBackupHost }}
+      POSTGRES_URL: {{ printf "postgres://%s:%s@%s-pg:5432/%s?sslmode=disable" $dbUser $dbPass $dbHost $dbName }}
+  {{- end }}
+{{- end -}}

charts/minio/2.0.0/templates/_logsearch.tpl

@@ -0,0 +1,40 @@
+{{- define "logsearchapi.workload" -}}
+workload:
+  logsearchapi:
+    enabled: true
+    type: Deployment
+    podSpec:
+      hostNetwork: false
+      containers:
+        logsearchapi:
+          enabled: true
+          primary: true
+          imageSelector: logSearchImage
+          securityContext:
+            runAsUser: 473
+            runAsGroup: 473
+          command:
+            - /logsearchapi
+          envFrom:
+            - secretRef:
+                name: logsearch-creds
+          probes:
+            liveness:
+              enabled: true
+              type: http
+              path: /status
+              port: 8080
+            readiness:
+              enabled: true
+              type: http
+              path: /status
+              port: 8080
+            startup:
+              enabled: true
+              type: http
+              path: /status
+              port: 8080
+      initContainers:
+      {{- include "ix.v1.common.app.postgresWait" (dict "name" "postgres-wait"
+                                                        "secretName" "postgres-creds") | nindent 8 }}
+{{- end -}}

charts/minio/2.0.0/templates/_migration.tpl

@@ -0,0 +1,48 @@
+{{- define "minio.get-versions" -}}
+  {{- $oldChartVersion := "" -}}
+  {{- $newChartVersion := "" -}}
+
+  {{/* Safely access the context, so it wont block CI */}}
+  {{- if hasKey .Values.global "ixChartContext" -}}
+    {{- if .Values.global.ixChartContext.upgradeMetadata -}}
+
+      {{- $oldChartVersion = .Values.global.ixChartContext.upgradeMetadata.oldChartVersion -}}
+      {{- $newChartVersion = .Values.global.ixChartContext.upgradeMetadata.newChartVersion -}}
+      {{- if and (not $oldChartVersion) (not $newChartVersion) -}}
+        {{- fail "Upgrade Metadata is missing. Cannot proceed" -}}
+      {{- end -}}
+    {{- end -}}
+  {{- end -}}
+
+  {{- toYaml (dict "old" $oldChartVersion "new" $newChartVersion) -}}
+{{- end -}}
+
+{{- define "minio.migration" -}}
+  {{- $versions := (fromYaml (include "minio.get-versions" $)) -}}
+  {{- if and $versions.old $versions.new -}}
+    {{- $oldV := semver $versions.old -}}
+    {{- $newV := semver $versions.new -}}
+
+    {{/* If new is v2.x.x */}}
+    {{- if eq ($newV.Major | int) 2 -}}
+      {{/* And old is v1.x.x, but lower than .7.24 */}}
+      {{- if and (eq $oldV.Major 1) (or (ne $oldV.Minor 7) (lt ($oldV.Patch | int) 24)) -}}
+        {{/* Block the upgrade */}}
+        {{- fail "Migration to 2.x.x is only allowed from 1.7.24 or higher" -}}
+      {{- end -}}
+    {{- end -}}
+  {{- end -}}
+{{- end -}}
+
+{{- define "minio.is-migration" -}}
+  {{- $isMigration := "" -}}
+  {{- $versions := (fromYaml (include "minio.get-versions" $)) -}}
+  {{- if $versions.old -}}
+    {{- $oldV := semver $versions.old -}}
+    {{- if and (eq $oldV.Major 1) (or (ne $oldV.Minor 7) (lt ($oldV.Patch | int) 24)) -}}
+      {{- $isMigration = "true" -}}
+    {{- end -}}
+  {{- end -}}
+
+  {{- $isMigration -}}
+{{- end -}}

charts/minio/2.0.0/templates/_minio.tpl

@@ -0,0 +1,93 @@
+{{- define "minio.workload" -}}
+{{- $fullname := (include "ix.v1.common.lib.chart.names.fullname" $) -}}
+{{- $logapi := printf "http://%v-log:8080" $fullname -}}
+workload:
+  minio:
+    enabled: true
+    primary: true
+    type: Deployment
+    podSpec:
+      hostNetwork: {{ .Values.minioStorage.distributedMode }}
+      containers:
+        minio:
+          enabled: true
+          primary: true
+          imageSelector: image
+          securityContext:
+            runAsUser: 473
+            runAsGroup: 473
+            # readOnlyRootFilesystem: false
+          env:
+            MINIO_VOLUMES: /export
+          args:
+            - server
+            - --console-address
+            - {{ printf ":%v" .Values.minioNetwork.consolePort | quote }}
+            {{- if .Values.minioStorage.distributedMode }}
+              {{- range .Values.minioStorage.distributedIps }}
+            - {{ quote . }}
+              {{- end }}
+            {{- else }}
+            - "--address"
+            - {{ printf ":%v" .Values.minioNetwork.apiPort | quote }}
+            {{- end }}
+            {{- if .Values.minioNetwork.certificateID }}
+            - "--certs-dir"
+            - "/etc/minio/certs"
+            {{- end }}
+            {{- range .Values.minioConfig.extraArgs }}
+            - {{ quote . }}
+            {{ end }}
+          envFrom:
+            - secretRef:
+                name: minio-creds
+          {{ with .Values.minioConfig.additionalEnvs }}
+          envList:
+            {{ range $env := . }}
+            - name: {{ $env.name }}
+              value: {{ $env.value }}
+            {{ end }}
+          {{ end }}
+          probes:
+            {{- $proto := "http" -}}
+            {{- if .Values.minioNetwork.certificateID -}}
+              {{- $proto = "https" -}}
+            {{- end }}
+            liveness:
+              enabled: true
+              type: {{ $proto }}
+              path: /minio/health/live
+              port: {{ .Values.minioNetwork.consolePort }}
+            readiness:
+              enabled: true
+              type: {{ $proto }}
+              path: /minio/health/live
+              port: {{ .Values.minioNetwork.consolePort }}
+            startup:
+              enabled: true
+              type: {{ $proto }}
+              path: /minio/health/live
+              port: {{ .Values.minioNetwork.consolePort }}
+      initContainers:
+      {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions"
+                                                        "UID" 473
+                                                        "GID" 473
+                                                        "mode" "check"
+                                                        "type" "init") | nindent 8 }}
+        wait-api:
+          enabled: true
+          type: init
+          imageSelector: bashImage
+          command:
+            - bash
+          args:
+            - -c
+            - |
+              echo "Waiting for [{{ $logapi }}]";
+              until wget --spider --quiet --timeout=3 --tries=1 {{ $logapi }}/status;
+              do
+                echo "Waiting for [{{ $logapi }}]";
+                sleep 2;
+              done
+              echo "API is up: {{ $logapi }}";
+{{- end -}}

charts/minio/2.0.0/templates/_persistence.tpl

@@ -0,0 +1,77 @@
+{{- define "minio.persistence" -}}
+persistence:
+  export:
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.minioStorage.export) | nindent 4 }}
+    targetSelector:
+      minio:
+        minio:
+          mountPath: {{ .Values.minioStorage.export.mountPath }}
+        {{- if and (eq .Values.minioStorage.export.type "ixVolume")
+                  (not (.Values.minioStorage.export.ixVolumeConfig | default dict).aclEnable) }}
+        01-permissions:
+          mountPath: /mnt/directories/export
+        {{- end }}
+  tmp:
+    enabled: true
+    type: emptyDir
+    targetSelector:
+      minio:
+        minio:
+          mountPath: /tmp
+  {{- range $idx, $storage := .Values.minioStorage.additionalStorages }}
+  {{ printf "minio-%v:" (int $idx) }}
+    enabled: true
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }}
+    targetSelector:
+      minio:
+        minio:
+          mountPath: {{ $storage.mountPath }}
+        {{- if and (eq $storage.type "ixVolume") (not ($storage.ixVolumeConfig | default dict).aclEnable) }}
+        01-permissions:
+          mountPath: /mnt/directories{{ $storage.mountPath }}
+        {{- end }}
+  {{- end }}
+
+  {{- include "ix.v1.common.app.postgresPersistence"
+      (dict "pgData" .Values.minioStorage.pgData
+            "pgBackup" .Values.minioStorage.pgBackup
+      ) | nindent 2 }}
+
+  {{- if .Values.minioNetwork.certificateID }}
+  cert:
+    enabled: true
+    type: secret
+    objectName: minio-cert
+    defaultMode: "0600"
+    items:
+      - key: tls.key
+        path: private.key
+      - key: tls.crt
+        path: public.crt
+    targetSelector:
+      minio:
+        minio:
+          mountPath: /etc/minio/certs
+          readOnly: true
+  certca:
+    enabled: true
+    type: secret
+    objectName: minio-cert
+    defaultMode: "0600"
+    items:
+      - key: tls.crt
+        path: public.crt
+    targetSelector:
+      minio:
+        minio:
+          mountPath: /etc/minio/certs/CAs
+          readOnly: true
+
+scaleCertificate:
+  minio-cert:
+    enabled: true
+    id: {{ .Values.minioNetwork.certificateID }}
+  {{- end }}
+
+{{- end -}}

charts/minio/2.0.0/templates/_portal.tpl

@@ -0,0 +1,16 @@
+{{- define "minio.portal" -}}
+  {{- $proto := "http" -}}
+  {{- if .Values.minioNetwork.certificateID -}}
+    {{- $proto = "https" -}}
+  {{- end }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: portal
+data:
+  path: /
+  port: {{ .Values.minioNetwork.consolePort | quote }}
+  protocol: {{ $proto }}
+  host: "$node_ip"
+{{- end -}}

charts/minio/2.0.0/templates/_postgres.tpl

@@ -0,0 +1,12 @@
+{{- define "postgres.workload" -}}
+  {{- $backupSecretName := "postgres-creds" -}}
+  {{- if eq (include "minio.is-migration" $) "true" }}
+    {{- $backupSecretName = "postgres-backup-creds" -}}
+  {{- end }}
+workload:
+{{- include "ix.v1.common.app.postgres" (dict "secretName" "postgres-creds"
+                                              "backupSecretName" $backupSecretName
+                                              "resources" .Values.resources
+                                              "imageSelector" "logPostgresImage"
+                                              "ixChartContext" .Values.ixChartContext) | nindent 2 }}
+{{- end -}}

charts/minio/2.0.0/templates/_service.tpl

@@ -0,0 +1,33 @@
+{{- define "minio.service" -}}
+service:
+  minio:
+    enabled: true
+    primary: true
+    type: NodePort
+    targetSelector: minio
+    ports:
+      console:
+        enabled: true
+        primary: true
+        port: {{ .Values.minioNetwork.consolePort }}
+        nodePort: {{ .Values.minioNetwork.consolePort }}
+        targetSelector: minio
+      api:
+        enabled: true
+        port: {{ .Values.minioNetwork.apiPort }}
+        nodePort: {{ .Values.minioNetwork.apiPort }}
+        targetSelector: minio
+  {{ if .Values.minioStorage.logSearchApi }}
+  log:
+    enabled: true
+    type: ClusterIP
+    targetSelector: logsearchapi
+    ports:
+      log:
+        enabled: true
+        port: 8080
+        targetPort: 8080
+        targetSelector: logsearchapi
+  {{- include "ix.v1.common.app.postgresService" $ | nindent 2 }}
+  {{ end }}
+{{- end -}}

charts/minio/2.0.0/templates/common.yaml

@@ -0,0 +1,18 @@
+{{- include "ix.v1.common.loader.init" . -}}
+
+{{- include "minio.migration" $ -}}
+
+{{/* Merge the templates with Values */}}
+{{- $_ := mustMergeOverwrite .Values (include "minio.service" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "minio.workload" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "minio.persistence" $ | fromYaml) -}}
+{{- $_ := mustMergeOverwrite .Values (include "minio.configuration" $ | fromYaml) -}}
+{{- if .Values.minioStorage.logSearchApi -}}
+  {{- $_ := mustMergeOverwrite .Values (include "postgres.workload" $ | fromYaml) -}}
+  {{- $_ := mustMergeOverwrite .Values (include "logsearchapi.workload" $ | fromYaml) -}}
+{{- end -}}
+
+{{/* Create the configmap for portal manually*/}}
+{{- include "minio.portal" $ -}}
+
+{{- include "ix.v1.common.loader.apply" . -}}

charts/minio/2.0.0/to_keep_versions.md

@@ -0,0 +1,4 @@
+# 1.7.24
+
+This version is kept because it contains a fix that is needed for migration to v2.x.x
+It should be safe to remove few months after v2.x.x is released.