You've already forked helm-gitea
							
							Compare commits
	
		
			3 Commits
		
	
	
		
			1d49cf3f58
			...
			v13
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 4d6db83c28 | |||
| 72606192a6 | |||
| fb407618dc | 
							
								
								
									
										86
									
								
								.gitea/scripts/update-changelog.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										86
									
								
								.gitea/scripts/update-changelog.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,86 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| DEFAULT_GITEA_SERVER_URL="${GITHUB_SERVER_URL:-"https://gitea.com"}" | ||||
| DEFAULT_GITEA_REPOSITORY="${GITHUB_REPOSITORY:-"gitea/helm-gitea"}" | ||||
| DEFAULT_GITEA_TOKEN="${ISSUE_RW_TOKEN:-""}" | ||||
|  | ||||
| if [ -z "${1}" ]; then | ||||
|   read -p "Enter hostname of the Gitea instance [${DEFAULT_GITEA_SERVER_URL}]: " CURRENT_GITEA_SERVER_URL | ||||
|   if [ -z "${CURRENT_GITEA_SERVER_URL}" ]; then | ||||
|     CURRENT_GITEA_SERVER_URL="${DEFAULT_GITEA_SERVER_URL}" | ||||
|   fi | ||||
| else | ||||
|   CURRENT_GITEA_SERVER_URL=$1 | ||||
| fi | ||||
|  | ||||
| if [ -z "${2}" ]; then | ||||
|   read -p "Enter name of the git repository [${DEFAULT_GITEA_REPOSITORY}]: " CURRENT_GITEA_REPOSITORY | ||||
|   if [ -z "${CURRENT_GITEA_REPOSITORY}" ]; then | ||||
|     CURRENT_GITEA_REPOSITORY="${DEFAULT_GITEA_REPOSITORY}" | ||||
|   fi | ||||
| else | ||||
|   CURRENT_GITEA_REPOSITORY=$2 | ||||
| fi | ||||
|  | ||||
| if [ -z "${3}" ]; then | ||||
|   read -p "Enter token to access the Gitea instance [${DEFAULT_GITEA_TOKEN}]: " CURRENT_GITEA_TOKEN | ||||
|   if [ -z "${CURRENT_GITEA_TOKEN}" ]; then | ||||
|     CURRENT_GITEA_TOKEN="${DEFAULT_GITEA_TOKEN}" | ||||
|   fi | ||||
| else | ||||
|   CURRENT_GITEA_TOKEN=$3 | ||||
| fi | ||||
|  | ||||
| if ! git sv rn -o /tmp/changelog.md; then | ||||
|   echo "ERROR: Failed to generate /tmp/changelog.md" 1>&2 | ||||
|   exit 1 | ||||
| fi | ||||
|  | ||||
| CURL_ARGS=( | ||||
|   "--data-urlencode" "q=Changelog for upcoming version" | ||||
|   # "--data-urlencode=\"q=Changelog for upcoming version\"" | ||||
|   "--data-urlencode" "state=open" | ||||
|   "--fail" | ||||
|   "--header" "Accept: application/json" | ||||
|   "--header" "Authorization: token ${CURRENT_GITEA_TOKEN}" | ||||
|   "--request" "GET" | ||||
|   "--silent" | ||||
| ) | ||||
|  | ||||
| if ! ISSUE_NUMBER="$(curl "${CURL_ARGS[@]}" "${CURRENT_GITEA_SERVER_URL}/api/v1/repos/${CURRENT_GITEA_REPOSITORY}/issues" | jq '.[].number')"; then | ||||
|   echo "ERROR: Failed query issue number" 1>&2 | ||||
|   exit 1 | ||||
| fi | ||||
| export ISSUE_NUMBER | ||||
|  | ||||
| if ! echo "" | jq --raw-input --slurp --arg title "Changelog for upcoming version" --arg body "$(cat /tmp/changelog.md)" '{title: $title, body: $body}' 1> /tmp/payload.json; then | ||||
|   echo "ERROR: Failed to create JSON payload file" 1>&2 | ||||
|   exit 1 | ||||
| fi | ||||
|  | ||||
| CURL_ARGS=( | ||||
|   "--data" "@/tmp/payload.json" | ||||
|   "--fail" | ||||
|   "--header" "Authorization: token ${CURRENT_GITEA_TOKEN}" | ||||
|   "--header" "Content-Type: application/json" | ||||
|   "--location" | ||||
|   "--silent" | ||||
|   "--output" "/dev/null" | ||||
| ) | ||||
|  | ||||
| if [ -z "${ISSUE_NUMBER}" ]; then | ||||
|   if ! curl "${CURL_ARGS[@]}" --request POST "${CURRENT_GITEA_SERVER_URL}/api/v1/repos/${CURRENT_GITEA_REPOSITORY}/issues"; then | ||||
|     echo "ERROR: Failed to create new issue!" 1>&2 | ||||
|     exit 1 | ||||
|   else | ||||
|     echo "INFO: Successfully created new issue!" | ||||
|   fi | ||||
| else | ||||
|   if ! curl "${CURL_ARGS[@]}" --request PATCH "${CURRENT_GITEA_SERVER_URL}/api/v1/repos/${CURRENT_GITEA_REPOSITORY}/issues/${ISSUE_NUMBER}"; then | ||||
|     echo "ERROR: Failed to update issue with ID ${ISSUE_NUMBER}!" 1>&2 | ||||
|     exit 1 | ||||
|   else | ||||
|     echo "INFO: Successfully updated existing issue with ID ${ISSUE_NUMBER}!" | ||||
|     echo "INFO: ${CURRENT_GITEA_SERVER_URL}/${CURRENT_GITEA_REPOSITORY}/issues/${ISSUE_NUMBER}" | ||||
|   fi | ||||
| fi | ||||
| @@ -1,32 +0,0 @@ | ||||
| name: changelog | ||||
|  | ||||
| on: | ||||
|   push: | ||||
|     branches: | ||||
|       - main | ||||
|  | ||||
| jobs: | ||||
|   changelog: | ||||
|     runs-on: ubuntu-latest | ||||
|     container: docker.io/thegeeklab/git-sv:2.0.5 | ||||
|     steps: | ||||
|       - name: install tools | ||||
|         run: | | ||||
|           apk add -q --update --no-cache nodejs curl jq sed | ||||
|       - uses: actions/checkout@v5 | ||||
|         with: | ||||
|           fetch-depth: 0 | ||||
|       - name: Generate upcoming changelog | ||||
|         run: | | ||||
|           git sv rn -o changelog.md | ||||
|           export RELEASE_NOTES=$(cat changelog.md) | ||||
|           export ISSUE_NUMBER=$(curl -s "https://gitea.com/api/v1/repos/gitea/helm-gitea/issues?state=open&q=Changelog%20for%20upcoming%20version" | jq '.[].number') | ||||
|  | ||||
|           echo $RELEASE_NOTES | ||||
|           JSON_DATA=$(echo "" | jq -Rs --arg title 'Changelog for upcoming version' --arg body "$(cat changelog.md)" '{title: $title, body: $body}') | ||||
|  | ||||
|           if [ -z "$ISSUE_NUMBER" ]; then | ||||
|             curl -s -X POST "https://gitea.com/api/v1/repos/gitea/helm-gitea/issues" -H "Authorization: token ${{ secrets.ISSUE_RW_TOKEN }}" -H "Content-Type: application/json" -d "$JSON_DATA" | ||||
|           else | ||||
|             curl -s -X PATCH "https://gitea.com/api/v1/repos/gitea/helm-gitea/issues/$ISSUE_NUMBER" -H "Authorization: token ${{ secrets.ISSUE_RW_TOKEN }}" -H "Content-Type: application/json" -d "$JSON_DATA" | ||||
|           fi | ||||
| @@ -1,19 +1,17 @@ | ||||
| name: commitlint | ||||
| name: Rum commitlint | ||||
|  | ||||
| on: | ||||
|   pull_request: | ||||
|     branches: | ||||
|       - "*" | ||||
|     types: | ||||
|       - opened | ||||
|       - edited | ||||
|     branches: [ '**' ] | ||||
|     types: [ "opened", "edited" ] | ||||
|  | ||||
| jobs: | ||||
|   check-and-test: | ||||
|     container: docker.io/commitlint/commitlint:19.9.1 | ||||
|     name: Execute commitlint | ||||
|     runs-on: ubuntu-latest | ||||
|     container: commitlint/commitlint:19.9.1 | ||||
|     steps: | ||||
|       - uses: actions/checkout@v5 | ||||
|       - name: check PR title | ||||
|       - uses: actions/checkout@v5.0.0 | ||||
|       - name: Check PR title | ||||
|         run: | | ||||
|           echo "${{ gitea.event.pull_request.title }}" | commitlint --config .commitlintrc.json | ||||
|   | ||||
							
								
								
									
										75
									
								
								.gitea/workflows/helm.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										75
									
								
								.gitea/workflows/helm.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,75 @@ | ||||
| name: Run Helm tests | ||||
|  | ||||
| on: | ||||
|   pull_request: | ||||
|     branches: [ '**' ] | ||||
|   push: | ||||
|     branches: [ '**' ] | ||||
|     tags-ignore: [ '**' ] | ||||
|   workflow_call: {} | ||||
|  | ||||
| env: | ||||
|   # renovate: datasource=github-releases depName=helm-unittest/helm-unittest | ||||
|   HELM_UNITTEST_VERSION: "v1.0.1" | ||||
|  | ||||
| jobs: | ||||
|   helm-lint: | ||||
|     container: docker.io/alpine/helm:3.18.6 | ||||
|     name: Execute helm lint | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Install additional tools | ||||
|         run: | | ||||
|           apk update | ||||
|           apk add --update bash make nodejs | ||||
|       - uses: actions/checkout@v5.0.0 | ||||
|       - name: Install helm chart dependencies | ||||
|         run: helm dependency build | ||||
|       - name: Execute helm lint | ||||
|         run: helm lint | ||||
|  | ||||
|   helm-template: | ||||
|     container: docker.io/alpine/helm:3.18.6 | ||||
|     name: Execute helm template | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Install additional tools | ||||
|         run: | | ||||
|           apk update | ||||
|           apk add --update bash make nodejs | ||||
|       - uses: actions/checkout@v5.0.0 | ||||
|       - name: Install helm chart dependencies | ||||
|         run: helm dependency build | ||||
|       - name: Execute helm template | ||||
|         run: helm template --debug gitea-helm . | ||||
|  | ||||
|   helm-unittest: | ||||
|     container: docker.io/alpine/helm:3.18.6 | ||||
|     name: Execute helm unittest | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Install additional tools | ||||
|         run: | | ||||
|           apk update | ||||
|           apk add --update bash make nodejs npm yamllint ncurses | ||||
|       - uses: actions/checkout@v5.0.0 | ||||
|       - name: Install helm chart dependencies | ||||
|         run: helm dependency build | ||||
|       - name: Install helm plugin 'unittest' | ||||
|         run: | | ||||
|           helm plugin install --version ${{ env.HELM_UNITTEST_VERSION }} https://github.com/helm-unittest/helm-unittest | ||||
|           git submodule update --init --recursive | ||||
|       - name: Execute helm unittest | ||||
|         env: | ||||
|           TERM: xterm | ||||
|         run: make unittests | ||||
|  | ||||
|  | ||||
|  | ||||
|  | ||||
|       # - name: verify readme | ||||
|       #   run: | | ||||
|       #     make readme | ||||
|       #     git diff --exit-code --name-only README.md | ||||
|       # - name: yaml lint | ||||
|       #   uses: https://github.com/ibiqlik/action-yamllint@v3 | ||||
							
								
								
									
										52
									
								
								.gitea/workflows/markdown-linters.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										52
									
								
								.gitea/workflows/markdown-linters.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,52 @@ | ||||
| name: Markdown linter | ||||
|  | ||||
| on: | ||||
|   pull_request: | ||||
|     types: [ "opened", "reopened", "synchronize" ] | ||||
|   push: | ||||
|     branches: [ '**' ] | ||||
|     tags-ignore: [ '**' ] | ||||
|   workflow_dispatch: {} | ||||
|  | ||||
| jobs: | ||||
|   readme-link: | ||||
|     container: | ||||
|       image: docker.io/library/node:24.9.0-alpine | ||||
|     name: Execute npm run readme:link | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Execute npm run readme:link | ||||
|       run: | | ||||
|         npm install | ||||
|         npm run readme:link | ||||
|  | ||||
|   readme-lint: | ||||
|     container: | ||||
|       image: docker.io/library/node:24.9.0-alpine | ||||
|     name: Execute npm run readme:lint | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Execute npm run readme:lint | ||||
|       run: | | ||||
|         npm install | ||||
|         npm run readme:lint | ||||
|  | ||||
|   readme-parameters: | ||||
|     container: | ||||
|       image: docker.io/library/node:24.9.0-alpine | ||||
|     name: Execute npm run readme:parameters | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|     - name: Install tooling | ||||
|       run: | | ||||
|         apk update | ||||
|         apk add git | ||||
|     - uses: actions/checkout@v5.0.0 | ||||
|     - name: Execute npm run readme:parameters | ||||
|       run: | | ||||
|         npm install | ||||
|         npm run readme:parameters | ||||
|     - name: Compare diff | ||||
|       run: git diff --exit-code --name-only README.md | ||||
| @@ -2,14 +2,13 @@ name: generate-chart | ||||
|  | ||||
| on: | ||||
|   push: | ||||
|     tags: | ||||
|       - "*" | ||||
|     tags: [ '**' ] | ||||
|  | ||||
| jobs: | ||||
|   generate-chart-publish: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - uses: actions/checkout@v5 | ||||
|       - uses: actions/checkout@v5.0.0 | ||||
|         with: | ||||
|           fetch-depth: 0 | ||||
|  | ||||
| @@ -65,11 +64,11 @@ jobs: | ||||
|           OLD_TAG="$(git tag --sort=-version:refname | head --lines 2 | tail --lines 1)" | ||||
|           .gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}" | ||||
|  | ||||
|       - name: Print Chart.yaml | ||||
|       - name: Print Chart.yaml on stdout | ||||
|         run: cat Chart.yaml | ||||
|  | ||||
|       # Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843 | ||||
|       - name: package chart | ||||
|       - name: Package Helm chart | ||||
|         run: | | ||||
|           echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin | ||||
|           # FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved | ||||
| @@ -85,7 +84,7 @@ jobs: | ||||
|           helm push gitea/gitea-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts | ||||
|           helm registry logout registry-1.docker.io | ||||
|  | ||||
|       - name: aws credential configure | ||||
|       - name: Configure AWS credentials | ||||
|         uses: https://github.com/aws-actions/configure-aws-credentials@v5 | ||||
|         with: | ||||
|           aws-access-key-id: ${{ secrets.AWS_KEY_ID }} | ||||
| @@ -97,14 +96,14 @@ jobs: | ||||
|           aws s3 sync gitea/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/ | ||||
|  | ||||
|   release-gitea: | ||||
|     container: docker.io/thegeeklab/git-sv:2.0.5 | ||||
|     needs: generate-chart-publish | ||||
|     runs-on: ubuntu-latest | ||||
|     container: docker.io/thegeeklab/git-sv:2.0.5 | ||||
|     steps: | ||||
|       - name: install tools | ||||
|       - name: Install packages via apt | ||||
|         run: | | ||||
|           apk add -q --update --no-cache nodejs | ||||
|       - uses: actions/checkout@v5 | ||||
|       - uses: actions/checkout@v5.0.0 | ||||
|         with: | ||||
|           fetch-tags: true | ||||
|           fetch-depth: 0 | ||||
|   | ||||
| @@ -1,45 +0,0 @@ | ||||
| name: check-and-test | ||||
|  | ||||
| on: | ||||
|   pull_request: | ||||
|     branches: | ||||
|       - "*" | ||||
|   push: | ||||
|     branches: | ||||
|       - main | ||||
|  | ||||
| env: | ||||
|   # renovate: datasource=github-releases depName=helm-unittest/helm-unittest | ||||
|   HELM_UNITTEST_VERSION: "v1.0.1" | ||||
|  | ||||
| jobs: | ||||
|   check-and-test: | ||||
|     runs-on: ubuntu-latest | ||||
|     container: alpine/helm:3.18.6 | ||||
|     steps: | ||||
|       - name: install tools | ||||
|         run: | | ||||
|           apk update | ||||
|           apk add --update bash make nodejs npm yamllint ncurses | ||||
|       - uses: actions/checkout@v5 | ||||
|       - name: install chart dependencies | ||||
|         run: helm dependency build | ||||
|       - name: lint | ||||
|         run: helm lint | ||||
|       - name: template | ||||
|         run: helm template --debug gitea-helm . | ||||
|       - name: prepare unit test environment | ||||
|         run: | | ||||
|           helm plugin install --version ${{ env.HELM_UNITTEST_VERSION }} https://github.com/helm-unittest/helm-unittest | ||||
|           git submodule update --init --recursive | ||||
|       - name: unit tests | ||||
|         env: | ||||
|           TERM: xterm | ||||
|         run: | | ||||
|           make unittests | ||||
|       - name: verify readme | ||||
|         run: | | ||||
|           make readme | ||||
|           git diff --exit-code --name-only README.md | ||||
|       - name: yaml lint | ||||
|         uses: https://github.com/ibiqlik/action-yamllint@v3 | ||||
							
								
								
									
										29
									
								
								.gitea/workflows/update-changelog.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										29
									
								
								.gitea/workflows/update-changelog.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,29 @@ | ||||
| name: Update changelog | ||||
|  | ||||
| on: | ||||
|   push: | ||||
|     branches: [ "main" ] | ||||
|   workflow_dispatch: {} | ||||
|  | ||||
| jobs: | ||||
|   changelog: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - name: Install packages via apt-get | ||||
|         run: | | ||||
|           apt-get update && | ||||
|           apt-get install --yes curl jq | ||||
|       - uses: actions/checkout@v5.0.0 | ||||
|         with: | ||||
|           fetch-depth: 0 | ||||
|       - name: Install git-sv | ||||
|         env: | ||||
|           GIT_SV_VERSION: v2.0.4 # renovate: datasource=github-releases depName=thegeeklab/git-sv | ||||
|         run: | | ||||
|           curl --fail --location --output /usr/local/bin/git-sv --silent --show-error https://github.com/thegeeklab/git-sv/releases/download/${GIT_SV_VERSION}/git-sv-linux-$(dpkg --print-architecture) | ||||
|           chmod +x /usr/local/bin/git-sv | ||||
|           git-sv --version | ||||
|       - name: Update changelog issue | ||||
|         env: | ||||
|           ISSUE_RW_TOKEN: ${{ secrets.ISSUE_RW_TOKEN }} | ||||
|         run: .gitea/scripts/update-changelog.sh | ||||
							
								
								
									
										8
									
								
								.markdownlink.json
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								.markdownlink.json
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,8 @@ | ||||
| { | ||||
|   "projectBaseUrl":"${workspaceFolder}", | ||||
|   "ignorePatterns": [ | ||||
|     { | ||||
|       "pattern": "^http://localhost" | ||||
|     } | ||||
|   ] | ||||
| } | ||||
| @@ -44,8 +44,7 @@ be used: | ||||
|    `helm install --dependency-update gitea . -f values.yaml`. | ||||
| 1. Gitea is now deployed in `minikube`. | ||||
|    To access it, it's port needs to be forwarded first from `minikube` to localhost first via `kubectl --namespace | ||||
| default port-forward svc/gitea-http 3000:3000`. | ||||
|    Now Gitea is accessible at [http://localhost:3000](http://localhost:3000). | ||||
| default port-forward svc/gitea-http 3000:3000`. Now Gitea is accessible at [http://localhost:3000](http://localhost:3000). | ||||
|  | ||||
| ### Unit tests | ||||
|  | ||||
|   | ||||
							
								
								
									
										21
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										21
									
								
								README.md
									
									
									
									
									
								
							| @@ -17,7 +17,7 @@ | ||||
|     - [Rootless Defaults](#rootless-defaults) | ||||
|     - [Session, Cache and Queue](#session-cache-and-queue) | ||||
|   - [Single-Pod Configurations](#single-pod-configurations) | ||||
|   - [Additional _app.ini_ settings](#additional-appini-settings) | ||||
|   - [Additional app.ini settings](#additional-appini-settings) | ||||
|     - [User defined environment variables in app.ini](#user-defined-environment-variables-in-appini) | ||||
|   - [External Database](#external-database) | ||||
|   - [Ports and external url](#ports-and-external-url) | ||||
| @@ -72,7 +72,7 @@ Additionally, this chart allows to provide LDAP and admin user configuration wit | ||||
| ## Update and versioning policy | ||||
|  | ||||
| The Gitea helm chart versioning does not follow Gitea's versioning. | ||||
| The latest chart version can be looked up in [https://dl.gitea.com/charts](https://dl.gitea.com/charts) or in the [repository releases](https://gitea.com/gitea/helm-gitea/releases). | ||||
| The latest chart version can be looked up in [https://dl.gitea.com/charts/](https://dl.gitea.com/charts/) or in the [repository releases](https://gitea.com/gitea/helm-gitea/releases). | ||||
|  | ||||
| The chart aims to follow Gitea's releases closely. | ||||
| There might be times when the chart is behind the latest Gitea release. | ||||
| @@ -266,7 +266,7 @@ If `.Values.image.rootless: true`, then the following will occur. In case you us | ||||
|  | ||||
| - `$HOME` becomes `/data/gitea/git` | ||||
|  | ||||
|   [see deployment.yaml](./templates/gitea/deployment.yaml) template inside (init-)container "env" declarations | ||||
|   [see deployment.yaml](./templates/deployment.yaml) template inside (init-)container "env" declarations | ||||
|  | ||||
| - `START_SSH_SERVER: true` (Unless explicity overwritten by `gitea.config.server.START_SSH_SERVER`) | ||||
|  | ||||
| @@ -278,7 +278,7 @@ If `.Values.image.rootless: true`, then the following will occur. In case you us | ||||
|  | ||||
| - `SSH_LOG_LEVEL` environment variable is not injected into the container | ||||
|  | ||||
|   [see deployment.yaml](./templates/gitea/deployment.yaml) template inside container "env" declarations | ||||
|   [see deployment.yaml](./templates/deployment.yaml) template inside container "env" declarations | ||||
|  | ||||
| #### Session, Cache and Queue | ||||
|  | ||||
| @@ -360,7 +360,7 @@ If HA is not needed/desired, the following configurations can be used to deploy | ||||
|  | ||||
|    </details> | ||||
|  | ||||
| ### Additional _app.ini_ settings | ||||
| ### Additional app.ini settings | ||||
|  | ||||
| > **The [generic](https://docs.gitea.com/administration/config-cheat-sheet#overall-default) | ||||
| > section cannot be defined that way.** | ||||
| @@ -1158,6 +1158,17 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo | ||||
| | `gitea.startupProbe.successThreshold`    | Success threshold for startup probe             | `1`     | | ||||
| | `gitea.startupProbe.failureThreshold`    | Failure threshold for startup probe             | `10`    | | ||||
|  | ||||
| ### Network Policy | ||||
|  | ||||
| | Name                        | Description                                                               | Value   | | ||||
| | --------------------------- | ------------------------------------------------------------------------- | ------- | | ||||
| | `networkPolicy.enabled`     | Enable network policies in general.                                       | `false` | | ||||
| | `networkPolicy.annotations` | Additional network policy annotations.                                    | `{}`    | | ||||
| | `networkPolicy.labels`      | Additional network policy labels.                                         | `{}`    | | ||||
| | `networkPolicy.policyTypes` | List of policy types. Supported is ingress, egress or ingress and egress. | `[]`    | | ||||
| | `networkPolicy.egress`      | Concrete egress network policy implementation.                            | `[]`    | | ||||
| | `networkPolicy.ingress`     | Concrete ingress network policy implementation.                           | `[]`    | | ||||
|  | ||||
| ### valkey-cluster | ||||
|  | ||||
| Valkey cluster and [Valkey](#valkey) cannot be enabled at the same time. | ||||
|   | ||||
							
								
								
									
										896
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										896
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							| @@ -9,11 +9,13 @@ | ||||
|     "npm": ">=8.0.0" | ||||
|   }, | ||||
|   "scripts": { | ||||
|     "readme:link": "markdown-link-check --config .markdownlink.json *.md", | ||||
|     "readme:lint": "markdownlint *.md -f", | ||||
|     "readme:parameters": "readme-generator -v values.yaml -r README.md" | ||||
|   }, | ||||
|   "devDependencies": { | ||||
|     "@bitnami/readme-generator-for-helm": "^2.5.0", | ||||
|     "markdown-link-check": "^3.13.6", | ||||
|     "markdownlint-cli": "^0.45.0" | ||||
|   } | ||||
| } | ||||
| @@ -87,6 +87,12 @@ storageClassName: {{ $storageClass | quote }} | ||||
| {{- end }} | ||||
| {{- end -}} | ||||
|  | ||||
| {{/* | ||||
| Common annotations | ||||
| */}} | ||||
| {{- define "gitea.annotations" -}} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* | ||||
| Common labels | ||||
| */}} | ||||
|   | ||||
							
								
								
									
										19
									
								
								templates/_networkPolicy.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/_networkPolicy.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | ||||
| {{/* vim: set filetype=mustache: */}} | ||||
|  | ||||
| {{/* annotations */}} | ||||
|  | ||||
| {{- define "gitea.networkPolicy.annotations" -}} | ||||
| {{ include "gitea.annotations" . }} | ||||
| {{- if .Values.networkPolicy.annotations }} | ||||
| {{ toYaml .Values.networkPolicy.annotations }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{/* labels */}} | ||||
|  | ||||
| {{- define "gitea.networkPolicy.labels" -}} | ||||
| {{ include "gitea.labels" . }} | ||||
| {{- if .Values.networkPolicy.labels }} | ||||
| {{ toYaml .Values.networkPolicy.labels }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
							
								
								
									
										17
									
								
								templates/_pod.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								templates/_pod.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | ||||
| --- | ||||
|  | ||||
| {{/* labels */}} | ||||
|  | ||||
| {{- define "gitea.pod.labels" -}} | ||||
| {{- include "gitea.labels" . }} | ||||
| {{- if .Values.deployment.labels }} | ||||
| {{ toYaml .Values.deployment.labels }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
|  | ||||
| {{- define "gitea.pod.selectorLabels" -}} | ||||
| {{- include "gitea.selectorLabels" . }} | ||||
| {{- if .Values.deployment.labels }} | ||||
| {{ toYaml .Values.deployment.labels }} | ||||
| {{- end }} | ||||
| {{- end }} | ||||
| @@ -23,14 +23,11 @@ spec: | ||||
|     {{- end }} | ||||
|   selector: | ||||
|     matchLabels: | ||||
|       {{- include "gitea.selectorLabels" . | nindent 6 }} | ||||
|       {{- if .Values.deployment.labels }} | ||||
|       {{- toYaml .Values.deployment.labels | nindent 6 }} | ||||
|       {{- end }} | ||||
|       {{- include "gitea.pod.selectorLabels" . | nindent 6 }} | ||||
|   template: | ||||
|     metadata: | ||||
|       annotations: | ||||
|         checksum/config: {{ include (print $.Template.BasePath "/gitea/config.yaml") . | sha256sum }} | ||||
|         checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }} | ||||
|         {{- range $idx, $value := .Values.gitea.ldap }} | ||||
|         checksum/ldap_{{ $idx }}: {{ include "gitea.ldap_settings" (list $idx $value) | sha256sum }} | ||||
|         {{- end }} | ||||
| @@ -41,10 +38,7 @@ spec: | ||||
|         {{- toYaml . | nindent 8 }} | ||||
|         {{- end }} | ||||
|       labels: | ||||
|         {{- include "gitea.labels" . | nindent 8 }} | ||||
|         {{- if .Values.deployment.labels }} | ||||
|         {{- toYaml .Values.deployment.labels | nindent 8 }} | ||||
|         {{- end }} | ||||
|         {{- include "gitea.pod.labels" . | nindent 8 }} | ||||
|     spec: | ||||
|       {{- if .Values.schedulerName }} | ||||
|       schedulerName: "{{ .Values.schedulerName }}" | ||||
							
								
								
									
										32
									
								
								templates/networkPolicy.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										32
									
								
								templates/networkPolicy.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,32 @@ | ||||
| {{- if .Values.networkPolicy.enabled }} | ||||
| --- | ||||
| apiVersion: networking.k8s.io/v1 | ||||
| kind: NetworkPolicy | ||||
| metadata: | ||||
|   {{- with (include "gitea.networkPolicy.annotations" . | fromYaml) }} | ||||
|   annotations: | ||||
|     {{- tpl (toYaml .) $ | nindent 4 }} | ||||
|   {{- end }} | ||||
|   {{- with (include "gitea.networkPolicy.labels" . | fromYaml) }} | ||||
|   labels: | ||||
|     {{- toYaml . | nindent 4 }} | ||||
|   {{- end }} | ||||
|   name: {{ include "gitea.fullname" . }} | ||||
|   namespace: {{ .Release.Namespace }} | ||||
| spec: | ||||
|   podSelector: | ||||
|     matchLabels: | ||||
|       {{- include "gitea.pod.selectorLabels" $ | nindent 6 }} | ||||
|   {{- with .Values.networkPolicy.policyTypes }} | ||||
|   policyTypes: | ||||
|   {{- toYaml . | nindent 2 }} | ||||
|   {{- end }} | ||||
|   {{- with .Values.networkPolicy.egress }} | ||||
|   egress: | ||||
|   {{- toYaml . | nindent 2 }} | ||||
|   {{- end }} | ||||
|   {{- with .Values.networkPolicy.ingress }} | ||||
|   ingress: | ||||
|   {{- toYaml . | nindent 2 }} | ||||
|   {{- end }} | ||||
| {{- end }} | ||||
| @@ -3,17 +3,17 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: "actions are enabled by default (based on vanilla Gitea behavior)" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     asserts: | ||||
|       - documentIndex: 0 | ||||
|         notExists: | ||||
|           path: stringData.actions | ||||
|  | ||||
|   - it: "actions can be disabled via inline config" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       gitea.config.actions.ENABLED: false | ||||
|     asserts: | ||||
|   | ||||
| @@ -4,7 +4,7 @@ release: | ||||
|   namespace: testing | ||||
| tests: | ||||
|   - it: "cache is configured correctly for valkey-cluster" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: true | ||||
| @@ -19,7 +19,7 @@ tests: | ||||
|             HOST=redis+cluster://:@gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& | ||||
|  | ||||
|   - it: "cache is configured correctly for valkey" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: false | ||||
| @@ -34,7 +34,7 @@ tests: | ||||
|             HOST=redis://:changeme@gitea-unittests-valkey-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& | ||||
|  | ||||
|   - it: "cache is configured correctly for 'memory' when valkey (or valkey-cluster) is disabled" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: false | ||||
| @@ -49,7 +49,7 @@ tests: | ||||
|             HOST= | ||||
|  | ||||
|   - it: "cache can be customized when valkey (or valkey-cluster) is disabled" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: false | ||||
|   | ||||
| @@ -4,7 +4,7 @@ release: | ||||
|   namespace: testing | ||||
| tests: | ||||
|   - it: metrics token is set | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       gitea: | ||||
|         metrics: | ||||
| @@ -18,7 +18,7 @@ tests: | ||||
|             ENABLED=true | ||||
|             TOKEN=somepassword | ||||
|   - it: metrics token is empty | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       gitea: | ||||
|         metrics: | ||||
| @@ -31,7 +31,7 @@ tests: | ||||
|           value: |- | ||||
|             ENABLED=true | ||||
|   - it: metrics token is nil | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       gitea: | ||||
|         metrics: | ||||
| @@ -44,7 +44,7 @@ tests: | ||||
|           value: |- | ||||
|             ENABLED=true | ||||
|   - it: does not configures a token if metrics are disabled | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       gitea: | ||||
|         metrics: | ||||
|   | ||||
| @@ -4,7 +4,7 @@ release: | ||||
|   namespace: testing | ||||
| tests: | ||||
|   - it: "queue is configured correctly for valkey-cluster" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: true | ||||
| @@ -19,7 +19,7 @@ tests: | ||||
|             TYPE=redis | ||||
|  | ||||
|   - it: "queue is configured correctly for valkey" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: false | ||||
| @@ -34,7 +34,7 @@ tests: | ||||
|             TYPE=redis | ||||
|  | ||||
|   - it: "queue is configured correctly for 'levelDB' when valkey (and valkey-cluster) is disabled" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: false | ||||
| @@ -49,7 +49,7 @@ tests: | ||||
|             TYPE=level | ||||
|  | ||||
|   - it: "queue can be customized when valkey (and valkey-cluster) are disabled" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: false | ||||
|   | ||||
| @@ -4,7 +4,7 @@ release: | ||||
|   namespace: testing | ||||
| tests: | ||||
|   - it: "[default values] uses ingress host for DOMAIN|SSH_DOMAIN|ROOT_URL" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     asserts: | ||||
|       - documentIndex: 0 | ||||
|         matchRegex: | ||||
| @@ -22,7 +22,7 @@ tests: | ||||
|   ################################################ | ||||
|  | ||||
|   - it: "[no ingress hosts] uses gitea http service for DOMAIN|SSH_DOMAIN|ROOT_URL" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       ingress: | ||||
|         hosts: [] | ||||
| @@ -43,7 +43,7 @@ tests: | ||||
|   ################################################ | ||||
|  | ||||
|   - it: "[provided via values] uses that for DOMAIN|SSH_DOMAIN|ROOT_URL" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       gitea.config.server.DOMAIN: provided.example.com | ||||
|       ingress: | ||||
|   | ||||
| @@ -4,7 +4,7 @@ release: | ||||
|   namespace: testing | ||||
| tests: | ||||
|   - it: "session is configured correctly for valkey-cluster" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: true | ||||
| @@ -19,7 +19,7 @@ tests: | ||||
|             PROVIDER_CONFIG=redis+cluster://:@gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& | ||||
|  | ||||
|   - it: "session is configured correctly for valkey" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: false | ||||
| @@ -34,7 +34,7 @@ tests: | ||||
|             PROVIDER_CONFIG=redis://:changeme@gitea-unittests-valkey-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& | ||||
|  | ||||
|   - it: "session is configured correctly for 'memory' when valkey (and valkey-cluster) is disabled" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: false | ||||
| @@ -49,7 +49,7 @@ tests: | ||||
|             PROVIDER_CONFIG= | ||||
|  | ||||
|   - it: "session can be customized when valkey (and valkey-cluster) is disabled" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     set: | ||||
|       valkey-cluster: | ||||
|         enabled: false | ||||
|   | ||||
| @@ -106,14 +106,14 @@ tests: | ||||
|           name: gitea-unittests-postgresql-ha-pgpool | ||||
|           namespace: testing | ||||
|   - it: "[gitea] connects to pgpool service" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     asserts: | ||||
|       - documentIndex: 0 | ||||
|         matchRegex: | ||||
|           path: stringData.database | ||||
|           pattern: HOST=gitea-unittests-postgresql-ha-pgpool.testing.svc.cluster.local:1234 | ||||
|   - it: "[gitea] connects to configured database" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     asserts: | ||||
|       - documentIndex: 0 | ||||
|         matchRegex: | ||||
|   | ||||
| @@ -65,14 +65,14 @@ tests: | ||||
|           name: gitea-unittests-postgresql | ||||
|           namespace: testing | ||||
|   - it: "[gitea] connects to postgresql service" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     asserts: | ||||
|       - documentIndex: 0 | ||||
|         matchRegex: | ||||
|           path: stringData.database | ||||
|           pattern: HOST=gitea-unittests-postgresql.testing.svc.cluster.local:1234 | ||||
|   - it: "[gitea] connects to configured database" | ||||
|     template: templates/gitea/config.yaml | ||||
|     template: templates/config.yaml | ||||
|     asserts: | ||||
|       - documentIndex: 0 | ||||
|         matchRegex: | ||||
|   | ||||
| @@ -82,7 +82,7 @@ tests: | ||||
|             port: 6379 | ||||
|             targetPort: tcp-redis | ||||
|   - it: "[gitea] waits for valkey-cluster to be up and running" | ||||
|     template: templates/gitea/init.yaml | ||||
|     template: templates/init.yaml | ||||
|     asserts: | ||||
|       - documentIndex: 0 | ||||
|         matchRegex: | ||||
|   | ||||
| @@ -44,7 +44,7 @@ tests: | ||||
|             port: 6379 | ||||
|             targetPort: redis | ||||
|   - it: "[gitea] waits for valkey to be up and running" | ||||
|     template: templates/gitea/init.yaml | ||||
|     template: templates/init.yaml | ||||
|     asserts: | ||||
|       - documentIndex: 0 | ||||
|         matchRegex: | ||||
|   | ||||
| @@ -3,11 +3,11 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: fails with multiple replicas and "GIT_GC_REPOS" enabled | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       replicaCount: 2 | ||||
|       persistence: | ||||
| @@ -22,14 +22,14 @@ tests: | ||||
|       - failedTemplate: | ||||
|           errorMessage: "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'gitea.config.cron.GIT_GC_REPOS.enabled = false'." | ||||
|   - it: fails with multiple replicas and RWX file system not set | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       replicaCount: 2 | ||||
|     asserts: | ||||
|       - failedTemplate: | ||||
|           errorMessage: "When using multiple replicas, a RWX file system is required and persistence.accessModes[0] must be set to ReadWriteMany." | ||||
|   - it: fails with multiple replicas and bleve issue indexer | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       replicaCount: 2 | ||||
|       persistence: | ||||
| @@ -43,7 +43,7 @@ tests: | ||||
|       - failedTemplate: | ||||
|           errorMessage: "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." | ||||
|   - it: fails with multiple replicas and bleve repo indexer | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       replicaCount: 2 | ||||
|       persistence: | ||||
|   | ||||
| @@ -3,11 +3,11 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: renders a deployment | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - hasDocuments: | ||||
|           count: 1 | ||||
| @@ -16,7 +16,7 @@ tests: | ||||
|           apiVersion: apps/v1 | ||||
|           name: gitea-unittests | ||||
|   - it: deployment labels are set | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       deployment.labels: | ||||
|         hello: world | ||||
| @@ -30,7 +30,7 @@ tests: | ||||
|           content: | ||||
|             hello: world | ||||
|   - it: "injects TMP_EXISTING_ENVS_FILE as environment variable to 'init-app-ini' init container" | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - contains: | ||||
|           path: spec.template.spec.initContainers[1].env | ||||
| @@ -38,7 +38,7 @@ tests: | ||||
|             name: TMP_EXISTING_ENVS_FILE | ||||
|             value: /tmp/existing-envs | ||||
|   - it: "injects ENV_TO_INI_MOUNT_POINT as environment variable to 'init-app-ini' init container" | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - contains: | ||||
|           path: spec.template.spec.initContainers[1].env | ||||
| @@ -46,7 +46,7 @@ tests: | ||||
|             name: ENV_TO_INI_MOUNT_POINT | ||||
|             value: /env-to-ini-mounts | ||||
|   - it: CPU resources are defined as well as GOMAXPROCS | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       resources: | ||||
|         limits: | ||||
| @@ -74,7 +74,7 @@ tests: | ||||
|               cpu: 100ms | ||||
|               memory: 100Mi | ||||
|   - it: Init containers have correct volumeMount path | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       initContainersScriptsVolumeMountPath: "/custom/init/path" | ||||
|     asserts: | ||||
| @@ -85,7 +85,7 @@ tests: | ||||
|           path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="config")].mountPath | ||||
|           value: "/custom/init/path" | ||||
|   - it: Init containers have correct volumeMount path if there is no override | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - equal: | ||||
|           path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="init")].mountPath | ||||
|   | ||||
| @@ -3,11 +3,11 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: Renders a deployment | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - hasDocuments: | ||||
|           count: 1 | ||||
| @@ -16,7 +16,7 @@ tests: | ||||
|           apiVersion: apps/v1 | ||||
|           name: gitea-unittests | ||||
|   - it: Deployment with empty additionalConfigFromEnvs | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea.additionalConfigFromEnvs: [] | ||||
|     asserts: | ||||
| @@ -44,7 +44,7 @@ tests: | ||||
|               - name: ENV_TO_INI_MOUNT_POINT | ||||
|                 value: /env-to-ini-mounts | ||||
|   - it: Deployment with standard additionalConfigFromEnvs | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea.additionalConfigFromEnvs: [{name: GITEA_database_HOST, value: my-db:123}, {name: GITEA_database_USER, value: my-user}] | ||||
|     asserts: | ||||
| @@ -76,7 +76,7 @@ tests: | ||||
|               - name: GITEA_database_USER | ||||
|                 value: my-user | ||||
|   - it: Deployment with templated additionalConfigFromEnvs | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea.misc.host: my-db-host:321 | ||||
|       gitea.misc.user: my-db-user | ||||
| @@ -110,7 +110,7 @@ tests: | ||||
|               - name: GITEA_database_USER | ||||
|                 value: my-db-user | ||||
|   - it: Deployment with additionalConfigFromEnvs templated secret name | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea.misc.existingSecret: my-db-secret | ||||
|       gitea.additionalConfigFromEnvs[0]: | ||||
|   | ||||
| @@ -3,18 +3,18 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: Render the deployment (default) | ||||
|     asserts: | ||||
|       - hasDocuments: | ||||
|           count: 1 | ||||
|         template: templates/gitea/deployment.yaml | ||||
|         template: templates/deployment.yaml | ||||
|       - lengthEqual: | ||||
|           path: spec.template.spec.initContainers | ||||
|           count: 3 | ||||
|         template: templates/gitea/deployment.yaml | ||||
|         template: templates/deployment.yaml | ||||
|  | ||||
|   - it: Render the deployment (signing) | ||||
|     set: | ||||
| @@ -22,11 +22,11 @@ tests: | ||||
|     asserts: | ||||
|       - hasDocuments: | ||||
|           count: 1 | ||||
|         template: templates/gitea/deployment.yaml | ||||
|         template: templates/deployment.yaml | ||||
|       - lengthEqual: | ||||
|           path: spec.template.spec.initContainers | ||||
|           count: 4 | ||||
|         template: templates/gitea/deployment.yaml | ||||
|         template: templates/deployment.yaml | ||||
|  | ||||
|   - it: Render the deployment (extraInitContainers) | ||||
|     set: | ||||
| @@ -40,20 +40,20 @@ tests: | ||||
|     asserts: | ||||
|       - hasDocuments: | ||||
|           count: 1 | ||||
|         template: templates/gitea/deployment.yaml | ||||
|         template: templates/deployment.yaml | ||||
|       - lengthEqual: | ||||
|           path: spec.template.spec.initContainers | ||||
|           count: 6 | ||||
|         template: templates/gitea/deployment.yaml | ||||
|         template: templates/deployment.yaml | ||||
|       - contains: | ||||
|           path: spec.template.spec.initContainers | ||||
|           content: | ||||
|             name: foo | ||||
|             image: docker.io/library/busybox:latest | ||||
|         template: templates/gitea/deployment.yaml | ||||
|         template: templates/deployment.yaml | ||||
|       - contains: | ||||
|           path: spec.template.spec.initContainers | ||||
|           content: | ||||
|             name: bar | ||||
|             image: docker.io/library/busybox:latest | ||||
|         template: templates/gitea/deployment.yaml | ||||
|         template: templates/deployment.yaml | ||||
|   | ||||
| @@ -6,17 +6,17 @@ chart: | ||||
|   # Override appVersion to be consistent with used digest :) | ||||
|   appVersion: 1.19.3 | ||||
| templates: | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: default values | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - equal: | ||||
|           path: spec.template.spec.containers[0].image | ||||
|           value: "docker.gitea.com/gitea:1.19.3-rootless" | ||||
|   - it: tag override | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image.tag: "1.19.4" | ||||
|     asserts: | ||||
| @@ -24,7 +24,7 @@ tests: | ||||
|           path: spec.template.spec.containers[0].image | ||||
|           value: "docker.gitea.com/gitea:1.19.4-rootless" | ||||
|   - it: root-based image | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image.rootless: false | ||||
|     asserts: | ||||
| @@ -32,7 +32,7 @@ tests: | ||||
|           path: spec.template.spec.containers[0].image | ||||
|           value: "docker.gitea.com/gitea:1.19.3" | ||||
|   - it: scoped registry | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image.registry: "example.com" | ||||
|     asserts: | ||||
| @@ -40,7 +40,7 @@ tests: | ||||
|           path: spec.template.spec.containers[0].image | ||||
|           value: "example.com/gitea:1.19.3-rootless" | ||||
|   - it: global registry | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       global.imageRegistry: "global.example.com" | ||||
|     asserts: | ||||
| @@ -48,7 +48,7 @@ tests: | ||||
|           path: spec.template.spec.containers[0].image | ||||
|           value: "global.example.com/gitea:1.19.3-rootless" | ||||
|   - it: digest for rootless image | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image: | ||||
|         rootless: true | ||||
| @@ -58,7 +58,7 @@ tests: | ||||
|           path: spec.template.spec.containers[0].image | ||||
|           value: "docker.gitea.com/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a" | ||||
|   - it: image fullOverride (does not append rootless) | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image: | ||||
|         fullOverride: docker.gitea.com/gitea:1.19.3 | ||||
| @@ -73,7 +73,7 @@ tests: | ||||
|           path: spec.template.spec.containers[0].image | ||||
|           value: "docker.gitea.com/gitea:1.19.3" | ||||
|   - it: digest for root-based image | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image: | ||||
|         rootless: false | ||||
| @@ -83,7 +83,7 @@ tests: | ||||
|           path: spec.template.spec.containers[0].image | ||||
|           value: "docker.gitea.com/gitea:1.19.3@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a" | ||||
|   - it: digest and global registry | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       global.imageRegistry: "global.example.com" | ||||
|       image.digest: "sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a" | ||||
| @@ -92,7 +92,7 @@ tests: | ||||
|           path: spec.template.spec.containers[0].image | ||||
|           value: "global.example.com/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a" | ||||
|   - it: correctly renders floating tag references | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image.tag: 1.21 # use non-quoted value on purpose. See: https://gitea.com/gitea/helm-gitea/issues/631 | ||||
|     asserts: | ||||
|   | ||||
| @@ -1,6 +1,6 @@ | ||||
| suite: Test ingress tpl use | ||||
| templates: | ||||
|   - templates/gitea/ingress.yaml | ||||
|   - templates/ingress.yaml | ||||
| tests: | ||||
|   - it: Ingress Class using TPL | ||||
|     set: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: inline config stringData.server using TPL | ||||
|     set: | ||||
|   | ||||
| @@ -3,11 +3,11 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: renders default liveness probe | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - notExists: | ||||
|           path: spec.template.spec.containers[0].livenessProbe.enabled | ||||
| @@ -22,7 +22,7 @@ tests: | ||||
|               port: http | ||||
|             timeoutSeconds: 1 | ||||
|   - it: renders default readiness probe | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - notExists: | ||||
|           path: spec.template.spec.containers[0].readinessProbe.enabled | ||||
| @@ -37,12 +37,12 @@ tests: | ||||
|               port: http | ||||
|             timeoutSeconds: 1 | ||||
|   - it: does not render a default startup probe | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - notExists: | ||||
|           path: spec.template.spec.containers[0].startupProbe | ||||
|   - it: allows enabling a startup probe | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea.startupProbe.enabled: true | ||||
|     asserts: | ||||
| @@ -60,7 +60,7 @@ tests: | ||||
|             timeoutSeconds: 1 | ||||
|  | ||||
|   - it: allows overwriting the default port of the liveness probe | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea: | ||||
|         livenessProbe: | ||||
| @@ -74,7 +74,7 @@ tests: | ||||
|               port: my-port | ||||
|  | ||||
|   - it: allows overwriting the default port of the readiness probe | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea: | ||||
|         readinessProbe: | ||||
| @@ -88,7 +88,7 @@ tests: | ||||
|               port: my-port | ||||
|  | ||||
|   - it: allows overwriting the default port of the startup probe | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea: | ||||
|         startupProbe: | ||||
| @@ -103,7 +103,7 @@ tests: | ||||
|               port: my-port | ||||
|  | ||||
|   - it: allows using a non-default method as liveness probe | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea: | ||||
|         livenessProbe: | ||||
| @@ -131,7 +131,7 @@ tests: | ||||
|             timeoutSeconds: 13372 | ||||
|  | ||||
|   - it: allows using a non-default method as readiness probe | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea: | ||||
|         readinessProbe: | ||||
| @@ -159,7 +159,7 @@ tests: | ||||
|             timeoutSeconds: 13372 | ||||
|  | ||||
|   - it: allows using a non-default method as startup probe | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       gitea: | ||||
|         startupProbe: | ||||
|   | ||||
| @@ -3,11 +3,11 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: supports adding a sidecar container | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       extraContainers: | ||||
|         - name: sidecar-bob | ||||
|   | ||||
| @@ -3,11 +3,11 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: skips gpg init container | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - notContains: | ||||
|           path: spec.template.spec.initContainers | ||||
| @@ -15,7 +15,7 @@ tests: | ||||
|           content: | ||||
|             name: configure-gpg | ||||
|   - it: skips gpg env in `init-directories` init container | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       signing.enabled: false | ||||
|     asserts: | ||||
| @@ -25,14 +25,14 @@ tests: | ||||
|             name: GNUPGHOME | ||||
|             value: /data/git/.gnupg | ||||
|   - it: skips gpg env in runtime container | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - notContains: | ||||
|           path: spec.template.spec.containers[0].env | ||||
|           content: | ||||
|             name: GNUPGHOME | ||||
|   - it: skips gpg volume spec | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - notContains: | ||||
|           path: spec.template.spec.volumes | ||||
|   | ||||
| @@ -3,11 +3,11 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: adds gpg init container | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       signing: | ||||
|         enabled: true | ||||
| @@ -41,7 +41,7 @@ tests: | ||||
|               mountPath: /raw | ||||
|               readOnly: true | ||||
|   - it: adds gpg env in `init-directories` init container | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       signing.enabled: true | ||||
|       signing.existingSecret: "custom-gpg-secret" | ||||
| @@ -52,7 +52,7 @@ tests: | ||||
|             name: GNUPGHOME | ||||
|             value: /data/git/.gnupg | ||||
|   - it: adds gpg env in runtime container | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       signing.enabled: true | ||||
|       signing.existingSecret: "custom-gpg-secret" | ||||
| @@ -63,7 +63,7 @@ tests: | ||||
|             name: GNUPGHOME | ||||
|             value: /data/git/.gnupg | ||||
|   - it: adds gpg volume spec | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       signing: | ||||
|         enabled: true | ||||
| @@ -80,7 +80,7 @@ tests: | ||||
|                   path: private.asc | ||||
|               defaultMode: 0100 | ||||
|   - it: supports gpg volume spec with external reference | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       signing: | ||||
|         enabled: true | ||||
|   | ||||
| @@ -3,11 +3,11 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: supports defining SSH log level for root based image | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image.rootless: false | ||||
|     asserts: | ||||
| @@ -17,7 +17,7 @@ tests: | ||||
|             name: SSH_LOG_LEVEL | ||||
|             value: "INFO" | ||||
|   - it: supports overriding SSH log level | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image.rootless: false | ||||
|       gitea.ssh.logLevel: "DEBUG" | ||||
| @@ -28,7 +28,7 @@ tests: | ||||
|             name: SSH_LOG_LEVEL | ||||
|             value: "DEBUG" | ||||
|   - it: supports overriding SSH log level (even when image.fullOverride set) | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image.fullOverride: docker.gitea.com/gitea:1.19.3 | ||||
|       image.rootless: false | ||||
| @@ -40,7 +40,7 @@ tests: | ||||
|             name: SSH_LOG_LEVEL | ||||
|             value: "DEBUG" | ||||
|   - it: skips SSH_LOG_LEVEL for rootless image | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image.rootless: true | ||||
|       gitea.ssh.logLevel: "DEBUG" # explicitly defining a non-standard level here | ||||
| @@ -51,7 +51,7 @@ tests: | ||||
|           content: | ||||
|             name: SSH_LOG_LEVEL | ||||
|   - it: skips SSH_LOG_LEVEL for rootless image (even when image.fullOverride set) | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       image.fullOverride: docker.gitea.com/gitea:1.19.3 | ||||
|       image.rootless: true | ||||
|   | ||||
| @@ -7,11 +7,11 @@ release: | ||||
|   namespace: testing | ||||
|  | ||||
| templates: | ||||
|   - templates/gitea/pvc.yaml | ||||
|   - templates/pvc.yaml | ||||
|  | ||||
| tests: | ||||
|   - it: should set storageClassName when persistence.storageClass is defined | ||||
|     template: templates/gitea/pvc.yaml | ||||
|     template: templates/pvc.yaml | ||||
|     set: | ||||
|       persistence.storageClass: "my-storage-class" | ||||
|     asserts: | ||||
| @@ -20,7 +20,7 @@ tests: | ||||
|           value: "my-storage-class" | ||||
|  | ||||
|   - it: should set global.storageClass when persistence.storageClass is not defined | ||||
|     template: templates/gitea/pvc.yaml | ||||
|     template: templates/pvc.yaml | ||||
|     set: | ||||
|       global.storageClass: "default-storage-class" | ||||
|     asserts: | ||||
| @@ -29,7 +29,7 @@ tests: | ||||
|           value: "default-storage-class" | ||||
|  | ||||
|   - it: should set storageClassName when persistence.storageClass is defined and global.storageClass is defined | ||||
|     template: templates/gitea/pvc.yaml | ||||
|     template: templates/pvc.yaml | ||||
|     set: | ||||
|       global.storageClass: "default-storage-class" | ||||
|       persistence.storageClass: "my-storage-class" | ||||
|   | ||||
| @@ -3,11 +3,11 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/ssh-svc.yaml | ||||
|   - templates/gitea/http-svc.yaml | ||||
|   - templates/ssh-svc.yaml | ||||
|   - templates/http-svc.yaml | ||||
| tests: | ||||
|   - it: supports adding custom labels to ssh-svc | ||||
|     template: templates/gitea/ssh-svc.yaml | ||||
|     template: templates/ssh-svc.yaml | ||||
|     set: | ||||
|       service: | ||||
|         ssh: | ||||
| @@ -19,7 +19,7 @@ tests: | ||||
|           value: "testvalue" | ||||
|  | ||||
|   - it: keeps existing labels (ssh) | ||||
|     template: templates/gitea/ssh-svc.yaml | ||||
|     template: templates/ssh-svc.yaml | ||||
|     set: | ||||
|       service: | ||||
|         ssh: | ||||
| @@ -29,7 +29,7 @@ tests: | ||||
|           path: metadata.labels["app"] | ||||
|  | ||||
|   - it: supports adding custom labels to http-svc | ||||
|     template: templates/gitea/http-svc.yaml | ||||
|     template: templates/http-svc.yaml | ||||
|     set: | ||||
|       service: | ||||
|         http: | ||||
| @@ -41,7 +41,7 @@ tests: | ||||
|           value: "testvalue" | ||||
|  | ||||
|   - it: keeps existing labels (http) | ||||
|     template: templates/gitea/http-svc.yaml | ||||
|     template: templates/http-svc.yaml | ||||
|     set: | ||||
|       service: | ||||
|         http: | ||||
| @@ -51,7 +51,7 @@ tests: | ||||
|           path: metadata.labels["app"] | ||||
|  | ||||
|   - it: render service.ssh.loadBalancerClass if set and type is LoadBalancer | ||||
|     template: templates/gitea/ssh-svc.yaml | ||||
|     template: templates/ssh-svc.yaml | ||||
|     set: | ||||
|       service: | ||||
|         ssh: | ||||
| @@ -73,7 +73,7 @@ tests: | ||||
|           value: ["1.2.3.4/32", "5.6.7.8/32"] | ||||
|  | ||||
|   - it: does not render when loadbalancer properties are set but type is not loadBalancerClass | ||||
|     template: templates/gitea/http-svc.yaml | ||||
|     template: templates/http-svc.yaml | ||||
|     set: | ||||
|       service: | ||||
|         http: | ||||
| @@ -92,7 +92,7 @@ tests: | ||||
|           path: spec.loadBalancerSourceRanges | ||||
|  | ||||
|   - it: does not render loadBalancerClass by default even when type is LoadBalancer | ||||
|     template: templates/gitea/http-svc.yaml | ||||
|     template: templates/http-svc.yaml | ||||
|     set: | ||||
|       service: | ||||
|         http: | ||||
| @@ -107,8 +107,8 @@ tests: | ||||
|  | ||||
|   - it: both ssh and http services exist | ||||
|     templates: | ||||
|       - templates/gitea/ssh-svc.yaml | ||||
|       - templates/gitea/http-svc.yaml | ||||
|       - templates/ssh-svc.yaml | ||||
|       - templates/http-svc.yaml | ||||
|     asserts: | ||||
|       - matchRegex: | ||||
|           path: metadata.name | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/gpg-secret.yaml | ||||
|   - templates/gpg-secret.yaml | ||||
| tests: | ||||
|   - it: renders nothing | ||||
|     set: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/gpg-secret.yaml | ||||
|   - templates/gpg-secret.yaml | ||||
| tests: | ||||
|   - it: fails rendering when nothing is configured | ||||
|     set: | ||||
|   | ||||
| @@ -1,6 +1,6 @@ | ||||
| suite: Test ingress.yaml | ||||
| templates: | ||||
|   - templates/gitea/ingress.yaml | ||||
|   - templates/ingress.yaml | ||||
| tests: | ||||
|   - it: should enable ingress when ingress.enabled is true | ||||
|     set: | ||||
|   | ||||
| @@ -1,6 +1,6 @@ | ||||
| suite: Test ingress with implicit path defaults | ||||
| templates: | ||||
|   - templates/gitea/ingress.yaml | ||||
|   - templates/ingress.yaml | ||||
| tests: | ||||
|   - it: should use default path and pathType when no paths are specified | ||||
|     set: | ||||
|   | ||||
| @@ -1,6 +1,6 @@ | ||||
| suite: Test ingress tpl use | ||||
| templates: | ||||
|   - templates/gitea/ingress.yaml | ||||
|   - templates/ingress.yaml | ||||
| tests: | ||||
|   - it: Ingress Class using TPL | ||||
|     set: | ||||
|   | ||||
| @@ -1,6 +1,6 @@ | ||||
| suite: Test ingress with structured paths | ||||
| templates: | ||||
|   - templates/gitea/ingress.yaml | ||||
|   - templates/ingress.yaml | ||||
| tests: | ||||
|   - it: should work with structured path definitions | ||||
|     set: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/init.yaml | ||||
|   - templates/init.yaml | ||||
| tests: | ||||
|   - it: renders a secret | ||||
|     asserts: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/init.yaml | ||||
|   - templates/init.yaml | ||||
| tests: | ||||
|   - it: runs gpg in batch mode | ||||
|     set: | ||||
| @@ -63,7 +63,7 @@ tests: | ||||
|               chown -v 1000:1000 "${GNUPGHOME}" | ||||
|             fi | ||||
|   - it: it does not chown /data even when image.fullOverride is set | ||||
|     template: templates/gitea/init.yaml | ||||
|     template: templates/init.yaml | ||||
|     set: | ||||
|       image.fullOverride: docker.gitea.com/gitea:1.20.5 | ||||
|     asserts: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/init.yaml | ||||
|   - templates/init.yaml | ||||
| tests: | ||||
|   - it: runs gpg in batch mode | ||||
|     set: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/metrics-secret.yaml | ||||
|   - templates/metrics-secret.yaml | ||||
| tests: | ||||
|   - it: renders nothing if monitoring disabled and gitea.metrics.token empty | ||||
|     set: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/metrics-secret.yaml | ||||
|   - templates/metrics-secret.yaml | ||||
| tests: | ||||
|   - it: renders nothing if monitoring enabled and gitea.metrics.token empty | ||||
|     set: | ||||
|   | ||||
							
								
								
									
										100
									
								
								unittests/helm/networkPolicy/networkPolicy.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										100
									
								
								unittests/helm/networkPolicy/networkPolicy.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,100 @@ | ||||
| chart: | ||||
|   appVersion: 0.1.0 | ||||
|   version: 0.1.0 | ||||
| suite: NetworkPolicy template | ||||
| release: | ||||
|   name: gitea-unittest | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/networkPolicy.yaml | ||||
| tests: | ||||
|   - it: Skip rendering networkPolicy | ||||
|     set: | ||||
|       networkPolicy.enabled: false | ||||
|     asserts: | ||||
|       - hasDocuments: | ||||
|           count: 0 | ||||
|  | ||||
|   - it: Render default networkPolicy | ||||
|     set: | ||||
|       networkPolicy.enabled: true | ||||
|     asserts: | ||||
|       - hasDocuments: | ||||
|           count: 1 | ||||
|       - containsDocument: | ||||
|           apiVersion: networking.k8s.io/v1 | ||||
|           kind: NetworkPolicy | ||||
|           name: gitea-unittest | ||||
|           namespace: testing | ||||
|       - notExists: | ||||
|           path: metadata.annotations | ||||
|       - equal: | ||||
|           path: metadata.labels | ||||
|           value: | ||||
|             app: gitea | ||||
|             app.kubernetes.io/instance: gitea-unittest | ||||
|             app.kubernetes.io/managed-by: Helm | ||||
|             app.kubernetes.io/name: gitea | ||||
|             app.kubernetes.io/version: 0.1.0 | ||||
|             helm.sh/chart: gitea-0.1.0 | ||||
|             version: 0.1.0 | ||||
|       - equal: | ||||
|           path: spec.podSelector.matchLabels | ||||
|           value: | ||||
|             app.kubernetes.io/instance: gitea-unittest | ||||
|             app.kubernetes.io/name: gitea | ||||
|       - notExists: | ||||
|           path: spec.policyTypes | ||||
|       - notExists: | ||||
|           path: spec.egress | ||||
|       - notExists: | ||||
|           path: spec.ingress | ||||
|  | ||||
|   - it: Template networkPolicy with policyTypes, egress and ingress configuration | ||||
|     set: | ||||
|       networkPolicy.enabled: true | ||||
|       networkPolicy.policyTypes: | ||||
|         - Egress | ||||
|         - Ingress | ||||
|       networkPolicy.ingress: | ||||
|         - from: | ||||
|             - namespaceSelector: | ||||
|                 matchLabels: | ||||
|                   kubernetes.io/metadata.name: monitoring | ||||
|               podSelector: | ||||
|                 matchLabels: | ||||
|                   app.kubernetes.io/name: prometheus | ||||
|       networkPolicy.egress: | ||||
|         - to: | ||||
|             - namespaceSelector: | ||||
|                 matchLabels: | ||||
|                   kubernetes.io/metadata.name: ingress-nginx | ||||
|               podSelector: | ||||
|                 matchLabels: | ||||
|                   app.kubernetes.io/name: ingress-nginx | ||||
|     asserts: | ||||
|       - equal: | ||||
|           path: spec.policyTypes | ||||
|           value: | ||||
|             - Egress | ||||
|             - Ingress | ||||
|       - equal: | ||||
|           path: spec.egress | ||||
|           value: | ||||
|             - to: | ||||
|                 - namespaceSelector: | ||||
|                     matchLabels: | ||||
|                       kubernetes.io/metadata.name: ingress-nginx | ||||
|                   podSelector: | ||||
|                     matchLabels: | ||||
|                       app.kubernetes.io/name: ingress-nginx | ||||
|       - equal: | ||||
|           path: spec.ingress | ||||
|           value: | ||||
|             - from: | ||||
|                 - namespaceSelector: | ||||
|                     matchLabels: | ||||
|                       kubernetes.io/metadata.name: monitoring | ||||
|                   podSelector: | ||||
|                     matchLabels: | ||||
|                       app.kubernetes.io/name: prometheus | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/pvc.yaml | ||||
|   - templates/pvc.yaml | ||||
| tests: | ||||
|   - it: Storage Class using TPL | ||||
|     set: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/serviceaccount.yaml | ||||
|   - templates/serviceaccount.yaml | ||||
| tests: | ||||
|   - it: skips rendering by default | ||||
|     asserts: | ||||
|   | ||||
| @@ -3,17 +3,17 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/serviceaccount.yaml | ||||
|   - templates/gitea/deployment.yaml | ||||
|   - templates/gitea/config.yaml | ||||
|   - templates/serviceaccount.yaml | ||||
|   - templates/deployment.yaml | ||||
|   - templates/config.yaml | ||||
| tests: | ||||
|   - it: does not modify the deployment by default | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     asserts: | ||||
|       - notExists: | ||||
|           path: spec.serviceAccountName | ||||
|   - it: adds the reference to the deployment with serviceAccount.create=true | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       serviceAccount.create: true | ||||
|     asserts: | ||||
| @@ -21,7 +21,7 @@ tests: | ||||
|           path: spec.template.spec.serviceAccountName | ||||
|           value: gitea-unittests | ||||
|   - it: allows referencing an externally created ServiceAccount to the deployment | ||||
|     template: templates/gitea/deployment.yaml | ||||
|     template: templates/deployment.yaml | ||||
|     set: | ||||
|       serviceAccount: | ||||
|         create: false # explicitly set to define rendering behavior | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/servicemonitor.yaml | ||||
|   - templates/servicemonitor.yaml | ||||
| tests: | ||||
|   - it: skips rendering by default | ||||
|     asserts: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/servicemonitor.yaml | ||||
|   - templates/servicemonitor.yaml | ||||
| tests: | ||||
|   - it: renders nothing if gitea.metrics.serviceMonitor disabled and gitea.metrics.token empty | ||||
|     set: | ||||
|   | ||||
| @@ -3,7 +3,7 @@ release: | ||||
|   name: gitea-unittests | ||||
|   namespace: testing | ||||
| templates: | ||||
|   - templates/gitea/servicemonitor.yaml | ||||
|   - templates/servicemonitor.yaml | ||||
| tests: | ||||
|   - it: renders unsecure ServiceMonitor if gitea.metrics.token nil | ||||
|     set: | ||||
|   | ||||
							
								
								
									
										100
									
								
								values.yaml
									
									
									
									
									
								
							
							
						
						
									
										100
									
								
								values.yaml
									
									
									
									
									
								
							| @@ -20,7 +20,7 @@ global: | ||||
|   #   hostnames: | ||||
|   #   - example.com | ||||
|  | ||||
| ## @param namespace An explicit namespace to deploy gitea into. Defaults to the release namespace if not specified | ||||
| ## @param namespace An explicit namespace to deploy Gitea into. Defaults to the release namespace if not specified | ||||
| namespace: "" | ||||
|  | ||||
| ## @param replicaCount number of replicas for the deployment | ||||
| @@ -281,13 +281,13 @@ extraContainers: [] | ||||
| #    image: busybox | ||||
| #    command: [/bin/sh, -c, 'echo "Hello world"'] | ||||
|  | ||||
| ## @param preExtraInitContainers Additional init containers to run in the pod before gitea runs it owns init containers. | ||||
| ## @param preExtraInitContainers Additional init containers to run in the pod before Gitea runs it owns init containers. | ||||
| preExtraInitContainers: [] | ||||
| # - name: pre-init-container | ||||
| #   image: docker.io/library/busybox | ||||
| #   command: [ /bin/sh, -c, 'echo "Hello world! I am a pre init container."' ] | ||||
|  | ||||
| ## @param postExtraInitContainers Additional init containers to run in the pod after gitea runs it owns init containers. | ||||
| ## @param postExtraInitContainers Additional init containers to run in the pod after Gitea runs it owns init containers. | ||||
| postExtraInitContainers: [] | ||||
| # - name: post-init-container | ||||
| #   image: docker.io/library/busybox | ||||
| @@ -513,6 +513,100 @@ gitea: | ||||
|     successThreshold: 1 | ||||
|     failureThreshold: 10 | ||||
|  | ||||
|  | ||||
| ## @section Network Policy | ||||
| networkPolicy: | ||||
|   ## @param networkPolicy.enabled Enable network policies in general. | ||||
|   ## @param networkPolicy.annotations Additional network policy annotations. | ||||
|   ## @param networkPolicy.labels Additional network policy labels. | ||||
|   ## @param networkPolicy.policyTypes List of policy types. Supported is ingress, egress or ingress and egress. | ||||
|   ## @param networkPolicy.egress Concrete egress network policy implementation. | ||||
|   ## @skip networkPolicy.egress Skip individual egress configuration. | ||||
|   ## @param networkPolicy.ingress Concrete ingress network policy implementation. | ||||
|   ## @skip networkPolicy.ingress Skip individual ingress configuration. | ||||
|   enabled: false | ||||
|   annotations: {} | ||||
|   labels: {} | ||||
|   policyTypes: [] | ||||
|   # - Egress | ||||
|   # - Ingress | ||||
|   egress: [] | ||||
|   # Allow outgoing DNS traffic to the internal running DNS-Server. For example core-dns. | ||||
|   # | ||||
|   # - to: | ||||
|   #   - namespaceSelector: | ||||
|   #       matchLabels: | ||||
|   #         kubernetes.io/metadata.name: kube-system | ||||
|   #     podSelector: | ||||
|   #       matchLabels: | ||||
|   #        k8s-app: kube-dns | ||||
|   #   ports: | ||||
|   #   - port: 53 | ||||
|   #     protocol: TCP | ||||
|   #   - port: 53 | ||||
|   #     protocol: UDP | ||||
|  | ||||
|   # Allow outgoing traffic via HTTPS. For example for oAuth2, Gravatar and other third party APIs. | ||||
|   # | ||||
|   # - to: | ||||
|   #   ports: | ||||
|   #   - port: 443 | ||||
|   #     protocol: TCP | ||||
|  | ||||
|   # Allow outgoing traffic to PostgreSQL. | ||||
|   # | ||||
|   # - to: | ||||
|   #   - podSelector: | ||||
|   #       matchLabels: | ||||
|   #         app.kubernetes.io/name: postgresql-ha | ||||
|   #   ports: [] | ||||
|   #   # Avoid explicit list of ports, because Gitea tries to ping the PostgreSQL database during the initialization | ||||
|   #   # process. The ICMP protocol is currently not supported as list of protocols by kubernetes. For this reason would | ||||
|   #   # lead listing of the ports to an issue. Therefore, please handle the database ports with care. | ||||
|   #   # | ||||
|   #   # - port: 5432 | ||||
|   #   #   protocol: TCP | ||||
|  | ||||
|   # Allow outgoing traffic to Valkey. | ||||
|   # | ||||
|   # - to: | ||||
|   #   - podSelector: | ||||
|   #       matchLabels: | ||||
|   #         app.kubernetes.io/name: valkey-cluster | ||||
|   #   ports: | ||||
|   #   - port: 6379 | ||||
|   #     protocol: TCP | ||||
|   #   - port: 16379 | ||||
|   #     protocol: TCP | ||||
|  | ||||
|   ingress: [] | ||||
|   # Allow incoming HTTP traffic from prometheus. | ||||
|   # | ||||
|   # - from: | ||||
|   #   - namespaceSelector: | ||||
|   #       matchLabels: | ||||
|   #         kubernetes.io/metadata.name: monitoring | ||||
|   #     podSelector: | ||||
|   #       matchLabels: | ||||
|   #         app.kubernetes.io/name: prometheus | ||||
|   #   ports: | ||||
|   #   - port: http | ||||
|   #     protocol: TCP | ||||
|  | ||||
|   # Allow incoming HTTP traffic from ingress-nginx. | ||||
|   # | ||||
|   # - from: | ||||
|   #   - namespaceSelector: | ||||
|   #       matchLabels: | ||||
|   #         kubernetes.io/metadata.name: ingress-nginx | ||||
|   #     podSelector: | ||||
|   #       matchLabels: | ||||
|   #         app.kubernetes.io/name: ingress-nginx | ||||
|   #   ports: | ||||
|   #   - port: http | ||||
|   #     protocol: TCP | ||||
|  | ||||
|  | ||||
| ## @section valkey-cluster | ||||
| ## @param valkey-cluster.enabled Enable valkey cluster | ||||
| # ⚠️ The valkey charts do not work well with special characters in the password (<https://gitea.com/gitea/helm-chart/issues/690>). | ||||
|   | ||||
		Reference in New Issue
	
	Block a user