Merge pull request #114 from truenas/minio-tls-settings

NAS-111770 / 21.08 / Adapt Minio app to conform to upstream configuration for TLS

charts/minio/1.3.10/Chart.yaml → charts/minio/1.3.11/Chart.yaml

@@ -16,4 +16,4 @@ sources:
 - https://github.com/minio/minio
 - https://github.com/minio/charts
 upstream_version: 8.0.5
-version: 1.3.10
+version: 1.3.11

charts/minio/1.3.10/questions.yaml → charts/minio/1.3.11/questions.yaml

@@ -140,6 +140,16 @@ questions:
             default: 9002
             required: true
 
+  - variable: minioDomain
+    label: "Minio Domain Name"
+    description: "This is only required if TLS is configured for Minio"
+    group: "Minio Configuration"
+    schema:
+      type: string
+      default: null
+      "null": true
+      show_if: [["certificate", "!=", null]]
+
   - variable: certificate
     description: "Minio Certificate"
     label: "Minio Certificate"

charts/minio/1.3.10/templates/_helpers.tpl → charts/minio/1.3.11/templates/_helpers.tpl

@@ -38,3 +38,15 @@ Retrieve private key of minio certificate
 {{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}}
 {{ include "common.resources.cert" $values }}
 {{- end -}}
+
+
+{{/*
+Retrieve scheme/protocol for minio
+*/}}
+{{- define "minio.scheme" -}}
+{{- if eq (include "minio.certAvailable" .) "true" -}}
+{{- print "https" -}}
+{{- else -}}
+{{- print "http" -}}
+{{- end -}}
+{{- end -}}

charts/minio/1.3.10/templates/configmap.yaml → charts/minio/1.3.11/templates/configmap.yaml

-{{ $scheme := "http" }}
-{{ if eq (include "minio.certAvailable" .) "true" }}
-{{ $scheme = "https" }}
-{{ end }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: minio-config
 data:
-  protocol: {{ $scheme }}
+  protocol: {{ include "minio.scheme" . }}

charts/minio/1.3.10/templates/deployment.yaml → charts/minio/1.3.11/templates/deployment.yaml

@@ -42,6 +42,10 @@ spec:
           env:
             {{ $secretName := (include "minio.secretName" .) }}
             {{ $envList := (default list .Values.environmentVariables) }}
+            {{ if and (eq (include "minio.certAvailable" .) "true") .Values.minioDomain }}
+            {{ $envList = mustAppend $envList (dict "name" "MINIO_BROWSER_REDIRECT_URL" "value" (printf "%s://%s:%d" (include "minio.scheme" .) .Values.minioDomain (.Values.service.consolePort | int))) }}
+            {{ $envList = mustAppend $envList (dict "name" "MINIO_SERVER_URL" "value" (printf "%s://%s:%d" (include "minio.scheme" .) .Values.minioDomain (.Values.service.nodePort | int))) }}
+            {{ end }}
             {{ $envList = mustAppend $envList (dict "name" "MINIO_ACCESS_KEY" "valueFromSecret" true "secretName" $secretName "secretKey" "accesskey") }}
             {{ $envList = mustAppend $envList (dict "name" "MINIO_SECRET_KEY" "valueFromSecret" true "secretName" $secretName "secretKey" "secretkey") }}
             {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }}

charts/minio/1.3.10/test_values.yaml → charts/minio/1.3.11/test_values.yaml

@@ -14,4 +14,5 @@ image:
 service:
   consolePort: 32325
   nodePort: 32324
+minioDomain: null
 updateStrategy: RollingUpdate

test/minio/1.3.10/Chart.yaml → test/minio/1.3.11/Chart.yaml

@@ -16,4 +16,4 @@ sources:
 - https://github.com/minio/minio
 - https://github.com/minio/charts
 upstream_version: 8.0.5
-version: 1.3.10
+version: 1.3.11

test/minio/1.3.10/questions.yaml → test/minio/1.3.11/questions.yaml

@@ -140,6 +140,16 @@ questions:
             default: 9002
             required: true
 
+  - variable: minioDomain
+    label: "Minio Domain Name"
+    description: "This is only required if TLS is configured for Minio"
+    group: "Minio Configuration"
+    schema:
+      type: string
+      default: null
+      "null": true
+      show_if: [["certificate", "!=", null]]
+
   - variable: certificate
     description: "Minio Certificate"
     label: "Minio Certificate"

test/minio/1.3.10/templates/_helpers.tpl → test/minio/1.3.11/templates/_helpers.tpl

@@ -38,3 +38,15 @@ Retrieve private key of minio certificate
 {{- $_ := set $values "commonCertOptions" (dict "certKeyName" $values.Values.certificate) -}}
 {{ include "common.resources.cert" $values }}
 {{- end -}}
+
+
+{{/*
+Retrieve scheme/protocol for minio
+*/}}
+{{- define "minio.scheme" -}}
+{{- if eq (include "minio.certAvailable" .) "true" -}}
+{{- print "https" -}}
+{{- else -}}
+{{- print "http" -}}
+{{- end -}}
+{{- end -}}

test/minio/1.3.10/templates/configmap.yaml → test/minio/1.3.11/templates/configmap.yaml

-{{ $scheme := "http" }}
-{{ if eq (include "minio.certAvailable" .) "true" }}
-{{ $scheme = "https" }}
-{{ end }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: minio-config
 data:
-  protocol: {{ $scheme }}
+  protocol: {{ include "minio.scheme" . }}

test/minio/1.3.10/templates/deployment.yaml → test/minio/1.3.11/templates/deployment.yaml

@@ -42,6 +42,10 @@ spec:
           env:
             {{ $secretName := (include "minio.secretName" .) }}
             {{ $envList := (default list .Values.environmentVariables) }}
+            {{ if and (eq (include "minio.certAvailable" .) "true") .Values.minioDomain }}
+            {{ $envList = mustAppend $envList (dict "name" "MINIO_BROWSER_REDIRECT_URL" "value" (printf "%s://%s:%d" (include "minio.scheme" .) .Values.minioDomain (.Values.service.consolePort | int))) }}
+            {{ $envList = mustAppend $envList (dict "name" "MINIO_SERVER_URL" "value" (printf "%s://%s:%d" (include "minio.scheme" .) .Values.minioDomain (.Values.service.nodePort | int))) }}
+            {{ end }}
             {{ $envList = mustAppend $envList (dict "name" "MINIO_ACCESS_KEY" "valueFromSecret" true "secretName" $secretName "secretKey" "accesskey") }}
             {{ $envList = mustAppend $envList (dict "name" "MINIO_SECRET_KEY" "valueFromSecret" true "secretName" $secretName "secretKey" "secretkey") }}
             {{ include "common.containers.environmentVariables" (dict "environmentVariables" $envList) | nindent 12 }}

test/minio/1.3.10/test_values.yaml → test/minio/1.3.11/test_values.yaml

@@ -14,4 +14,5 @@ image:
 service:
   consolePort: 32325
   nodePort: 32324
+minioDomain: null
 updateStrategy: RollingUpdate