copy test back to enterprise (#2012)

library/ix-dev/enterprise/minio/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
 - name: common
   repository: file://../../../common
-  version: 1.2.2
-digest: sha256:fb077cb81f6acecd5c9e6adc22a18e156f780cd78f27198cdb47810f95364b56
-generated: "2023-11-09T15:45:47.242411019+02:00"
+  version: 1.2.6
+digest: sha256:956cef64e364b567d2e5327a00e60b68f3ef765e003d6c35afc143bb81ecc26b
+generated: "2024-01-02T19:33:31.872916193+02:00"

library/ix-dev/enterprise/minio/Chart.yaml

@@ -3,9 +3,9 @@ description: High Performance, Kubernetes Native Object Storage
 annotations:
   title: MinIO
 type: application
-version: 1.0.24
+version: 1.1.0
 apiVersion: v2
-appVersion: '2023-03-24'
+appVersion: '2023-12-07'
 kubeVersion: '>=1.16.0-0'
 maintainers:
   - name: truenas
@@ -14,7 +14,7 @@ maintainers:
 dependencies:
   - name: common
     repository: file://../../../common
-    version: 1.2.2
+    version: 1.2.6
 home: https://min.io
 icon: https://media.sys.truenas.net/apps/minio/icons/icon.png
 sources:

library/ix-dev/enterprise/minio/ci/snmd-https-values.yaml

@@ -21,21 +21,13 @@ minioMultiMode:
   - /data{1...4}
 
 minioStorage:
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data1
-    datasetName: ""
+  - type: pvc
     mountPath: /data1
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data2
-    datasetName: ""
+  - type: pvc
     mountPath: /data2
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data3
-    datasetName: ""
+  - type: pvc
     mountPath: /data3
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data4
-    datasetName: ""
+  - type: pvc
     mountPath: /data4
 
 ixCertificates:

library/ix-dev/enterprise/minio/ci/snmd-logsearch-https-values.yaml

@@ -21,21 +21,13 @@ minioMultiMode:
   - /data{1...4}
 
 minioStorage:
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data1
-    datasetName: ""
+  - type: pvc
     mountPath: /data1
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data2
-    datasetName: ""
+  - type: pvc
     mountPath: /data2
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data3
-    datasetName: ""
+  - type: pvc
     mountPath: /data3
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data4
-    datasetName: ""
+  - type: pvc
     mountPath: /data4
 
 minioLogging:
@@ -43,13 +35,12 @@ minioLogging:
     enabled: true
     diskCapacityGB: 5
     pgData:
-      type: hostPath
-      hostPath: /mnt/{{ .Release.Namespace }}/postgres_data
-      datasetName: ""
+      type: pvc
     pgBackup:
-      type: hostPath
-      hostPath: /mnt/{{ .Release.Namespace }}/postgres_backup
-      datasetName: ""
+      type: emptyDir
+      emptyDirConfig:
+        size: ""
+        medium: ""
 
 ixCertificates:
   "1":

library/ix-dev/enterprise/minio/ci/snmd-logsearch-values.yaml

@@ -12,21 +12,13 @@ minioMultiMode:
   - /data{1...4}
 
 minioStorage:
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data1
-    datasetName: ""
+  - type: pvc
     mountPath: /data1
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data2
-    datasetName: ""
+  - type: pvc
     mountPath: /data2
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data3
-    datasetName: ""
+  - type: pvc
     mountPath: /data3
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data4
-    datasetName: ""
+  - type: pvc
     mountPath: /data4
 
 minioLogging:
@@ -34,10 +26,9 @@ minioLogging:
     enabled: true
     diskCapacityGB: 5
     pgData:
-      type: hostPath
-      hostPath: /mnt/{{ .Release.Namespace }}/postgres_data
-      datasetName: ""
+      type: pvc
     pgBackup:
-      type: hostPath
-      hostPath: /mnt/{{ .Release.Namespace }}/postgres_backup
-      datasetName: ""
+      type: emptyDir
+      emptyDirConfig:
+        size: ""
+        medium: ""

library/ix-dev/enterprise/minio/ci/snmd-values.yaml

@@ -12,19 +12,11 @@ minioMultiMode:
   - /data{1...4}
 
 minioStorage:
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data1
-    datasetName: ""
+  - type: pvc
     mountPath: /data1
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data2
-    datasetName: ""
+  - type: pvc
     mountPath: /data2
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data3
-    datasetName: ""
+  - type: pvc
     mountPath: /data3
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data4
-    datasetName: ""
+  - type: pvc
     mountPath: /data4

library/ix-dev/enterprise/minio/ci/snsd-https-values.yaml

@@ -13,9 +13,7 @@ minioNetwork:
   certificateID: 1
 
 minioStorage:
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data1
-    datasetName: ""
+  - type: pvc
     mountPath: /data1
 
 ixCertificates:

library/ix-dev/enterprise/minio/ci/snsd-logsearch-https-values.yaml

@@ -12,9 +12,7 @@ minioNetwork:
   certificateID: 1
 
 minioStorage:
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data1
-    datasetName: ""
+  - type: pvc
     mountPath: /data1
 
 minioLogging:
@@ -22,13 +20,12 @@ minioLogging:
     enabled: true
     diskCapacityGB: 5
     pgData:
-      type: hostPath
-      hostPath: /mnt/{{ .Release.Namespace }}/postgres_data
-      datasetName: ""
+      type: pvc
     pgBackup:
-      type: hostPath
-      hostPath: /mnt/{{ .Release.Namespace }}/postgres_backup
-      datasetName: ""
+      type: emptyDir
+      emptyDirConfig:
+        size: ""
+        medium: ""
 
 ixCertificates:
   "1":

library/ix-dev/enterprise/minio/ci/snsd-logsearch-values.yaml

@@ -9,9 +9,7 @@ minioCreds:
   rootPass: minio_test
 
 minioStorage:
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data1
-    datasetName: ""
+  - type: pvc
     mountPath: /data1
 
 minioLogging:
@@ -19,10 +17,9 @@ minioLogging:
     enabled: true
     diskCapacityGB: 5
     pgData:
-      type: hostPath
-      hostPath: /mnt/{{ .Release.Namespace }}/postgres_data
-      datasetName: ""
+      type: pvc
     pgBackup:
-      type: hostPath
-      hostPath: /mnt/{{ .Release.Namespace }}/postgres_backup
-      datasetName: ""
+      type: emptyDir
+      emptyDirConfig:
+        size: ""
+        medium: ""

library/ix-dev/enterprise/minio/ci/snsd-values.yaml

@@ -13,7 +13,5 @@ minioRunAs:
   group: 1000
 
 minioStorage:
-  - type: hostPath
-    hostPath: /mnt/{{ .Release.Namespace }}/data1
-    datasetName: ""
+  - type: pvc
     mountPath: /data1

library/ix-dev/enterprise/minio/migrations/migrate

@@ -4,18 +4,52 @@ import os
 import sys
 
 
+def storage_migrate(storage):
+    delete_keys = []
+    if storage['type'] == 'hostPath':
+        # Check if the key exists, if not we have already migrated
+        if not storage.get('hostPath'):
+            return storage
+
+        storage['hostPathConfig'] = {'hostPath': storage['hostPath']}
+        delete_keys.append('hostPath')
+
+    elif storage['type'] == 'ixVolume':
+        # Check if the key exists, if not we have already migrated
+        if not storage.get('datasetName'):
+            return storage
+
+        storage['ixVolumeConfig'] = {'datasetName': storage['datasetName']}
+        delete_keys.append('datasetName')
+
+        # Clean up for some older versions.
+        if storage.get('hostPath'):
+            delete_keys.append('hostPath')
+
+    for key in delete_keys:
+        storage.pop(key, None)
+
+    return storage
+
+
 def migrate(values):
     storageKey = 'minioLogging'
     storageSubKey = 'logsearch'
-    storages = ['pgData', 'pgData']
+    storages = ['pgData', 'pgBackup']
 
     for storage in storages:
         check_val = values.get(storageKey, {}).get(storageSubKey, {}).get(storage, {})
-        if not isinstance(check_val, dict) or not check_val or check_val.get('type', 'hostPath') == 'hostPath':
-            continue
+        if not isinstance(check_val, dict) or not check_val:
+            raise Exception(f'Storage section {storage} is malformed')
+
+        values[storageKey][storageSubKey][storage] = storage_migrate(check_val)
 
-        values[storageKey][storageSubKey][storage] = {key: value for key, value in check_val.items() if key != 'hostPath'}
+    dataStorageItems = values.get('minioStorage', {})
+    for idx, storage in enumerate(dataStorageItems):
+        if not isinstance(storage, dict) or not storage:
+            raise Exception(f'Item {idx} in minioStorage is malformed')
 
+        dataStorageItems[idx] = storage_migrate(storage)
 
     return values
 

library/ix-dev/enterprise/minio/questions.yaml

@@ -198,27 +198,66 @@ questions:
                   required: true
                   immutable: true
                   default: /data1
-              - variable: hostPath
-                label: Host Path
-                description: The host path to use for storage.
+              - variable: ixVolumeConfig
+                label: ixVolume Configuration
+                description: The configuration for the ixVolume dataset.
                 schema:
-                  type: hostpath
-                  required: true
-                  immutable: true
-                  default: ""
-                  show_if: [["type", "=", "hostPath"]]
-              - variable: datasetName
-                label: Dataset Name
-                description: The name of the dataset to use for storage.
-                schema:
-                  type: string
+                  type: dict
                   show_if: [["type", "=", "ixVolume"]]
-                  required: true
-                  immutable: true
-                  # Can we make this dynamic, so we can hide it?!
-                  default: data1
                   $ref:
                     - "normalize/ixVolume"
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # Hide ACL for now
+                        hidden: true
+                        default: false
+                    - variable: datasetName
+                      label: Dataset Name
+                      description: The name of the dataset to use for storage.
+                      schema:
+                        type: string
+                        required: true
+                        immutable: true
+                        default: "data1"
+                    - variable: aclEntries
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+              - variable: hostPathConfig
+                label: Host Path Configuration
+                schema:
+                  type: dict
+                  show_if: [["type", "=", "hostPath"]]
+                  attrs:
+                    - variable: aclEnable
+                      label: Enable ACL
+                      description: Enable ACL for the dataset.
+                      schema:
+                        type: boolean
+                        # Hide ACL for now
+                        hidden: true
+                        default: false
+                    - variable: acl
+                      label: ACL Configuration
+                      schema:
+                        type: dict
+                        show_if: [["aclEnable", "=", true]]
+                        attrs: []
+                        $ref:
+                          - "normalize/acl"
+                    - variable: hostPath
+                      label: Host Path
+                      description: The host path to use for storage.
+                      schema:
+                        type: hostpath
+                        show_if: [["aclEnable", "=", false]]
+                        required: true
 
   - variable: minioLogging
     label: ""
@@ -266,6 +305,9 @@ questions:
                         attrs:
                           - variable: type
                             label: Type
+                            description: |
+                              ixVolume: Is dataset created automatically by the system.</br>
+                              Host Path: Is a path that already exists on the system.
                             schema:
                               type: string
                               required: true
@@ -273,27 +315,74 @@ questions:
                               default: ixVolume
                               enum:
                                 - value: hostPath
-                                  description: Host Path
+                                  description: Host Path (Path that already exists on the system)
                                 - value: ixVolume
-                                  description: ixVolume
-                          - variable: datasetName
-                            label: Dataset Name
+                                  description: ixVolume (Dataset created automatically by the system)
+                          - variable: ixVolumeConfig
+                            label: ixVolume Configuration
+                            description: The configuration for the ixVolume dataset.
                             schema:
-                              type: string
-                              show_if: [["type", "=", "ixVolume"]]
-                              required: true
+                              type: dict
+                              # Nothing to show for the user
                               hidden: true
-                              immutable: true
-                              default: postgres-data
+                              show_if: [["type", "=", "ixVolume"]]
                               $ref:
                                 - "normalize/ixVolume"
-                          - variable: hostPath
-                            label: Host Path
+                              attrs:
+                                - variable: aclEnable
+                                  label: Enable ACL
+                                  description: Enable ACL for the dataset.
+                                  schema:
+                                    type: boolean
+                                    # Postgres does a CHMOD at startup
+                                    # Which fails with ACL
+                                    hidden: true
+                                    default: false
+                                - variable: datasetName
+                                  label: Dataset Name
+                                  description: The name of the dataset to use for storage.
+                                  schema:
+                                    type: string
+                                    required: true
+                                    immutable: true
+                                    hidden: true
+                                    default: postgres-data
+                                - variable: aclEntries
+                                  label: ACL Configuration
+                                  schema:
+                                    type: dict
+                                    show_if: [["aclEnable", "=", true]]
+                                    attrs: []
+                          - variable: hostPathConfig
+                            label: Host Path Configuration
                             schema:
-                              type: hostpath
+                              type: dict
                               show_if: [["type", "=", "hostPath"]]
-                              immutable: true
-                              required: true
+                              attrs:
+                                - variable: aclEnable
+                                  label: Enable ACL
+                                  description: Enable ACL for the dataset.
+                                  schema:
+                                    type: boolean
+                                    # Postgres does a CHMOD at startup
+                                    # Which fails with ACL
+                                    hidden: true
+                                    default: false
+                                - variable: acl
+                                  label: ACL Configuration
+                                  schema:
+                                    type: dict
+                                    show_if: [["aclEnable", "=", true]]
+                                    attrs: []
+                                    $ref:
+                                      - "normalize/acl"
+                                - variable: hostPath
+                                  label: Host Path
+                                  description: The host path to use for storage.
+                                  schema:
+                                    type: hostpath
+                                    show_if: [["aclEnable", "=", false]]
+                                    required: true
                     - variable: pgBackup
                       label: Postgres Backup Storage
                       description: The path to store Postgres backups.
@@ -302,32 +391,84 @@ questions:
                         attrs:
                           - variable: type
                             label: Type
+                            description: |
+                              ixVolume: Is dataset created automatically by the system.</br>
+                              Host Path: Is a path that already exists on the system.
                             schema:
                               type: string
                               required: true
+                              immutable: true
                               default: ixVolume
                               enum:
                                 - value: hostPath
-                                  description: Host Path
+                                  description: Host Path (Path that already exists on the system)
                                 - value: ixVolume
-                                  description: ixVolume
-                          - variable: datasetName
-                            label: Dataset Name
+                                  description: ixVolume (Dataset created automatically by the system)
+                          - variable: ixVolumeConfig
+                            label: ixVolume Configuration
+                            description: The configuration for the ixVolume dataset.
                             schema:
-                              type: string
-                              show_if: [["type", "=", "ixVolume"]]
-                              required: true
+                              type: dict
+                              # Nothing to show for the user
                               hidden: true
-                              immutable: true
-                              default: postgres-backup
+                              show_if: [["type", "=", "ixVolume"]]
                               $ref:
                                 - "normalize/ixVolume"
-                          - variable: hostPath
-                            label: Host Path
+                              attrs:
+                                - variable: aclEnable
+                                  label: Enable ACL
+                                  description: Enable ACL for the dataset.
+                                  schema:
+                                    type: boolean
+                                    # Postgres does a CHMOD at startup
+                                    # Which fails with ACL
+                                    hidden: true
+                                    default: false
+                                - variable: datasetName
+                                  label: Dataset Name
+                                  description: The name of the dataset to use for storage.
+                                  schema:
+                                    type: string
+                                    required: true
+                                    immutable: true
+                                    hidden: true
+                                    default: "postgres-backup"
+                                - variable: aclEntries
+                                  label: ACL Configuration
+                                  schema:
+                                    type: dict
+                                    show_if: [["aclEnable", "=", true]]
+                                    attrs: []
+                          - variable: hostPathConfig
+                            label: Host Path Configuration
                             schema:
-                              type: hostpath
+                              type: dict
                               show_if: [["type", "=", "hostPath"]]
-                              required: true
+                              attrs:
+                                - variable: aclEnable
+                                  label: Enable ACL
+                                  description: Enable ACL for the dataset.
+                                  schema:
+                                    type: boolean
+                                    # Postgres does a CHMOD at startup
+                                    # Which fails with ACL
+                                    hidden: true
+                                    default: false
+                                - variable: acl
+                                  label: ACL Configuration
+                                  schema:
+                                    type: dict
+                                    show_if: [["aclEnable", "=", true]]
+                                    attrs: []
+                                    $ref:
+                                      - "normalize/acl"
+                                - variable: hostPath
+                                  label: Host Path
+                                  description: The host path to use for storage.
+                                  schema:
+                                    type: hostpath
+                                    show_if: [["aclEnable", "=", false]]
+                                    required: true
 
   - variable: resources
     label: ""

library/ix-dev/enterprise/minio/templates/_minio.tpl

@@ -50,7 +50,8 @@ workload:
               port: "{{ .Values.minioNetwork.apiPort }}"
               path: /minio/health/live
       initContainers:
-      {{- include "ix.v1.common.app.permissions" (dict "UID" .Values.minioRunAs.user
+      {{- include "ix.v1.common.app.permissions" (dict "containerName" "01-permissions"
+                                                        "UID" .Values.minioRunAs.user
                                                         "GID" .Values.minioRunAs.group
                                                         "type" "install") | nindent 8 -}}
       {{- if .Values.minioLogging.logsearch.enabled }}
@@ -102,15 +103,16 @@ persistence:
   {{- range $idx, $storage := .Values.minioStorage }}
   {{ printf "data%v" (int $idx) }}:
     enabled: true
-    type: {{ $storage.type }}
-    datasetName: {{ $storage.datasetName | default "" }}
-    hostPath: {{ $storage.hostPath | default "" }}
+    {{- include "minio.storage.ci.migration" (dict "storage" $storage) }}
+    {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }}
     targetSelector:
       minio:
         minio:
           mountPath: {{ $storage.mountPath }}
-        permissions:
+        {{- if and (eq $storage.type "ixVolume") (not ($storage.ixVolumeConfig | default dict).aclEnable) }}
+        01-permissions:
           mountPath: /mnt/directories{{ $storage.mountPath }}
+        {{- end }}
   {{- end }}
   # Minio writes temporary files to this directory. Adding this as an emptyDir,
   # So we don't have to set readOnlyRootFilesystem to false

library/ix-dev/enterprise/minio/templates/_postgres.tpl

@@ -1,11 +1,16 @@
 {{- define "postgres.workload" -}}
 workload:
-{{- include "ix.v1.common.app.postgres" (dict "secretName" "postgres-creds" "resources" .Values.resources) | nindent 2 }}
+{{- include "ix.v1.common.app.postgres" (dict "secretName" "postgres-creds"
+                                              "resources" .Values.resources
+                                              "ixChartContext" .Values.ixChartContext) | nindent 2 }}
 
 {{/* Service */}}
 service:
   {{- include "ix.v1.common.app.postgresService" $ | nindent 2 }}
 
+{{- include "minio.storage.ci.migration" (dict "storage" .Values.minioLogging.logsearch.pgData) }}
+{{- include "minio.storage.ci.migration" (dict "storage" .Values.minioLogging.logsearch.pgBackup) }}
+
 {{/* Persistence */}}
 persistence:
   {{- include "ix.v1.common.app.postgresPersistence"

library/ix-dev/enterprise/minio/templates/common.yaml

@@ -1,5 +1,15 @@
 {{- include "ix.v1.common.loader.init" . -}}
 
+{{/* TODO: Remove on the next version bump, eg 1.1.0+ */}}
+{{- define "minio.storage.ci.migration" -}}
+  {{- $storage := .storage -}}
+
+  {{- if $storage.hostPath -}}
+    {{- $_ := set $storage "hostPathConfig" dict -}}
+    {{- $_ := set $storage.hostPathConfig "hostPath" $storage.hostPath -}}
+  {{- end -}}
+{{- end -}}
+
 {{/* Merge the templates with Values  */}}
 {{- $_ := mustMergeOverwrite .Values (include "minio.configuration" $ | fromYaml) -}}
 

library/ix-dev/enterprise/minio/values.yaml

@@ -1,6 +1,6 @@
 image:
   repository: minio/minio
-  tag: RELEASE.2023-03-24T21-41-23Z
+  tag: RELEASE.2023-12-07T04-16-00Z
   pullPolicy: IfNotPresent
 
 logsearchImage:
@@ -42,7 +42,9 @@ minioLogging:
     diskCapacityGB: 5
     pgData:
       type: ixVolume
-      datasetName: postgres-data
+      ixVolumeConfig:
+        datasetName: postgres-data
     pgBackup:
       type: ixVolume
-      datasetName: postgres-backup
+      ixVolumeConfig:
+        datasetName: postgres-backup