Merge pull request #48 from truenas/update-trains-21.04

Update official catalog items for 21.04

charts/ipfs/1.0.1/Chart.yaml → charts/ipfs/1.0.2/Chart.yaml

 apiVersion: v1
 description: Global, Versioned, peer-to-peer filesystem.
 name: ipfs
-version: 1.0.1
-appVersion: master
+version: 1.0.2
+appVersion: v0.8.0
 keywords:
 - storage
 - p2p

charts/ipfs/1.0.2/ix_values.yaml

+image:
+  repository: ipfs/go-ipfs
+  tag: v0.8.0
+  pullPolicy: IfNotPresent

charts/ipfs/1.0.1/questions.yaml → charts/ipfs/1.0.2/questions.yaml

@@ -19,42 +19,6 @@ portals:
     path: "/webui"
 
 questions:
-  # Image related
-  - variable: image
-    description: "Docker Image Details"
-    label: "Docker Image"
-    group: "Container Images"
-    schema:
-      type: dict
-      required: true
-      attrs:
-        - variable: repository
-          description: "Docker image repository"
-          label: "Image repository"
-          schema:
-            type: string
-            default: "ipfs/go-ipfs"
-            required: true
-        - variable: tag
-          description: "Tag to use for specified image"
-          label: "Image Tag"
-          schema:
-            type: string
-            default: "v0.8.0-rc1"
-        - variable: pullPolicy
-          description: "Docker Image Pull Policy"
-          label: "Image Pull Policy"
-          schema:
-            type: string
-            default: "IfNotPresent"
-            enum:
-              - value: "IfNotPresent"
-                description: "Only pull image if not present on host"
-              - value: "Always"
-                description: "Always pull image even if present on host"
-              - value: "Never"
-                description: "Never pull image even if it's not present on host"
-
   - variable: updateStrategy
     label: "IPFS update strategy"
     group: "Workload Configuration"

charts/ipfs/1.0.1/test_values.yaml → charts/ipfs/1.0.2/test_values.yaml

@@ -2,7 +2,7 @@
 ##
 image:
   repository: ipfs/go-ipfs
-  tag: v0.8.0-rc1
+  tag: v0.8.0
   pullPolicy: IfNotPresent
 
 ## Additional arguments to pass to minio binary

charts/ix-chart/2102.0.0/Chart.yaml → charts/ix-chart/2104.0.0/Chart.yaml

@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 2102.0.0
+version: 2104.0.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

charts/ix-chart/2102.0.0/questions.yaml → charts/ix-chart/2104.0.0/questions.yaml

@@ -447,3 +447,16 @@ questions:
       $ref:
         - "definitions/gpuConfiguration"
       attrs: []
+
+  - variable: securityContext
+    label: "Security Context"
+    group: "Workload Details"
+    schema:
+      type: dict
+      attrs:
+        - variable: privileged
+          label: "Privileged Mode"
+          description: "Determines if any container in a pod can enable privileged mode. By default a container is not allowed to access any devices on the host, but a 'privileged' container is given access to all devices on the host. This allows the container nearly all the same access as processes running on the host."
+          schema:
+            type: boolean
+            default: false

charts/minio/1.1.0/templates/_helpers.tpl

-{{/*
-Determine secret name.
-*/}}
-{{- define "minio.secretName" -}}
-{{- include "common.names.fullname" . -}}
-{{- end -}}

charts/minio/1.2.1/CHANGELOG.md

+* TLS Support added for Minio application. This lets users to use TrueNAS certificates with Minio Application.
\ No newline at end of file

charts/minio/1.1.0/Chart.yaml → charts/minio/1.2.1/Chart.yaml

 apiVersion: v1
 description: High Performance, Kubernetes Native Object Storage
 name: minio
-version: 1.1.0
-appVersion: master
+version: 1.2.1
+appVersion: RELEASE.2021-04-06T23-11-00Z
 keywords:
 - storage
 - object-storage

charts/minio/1.2.1/ix_values.yaml

+image:
+  repository: minio/minio
+  tag: RELEASE.2021-04-06T23-11-00Z
+  pullPolicy: IfNotPresent

charts/minio/1.1.0/migrations/migrate → charts/minio/1.2.1/migrations/migrate_from_1.0.0

@@ -5,6 +5,9 @@ import sys
 
 
 def migrate(values):
+    if values.get('appVolumeMounts'):
+        return values
+
     values.update({
         'appVolumeMounts': {
             'export': {

charts/minio/1.1.0/questions.yaml → charts/minio/1.2.1/questions.yaml

@@ -11,49 +11,13 @@ groups:
 portals:
   web_portal:
     protocols:
-      - "http"
+      - "$kubernetes-resource_configmap_minio-config_protocol"
     host:
       - "$node_ip"
     ports:
       - "$variable-service.nodePort"
 
 questions:
-  # Image related
-  - variable: image
-    description: "Docker Image Details"
-    label: "Docker Image"
-    group: "Container Images"
-    schema:
-      type: dict
-      required: true
-      attrs:
-        - variable: repository
-          description: "Docker image repository"
-          label: "Image repository"
-          schema:
-            type: string
-            default: "minio/minio"
-            required: true
-        - variable: tag
-          description: "Tag to use for specified image"
-          label: "Image Tag"
-          schema:
-            type: string
-            default: "RELEASE.2020-11-19T23-48-16Z"
-        - variable: pullPolicy
-          description: "Docker Image Pull Policy"
-          label: "Image Pull Policy"
-          schema:
-            type: string
-            default: "IfNotPresent"
-            enum:
-              - value: "IfNotPresent"
-                description: "Only pull image if not present on host"
-              - value: "Always"
-                description: "Always pull image even if present on host"
-              - value: "Never"
-                description: "Never pull image even if it's not present on host"
-
   - variable: updateStrategy
     label: "Minio update strategy"
     group: "Workload Configuration"
@@ -138,6 +102,15 @@ questions:
             default: 9000
             required: true
 
+  - variable: certificate
+    description: "Minio Certificate"
+    label: "Minio Certificate"
+    group: "Minio Configuration"
+    schema:
+      type: int
+      $ref:
+        - "definitions/certificate"
+
   - variable: appVolumeMounts
     label: "Minio Storage"
     group: "Storage"

charts/minio/1.2.1/templates/_cert.tpl

+{{/*
+Formats volumeMount for Minio tls keys and trusted certs
+*/}}
+{{- define "minio.tlsKeysVolumeMount" -}}
+{{- if eq (include "minio.certAvailable" .) "true" -}}
+- name: cert-secret-volume
+  mountPath: "/etc/minio/certs"
+- name: trusted-cert-secret-volume
+  mountPath: "/etc/minio/certs/CAs"
+{{- end }}
+{{- end -}}
+
+{{/*
+Formats volume for Minio tls keys and trusted certs
+*/}}
+{{- define "minio.tlsKeysVolume" -}}
+{{- if eq (include "minio.certAvailable" .) "true" -}}
+- name: cert-secret-volume
+  secret:
+    secretName: {{ include "minio.secretName" . }}
+    items:
+    - key: certPublicKey
+      path: public.crt
+    - key: certPrivateKey
+      path: private.key
+- name: trusted-cert-secret-volume
+  secret:
+    secretName: {{ include "minio.secretName" . }}
+    items:
+    - key: certPublicKey
+      path: public.crt
+{{- end }}
+{{- end -}}

charts/minio/1.2.1/templates/_helpers.tpl

+{{/*
+Determine secret name.
+*/}}
+{{- define "minio.secretName" -}}
+{{- include "common.names.fullname" . -}}
+{{- end -}}
+
+
+{{/*
+Retrieve true/false if minio certificate is configured
+*/}}
+{{- define "minio.certAvailable" -}}
+{{- if .Values.certificate -}}
+{{- $values := (. | mustDeepCopy) -}}
+{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}}
+{{- template "common.resources.cert_present" $values -}}
+{{- else -}}
+{{- false -}}
+{{- end -}}
+{{- end -}}
+
+
+{{/*
+Retrieve public key of minio certificate
+*/}}
+{{- define "minio.cert.publicKey" -}}
+{{- $values := (. | mustDeepCopy) -}}
+{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate "publicKey" true) -}}
+{{ include "common.resources.cert" $values }}
+{{- end -}}
+
+
+{{/*
+Retrieve private key of minio certificate
+*/}}
+{{- define "minio.cert.privateKey" -}}
+{{- $values := (. | mustDeepCopy) -}}
+{{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}}
+{{ include "common.resources.cert" $values }}
+{{- end -}}

charts/minio/1.2.1/templates/configmap.yaml

+{{ $scheme := "http" }}
+{{ if eq (include "minio.certAvailable" .) "true" }}
+{{ $scheme = "https" }}
+{{ end }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: minio-config
+data:
+  protocol: {{ $scheme }}

charts/minio/1.1.0/templates/deployment.yaml → charts/minio/1.2.1/templates/deployment.yaml

-{{ $scheme := "http" }}
 apiVersion: {{ template "common.capabilities.deployment.apiVersion" . }}
 kind: Deployment
 metadata:
@@ -29,13 +28,14 @@ spec:
       containers:
         - name: {{ .Chart.Name }}
           {{ include "common.containers.imageConfig" .Values.image | nindent 10 }}
-          {{ include "common.storage.allContainerVolumeMounts" .Values | nindent 10 }}
+          volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }}
+          {{- include "minio.tlsKeysVolumeMount" . | nindent 12 }}
           command:
             - "/bin/sh"
             - "-ce"
-            - "/usr/bin/docker-entrypoint.sh minio server /export {{ (.Values.extraArgs | default list) | join " " }}"
+            - "/usr/bin/docker-entrypoint.sh minio -S /etc/minio/certs server /export {{ (.Values.extraArgs | default list) | join " " }}"
           ports:
-            - name: {{ $scheme }}
+            - name: http
               containerPort: 9000
           env:
             {{ $secretName := (include "minio.secretName" .) }}
@@ -44,3 +44,4 @@ spec:
             {{ $envList = mustAppend $envList (dict "name" "MINIO_SECRET_KEY" "valueFromSecret" true "secretName" $secretName "secretKey" "secretkey") }}
             {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }}
 {{ include "common.storage.allAppVolumes" .Values | nindent 6 }}
+{{- include "minio.tlsKeysVolume" . | nindent 8 }}

charts/minio/1.1.0/templates/secrets.yaml → charts/minio/1.2.1/templates/secrets.yaml

@@ -7,3 +7,7 @@ type: Opaque
 data:
   accesskey: {{ if .Values.accessKey }}{{ .Values.accessKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 20 | b64enc | quote }}{{ end }}
   secretkey: {{ if .Values.secretKey }}{{ .Values.secretKey | toString | b64enc | quote }}{{ else }}{{ randAlphaNum 40 | b64enc | quote }}{{ end }}
+  {{ if eq (include "minio.certAvailable" .) "true" }}
+  certPublicKey: {{ (include "minio.cert.publicKey" .) | toString | b64enc | quote }}
+  certPrivateKey: {{ (include "minio.cert.privateKey" .) | toString | b64enc | quote }}
+  {{ end }}

charts/minio/1.1.0/test_values.yaml → charts/minio/1.2.1/test_values.yaml

@@ -2,7 +2,7 @@
 ##
 image:
   repository: minio/minio
-  tag: RELEASE.2020-11-19T23-48-16Z
+  tag: RELEASE.2021-02-19T04-38-02Z
   pullPolicy: IfNotPresent
 
 ## Additional arguments to pass to minio binary
@@ -11,7 +11,7 @@ extraArgs: []
 updateStrategy: RollingUpdate
 
 service:
-  nodePort: 32001
+  nodePort: 32324
 
 environmentVariables: []
   ## Please refer for comprehensive list https://docs.minio.io/docs/minio-server-configuration-guide.html

charts/nextcloud/1.2.0/Chart.yaml → charts/nextcloud/1.2.1/Chart.yaml

 apiVersion: v2
 name: nextcloud
-version: 1.2.0
-appVersion: 19.0.3
+version: 1.2.1
+appVersion: 21.0.0
 description: A file sharing server that puts the control and security of your own data back into your hands.
 keywords:
 - nextcloud

charts/nextcloud/1.2.1/ix_values.yaml

+image:
+  repository: nextcloud
+  tag: 21.0.0
+  pullPolicy: IfNotPresent

charts/nextcloud/1.2.0/questions.yaml → charts/nextcloud/1.2.1/questions.yaml

@@ -22,42 +22,6 @@ portals:
       - "$variable-service.nodePort"
 
 questions:
-  # Image related
-  - variable: image
-    description: "Docker Image Details"
-    label: "Docker Image"
-    group: "Container Images"
-    schema:
-      type: dict
-      required: true
-      attrs:
-        - variable: repository
-          description: "Docker image repository"
-          label: "Image repository"
-          schema:
-            type: string
-            default: "nextcloud"
-            required: true
-        - variable: tag
-          description: "Tag to use for specified image"
-          label: "Image Tag"
-          schema:
-            type: string
-            default: "latest"
-        - variable: pullPolicy
-          description: "Docker Image Pull Policy"
-          label: "Image Pull Policy"
-          schema:
-            type: string
-            default: "IfNotPresent"
-            enum:
-              - value: "IfNotPresent"
-                description: "Only pull image if not present on host"
-              - value: "Always"
-                description: "Always pull image even if present on host"
-              - value: "Never"
-                description: "Never pull image even if it's not present on host"
-
   - variable: nextcloud
     description: "Nextcloud configuration details"
     label: "Nextcloud Configuration"

charts/plex/1.3.0/CHANGELOG.md

+* Application liveness / readiness probes were updated addressing a bug where TrueNAS failed
+to consider plex application as `Active` if it was configured to only use `HTTPS`.
+
+* Nvidia GPU support was properly added which ensures users having NVIDIA gpu can now consume it
+for hardware acceleration.

charts/plex/1.1.0/Chart.yaml → charts/plex/1.3.0/Chart.yaml

 apiVersion: v2
-appVersion: 1.20.2.3402
+appVersion: 1.22.2.4282
 description: Plex Media Server
 name: plex
-version: 1.1.0
+version: 1.3.0
 keywords:
   - plex
 home: https://plex.tv/

charts/plex/1.3.0/ix_values.yaml

+image:
+  repository: plexinc/pms-docker
+  tag: 1.22.2.4282-a97b03fad
+  pullPolicy: IfNotPresent

charts/plex/1.1.0/questions.yaml → charts/plex/1.3.0/questions.yaml

@@ -31,42 +31,6 @@ portals:
     path: "/web"
 
 questions:
-  # Image related
-  - variable: image
-    description: "Docker Image Details"
-    label: "Docker Image"
-    group: "Container Images"
-    schema:
-      type: dict
-      required: true
-      attrs:
-        - variable: repository
-          description: "Docker image repository"
-          label: "Image repository"
-          schema:
-            type: string
-            required: true
-            default: "plexinc/pms-docker"
-        - variable: tag
-          description: "Tag to use for specified image"
-          label: "Image Tag"
-          schema:
-            type: string
-            default: "1.20.2.3402-0fec14d92"
-        - variable: pullPolicy
-          description: "Docker Image Pull Policy"
-          label: "Image Pull Policy"
-          schema:
-            type: string
-            default: "IfNotPresent"
-            enum:
-              - value: "IfNotPresent"
-                description: "Only pull image if not present on host"
-              - value: "Always"
-                description: "Always pull image even if present on host"
-              - value: "Never"
-                description: "Never pull image even if it's not present on host"
-
   - variable: claimToken
     label: "Plex Claim Token"
     group: "Plex Configuration"

charts/plex/1.1.0/templates/deployment.yaml → charts/plex/1.3.0/templates/deployment.yaml

@@ -9,8 +9,12 @@ spec: {{ include "common.deployment.common_spec" . | nindent 2 }}
       containers:
         - name: {{ .Chart.Name }}
           {{ include "common.containers.imageConfig" .Values.image | nindent 10 }}
-          {{ include "common.storage.allContainerVolumeMounts" .Values | nindent 10 }}
           {{ include "common.containers.gpuConfiguration" .Values | nindent 10 }}
+          volumeMounts: {{ include "common.storage.configureAppVolumeMountsInContainer" .Values | nindent 12 }}
+            - name: plex-probe-check
+              mountPath: /bin/plex_probe_check.sh
+              readOnly: true
+              subPath: entrypoint.sh
           ports:
           - name: pms
             protocol: TCP
@@ -41,29 +45,40 @@ spec: {{ include "common.deployment.common_spec" . | nindent 2 }}
               valueFrom:
                 fieldRef:
                   fieldPath: metadata.namespace
+            - name: POD_IP
+              valueFrom:
+                fieldRef:
+                  fieldPath: status.podIP
             {{ $envList := (default list .Values.environmentVariables) }}
+            {{ if and .Values.gpuConfiguration (hasKey .Values.gpuConfiguration "nvidia.com/gpu") (gt (get .Values.gpuConfiguration "nvidia.com/gpu" | toDecimal) 0) }}
+            {{ $envList = mustAppend $envList (dict "name" "NVIDIA_DRIVER_CAPABILITIES" "value" "all") }}
+            {{ end }}
             {{ $envList = mustAppend $envList (dict "name" "TZ" "value" .Values.timezone) }}
             {{ $envList = mustAppend $envList (dict "name" "PLEX_CLAIM" "value" .Values.claimToken) }}
             {{ $envList = mustAppend $envList (dict "name" "PMS_INTERNAL_ADDRESS" "value" (printf "http://%s:32400" (include "common.names.fullname" .))) }}
             {{ $envList = mustAppend $envList (dict "name" "PMS_IMAGE" "value" (printf "%s:%s" .Values.image.repository .Values.image.tag))}}
             {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }}
           readinessProbe:
-            httpGet:
-              path: /identity
-              port: 32400
+            exec:
+              command:
+                - /bin/plex_probe_check.sh
             failureThreshold: 5
             periodSeconds: 15
           livenessProbe:
-            httpGet:
-              path: /identity
-              port: 32400
+            exec:
+              command:
+                - /bin/plex_probe_check.sh
             failureThreshold: 5
             periodSeconds: 15
           startupProbe:
-            httpGet:
-              path: /identity
-              port: 32400
+            exec:
+              command:
+                - /bin/plex_probe_check.sh
             initialDelaySeconds: 5
             failureThreshold: 40
             periodSeconds: 15
-{{ include "common.storage.allAppVolumes" .Values | nindent 6 }}
+      volumes: {{ include "common.storage.configureAppVolumes" .Values | nindent 8 }}
+        - name: plex-probe-check
+          configMap:
+            defaultMode: 0700
+            name: "plex-probe-check"

charts/plex/1.3.0/templates/probe_config.yaml

+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: "plex-probe-check"
+data:
+  entrypoint.sh: |-
+    #!/bin/sh
+    curl -ksf http://$POD_IP:32400/identity -o /dev/null || curl -ksf https://$POD_IP:32400/identity -o /dev/null