WIP

The following PR add the annotation 'artifacthub.io/changes'. For each semantic
commit will be the annotation extended. Further information can be found in the
documentation of
[Artifacthub.io](https://artifacthub.io/docs/topics/annotations/helm/#supported-annotations).

The CI has been adapted. The binary jq as well as yq in >= v4.0 is required.
Otherwise will not be concatenated the YAML file correctly via the yq expression,
because the `loadstr()` expression is not available in lower versions.

Additionally the relation between the semantic commit and the Artifacthub.io
change log type should be clarified. The current relationshiop can be adapted if
needed.

Furthermore, yq will be installed as part of the CI steps. It would be great if
yq is also available as deb package in >=v4.0. This would reduce the boiler
plate to install yq and maintain the version via renovate.

Regarding the renovate expression. In my environment works this expression, but
I don't know if it also works in this gitea/renovate instance.

.gitea/scripts/add-annotations.sh

@@ -97,8 +97,8 @@ while IFS= read -r line; do
 
     echo "- ${KIND}: ${DESC}"
 
-    jq --arg kind "${KIND}" --arg description "${DESC}" '. += [ $ARGS.named ]' < "${CHANGE_LOG_YAML}" > "${CHANGE_LOG_YAML}.new"
-    mv "${CHANGE_LOG_YAML}.new" "${CHANGE_LOG_YAML}"
+    jq --arg kind changed --arg description "$DESC" '. += [ $ARGS.named ]' < ${CHANGE_LOG_YAML} > ${CHANGE_LOG_YAML}.new
+    mv ${CHANGE_LOG_YAML}.new ${CHANGE_LOG_YAML}
 
   fi
 done <<< "${COMMIT_TITLES}"

.gitea/workflows/changelog.yml

@@ -1,32 +0,0 @@
-name: changelog
-
-on:
-  push:
-    branches:
-      - main
-
-jobs:
-  changelog:
-    runs-on: ubuntu-latest
-    container: docker.io/thegeeklab/git-sv:2.0.1
-    steps:
-      - name: install tools
-        run: |
-          apk add -q --update --no-cache nodejs curl jq sed
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Generate upcoming changelog
-        run: |
-          git sv rn -o changelog.md
-          export RELEASE_NOTES=$(cat changelog.md)
-          export ISSUE_NUMBER=$(curl -s "https://gitea.com/api/v1/repos/gitea/helm-gitea/issues?state=open&q=Changelog%20for%20upcoming%20version" | jq '.[].number')
-
-          echo $RELEASE_NOTES
-          JSON_DATA=$(echo "" | jq -Rs --arg title 'Changelog for upcoming version' --arg body "$(cat changelog.md)" '{title: $title, body: $body}')
-
-          if [ -z "$ISSUE_NUMBER" ]; then
-            curl -s -X POST "https://gitea.com/api/v1/repos/gitea/helm-gitea/issues" -H "Authorization: token ${{ secrets.ISSUE_RW_TOKEN }}" -H "Content-Type: application/json" -d "$JSON_DATA"
-          else
-            curl -s -X PATCH "https://gitea.com/api/v1/repos/gitea/helm-gitea/issues/$ISSUE_NUMBER" -H "Authorization: token ${{ secrets.ISSUE_RW_TOKEN }}" -H "Content-Type: application/json" -d "$JSON_DATA"
-          fi

.gitea/workflows/commitlint.yml

@@ -1,19 +0,0 @@
-name: commitlint
-
-on:
-  pull_request:
-    branches:
-      - "*"
-    types:
-      - opened
-      - edited
-
-jobs:
-  check-and-test:
-    runs-on: ubuntu-latest
-    container: commitlint/commitlint:19.8.1
-    steps:
-      - uses: actions/checkout@v4
-      - name: check PR title
-        run: |
-          echo "${{ gitea.event.pull_request.title }}" | commitlint --config .commitlintrc.json

.gitea/workflows/release-version.yml

@@ -2,9 +2,13 @@ name: generate-chart
 
 on:
   push:
-    tags:
+    branches:
       - "*"
 
+env:
+  # renovate: datasource=docker depName=alpine/helm
+  HELM_VERSION: "3.17.3"
+
 jobs:
   generate-chart-publish:
     runs-on: ubuntu-latest
@@ -13,32 +17,48 @@ jobs:
         with:
           fetch-depth: 0
 
+      - name: Determine Architecture and Operating System to support x86_64 and ARM based CI nodes
+        run: |
+          # determine operating system
+          OS=$(uname | tr '[:upper:]' '[:lower:]')
+          echo "OS=${OS}" >> $GITHUB_ENV
+          echo "INFO: Set environment variable OS=${OS}"
+
+          # determine architecture
+          ARCH="$(uname -m)"
+          case "${ARCH}" in
+            aarch64) ARCH=arm64;;
+            x86_64) ARCH=amd64;;
+          esac
+          echo "ARCH=${ARCH}" >> $GITHUB_ENV
+          echo "INFO: Set environment variable ARCH=${ARCH}"
+
       - name: Install packages via apt
         run: |
           apt update --yes
+
+          echo "INFO: Install packages via apt"
           apt install --yes curl ca-certificates curl gnupg jq
 
       - name: Install helm
-        env:
-          # renovate: datasource=docker depName=alpine/helm
-          HELM_VERSION: "3.18.2"
         run: |
-          curl --fail --location --output /dev/stdout --silent --show-error https://get.helm.sh/helm-v${HELM_VERSION}-linux-$(dpkg --print-architecture).tar.gz | tar --extract --gzip --file /dev/stdin
-          mv linux-$(dpkg --print-architecture)/helm /usr/local/bin/
-          rm --force --recursive linux-$(dpkg --print-architecture) helm-v${HELM_VERSION}-linux-$(dpkg --print-architecture).tar.gz
+          curl --fail --location --output /dev/stdout --silent --show-error https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-${OS}-${ARCH}.tar.gz | tar --extract --gzip --file /dev/stdin
+          mv ${OS}-${ARCH}/helm /usr/local/bin/
+          rm --force --recursive ${OS}-${ARCH} helm-v${{ env.HELM_VERSION }}-${OS}-${ARCH}.tar.gz
           helm version
 
       - name: Install yq
         env:
           YQ_VERSION: v4.45.4 # renovate: datasource=github-releases depName=mikefarah/yq
         run: |
-          curl --fail --location --output /dev/stdout --silent --show-error https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_$(dpkg --print-architecture).tar.gz | tar --extract --gzip --file /dev/stdin
-          mv yq_linux_$(dpkg --print-architecture) /usr/local/bin
-          rm --force --recursive yq_linux_$(dpkg --print-architecture) yq_linux_$(dpkg --print-architecture).tar.gz
+          curl --fail --location --output /dev/stdout --silent --show-error https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_${OS}_${ARCH}.tar.gz | tar --extract --gzip --file /dev/stdin
+          mv yq_${OS}_${ARCH} /usr/local/bin
+          rm --force --recursive yq_${OS}_${ARCH} yq_${OS}_${ARCH}.tar.gz
           yq --version
 
       - name: Install docker-ce via apt
         run: |
+          echo "INFO: Install docker"
           install -m 0755 -d /etc/apt/keyrings
           curl --fail --location --silent --show-error https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
           chmod a+r /etc/apt/keyrings/docker.gpg
@@ -48,76 +68,79 @@ jobs:
 
       - name: Install awscli
         run: |
+          echo "INFO: Install awscli via python pip"
           pip install awscli --break-system-packages
           aws --version
 
-      - name: Import GPG key
-        id: import_gpg
-        uses: https://github.com/crazy-max/ghaction-import-gpg@v6
-        with:
-          gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
-          passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
-          fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0
+  #     - name: Import GPG key
+  #       id: import_gpg
+  #       uses: https://github.com/crazy-max/ghaction-import-gpg@v6
+  #       with:
+  #         gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
+  #         passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
+  #         fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0
 
       - name: Add Artifacthub.io annotations
         run: |
-          NEW_TAG="$(git tag --sort=-version:refname | head --lines 1)"
-          OLD_TAG="$(git tag --sort=-version:refname | head --lines 2 | tail --lines 1)"
+          NEW_TAG=v12.0.0
+          OLD_TAG=v11.0.1
+          # NEW_TAG="$(git tag --sort=-version:refname | head --lines 1)"
+          # OLD_TAG="$(git tag --sort=-version:refname | head --lines 2 | tail --lines 1)"
           .gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}"
 
       - name: Print Chart.yaml
         run: cat Chart.yaml
 
-      # Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
-      - name: package chart
-        run: |
-          echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin
-          # FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
-          helm plugin install https://github.com/pat-s/helm-gpg
-          helm dependency build
-          helm package --version "${GITHUB_REF#refs/tags/v}" ./
-          mkdir gitea
-          mv gitea*.tgz gitea/
-          curl --fail --location --output gitea/index.yaml --silent --show-error https://dl.gitea.com/charts/index.yaml
-          helm repo index gitea/ --url https://dl.gitea.com/charts --merge gitea/index.yaml
-          # push to dockerhub
-          echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin
-          helm push gitea/gitea-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts
-          helm registry logout registry-1.docker.io
+  #     # Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
+  #     - name: package chart
+  #       run: |
+  #         echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin
+  #         # FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
+  #         helm plugin install https://github.com/pat-s/helm-gpg
+  #         helm dependency build
+  #         helm package --version "${GITHUB_REF#refs/tags/v}" ./
+  #         mkdir gitea
+  #         mv gitea*.tgz gitea/
+  #         curl --fail --location --output gitea/index.yaml --silent --show-error https://dl.gitea.com/charts/index.yaml
+  #         helm repo index gitea/ --url https://dl.gitea.com/charts --merge gitea/index.yaml
+  #         # push to dockerhub
+  #         echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin
+  #         helm push gitea/gitea-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts
+  #         helm registry logout registry-1.docker.io
 
-      - name: aws credential configure
-        uses: https://github.com/aws-actions/configure-aws-credentials@v4
-        with:
-          aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: ${{ secrets.AWS_REGION }}
+  #     - name: aws credential configure
+  #       uses: https://github.com/aws-actions/configure-aws-credentials@v4
+  #       with:
+  #         aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
+  #         aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+  #         aws-region: ${{ secrets.AWS_REGION }}
 
-      - name: Copy files to S3 and clear cache
-        run: |
-          aws s3 sync gitea/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/
+  #     - name: Copy files to S3 and clear cache
+  #       run: |
+  #         aws s3 sync gitea/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/
 
-  release-gitea:
-    # needs: generate-chart-publish
-    runs-on: ubuntu-latest
-    container: docker.io/thegeeklab/git-sv:2.0.1
-    steps:
-      - name: install tools
-        run: |
-          apk add -q --update --no-cache nodejs
-      - uses: actions/checkout@v4
-        with:
-          fetch-tags: true
-          fetch-depth: 0
+  # release-gitea:
+  #   # needs: generate-chart-publish
+  #   runs-on: ubuntu-latest
+  #   container: docker.io/thegeeklab/git-sv:2.0.1
+  #   steps:
+  #     - name: install tools
+  #       run: |
+  #         apk add -q --update --no-cache nodejs
+  #     - uses: actions/checkout@v4
+  #       with:
+  #         fetch-tags: true
+  #         fetch-depth: 0
 
-      - name: Create changelog
-        run: |
-          git sv current-version
-          git sv release-notes -t ${GITHUB_REF#refs/tags/} -o CHANGELOG.md
-          sed -i '1,2d' CHANGELOG.md # remove version
-          cat CHANGELOG.md
+  #     - name: Create changelog
+  #       run: |
+  #         git sv current-version
+  #         git sv release-notes -t ${GITHUB_REF#refs/tags/} -o CHANGELOG.md
+  #         sed -i '1,2d' CHANGELOG.md # remove version
+  #         cat CHANGELOG.md
 
-      - name: Release
-        uses: https://github.com/akkuman/gitea-release-action@v1
-        with:
-          body_path: CHANGELOG.md
-          token: "${{ secrets.RELEASE_TOKEN }}"
+  #     - name: Release
+  #       uses: https://github.com/akkuman/gitea-release-action@v1
+  #       with:
+  #         body_path: CHANGELOG.md
+  #         token: "${{ secrets.RELEASE_TOKEN }}"

.gitea/workflows/test-pr.yml

@@ -1,45 +0,0 @@
-name: check-and-test
-
-on:
-  pull_request:
-    branches:
-      - "*"
-  push:
-    branches:
-      - main
-
-env:
-  # renovate: datasource=github-releases depName=helm-unittest/helm-unittest
-  HELM_UNITTEST_VERSION: "v0.8.2"
-
-jobs:
-  check-and-test:
-    runs-on: ubuntu-latest
-    container: alpine/helm:3.18.2
-    steps:
-      - name: install tools
-        run: |
-          apk update
-          apk add --update bash make nodejs npm yamllint ncurses
-      - uses: actions/checkout@v4
-      - name: install chart dependencies
-        run: helm dependency build
-      - name: lint
-        run: helm lint
-      - name: template
-        run: helm template --debug gitea-helm .
-      - name: prepare unit test environment
-        run: |
-          helm plugin install --version ${{ env.HELM_UNITTEST_VERSION }} https://github.com/helm-unittest/helm-unittest
-          git submodule update --init --recursive
-      - name: unit tests
-        env:
-          TERM: xterm
-        run: |
-          make unittests
-      - name: verify readme
-        run: |
-          make readme
-          git diff --exit-code --name-only README.md
-      - name: yaml lint
-        uses: https://github.com/ibiqlik/action-yamllint@v3

Chart.lock

@@ -1,15 +1,15 @@
 dependencies:
 - name: postgresql
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 16.7.11
+  version: 16.7.4
 - name: postgresql-ha
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 16.0.14
+  version: 16.0.6
 - name: valkey-cluster
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 3.0.14
+  version: 3.0.10
 - name: valkey
   repository: oci://registry-1.docker.io/bitnamicharts
-  version: 3.0.13
-digest: sha256:87746bfd77ba585a15e85a2c8705ca3e86668298ba012a1adca2bc221deb7f49
-generated: "2025-06-15T00:04:51.382524189Z"
+  version: 3.0.9
+digest: sha256:aeafc605b86db0ff3999cd808af1c9ca3a6a749aae0d42f2fdae89803b3bb60a
+generated: "2025-05-25T00:23:17.804516988Z"

Chart.yaml

@@ -4,7 +4,7 @@ description: Gitea Helm chart for Kubernetes
 type: application
 version: 0.0.0
 # renovate datasource=github-releases depName=go-gitea/gitea extractVersion=^v(?<version>.*)$
-appVersion: 1.24.0
+appVersion: 1.23.8
 icon: https://gitea.com/assets/img/logo.svg
 
 keywords:
@@ -36,20 +36,20 @@ dependencies:
   # https://github.com/bitnami/charts/blob/main/bitnami/postgresql
   - name: postgresql
     repository: oci://registry-1.docker.io/bitnamicharts
-    version: 16.7.11
+    version: 16.7.4
     condition: postgresql.enabled
   # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml
   - name: postgresql-ha
     repository: oci://registry-1.docker.io/bitnamicharts
-    version: 16.0.14
+    version: 16.0.6
     condition: postgresql-ha.enabled
   # https://github.com/bitnami/charts/blob/main/bitnami/valkey-cluster/Chart.yaml
   - name: valkey-cluster
     repository: oci://registry-1.docker.io/bitnamicharts
-    version: 3.0.14
+    version: 3.0.10
     condition: valkey-cluster.enabled
   # https://github.com/bitnami/charts/blob/main/bitnami/valkey/Chart.yaml
   - name: valkey
     repository: oci://registry-1.docker.io/bitnamicharts
-    version: 3.0.13
+    version: 3.0.9
     condition: valkey.enabled

templates/gitea/config.yaml

@@ -27,7 +27,7 @@ stringData:
     {{- end }}
     
     {{- /* multiple replicas assertions */ -}}
-    {{- if gt (.Values.replicaCount | int) 1 -}}
+    {{- if gt .Values.replicaCount 1.0 -}}
       {{- if .Values.gitea.config.cron -}}
         {{- if .Values.gitea.config.cron.GIT_GC_REPOS -}}
           {{- if eq .Values.gitea.config.cron.GIT_GC_REPOS.ENABLED true -}}

templates/gitea/pvc.yaml

@@ -10,7 +10,7 @@ metadata:
 {{ .Values.persistence.labels | toYaml | indent 4}}
 spec:
   accessModes:
-  {{- if gt (.Values.replicaCount | int) 1 }}
+  {{- if gt .Values.replicaCount 1.0 }}
       - ReadWriteMany
   {{- else }}
     {{- .Values.persistence.accessModes | toYaml | nindent 4 }}