volker.raschek/helm-gitea
Archived
1
0
Fork 0
Code Issues 2 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

Support to read environment variables from file in init containers (#993)

Browse Source 
### Description of the change

Gitea supports providing DB and Redis/ValKey secrets via env variables, current chart requires DB and Redis/ ValKey credentials reading from k8s secret as per below values.yaml snippet. This approach requires secret to be created beforehand.

```
    - name: GITEA__database__USER
      valueFrom:
        secretKeyRef:
          name: gitea-ha
          key: db_user
    - name: GITEA__database__PASSWD
      valueFrom:
        secretKeyRef:
          name: gitea-ha
          key: db_password
```

Other approach is to provide the credentials in values.yaml which isnt secure.

A bash variable file can be created by using vault injector like this, which then can be sourced while running `config_environment.sh` in `init-app-ini`
```
GITEA__database__NAME=gitea
GITEA__database__USER=gitea_user
```

Support to read env variables from file
Reference: https://developer.hashicorp.com/vault/docs/deploy/kubernetes/injector/examples#environment-variable-example

### Benefits

Support to read env variables from file created by vault injector for DB and redis/ valkey credentials
Support to set gitea admin user and credentials via env variables from file created by vault injector

### Possible drawbacks

N/A

### ⚠ BREAKING

No breaking changes

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/993
Co-authored-by: deepakdeore2004 <deepakdeore2004@noreply.gitea.com>
Co-committed-by: deepakdeore2004 <deepakdeore2004@noreply.gitea.com>
This commit is contained in:
deepakdeore2004
2026-03-12 19:12:26 +00:00
committed by techknowlogick
parent be3c6f232a
commit e673346bb8
4 changed files with 152 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files
templates/gitea/deployment.yaml
+24
View File
@@ -98,8 +98,16 @@ spec:
- name: init-app-ini
image: "{{ include "gitea.image" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.gitea.extraEnvSourceFile }}
command:
- "/bin/bash"
- "-c"
args:
- "test -f {{ .Values.gitea.extraEnvSourceFile }} && source {{ .Values.gitea.extraEnvSourceFile }} || { echo 'ERROR: Failed to source {{ .Values.gitea.extraEnvSourceFile }}'; exit 1; } && {{ .Values.initContainersScriptsVolumeMountPath }}/config_environment.sh"
{{- else }}
command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/config_environment.sh"
{{- end }}
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
@@ -143,8 +151,16 @@ spec:
{{- if .Values.signing.enabled }}
- name: configure-gpg
image: "{{ include "gitea.image" . }}"
{{- if .Values.gitea.extraEnvSourceFile }}
command:
- "/bin/bash"
- "-c"
args:
- "test -f {{ .Values.gitea.extraEnvSourceFile }} && source {{ .Values.gitea.extraEnvSourceFile }} || { echo 'ERROR: Failed to source {{ .Values.gitea.extraEnvSourceFile }}'; exit 1; } && {{ .Values.initContainersScriptsVolumeMountPath }}/configure_gpg_environment.sh"
{{- else }}
command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/configure_gpg_environment.sh"
{{- end }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- /* By default this container runs as user 1000 unless otherwise stated */ -}}
@@ -177,8 +193,16 @@ spec:
{{- end }}
- name: configure-gitea
image: "{{ include "gitea.image" . }}"
{{- if .Values.gitea.extraEnvSourceFile }}
command:
- "/bin/bash"
- "-c"
args:
- "test -f {{ .Values.gitea.extraEnvSourceFile }} && source {{ .Values.gitea.extraEnvSourceFile }} || { echo 'ERROR: Failed to source {{ .Values.gitea.extraEnvSourceFile }}'; exit 1; } && {{ .Values.initContainersScriptsVolumeMountPath }}/configure_gitea.sh"
{{- else }}
command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/configure_gitea.sh"
{{- end }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- /* By default this container runs as user 1000 unless otherwise stated */ -}}