volker.raschek/helm-gitea
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add multiple LDAP sources (#222)

Browse Source 
Add multiple add sources.

Instead of a single entry for ldap configuration we now would have a dictionary for ldap config.

This would be a breaking change for those working with the ldap config.

fixes: #190

Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/222
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
This commit is contained in:
luhahn
2021-10-08 20:16:24 +08:00
parent b344673d11
commit 3273b245e7
5 changed files with 65 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
templates/gitea/init.yaml
View File

@ -84,24 +84,28 @@ stringData:
configure_admin_user
{{- end }}
{{- if .Values.gitea.ldap.enabled }}
function configure_ldap() {
local LDAP_NAME={{ (printf "%s" .Values.gitea.ldap.name) | squote }}
{{- if .Values.gitea.ldap }}
{{- range $idx, $value := .Values.gitea.ldap }}
local LDAP_NAME={{ (printf "%s" $value.name) | squote }}
local GITEA_AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " " "{print \$1}")
if [[ -z "${GITEA_AUTH_ID}" ]]; then
echo "No ldap configuration found with name '${LDAP_NAME}'. Installing it now..."
gitea admin auth add-ldap {{- include "gitea.ldap_settings" . | indent 1 }}
gitea admin auth add-ldap {{- include "gitea.ldap_settings" (list $idx $value) | indent 1 }}
echo '...installed.'
else
echo "Existing ldap configuration with name '${LDAP_NAME}': '${GITEA_AUTH_ID}'. Running update to sync settings..."
gitea admin auth update-ldap --id "${GITEA_AUTH_ID}" {{- include "gitea.ldap_settings" . | indent 1 }}
gitea admin auth update-ldap --id "${GITEA_AUTH_ID}" {{- include "gitea.ldap_settings" (list $idx $value) | indent 1 }}
echo '...sync settings done.'
fi
{{- end }}
{{- else }}
echo 'no ldap configuration... skipping.'
{{- end }}
}
configure_ldap
{{- end }}
{{- if .Values.gitea.oauth.enabled }}
function configure_oauth() {

26
templates/gitea/statefulset.yaml
View File

@ -17,7 +17,9 @@ spec:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/gitea/config.yaml") . | sha256sum }}
checksum/ldap: {{ include "gitea.ldap_settings" . | sha256sum }}
{{- range $idx, $value := .Values.gitea.ldap }}
checksum/ldap_{{ $idx }}: {{ include "gitea.ldap_settings" (list $idx $value) | sha256sum }}
{{- end }}
checksum/oauth: {{ include "gitea.oauth_settings" . | sha256sum }}
{{- with .Values.gitea.podAnnotations }}
{{- toYaml . | nindent 8 }}
@ -79,23 +81,25 @@ spec:
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
{{- if .Values.gitea.ldap.enabled }}
{{- if .Values.gitea.ldap.existingSecret }}
- name: GITEA_LDAP_BIND_DN
{{- if .Values.gitea.ldap }}
{{- range $idx, $value := .Values.gitea.ldap }}
{{- if $value.existingSecret }}
- name: GITEA_LDAP_BIND_DN_{{ $idx }}
valueFrom:
secretKeyRef:
key: bindDn
name: {{ .Values.gitea.ldap.existingSecret }}
- name: GITEA_LDAP_PASSWORD
name: {{ $value.existingSecret }}
- name: GITEA_LDAP_PASSWORD_{{ $idx }}
valueFrom:
secretKeyRef:
key: bindPassword
name: {{ .Values.gitea.ldap.existingSecret }}
name: {{ $value.existingSecret }}
{{- else }}
- name: GITEA_LDAP_BIND_DN
value: {{ .Values.gitea.ldap.bindDn | quote }}
- name: GITEA_LDAP_PASSWORD
value: {{ .Values.gitea.ldap.bindPassword | quote }}
- name: GITEA_LDAP_BIND_DN_{{ $idx }}
value: {{ $value.bindDn | quote }}
- name: GITEA_LDAP_PASSWORD_{{ $idx }}
value: {{ $value.bindPassword | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.gitea.admin.existingSecret }}