{{/* Copyright VMware, Inc. SPDX-License-Identifier: APACHE-2.0 */}} {{/* vim: set filetype=mustache: */}} {{/* Return the proper MinIO® image name */}} {{- define "minio.image" -}} {{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} {{- end -}} {{/* Return the proper MinIO® Client image name */}} {{- define "minio.clientImage" -}} {{ include "common.images.image" (dict "imageRoot" .Values.clientImage "global" .Values.global) }} {{- end -}} {{/* Return the proper image name (for the init container volume-permissions image) */}} {{- define "minio.volumePermissions.image" -}} {{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }} {{- end -}} {{/* Return the proper Docker Image Registry Secret Names */}} {{- define "minio.imagePullSecrets" -}} {{- include "common.images.renderPullSecrets" (dict "images" (list .Values.image .Values.clientImage .Values.volumePermissions.image) "context" $) -}} {{- end -}} {{/* Returns the available value for certain key in an existing secret (if it exists), otherwise it generates a random value. */}} {{- define "getValueFromSecret" }} {{- $len := (default 16 .Length) | int -}} {{- $obj := (lookup "v1" "Secret" .Namespace .Name).data -}} {{- if $obj }} {{- index $obj .Key | b64dec -}} {{- else -}} {{- randAlphaNum $len -}} {{- end -}} {{- end }} {{/* Get the user to use to access MinIO® */}} {{- define "minio.secret.userValue" -}} {{- if .Values.auth.rootUser }} {{- .Values.auth.rootUser -}} {{- else if (not .Values.auth.forcePassword) }} {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "root-user") -}} {{- else -}} {{ required "A root username is required!" .Values.auth.rootUser }} {{- end -}} {{- end -}} {{/* Get the password to use to access MinIO® */}} {{- define "minio.secret.passwordValue" -}} {{- if .Values.auth.rootPassword }} {{- .Values.auth.rootPassword -}} {{- else if (not .Values.auth.forcePassword) }} {{- include "getValueFromSecret" (dict "Namespace" .Release.Namespace "Name" (include "common.names.fullname" .) "Length" 10 "Key" "root-password") -}} {{- else -}} {{ required "A root password is required!" .Values.auth.rootPassword }} {{- end -}} {{- end -}} {{/* Get the credentials secret. */}} {{- define "minio.secretName" -}} {{- if .Values.auth.existingSecret -}} {{- printf "%s" (tpl .Values.auth.existingSecret $) -}} {{- else -}} {{- printf "%s" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Return true if a secret object should be created */}} {{- define "minio.createSecret" -}} {{- if .Values.auth.existingSecret -}} {{- else -}} {{- true -}} {{- end -}} {{- end -}} {{/* Return true if a PVC object should be created (only in standalone mode) */}} {{- define "minio.createPVC" -}} {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) (eq .Values.mode "standalone") }} {{- true -}} {{- end -}} {{- end -}} {{/* Return the PVC name (only in standalone mode) */}} {{- define "minio.claimName" -}} {{- if and .Values.persistence.existingClaim }} {{- printf "%s" (tpl .Values.persistence.existingClaim $) -}} {{- else -}} {{- printf "%s" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Returns the proper service account name depending if an explicit service account name is set in the values file. If the name is not set it will default to either common.names.fullname if serviceAccount.create is true or default otherwise. */}} {{- define "minio.serviceAccountName" -}} {{- if .Values.serviceAccount.create -}} {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} {{- else -}} {{ default "default" .Values.serviceAccount.name }} {{- end -}} {{- end -}} {{/* Compile all warnings into a single message, and call fail. */}} {{- define "minio.validateValues" -}} {{- $messages := list -}} {{- $messages := append $messages (include "minio.validateValues.mode" .) -}} {{- $messages := append $messages (include "minio.validateValues.totalDrives" .) -}} {{- $messages := append $messages (include "minio.validateValues.tls" .) -}} {{- $messages := without $messages "" -}} {{- $message := join "\n" $messages -}} {{- if $message -}} {{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} {{- end -}} {{- end -}} {{/* Validate values of MinIO® - must provide a valid mode ("distributed" or "standalone") */}} {{- define "minio.validateValues.mode" -}} {{- $allowedValues := list "distributed" "standalone" }} {{- if not (has .Values.mode $allowedValues) -}} minio: mode Invalid mode selected. Valid values are "distributed" and "standalone". Please set a valid mode (--set mode="xxxx") {{- end -}} {{- end -}} {{/* Validate values of MinIO® - total number of drives should be greater than 4 */}} {{- define "minio.validateValues.totalDrives" -}} {{- $replicaCount := int .Values.statefulset.replicaCount }} {{- $drivesPerNode := int .Values.statefulset.drivesPerNode }} {{- $totalDrives := mul $replicaCount $drivesPerNode }} {{- if and (eq .Values.mode "distributed") (lt $totalDrives 4) -}} minio: total drives The total number of drives should be greater than 4 to guarantee erasure coding! Please set a combination of nodes, and drives per node that match this condition. For instance (--set statefulset.replicaCount=2 --set statefulset.drivesPerNode=2) {{- end -}} {{- end -}} {{/* Validate values of MinIO® - TLS secret must provided if TLS is enabled */}} {{- define "minio.validateValues.tls" -}} {{- if and .Values.tls.enabled (not .Values.tls.existingSecret) (not .Values.tls.autoGenerated) }} minio: tls.existingSecret, tls.autoGenerated In order to enable TLS, you also need to provide an existing secret containing the TLS certificates or enable auto-generated certificates. {{- end -}} {{- end -}} {{/* Return the secret containing MinIO TLS certificates */}} {{- define "minio.tlsSecretName" -}} {{- if .Values.tls.existingSecret -}} {{- printf "%s" (tpl .Values.tls.existingSecret $) -}} {{- else -}} {{- printf "%s-crt" (include "common.names.fullname" .) -}} {{- end -}} {{- end -}} {{/* Return true if a TLS secret object should be created */}} {{- define "minio.createTlsSecret" -}} {{- if and .Values.tls.enabled .Values.tls.autoGenerated (not .Values.tls.existingSecret) }} {{- true -}} {{- end -}} {{- end -}} {{/* Provisioning job labels (exclude matchLabels from standard labels) */}} {{- define "minio.labels.provisioning" -}} {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.provisioning.podLabels .Values.commonLabels ) "context" . ) }} {{- $provisioningLabels := (include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | fromYaml ) -}} {{- range (include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | fromYaml | keys ) -}} {{- $_ := unset $provisioningLabels . -}} {{- end -}} {{- print ($provisioningLabels | toYaml) -}} {{- end -}} {{/* Return the ingress anotation */}} {{- define "minio.ingress.annotations" -}} {{ .Values.ingress.annotations | toYaml }} {{- end -}} {{/* Return the api ingress anotation */}} {{- define "minio.apiIngress.annotations" -}} {{ .Values.apiIngress.annotations | toYaml }} {{- end -}} {{/* Return the ingress hostname */}} {{- define "minio.ingress.hostname" -}} {{- tpl .Values.ingress.hostname $ -}} {{- end -}} {{/* Return the api ingress hostname */}} {{- define "minio.apiIngress.hostname" -}} {{- tpl .Values.apiIngress.hostname $ -}} {{- end -}}