Bring in BB Minio w/ kpt

3598e971 · Micah Nagel · f078cc10 · 3598e971 · 3598e971 · 3598e971
Commit 3598e971 authored 4 years ago by Micah Nagel
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),

 ---

+## [0.1.1-bb.1] - 2021-03-24
+### Changed
+- Refactored the Minio dependency to use the BB upstream with kpt
+
 ## [0.1.1-bb.0] - 2021-03-15
 ### Changed
 - Bumped Mattermost image to 5.32.1

--- a/chart/Chart.lock
+++ b/chart/Chart.lock
+dependencies:
+- name: postgresql
+  repository: file://./deps/postgresql
+  version: 10.3.5
+- name: minio-instance
+  repository: file://./deps/minio
+  version: 2.0.9-bb.5
+digest: sha256:e14a571d09ffdc66826b46a727ead36511ea5a6b0e349cda36d217bafcd26210
+generated: "2021-03-22T15:12:25.740669-06:00"
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -2,7 +2,7 @@
 apiVersion: v2
 name: mattermost
 type: application
-version: "0.1.1-bb.0"
+version: "0.1.1-bb.1"
 appVersion: "5.32.1"
 description: "Deployment of mattermost"
 keywords: 
@@ -15,9 +15,9 @@ dependencies:
    version: 10.3.5
    alias: postgresql
    condition: postgresql.install
-    repository: file://./charts/postgresql
-  - name: minio
-    version: 0.1.0-bb.0
+    repository: file://./deps/postgresql
+  - name: minio-instance
+    version: 2.0.9-bb.5
    alias: minio
    condition: minio.install
-    repository: file://./charts/minio
+    repository: file://./deps/minio
--- a/chart/charts/minio-instance-2.0.9-bb.5.tgz
+++ b/chart/charts/minio-instance-2.0.9-bb.5.tgz
--- a/chart/charts/minio/Chart.yaml
+++ b/chart/charts/minio/Chart.yaml
-apiVersion: v2
-name: minio
-description: A Helm chart for Kubernetes
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0-bb.0
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-# It is recommended to use it with quotes.
-appVersion: 2.0.9
--- a/chart/charts/minio/templates/serviceaccount.yaml
+++ b/chart/charts/minio/templates/serviceaccount.yaml
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: minio-service-account
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{ include "minio.labels" . | nindent 4 }}
-    app.kubernetes.io/component: "objectstorage"
-imagePullSecrets:
-  {{ toYaml .Values.global.imagePullSecrets | indent 2 }}
--- a/chart/charts/postgresql-10.3.5.tgz
+++ b/chart/charts/postgresql-10.3.5.tgz
--- a/chart/deps/minio/Chart.yaml
+++ b/chart/deps/minio/Chart.yaml
+apiVersion: v2
+
+name: minio-instance
+
+description: |-
+  A Helm chart for deploying the Minio instances based on use of the Minio operator
+
+#home: https://github.com/elastic/cloud-on-k8s
+
+type: application
+
+version: 2.0.9-bb.5
+
+appVersion: RELEASE.2020-11-19T23-48-16Z
+
+kubeVersion: ">=1.17.0-0"
+
+keywords:
+  - Minio
+  - Instance
+
+maintainers:
+  - name: me
+    email:
+
+dependencies:
--- a/chart/deps/minio/Kptfile
+++ b/chart/deps/minio/Kptfile
+apiVersion: kpt.dev/v1alpha1
+kind: Kptfile
+metadata:
+  name: minio
+upstream:
+  type: git
+  git:
+    commit: 99d751b096154d9c5820af4a84ff4a0f99f4f7b7
+    repo: https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio
+    directory: /chart
+    ref: 2.0.9-bb.5
--- a/chart/charts/minio/templates/_helpers.tpl
+++ b/chart/charts/minio/templates/_helpers.tpl
@@ -36,7 +36,9 @@ Common labels
 {{- define "minio.labels" -}}
 helm.sh/chart: {{ include "minio.chart" . }}
 {{ include "minio.selectorLabels" . }}
-app.kubernetes.io/version: {{ .Chart.Version | quote }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}

@@ -46,5 +48,23 @@ Selector labels
 {{- define "minio.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "minio.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
-app.kubernetes.io/part-of: {{ include "mattermost.name" . }}
 {{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "minio.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "minio.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the name of the service used to access the UI
+*/}}
+{{- define "minio.serviceName" -}}
+{{- default (include "minio.fullname" .) .Values.service.nameOverride }}
+{{- end }}
+
--- a/chart/deps/minio/templates/minio-vs.yaml
+++ b/chart/deps/minio/templates/minio-vs.yaml
+{{- if and .Values.istio.enabled .Values.istio.virtualService.enabled -}}
+apiVersion: networking.istio.io/v1beta1
+kind: VirtualService
+metadata:
+  name: {{ template "minio.fullname" . }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  gateways:
+    - istio-system/main
+  hosts:
+    - {{ .Values.istio.virtualService.name }}.{{ .Values.hostname }}
+  http:
+    - match:
+        - uri:
+            prefix: /minio/prometheus/metrics
+      route:
+        - destination:
+            host: {{ include "minio.serviceName" . }}
+            port:
+              number: {{ .Values.service.port }}
+      fault:
+        abort:
+          percentage:
+            value: 100
+          httpStatus: 403
+    - match:
+        - uri:
+            prefix: /
+      route:
+        - destination:
+            host: {{ include "minio.serviceName" . }}
+            port:
+              number: {{ .Values.service.port }}
+{{- end }}
+
--- a/chart/charts/minio/templates/instance.yaml
+++ b/chart/charts/minio/templates/instance.yaml
 apiVersion: operator.min.io/v1
 kind: MinIOInstance
 metadata:
-  name: minio
-  namespace: {{ .Release.Namespace }}
+  name: {{ include "minio.fullname" . }}
 ## If specified, MinIOInstance pods will be dispatched by specified scheduler.
 ## If not specified, the pod will be dispatched by default scheduler.
 # scheduler:
@@ -12,16 +11,18 @@ spec:
  metadata:
    ## Optionally pass labels to be applied to the statefulset pods
    labels:
-      app: minio
-      {{ include "minio.labels" . | nindent 6 }}
-      app.kubernetes.io/component: "objectstorage"
+      {{- include "minio.labels" . | nindent 6 }}
+    {{- with .Values.podAnnotations }}
    annotations:
      prometheus.io/path: /minio/prometheus/metrics
      prometheus.io/port: "9000"
      prometheus.io/scrape: "true"
+      {{- toYaml . | nindent 6 }}
+    {{- end }}
+
  ## Registry location and Tag to download MinIO Server image
  image: {{ .Values.image.name }}:{{ .Values.image.tag }}
-  serviceAccountName: minio-service-account
+  serviceAccountName: {{ include "minio.serviceAccountName" . }}
  ## A ClusterIP Service will be created with the given name
  serviceName: minio-internal-service
  zones:
@@ -51,7 +52,7 @@ spec:
          storage: {{ .Values.volumeClaimTemplate.storage}}
  ## Secret with credentials to be used by MinIO instance.
  credsSecret:
-    name: {{ .Values.minioUICreds }}
+    name: {{ .Values.minioRootCreds }}
  ## PodManagement policy for pods created by StatefulSet. Can be "OrderedReady" or "Parallel"
  ## Refer https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy
  ## for details. Defaults to "Parallel"
@@ -77,7 +78,9 @@ spec:
  #    operator: Equal
  #    value: storage
  ## Add environment variables to be set in MinIO container (https://github.com/minio/minio/tree/master/docs/config)
-  # env:
+  env:
+    - name: MINIO_PROMETHEUS_AUTH_TYPE
+      value: "public"
    # - name: MINIO_BROWSER
    #   value: "off" # to turn-off browser
    # - name: MINIO_STORAGE_CLASS_STANDARD

--- a/chart/deps/minio/templates/role.yaml
+++ b/chart/deps/minio/templates/role.yaml
+{{- if .Values.monitoring.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleList
+items:
+- apiVersion: rbac.authorization.k8s.io/v1
+  kind: Role
+  metadata:
+    name: prometheus-k8s
+    namespace: {{ .Release.Namespace }}
+    labels:
+      app.kubernetes.io/component: "monitoring"
+  rules:
+  - apiGroups:
+    - ""
+    resources:
+    - services
+    - endpoints
+    - pods
+    verbs:
+    - get
+    - list
+    - watch
+{{- end }}
--- a/chart/deps/minio/templates/rolebinding.yaml
+++ b/chart/deps/minio/templates/rolebinding.yaml
+{{- if .Values.monitoring.enabled }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBindingList
+items:
+- apiVersion: rbac.authorization.k8s.io/v1
+  kind: RoleBinding
+  metadata:
+    name: prometheus-k8s
+    namespace: {{ .Release.Namespace }}
+    labels:
+      app.kubernetes.io/component: "monitoring"
+  roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: Role
+    name: prometheus-k8s
+  subjects:
+  - kind: ServiceAccount
+    name: prometheus-k8s
+    namespace: {{ .Values.monitoring.namespace }}
+{{- end }}
--- a/chart/charts/minio/templates/secret.yaml
+++ b/chart/charts/minio/templates/secret.yaml
@@ -3,9 +3,6 @@ kind: Secret
 metadata:
  name: minio-creds-secret
  namespace: {{ .Release.Namespace }}
-  labels:
-    {{ include "minio.labels" . | nindent 4 }}
-    app.kubernetes.io/component: "objectstorage"
 type: Opaque
 data:
  accesskey: {{ .Values.accessKey | b64enc }}

--- a/chart/deps/minio/templates/service-account.yaml
+++ b/chart/deps/minio/templates/service-account.yaml
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "minio.serviceAccountName" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "minio.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+imagePullSecrets:
+  {{ toYaml .Values.imagePullSecrets | indent 2 }}
+{{- end }}
--- a/chart/charts/minio/templates/service.yaml
+++ b/chart/charts/minio/templates/service.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: minio-service
-  namespace: {{ .Release.Namespace }}
+  name: {{ include "minio.serviceName" . }}
  labels:
-    {{ include "minio.labels" . | nindent 4 }}
-    app.kubernetes.io/component: "objectstorage"
+    {{- include "minio.labels" . | nindent 4 }}
 spec:
-  type: ClusterIP
+  type: {{ .Values.service.type }}
  ports:
-    - port: 9000
+    - port: {{ .Values.service.port }}
      targetPort: 9000
      protocol: TCP
+      name: http
  selector:
-    app: minio
+    {{- include "minio.selectorLabels" . | nindent 4 }}
--- a/chart/deps/minio/templates/serviceMonitor.yaml
+++ b/chart/deps/minio/templates/serviceMonitor.yaml
+{{- if .Values.monitoring.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels:
+    prometheus: k8s
+    release: monitoring
+    {{ include "minio.labels" . | nindent 4 }}
+    app.kubernetes.io/component: "monitoring"
+  name: minio-metrics
+  namespace: {{ .Release.Namespace }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "minio.selectorLabels" . | nindent 6 }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Release.Namespace }}
+  endpoints:
+    - interval: 30s
+      port: http
+      scheme: http
+      path: /minio/prometheus/metrics
+  jobLabel: minio
+{{- end }}
--- a/chart/charts/minio/values.yaml
+++ b/chart/charts/minio/values.yaml
-# Configure number of MinIO Operator Deployment Replicas
+#
+## Default values for minio instance creation.
+## This is a YAML-formatted file.
+## Declare variables to be passed into your templates.
+## Configure number of MinIO Operator Deployment Replicas
 replicas:
  count: 1

+
+
+
+nameOverride: ""
+fullnameOverride: ""
+
 # Configure repo and tag of MinIO Operator Image
 image:
  name: registry1.dso.mil/ironbank/opensource/minio/minio
@@ -19,8 +29,34 @@ volumeClaimTemplate:
  accessModes: ReadWriteOnce
  storage: 1Gi  # scale down for dev

-minioUICreds: minio-creds-secret # Modify if you want to use an existing secret, minio-creds-secret is created by default and uses the below values
-accessKey: minio
-secretKey: minio#123
+minioRootCreds: minio-creds-secret

 imagePullSecrets: [ ]
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+service:
+  # Internal service name for minio instance.  This is the full name of the service used to connect to Minio from within the cluster.
+  # If not specified, the service name will be the default full name of the minio instance.
+  nameOverride: ""
+  type: ClusterIP
+  port: 9000
+
+podAnnotations: {}
+
+istio:
+  enabled: true
+  virtualService:
+    enabled: true
+    name: minio
+
+monitoring:
+  enabled: false
+  namespace: monitoring
--- a/chart/charts/postgresql/.helmignore
+++ b/chart/charts/postgresql/.helmignore