diff --git a/CHANGELOG.md b/CHANGELOG.md
index 18db8e6c5883f6d58825e8bb0ad317cfe700955f..5a8f26701f5a1b1cd04661010eec9dcca4cc3aaf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
---
+
+## [1.0.8]
+
+* Added support for deployment of Minio operator and instance deployment of minio.
+
## [1.0.7]
* Added Kubernetes labels to all objects created by umbrella
diff --git a/chart/templates/minio/minio-instance/gitrepository.yaml b/chart/templates/minio/minio-instance/gitrepository.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..c4c248707fe5548929cb96e139a915e892c03eee
--- /dev/null
+++ b/chart/templates/minio/minio-instance/gitrepository.yaml
@@ -0,0 +1,14 @@
+{{- if and (not .Values.offline) .Values.minio.enabled }}
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+ name: minio
+ namespace: {{ .Release.Namespace }}
+spec:
+ interval: {{ .Values.flux.interval }}
+ url: {{ .Values.minio.minioinstance.git.repo }}
+ ref:
+ {{- include "validRef" .Values.minio.minioinstance.git | nindent 4 }}
+ {{ include "gitIgnore" . }}
+ {{- include "gitCreds" .Values.git | nindent 2 }}
+{{- end }}
diff --git a/chart/templates/minio/minio-instance/minio-instance-helmrelease.yaml b/chart/templates/minio/minio-instance/minio-instance-helmrelease.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..d4bdeb2eb2af7cbfec757506d9c8d731319c1f12
--- /dev/null
+++ b/chart/templates/minio/minio-instance/minio-instance-helmrelease.yaml
@@ -0,0 +1,51 @@
+{{- if .Values.minio.enabled }}
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: minio
+ namespace: {{ .Release.Namespace }}
+spec:
+ targetNamespace: minio
+ chart:
+ spec:
+ chart: {{ .Values.minio.minioinstance.git.path }}
+ interval: 5m
+ sourceRef:
+ kind: GitRepository
+ name: minio
+ namespace: {{ .Release.Namespace }}
+
+ {{- with .Values.flux }}
+ interval: {{ .interval }}
+ test:
+ enable: false
+ install:
+ remediation:
+ retries: {{ .install.retries }}
+ upgrade:
+ remediation:
+ retries: {{ .upgrade.retries }}
+ remediateLastFailure: true
+ cleanupOnFail: true
+ rollback:
+ timeout: {{ .rollback.timeout }}
+ cleanupOnFail: {{ .rollback.cleanupOnFail }}
+ {{- end }}
+
+ valuesFrom:
+ - name: values
+ kind: Secret
+ valuesKey: "minio.yaml"
+
+ values:
+ podAnnotations:
+ sidecar.istio.io/inject: "true"
+ traffic.sidecar.istio.io/includeInboundPorts: "*"
+ traffic.sidecar.istio.io/excludeInboundPorts: "9443"
+ imagePullSecrets:
+ - name: private-registry
+
+ dependsOn:
+ - name: minio-operator
+ namespace: {{ .Release.Namespace }}
+{{- end }}
diff --git a/chart/templates/minio/minio-instance/namespace.yaml b/chart/templates/minio/minio-instance/namespace.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..aeb4bb77bb4796a6b1ef9a3e0eb51e8aafbc203f
--- /dev/null
+++ b/chart/templates/minio/minio-instance/namespace.yaml
@@ -0,0 +1,30 @@
+{{- if .Values.minio.enabled }}
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: minio
+ labels:
+ istio-injection: enabled
+---
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: minio
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+---
+# probably want to get rid of this eventually
+apiVersion: v1
+kind: Secret
+metadata:
+ name: minio-creds-secret
+ namespace: minio
+type: Opaque
+data:
+ accesskey: bWluaW8= # base 64 encoded "minio" (echo -n 'minio' | base64)
+ secretkey: bWluaW8xMjM= # based 64 encoded "minio123" (echo -n 'minio123' | base64)
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/minio/minio-operator/gitrepository.yaml b/chart/templates/minio/minio-operator/gitrepository.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..2390da504680f678cb9daa3ce45b8b6e496bbfe4
--- /dev/null
+++ b/chart/templates/minio/minio-operator/gitrepository.yaml
@@ -0,0 +1,14 @@
+{{- if and (not .Values.offline) .Values.minio.enabled }}
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+ name: minio-operator
+ namespace: {{ .Release.Namespace }}
+spec:
+ interval: {{ .Values.flux.interval }}
+ url: {{ .Values.minio.miniooperator.git.repo }}
+ ref:
+ {{- include "validRef" .Values.minio.miniooperator.git | nindent 4 }}
+ {{ include "gitIgnore" . }}
+ {{- include "gitCreds" .Values.git | nindent 2 }}
+{{- end }}
diff --git a/chart/templates/minio/minio-operator/minio-operator-helmrelease.yaml b/chart/templates/minio/minio-operator/minio-operator-helmrelease.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..e465cc3a1540f4cdf9b7931a91824c4b446ce8fa
--- /dev/null
+++ b/chart/templates/minio/minio-operator/minio-operator-helmrelease.yaml
@@ -0,0 +1,60 @@
+{{- if .Values.minio.enabled }}
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+ name: minio-operator
+ namespace: {{ .Release.Namespace }}
+spec:
+ targetNamespace: minio-operator
+ chart:
+ spec:
+ chart: {{ .Values.minio.miniooperator.git.path }}
+ interval: 5m
+ sourceRef:
+ kind: GitRepository
+ name: minio-operator
+ namespace: {{ .Release.Namespace }}
+
+ {{- with .Values.flux }}
+ interval: {{ .interval }}
+ test:
+ enable: false
+ install:
+ remediation:
+ retries: {{ .install.retries }}
+ upgrade:
+ remediation:
+ retries: {{ .upgrade.retries }}
+ remediateLastFailure: true
+ cleanupOnFail: true
+ rollback:
+ timeout: {{ .rollback.timeout }}
+ cleanupOnFail: {{ .rollback.cleanupOnFail }}
+ {{- end }}
+
+ valuesFrom:
+ - name: values
+ kind: Secret
+ valuesKey: "miniooperator.yaml"
+
+ values:
+ podAnnotations:
+ sidecar.istio.io/inject: "true"
+ traffic.sidecar.istio.io/includeInboundPorts: "*"
+ traffic.sidecar.istio.io/excludeInboundPorts: "9443"
+ imagePullSecrets:
+ - name: private-registry
+
+ {{- if or .Values.gatekeeper.enabled .Values.istio.enabled }}
+ dependsOn:
+ {{- if .Values.gatekeeper.enabled }}
+ - name: gatekeeper
+ namespace: {{ .Release.Namespace }}
+ {{- end }}
+
+ {{- if .Values.istio.enabled }}
+ - name: istio
+ namespace: {{ .Release.Namespace }}
+ {{- end }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/minio/minio-operator/namespace.yaml b/chart/templates/minio/minio-operator/namespace.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..6dfcf44dc707b23d7fa45eac0680b490331d3c8e
--- /dev/null
+++ b/chart/templates/minio/minio-operator/namespace.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.minio.enabled }}
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: minio-operator
+ labels:
+ istio-injection: enabled
+---
+{{- if ( include "imagePullSecret" . ) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: private-registry
+ namespace: minio-operator
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ template "imagePullSecret" . }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/chart/templates/values.yaml b/chart/templates/values.yaml
index a8820942a49605edb62c199914eb9bd3e19582da..6cad3d7a9d0fa00fa5b170fb5b9323d0f8fc418e 100644
--- a/chart/templates/values.yaml
+++ b/chart/templates/values.yaml
@@ -49,6 +49,10 @@ stringData:
{{ toYaml .Values.twistlock.values | indent 4 }}
clusterauditor.yaml: |
{{ toYaml .Values.twistlock.values | indent 4 }}
+ miniooperator.yaml: |
+{{ toYaml .Values.minio.miniooperator.values | indent 4 }}
+ minio.yaml: |
+{{ toYaml .Values.minio.minioinstance.values | indent 4 }}
gitlab.yaml: |
{{ toYaml .Values.addons.gitlab.values | indent 4 }}
anchore.yaml: |
diff --git a/chart/values.yaml b/chart/values.yaml
index e7707935d13439a1fc004716edb63e3fba1f5038..7051ea081ee4f4c1d481e6550fbf076d45917631 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -187,8 +187,28 @@ twistlock:
path: "./chart"
tag: "0.0.2-bb.1"
values: {}
+
# ----------------------------------------------------------------------------------------------------------------------
+# Minio Operator and Instance
+#
+minio:
+ enabled: true
+ miniooperator:
+ git:
+ repo: https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator.git
+ path: "./chart"
+ tag: "2.0.9-bb.1"
+ values: {}
+ minioinstance:
+ git:
+ repo: https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio.git
+ path: "./chart"
+ tag: "2.0.9-bb.1"
+ values: {}
+#
+# ----------------------------------------------------------------------------------------------------------------------
+#
addons:
argocd:
enabled: false
diff --git a/scripts/deploy/02_wait_for_helmrealeases.sh b/scripts/deploy/02_wait_for_helmrealeases.sh
index eb8595cbe8348f6a9c70a17a0af84b1df4962291..26b0ea9ce08adf2ca32f1b8dc1c67ab3b6f3f483 100755
--- a/scripts/deploy/02_wait_for_helmrealeases.sh
+++ b/scripts/deploy/02_wait_for_helmrealeases.sh
@@ -3,7 +3,8 @@
set -ex
## This is an array to instantiate the order of wait conditions
-ORDERED_HELMRELEASES="gatekeeper istio-operator istio monitoring eck-operator ek fluent-bit twistlock cluster-auditor authservice argocd gitlab haproxy-sso anchore sonarqube"
+ORDERED_HELMRELEASES="gatekeeper istio-operator istio monitoring eck-operator ek fluent-bit twistlock cluster-auditor authservice argocd gitlab haproxy-sso minio-operator minio anchore sonarqube"
+
## This the actual deployed helmrelease objects in the cluster
DEPLOYED_HELMRELEASES=$(kubectl get hr --no-headers -n bigbang | awk '{ print $1}')
@@ -41,6 +42,8 @@ do
fi
done
+kubectl get hr,kustomizations,gitrepositories -A
+
for package in $DEPLOYED_HELMRELEASES;
do
if array_contains ORDERED_HELMRELEASES "$package";