Fix Helm chart: rename minio.ingress to minioIngress to avoid subchart conflict (#48)

- Renamed minio.ingress to minioIngress to avoid collision with Bitnami MinIO subchart - Updated minio-ingress.yaml template to use new key - Updated _helpers.tpl to use new key - Updated README documentation
2025-12-16 12:26:27 -06:00
parent f4e9d1a46f
commit 698a13b9a1
5 changed files with 34 additions and 34 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,7 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Added `?mode=` query parameter to override download mode per-request (#48)
 - Added `/api/v1/project/{project}/{package}/+/{ref}/url` endpoint for getting presigned URLs (#48)
 - Added `PresignedUrlResponse` schema with URL, expiry, checksums, and artifact metadata (#48)
- Added MinIO ingress support in Helm chart for presigned URL access (#48)
+- Added `minioIngress` config in Helm chart for exposing MinIO for presigned URL access (#48)
 - Added `orchard.download.mode` and `orchard.download.presignedUrlExpiry` Helm values (#48)
 - Added integrity verification workflow design document (#24)
 - Added `sha256` field to API responses for clarity (alias of `id`) (#25)
--- a/README.md
+++ b/README.md
@@ -553,19 +553,18 @@ orchard:
    presignedUrlExpiry: 3600
 # MinIO ingress (required for presigned URL downloads)
-minio:
+minioIngress:
-  ingress:
+  enabled: true
  className: "nginx"
  annotations:
    cert-manager.io/cluster-issuer: "letsencrypt"
  host: "minio.your-domain.com"
  tls:
    enabled: true
-    className: "nginx"
+    secretName: minio-tls
    annotations:
      cert-manager.io/cluster-issuer: "letsencrypt"
    host: "minio.your-domain.com"
    tls:
      enabled: true
      secretName: minio-tls
 ```
-When `minio.ingress.enabled` is `true`, the S3 endpoint automatically uses the external URL (`https://minio.your-domain.com`), making presigned URLs accessible to external clients.
+When `minioIngress.enabled` is `true`, the S3 endpoint automatically uses the external URL (`https://minio.your-domain.com`), making presigned URLs accessible to external clients.
 See `helm/orchard/values.yaml` for all configuration options.
--- a/helm/orchard/templates/_helpers.tpl
+++ b/helm/orchard/templates/_helpers.tpl
@@ -111,11 +111,11 @@ MinIO internal host (for server-side operations)
 MinIO host (uses external URL if ingress enabled, for presigned URLs)
 */}}
 {{- define "orchard.minio.host" -}}
-{{- if and .Values.minio.enabled .Values.minio.ingress.enabled .Values.minio.ingress.host }}
+{{- if and .Values.minio.enabled .Values.minioIngress.enabled .Values.minioIngress.host }}
-{{- if .Values.minio.ingress.tls.enabled }}
+{{- if .Values.minioIngress.tls.enabled }}
-{{- printf "https://%s" .Values.minio.ingress.host }}
+{{- printf "https://%s" .Values.minioIngress.host }}
 {{- else }}
-{{- printf "http://%s" .Values.minio.ingress.host }}
+{{- printf "http://%s" .Values.minioIngress.host }}
 {{- end }}
 {{- else if .Values.minio.enabled }}
 {{- printf "http://%s-minio:9000" .Release.Name }}
--- a/helm/orchard/templates/minio-ingress.yaml
+++ b/helm/orchard/templates/minio-ingress.yaml
@@ -1,4 +1,4 @@
-{{- if and .Values.minio.enabled .Values.minio.ingress.enabled -}}
+{{- if and .Values.minio.enabled .Values.minioIngress.enabled -}}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@@ -6,22 +6,22 @@ metadata:
  labels:
    {{- include "orchard.labels" . | nindent 4 }}
    app.kubernetes.io/component: minio
-  {{- with .Values.minio.ingress.annotations }}
+  {{- with .Values.minioIngress.annotations }}
  annotations:
    {{- toYaml . | nindent 4 }}
  {{- end }}
 spec:
-  {{- if .Values.minio.ingress.className }}
+  {{- if .Values.minioIngress.className }}
-  ingressClassName: {{ .Values.minio.ingress.className }}
+  ingressClassName: {{ .Values.minioIngress.className }}
  {{- end }}
-  {{- if .Values.minio.ingress.tls.enabled }}
+  {{- if .Values.minioIngress.tls.enabled }}
  tls:
    - hosts:
-        - {{ .Values.minio.ingress.host | quote }}
+        - {{ .Values.minioIngress.host | quote }}
-      secretName: {{ .Values.minio.ingress.tls.secretName }}
+      secretName: {{ .Values.minioIngress.tls.secretName }}
  {{- end }}
  rules:
-    - host: {{ .Values.minio.ingress.host | quote }}
+    - host: {{ .Values.minioIngress.host | quote }}
      http:
        paths:
          - path: /
--- a/helm/orchard/values.yaml
+++ b/helm/orchard/values.yaml
@@ -152,17 +152,18 @@ minio:
  persistence:
    enabled: false
    size: 50Gi
-  # MinIO ingress for presigned URL access
+
-  ingress:
+# MinIO external ingress for presigned URL access (separate from subchart ingress)
-    enabled: false
+minioIngress:
-    className: "nginx"
+  enabled: false
-    annotations:
+  className: "nginx"
-      cert-manager.io/cluster-issuer: "letsencrypt"
+  annotations:
-      nginx.ingress.kubernetes.io/proxy-body-size: "0"  # Disable body size limit for uploads
+    cert-manager.io/cluster-issuer: "letsencrypt"
-    host: ""  # e.g., minio.your-domain.com
+    nginx.ingress.kubernetes.io/proxy-body-size: "0"  # Disable body size limit for uploads
-    tls:
+  host: ""  # e.g., minio.your-domain.com
-      enabled: true
+  tls:
-      secretName: minio-tls
+    enabled: true
    secretName: minio-tls
 # Redis subchart configuration (for future caching)
 redis: