Compare commits

...

11 Commits

Author SHA1 Message Date
d2a6ffc26e fix(ci): update checkout action to v5.0.0
All checks were successful
Run Helm tests / Execute helm template (push) Successful in 9s
Run Helm tests / Execute helm lint (push) Successful in 16s
Run Helm tests / Execute helm unittest (push) Successful in 28s
Markdown linter / Execute npm run readme:lint (push) Successful in 7s
Markdown linter / Execute npm run readme:parameters (push) Successful in 9s
Markdown linter / Execute npm run readme:link (push) Successful in 37s
2025-09-30 22:16:56 +02:00
9a64d5b457 fix(ci): adapt commitlint
All checks were successful
Run Helm tests / Execute helm template (push) Successful in 9s
Run Helm tests / Execute helm lint (push) Successful in 17s
Run Helm tests / Execute helm unittest (push) Successful in 25s
Markdown linter / Execute npm run readme:lint (push) Successful in 8s
Markdown linter / Execute npm run readme:parameters (push) Successful in 9s
Markdown linter / Execute npm run readme:link (push) Successful in 37s
2025-09-30 22:15:23 +02:00
ee199f21bd WIP
All checks were successful
Run Helm tests / Execute helm template (push) Successful in 9s
Run Helm tests / Execute helm lint (push) Successful in 17s
Run Helm tests / Execute helm unittest (push) Successful in 24s
Markdown linter / Execute npm run readme:lint (push) Successful in 7s
Markdown linter / Execute npm run readme:link (push) Successful in 37s
Markdown linter / Execute npm run readme:parameters (push) Successful in 8s
2025-09-30 22:12:04 +02:00
6bcf0c1af5 fix(ci): compare for diff
Some checks failed
Run Helm tests / Execute helm lint (push) Successful in 8s
Run Helm tests / Execute helm template (push) Successful in 17s
Run Helm tests / Execute helm unittest (push) Successful in 25s
Markdown linter / Execute npm run readme:lint (push) Successful in 7s
Markdown linter / Execute npm run readme:link (push) Successful in 37s
Markdown linter / Execute npm run readme:parameters (push) Failing after 9s
2025-09-30 22:08:32 +02:00
bf9c6b2b5d fix(ci): add markdownlinters
All checks were successful
Run Helm tests / Execute helm template (push) Successful in 9s
Run Helm tests / Execute helm lint (push) Successful in 17s
Run Helm tests / Execute helm unittest (push) Successful in 24s
Markdown linter / Execute npm run readme:lint (push) Successful in 7s
Markdown linter / Execute npm run readme:parameters (push) Successful in 8s
Markdown linter / Execute npm run readme:link (push) Successful in 37s
2025-09-30 22:05:17 +02:00
99689c6b8f WIP
All checks were successful
Run Helm tests / Execute helm template (push) Successful in 9s
Run Helm tests / Execute helm lint (push) Successful in 17s
Run Helm tests / Execute helm unittest (push) Successful in 24s
2025-09-30 21:46:46 +02:00
0e35ed83d4 WIP
All checks were successful
Run Helm tests / Execute helm lint (push) Successful in 18s
Run Helm tests / Execute helm unittest (push) Successful in 1m8s
2025-09-30 21:43:48 +02:00
54a92344cc WIP 2025-09-30 21:42:50 +02:00
a1754df124 fix(ci): execute check-and-test for v13
All checks were successful
check-and-test / check-and-test (push) Successful in 1m38s
2025-09-30 21:22:31 +02:00
6a2a93c780 refac(structure): remove leading gitea directory
The following pull request removes the `gitea` directory. With regard to
maintaining act_runners in a separate git repository or helm chart, this
additional directory becomes redundant.
2025-09-30 21:17:52 +02:00
fb407618dc feat: support network policies (#952)
The following patch adds support for network policies.

The patch does not contain any specific network policies, as it is uncertain in which environment and with which access rights gitea will be deployed.

With regard to third-party components such as PostgreSQL or Valkey, the network policy may need to be adjusted. Whether this happens directly in the helm chart or whether the user has to enter it themselves is open to discussion.

During testing, I defined a few sample network policies to get Gitea up and running. These are only examples.

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/952
Reviewed-by: DaanSelen <daanselen@noreply.gitea.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2025-09-22 07:05:21 +00:00
74 changed files with 1481 additions and 241 deletions

View File

@@ -13,7 +13,7 @@ jobs:
- name: install tools
run: |
apk add -q --update --no-cache nodejs curl jq sed
- uses: actions/checkout@v5
- uses: actions/checkout@v5.0.0
with:
fetch-depth: 0
- name: Generate upcoming changelog

View File

@@ -1,19 +1,17 @@
name: commitlint
name: Rum commitlint
on:
pull_request:
branches:
- "*"
types:
- opened
- edited
branches: [ '**' ]
types: [ "opened", "edited" ]
jobs:
check-and-test:
runs-on: ubuntu-latest
container: commitlint/commitlint:19.9.1
name: Execute commitlint
runs-on: docker.io/ubuntu-latest
steps:
- uses: actions/checkout@v5
- name: check PR title
- uses: actions/checkout@v5.0.0
- name: Check PR title
run: |
echo "${{ gitea.event.pull_request.title }}" | commitlint --config .commitlintrc.json

75
.gitea/workflows/helm.yml Normal file
View File

@@ -0,0 +1,75 @@
name: Run Helm tests
on:
pull_request:
branches: [ '**' ]
push:
branches: [ '**' ]
tags-ignore: [ '**' ]
workflow_call: {}
env:
# renovate: datasource=github-releases depName=helm-unittest/helm-unittest
HELM_UNITTEST_VERSION: "v1.0.1"
jobs:
helm-lint:
container: docker.io/alpine/helm:3.18.6
name: Execute helm lint
runs-on: ubuntu-latest
steps:
- name: Install additional tools
run: |
apk update
apk add --update bash make nodejs
- uses: actions/checkout@v5.0.0
- name: Install helm chart dependencies
run: helm dependency build
- name: Execute helm lint
run: helm lint
helm-template:
container: docker.io/alpine/helm:3.18.6
name: Execute helm template
runs-on: ubuntu-latest
steps:
- name: Install additional tools
run: |
apk update
apk add --update bash make nodejs
- uses: actions/checkout@v5.0.0
- name: Install helm chart dependencies
run: helm dependency build
- name: Execute helm template
run: helm template --debug gitea-helm .
helm-unittest:
container: docker.io/alpine/helm:3.18.6
name: Execute helm unittest
runs-on: ubuntu-latest
steps:
- name: Install additional tools
run: |
apk update
apk add --update bash make nodejs npm yamllint ncurses
- uses: actions/checkout@v5.0.0
- name: Install helm chart dependencies
run: helm dependency build
- name: Install helm plugin 'unittest'
run: |
helm plugin install --version ${{ env.HELM_UNITTEST_VERSION }} https://github.com/helm-unittest/helm-unittest
git submodule update --init --recursive
- name: Execute helm unittest
env:
TERM: xterm
run: make unittests
# - name: verify readme
# run: |
# make readme
# git diff --exit-code --name-only README.md
# - name: yaml lint
# uses: https://github.com/ibiqlik/action-yamllint@v3

View File

@@ -0,0 +1,52 @@
name: Markdown linter
on:
pull_request:
types: [ "opened", "reopened", "synchronize" ]
push:
branches: [ '**' ]
tags-ignore: [ '**' ]
workflow_dispatch: {}
jobs:
readme-link:
container:
image: docker.io/library/node:24.9.0-alpine
name: Execute npm run readme:link
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5.0.0
- name: Execute npm run readme:link
run: |
npm install
npm run readme:link
readme-lint:
container:
image: docker.io/library/node:24.9.0-alpine
name: Execute npm run readme:lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5.0.0
- name: Execute npm run readme:lint
run: |
npm install
npm run readme:lint
readme-parameters:
container:
image: docker.io/library/node:24.9.0-alpine
name: Execute npm run readme:parameters
runs-on: ubuntu-latest
steps:
- name: Install tooling
run: |
apk update
apk add git
- uses: actions/checkout@v5.0.0
- name: Execute npm run readme:parameters
run: |
npm install
npm run readme:parameters
- name: Compare diff
run: git diff --exit-code --name-only README.md

View File

@@ -9,7 +9,7 @@ jobs:
generate-chart-publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v5.0.0
with:
fetch-depth: 0
@@ -104,7 +104,7 @@ jobs:
- name: install tools
run: |
apk add -q --update --no-cache nodejs
- uses: actions/checkout@v5
- uses: actions/checkout@v5.0.0
with:
fetch-tags: true
fetch-depth: 0

View File

@@ -1,45 +0,0 @@
name: check-and-test
on:
pull_request:
branches:
- "*"
push:
branches:
- main
env:
# renovate: datasource=github-releases depName=helm-unittest/helm-unittest
HELM_UNITTEST_VERSION: "v1.0.1"
jobs:
check-and-test:
runs-on: ubuntu-latest
container: alpine/helm:3.18.6
steps:
- name: install tools
run: |
apk update
apk add --update bash make nodejs npm yamllint ncurses
- uses: actions/checkout@v5
- name: install chart dependencies
run: helm dependency build
- name: lint
run: helm lint
- name: template
run: helm template --debug gitea-helm .
- name: prepare unit test environment
run: |
helm plugin install --version ${{ env.HELM_UNITTEST_VERSION }} https://github.com/helm-unittest/helm-unittest
git submodule update --init --recursive
- name: unit tests
env:
TERM: xterm
run: |
make unittests
- name: verify readme
run: |
make readme
git diff --exit-code --name-only README.md
- name: yaml lint
uses: https://github.com/ibiqlik/action-yamllint@v3

8
.markdownlink.json Normal file
View File

@@ -0,0 +1,8 @@
{
"projectBaseUrl":"${workspaceFolder}",
"ignorePatterns": [
{
"pattern": "^http://localhost"
}
]
}

View File

@@ -44,8 +44,7 @@ be used:
`helm install --dependency-update gitea . -f values.yaml`.
1. Gitea is now deployed in `minikube`.
To access it, it's port needs to be forwarded first from `minikube` to localhost first via `kubectl --namespace
default port-forward svc/gitea-http 3000:3000`.
Now Gitea is accessible at [http://localhost:3000](http://localhost:3000).
default port-forward svc/gitea-http 3000:3000`. Now Gitea is accessible at [http://localhost:3000](http://localhost:3000).
### Unit tests

View File

@@ -17,7 +17,7 @@
- [Rootless Defaults](#rootless-defaults)
- [Session, Cache and Queue](#session-cache-and-queue)
- [Single-Pod Configurations](#single-pod-configurations)
- [Additional _app.ini_ settings](#additional-appini-settings)
- [Additional app.ini settings](#additional-appini-settings)
- [User defined environment variables in app.ini](#user-defined-environment-variables-in-appini)
- [External Database](#external-database)
- [Ports and external url](#ports-and-external-url)
@@ -72,7 +72,7 @@ Additionally, this chart allows to provide LDAP and admin user configuration wit
## Update and versioning policy
The Gitea helm chart versioning does not follow Gitea's versioning.
The latest chart version can be looked up in [https://dl.gitea.com/charts](https://dl.gitea.com/charts) or in the [repository releases](https://gitea.com/gitea/helm-gitea/releases).
The latest chart version can be looked up in [https://dl.gitea.com/charts/](https://dl.gitea.com/charts/) or in the [repository releases](https://gitea.com/gitea/helm-gitea/releases).
The chart aims to follow Gitea's releases closely.
There might be times when the chart is behind the latest Gitea release.
@@ -266,7 +266,7 @@ If `.Values.image.rootless: true`, then the following will occur. In case you us
- `$HOME` becomes `/data/gitea/git`
[see deployment.yaml](./templates/gitea/deployment.yaml) template inside (init-)container "env" declarations
[see deployment.yaml](./templates/deployment.yaml) template inside (init-)container "env" declarations
- `START_SSH_SERVER: true` (Unless explicity overwritten by `gitea.config.server.START_SSH_SERVER`)
@@ -278,7 +278,7 @@ If `.Values.image.rootless: true`, then the following will occur. In case you us
- `SSH_LOG_LEVEL` environment variable is not injected into the container
[see deployment.yaml](./templates/gitea/deployment.yaml) template inside container "env" declarations
[see deployment.yaml](./templates/deployment.yaml) template inside container "env" declarations
#### Session, Cache and Queue
@@ -360,7 +360,7 @@ If HA is not needed/desired, the following configurations can be used to deploy
</details>
### Additional _app.ini_ settings
### Additional app.ini settings
> **The [generic](https://docs.gitea.com/administration/config-cheat-sheet#overall-default)
> section cannot be defined that way.**
@@ -1158,6 +1158,17 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
| `gitea.startupProbe.successThreshold` | Success threshold for startup probe | `1` |
| `gitea.startupProbe.failureThreshold` | Failure threshold for startup probe | `10` |
### Network Policy
| Name | Description | Value |
| --------------------------- | ------------------------------------------------------------------------- | ------- |
| `networkPolicy.enabled` | Enable network policies in general. | `false` |
| `networkPolicy.annotations` | Additional network policy annotations. | `{}` |
| `networkPolicy.labels` | Additional network policy labels. | `{}` |
| `networkPolicy.policyTypes` | List of policy types. Supported is ingress, egress or ingress and egress. | `[]` |
| `networkPolicy.egress` | Concrete egress network policy implementation. | `[]` |
| `networkPolicy.ingress` | Concrete ingress network policy implementation. | `[]` |
### valkey-cluster
Valkey cluster and [Valkey](#valkey) cannot be enabled at the same time.

896
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@@ -9,11 +9,13 @@
"npm": ">=8.0.0"
},
"scripts": {
"readme:link": "markdown-link-check --config .markdownlink.json *.md",
"readme:lint": "markdownlint *.md -f",
"readme:parameters": "readme-generator -v values.yaml -r README.md"
},
"devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.5.0",
"markdown-link-check": "^3.13.6",
"markdownlint-cli": "^0.45.0"
}
}

View File

@@ -87,6 +87,12 @@ storageClassName: {{ $storageClass | quote }}
{{- end }}
{{- end -}}
{{/*
Common annotations
*/}}
{{- define "gitea.annotations" -}}
{{- end }}
{{/*
Common labels
*/}}

View File

@@ -0,0 +1,19 @@
{{/* vim: set filetype=mustache: */}}
{{/* annotations */}}
{{- define "gitea.networkPolicy.annotations" -}}
{{ include "gitea.annotations" . }}
{{- if .Values.networkPolicy.annotations }}
{{ toYaml .Values.networkPolicy.annotations }}
{{- end }}
{{- end }}
{{/* labels */}}
{{- define "gitea.networkPolicy.labels" -}}
{{ include "gitea.labels" . }}
{{- if .Values.networkPolicy.labels }}
{{ toYaml .Values.networkPolicy.labels }}
{{- end }}
{{- end }}

17
templates/_pod.tpl Normal file
View File

@@ -0,0 +1,17 @@
---
{{/* labels */}}
{{- define "gitea.pod.labels" -}}
{{- include "gitea.labels" . }}
{{- if .Values.deployment.labels }}
{{ toYaml .Values.deployment.labels }}
{{- end }}
{{- end }}
{{- define "gitea.pod.selectorLabels" -}}
{{- include "gitea.selectorLabels" . }}
{{- if .Values.deployment.labels }}
{{ toYaml .Values.deployment.labels }}
{{- end }}
{{- end }}

View File

@@ -23,14 +23,11 @@ spec:
{{- end }}
selector:
matchLabels:
{{- include "gitea.selectorLabels" . | nindent 6 }}
{{- if .Values.deployment.labels }}
{{- toYaml .Values.deployment.labels | nindent 6 }}
{{- end }}
{{- include "gitea.pod.selectorLabels" . | nindent 6 }}
template:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/gitea/config.yaml") . | sha256sum }}
checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }}
{{- range $idx, $value := .Values.gitea.ldap }}
checksum/ldap_{{ $idx }}: {{ include "gitea.ldap_settings" (list $idx $value) | sha256sum }}
{{- end }}
@@ -41,10 +38,7 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "gitea.labels" . | nindent 8 }}
{{- if .Values.deployment.labels }}
{{- toYaml .Values.deployment.labels | nindent 8 }}
{{- end }}
{{- include "gitea.pod.labels" . | nindent 8 }}
spec:
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"

View File

@@ -0,0 +1,32 @@
{{- if .Values.networkPolicy.enabled }}
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
{{- with (include "gitea.networkPolicy.annotations" . | fromYaml) }}
annotations:
{{- tpl (toYaml .) $ | nindent 4 }}
{{- end }}
{{- with (include "gitea.networkPolicy.labels" . | fromYaml) }}
labels:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "gitea.fullname" . }}
namespace: {{ .Release.Namespace }}
spec:
podSelector:
matchLabels:
{{- include "gitea.pod.selectorLabels" $ | nindent 6 }}
{{- with .Values.networkPolicy.policyTypes }}
policyTypes:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.networkPolicy.egress }}
egress:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with .Values.networkPolicy.ingress }}
ingress:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}

View File

@@ -1,18 +0,0 @@
{{- if .Values.test.enabled }}
apiVersion: v1
kind: Pod
metadata:
name: "{{ include "gitea.fullname" . }}-test-connection"
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{ include "gitea.labels" . | nindent 4 }}
annotations:
"helm.sh/hook": test-success
spec:
containers:
- name: wget
image: "{{ .Values.test.image.name }}:{{ .Values.test.image.tag }}"
command: ['wget']
args: ['{{ include "gitea.fullname" . }}-http:{{ .Values.service.http.port }}']
restartPolicy: Never
{{- end }}

View File

@@ -3,17 +3,17 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/config.yaml
- templates/config.yaml
tests:
- it: "actions are enabled by default (based on vanilla Gitea behavior)"
template: templates/gitea/config.yaml
template: templates/config.yaml
asserts:
- documentIndex: 0
notExists:
path: stringData.actions
- it: "actions can be disabled via inline config"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
gitea.config.actions.ENABLED: false
asserts:

View File

@@ -4,7 +4,7 @@ release:
namespace: testing
tests:
- it: "cache is configured correctly for valkey-cluster"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: true
@@ -19,7 +19,7 @@ tests:
HOST=redis+cluster://:@gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "cache is configured correctly for valkey"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: false
@@ -34,7 +34,7 @@ tests:
HOST=redis://:changeme@gitea-unittests-valkey-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "cache is configured correctly for 'memory' when valkey (or valkey-cluster) is disabled"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: false
@@ -49,7 +49,7 @@ tests:
HOST=
- it: "cache can be customized when valkey (or valkey-cluster) is disabled"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: false

View File

@@ -4,7 +4,7 @@ release:
namespace: testing
tests:
- it: metrics token is set
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
gitea:
metrics:
@@ -18,7 +18,7 @@ tests:
ENABLED=true
TOKEN=somepassword
- it: metrics token is empty
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
gitea:
metrics:
@@ -31,7 +31,7 @@ tests:
value: |-
ENABLED=true
- it: metrics token is nil
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
gitea:
metrics:
@@ -44,7 +44,7 @@ tests:
value: |-
ENABLED=true
- it: does not configures a token if metrics are disabled
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
gitea:
metrics:

View File

@@ -4,7 +4,7 @@ release:
namespace: testing
tests:
- it: "queue is configured correctly for valkey-cluster"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: true
@@ -19,7 +19,7 @@ tests:
TYPE=redis
- it: "queue is configured correctly for valkey"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: false
@@ -34,7 +34,7 @@ tests:
TYPE=redis
- it: "queue is configured correctly for 'levelDB' when valkey (and valkey-cluster) is disabled"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: false
@@ -49,7 +49,7 @@ tests:
TYPE=level
- it: "queue can be customized when valkey (and valkey-cluster) are disabled"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: false

View File

@@ -4,7 +4,7 @@ release:
namespace: testing
tests:
- it: "[default values] uses ingress host for DOMAIN|SSH_DOMAIN|ROOT_URL"
template: templates/gitea/config.yaml
template: templates/config.yaml
asserts:
- documentIndex: 0
matchRegex:
@@ -22,7 +22,7 @@ tests:
################################################
- it: "[no ingress hosts] uses gitea http service for DOMAIN|SSH_DOMAIN|ROOT_URL"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
ingress:
hosts: []
@@ -43,7 +43,7 @@ tests:
################################################
- it: "[provided via values] uses that for DOMAIN|SSH_DOMAIN|ROOT_URL"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
gitea.config.server.DOMAIN: provided.example.com
ingress:

View File

@@ -4,7 +4,7 @@ release:
namespace: testing
tests:
- it: "session is configured correctly for valkey-cluster"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: true
@@ -19,7 +19,7 @@ tests:
PROVIDER_CONFIG=redis+cluster://:@gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "session is configured correctly for valkey"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: false
@@ -34,7 +34,7 @@ tests:
PROVIDER_CONFIG=redis://:changeme@gitea-unittests-valkey-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "session is configured correctly for 'memory' when valkey (and valkey-cluster) is disabled"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: false
@@ -49,7 +49,7 @@ tests:
PROVIDER_CONFIG=
- it: "session can be customized when valkey (and valkey-cluster) is disabled"
template: templates/gitea/config.yaml
template: templates/config.yaml
set:
valkey-cluster:
enabled: false

View File

@@ -106,14 +106,14 @@ tests:
name: gitea-unittests-postgresql-ha-pgpool
namespace: testing
- it: "[gitea] connects to pgpool service"
template: templates/gitea/config.yaml
template: templates/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: HOST=gitea-unittests-postgresql-ha-pgpool.testing.svc.cluster.local:1234
- it: "[gitea] connects to configured database"
template: templates/gitea/config.yaml
template: templates/config.yaml
asserts:
- documentIndex: 0
matchRegex:

View File

@@ -65,14 +65,14 @@ tests:
name: gitea-unittests-postgresql
namespace: testing
- it: "[gitea] connects to postgresql service"
template: templates/gitea/config.yaml
template: templates/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: HOST=gitea-unittests-postgresql.testing.svc.cluster.local:1234
- it: "[gitea] connects to configured database"
template: templates/gitea/config.yaml
template: templates/config.yaml
asserts:
- documentIndex: 0
matchRegex:

View File

@@ -82,7 +82,7 @@ tests:
port: 6379
targetPort: tcp-redis
- it: "[gitea] waits for valkey-cluster to be up and running"
template: templates/gitea/init.yaml
template: templates/init.yaml
asserts:
- documentIndex: 0
matchRegex:

View File

@@ -44,7 +44,7 @@ tests:
port: 6379
targetPort: redis
- it: "[gitea] waits for valkey to be up and running"
template: templates/gitea/init.yaml
template: templates/init.yaml
asserts:
- documentIndex: 0
matchRegex:

View File

@@ -3,11 +3,11 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: fails with multiple replicas and "GIT_GC_REPOS" enabled
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
replicaCount: 2
persistence:
@@ -22,14 +22,14 @@ tests:
- failedTemplate:
errorMessage: "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'gitea.config.cron.GIT_GC_REPOS.enabled = false'."
- it: fails with multiple replicas and RWX file system not set
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
replicaCount: 2
asserts:
- failedTemplate:
errorMessage: "When using multiple replicas, a RWX file system is required and persistence.accessModes[0] must be set to ReadWriteMany."
- it: fails with multiple replicas and bleve issue indexer
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
replicaCount: 2
persistence:
@@ -43,7 +43,7 @@ tests:
- failedTemplate:
errorMessage: "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)."
- it: fails with multiple replicas and bleve repo indexer
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
replicaCount: 2
persistence:

View File

@@ -3,11 +3,11 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: renders a deployment
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- hasDocuments:
count: 1
@@ -16,7 +16,7 @@ tests:
apiVersion: apps/v1
name: gitea-unittests
- it: deployment labels are set
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
deployment.labels:
hello: world
@@ -30,7 +30,7 @@ tests:
content:
hello: world
- it: "injects TMP_EXISTING_ENVS_FILE as environment variable to 'init-app-ini' init container"
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- contains:
path: spec.template.spec.initContainers[1].env
@@ -38,7 +38,7 @@ tests:
name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- it: "injects ENV_TO_INI_MOUNT_POINT as environment variable to 'init-app-ini' init container"
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- contains:
path: spec.template.spec.initContainers[1].env
@@ -46,7 +46,7 @@ tests:
name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- it: CPU resources are defined as well as GOMAXPROCS
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
resources:
limits:
@@ -74,7 +74,7 @@ tests:
cpu: 100ms
memory: 100Mi
- it: Init containers have correct volumeMount path
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
initContainersScriptsVolumeMountPath: "/custom/init/path"
asserts:
@@ -85,7 +85,7 @@ tests:
path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="config")].mountPath
value: "/custom/init/path"
- it: Init containers have correct volumeMount path if there is no override
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- equal:
path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="init")].mountPath

View File

@@ -3,11 +3,11 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: Renders a deployment
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- hasDocuments:
count: 1
@@ -16,7 +16,7 @@ tests:
apiVersion: apps/v1
name: gitea-unittests
- it: Deployment with empty additionalConfigFromEnvs
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea.additionalConfigFromEnvs: []
asserts:
@@ -44,7 +44,7 @@ tests:
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- it: Deployment with standard additionalConfigFromEnvs
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea.additionalConfigFromEnvs: [{name: GITEA_database_HOST, value: my-db:123}, {name: GITEA_database_USER, value: my-user}]
asserts:
@@ -76,7 +76,7 @@ tests:
- name: GITEA_database_USER
value: my-user
- it: Deployment with templated additionalConfigFromEnvs
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea.misc.host: my-db-host:321
gitea.misc.user: my-db-user
@@ -110,7 +110,7 @@ tests:
- name: GITEA_database_USER
value: my-db-user
- it: Deployment with additionalConfigFromEnvs templated secret name
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea.misc.existingSecret: my-db-secret
gitea.additionalConfigFromEnvs[0]:

View File

@@ -3,18 +3,18 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: Render the deployment (default)
asserts:
- hasDocuments:
count: 1
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
- lengthEqual:
path: spec.template.spec.initContainers
count: 3
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
- it: Render the deployment (signing)
set:
@@ -22,11 +22,11 @@ tests:
asserts:
- hasDocuments:
count: 1
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
- lengthEqual:
path: spec.template.spec.initContainers
count: 4
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
- it: Render the deployment (extraInitContainers)
set:
@@ -40,20 +40,20 @@ tests:
asserts:
- hasDocuments:
count: 1
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
- lengthEqual:
path: spec.template.spec.initContainers
count: 6
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
- contains:
path: spec.template.spec.initContainers
content:
name: foo
image: docker.io/library/busybox:latest
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
- contains:
path: spec.template.spec.initContainers
content:
name: bar
image: docker.io/library/busybox:latest
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml

View File

@@ -6,17 +6,17 @@ chart:
# Override appVersion to be consistent with used digest :)
appVersion: 1.19.3
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: default values
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.3-rootless"
- it: tag override
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image.tag: "1.19.4"
asserts:
@@ -24,7 +24,7 @@ tests:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.4-rootless"
- it: root-based image
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image.rootless: false
asserts:
@@ -32,7 +32,7 @@ tests:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.3"
- it: scoped registry
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image.registry: "example.com"
asserts:
@@ -40,7 +40,7 @@ tests:
path: spec.template.spec.containers[0].image
value: "example.com/gitea:1.19.3-rootless"
- it: global registry
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
global.imageRegistry: "global.example.com"
asserts:
@@ -48,7 +48,7 @@ tests:
path: spec.template.spec.containers[0].image
value: "global.example.com/gitea:1.19.3-rootless"
- it: digest for rootless image
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image:
rootless: true
@@ -58,7 +58,7 @@ tests:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: image fullOverride (does not append rootless)
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image:
fullOverride: docker.gitea.com/gitea:1.19.3
@@ -73,7 +73,7 @@ tests:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.3"
- it: digest for root-based image
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image:
rootless: false
@@ -83,7 +83,7 @@ tests:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.3@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: digest and global registry
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
global.imageRegistry: "global.example.com"
image.digest: "sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
@@ -92,7 +92,7 @@ tests:
path: spec.template.spec.containers[0].image
value: "global.example.com/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: correctly renders floating tag references
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image.tag: 1.21 # use non-quoted value on purpose. See: https://gitea.com/gitea/helm-gitea/issues/631
asserts:

View File

@@ -1,6 +1,6 @@
suite: Test ingress tpl use
templates:
- templates/gitea/ingress.yaml
- templates/ingress.yaml
tests:
- it: Ingress Class using TPL
set:

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/config.yaml
- templates/config.yaml
tests:
- it: inline config stringData.server using TPL
set:

View File

@@ -3,11 +3,11 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: renders default liveness probe
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- notExists:
path: spec.template.spec.containers[0].livenessProbe.enabled
@@ -22,7 +22,7 @@ tests:
port: http
timeoutSeconds: 1
- it: renders default readiness probe
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- notExists:
path: spec.template.spec.containers[0].readinessProbe.enabled
@@ -37,12 +37,12 @@ tests:
port: http
timeoutSeconds: 1
- it: does not render a default startup probe
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- notExists:
path: spec.template.spec.containers[0].startupProbe
- it: allows enabling a startup probe
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea.startupProbe.enabled: true
asserts:
@@ -60,7 +60,7 @@ tests:
timeoutSeconds: 1
- it: allows overwriting the default port of the liveness probe
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea:
livenessProbe:
@@ -74,7 +74,7 @@ tests:
port: my-port
- it: allows overwriting the default port of the readiness probe
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea:
readinessProbe:
@@ -88,7 +88,7 @@ tests:
port: my-port
- it: allows overwriting the default port of the startup probe
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea:
startupProbe:
@@ -103,7 +103,7 @@ tests:
port: my-port
- it: allows using a non-default method as liveness probe
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea:
livenessProbe:
@@ -131,7 +131,7 @@ tests:
timeoutSeconds: 13372
- it: allows using a non-default method as readiness probe
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea:
readinessProbe:
@@ -159,7 +159,7 @@ tests:
timeoutSeconds: 13372
- it: allows using a non-default method as startup probe
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
gitea:
startupProbe:

View File

@@ -3,11 +3,11 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: supports adding a sidecar container
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
extraContainers:
- name: sidecar-bob

View File

@@ -3,11 +3,11 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: skips gpg init container
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- notContains:
path: spec.template.spec.initContainers
@@ -15,7 +15,7 @@ tests:
content:
name: configure-gpg
- it: skips gpg env in `init-directories` init container
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
signing.enabled: false
asserts:
@@ -25,14 +25,14 @@ tests:
name: GNUPGHOME
value: /data/git/.gnupg
- it: skips gpg env in runtime container
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- notContains:
path: spec.template.spec.containers[0].env
content:
name: GNUPGHOME
- it: skips gpg volume spec
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- notContains:
path: spec.template.spec.volumes

View File

@@ -3,11 +3,11 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: adds gpg init container
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
signing:
enabled: true
@@ -41,7 +41,7 @@ tests:
mountPath: /raw
readOnly: true
- it: adds gpg env in `init-directories` init container
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
signing.enabled: true
signing.existingSecret: "custom-gpg-secret"
@@ -52,7 +52,7 @@ tests:
name: GNUPGHOME
value: /data/git/.gnupg
- it: adds gpg env in runtime container
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
signing.enabled: true
signing.existingSecret: "custom-gpg-secret"
@@ -63,7 +63,7 @@ tests:
name: GNUPGHOME
value: /data/git/.gnupg
- it: adds gpg volume spec
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
signing:
enabled: true
@@ -80,7 +80,7 @@ tests:
path: private.asc
defaultMode: 0100
- it: supports gpg volume spec with external reference
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
signing:
enabled: true

View File

@@ -3,11 +3,11 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: supports defining SSH log level for root based image
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image.rootless: false
asserts:
@@ -17,7 +17,7 @@ tests:
name: SSH_LOG_LEVEL
value: "INFO"
- it: supports overriding SSH log level
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image.rootless: false
gitea.ssh.logLevel: "DEBUG"
@@ -28,7 +28,7 @@ tests:
name: SSH_LOG_LEVEL
value: "DEBUG"
- it: supports overriding SSH log level (even when image.fullOverride set)
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image.fullOverride: docker.gitea.com/gitea:1.19.3
image.rootless: false
@@ -40,7 +40,7 @@ tests:
name: SSH_LOG_LEVEL
value: "DEBUG"
- it: skips SSH_LOG_LEVEL for rootless image
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image.rootless: true
gitea.ssh.logLevel: "DEBUG" # explicitly defining a non-standard level here
@@ -51,7 +51,7 @@ tests:
content:
name: SSH_LOG_LEVEL
- it: skips SSH_LOG_LEVEL for rootless image (even when image.fullOverride set)
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
image.fullOverride: docker.gitea.com/gitea:1.19.3
image.rootless: true

View File

@@ -7,11 +7,11 @@ release:
namespace: testing
templates:
- templates/gitea/pvc.yaml
- templates/pvc.yaml
tests:
- it: should set storageClassName when persistence.storageClass is defined
template: templates/gitea/pvc.yaml
template: templates/pvc.yaml
set:
persistence.storageClass: "my-storage-class"
asserts:
@@ -20,7 +20,7 @@ tests:
value: "my-storage-class"
- it: should set global.storageClass when persistence.storageClass is not defined
template: templates/gitea/pvc.yaml
template: templates/pvc.yaml
set:
global.storageClass: "default-storage-class"
asserts:
@@ -29,7 +29,7 @@ tests:
value: "default-storage-class"
- it: should set storageClassName when persistence.storageClass is defined and global.storageClass is defined
template: templates/gitea/pvc.yaml
template: templates/pvc.yaml
set:
global.storageClass: "default-storage-class"
persistence.storageClass: "my-storage-class"

View File

@@ -3,11 +3,11 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/ssh-svc.yaml
- templates/gitea/http-svc.yaml
- templates/ssh-svc.yaml
- templates/http-svc.yaml
tests:
- it: supports adding custom labels to ssh-svc
template: templates/gitea/ssh-svc.yaml
template: templates/ssh-svc.yaml
set:
service:
ssh:
@@ -19,7 +19,7 @@ tests:
value: "testvalue"
- it: keeps existing labels (ssh)
template: templates/gitea/ssh-svc.yaml
template: templates/ssh-svc.yaml
set:
service:
ssh:
@@ -29,7 +29,7 @@ tests:
path: metadata.labels["app"]
- it: supports adding custom labels to http-svc
template: templates/gitea/http-svc.yaml
template: templates/http-svc.yaml
set:
service:
http:
@@ -41,7 +41,7 @@ tests:
value: "testvalue"
- it: keeps existing labels (http)
template: templates/gitea/http-svc.yaml
template: templates/http-svc.yaml
set:
service:
http:
@@ -51,7 +51,7 @@ tests:
path: metadata.labels["app"]
- it: render service.ssh.loadBalancerClass if set and type is LoadBalancer
template: templates/gitea/ssh-svc.yaml
template: templates/ssh-svc.yaml
set:
service:
ssh:
@@ -73,7 +73,7 @@ tests:
value: ["1.2.3.4/32", "5.6.7.8/32"]
- it: does not render when loadbalancer properties are set but type is not loadBalancerClass
template: templates/gitea/http-svc.yaml
template: templates/http-svc.yaml
set:
service:
http:
@@ -92,7 +92,7 @@ tests:
path: spec.loadBalancerSourceRanges
- it: does not render loadBalancerClass by default even when type is LoadBalancer
template: templates/gitea/http-svc.yaml
template: templates/http-svc.yaml
set:
service:
http:
@@ -107,8 +107,8 @@ tests:
- it: both ssh and http services exist
templates:
- templates/gitea/ssh-svc.yaml
- templates/gitea/http-svc.yaml
- templates/ssh-svc.yaml
- templates/http-svc.yaml
asserts:
- matchRegex:
path: metadata.name

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/gpg-secret.yaml
- templates/gpg-secret.yaml
tests:
- it: renders nothing
set:

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/gpg-secret.yaml
- templates/gpg-secret.yaml
tests:
- it: fails rendering when nothing is configured
set:

View File

@@ -1,6 +1,6 @@
suite: Test ingress.yaml
templates:
- templates/gitea/ingress.yaml
- templates/ingress.yaml
tests:
- it: should enable ingress when ingress.enabled is true
set:

View File

@@ -1,6 +1,6 @@
suite: Test ingress with implicit path defaults
templates:
- templates/gitea/ingress.yaml
- templates/ingress.yaml
tests:
- it: should use default path and pathType when no paths are specified
set:

View File

@@ -1,6 +1,6 @@
suite: Test ingress tpl use
templates:
- templates/gitea/ingress.yaml
- templates/ingress.yaml
tests:
- it: Ingress Class using TPL
set:

View File

@@ -1,6 +1,6 @@
suite: Test ingress with structured paths
templates:
- templates/gitea/ingress.yaml
- templates/ingress.yaml
tests:
- it: should work with structured path definitions
set:

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/init.yaml
- templates/init.yaml
tests:
- it: renders a secret
asserts:

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/init.yaml
- templates/init.yaml
tests:
- it: runs gpg in batch mode
set:
@@ -63,7 +63,7 @@ tests:
chown -v 1000:1000 "${GNUPGHOME}"
fi
- it: it does not chown /data even when image.fullOverride is set
template: templates/gitea/init.yaml
template: templates/init.yaml
set:
image.fullOverride: docker.gitea.com/gitea:1.20.5
asserts:

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/init.yaml
- templates/init.yaml
tests:
- it: runs gpg in batch mode
set:

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/metrics-secret.yaml
- templates/metrics-secret.yaml
tests:
- it: renders nothing if monitoring disabled and gitea.metrics.token empty
set:

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/metrics-secret.yaml
- templates/metrics-secret.yaml
tests:
- it: renders nothing if monitoring enabled and gitea.metrics.token empty
set:

View File

@@ -0,0 +1,100 @@
chart:
appVersion: 0.1.0
version: 0.1.0
suite: NetworkPolicy template
release:
name: gitea-unittest
namespace: testing
templates:
- templates/networkPolicy.yaml
tests:
- it: Skip rendering networkPolicy
set:
networkPolicy.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Render default networkPolicy
set:
networkPolicy.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
name: gitea-unittest
namespace: testing
- notExists:
path: metadata.annotations
- equal:
path: metadata.labels
value:
app: gitea
app.kubernetes.io/instance: gitea-unittest
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: gitea
app.kubernetes.io/version: 0.1.0
helm.sh/chart: gitea-0.1.0
version: 0.1.0
- equal:
path: spec.podSelector.matchLabels
value:
app.kubernetes.io/instance: gitea-unittest
app.kubernetes.io/name: gitea
- notExists:
path: spec.policyTypes
- notExists:
path: spec.egress
- notExists:
path: spec.ingress
- it: Template networkPolicy with policyTypes, egress and ingress configuration
set:
networkPolicy.enabled: true
networkPolicy.policyTypes:
- Egress
- Ingress
networkPolicy.ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: monitoring
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus
networkPolicy.egress:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: ingress-nginx
podSelector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
asserts:
- equal:
path: spec.policyTypes
value:
- Egress
- Ingress
- equal:
path: spec.egress
value:
- to:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: ingress-nginx
podSelector:
matchLabels:
app.kubernetes.io/name: ingress-nginx
- equal:
path: spec.ingress
value:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: monitoring
podSelector:
matchLabels:
app.kubernetes.io/name: prometheus

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/pvc.yaml
- templates/pvc.yaml
tests:
- it: Storage Class using TPL
set:

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/serviceaccount.yaml
- templates/serviceaccount.yaml
tests:
- it: skips rendering by default
asserts:

View File

@@ -3,17 +3,17 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/serviceaccount.yaml
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
- templates/serviceaccount.yaml
- templates/deployment.yaml
- templates/config.yaml
tests:
- it: does not modify the deployment by default
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
asserts:
- notExists:
path: spec.serviceAccountName
- it: adds the reference to the deployment with serviceAccount.create=true
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
serviceAccount.create: true
asserts:
@@ -21,7 +21,7 @@ tests:
path: spec.template.spec.serviceAccountName
value: gitea-unittests
- it: allows referencing an externally created ServiceAccount to the deployment
template: templates/gitea/deployment.yaml
template: templates/deployment.yaml
set:
serviceAccount:
create: false # explicitly set to define rendering behavior

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/servicemonitor.yaml
- templates/servicemonitor.yaml
tests:
- it: skips rendering by default
asserts:

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/servicemonitor.yaml
- templates/servicemonitor.yaml
tests:
- it: renders nothing if gitea.metrics.serviceMonitor disabled and gitea.metrics.token empty
set:

View File

@@ -3,7 +3,7 @@ release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/servicemonitor.yaml
- templates/servicemonitor.yaml
tests:
- it: renders unsecure ServiceMonitor if gitea.metrics.token nil
set:

View File

@@ -20,7 +20,7 @@ global:
# hostnames:
# - example.com
## @param namespace An explicit namespace to deploy gitea into. Defaults to the release namespace if not specified
## @param namespace An explicit namespace to deploy Gitea into. Defaults to the release namespace if not specified
namespace: ""
## @param replicaCount number of replicas for the deployment
@@ -281,13 +281,13 @@ extraContainers: []
# image: busybox
# command: [/bin/sh, -c, 'echo "Hello world"']
## @param preExtraInitContainers Additional init containers to run in the pod before gitea runs it owns init containers.
## @param preExtraInitContainers Additional init containers to run in the pod before Gitea runs it owns init containers.
preExtraInitContainers: []
# - name: pre-init-container
# image: docker.io/library/busybox
# command: [ /bin/sh, -c, 'echo "Hello world! I am a pre init container."' ]
## @param postExtraInitContainers Additional init containers to run in the pod after gitea runs it owns init containers.
## @param postExtraInitContainers Additional init containers to run in the pod after Gitea runs it owns init containers.
postExtraInitContainers: []
# - name: post-init-container
# image: docker.io/library/busybox
@@ -513,6 +513,100 @@ gitea:
successThreshold: 1
failureThreshold: 10
## @section Network Policy
networkPolicy:
## @param networkPolicy.enabled Enable network policies in general.
## @param networkPolicy.annotations Additional network policy annotations.
## @param networkPolicy.labels Additional network policy labels.
## @param networkPolicy.policyTypes List of policy types. Supported is ingress, egress or ingress and egress.
## @param networkPolicy.egress Concrete egress network policy implementation.
## @skip networkPolicy.egress Skip individual egress configuration.
## @param networkPolicy.ingress Concrete ingress network policy implementation.
## @skip networkPolicy.ingress Skip individual ingress configuration.
enabled: false
annotations: {}
labels: {}
policyTypes: []
# - Egress
# - Ingress
egress: []
# Allow outgoing DNS traffic to the internal running DNS-Server. For example core-dns.
#
# - to:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: kube-system
# podSelector:
# matchLabels:
# k8s-app: kube-dns
# ports:
# - port: 53
# protocol: TCP
# - port: 53
# protocol: UDP
# Allow outgoing traffic via HTTPS. For example for oAuth2, Gravatar and other third party APIs.
#
# - to:
# ports:
# - port: 443
# protocol: TCP
# Allow outgoing traffic to PostgreSQL.
#
# - to:
# - podSelector:
# matchLabels:
# app.kubernetes.io/name: postgresql-ha
# ports: []
# # Avoid explicit list of ports, because Gitea tries to ping the PostgreSQL database during the initialization
# # process. The ICMP protocol is currently not supported as list of protocols by kubernetes. For this reason would
# # lead listing of the ports to an issue. Therefore, please handle the database ports with care.
# #
# # - port: 5432
# # protocol: TCP
# Allow outgoing traffic to Valkey.
#
# - to:
# - podSelector:
# matchLabels:
# app.kubernetes.io/name: valkey-cluster
# ports:
# - port: 6379
# protocol: TCP
# - port: 16379
# protocol: TCP
ingress: []
# Allow incoming HTTP traffic from prometheus.
#
# - from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: monitoring
# podSelector:
# matchLabels:
# app.kubernetes.io/name: prometheus
# ports:
# - port: http
# protocol: TCP
# Allow incoming HTTP traffic from ingress-nginx.
#
# - from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: ingress-nginx
# podSelector:
# matchLabels:
# app.kubernetes.io/name: ingress-nginx
# ports:
# - port: http
# protocol: TCP
## @section valkey-cluster
## @param valkey-cluster.enabled Enable valkey cluster
# ⚠️ The valkey charts do not work well with special characters in the password (<https://gitea.com/gitea/helm-chart/issues/690>).