From ce2e8543cf8a0deab884e0fe7fd8d4ae09adf9b4 Mon Sep 17 00:00:00 2001
From: sarmstrong <stuart.armstrong@wilix.org>
Date: Thu, 16 Oct 2025 16:26:38 +0300
Subject: [PATCH] Replace Bitnami Charts and images.

---
 yonote-chart-service/Chart.yaml           |  26 ++---
 yonote-chart-service/secret-values.yaml   |  30 +++---
 yonote-chart-service/templates/mcJob.yaml |  14 +--
 yonote-chart-service/values.yaml          | 123 ++++++++++------------
 4 files changed, 91 insertions(+), 102 deletions(-)

diff --git a/yonote-chart-service/Chart.yaml b/yonote-chart-service/Chart.yaml
index a70fa48..6256ecc 100644
--- a/yonote-chart-service/Chart.yaml
+++ b/yonote-chart-service/Chart.yaml
@@ -1,9 +1,9 @@
 apiVersion: v2
 name: yonote-chart
-version: 1.2.0
+version: 1.3.0
 description:
   Generic application Helm chart.
-  This chart includes multiple dependencies. The base of this chart is derived from the Dynix app chart.
+  This chart includes multiple dependencies. The base of this chart is derived from the Dysnix app chart.
 maintainers:
   - name: Dysnix
     email: support@dysnix.com
@@ -29,32 +29,32 @@ dependencies:
     version: "0.3.15"
     repository: https://dysnix.github.io/charts
     alias: yonote-worker
- 
+
   - name: app
     version: "0.3.15"
     repository: https://dysnix.github.io/charts
     alias: yonote-collaboration
 
-  - name: postgresql
-    version: "11.6.6"
-    repository: https://charts.bitnami.com/bitnami
+  - name: postgres
+    version: "0.3.9"
+    repository: https://groundhog2k.github.io/helm-charts/
     condition: yonoteDatabase.enabled
     alias: yonoteDatabase
 
   - name: redis
-    version: "16.12.1"
-    repository: https://charts.bitnami.com/bitnami
+    version: "0.7.0"
+    repository: https://groundhog2k.github.io/helm-charts/
     condition: yonote-redis.enabled
     alias: yonote-redis
 
   - name: minio
     version: "12.7.0"
-    repository: https://charts.bitnami.com/bitnami
+    repository: https://charts.min.io/
     condition: minio.enabled
     alias: minio
 
-  - name: keycloak
-    version: "14.0.0"
-    repository: https://charts.bitnami.com/bitnami
+  - name: keycloakx
+    version: "1.3.2"
+    repository: https://codecentric.github.io/helm-charts
     condition: keycloak.enabled
-    alias: keycloak
\ No newline at end of file
+    alias: keycloak
diff --git a/yonote-chart-service/secret-values.yaml b/yonote-chart-service/secret-values.yaml
index f53e7ee..a3e9229 100644
--- a/yonote-chart-service/secret-values.yaml
+++ b/yonote-chart-service/secret-values.yaml
@@ -3,8 +3,8 @@ global:
     config:
       secret:
         stringData:
-          DATABASE_URL: 'postgres://{{ .Values.yonoteDatabase.global.postgresql.auth.username }}:{{ .Values.yonoteDatabase.global.postgresql.auth.password }}@yonote-database:5432/{{ .Values.yonoteDatabase.global.postgresql.auth.database }}'
-          POSTGRES_PASSWORD: "{{ .Values.yonoteDatabase.global.postgresql.auth.password }}"
+          DATABASE_URL: 'postgres://{{ .Values.yonoteDatabase.settings.userDatabase.user }}:{{ .Values.yonoteDatabase.settings.userDatabase.password }}@yonote-database:5432/{{ .Values.yonoteDatabase.settings.userDatabase.database }}'
+          POSTGRES_PASSWORD: "{{ .Values.yonoteDatabase.settings.superuserPassword.password }}"
           AWS_ACCESS_KEY_ID: "{{ .Values.minio.customUser }}"  # Ваш идентификатор ключа доступа к AWS. 
           AWS_SECRET_ACCESS_KEY: "{{ .Values.minio.customAccessKey }}" # Ваш секретный ключ доступа AWS. 
           OIDC_CLIENT_SECRET: "Kdq8rk5Pv5RW1c5kHXpnyfrmMRzI9xSD" # Секретный ключ клиента для аутентификации по OpenID Connect (OIDC).
@@ -21,23 +21,21 @@ global:
         # 2) Выполнить команду для генерации ключей
         # npx web-push generate-vapid-keys
         # 3) Полученные значения ввести в .env файл (SERVICE_WORKER_PUBLIC_KEY, SERVICE_WORKER_PRIVATE_KEY)
-          
-yonoteDatabase:
-  global:
-    postgresql:
-      auth:
-        password: "wsGZ6kXhr5"
-        postgresPassword: "QQYw4UjOU"
 
-# yonote-redis: # Если используете auth для redis
-#   auth:
-#     password: "12345678"
+yonoteDatabase:
+  settings:
+    superuserPassword: "QQYw4UjOU"
+  userDatabase:
+    password: "wsGZ6kXhr5"
+
+yonote-redis:
+  args:
+    - "--user redis:redis"
 
 minio:
-  customAccessKey: "qwer-12314q-qwersa"
-  auth:
-    rootPassword: "qwettaas"
+  #customAccessKey: "qwer-12314q-qwersa"
+  rootPassword: "qwettaas"
 
 keycloak:
   auth:
-   adminPassword: "root"
\ No newline at end of file
+    adminPassword: "root"
diff --git a/yonote-chart-service/templates/mcJob.yaml b/yonote-chart-service/templates/mcJob.yaml
index 787d6e6..4421c2b 100644
--- a/yonote-chart-service/templates/mcJob.yaml
+++ b/yonote-chart-service/templates/mcJob.yaml
@@ -13,22 +13,22 @@ spec:
     spec:
       containers:
         - name: mc-client
-          image: "docker.io/bitnami/minio-client:2024.8.13-debian-12-r0"
+          image: "quay.io/minio/mc:RELEASE.2024-12-18T13-15-44Z"
           command: ["/bin/sh", "-c"]
           args:
             - |
-              until mc alias set myminio http://yonote-minio:9000 {{ .Values.minio.auth.rootUser }} {{ .Values.minio.auth.rootPassword }}; do
+              until mc alias set myminio http://yonote-minio:9000 {{ .Values.minio.rootUser }} {{ .Values.minio.rootPassword }}; do
                 echo "Waiting for MinIO to be ready..."
                 sleep 5
               done
               echo "MinIO is ready and alias is set."
 
               # Создание пользователя
-              if ! mc admin user add myminio {{ .Values.minio.customUser }} {{ .Values.minio.customAccessKey }}; then
-                echo "User {{ .Values.minio.customUser }} already exists or failed to create."
-              else
-                echo "User {{ .Values.minio.customUser }} created successfully."
-              fi
+              #if ! mc admin user add myminio {{ .Values.minio.customUser }} {{ .Values.minio.customAccessKey }}; then
+              #  echo "User {{ .Values.minio.customUser }} already exists or failed to create."
+              #else
+              #  echo "User {{ .Values.minio.customUser }} created successfully."
+              #fi
 
               # Назначение политики для нового пользователя
               cat <<EOF > /tmp/minio-user-policy.json
diff --git a/yonote-chart-service/values.yaml b/yonote-chart-service/values.yaml
index 70f1645..289d5cd 100644
--- a/yonote-chart-service/values.yaml
+++ b/yonote-chart-service/values.yaml
@@ -476,7 +476,7 @@ yonote-collaboration:
     httpGet:
       path: /_health
       port: app
-  
+
   livenessProbe:
     enabled: true
     failureThreshold: 6
@@ -490,103 +490,94 @@ yonote-collaboration:
 
 yonoteDatabase:
   enabled: true
-  global:
-    postgresql:
-      auth:
-        database: "yonote"
-        username: "yonote"
+  settings:
+  # Default postgres
+  #  superuser:
+
+  userDatabase:
+    name: yonote
+    user: yonote
+
   name: yonote-database
   fullnameOverride: yonote-database
   nameOverride: yonote-database
-  
-  primary:
-    persistence:
-      size: 5Gi
-    resources:
-      limits:
-        cpu: 2
-        memory: 8Gi
-      requests:
-        cpu: 500m
-        memory: 512Mi
 
-    extraVolumes:
-      - name: init-scripts
-        configMap:
-          name: postgres-init-scripts
+  storage:
+    requestedSize: 5Gi
+    #className: ""
 
-    extraVolumeMounts:
-      - name: init-scripts
-        mountPath: /docker-entrypoint-initdb.d
-        readOnly: true
+  resources:
+    limits:
+      cpu: 2
+      memory: 8Gi
+    requests:
+      cpu: 500m
+      memory: 512Mi
+
+  extraScripts:
+    - name: postgres-init-scripts
 
 yonote-redis:
   enabled: true
   fullnameOverride: yonote-redis
   nameOverride: redis
-  architecture: standalone
-  image:
-    tag: 7.2.0-debian-11-r0
-  
-  auth:
-    enabled: false
-  
-  master:
-    persistence:
-      size: 5Gi
-    resources:
-      limits:
-        cpu: 1
-        memory: 4Gi
-      requests:
-        cpu: 500m
-        memory: 512Mi
-   
+
+  storage:
+    requestedSize: 5Gi
+    #className: ""
+  resources:
+    limits:
+      cpu: 1
+      memory: 4Gi
+    requests:
+      cpu: 500m
+      memory: 512Mi
+
 minio:
   enabled: true
   name: minio
   fullnameOverride: yonote-minio
-  customUser: yonote
+  #customUser: yonote
   nameOverride: yonote-minio
-  auth:
-    rootUser: admin
+  mode: standalone
+  rootUser: admin
 
-  image:
-    tag: 2024.8.3-debian-12-r1
+  users:
+    - accessKey: console
+      secretKey: console123
+      policy: readwrite
 
   persistence:
     enabled: true
     size: 5Gi
-    
+    #storageClass: ""
+
   ingress:
     enabled: true
-    hostname: 's3.example.com'
+    hosts: 's3.example.com'
     ingressClassName: traefik
     path: '/'
-    pathType: ImplementationSpecific
     annotations:
       kubernetes.io/ingress.class: traefik
       # cert-manager.io/cluster-issuer: letsencrypt.example.com # Если используете
-    extraTls:
-    - hosts:
-        - "s3.example.com"
-      secretName: "you_tls_secret"
+    tls:
+      - hosts:
+          - "s3.example.com"
+        secretName: "you_tls_secret"
 
-  apiIngress:
+  consoleIngress:
     enabled: true
-    hostname: 'api-s3.example.com'
+    hosts: 'api-s3.example.com'
     ingressClassName: traefik
     path: '/'
-    pathType: ImplementationSpecific
-    servicePort: minio-api
     annotations:
       kubernetes.io/ingress.class: traefik
       # cert-manager.io/cluster-issuer: letsencrypt.example.com # Если используете
-    extraTls:
-    - hosts:
-        - "api-s3.example.com"
-      secretName: "api-s3.example.com"
-      
+    tls:
+      - hosts:
+          - "api-s3.example.com"
+        secretName: "api-s3.example.com"
+
   resources:
     requests:
       memory: 512Mi
@@ -601,7 +592,7 @@ mcJob:
 keycloak:
   fullnameOverride: yonote-keycloak
   nameOverride: yonote-keycloak
-  
+
   auth:
     adminUser: root
 
@@ -662,7 +653,7 @@ keycloak:
     requests:
       cpu: 250m
       memory: 256Mi
-  
+
   postgresql:
     enabled: false