Compare commits

..

184 Commits

Author SHA1 Message Date
Renovate Bot
1d7037e55e chore(deps): update lockfiles (#950)
All checks were successful
changelog / changelog (push) Successful in 17s
check-and-test / check-and-test (push) Successful in 33s
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-15 00:03:16 +00:00
Renovate Bot
9cf42f55b0 chore(deps): update workflow dependencies (minor & patch) (#949)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-14 00:02:50 +00:00
Renovate Bot
8ed2db6aa5 chore(deps): update dependency go-gitea/gitea to v1.24.6 (#948)
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/948
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-11 19:17:52 +00:00
Renovate Bot
667834962e chore(deps): update lockfiles (#947)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-10 00:02:48 +00:00
Renovate Bot
78aba58284 chore(deps): update https://github.com/aws-actions/configure-aws-credentials action to v5 (#946)
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/946
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-07 11:11:43 +00:00
Renovate Bot
7c0a924ca3 chore(deps): update lockfiles (#945)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-06 00:03:27 +00:00
Renovate Bot
677b1af2ed chore(deps): update actions/checkout action to v5 (#928)
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/928
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-01 01:54:47 +00:00
Renovate Bot
c9af860e60 chore(deps): update workflow dependencies (minor & patch) (#943)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-01 00:03:03 +00:00
Renovate Bot
3721929be2 chore(deps): update subcharts (minor & patch) (#942)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-31 00:07:22 +00:00
Renovate Bot
44e9970b0b chore(deps): update subcharts (minor & patch) (#941)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-26 00:08:54 +00:00
Renovate Bot
4fc53cd978 chore(deps): update unittests/bash/test_helper/bats-support digest to 0954abb (#939)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-25 00:03:54 +00:00
Renovate Bot
122bccd932 chore(deps): update alpine/helm docker tag to v3.18.5 (#940)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-24 00:04:06 +00:00
ChristopherHX
3233e33e27 chore: update maintainers list - add ChristopherHX (#937)
As discussed in https://gitea.com/gitea/helm-gitea/issues/931

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/937
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: Markus Pesch <volker.raschek@noreply.gitea.com>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-committed-by: ChristopherHX <christopher.homberger@web.de>
2025-08-21 08:50:09 +00:00
Daan Selen
6b99230843 chore: update maintainers list - DaanSelen (#936)
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/936
Reviewed-by: delvh <dev.lh@web.de>
Reviewed-by: Markus Pesch <volker.raschek@noreply.gitea.com>
Co-authored-by: Daan Selen <dselen@nerthus.nl>
Co-committed-by: Daan Selen <dselen@nerthus.nl>
2025-08-20 21:38:42 +00:00
d9e181df93 chore: update maintainers list - volker.raschek (#933)
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/933
Reviewed-by: delvh <dev.lh@web.de>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2025-08-20 16:32:23 +00:00
Ross Golder
603f8e68a7 chore: update maintainers list - rossigee (#932)
Co-authored-by: Ross Golder <ross@golder.org>
Co-committed-by: Ross Golder <ross@golder.org>
2025-08-20 11:19:17 +00:00
10ad0f7743 style: adapt indentation of extraInitContainer tests 2025-08-19 12:49:01 +02:00
e31bd265b1 docs(README): fulfill MD044/proper-names 2025-08-19 12:44:12 +02:00
kostovicmb
4cfcbd729f feat(deployment): support further initContainers
The following patch intoduce the dictionaries pre and postExtraInitContainers.
The dictionaries can be used to specify further initContainers before and after
the gitea initializing process. For example:

```yaml
postExtraInitContainers:
- name: foo
  image: docker.io/library/busybox:latest
preExtraInitContainers:
- name: bar
  image: docker.io/library/busybox:latest
```
2025-08-19 12:24:33 +02:00
Renovate Bot
f786359136 chore(deps): update lockfiles (#929)
All checks were successful
changelog / changelog (push) Successful in 9s
check-and-test / check-and-test (push) Successful in 1m46s
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-19 00:04:14 +00:00
Renovate Bot
6d5fbcbaee chore(deps): update bats testing framework (#927)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-17 00:04:16 +00:00
Renovate Bot
14a4e47b73 chore(deps): update lockfiles (#926)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-16 00:04:27 +00:00
Renovate Bot
3a7859f6cc chore(deps): update subcharts (minor & patch) (#922)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-15 00:08:57 +00:00
Renovate Bot
364dfa2076 chore(deps): update dependency go-gitea/gitea to v1.24.5 (#925)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-14 06:26:53 +00:00
468c12643f fix(renovate): add lockFileMaintenance (#924)
The following patch adapts the renovate configuration maintain lockfiles, for
example the package-lock.json

Further information can be found in the official documentation:

https://docs.renovatebot.com/configuration-options/#lockfilemaintenance

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/924
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2025-08-13 07:24:29 +00:00
Renovate Bot
46aa0534bb chore(deps): update dependency go-gitea/gitea to v1.24.4 (#919)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-12 19:36:22 +00:00
Renovate Bot
455cc67d41 chore(deps): update docker.io/thegeeklab/git-sv docker tag to v2.0.4 (#921)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-12 18:17:07 +00:00
Renovate Bot
ec898f1330 chore(deps): update dependency helm-unittest/helm-unittest to v1 (#914)
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/914
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-12 18:14:14 +00:00
82190f3d30 docs(README): be compliant with markdownlint (#923)
All checks were successful
changelog / changelog (push) Successful in 8s
check-and-test / check-and-test (push) Successful in 1m46s
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/923
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2025-08-12 15:04:57 +00:00
delvh
e059beb82b Add "Maintainer needed" notice 2025-08-04 23:50:22 +00:00
pat-s
9206b34af3 docs: remove pat-s from maintainers (#918)
#916

After many years of maintaining this chart alongside @justusbunsi, I am also stepping down as a maintainer.
In the following, I want to inform users about the reasons.

I am on an independent journey since ~ 1 year, which brought many new challenges and responsibilities.
Since then I have created many devops-related assets (charts, Ansible role, images) which I am now curating as part of my professional work.
Besides, I have also continued with all my FOSS-related efforts. This has summed up to ~ 20-30 projects for which I am either in a primary or secondary maintainer role.
While I have a lot of fun in this, I need to ensure to not go beyond my limits and focus on the ones which I also use in my daily dev & professional life.

Gitea isn't among these anymore since some time, which brings me to the second part of why I am stepping down:
After thinking about it for a long time and being torn between worlds, I've decided to go with Forgejo instead of Gitea for most instances I am running/maintaining.
Since then, I have used the Gitea helm chart to deploy these. This has worked out great and without issues and will likely continue to do so for the foreseeable future.

However, it lately started to feel "wrong", i.e. to continue using the Gitea chart for Forgejo deployments, especially after both projects have substantially diverged some time ago already and a Forgejo Helm Chart exists since some time. Also, I had the feeling of not being able to "commit" to one of the projects fully, being involved in both.
After launching [CodeFloe](https://codefloe.com) a few weeks ago, a public Forgejo instance, I came to the conclusion to step down as a maintainer and focus on the software that I use daily.

And as I like be fully transparent: I don't wanna hold back on the fact that I was also missing the community spirit from "the old days" quite a bit lately, both in the Discord server and the discussions in the chart. The ratio of low-quality requests in the Chart increased a lot over the last ~ 1.5 years, while at the same time the average response times of Gitea core member increased to weeks.

I hope the Gitea community can turn this around again and create a welcoming place to which its fun to contribute to in one's spare time. I enjoyed it for the most part and want to thank everyone who supported me during this time, for the general trust in Chart-related decisions, and the opportunity to personally improve on Helm chart management in general.

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/918
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-08-04 19:06:39 +00:00
justusbunsi
203a282e93 docs: step down as maintainer (#917)
This is a direct follow-up to https://gitea.com/gitea/helm-gitea/issues/916.

Over the past months I took an unofficial break. During this time I realized that I don't have the necessary energy and spare time to maintain the Helm Chart long-term - in a way I would like to. Before that break I had ups where I was hyper-focused on the chart, and downs where everything was too much after work. I never found a sweat spot between both. This is not good for me. It is therefore with a heavy heart that I am stepping down as a maintainer.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/917
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-08-04 18:33:25 +00:00
Renovate Bot
81c12fa3e5 chore(deps): update alpine/helm docker tag to v3.18.4 (#913)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-03 00:04:24 +00:00
Renovate Bot
c7e294cf8c chore(deps): update postgresql docker tag to v16.7.21 (#908)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-07-27 00:07:36 +00:00
Renovate Bot
ce60c7bb0f chore(deps): update subcharts (minor & patch) (#905)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | patch | `16.7.18` -> `16.7.20` |
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | patch | `16.0.21` -> `16.0.22` |
| [valkey](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/valkey)) | patch | `3.0.20` -> `3.0.22` |
| [valkey-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/valkey-cluster)) | patch | `3.0.17` -> `3.0.18` |

---

### Release Notes

<details>
<summary>bitnami/charts (postgresql)</summary>

### [`v16.7.20`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#16720-2025-07-18)

- \[bitnami/postgresql] Rename backup.cronjob.timeZone to backup.cronjob.timezone ([#&#8203;35153](https://github.com/bitnami/charts/pull/35153))

### [`v16.7.19`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small16719-2025-07-15-small)

- \[bitnami/postgresql]  :arrow\_up: Update dependency references ([#&#8203;35116](https://github.com/bitnami/charts/issues/35116)) ([15c6eee](15c6eeeee5)), closes [#&#8203;35116](https://github.com/bitnami/charts/issues/35116)

</details>

<details>
<summary>bitnami/charts (postgresql-ha)</summary>

### [`v16.0.22`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#16022-2025-07-15)

- \[bitnami/postgresql-ha]  :arrow\_up: Update dependency references ([#&#8203;35117](https://github.com/bitnami/charts/pull/35117))

</details>

<details>
<summary>bitnami/charts (valkey)</summary>

### [`v3.0.22`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey/CHANGELOG.md#3022-2025-07-16)

- \[bitnami/valkey]  :arrow\_up: Update dependency references ([#&#8203;35151](https://github.com/bitnami/charts/pull/35151))

### [`v3.0.21`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey/CHANGELOG.md#small3021-2025-07-15-small)

- \[bitnami/valkey]  :arrow\_up: Update dependency references ([#&#8203;35135](https://github.com/bitnami/charts/issues/35135)) ([4a16d74](4a16d74eeb)), closes [#&#8203;35135](https://github.com/bitnami/charts/issues/35135)

</details>

<details>
<summary>bitnami/charts (valkey-cluster)</summary>

### [`v3.0.18`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey-cluster/CHANGELOG.md#3018-2025-07-15)

- \[bitnami/valkey-cluster]  :arrow\_up: Update dependency references ([#&#8203;35132](https://github.com/bitnami/charts/pull/35132))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xOC4xIiwidXBkYXRlZEluVmVyIjoiNDEuMTguMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsia2luZC9kZXBlbmRlbmN5Il19-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/905
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-07-19 13:08:41 +00:00
Renovate Bot
2875e08daf chore(deps): update workflow dependencies (minor & patch) (#906)
This PR contains the following updates:

| Package | Change | Age | Confidence | Type | Update |
|---|---|---|---|---|---|
| [@bitnami/readme-generator-for-helm](https://github.com/bitnami/readme-generator-for-helm) | [`2.7.1` -> `2.7.2`](https://renovatebot.com/diffs/npm/@bitnami%2freadme-generator-for-helm/2.7.1/2.7.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@bitnami%2freadme-generator-for-helm/2.7.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@bitnami%2freadme-generator-for-helm/2.7.1/2.7.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | devDependencies | patch |
| [docker.io/thegeeklab/git-sv](https://github.com/thegeeklab/git-sv) | `2.0.2` -> `2.0.3` | [![age](https://developer.mend.io/api/mc/badges/age/docker/docker.io%2fthegeeklab%2fgit-sv/2.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/docker.io%2fthegeeklab%2fgit-sv/2.0.2/2.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | container | patch |

---

### Release Notes

<details>
<summary>bitnami/readme-generator-for-helm (@&#8203;bitnami/readme-generator-for-helm)</summary>

### [`v2.7.2`](https://github.com/bitnami/readme-generator-for-helm/releases/tag/2.7.2)

[Compare Source](https://github.com/bitnami/readme-generator-for-helm/compare/2.7.1...2.7.2)

#### What's Changed

- fix(lib/utils.js): Change regexp to take only the 'key' at the beginning by [@&#8203;fmulero](https://github.com/fmulero) in https://github.com/bitnami/readme-generator-for-helm/pull/147
- fix(builder.js): Values defined as nullabe without setting any value were skipped by [@&#8203;fmulero](https://github.com/fmulero) in https://github.com/bitnami/readme-generator-for-helm/pull/148
- Prepare release 2.7.2 by [@&#8203;fmulero](https://github.com/fmulero) in https://github.com/bitnami/readme-generator-for-helm/pull/149

**Full Changelog**: https://github.com/bitnami/readme-generator-for-helm/compare/2.7.1...2.7.2

</details>

<details>
<summary>thegeeklab/git-sv (docker.io/thegeeklab/git-sv)</summary>

### [`v2.0.3`](https://github.com/thegeeklab/git-sv/releases/tag/v2.0.3)

[Compare Source](https://github.com/thegeeklab/git-sv/compare/v2.0.2...v2.0.3)

##### v2.0.3 (2025-07-16)

##### Bug Fixes

- **deps:** update module github.com/masterminds/semver/v3 to v3.4.0 ([#&#8203;213](https://github.com/thegeeklab/git-sv/issues/213)) ([`ef7b503`](https://github.com/thegeeklab/git-sv/commit/ef7b503))

##### Others

- **docker:** update docker.io/library/alpine:3.22 docker digest to [`4bcff63`](https://github.com/thegeeklab/git-sv/commit/4bcff63) ([#&#8203;219](https://github.com/thegeeklab/git-sv/issues/219)) ([`4ed486d`](https://github.com/thegeeklab/git-sv/commit/4ed486d))
- **deps:** update golang patch version ([#&#8203;218](https://github.com/thegeeklab/git-sv/issues/218)) ([`65bb3ce`](https://github.com/thegeeklab/git-sv/commit/65bb3ce))
- **deps:** update dependency golangci/golangci-lint to v2.2.2 ([#&#8203;217](https://github.com/thegeeklab/git-sv/issues/217)) ([`7fb6603`](https://github.com/thegeeklab/git-sv/commit/7fb6603))
- **docker:** update docker.io/library/golang:1.24.4 docker digest to [`20a022e`](https://github.com/thegeeklab/git-sv/commit/20a022e) ([#&#8203;216](https://github.com/thegeeklab/git-sv/issues/216)) ([`dc0e30a`](https://github.com/thegeeklab/git-sv/commit/dc0e30a))
- **docker:** update docker.io/library/golang:1.24.4 docker digest to [`764d7e0`](https://github.com/thegeeklab/git-sv/commit/764d7e0) ([#&#8203;215](https://github.com/thegeeklab/git-sv/issues/215)) ([`6576999`](https://github.com/thegeeklab/git-sv/commit/6576999))
- **deps:** update dependency golangci/golangci-lint to v2.2.1 ([#&#8203;214](https://github.com/thegeeklab/git-sv/issues/214)) ([`1ee648d`](https://github.com/thegeeklab/git-sv/commit/1ee648d))

##### CI Pipeline

- migrate to wsl\_v5 linter ([`ebec1bc`](https://github.com/thegeeklab/git-sv/commit/ebec1bc))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xOC4xIiwidXBkYXRlZEluVmVyIjoiNDEuMTguMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsia2luZC9kZXBlbmRlbmN5Il19-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/906
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-07-19 13:08:29 +00:00
09767c4494 docs(README): add workaround for rotating TLS certificates (#907)
The following patch extends the README of an additional chapter, how to handle
rotating TLS certificates mounted as secret into the container filesystem.

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/907
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2025-07-19 13:08:03 +00:00
Michael Kriese
a45253abf9 docs: fix broken links (#904)
<!--
 Before you open the request please review the following guidelines and tips to help it be more easily integrated:

 - Describe the scope of your change - i.e. what the change does.
 - Describe any known limitations with your change.
 - Please run any tests or examples that can exercise your modified code.

 Thank you for contributing! We will try to review, test and integrate the change as soon as we can.
 -->

### Description of the change

<!-- Describe the scope of your change - i.e. what the change does. -->
Fix broken docs links. 😉

### Benefits

<!-- What benefits will be realized by the code change? -->

### Possible drawbacks

<!-- Describe any known limitations with your change -->

### Applicable issues

<!-- Enter any applicable Issues here (You can reference an issue using #). Please remove this section if there is no referenced issue. -->
- none

### Additional information

<!-- If there's anything else that's important and relevant to your pull request, mention that information here. Please remove this section if it remains empty. -->

regression of #775

### ⚠ BREAKING

<!-- If there's a breaking change, please shortly describe in which way users are affected and how they can mitigate it. If there are no breakings, please remove this section. -->

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [ ] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [ ] Breaking changes are documented in the `README.md`
- [ ] Helm templating unittests are added (required when changing anything in `templates` folder)
- [ ] Bash unittests are added (required when changing anything in `scripts` folder)
- [ ] All added template resources MUST render a namespace in metadata

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/904
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Co-committed-by: Michael Kriese <michael.kriese@visualon.de>
2025-07-19 12:56:28 +00:00
Renovate Bot
f9efe98fe7 chore(deps): update dependency go-gitea/gitea to v1.24.3 (#902)
All checks were successful
changelog / changelog (push) Successful in 22s
check-and-test / check-and-test (push) Successful in 1m48s
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-07-17 00:04:20 +00:00
Renovate Bot
92c187f264 chore(deps): update subcharts (minor & patch) (#901)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-07-14 00:07:32 +00:00
Renovate Bot
4fbdf634a9 chore(deps): update subcharts (minor & patch) (#899)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-07-06 00:07:59 +00:00
Renovate Bot
f0dcbe88dd chore(deps): update subcharts (minor & patch) (#895)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-30 00:08:41 +00:00
Jade Deane
aa7ccb47ba fix: add srCheckPassword param to support new postgresql-ha stream replication check requirements (#894)
### Add new 'srCheckPassword' postgresql-ha value to support new postgresql-ha stream replication check requirements

Per Bitnami's [documentation](https://github.com/bitnami/charts/tree/main/bitnami/postgresql-ha#to-1600), a new 'sr_check_user' now exists for the purpose of pgpool preforming stream replication checking.

### Benefits

This change allows customizing that role's password by overriding Bitnami's chart value.

### Possible drawbacks

None that I'm aware of.

### Applicable issues

- Fixes #888

### Additional information

Per #888, the Bitnami PR where customizable stream reapplication check credentials were introduced is https://github.com/bitnami/charts/pull/33552

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Helm templating unittests are added (required when changing anything in `templates` folder)

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/894
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Jade Deane <jade.deane@gmail.com>
Co-committed-by: Jade Deane <jade.deane@gmail.com>
2025-06-27 13:32:41 +00:00
Renovate Bot
0f1f329de4 chore(deps): update workflow dependencies (minor & patch) (#892)
This PR contains the following updates:

| Package | Change | Age | Confidence | Type | Update |
|---|---|---|---|---|---|
| [@bitnami/readme-generator-for-helm](https://github.com/bitnami/readme-generator-for-helm) | [`2.7.0` -> `2.7.1`](https://renovatebot.com/diffs/npm/@bitnami%2freadme-generator-for-helm/2.7.0/2.7.1) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@bitnami%2freadme-generator-for-helm/2.7.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@bitnami%2freadme-generator-for-helm/2.7.0/2.7.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | devDependencies | patch |
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) | `3.18.2` -> `3.18.3` | [![age](https://developer.mend.io/api/mc/badges/age/docker/alpine%2fhelm/3.18.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/alpine%2fhelm/3.18.2/3.18.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) |  | patch |
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) | `3.18.2` -> `3.18.3` | [![age](https://developer.mend.io/api/mc/badges/age/docker/alpine%2fhelm/3.18.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/alpine%2fhelm/3.18.2/3.18.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | container | patch |
| [docker.io/thegeeklab/git-sv](https://github.com/thegeeklab/git-sv) | `2.0.1` -> `2.0.2` | [![age](https://developer.mend.io/api/mc/badges/age/docker/docker.io%2fthegeeklab%2fgit-sv/2.0.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/docker.io%2fthegeeklab%2fgit-sv/2.0.1/2.0.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | container | patch |
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | [`^0.44.0` -> `^0.45.0`](https://renovatebot.com/diffs/npm/markdownlint-cli/0.44.0/0.45.0) | [![age](https://developer.mend.io/api/mc/badges/age/npm/markdownlint-cli/0.45.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/markdownlint-cli/0.44.0/0.45.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | devDependencies | minor |

---

### Release Notes

<details>
<summary>bitnami/readme-generator-for-helm (@&#8203;bitnami/readme-generator-for-helm)</summary>

### [`v2.7.1`](https://github.com/bitnami/readme-generator-for-helm/releases/tag/2.7.1)

[Compare Source](https://github.com/bitnami/readme-generator-for-helm/compare/2.7.0...2.7.1)

#### What's Changed

- Fix MD059 warnings in Markdown files by [@&#8203;fmulero](https://github.com/fmulero) in https://github.com/bitnami/readme-generator-for-helm/pull/143
- Preserve whitespace in descriptions by [@&#8203;jnodorp-jaconi](https://github.com/jnodorp-jaconi) in https://github.com/bitnami/readme-generator-for-helm/pull/141
- Bump brace-expansion from 1.1.11 to 1.1.12 in the npm\_and\_yarn group across 1 directory by [@&#8203;dependabot](https://github.com/dependabot) in https://github.com/bitnami/readme-generator-for-helm/pull/144
- fix([#&#8203;60](https://github.com/bitnami/readme-generator-for-helm/issues/60)): build right path for complex objects by [@&#8203;fmulero](https://github.com/fmulero) in https://github.com/bitnami/readme-generator-for-helm/pull/145

#### New Contributors

- [@&#8203;jnodorp-jaconi](https://github.com/jnodorp-jaconi) made their first contribution in https://github.com/bitnami/readme-generator-for-helm/pull/141

**Full Changelog**: https://github.com/bitnami/readme-generator-for-helm/compare/2.7.0...2.7.1

</details>

<details>
<summary>thegeeklab/git-sv (docker.io/thegeeklab/git-sv)</summary>

### [`v2.0.2`](https://github.com/thegeeklab/git-sv/releases/tag/v2.0.2)

[Compare Source](https://github.com/thegeeklab/git-sv/compare/v2.0.1...v2.0.2)

##### v2.0.2 (2025-06-18)

##### Bug Fixes

- fix key mismatch regression in go-git ([#&#8203;211](https://github.com/thegeeklab/git-sv/issues/211)) ([`0fc807c`](https://github.com/thegeeklab/git-sv/commit/0fc807c))
- **deps:** update module github.com/urfave/cli/v3 to v3.3.8 ([#&#8203;210](https://github.com/thegeeklab/git-sv/issues/210)) ([`60d42b3`](https://github.com/thegeeklab/git-sv/commit/60d42b3))
- **deps:** update module github.com/go-git/go-git/v5 to v5.16.2 ([#&#8203;206](https://github.com/thegeeklab/git-sv/issues/206)) ([`a1c7cb5`](https://github.com/thegeeklab/git-sv/commit/a1c7cb5))
- **deps:** update module github.com/go-git/go-git/v5 to v5.16.1 ([#&#8203;204](https://github.com/thegeeklab/git-sv/issues/204)) ([`90d574b`](https://github.com/thegeeklab/git-sv/commit/90d574b))
- **deps:** update module github.com/goccy/go-yaml to v1.18.0 ([#&#8203;201](https://github.com/thegeeklab/git-sv/issues/201)) ([`45a5374`](https://github.com/thegeeklab/git-sv/commit/45a5374))
- **deps:** update module github.com/urfave/cli/v3 to v3.3.3 ([#&#8203;200](https://github.com/thegeeklab/git-sv/issues/200)) ([`8e9809e`](https://github.com/thegeeklab/git-sv/commit/8e9809e))

##### Others

- **deps:** update docker.io/library/alpine docker tag to v3.22 ([#&#8203;202](https://github.com/thegeeklab/git-sv/issues/202)) ([`dcc839c`](https://github.com/thegeeklab/git-sv/commit/dcc839c))
- **docker:** update docker.io/library/golang:1.24.4 docker digest to [`10c1318`](https://github.com/thegeeklab/git-sv/commit/10c1318) ([#&#8203;209](https://github.com/thegeeklab/git-sv/issues/209)) ([`bcd32f0`](https://github.com/thegeeklab/git-sv/commit/bcd32f0))
- **docker:** update docker.io/library/golang:1.24.4 docker digest to [`3178db8`](https://github.com/thegeeklab/git-sv/commit/3178db8) ([#&#8203;208](https://github.com/thegeeklab/git-sv/issues/208)) ([`8b6a5f5`](https://github.com/thegeeklab/git-sv/commit/8b6a5f5))
- **docker:** update docker.io/library/golang:1.24.4 docker digest to [`d1db785`](https://github.com/thegeeklab/git-sv/commit/d1db785) ([#&#8203;207](https://github.com/thegeeklab/git-sv/issues/207)) ([`8e5df40`](https://github.com/thegeeklab/git-sv/commit/8e5df40))
- **deps:** update golang patch version ([#&#8203;205](https://github.com/thegeeklab/git-sv/issues/205)) ([`ea35ff9`](https://github.com/thegeeklab/git-sv/commit/ea35ff9))
- **docker:** update docker.io/library/golang:1.24.3 docker digest to [`81bf592`](https://github.com/thegeeklab/git-sv/commit/81bf592) ([#&#8203;203](https://github.com/thegeeklab/git-sv/issues/203)) ([`2ace1de`](https://github.com/thegeeklab/git-sv/commit/2ace1de))
- **deps:** update golang patch version ([#&#8203;199](https://github.com/thegeeklab/git-sv/issues/199)) ([`f7383bd`](https://github.com/thegeeklab/git-sv/commit/f7383bd))

</details>

<details>
<summary>igorshubovych/markdownlint-cli (markdownlint-cli)</summary>

### [`v0.45.0`](https://github.com/igorshubovych/markdownlint-cli/releases/tag/v0.45.0)

[Compare Source](https://github.com/igorshubovych/markdownlint-cli/compare/v0.44.0...v0.45.0)

- Update `markdownlint` dependency to `0.38.0`
  - Add `MD059`/`descriptive-link-text`
  - Improve `MD025`/`MD027`/`MD036`/`MD038`/`MD041`/`MD043`/`MD045`/`MD051`/`MD052`
  - Remove support for end-of-life Node version 18
- Update all dependencies via `Dependabot`

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xLjMiLCJ1cGRhdGVkSW5WZXIiOiI0MS42LjQiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/892
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-27 13:29:35 +00:00
Renovate Bot
cb28148dc8 chore(deps): update subcharts (minor & patch) (#891)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-23 00:08:57 +00:00
Renovate Bot
ee84a1750b chore(deps): update dependency go-gitea/gitea to v1.24.2 (#890)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-22 00:05:29 +00:00
Renovate Bot
6e1d516bb2 chore(deps): update bats testing framework (#889)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-21 00:12:27 +00:00
Renovate Bot
08143654a5 chore(deps): update dependency go-gitea/gitea to v1.24.1 (#887)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-20 00:13:06 +00:00
pat-s
e134835662 ci: remove comment 2025-06-16 16:25:10 +02:00
Lunny Xiao
e7db8cddd9 refactor: clarify SSH behavior for rootful images (#876)
For rootful Gitea images, the built-in OpenSSH server is reused, and Gitea itself does not listen on any SSH port. Therefore, the `SSH_LISTEN_PORT` setting has no effect. Explicitly setting `START_SSH_SERVER` helps avoid confusion and makes the behavior clearer.

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/876
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-committed-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-06-16 14:21:00 +00:00
ec7a659535 feat: add Artifacthub annotation 'artifacthub.io/changes' (#881)
The following PR add the annotation 'artifacthub.io/changes'. For each semantic
commit will be the annotation extended. Further information can be found in the
documentation of
[Artifacthub.io](https://artifacthub.io/docs/topics/annotations/helm/#supported-annotations).

The CI has been adapted. The binary jq as well as yq in >= v4.0 is required.
Otherwise will not be concatenated the YAML file correctly via the yq expression,
because the `loadstr()` expression is not available in lower versions.

Additionally the relation between the semantic commit and the Artifacthub.io
change log type should be clarified. The current relationshiop can be adapted if
needed.

Furthermore, yq will be installed as part of the CI steps. It would be great if
yq is also available as deb package in >=v4.0. This would reduce the boiler
plate to install yq and maintain the version via renovate.

Regarding the renovate expression. In my environment works this expression, but
I don't know if it also works in this gitea/renovate instance.

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/881
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2025-06-16 14:20:39 +00:00
pat-s
db177a356f ci: bump helm version for tests 2025-06-15 14:45:19 +02:00
Lunny Xiao
d29a7e84a4 fix: correct replicaCount comparison (#884)
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/884
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-committed-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-06-15 12:41:20 +00:00
Renovate Bot
31fa278145 chore(deps): update subcharts (minor & patch) (#885)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | patch | `16.7.4` -> `16.7.11` |
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | patch | `16.0.6` -> `16.0.14` |
| [valkey](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/valkey)) | patch | `3.0.9` -> `3.0.13` |
| [valkey-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/valkey-cluster)) | patch | `3.0.10` -> `3.0.14` |

---

### Release Notes

<details>
<summary>bitnami/charts (postgresql)</summary>

### [`v16.7.11`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#16711-2025-06-11)

-   \[bitnami/postgresql]  ⬆️ Update dependency references ([#&#8203;34353](https://github.com/bitnami/charts/pull/34353))

### [`v16.7.10`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small16710-2025-06-06-small)

-   \[bitnami/postgresql]  ⬆️ Update dependency references ([#&#8203;34210](https://github.com/bitnami/charts/issues/34210)) ([5880187](5880187fcb)), closes [#&#8203;34210](https://github.com/bitnami/charts/issues/34210)

### [`v16.7.9`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1679-2025-06-03-small)

-   \[bitnami/postgresql]  ⬆️ Update dependency references ([#&#8203;34076](https://github.com/bitnami/charts/issues/34076)) ([1063457](10634578d5)), closes [#&#8203;34076](https://github.com/bitnami/charts/issues/34076)

### [`v16.7.8`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1678-2025-05-30-small)

-   \[bitnami/postgresql]  ⬆️ Update dependency references ([#&#8203;34009](https://github.com/bitnami/charts/issues/34009)) ([41b1852](41b1852d4b)), closes [#&#8203;34009](https://github.com/bitnami/charts/issues/34009)

### [`v16.7.6`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1676-2025-05-30-small)

-   \[bitnami/postgresql] Update dependencies ([#&#8203;33986](https://github.com/bitnami/charts/issues/33986)) ([400a5e5](400a5e5dc0)), closes [#&#8203;33986](https://github.com/bitnami/charts/issues/33986)

### [`v16.7.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1675-2025-05-27-small)

-   \[bitnami/\*] Add CNAB link for charts on Azure MP ([#&#8203;33695](https://github.com/bitnami/charts/issues/33695)) ([6312371](63123718de)), closes [#&#8203;33695](https://github.com/bitnami/charts/issues/33695)
-   \[bitnami/\*] Update CNAB tip ([#&#8203;33741](https://github.com/bitnami/charts/issues/33741)) ([2bc74f3](2bc74f3f53)), closes [#&#8203;33741](https://github.com/bitnami/charts/issues/33741)
-   \[bitnami/postgresql]  ⬆️ Update dependency references ([#&#8203;33916](https://github.com/bitnami/charts/issues/33916)) ([96adefd](96adefd64d)), closes [#&#8203;33916](https://github.com/bitnami/charts/issues/33916)

</details>

<details>
<summary>bitnami/charts (postgresql-ha)</summary>

### [`v16.0.14`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#16014-2025-06-13)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;34486](https://github.com/bitnami/charts/pull/34486))

### [`v16.0.13`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small16013-2025-06-12-small)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;34375](https://github.com/bitnami/charts/issues/34375)) ([3ac12a1](3ac12a1032)), closes [#&#8203;34375](https://github.com/bitnami/charts/issues/34375)

### [`v16.0.12`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small16012-2025-06-11-small)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;34354](https://github.com/bitnami/charts/issues/34354)) ([0f9c1d4](0f9c1d4529)), closes [#&#8203;34354](https://github.com/bitnami/charts/issues/34354)

### [`v16.0.11`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small16011-2025-06-06-small)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;34211](https://github.com/bitnami/charts/issues/34211)) ([068660d](068660d0ba)), closes [#&#8203;34211](https://github.com/bitnami/charts/issues/34211)

### [`v16.0.10`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small16010-2025-06-03-small)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;34072](https://github.com/bitnami/charts/issues/34072)) ([ae2e653](ae2e653858)), closes [#&#8203;34072](https://github.com/bitnami/charts/issues/34072)

### [`v16.0.9`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1609-2025-05-30-small)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;33983](https://github.com/bitnami/charts/issues/33983)) ([2a92873](2a9287306a)), closes [#&#8203;33983](https://github.com/bitnami/charts/issues/33983)

### [`v16.0.8`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1608-2025-05-27-small)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;33915](https://github.com/bitnami/charts/issues/33915)) ([adcb803](adcb803342)), closes [#&#8203;33915](https://github.com/bitnami/charts/issues/33915)

### [`v16.0.7`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1607-2025-05-26-small)

-   \[bitnami/postgresql-ha] Update domain name value for PGPOOL_BACKEND_NODES ([#&#8203;33607](https://github.com/bitnami/charts/issues/33607)) ([286eab6](286eab651e)), closes [#&#8203;33607](https://github.com/bitnami/charts/issues/33607)

</details>

<details>
<summary>bitnami/charts (valkey)</summary>

### [`v3.0.13`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey/CHANGELOG.md#3013-2025-06-11)

-   \[bitnami/valkey]  ⬆️ Update dependency references ([#&#8203;34361](https://github.com/bitnami/charts/pull/34361))

### [`v3.0.12`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey/CHANGELOG.md#small3012-2025-06-10-small)

-   \[bitnami/valkey]  ⬆️ Update dependency references ([#&#8203;34322](https://github.com/bitnami/charts/issues/34322)) ([4ea6675](4ea66757c8)), closes [#&#8203;34322](https://github.com/bitnami/charts/issues/34322)

### [`v3.0.11`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey/CHANGELOG.md#small3011-2025-06-08-small)

-   \[bitnami/valkey]  ⬆️ Update dependency references ([#&#8203;34248](https://github.com/bitnami/charts/issues/34248)) ([e945325](e9453256b0)), closes [#&#8203;34248](https://github.com/bitnami/charts/issues/34248)

### [`v3.0.10`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey/CHANGELOG.md#small3010-2025-06-06-small)

-   \[bitnami/valkey]  ⬆️ Update dependency references ([#&#8203;34189](https://github.com/bitnami/charts/issues/34189)) ([6fa7396](6fa7396b58)), closes [#&#8203;34189](https://github.com/bitnami/charts/issues/34189)
-   \[bitnami/valkey] Fix info about Sentinel StatefulSet in README ([#&#8203;33881](https://github.com/bitnami/charts/issues/33881)) ([ddc76cc](ddc76cc1f4)), closes [#&#8203;33881](https://github.com/bitnami/charts/issues/33881)

</details>

<details>
<summary>bitnami/charts (valkey-cluster)</summary>

### [`v3.0.14`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey-cluster/CHANGELOG.md#3014-2025-06-13)

-   \[bitnami/valkey-cluster]  ⬆️ Update dependency references ([#&#8203;34488](https://github.com/bitnami/charts/pull/34488))

### [`v3.0.13`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey-cluster/CHANGELOG.md#small3013-2025-06-11-small)

-   \[bitnami/valkey-cluster]  ⬆️ Update dependency references ([#&#8203;34362](https://github.com/bitnami/charts/issues/34362)) ([df7362e](df7362ef25)), closes [#&#8203;34362](https://github.com/bitnami/charts/issues/34362)

### [`v3.0.12`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey-cluster/CHANGELOG.md#small3012-2025-06-08-small)

-   \[bitnami/valkey-cluster]  ⬆️ Update dependency references ([#&#8203;34252](https://github.com/bitnami/charts/issues/34252)) ([6592a44](6592a44115)), closes [#&#8203;34252](https://github.com/bitnami/charts/issues/34252)

### [`v3.0.11`](https://github.com/bitnami/charts/blob/HEAD/bitnami/valkey-cluster/CHANGELOG.md#small3011-2025-06-06-small)

-   \[bitnami/valkey-cluster]  ⬆️ Update dependency references ([#&#8203;34216](https://github.com/bitnami/charts/issues/34216)) ([c4d9bfb](c4d9bfb0df)), closes [#&#8203;34216](https://github.com/bitnami/charts/issues/34216)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC41NC4xIiwidXBkYXRlZEluVmVyIjoiNDAuNTQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsia2luZC9kZXBlbmRlbmN5Il19-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/885
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-15 12:40:56 +00:00
Renovate Bot
52c249eb08 chore(deps): update dependency go-gitea/gitea to v1.24.0 (#886)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [go-gitea/gitea](https://github.com/go-gitea/gitea) | minor | `1.23.8` -> `1.24.0` |

---

### Release Notes

<details>
<summary>go-gitea/gitea (go-gitea/gitea)</summary>

### [`v1.24.0`](https://github.com/go-gitea/gitea/blob/HEAD/CHANGELOG.md#1240---2025-05-26)

[Compare Source](https://github.com/go-gitea/gitea/compare/v1.23.8...v1.24.0)

-   BREAKING
    -   Make Gitea always use its internal config, ignore `/etc/gitconfig` ([#&#8203;33076](https://github.com/go-gitea/gitea/issues/33076))
    -   Improve log format ([#&#8203;33814](https://github.com/go-gitea/gitea/issues/33814))
    -   Fix markdown render behaviors ([#&#8203;34122](https://github.com/go-gitea/gitea/issues/34122))
    -   Add package version api endpoints ([#&#8203;34173](https://github.com/go-gitea/gitea/issues/34173))

-   FEATURES
    -   Enforce two-factor auth (2FA: TOTP or WebAuthn) ([#&#8203;34187](https://github.com/go-gitea/gitea/issues/34187))
    -   Add fullscreen mode as a more efficient operation way to view projects ([#&#8203;34081](https://github.com/go-gitea/gitea/issues/34081))
    -   Add anonymous access support for private/unlisted repositories ([#&#8203;34051](https://github.com/go-gitea/gitea/issues/34051))
    -   Support public code/issue access for private repositories ([#&#8203;33127](https://github.com/go-gitea/gitea/issues/33127))
    -   Add middleware for request prioritization ([#&#8203;33951](https://github.com/go-gitea/gitea/issues/33951))
    -   Add cli flags LDAP group configuration ([#&#8203;33933](https://github.com/go-gitea/gitea/issues/33933))
    -   Add file tree to file view page ([#&#8203;32721](https://github.com/go-gitea/gitea/issues/32721))
    -   Add material icons for file list ([#&#8203;33837](https://github.com/go-gitea/gitea/issues/33837))
    -   Artifacts download api for artifact actions v4 ([#&#8203;33510](https://github.com/go-gitea/gitea/issues/33510))
    -   Support choose email when creating a commit via web UI ([#&#8203;33432](https://github.com/go-gitea/gitea/issues/33432))
    -   Add basic auth support to rss/atom feeds ([#&#8203;33371](https://github.com/go-gitea/gitea/issues/33371))
    -   Add sorting by exclusive labels (issue priority) ([#&#8203;33206](https://github.com/go-gitea/gitea/issues/33206))
    -   Add sub issue list support ([#&#8203;32940](https://github.com/go-gitea/gitea/issues/32940))
    -   Private README.md for organization ([#&#8203;32872](https://github.com/go-gitea/gitea/issues/32872))
    -   Email option to embed images as base64 instead of link ([#&#8203;32061](https://github.com/go-gitea/gitea/issues/32061))
    -   Option to delay conflict checking of old pull requests until page view ([#&#8203;27779](https://github.com/go-gitea/gitea/issues/27779))
    -   Worktime tracking for the organization level ([#&#8203;19808](https://github.com/go-gitea/gitea/issues/19808))

-   PERFORMANCE
    -   Add cache for common package queries ([#&#8203;22491](https://github.com/go-gitea/gitea/issues/22491))
    -   Move issue pin to an standalone table for querying performance ([#&#8203;33452](https://github.com/go-gitea/gitea/issues/33452))
    -   Improve commits list performance to reduce unnecessary database queries ([#&#8203;33528](https://github.com/go-gitea/gitea/issues/33528))
    -   Optimize total count of feed when loading activities in user dashboard. ([#&#8203;33841](https://github.com/go-gitea/gitea/issues/33841))
    -   Optimize heatmap query ([#&#8203;33853](https://github.com/go-gitea/gitea/issues/33853))
    -   Only use prev and next buttons for pagination on user dashboard ([#&#8203;33981](https://github.com/go-gitea/gitea/issues/33981))
    -   Improve pull request list API performance ([#&#8203;34052](https://github.com/go-gitea/gitea/issues/34052))
    -   Cache GPG keys, emails and users when list commits ([#&#8203;34086](https://github.com/go-gitea/gitea/issues/34086))
    -   Refactor Git Attribute & performance optimization ([#&#8203;34154](https://github.com/go-gitea/gitea/issues/34154))
    -   Performance optimization for tags synchronization ([#&#8203;34355](https://github.com/go-gitea/gitea/issues/34355)) [#&#8203;34522](https://github.com/go-gitea/gitea/issues/34522)

-   ENHANCEMENTS
    -   Code
        -   Display when a release attachment was uploaded ([#&#8203;34261](https://github.com/go-gitea/gitea/issues/34261))
        -   Support creating relative link to raw path in markdown ([#&#8203;34105](https://github.com/go-gitea/gitea/issues/34105))
        -   Improve code block readability and isolate copy button ([#&#8203;34009](https://github.com/go-gitea/gitea/issues/34009))
        -   Improve repository commit view ([#&#8203;33877](https://github.com/go-gitea/gitea/issues/33877))
        -   Full-file syntax highlighting for diff pages ([#&#8203;33766](https://github.com/go-gitea/gitea/issues/33766))
        -   Clone repository with Tea CLI ([#&#8203;33725](https://github.com/go-gitea/gitea/issues/33725))
        -   Improve sync fork behavior ([#&#8203;33319](https://github.com/go-gitea/gitea/issues/33319))
        -   Make git clone URL could use current signed-in user ([#&#8203;33091](https://github.com/go-gitea/gitea/issues/33091))
        -   Add submodule diff links ([#&#8203;33097](https://github.com/go-gitea/gitea/issues/33097))
        -   Link to tree views of submodules if possible ([#&#8203;33424](https://github.com/go-gitea/gitea/issues/33424))
        -   Only keep popular licenses ([#&#8203;33832](https://github.com/go-gitea/gitea/issues/33832))
        -   De-emphasize signed commits ([#&#8203;31160](https://github.com/go-gitea/gitea/issues/31160))

    -   Actions
        -   Add flat-square action badge style ([#&#8203;34062](https://github.com/go-gitea/gitea/issues/34062))
        -   Update action status badge layout ([#&#8203;34018](https://github.com/go-gitea/gitea/issues/34018))
        -   Download actions job logs from API ([#&#8203;33858](https://github.com/go-gitea/gitea/issues/33858))
        -   Always show the "rerun" button for action jobs ([#&#8203;33692](https://github.com/go-gitea/gitea/issues/33692))
        -   Add auto-expanding running actions step ([#&#8203;30058](https://github.com/go-gitea/gitea/issues/30058))
        -   Update status check for all supported on.pull_request.types in Gitea ([#&#8203;33117](https://github.com/go-gitea/gitea/issues/33117))
        -   Workflow_dispatch use workflow from trigger branch ([#&#8203;33098](https://github.com/go-gitea/gitea/issues/33098))
        -   Add action auto-scroll ([#&#8203;30057](https://github.com/go-gitea/gitea/issues/30057))
        -   Add workflow_job webhook ([#&#8203;33694](https://github.com/go-gitea/gitea/issues/33694))
        -   Add a button editing action secret ([#&#8203;34462](https://github.com/go-gitea/gitea/issues/34462))

    -   Pull Request
        -   Auto expand "New PR" form ([#&#8203;33971](https://github.com/go-gitea/gitea/issues/33971))
        -   Mark parent directory as viewed when all files are viewed ([#&#8203;33958](https://github.com/go-gitea/gitea/issues/33958))
        -   Show info about maintainers are allowed to edit a PR ([#&#8203;33738](https://github.com/go-gitea/gitea/issues/33738))
        -   Automerge supports deleting branch automatically after merging ([#&#8203;32343](https://github.com/go-gitea/gitea/issues/32343))
        -   Add additional command hints for PowerShell & CMD ([#&#8203;33548](https://github.com/go-gitea/gitea/issues/33548))

    -   Issues
        -   Allow filtering issues by any assignee ([#&#8203;33343](https://github.com/go-gitea/gitea/issues/33343))
        -   Show warning on navigation if currently editing comment or title ([#&#8203;32920](https://github.com/go-gitea/gitea/issues/32920))
        -   Make tracked time representation display as hours ([#&#8203;33315](https://github.com/go-gitea/gitea/issues/33315))
        -   Add No Results Prompt Message on Issue List Page ([#&#8203;33699](https://github.com/go-gitea/gitea/issues/33699))
        -   Add sort option recentclose for issues and pulls ([#&#8203;34525](https://github.com/go-gitea/gitea/issues/34525)) [#&#8203;34539](https://github.com/go-gitea/gitea/issues/34539)

    -   Packages
        -   Link to nuget dependencies ([#&#8203;26554](https://github.com/go-gitea/gitea/issues/26554))
        -   Add composor source field ([#&#8203;33502](https://github.com/go-gitea/gitea/issues/33502))

    -   Administration
        -   Improve navbar: add "admin" tip, add "active" style ([#&#8203;32927](https://github.com/go-gitea/gitea/issues/32927))
        -   Add a option "--user-type bot" to admin user create, improve role display ([#&#8203;27885](https://github.com/go-gitea/gitea/issues/27885))
        -   Improve admin user view page ([#&#8203;33735](https://github.com/go-gitea/gitea/issues/33735))
        -   Support performance trace ([#&#8203;32973](https://github.com/go-gitea/gitea/issues/32973))
        -   Change pprof labels to be prometheus compatible ([#&#8203;32865](https://github.com/go-gitea/gitea/issues/32865))
        -   Allow admins and org owners to change org member public status ([#&#8203;28294](https://github.com/go-gitea/gitea/issues/28294))
        -   Optimize the installation page ([#&#8203;32994](https://github.com/go-gitea/gitea/issues/32994))
        -   Make public URL generation configurable ([#&#8203;34250](https://github.com/go-gitea/gitea/issues/34250))
        -   Add a --fullname arg to gitea admin user create. ([#&#8203;34241](https://github.com/go-gitea/gitea/issues/34241))

    -   Others
        -   Improve oauth2 error handling ([#&#8203;33969](https://github.com/go-gitea/gitea/issues/33969))
        -   Fail mirroring more gracefully ([#&#8203;34002](https://github.com/go-gitea/gitea/issues/34002))
        -   Align User Details Page Header Layout with Design Specifications ([#&#8203;34192](https://github.com/go-gitea/gitea/issues/34192))
        -   Webhook add X-Gitea-Hook-Installation-Target-Type Header ([#&#8203;33752](https://github.com/go-gitea/gitea/issues/33752))
        -   Optimize the dashboard ([#&#8203;32990](https://github.com/go-gitea/gitea/issues/32990))
        -   Improve button layout on small screens ([#&#8203;33633](https://github.com/go-gitea/gitea/issues/33633))
        -   Add cropping support when modifying the user/org/repo avatar ([#&#8203;33498](https://github.com/go-gitea/gitea/issues/33498))
        -   Make ROOT_URL support using request Host header ([#&#8203;32564](https://github.com/go-gitea/gitea/issues/32564))
        -   Add `show more` organizations icon in user's profile ([#&#8203;32986](https://github.com/go-gitea/gitea/issues/32986))
        -   Introduce `--page-space-bottom` at 64px ([#&#8203;30692](https://github.com/go-gitea/gitea/issues/30692))
        -   Improve theme display ([#&#8203;30671](https://github.com/go-gitea/gitea/issues/30671))
        -   Add alphabetical project sorting ([#&#8203;33504](https://github.com/go-gitea/gitea/issues/33504))
        -   Add global lock for migrations to make upgrade more safe with multiple replications ([#&#8203;33706](https://github.com/go-gitea/gitea/issues/33706))
        -   Add descriptions for private repo public access settings and improve the UI ([#&#8203;34057](https://github.com/go-gitea/gitea/issues/34057))

-   API
    -   Actions Runner rest api ([#&#8203;33873](https://github.com/go-gitea/gitea/issues/33873))
    -   Inclusion of rename organization api ([#&#8203;33303](https://github.com/go-gitea/gitea/issues/33303))
    -   Add API to support link package to repository and unlink it ([#&#8203;33481](https://github.com/go-gitea/gitea/issues/33481))
    -   Add API endpoint to request contents of multiple files simultaniously ([#&#8203;34139](https://github.com/go-gitea/gitea/issues/34139))
    -   Actions artifacts API list/download check status upload confirmed ([#&#8203;34273](https://github.com/go-gitea/gitea/issues/34273))
    -   Add API routes to lock and unlock issues ([#&#8203;34165](https://github.com/go-gitea/gitea/issues/34165))
    -   Fix some user name usages ([#&#8203;33689](https://github.com/go-gitea/gitea/issues/33689))
    -   Allow filtering /repos/{owner}/{repo}/pulls by target base branch queryparam ([#&#8203;33684](https://github.com/go-gitea/gitea/issues/33684))
    -   Improve swagger generation ([#&#8203;33664](https://github.com/go-gitea/gitea/issues/33664))
    -   Support Ephemeral action runners ([#&#8203;33570](https://github.com/go-gitea/gitea/issues/33570))
    -   Support workflow event dispatch via API ([#&#8203;33545](https://github.com/go-gitea/gitea/issues/33545))
    -   Support workflow event dispatch via API ([#&#8203;32059](https://github.com/go-gitea/gitea/issues/32059))
    -   Added Description Field for Secrets and Variables  ([#&#8203;33526](https://github.com/go-gitea/gitea/issues/33526))
    -   Reject star-related requests if stars are disabled ([#&#8203;33208](https://github.com/go-gitea/gitea/issues/33208))
    -   Let API create and edit system webhooks, attempt 2 ([#&#8203;33180](https://github.com/go-gitea/gitea/issues/33180))
    -   Use `Project-URL` metadata field to get a PyPI package's homepage URL ([#&#8203;33089](https://github.com/go-gitea/gitea/issues/33089))
    -   Add `last_committer_date` and `last_author_date` for file contents API ([#&#8203;32921](https://github.com/go-gitea/gitea/issues/32921))

-   REFACTORS
    -   Remove context from git struct ([#&#8203;33793](https://github.com/go-gitea/gitea/issues/33793))
    -   Refactor admin/common.ts ([#&#8203;33788](https://github.com/go-gitea/gitea/issues/33788))
    -   Refactor repo-settings.ts ([#&#8203;33785](https://github.com/go-gitea/gitea/issues/33785))
    -   Refactor repo-issue.ts ([#&#8203;33784](https://github.com/go-gitea/gitea/issues/33784))
    -   Small refactor to reduce unnecessary database queries and remove duplicated functions ([#&#8203;33779](https://github.com/go-gitea/gitea/issues/33779))
    -   Refactor initRepoBranchTagSelector to use new init framework ([#&#8203;33776](https://github.com/go-gitea/gitea/issues/33776))
    -   Refactor buttons to use new init framework ([#&#8203;33774](https://github.com/go-gitea/gitea/issues/33774))
    -   Refactor markup and pdf-viewer to use new init framework ([#&#8203;33772](https://github.com/go-gitea/gitea/issues/33772))
    -   Refactor error system ([#&#8203;33771](https://github.com/go-gitea/gitea/issues/33771))
    -   Refactor mail code ([#&#8203;33768](https://github.com/go-gitea/gitea/issues/33768))
    -   Update TypeScript types ([#&#8203;33799](https://github.com/go-gitea/gitea/issues/33799))
    -   Refactor older tests to use testify ([#&#8203;33140](https://github.com/go-gitea/gitea/issues/33140))
    -   Move notifywatch to service layer ([#&#8203;33825](https://github.com/go-gitea/gitea/issues/33825))
    -   Decouple context from repository related structs ([#&#8203;33823](https://github.com/go-gitea/gitea/issues/33823))
    -   Remove context from mail struct ([#&#8203;33811](https://github.com/go-gitea/gitea/issues/33811))
    -   Refactor dropdown ellipsis ([#&#8203;34123](https://github.com/go-gitea/gitea/issues/34123))
    -   Refactor functions to reduce repopath expose ([#&#8203;33892](https://github.com/go-gitea/gitea/issues/33892))
    -   Refactor repo-diff.ts ([#&#8203;33746](https://github.com/go-gitea/gitea/issues/33746))
    -   Refactor web route handler ([#&#8203;33488](https://github.com/go-gitea/gitea/issues/33488))
    -   Refactor user & avatar ([#&#8203;33433](https://github.com/go-gitea/gitea/issues/33433))
    -   Refactor user package ([#&#8203;33423](https://github.com/go-gitea/gitea/issues/33423))
    -   Refactor decouple context from migration structs ([#&#8203;33399](https://github.com/go-gitea/gitea/issues/33399))
    -   Refactor context flash msg and global variables ([#&#8203;33375](https://github.com/go-gitea/gitea/issues/33375))
    -   Refactor response writer & access logger ([#&#8203;33323](https://github.com/go-gitea/gitea/issues/33323))
    -   Refactor ref type ([#&#8203;33242](https://github.com/go-gitea/gitea/issues/33242))
    -   Refactor context repository ([#&#8203;33202](https://github.com/go-gitea/gitea/issues/33202))
    -   Refactor legacy JS ([#&#8203;33115](https://github.com/go-gitea/gitea/issues/33115))
    -   Refactor legacy line-number and scroll code ([#&#8203;33094](https://github.com/go-gitea/gitea/issues/33094))
    -   Refactor env var related code ([#&#8203;33075](https://github.com/go-gitea/gitea/issues/33075))
    -   Move SetMerged to service layer ([#&#8203;33045](https://github.com/go-gitea/gitea/issues/33045))
    -   Merge updatecommentattachment functions ([#&#8203;33044](https://github.com/go-gitea/gitea/issues/33044))
    -   Refactor pull-request compare\&create page ([#&#8203;33071](https://github.com/go-gitea/gitea/issues/33071))
    -   Refactor repo-new.ts ([#&#8203;33070](https://github.com/go-gitea/gitea/issues/33070))
    -   Refactor pagination ([#&#8203;33037](https://github.com/go-gitea/gitea/issues/33037))
    -   Refactor tests ([#&#8203;33021](https://github.com/go-gitea/gitea/issues/33021))
    -   Refactor markup render to fix various path problems ([#&#8203;34114](https://github.com/go-gitea/gitea/issues/34114))
    -   Refactor Branch struct in package modules/git ([#&#8203;33980](https://github.com/go-gitea/gitea/issues/33980))
    -   Don't create duplicated functions for code repositories and wiki repositories ([#&#8203;33924](https://github.com/go-gitea/gitea/issues/33924))
    -   Move git references checking to gitrepo packages to reduce expose of repository path ([#&#8203;33891](https://github.com/go-gitea/gitea/issues/33891))
    -   Refactor cache-control ([#&#8203;33861](https://github.com/go-gitea/gitea/issues/33861))
    -   Decouple diff stats query from actual diffing ([#&#8203;33810](https://github.com/go-gitea/gitea/issues/33810))
    -   Move part of updating protected branch logic to service layer ([#&#8203;33742](https://github.com/go-gitea/gitea/issues/33742))
    -   Decouple Batch from git.Repository to simplify usage without requiring the creation of a Repository struct. ([#&#8203;34001](https://github.com/go-gitea/gitea/issues/34001))
    -   Refactor tmpl and blob_excerpt ([#&#8203;32967](https://github.com/go-gitea/gitea/issues/32967))
    -   Refactor template & test related code ([#&#8203;32938](https://github.com/go-gitea/gitea/issues/32938))
    -   Refactor db package and remove unnecessary `DumpTables` ([#&#8203;32930](https://github.com/go-gitea/gitea/issues/32930))
    -   Refactor pprof labels and process desc ([#&#8203;32909](https://github.com/go-gitea/gitea/issues/32909))
    -   Refactor repo-projects.ts ([#&#8203;32892](https://github.com/go-gitea/gitea/issues/32892))
    -   Refactor getpatch/getdiff functions and remove unnecessary fallback ([#&#8203;32817](https://github.com/go-gitea/gitea/issues/32817))
    -   Uniform all temporary directories and allow customizing temp path ([#&#8203;32352](https://github.com/go-gitea/gitea/issues/32352))
    -   Remove context from retry downloader ([#&#8203;33871](https://github.com/go-gitea/gitea/issues/33871))
    -   Refactor global init code and add more comments ([#&#8203;33755](https://github.com/go-gitea/gitea/issues/33755))
    -   Remove some unnecessary template helpers ([#&#8203;33069](https://github.com/go-gitea/gitea/issues/33069))
    -   Move and rename UpdateRepository ([#&#8203;34136](https://github.com/go-gitea/gitea/issues/34136))
    -   Move hooks function to gitrepo and reduce expose repopath ([#&#8203;33890](https://github.com/go-gitea/gitea/issues/33890))
    -   Add abstraction layer to delete repository from disk ([#&#8203;33879](https://github.com/go-gitea/gitea/issues/33879))
    -   Add abstraction layer to check if the repository exists on disk ([#&#8203;33874](https://github.com/go-gitea/gitea/issues/33874))
    -   Move ParseCommitWithSSHSignature to service layer ([#&#8203;34087](https://github.com/go-gitea/gitea/issues/34087))
    -   Move duplicated functions ([#&#8203;33977](https://github.com/go-gitea/gitea/issues/33977))
    -   Extract code to their own functions for push update ([#&#8203;33944](https://github.com/go-gitea/gitea/issues/33944))
    -   Move gitgraph from modules to services layer ([#&#8203;33527](https://github.com/go-gitea/gitea/issues/33527))
    -   Move commits signature and verify functions to service layers ([#&#8203;33605](https://github.com/go-gitea/gitea/issues/33605))
    -   Use `CloseIssue` and `ReopenIssue` instead of `ChangeStatus` ([#&#8203;32467](https://github.com/go-gitea/gitea/issues/32467))
    -   Refactor arch route handlers ([#&#8203;32993](https://github.com/go-gitea/gitea/issues/32993))
    -   Refactor "string truncate" ([#&#8203;32984](https://github.com/go-gitea/gitea/issues/32984))
    -   Refactor arch route handlers ([#&#8203;32972](https://github.com/go-gitea/gitea/issues/32972))
    -   Clarify path param naming ([#&#8203;32969](https://github.com/go-gitea/gitea/issues/32969))
    -   Refactor request context ([#&#8203;32956](https://github.com/go-gitea/gitea/issues/32956))
    -   Move some errors to their own sub packages ([#&#8203;32880](https://github.com/go-gitea/gitea/issues/32880))
    -   Move RepoTransfer from models to models/repo sub package ([#&#8203;32506](https://github.com/go-gitea/gitea/issues/32506))
    -   Move delete deploy keys into service layer ([#&#8203;32201](https://github.com/go-gitea/gitea/issues/32201))
    -   Refactor webhook events ([#&#8203;33337](https://github.com/go-gitea/gitea/issues/33337))
    -   Move some Actions related functions from `routers` to `services` ([#&#8203;33280](https://github.com/go-gitea/gitea/issues/33280))
    -   Refactor RefName ([#&#8203;33234](https://github.com/go-gitea/gitea/issues/33234))
    -   Refactor context RefName and RepoAssignment ([#&#8203;33226](https://github.com/go-gitea/gitea/issues/33226))
    -   Refactor repository transfer ([#&#8203;33211](https://github.com/go-gitea/gitea/issues/33211))
    -   Refactor error system ([#&#8203;33626](https://github.com/go-gitea/gitea/issues/33626))
    -   Refactor error system ([#&#8203;33610](https://github.com/go-gitea/gitea/issues/33610))
    -   Refactor package (routes and error handling, npm peer dependency) ([#&#8203;33111](https://github.com/go-gitea/gitea/issues/33111))
    -   Use test context in tests and new loop system in benchmarks ([#&#8203;33648](https://github.com/go-gitea/gitea/issues/33648))
    -   Some small refactors ([#&#8203;33144](https://github.com/go-gitea/gitea/issues/33144))
    -   Simplify context ref name ([#&#8203;33267](https://github.com/go-gitea/gitea/issues/33267))

-   BUGFIXES
    -   Fix some dropdown problems on the issue sidebar ([#&#8203;34308](https://github.com/go-gitea/gitea/issues/34308)) [#&#8203;34327](https://github.com/go-gitea/gitea/issues/34327)
    -   Do not return archive download URLs in API if downloads are disabled ([#&#8203;34324](https://github.com/go-gitea/gitea/issues/34324)) [#&#8203;34338](https://github.com/go-gitea/gitea/issues/34338)
    -   Fix LFS files being editable in web UI ([#&#8203;34356](https://github.com/go-gitea/gitea/issues/34356)) [#&#8203;34362](https://github.com/go-gitea/gitea/issues/34362)
    -   Fix only text/\* being viewable in web UI ([#&#8203;34374](https://github.com/go-gitea/gitea/issues/34374)) [#&#8203;34378](https://github.com/go-gitea/gitea/issues/34378)
    -   Fix LFS file not stored in LFS when uploaded/edited via API or web UI ([#&#8203;34367](https://github.com/go-gitea/gitea/issues/34367))
    -   Grey out expired artifact on Artifacts list ([#&#8203;34314](https://github.com/go-gitea/gitea/issues/34314)) [#&#8203;34404](https://github.com/go-gitea/gitea/issues/34404)
    -   Fix incorrect divergence cache after switching default branch ([#&#8203;34370](https://github.com/go-gitea/gitea/issues/34370)) [#&#8203;34406](https://github.com/go-gitea/gitea/issues/34406)
    -   Refactor commit message rendering and fix bugs ([#&#8203;34412](https://github.com/go-gitea/gitea/issues/34412)) [#&#8203;34414](https://github.com/go-gitea/gitea/issues/34414)
    -   Merge and tweak markup editor expander CSS ([#&#8203;34409](https://github.com/go-gitea/gitea/issues/34409)) [#&#8203;34415](https://github.com/go-gitea/gitea/issues/34415)
    -   Fix GetUsersByEmails ([#&#8203;34423](https://github.com/go-gitea/gitea/issues/34423)) [#&#8203;34425](https://github.com/go-gitea/gitea/issues/34425)
    -   Only git operations should update last changed of a repository ([#&#8203;34388](https://github.com/go-gitea/gitea/issues/34388)) [#&#8203;34427](https://github.com/go-gitea/gitea/issues/34427)
    -   Fix comment textarea scroll issue in Firefox ([#&#8203;34438](https://github.com/go-gitea/gitea/issues/34438)) [#&#8203;34446](https://github.com/go-gitea/gitea/issues/34446)
    -   Fix repo broken check ([#&#8203;34444](https://github.com/go-gitea/gitea/issues/34444)) [#&#8203;34452](https://github.com/go-gitea/gitea/issues/34452)
    -   Fix remove org user failure on mssql ([#&#8203;34449](https://github.com/go-gitea/gitea/issues/34449)) [#&#8203;34453](https://github.com/go-gitea/gitea/issues/34453)
    -   Fix Workflow run Not Found page ([#&#8203;34459](https://github.com/go-gitea/gitea/issues/34459)) [#&#8203;34466](https://github.com/go-gitea/gitea/issues/34466)
    -   When updating comment, if the content is the same, just return and not update the database ([#&#8203;34422](https://github.com/go-gitea/gitea/issues/34422)) [#&#8203;34464](https://github.com/go-gitea/gitea/issues/34464)
    -   Fix project board view ([#&#8203;34470](https://github.com/go-gitea/gitea/issues/34470)) [#&#8203;34475](https://github.com/go-gitea/gitea/issues/34475)
    -   Fix get / delete runner to use consistent http 404 and 500 status ([#&#8203;34480](https://github.com/go-gitea/gitea/issues/34480)) [#&#8203;34488](https://github.com/go-gitea/gitea/issues/34488)
    -   Fix url validation in webhook add/edit API ([#&#8203;34492](https://github.com/go-gitea/gitea/issues/34492)) [#&#8203;34496](https://github.com/go-gitea/gitea/issues/34496)
    -   Fix edithook api can not update package, status and workflow_job events ([#&#8203;34495](https://github.com/go-gitea/gitea/issues/34495)) [#&#8203;34499](https://github.com/go-gitea/gitea/issues/34499)
    -   Fix ephemeral runner deletion ([#&#8203;34447](https://github.com/go-gitea/gitea/issues/34447)) [#&#8203;34513](https://github.com/go-gitea/gitea/issues/34513)
    -   Don't display error log when .git-blame-ignore-revs doesn't exist ([#&#8203;34457](https://github.com/go-gitea/gitea/issues/34457))
    -   Only allow admins to rename default/protected branches ([#&#8203;33276](https://github.com/go-gitea/gitea/issues/33276))
    -   Improve "lock conversation" UI ([#&#8203;34207](https://github.com/go-gitea/gitea/issues/34207))
    -   Fix incorrect file links ([#&#8203;34189](https://github.com/go-gitea/gitea/issues/34189))
    -   Optimize Overflow Menu ([#&#8203;34183](https://github.com/go-gitea/gitea/issues/34183))
    -   Check user/org repo limit instead of doer ([#&#8203;34147](https://github.com/go-gitea/gitea/issues/34147))
    -   Make markdown render match GitHub's behavior ([#&#8203;34129](https://github.com/go-gitea/gitea/issues/34129))
    -   Fix team permission ([#&#8203;34128](https://github.com/go-gitea/gitea/issues/34128))
    -   Correctly handle submodule view and avoid throwing 500 error ([#&#8203;34121](https://github.com/go-gitea/gitea/issues/34121))
    -   Fix users being able bypass limits with repo transfers ([#&#8203;34031](https://github.com/go-gitea/gitea/issues/34031))
    -   Avoid creating unnecessary temporary cat file sub process ([#&#8203;33942](https://github.com/go-gitea/gitea/issues/33942))
    -   Refactor organization menu ([#&#8203;33928](https://github.com/go-gitea/gitea/issues/33928))
    -   Fix various Fomantic UI and htmx problems ([#&#8203;33851](https://github.com/go-gitea/gitea/issues/33851))
    -   Fix 500 error when error occurred in migration page ([#&#8203;33256](https://github.com/go-gitea/gitea/issues/33256))
    -   Validate that the tag doesn't exist when creating a tag via the web ([#&#8203;33241](https://github.com/go-gitea/gitea/issues/33241))
    -   Add missed transaction on setmerged ([#&#8203;33079](https://github.com/go-gitea/gitea/issues/33079))
    -   Rework create/fork/adopt/generate repository to make sure resources will be cleanup once failed ([#&#8203;31035](https://github.com/go-gitea/gitea/issues/31035))
    -   Valid email address should only start with alphanumeric ([#&#8203;28174](https://github.com/go-gitea/gitea/issues/28174))
    -   Fix webhook url ([#&#8203;34186](https://github.com/go-gitea/gitea/issues/34186))
    -   Fix "toAbsoluteLocaleDate" test when system locale is not en-US ([#&#8203;33939](https://github.com/go-gitea/gitea/issues/33939))
    -   Fix file name could not be searched if the file was not a text file when using the Bleve indexer ([#&#8203;33959](https://github.com/go-gitea/gitea/issues/33959))
    -   Fix cannot delete runners via the modal dialog ([#&#8203;33895](https://github.com/go-gitea/gitea/issues/33895))
    -   Fix unpin hint on the pinned pull requests ([#&#8203;33207](https://github.com/go-gitea/gitea/issues/33207))
    -   Fix parentCommit invalid memory address or nil pointer dereference. ([#&#8203;33204](https://github.com/go-gitea/gitea/issues/33204))
    -   Fix comment header padding ([#&#8203;33377](https://github.com/go-gitea/gitea/issues/33377))
    -   Fix some migration and repo name problems ([#&#8203;33986](https://github.com/go-gitea/gitea/issues/33986))
    -   Fix various trivial frontend problems ([#&#8203;34263](https://github.com/go-gitea/gitea/issues/34263))
    -   Fix Set Email Preference dropdown and button placement ([#&#8203;34255](https://github.com/go-gitea/gitea/issues/34255))
    -   Fix quoted replies incorrectly render user input as part of the quote ([#&#8203;34216](https://github.com/go-gitea/gitea/issues/34216))
    -   Fix button alignments and remove unnecessary styles ([#&#8203;34206](https://github.com/go-gitea/gitea/issues/34206))
    -   Restore form inputs on organization create error ([#&#8203;34201](https://github.com/go-gitea/gitea/issues/34201))
    -   Try to fix ACME (3rd) ([#&#8203;33807](https://github.com/go-gitea/gitea/issues/33807))
    -   Fix incorrect ref "blob" ([#&#8203;33240](https://github.com/go-gitea/gitea/issues/33240))
    -   Fix dynamic content loading init problem ([#&#8203;33748](https://github.com/go-gitea/gitea/issues/33748))
    -   Fix git empty check and HEAD request ([#&#8203;33690](https://github.com/go-gitea/gitea/issues/33690))
    -   Fix Untranslated Text on Actions Page ([#&#8203;33635](https://github.com/go-gitea/gitea/issues/33635))
    -   Fix issue label delete incorrect labels webhook payload ([#&#8203;34575](https://github.com/go-gitea/gitea/issues/34575))
    -   Fix incorrect page navigation with up and down arrow on last item of dashboard repos ([#&#8203;34570](https://github.com/go-gitea/gitea/issues/34570))
    -   Fix/improve avatar sync from LDAP ([#&#8203;34573](https://github.com/go-gitea/gitea/issues/34573))
    -   Fix some trivial problems ([#&#8203;34579](https://github.com/go-gitea/gitea/issues/34579))
    -   Retain issue sort type when a keyword search is introduced ([#&#8203;34559](https://github.com/go-gitea/gitea/issues/34559))
    -   Always use an empty line to separate the commit message and trailer ([#&#8203;34512](https://github.com/go-gitea/gitea/issues/34512))
    -   Fix line-button issue after file selection in file tree ([#&#8203;34574](https://github.com/go-gitea/gitea/issues/34574))
    -   Fix doctor deleting orphaned issues attachments ([#&#8203;34142](https://github.com/go-gitea/gitea/issues/34142))
    -   Add webhook assigning test and fix possible bug ([#&#8203;34420](https://github.com/go-gitea/gitea/issues/34420))
    -   Fix possible nil description of pull request when migrating from CodeCommit ([#&#8203;34541](https://github.com/go-gitea/gitea/issues/34541))
    -   Refactor commit reader ([#&#8203;34542](https://github.com/go-gitea/gitea/issues/34542))
    -   Fix possible pull request broken when leave the page immediately after clicking the update button [#&#8203;34509](https://github.com/go-gitea/gitea/issues/34509)
    -   Ignore "Close" error when uploading container blob ([#&#8203;34620](https://github.com/go-gitea/gitea/issues/34620))
    -   Fix missed merge commit sha and time when migrating from codecommit ([#&#8203;34645](https://github.com/go-gitea/gitea/issues/34645))
    -   Fix GetUsersByEmails ([#&#8203;34643](https://github.com/go-gitea/gitea/issues/34643))
    -   Misc CSS fixes ([#&#8203;34638](https://github.com/go-gitea/gitea/issues/34638))
    -   Add codecommit to supported services in api docs ([#&#8203;34626](https://github.com/go-gitea/gitea/issues/34626))
    -   Validate hex colors when creating/editing labels ([#&#8203;34623](https://github.com/go-gitea/gitea/issues/34623))
    -   Fix possible pull request broken when leave the page immediately after clicking the update button ([#&#8203;34509](https://github.com/go-gitea/gitea/issues/34509))
    -   Fix margin issue in markup paragraph rendering ([#&#8203;34599](https://github.com/go-gitea/gitea/issues/34599))
    -   Fix migration pull request title too long ([#&#8203;34577](https://github.com/go-gitea/gitea/issues/34577))
    -   Fix footnote jump behavior on the issue page. ([#&#8203;34621](https://github.com/go-gitea/gitea/issues/34621))
    -   Fix "oras" OCI client compatibility ([#&#8203;34666](https://github.com/go-gitea/gitea/issues/34666))
    -   Fix last admin check when syncing users ([#&#8203;34649](https://github.com/go-gitea/gitea/issues/34649))
    -   Fix skip paths check on tag push events in workflows ([#&#8203;34602](https://github.com/go-gitea/gitea/issues/34602)) [#&#8203;34670](https://github.com/go-gitea/gitea/issues/34670)

-   MISC

    -   Bump to alpine 3.22 ([#&#8203;34613](https://github.com/go-gitea/gitea/issues/34613))
    -   Make pull request and issue history more compact ([#&#8203;34588](https://github.com/go-gitea/gitea/issues/34588))
    -   Run integration tests against postgres 14 ([#&#8203;34514](https://github.com/go-gitea/gitea/issues/34514)) [#&#8203;34536](https://github.com/go-gitea/gitea/issues/34536)
    -   Enable addtional linters ([#&#8203;34085](https://github.com/go-gitea/gitea/issues/34085))
    -   Enable testifylint rules ([#&#8203;34075](https://github.com/go-gitea/gitea/issues/34075))
    -   Enable staticcheck QFxxxx rules ([#&#8203;34064](https://github.com/go-gitea/gitea/issues/34064))
    -   Improve Actions test ([#&#8203;32883](https://github.com/go-gitea/gitea/issues/32883))
    -   Drop fomantic build ([#&#8203;33845](https://github.com/go-gitea/gitea/issues/33845))
    -   Go1.24 ([#&#8203;33562](https://github.com/go-gitea/gitea/issues/33562))
    -   Run yamllint with strict mode, fix issue ([#&#8203;33551](https://github.com/go-gitea/gitea/issues/33551))
    -   Disable cron task to update license ([#&#8203;33486](https://github.com/go-gitea/gitea/issues/33486))
    -   Optimize makefile help information generation ([#&#8203;33390](https://github.com/go-gitea/gitea/issues/33390))
    -   Convert github.com/xanzy/go-gitlab into gitlab.com/gitlab-org/api/client-go ([#&#8203;33126](https://github.com/go-gitea/gitea/issues/33126))
    -   Add missed changelogs ([#&#8203;33649](https://github.com/go-gitea/gitea/issues/33649))
    -   Update .changelog file to add performance label group ([#&#8203;33472](https://github.com/go-gitea/gitea/issues/33472))
    -   Add missing POPULATE_SQUASH_COMMENT_WITH_COMMIT_MESSAGES in app.example.ini ([#&#8203;33363](https://github.com/go-gitea/gitea/issues/33363))
    -   Update README screenshots ([#&#8203;33347](https://github.com/go-gitea/gitea/issues/33347))
    -   Update unrs-resolver ([#&#8203;34279](https://github.com/go-gitea/gitea/issues/34279))
    -   Update go\&js dependencies ([#&#8203;34262](https://github.com/go-gitea/gitea/issues/34262))
    -   Optimize the calling code of queryElems ([#&#8203;34235](https://github.com/go-gitea/gitea/issues/34235))
    -   Update protected_branch.tmpl ([#&#8203;34193](https://github.com/go-gitea/gitea/issues/34193))
    -   Feat/optimize span svg layout ([#&#8203;34185](https://github.com/go-gitea/gitea/issues/34185))
    -   Set MERMAID_MAX_SOURCE_CHARACTERS to 50000 ([#&#8203;34152](https://github.com/go-gitea/gitea/issues/34152))
    -   Update JS and PY deps ([#&#8203;34143](https://github.com/go-gitea/gitea/issues/34143))
    -   Add Chinese translations for README files ([#&#8203;34132](https://github.com/go-gitea/gitea/issues/34132))
    -   Use `overflow-wrap: anywhere` to replace `word-break: break-all` ([#&#8203;34126](https://github.com/go-gitea/gitea/issues/34126))
    -   Clarify ownership in password change error messages ([#&#8203;34092](https://github.com/go-gitea/gitea/issues/34092))
    -   Add toggleClass function in dom.ts ([#&#8203;34063](https://github.com/go-gitea/gitea/issues/34063))
    -   Update to golangci-lint v2 ([#&#8203;34054](https://github.com/go-gitea/gitea/issues/34054))
    -   Update Makefile test comments ([#&#8203;34013](https://github.com/go-gitea/gitea/issues/34013))
    -   Update go mod dependencies ([#&#8203;33988](https://github.com/go-gitea/gitea/issues/33988))
    -   Use filepath.Join instead of path.Join for file system file operations ([#&#8203;33978](https://github.com/go-gitea/gitea/issues/33978))
    -   Prepare common tmpl functions in a middleware ([#&#8203;33957](https://github.com/go-gitea/gitea/issues/33957))
    -   Remove unused or abused styles ([#&#8203;33918](https://github.com/go-gitea/gitea/issues/33918))
    -   Update JS and PY deps, misc tweaks ([#&#8203;33903](https://github.com/go-gitea/gitea/issues/33903))
    -   Try to figure out attribute checker problem ([#&#8203;33901](https://github.com/go-gitea/gitea/issues/33901))
    -   Add lock for a repository pull mirror ([#&#8203;33876](https://github.com/go-gitea/gitea/issues/33876))
    -   Fine tune push mirror UI ([#&#8203;33866](https://github.com/go-gitea/gitea/issues/33866))
    -   Improve issue & code search ([#&#8203;33860](https://github.com/go-gitea/gitea/issues/33860))
    -   Use pullrequestlist instead of \[]\*pullrequest ([#&#8203;33765](https://github.com/go-gitea/gitea/issues/33765))
    -   Upgrade act to 0.261.4 and actions-proto-go to v0.4.1 ([#&#8203;33760](https://github.com/go-gitea/gitea/issues/33760))
    -   Align sidebar gears to the right ([#&#8203;33721](https://github.com/go-gitea/gitea/issues/33721))
    -   Update Go dependencies (skip blevesearch, meilisearch) ([#&#8203;33655](https://github.com/go-gitea/gitea/issues/33655))
    -   Add migrations and doctor fixes ([#&#8203;33556](https://github.com/go-gitea/gitea/issues/33556))
    -   Remove "class-name" from svg icon ([#&#8203;33540](https://github.com/go-gitea/gitea/issues/33540))
    -   Update MAINTAINERS ([#&#8203;33529](https://github.com/go-gitea/gitea/issues/33529))
    -   Add "No data available" display when list is empty ([#&#8203;33517](https://github.com/go-gitea/gitea/issues/33517))
    -   Use `git diff-tree` for `DiffFileTree` on diff pages ([#&#8203;33514](https://github.com/go-gitea/gitea/issues/33514))
    -   Give organisation members access to organisation feeds ([#&#8203;33508](https://github.com/go-gitea/gitea/issues/33508))
    -   Update feishu icon ([#&#8203;33470](https://github.com/go-gitea/gitea/issues/33470))
    -   Hide/disable unusable UI elements when a repository is archived ([#&#8203;33459](https://github.com/go-gitea/gitea/issues/33459))
    -   Update `@github/text-expander-element` to 2.9.0 ([#&#8203;33435](https://github.com/go-gitea/gitea/issues/33435))
    -   Do not access GitRepo when a repo is being created ([#&#8203;33380](https://github.com/go-gitea/gitea/issues/33380))
    -   Fix incorrect ref usages ([#&#8203;33301](https://github.com/go-gitea/gitea/issues/33301))
    -   Prepare for support performance trace ([#&#8203;33286](https://github.com/go-gitea/gitea/issues/33286))
    -   Enable Typescript `noImplicitThis` ([#&#8203;33250](https://github.com/go-gitea/gitea/issues/33250))
    -   Remove unused CSS styles and move some styles to proper files ([#&#8203;33217](https://github.com/go-gitea/gitea/issues/33217))
    -   Add .run to gitignore ([#&#8203;33175](https://github.com/go-gitea/gitea/issues/33175))
    -   Fix typo in gitea downloader test and add missing codebase in `ToGitServiceType` ([#&#8203;33146](https://github.com/go-gitea/gitea/issues/33146))
    -   Remove extended glob pattern from branch protection UI ([#&#8203;33125](https://github.com/go-gitea/gitea/issues/33125))
    -   Clean up legacy form CSS styles ([#&#8203;33081](https://github.com/go-gitea/gitea/issues/33081))
    -   Unset XDG_HOME_CONFIG as gitea manages configuration locations ([#&#8203;33067](https://github.com/go-gitea/gitea/issues/33067))
    -   Add IntelliJ Gateway's .uuid to gitignore ([#&#8203;33052](https://github.com/go-gitea/gitea/issues/33052))
    -   User facing messages for AGit errors ([#&#8203;33012](https://github.com/go-gitea/gitea/issues/33012))
    -   Always show assignees on right ([#&#8203;33006](https://github.com/go-gitea/gitea/issues/33006))
    -   Fix eslint ([#&#8203;33002](https://github.com/go-gitea/gitea/issues/33002))
    -   Update JS dependencies ([#&#8203;32914](https://github.com/go-gitea/gitea/issues/32914))
    -   Bump x/net ([#&#8203;32896](https://github.com/go-gitea/gitea/issues/32896)) ([#&#8203;32900](https://github.com/go-gitea/gitea/issues/32900))
    -   Only activity tab needs heatmap data loading ([#&#8203;34652](https://github.com/go-gitea/gitea/issues/34652))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC41NC4xIiwidXBkYXRlZEluVmVyIjoiNDAuNTQuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsia2luZC9kZXBlbmRlbmN5Il19-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/886
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-15 12:40:44 +00:00
Renovate Bot
0d532363eb chore(deps): update subcharts (minor & patch) (#879)
All checks were successful
changelog / changelog (push) Successful in 20s
check-and-test / check-and-test (push) Successful in 1m47s
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-26 00:09:45 +00:00
Renovate Bot
8f0f44a864 chore(deps): update unittests/bash/bats digest to 5ec2d81 (#878)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-25 00:22:08 +00:00
Renovate Bot
cf86118976 chore(deps): update subcharts (minor & patch) (#874)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-19 00:20:49 +00:00
pat-s
7f96084a30 ci: fully re-enable release-workflow 2025-05-16 17:10:37 +02:00
pat-s
5292684a4a ci: fix release workflow
Some checks failed
generate-chart / release-gitea (push) Has been cancelled
2025-05-16 17:07:16 +02:00
pat-s
edc42f69a9 fix: ingress unittests 2025-05-16 15:40:13 +02:00
pat-s
9c607f8a4b docs: refine v12 update notes 2025-05-16 15:28:47 +02:00
pat-s
6d89d0a1b7 fix: remove ingressClassName (not in use yet) 2025-05-16 15:28:20 +02:00
pat-s
8f35f45e31 chore: execute releases via git-sv (#865)
Following the creation of the changelog via `git-sv`, the release process can also be simplified.

The new approach only requires to call `git sv tag` from a Maintainer with write access to the repo.
This will create and push the tag.
The release notes and subsequent Gitea release will then be created by the new workflow job.

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/865
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-05-16 13:11:07 +00:00
pat-s
a94eec4238 refactor: migrate ingress definition out of beta (#679)
### Description of the change

Redesigned ingress configuration to align better with implicit best practices.

### Benefits

- Smarter defaults
- More tests
- Remove [deprecated API Versions](extensions/v1beta1) (e.g. `extensions/v1beta1`) and always use `networking.k8s.io/v1`

### Possible drawbacks

Hopefully 🙃 none

### Applicable issues

fix #674

### Additional information

- Define `ingress.annotations` via helpers
- Move tests from `tests/deployment` to `tests/ingress`
- Use own tests file for ingress tpl tests
- Ensure defaults of `path` and `pathType` are always rendered
- Set top-level default value for `ingress. pathType`
- Change default of `ingress.hosts[0].paths` to `[]` to ensure proper rendering via template

### ⚠ BREAKING

I think all of these changes should be backward comp with existing ingress definitions, but surely worth highlighting in the changelog of the release.

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Breaking changes are documented in the `README.md`
- [x] Templating unittests are added

Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/679
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-05-16 13:08:27 +00:00
Renovate Bot
87272a1244 chore(deps): update dependency go-gitea/gitea to v1.23.8 (#867)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-13 00:15:59 +00:00
Renovate Bot
ed06694adf chore(deps): update dependency helm-unittest/helm-unittest to v0.8.2 (#866)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-11 00:15:46 +00:00
Renovate Bot
443a6d0cd7 chore(deps): update postgresql-ha docker tag to v16 (#864)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `15.3.17` -> `16.0.3` |

---

### Release Notes

<details>
<summary>bitnami/charts (postgresql-ha)</summary>

### [`v16.0.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#1603-2025-05-09)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;33599](https://github.com/bitnami/charts/pull/33599))

### [`v16.0.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1602-2025-05-08-small)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;33576](https://github.com/bitnami/charts/issues/33576)) ([42b31bd](42b31bd7a2)), closes [#&#8203;33576](https://github.com/bitnami/charts/issues/33576)

### [`v16.0.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#1600-2025-05-08)

-   \[bitnami/postgresql-ha] feat: Customizable Stream Replication Check credentials ([#&#8203;33552](https://github.com/bitnami/charts/issues/33552)) ([cff2e93](cff2e93f9d)), closes [#&#8203;33552](https://github.com/bitnami/charts/issues/33552)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC44LjEiLCJ1cGRhdGVkSW5WZXIiOiI0MC4xMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJraW5kL2RlcGVuZGVuY3kiXX0=-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/864
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-10 13:56:46 +00:00
Renovate Bot
8854e62572 chore(deps): update workflow dependencies (minor & patch) (#862)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) |  | patch | `3.17.2` -> `3.17.3` |
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) | container | patch | `3.17.2` -> `3.17.3` |
| [commitlint/commitlint](https://github.com/conventional-changelog/commitlint) | container | patch | `19.8.0` -> `19.8.1` |
| [docker.io/thegeeklab/git-sv](https://github.com/thegeeklab/git-sv) | container | patch | `2.0.0` -> `2.0.1` |

---

### Release Notes

<details>
<summary>conventional-changelog/commitlint (commitlint/commitlint)</summary>

### [`v19.8.1`](https://github.com/conventional-changelog/commitlint/blob/HEAD/CHANGELOG.md#1981-2025-05-08)

[Compare Source](https://github.com/conventional-changelog/commitlint/compare/v19.8.0...v19.8.1)

##### Bug Fixes

-   update dependency tinyexec to v1 ([#&#8203;4332](https://github.com/conventional-changelog/commitlint/issues/4332)) ([e49449f](e49449fa94))
-   update dependency tinyexec to v1.0.1 ([#&#8203;4347](https://github.com/conventional-changelog/commitlint/issues/4347)) ([c1b26d1](c1b26d1579))

##### Performance Improvements

-   **rules:** optimize header-trim ([#&#8203;4363](https://github.com/conventional-changelog/commitlint/issues/4363)) ([b7e404b](b7e404bc03))

</details>

<details>
<summary>thegeeklab/git-sv (docker.io/thegeeklab/git-sv)</summary>

### [`v2.0.1`](https://github.com/thegeeklab/git-sv/releases/tag/v2.0.1)

[Compare Source](https://github.com/thegeeklab/git-sv/compare/v2.0.0...v2.0.1)

#### v2.0.1 (2025-05-09)

##### Bug Fixes

-   **deps:** update module dario.cat/mergo to v1.0.2 ([#&#8203;195](https://github.com/thegeeklab/git-sv/issues/195)) ([`3cac8ab`](https://github.com/thegeeklab/git-sv/commit/3cac8ab))
-   **deps:** update module github.com/urfave/cli/v3 to v3.3.2 ([#&#8203;194](https://github.com/thegeeklab/git-sv/issues/194)) ([`6278830`](https://github.com/thegeeklab/git-sv/commit/6278830))

##### Others

-   **deps:** update dependency golangci/golangci-lint to v2.1.6 ([#&#8203;193](https://github.com/thegeeklab/git-sv/issues/193)) ([`d63bf99`](https://github.com/thegeeklab/git-sv/commit/d63bf99))

##### CI Pipeline

-   use github token for link check ([`780f384`](https://github.com/thegeeklab/git-sv/commit/780f384))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC44LjEiLCJ1cGRhdGVkSW5WZXIiOiI0MC44LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/862
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-10 13:56:13 +00:00
pat-s
da2d169d65 chore: refine CODEOWNERS to skip request triggers for CI yaml changes 2025-05-10 15:55:55 +02:00
Renovate Bot
ebb4b1ee49 chore(deps): update subcharts (minor & patch) (#863)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-10 03:22:58 +00:00
Renovate Bot
e64afe393e chore(deps): update subcharts (minor & patch) (#853)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-06 00:18:49 +00:00
Sean Teo
6e4e414771 chore(deps)!: Migrate to Valkey from Redis (#775)
<!--
 Before you open the request please review the following guidelines and tips to help it be more easily integrated:

 - Describe the scope of your change - i.e. what the change does.
 - Describe any known limitations with your change.
 - Please run any tests or examples that can exercise your modified code.

 Thank you for contributing! We will try to review, test and integrate the change as soon as we can.
 -->

### Description of the change

Migrates from Redis to Valkey.

### Benefits

The Redis License is changing from BSD-3-Clause to RSALv2 and SSPLv1 which are not open source under the OSI definition. We should consider open-source alternatives as a default replacement for Redis.

### Possible drawbacks

Large scale change, potentially breaking.

### Applicable issues

https://github.com/go-gitea/gitea/issues/32056

### ⚠ BREAKING

Major version change, redis provider changed to valkey.

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Breaking changes are documented in the `README.md`
- [X] Helm templating unittests are added (required when changing anything in `templates` folder)

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/775
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Sean Teo <sawntoe@gmail.com>
Co-committed-by: Sean Teo <sawntoe@gmail.com>
2025-05-05 08:12:41 +00:00
Renovate Bot
037eca0c91 chore(config): migrate renovate config (#861)
The Renovate config in this repository needs migrating. Typically this is because one or more configuration options you are using have been renamed.

  You don't need to merge this PR right away, because Renovate will continue to migrate these fields internally each time it runs. But later some of these fields may be fully deprecated and the migrations removed. So it's a good idea to merge this migration PR soon.

#### [PLEASE NOTE](https://docs.renovatebot.com/configuration-options#configmigration): JSON5 config file migrated! All comments & trailing commas were removed.

🔕 **Ignore**: Close this PR and you won't be reminded about config migration again, but one day your current config may no longer be valid.

 Got questions? Does something look wrong to you? Please don't hesitate to [request help here](https://github.com/renovatebot/renovate/discussions).

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/861
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-05 07:01:15 +00:00
Renovate Bot
d10adfd064 chore(deps): update docker.io/thegeeklab/git-sv docker tag to v2 (#860)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [docker.io/thegeeklab/git-sv](https://github.com/thegeeklab/git-sv) | container | major | `1.0.14` -> `2.0.0` |

---

### Release Notes

<details>
<summary>thegeeklab/git-sv (docker.io/thegeeklab/git-sv)</summary>

### [`v2.0.0`](https://github.com/thegeeklab/git-sv/releases/tag/v2.0.0)

[Compare Source](https://github.com/thegeeklab/git-sv/compare/v1.0.14...v2.0.0)

#### v2.0.0 (2025-04-30)

##### Bug Fixes

-   **deps:** update module github.com/urfave/cli/v3 to v3.3.1 ([#&#8203;190](https://github.com/thegeeklab/git-sv/issues/190)) ([`6c0e0f8`](https://github.com/thegeeklab/git-sv/commit/6c0e0f8))

##### Code Refactoring

-   migrate git commands to go-git ([#&#8203;188](https://github.com/thegeeklab/git-sv/issues/188)) ([`accf3d1`](https://github.com/thegeeklab/git-sv/commit/accf3d1))

##### Others

-   **docker:** update docker.io/library/golang:1.24.2 docker digest to [`30baaea`](https://github.com/thegeeklab/git-sv/commit/30baaea) ([#&#8203;191](https://github.com/thegeeklab/git-sv/issues/191)) ([`9b411e2`](https://github.com/thegeeklab/git-sv/commit/9b411e2))
-   **deps:** update dependency golangci/golangci-lint to v2.1.5 ([#&#8203;189](https://github.com/thegeeklab/git-sv/issues/189)) ([`400bb96`](https://github.com/thegeeklab/git-sv/commit/400bb96))
-   add tests for git exec commands ([#&#8203;187](https://github.com/thegeeklab/git-sv/issues/187)) ([`70615ab`](https://github.com/thegeeklab/git-sv/commit/70615ab))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC4xLjEiLCJ1cGRhdGVkSW5WZXIiOiI0MC4xLjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/860
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-04 07:08:41 +00:00
Renovate Bot
a1fc670df5 chore(deps): update docker.io/thegeeklab/git-sv docker tag to v1.0.14 (#858)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-04 00:04:30 +00:00
Renovate Bot
0cfe38aec5 chore(deps): update unittests/bash/bats digest to fed179f (#857)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-03 00:15:16 +00:00
Renovate Bot
5410bb08c2 chore(deps): update dependency go-gitea/gitea to v1.23.7 (#852)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-04-09 00:04:40 +00:00
techknowlogick
3b32a04b9c chore(actions): check actions is not configured (#849)
This is @ChristopherHX's PR

### Description of the change

Do not silently ignore actions.enabled set by user.

### Benefits

Everybody who has enabled actions act_runner do not silently end up without runners, but directly see an actionable error message.

### Possible drawbacks

You need to remove the actions section from your own values.yml to upgrade/install this chart.

The Migration Guide has not been written yet, I consider this issue as a community wiki where other maintainers are free to edit my initial post.

### Applicable issues

N/A

### Additional information

I couldn't add helm-gitea as a dependency, because of
- conflict with a7035ca4e5/templates/_helpers.tpl (L223-L230)
  with one difference helm-actions did not have the referenced values and failed to render
- after resolving the above by either renaming in the helm-actions chart or removal of this leftover code in helm-gitea
  - helm does not allow me to derive dynamic default values for the `actions` section for the subchart
  - using yaml anchors only provided default values into helm-actions, without respecting user changes
  - I only found a feature request
- It is not feasible for me in short term to add support of this section back using helm-actions
### Checklist

- [X] Helm templating unittests are added (required when changing anything in `templates` folder)

Co-authored-by: Christopher Homberger <christopher.homberger@web.de>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/849
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-committed-by: techknowlogick <techknowlogick@noreply.gitea.com>
2025-04-07 09:16:22 +00:00
Renovate Bot
5b247ea860 chore(deps): update dependency helm-unittest/helm-unittest to v0.8.1 (#851)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [helm-unittest/helm-unittest](https://github.com/helm-unittest/helm-unittest) | minor | `v0.7.2` -> `v0.8.1` |

---

### Release Notes

<details>
<summary>helm-unittest/helm-unittest (helm-unittest/helm-unittest)</summary>

### [`v0.8.1`](https://github.com/helm-unittest/helm-unittest/releases/tag/v0.8.1)

[Compare Source](https://github.com/helm-unittest/helm-unittest/compare/v0.8.0...v0.8.1)

**Fixes**

-   Fix special characters in template filename (resolves [#&#8203;619](https://github.com/helm-unittest/helm-unittest/issues/619))
-   Fix tests with conditional sub-charts fail to find templates since 0.8.0 (resolves [#&#8203;588](https://github.com/helm-unittest/helm-unittest/issues/588), credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))
-   Fix skipEmptyTemplate fails when no matching templates are found (resolves [#&#8203;609](https://github.com/helm-unittest/helm-unittest/issues/609), credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))

**Improvements**

-   Improvement enable documentSelector for hasDocument asserts (resolves [#&#8203;590](https://github.com/helm-unittest/helm-unittest/issues/590))-
-   Improvement by supporting ppc64le (credits [@&#8203;Vaibhav-Nazare](https://github.com/Vaibhav-Nazare))
-   Improvement refactoring configs for jobs and assertions (credits credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))

**Updates**

-   Update packages to latest patch versions
-   Update pipeline actions
-   Update documentation (credits [@&#8203;bogdan-deac](https://github.com/bogdan-deac))

### [`v0.8.0`](https://github.com/helm-unittest/helm-unittest/releases/tag/v0.8.0)

[Compare Source](https://github.com/helm-unittest/helm-unittest/compare/v0.7.2...v0.8.0)

**Features**

-   Add flag to exclude certain templates from testing (resolves [#&#8203;169](https://github.com/helm-unittest/helm-unittest/issues/169), credits [@&#8203;snorwin](https://github.com/snorwin))
-   Support for test packaged helmcharts (resolves [#&#8203;186](https://github.com/helm-unittest/helm-unittest/issues/186), resolves [#&#8203;250](https://github.com/helm-unittest/helm-unittest/issues/250))
-   Support to allow skipping tests (resolves [#&#8203;504](https://github.com/helm-unittest/helm-unittest/issues/504), credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))
-   Add helm post-renderer option (resolves [#&#8203;574](https://github.com/helm-unittest/helm-unittest/issues/574), credits [@&#8203;jcogilvie](https://github.com/jcogilvie))

**Fixes**

-   Resolve multiline errormessages (resolves [#&#8203;559](https://github.com/helm-unittest/helm-unittest/issues/559), credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))

**Updates**

-   Update packages to latest patch versions
-   Update pipeline actions
-   Update documentation

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 0,6" (UTC), Automerge - "* 0-3 * * *" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMzMuMCIsInVwZGF0ZWRJblZlciI6IjM5LjIzMy4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJraW5kL2RlcGVuZGVuY3kiXX0=-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/851
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-04-05 08:20:36 +00:00
Christopher Homberger
3aea811f1f chore(actions): remove obsolete gitea.act_runner.local_root_url (#850)
Co-authored-by: Christopher Homberger <christopher.homberger@web.de>
Co-committed-by: Christopher Homberger <christopher.homberger@web.de>
2025-04-04 20:18:59 +00:00
developerguy
a7035ca4e5 feat: make it configurable of the initContainers volume mount path for scripts (#848)
### Description of the change

Makes it configurable volume mount path for initContainers for init scripts

### Benefits

Configurable initContainers volumeMount path for init scripts

### Possible drawbacks

I don't think that there will be any drawbacks

### Applicable issues

- Fixes #847

Signed-off-by: Batuhan Apaydin <batuhan.apaydin@chainguard.dev>

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/848
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: developerguy <developerguy@noreply.gitea.com>
Co-committed-by: developerguy <developerguy@noreply.gitea.com>
2025-04-03 18:03:13 +00:00
Ceddaerrix
fa36d2beef fix: reverting use of TPL in "gitea.inline_configuration" (#846)
### Description of the change

Reverting TPL use in "gitea.inline_configuration" mistakenly committed under https://gitea.com/gitea/helm-gitea/pulls/840

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/846
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
2025-03-31 10:46:51 +00:00
pat-s
6c5b42c482 refactor!: remove actions related files (#825)
see #824

Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/825
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-03-31 07:47:23 +00:00
justusbunsi
356dd6e710 chore(renovate): group bats framework dependencies (#844)
Related to https://gitea.com/gitea/helm-gitea/pulls/724#issuecomment-995049

Groups following updates:

- unittests/bash/bats
- unittests/bash/test_helper/bats-assert
- unittests/bash/test_helper/bats-mock
- unittests/bash/test_helper/bats-support

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/844
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-03-31 07:41:02 +00:00
Ceddaerrix
1f313ac70e feat: adding dry support to gitea additional config from envs parameter (#840)
### Description of the change

Based on the discussion under https://gitea.com/gitea/helm-gitea/issues/60, it is possible to use `gitea.additionalConfigFromEnvs` to provide variables in order to override configurations from `app.ini`.
Especially when using gitea as a dependency of an umbrella, some values may need to be repeated in multiple places (such has database configuration). Hence, introducing the `tpl` function on `gitea.additionalConfigFromEnvs` will simplify such repetition by having the value only set in one place...

### Benefits

With the same intentions as https://gitea.com/gitea/helm-gitea/pulls/759, https://gitea.com/gitea/helm-gitea/pulls/664, https://gitea.com/gitea/helm-gitea/pulls/529 or https://gitea.com/gitea/helm-gitea/pulls/498, this change will allow reusing the value from other value parameters to avoid duplicating the same value in multiple places.

### Possible drawbacks

N/A

### Applicable issues

N/A

### Additional information

N/A

### Checklist

- [X] Helm templating unittests are added (required when changing anything in `templates` folder)

Co-authored-by: 212597596 <cedric.henry@ge.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/840
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
2025-03-30 14:30:35 +00:00
Renovate Bot
d2d542e625 chore(deps): update workflow dependencies (minor & patch) (#827)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) |  | patch | `3.17.1` -> `3.17.2` |
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) | container | patch | `3.17.1` -> `3.17.2` |
| [commitlint/commitlint](https://github.com/conventional-changelog/commitlint) | container | minor | `19.7.1` -> `19.8.0` |
| [docker.io/thegeeklab/git-sv](https://github.com/thegeeklab/git-sv) | container | patch | `1.0.12` -> `1.0.13` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/827
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-30 12:49:34 +00:00
Renovate Bot
75cd261b37 chore(deps): update subcharts (minor & patch) (#816)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | minor | `16.4.14` -> `16.6.0` |
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | minor | `15.2.3` -> `15.3.8` |
| [redis](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis)) | minor | `20.8.0` -> `20.11.4` |
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | patch | `11.4.3` -> `11.4.6` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/816
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-30 12:14:51 +00:00
bachorp
2c78da9c3e docs: set full path of values.yaml key in output to user (#832)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Currently, the reported path of the values to be changed is not always correct (especially `gitea.persistence` vs. `persistence`).

Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/832
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: bachorp <bachorp@noreply.gitea.com>
Co-committed-by: bachorp <bachorp@noreply.gitea.com>
2025-03-26 17:16:17 +00:00
bachorp
06f5179273 docs: fix typo in initialization script (#842)
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/842
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: bachorp <gitea.revivable069@passmail.net>
Co-committed-by: bachorp <gitea.revivable069@passmail.net>
2025-03-26 17:12:56 +00:00
Renovate Bot
e7e2ae9610 chore(deps): update dependency go-gitea/gitea to v1.23.6 (#838)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-25 00:18:08 +00:00
Renovate Bot
62f5ed6d46 chore(deps): update unittests/bash/test_helper/bats-assert digest to b93143a (#837)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-24 00:16:56 +00:00
Renovate Bot
d2e9bcf4b8 chore(deps): update unittests/bash/bats digest to 3172a45 (#835)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-24 00:05:48 +00:00
Renovate Bot
b44d43d2b0 chore(deps): update unittests/bash/test_helper/bats-support digest to d007fc1 (#836)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-23 00:05:43 +00:00
Renovate Bot
03918a126b chore(deps): update unittests/bash/bats digest to 261b029 (#830)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-17 00:17:10 +00:00
Renovate Bot
8d3f4d2260 chore(deps): update unittests/bash/test_helper/bats-assert digest to 0ec504e (#826)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| unittests/bash/test_helper/bats-assert | digest | `e2d855b` -> `0ec504e` |

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 0,6" (UTC), Automerge - "* 0-3 * * *" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xOTAuMCIsInVwZGF0ZWRJblZlciI6IjM5LjE5MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJraW5kL2RlcGVuZGVuY3kiXX0=-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/826
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-08 08:57:43 +00:00
pat-s
74d550922b chore: chart renaming aftermath 2025-03-06 22:29:58 +01:00
pat-s
7245b3b4cc chore: change repo name to helm-gitea (#823)
Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/823
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-03-06 20:54:40 +00:00
Renovate Bot
c0cadb9056 chore(deps): update dependency go-gitea/gitea to v1.23.5 (#822)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-06 00:06:34 +00:00
justusbunsi
c38703f21e ci(release): fix aws-cli installation
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-03-01 18:44:59 +01:00
justusbunsi
ad475405e9 docs(README): add upgrade notes regarding PostgreSQL + Gitea major updates (#818)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/818
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-03-01 17:07:55 +00:00
justusbunsi
60ef163b22 docs(README): add installation instructions for docker.gitea.com (#817)
Follow-up to https://gitea.com/gitea/helm-chart/pulls/814 and https://gitea.com/gitea/blog/pulls/429.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/817
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-03-01 16:51:57 +00:00
Renovate Bot
941ab3ef49 chore(deps): update docker.io/thegeeklab/git-sv docker tag to v1.0.12 (#815)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-01 00:13:56 +00:00
techknowlogick
ff7783fcbe chore: use docker.gitea.com registry URLs (#814)
Due to ratelimits

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/814
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Co-committed-by: techknowlogick <techknowlogick@gitea.com>
2025-02-28 10:48:04 +00:00
pat-s
9f659afc47 ci: hardcode gitea.com domain (#808)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/808
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-23 15:30:58 +00:00
pat-s
f74ab67b59 ci: use fetch-depth instead of fetch-tags (#807)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/807
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-23 14:50:17 +00:00
pat-s
724ebc5258 ci: fetch tags during checkout (#806)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/806
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-23 14:43:29 +00:00
justusbunsi
44563bed35 chore: install nodejs into changelog creation container (#805)
Follow-up of https://gitea.com/gitea/helm-chart/pulls/794

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/805
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-02-23 14:29:43 +00:00
pat-s
6cb068ae12 ci: create upcoming changelog via git-sv (#794)
https://github.com/thegeeklab/git-sv

- Creates a changelog from conventional commits
- Updates the changelog in an static issue (creates the issue if missing)
- Only runs after a new commit was merged into `main`
- Automatically determines the next version based on conv commits logic
- Follows up on #788

---

The logic can also be used to create the release notes on `tag` events and the subsequent Gitea release. Didn't wanted to add all at once, though.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/794
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-23 14:20:33 +00:00
justusbunsi
3c931de904 chore: ensure Gitea update at any possible time (#802)
This reduces manual overhead from all of us. It should overrule the "schedule only on weekends" at the top of our Renovate config.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/802
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-02-23 14:19:13 +00:00
justusbunsi
cb516e0f7f chore: rerun commitlint check on PR title change (#804)
This makes it easier for contributors. They don't need to update the branch itself by e.g. empty commits.

However, it now triggers the commitlint even when the PR description is updated.

Solution inspired by https://github.com/orgs/community/discussions/48695 and https://github.com/orgs/community/discussions/101695.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/804
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-02-23 14:05:51 +00:00
Renovate Bot
31d8e7c79f chore(deps): update dependency go-gitea/gitea to v1.23.4 (#800)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [go-gitea/gitea](https://github.com/go-gitea/gitea) | patch | `1.23.1` -> `1.23.4` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/800
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-23 13:17:17 +00:00
Renovate Bot
11d3fbcc77 chore(deps): update subcharts (minor & patch) (#801)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | patch | `16.4.6` -> `16.4.14` |
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | minor | `15.1.7` -> `15.2.3` |
| [redis](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis)) | minor | `20.6.3` -> `20.8.0` |
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | patch | `11.4.1` -> `11.4.3` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/801
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-23 13:13:48 +00:00
Renovate Bot
05143021fe chore(deps): update alpine/helm docker tag to v3.17.1 (#799)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-23 00:10:38 +00:00
tobiasbp
a983974568 fix: quote node selector values (#796)
### Description of the change

This pr add quotes to values for _nodeSelector_ entries. This is needed if the value is a _boolean_. An example is using [Spot VMs](https://cloud.google.com/kubernetes-engine/docs/concepts/spot-vms) on _GCP_:
````
apiVersion: v1
kind: Pod
spec:
  nodeSelector:
    cloud.google.com/gke-spot: "true"
````

Currently, the Chart uses the _toYaml_ function when adding the _nodeSelector_ values, however, _toYaml_ does not quote the values as discussed [here](https://github.com/helm/helm/issues/4262).

The same issue, for ingress configurations, was discussed in [this issue](https://gitea.com/gitea/helm-chart/issues/483), and fixed in [this PR](https://gitea.com/gitea/helm-chart/pulls/497).

### Benefits

Allows the usage of _boolean_ values for _nodeSelectors_.

### Possible drawbacks

None known.

Co-authored-by: tobias.petersen <tobias.petersen@unity3d.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/796
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: tobiasbp <tobiasbp@noreply.gitea.com>
Co-committed-by: tobiasbp <tobiasbp@noreply.gitea.com>
2025-02-19 13:20:18 +00:00
edd8557bb0 docs(README): hint of CPU limit lower than 1000m (#795)
The example of my latest PR based on a cpu resource limit of `100m`. But as the article describes, a cpu limit of lower than `1000m` or `1` can also lead to cpu throttling.

I've updates the README, to be correct and inform the user to take care of a correct cpu resource limit.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/795
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2025-02-19 09:24:31 +00:00
pat-s
a4c706f521 chore: renovate: automerge digest (#787)
related to https://gitea.com/gitea/helm-chart/pulls/754

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/787
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-15 13:42:56 +00:00
pat-s
d8f155562b chore: enforce conventional commits and lint via commitlint (#788)
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-06 21:27:40 +00:00
Renovate Bot
8bf5b2104d chore(deps): update unittests/bash/bats digest to 7ca23b1 (#754)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| unittests/bash/bats | digest | `b640ec3` -> `7ca23b1` |

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 0,6" (UTC), Automerge - "* 0-3 * * *" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS43NS4xIiwidXBkYXRlZEluVmVyIjoiMzkuMTE4LjIiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/754
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-05 18:01:04 +00:00
Renovate Bot
d8ec7dc2f5 chore(deps): update postgresql docker tag to v16 (#736)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | major | `15.5.38` -> `16.4.6` |

---

### Release Notes

<details>
<summary>bitnami/charts (postgresql)</summary>

### [`v16.4.6`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#1646-2025-02-02)

-   \[bitnami/postgresql] Release 16.4.6 ([#&#8203;31702](https://github.com/bitnami/charts/pull/31702))

### [`v16.4.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1645-2025-01-20-small)

-   \[bitnami/postgresql] Release 16.4.5 ([#&#8203;31484](https://github.com/bitnami/charts/issues/31484)) ([b11637c](b11637c36a)), closes [#&#8203;31484](https://github.com/bitnami/charts/issues/31484)

### [`v16.4.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1644-2025-01-20-small)

-   \[bitnami/postgresql] Release 16.4.4 ([#&#8203;31482](https://github.com/bitnami/charts/issues/31482)) ([e784f18](e784f187c0)), closes [#&#8203;31482](https://github.com/bitnami/charts/issues/31482)

### [`v16.4.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1643-2025-01-14-small)

-   bitnami/postgresql Fix missing dot in include statement for passwordUpdate job template ([#&#8203;31364](https://github.com/bitnami/charts/issues/31364)) ([901b26c](901b26c4b7)), closes [#&#8203;31364](https://github.com/bitnami/charts/issues/31364)

### [`v16.4.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1642-2025-01-13-small)

-   \[bitnami/postgresql] Release 16.4.2 ([#&#8203;31342](https://github.com/bitnami/charts/issues/31342)) ([946b638](946b638fd6)), closes [#&#8203;31342](https://github.com/bitnami/charts/issues/31342)

### [`v16.4.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1641-2025-01-13-small)

-   Dynamic assignment of custom schema name if defined in update-password job ([#&#8203;31146](https://github.com/bitnami/charts/issues/31146)) ([364ac45](364ac45ea6)), closes [#&#8203;31146](https://github.com/bitnami/charts/issues/31146)

### [`v16.3.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1635-2025-01-03-small)

-   Revert "\[bitnami/postgresql] Add Storage Class Configuration to Templates ([#&#8203;30858](https://github.com/bitnami/charts/issues/30858))" ([#&#8203;31204](https://github.com/bitnami/charts/issues/31204)) ([c03fe0c](c03fe0c3e3)), closes [#&#8203;30858](https://github.com/bitnami/charts/issues/30858) [#&#8203;31204](https://github.com/bitnami/charts/issues/31204)

### [`v16.3.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1634-2024-12-23-small)

-   \[bitnami/postgresql] Release 16.3.4 ([#&#8203;31143](https://github.com/bitnami/charts/issues/31143)) ([05a9583](05a9583f94)), closes [#&#8203;31143](https://github.com/bitnami/charts/issues/31143)

### [`v16.3.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1633-2024-12-20-small)

-   \[bitnami/postgresql] Release 16.3.3 ([#&#8203;31133](https://github.com/bitnami/charts/issues/31133)) ([41671f2](41671f2e78)), closes [#&#8203;31133](https://github.com/bitnami/charts/issues/31133)

### [`v16.3.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1632-2024-12-16-small)

-   \[bitnami/\*] Fix typo in README ([#&#8203;31052](https://github.com/bitnami/charts/issues/31052)) ([b41a51d](b41a51d1bd)), closes [#&#8203;31052](https://github.com/bitnami/charts/issues/31052)
-   \[bitnami/postgresql] Release 16.3.2 ([#&#8203;31060](https://github.com/bitnami/charts/issues/31060)) ([1406ab1](1406ab116e)), closes [#&#8203;31060](https://github.com/bitnami/charts/issues/31060)

### [`v16.3.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1631-2024-12-13-small)

-   \[bitnami/postgresql] Add Storage Class Configuration to Templates ([#&#8203;30858](https://github.com/bitnami/charts/issues/30858)) ([b0d2c2e](b0d2c2e53c)), closes [#&#8203;30858](https://github.com/bitnami/charts/issues/30858)

### [`v16.3.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#1630-2024-12-10)

-   \[bitnami/\*] Add Bitnami Premium to NOTES.txt ([#&#8203;30854](https://github.com/bitnami/charts/issues/30854)) ([3dfc003](3dfc00376d)), closes [#&#8203;30854](https://github.com/bitnami/charts/issues/30854)
-   \[bitnami/postgresql] Detect non-standard images ([#&#8203;30936](https://github.com/bitnami/charts/issues/30936)) ([ac96151](ac96151bdb)), closes [#&#8203;30936](https://github.com/bitnami/charts/issues/30936)

### [`v16.2.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1625-2024-12-03-small)

-   \[bitnami/postgresql] Release 16.2.5 ([#&#8203;30733](https://github.com/bitnami/charts/issues/30733)) ([34606c1](34606c10de)), closes [#&#8203;30733](https://github.com/bitnami/charts/issues/30733)

### [`v16.2.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1624-2024-12-03-small)

-   \[bitnami/\*] docs: 📝 Add "Backup & Restore" section ([#&#8203;30711](https://github.com/bitnami/charts/issues/30711)) ([35ab536](35ab536374)), closes [#&#8203;30711](https://github.com/bitnami/charts/issues/30711)
-   \[bitnami/\*] docs: 📝 Add "Prometheus metrics" (batch 5) ([#&#8203;30674](https://github.com/bitnami/charts/issues/30674)) ([ed2a546](ed2a54617f)), closes [#&#8203;30674](https://github.com/bitnami/charts/issues/30674)
-   \[bitnami/postgresql] use adminPassword for metrics user when custom user is not set ([#&#8203;30720](https://github.com/bitnami/charts/issues/30720)) ([8f4bc7b](8f4bc7b46b)), closes [#&#8203;30720](https://github.com/bitnami/charts/issues/30720)

### [`v16.2.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1623-2024-11-28-small)

-   \[bitnami/postgresql] Release 16.2.3 ([#&#8203;30645](https://github.com/bitnami/charts/issues/30645)) ([22a4c51](22a4c51dc3)), closes [#&#8203;30645](https://github.com/bitnami/charts/issues/30645)

### [`v16.2.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1622-2024-11-21-small)

-   \[bitnami/postgresql] Release 16.2.2 ([#&#8203;30570](https://github.com/bitnami/charts/issues/30570)) ([7b3a6d5](7b3a6d5808)), closes [#&#8203;30570](https://github.com/bitnami/charts/issues/30570)

### [`v16.2.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1621-2024-11-14-small)

-   \[bitnami/postgresql] Release 16.2.1 ([#&#8203;30463](https://github.com/bitnami/charts/issues/30463)) ([2360527](236052763a)), closes [#&#8203;30463](https://github.com/bitnami/charts/issues/30463)

### [`v16.2.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#1620-2024-11-14)

-   \[bitnami/postgresql] feat:  Add password update job ([#&#8203;30444](https://github.com/bitnami/charts/issues/30444)) ([ea896db](ea896dbfbf)), closes [#&#8203;30444](https://github.com/bitnami/charts/issues/30444)

### [`v16.1.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1612-2024-11-06-small)

-   \[bitnami/postgresql] Release 16.1.2 ([#&#8203;30250](https://github.com/bitnami/charts/issues/30250)) ([423c554](423c554547)), closes [#&#8203;30250](https://github.com/bitnami/charts/issues/30250)

### [`v16.1.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1611-2024-11-04-small)

-   \[bitnami/postgresql] metrics.collectors applies to read replicas ([#&#8203;30133](https://github.com/bitnami/charts/issues/30133)) ([696f113](696f113b68)), closes [#&#8203;30133](https://github.com/bitnami/charts/issues/30133)

### [`v16.1.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#1610-2024-10-30)

-   \[bitnami/\*] Remove wrong comment about imagePullPolicy ([#&#8203;30107](https://github.com/bitnami/charts/issues/30107)) ([a51f9e4](a51f9e4bb0)), closes [#&#8203;30107](https://github.com/bitnami/charts/issues/30107)
-   \[bitnami/postgresql] Added support for `namespaceOverride` ([#&#8203;30113](https://github.com/bitnami/charts/issues/30113)) ([4253372](4253372e0b)), closes [#&#8203;30113](https://github.com/bitnami/charts/issues/30113)

### [`v16.0.6`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1606-2024-10-24-small)

-   \[bitnami/postgresql] Release 16.0.6 ([#&#8203;30069](https://github.com/bitnami/charts/issues/30069)) ([e431b4a](e431b4a915)), closes [#&#8203;30069](https://github.com/bitnami/charts/issues/30069)

### [`v16.0.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1605-2024-10-22-small)

-   \[bitnami/postgresql] Release 16.0.5 ([#&#8203;30046](https://github.com/bitnami/charts/issues/30046)) ([a825e37](a825e37775)), closes [#&#8203;30046](https://github.com/bitnami/charts/issues/30046)

### [`v16.0.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1604-2024-10-21-small)

-   \[bitnami/postgresql] Release 16.0.4 ([#&#8203;30013](https://github.com/bitnami/charts/issues/30013)) ([8435f88](8435f88ae0)), closes [#&#8203;30013](https://github.com/bitnami/charts/issues/30013)

### [`v16.0.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1603-2024-10-16-small)

-   \[bitnami/postgresql] Release 16.0.3 ([#&#8203;29942](https://github.com/bitnami/charts/issues/29942)) ([7b3f2bb](7b3f2bb7a6)), closes [#&#8203;29942](https://github.com/bitnami/charts/issues/29942)

### [`v16.0.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1602-2024-10-16-small)

-   \[bitnami/postgresql] Release 16.0.2 ([#&#8203;29938](https://github.com/bitnami/charts/issues/29938)) ([766c157](766c1577e8)), closes [#&#8203;29938](https://github.com/bitnami/charts/issues/29938)
-   Update documentation links to techdocs.broadcom.com ([#&#8203;29931](https://github.com/bitnami/charts/issues/29931)) ([f0d9ad7](f0d9ad78f3)), closes [#&#8203;29931](https://github.com/bitnami/charts/issues/29931)

### [`v16.0.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1601-2024-10-04-small)

-   \[bitnami/postgresql] Release 16.0.1 ([#&#8203;29776](https://github.com/bitnami/charts/issues/29776)) ([9d7fcdc](9d7fcdc44c)), closes [#&#8203;29776](https://github.com/bitnami/charts/issues/29776)

### [`v16.0.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#1600-2024-10-02)

-   \[bitnami/postgresql] Release 16.0.0 ([#&#8203;29723](https://github.com/bitnami/charts/issues/29723)) ([aeedc0e](aeedc0e67b)), closes [#&#8203;29723](https://github.com/bitnami/charts/issues/29723)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 0,6" (UTC), Automerge - "* 0-3 * * *" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS40MC4xIiwidXBkYXRlZEluVmVyIjoiMzkuMTU2LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/736
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-05 17:33:18 +00:00
Renovate Bot
70cc590eb3 chore(deps): update postgresql-ha docker tag to v15 (#741)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `14.3.10` -> `15.1.7` |

---

### Release Notes

<details>
<summary>bitnami/charts (postgresql-ha)</summary>

### [`v15.1.7`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#1517-2025-02-02)

-   \[bitnami/postgresql-ha] Release 15.1.7 ([#&#8203;31701](https://github.com/bitnami/charts/pull/31701))

### [`v15.1.6`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1516-2025-01-13-small)

-   \[bitnami/postgresql-ha] Release 15.1.6 ([#&#8203;31341](https://github.com/bitnami/charts/issues/31341)) ([30c2b39](30c2b394da)), closes [#&#8203;31341](https://github.com/bitnami/charts/issues/31341)

### [`v15.1.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1515-2025-01-13-small)

-   \[bitnami/postgresql-ha] setting ServiceAccount also when is not created by the bitnami chart ([#&#8203;31293](https://github.com/bitnami/charts/issues/31293) ([2316c35](2316c354ab)), closes [#&#8203;31293](https://github.com/bitnami/charts/issues/31293)

### [`v15.1.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1514-2024-12-23-small)

-   \[bitnami/postgresql-ha] Release 15.1.4 ([#&#8203;31144](https://github.com/bitnami/charts/issues/31144)) ([6a0ca8f](6a0ca8f0d1)), closes [#&#8203;31144](https://github.com/bitnami/charts/issues/31144)

### [`v15.1.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1513-2024-12-23-small)

-   \[bitnami/postgresql-ha] Release 15.1.3 ([#&#8203;31135](https://github.com/bitnami/charts/issues/31135)) ([b1fde05](b1fde05a5d)), closes [#&#8203;31135](https://github.com/bitnami/charts/issues/31135)

### [`v15.1.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1512-2024-12-20-small)

-   \[bitnami/\*] Fix typo in README ([#&#8203;31052](https://github.com/bitnami/charts/issues/31052)) ([b41a51d](b41a51d1bd)), closes [#&#8203;31052](https://github.com/bitnami/charts/issues/31052)
-   \[bitnami/postgresql-ha] Fix typo in documentation ([#&#8203;31069](https://github.com/bitnami/charts/issues/31069)) ([b3b4ac7](b3b4ac71e4)), closes [#&#8203;31069](https://github.com/bitnami/charts/issues/31069)
-   \[bitnami/postgresql-ha] Release 15.1.2 ([#&#8203;31132](https://github.com/bitnami/charts/issues/31132)) ([a352680](a352680c0b)), closes [#&#8203;31132](https://github.com/bitnami/charts/issues/31132)

### [`v15.1.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1511-2024-12-13-small)

-   \[bitnami/postgresql-ha]Add Storage Class Configuration to Templates ([#&#8203;30993](https://github.com/bitnami/charts/issues/30993)) ([485796b](485796bfe6)), closes [#&#8203;30993](https://github.com/bitnami/charts/issues/30993)

### [`v15.1.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#1510-2024-12-10)

-   \[bitnami/\*] Add Bitnami Premium to NOTES.txt ([#&#8203;30854](https://github.com/bitnami/charts/issues/30854)) ([3dfc003](3dfc00376d)), closes [#&#8203;30854](https://github.com/bitnami/charts/issues/30854)
-   \[bitnami/postgresql-ha] Detect non-standard images ([#&#8203;30937](https://github.com/bitnami/charts/issues/30937)) ([5149845](5149845424)), closes [#&#8203;30937](https://github.com/bitnami/charts/issues/30937)

### [`v15.0.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1504-2024-12-03-small)

-   \[bitnami/postgresql-ha] Release 15.0.4 ([#&#8203;30732](https://github.com/bitnami/charts/issues/30732)) ([dd65642](dd6564295a)), closes [#&#8203;30732](https://github.com/bitnami/charts/issues/30732)

### [`v15.0.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1503-2024-12-03-small)

-   \[bitnami/\*] docs: 📝 Add "Backup & Restore" section ([#&#8203;30711](https://github.com/bitnami/charts/issues/30711)) ([35ab536](35ab536374)), closes [#&#8203;30711](https://github.com/bitnami/charts/issues/30711)
-   \[bitnami/\*] docs: 📝 Add "Update Credentials" (batch 3) ([#&#8203;30688](https://github.com/bitnami/charts/issues/30688)) ([10a49f9](10a49f9ff2)), closes [#&#8203;30688](https://github.com/bitnami/charts/issues/30688)
-   \[bitnami/postgresql-ha] Release 15.0.3 ([#&#8203;30730](https://github.com/bitnami/charts/issues/30730)) ([1e7e0de](1e7e0dee58)), closes [#&#8203;30730](https://github.com/bitnami/charts/issues/30730)

### [`v15.0.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1502-2024-11-28-small)

-   \[bitnami/\*] docs: 📝 Add "Prometheus metrics" (batch 5) ([#&#8203;30674](https://github.com/bitnami/charts/issues/30674)) ([ed2a546](ed2a54617f)), closes [#&#8203;30674](https://github.com/bitnami/charts/issues/30674)
-   \[bitnami/postgresql-ha] Release 15.0.2 ([#&#8203;30676](https://github.com/bitnami/charts/issues/30676)) ([de62c88](de62c88da5)), closes [#&#8203;30676](https://github.com/bitnami/charts/issues/30676)

### [`v15.0.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1501-2024-11-27-small)

-   \[bitnami/postgresql-ha] Release 15.0.1 ([#&#8203;30644](https://github.com/bitnami/charts/issues/30644)) ([ebb2f96](ebb2f960e7)), closes [#&#8203;30644](https://github.com/bitnami/charts/issues/30644)

### [`v15.0.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#1500-2024-11-25)

-   \[bitnami/postgresql-ha] Release 15.0.0 ([#&#8203;30618](https://github.com/bitnami/charts/issues/30618)) ([2d17a50](2d17a50466)), closes [#&#8203;30618](https://github.com/bitnami/charts/issues/30618)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 0,6" (UTC), Automerge - "* 0-3 * * *" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS40MC4xIiwidXBkYXRlZEluVmVyIjoiMzkuMTU2LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/741
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-05 17:18:22 +00:00
yael-tramier
3ac51f2628 Replace claimName value to existingClaim to manage your PVC value for PostgreSQL chart. (#786)
### Description of the change

Hello, following the documentation, I saw that there was a small error concerning the declaration of a PVC on the PostgreSQL part.
So I just changed this value from claimName to existingClaim

### Applicable issues

- Fixes #778

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/786
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: yael-tramier <yael-tramier@noreply.gitea.com>
Co-committed-by: yael-tramier <yael-tramier@noreply.gitea.com>
2025-02-05 16:59:07 +00:00
4f42f4bee3 [Close #771] fix: set GOMAXPROCS (#772)
The following patch add automatically the environment variable `GOMAXPROCS`,
when a CPU limit is defined. Otherwise CPU throttling may occur.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/772
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2025-02-02 21:30:00 +00:00
Renovate Bot
cc7532ec90 chore(deps): update dependency helm-unittest/helm-unittest to v0.7.2 (#784)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-01 00:33:28 +00:00
grandmou
1d908965a8 feat(act_runner): allow to mount volumes (#756)
### Description of the change

In the act_runner StatefulSet, this allows to mount volumes.

### Benefits

It allows to mount some volumes in any of the two containers, e.g. certificates for a private registry.

### Possible drawbacks

I can't think of any.

### Applicable issues

- Fixes #744

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Helm templating unittests are added (required when changing anything in `templates` folder)

Co-authored-by: Xav <grandmou@protonmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/756
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: grandmou <grandmou@noreply.gitea.com>
Co-committed-by: grandmou <grandmou@noreply.gitea.com>
2025-01-28 17:17:57 +00:00
Renovate Bot
43e0918cfc chore(deps): update dependency markdownlint-cli to ^0.44.0 (#782)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-26 01:13:52 +00:00
Renovate Bot
41deaf977e chore(deps): update redis-cluster docker tag to v11.4.1 (#780)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-26 00:48:40 +00:00
Renovate Bot
b8b909be0b chore(deps): update workflow dependencies (minor & patch) (#781)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-25 00:47:04 +00:00
Renovate Bot
4f9a48ae51 chore(deps): update subcharts (minor & patch) (#774)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-19 00:11:05 +00:00
Renovate Bot
ef8ad0f050 chore(deps): update dependency go-gitea/gitea to v1.23.1 (#767)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-12 00:22:58 +00:00
Renovate Bot
680d95c943 chore(deps): update subcharts (minor & patch) (#766)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-12 00:10:25 +00:00
Renovate Bot
48e61b164b chore(deps): update dependency helm-unittest/helm-unittest to v0.7.1 (#760)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-04 00:21:59 +00:00
Renovate Bot
3e72e8b983 chore(deps): update alpine/helm docker tag to v3.16.4 (#757)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-28 00:21:37 +00:00
Renovate Bot
9b28e264f7 chore(deps): update subcharts (minor & patch) (#755)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-22 00:25:58 +00:00
justusbunsi
8c4e8e8f30 Introduce bash scripting unittests (#724)
### Description of the change

This adds an environment for unit testing our bash scripts, using [BATS](https://github.com/bats-core/bats-core).
It implements first tests for `config_environment.sh`.

### Benefits

Writing unit tests for bash scripts documents the expected behavior and allows it being a quality gate in our CI.

### Possible drawbacks

Not everyone is familiar with this approach and unit testing framework. Me neither, it took me some hours to get into it.

### Applicable issues

- Related to #691 where an issue in `config_environment.sh` was detected. It doesn't fixes it yet. This will be a dedicated Pull Request.

### Additional information

I've verified that the changes for Renovate are indeed working.

You may wonder why there is only one `run $PROJECT_ROOT/scripts/init-containers/config/config_environment.sh` and many `run execute_test_script` calls.
Usually, testing a script itself would be executing `run $PROJECT_ROOT/scripts/init-containers/config/config_environment.sh`. You then can assert the exit code and other things. Since the `config_environment.sh` exports environment variables and we are not able to access them from outside a `run` execution, the function `execute_test_script` wraps our script execution between environment comparison. Doing so allows us capture environment variables that were added/removed during script execution.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/724
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-20 09:45:01 +00:00
justusbunsi
5968cfa1d4 Disable renovate branch builds (#753)
Renovate PRs currently trigger 2 builds:

- For the PR itself
- For the `renovate/...` branch

This only increases builds without any benefit.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/753
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-19 18:18:58 +00:00
Renovate Bot
12f253db10 chore(deps): update redis-cluster docker tag to v11 (#743)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | major | `10.3.0` -> `11.2.0` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/743
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-19 18:09:01 +00:00
Renovate Bot
535aa1cf1a chore(deps): update redis docker tag to v20 (#742)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [redis](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis)) | major | `19.6.4` -> `20.6.0` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/742
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-19 17:47:00 +00:00
justusbunsi
a79fd31f7e Increase testability of shell scripts (#752)
This is a preparation for #724 (bash script testing) which would be too complex to review if done there.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/752
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-19 12:04:00 +00:00
justusbunsi
726b36c6d8 Extract raw shell/bash scripts as actual shell script files (#751)
### Description of the change

This is a preparation for #724 (bash script testing) which would be too complex to review if done there. I haven't changed the script contents.

### Benefits

Better IDE support, possibility for shell checks, tests.

### Possible drawbacks

-

### Additional information

I only extracted files that are native bash scripts. There are others, being a mix of Helm templating and shell scripts. Those scripts must be cleared first before extracting them as well.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/751
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-19 10:56:12 +00:00
justusbunsi
4691b63f7a Move Helm unittests into subfolder (#750)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/750
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-18 12:04:15 +00:00
justusbunsi
8f516048e4 Move actions related readme into docs folder (#749)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/749
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-18 11:42:31 +00:00
justusbunsi
e9084e1833 Ensure default customization of Chart dependencies (#748)
### Description of the change

This adds unittests for the default configuration of our dependencies.

### Benefits

We are able to detect changes in upstream Charts for those settings.

### Applicable issues

- fixes #409

### Additional information

I merged existing unittests with the new ones for `postgresql-ha` and `postgresql`.
However, I decided to not do this for `redis-cluster` and `redis`, because the existing tests[^1] also ensure how the Chart behaves when both redis dependencies are disabled. It didn't felt right to split those files.

### Checklist

- [x] Templating unittests are added

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

[^1]: e733287dc2/unittests/config/cache-config.yaml, e733287dc2/unittests/config/queue-config.yaml, e733287dc2/unittests/config/session-config.yaml

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/748
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-18 11:12:29 +00:00
justusbunsi
e733287dc2 Fix runner label issues (#739)
### Description of the change

This addresses 2 bugs regarding configured runner labels:
- `Cannot find: node in PATH` due to a default label that matches the runner host, not the docker-in-docker environment
- After changing the runner config, users have to manually replace the StatefulSet Pod of the runner

### Benefits

- Out-of-the-box functioning node environment
- Auto-updated runner config on changes in values

### Applicable issues

- fixes https://gitea.com/gitea/helm-chart/issues/728
- fixes https://gitea.com/gitea/helm-chart/issues/725

### Additional information

With removing the default labels from `values.yaml`, the act runner defaults will be used for new runners which fixes the "missing node" issue.
I had issues replacing the labels once the Chart defaults were used, so users might have to replace their runner manually if this is an issue.

### Checklist

- [x] Templating unittests are added

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/739
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-17 13:30:31 +00:00
Renovate Bot
f4d1a6b516 chore(deps): update dependency go-gitea/gitea to v1.22.6 (#746)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-14 00:24:12 +00:00
Renovate Bot
c3d0bae515 chore(deps): update dependency go-gitea/gitea to v1.22.5 (#745)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-13 01:35:36 +00:00
Renovate Bot
aec87c2490 chore(deps): update workflow dependencies (minor & patch) (#735)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) |  | minor | `3.15.3` -> `3.16.3` |
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) | container | minor | `3.15.3` -> `3.16.3` |
| [helm-unittest/helm-unittest](https://github.com/helm-unittest/helm-unittest) |  | minor | `v0.5.2` -> `v0.7.0` |
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | devDependencies | minor | [`^0.41.0` -> `^0.43.0`](https://renovatebot.com/diffs/npm/markdownlint-cli/0.41.0/0.43.0) |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/735
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 23:47:49 +00:00
Renovate Bot
e3db83e22b chore(deps): update dependency go-gitea/gitea to v1.22.4 (#740)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [go-gitea/gitea](https://github.com/go-gitea/gitea) | patch | `1.22.3` -> `1.22.4` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS40MC4xIiwidXBkYXRlZEluVmVyIjoiMzkuNDAuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsia2luZC9kZXBlbmRlbmN5Il19-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/740
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 23:44:11 +00:00
Renovate Bot
7cae9d3404 chore(deps): update busybox docker tag to v1.37.0 (#734)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| busybox | minor | `1.36.1` -> `1.37.0` |

---

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/734
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 23:34:16 +00:00
justusbunsi
52153021e3 Finetune Renovate configuration (#738)
`go-gitea/gitea` is no workflow dependency and therefore should not be grouped as such.
It got automatically matched due to `custom.regex` manager in that rule.

Since we now have image dependencies in our `values.yaml`, PR builds will fail when these changes are not represented in `README.md`.
Using a [postUpgradeTask](https://docs.renovatebot.com/configuration-options/#postupgradetasks) allows customized Renovate behavior.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/738
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-11-30 16:07:23 +00:00
justusbunsi
5f7d353901 Prevent reoccurring namespace inconsistencies (#737)
https://gitea.com/gitea/helm-chart/pulls/713 ensured that all resources
contain a `namespace` field. When adding Gitea actions runner support in
https://gitea.com/gitea/helm-chart/pulls/666, this was an oversight.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/737
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-11-30 14:47:18 +00:00
Hitesh Nayak
389a8460e4 feat(service-monitor): support bearer token authentication on metrics endpoint (#719)
### Benefits

Can protect metrics endpoint with `Bearer` token authentication provided by gitea.
see PR #637 for previous discussion.

### Possible drawbacks

No possible drawbacks

### Applicable issues

- fixes #635

### Additional information

```
gitea:
  metrics:
    enabled: true
    token: "somepassword"
    serviceMonitor:
      enabled: true
```

Using above configuration is sufficient to secure /metrics endpoint with bearer token and corresponding ServiceMonitor.

### Checklist

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [ ] ~~Breaking changes are documented in the `README.md`~~ Not applicable
- [x] Templating unittests are added

Signed-off-by: Hitesh Nayak <hiteshnayak305@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/719
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Hitesh Nayak <hiteshnayak305@gmail.com>
Co-committed-by: Hitesh Nayak <hiteshnayak305@gmail.com>
2024-11-30 13:59:29 +00:00
Renovate Bot
3bacaaad84 chore(deps): update subcharts (minor & patch) (#733)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 02:09:16 +00:00
justusbunsi
2be2e2a639 Ensure dev-only files are not added to the tgz package (#723)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/723
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
2024-11-10 20:15:46 +00:00
justusbunsi
7b892431d6 Support custom envs for Action DinD container (#722)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Follow-up to https://gitea.com/gitea/helm-chart/pulls/666.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/722
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-11-10 14:02:15 +00:00
vjm
f7c66c0336 Add Gitea Actions act runner (#666)
Co-authored-by: dementhorr <dementhorr@proton.me>
Co-authored-by: Vince Montalbano <vince.montalbano@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/666
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: vjm <vjm@noreply.gitea.com>
Co-committed-by: vjm <vjm@noreply.gitea.com>
2024-11-10 13:35:56 +00:00
justusbunsi
5c7e78b467 Bump Gitea to 1.22.3 (#718)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/718
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-10-18 15:14:56 +00:00
justusbunsi
478af4e381 Fix probe definition overrides (#717)
### Description of the change

This fixes an issue when trying to apply a custom probe that is not `tcpSocket`.

### Benefits

Custom probes 🥳

### Applicable issues

- Fixes #694

### Checklist

- [x] Templating unittests are added

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/717
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-10-18 15:09:14 +00:00
justusbunsi
7c4d6c3797 Fix configuration in "external database" docs (#716)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/716
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-10-18 13:50:35 +00:00
rossigee
aa9808bc27 Add 'extraContainers' parameter (#697)
### Description of the change

Adds an 'extraContainers' parameter.

### Benefits

Users will be able to run sidecar containers as required by their environment.

### Possible drawbacks

N/A

### Applicable issues

- Fixes #696

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/697
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: rossigee <rossigee@noreply.gitea.com>
Co-committed-by: rossigee <rossigee@noreply.gitea.com>
2024-10-18 13:44:37 +00:00
SorsOps
a08e39f8ff Fix namespace templating inconsistencies (#713)
### Description of the change

Added namespaces to all the template files to better support alternate templaters in gitops systems

### Benefits

Gitops system that have different ways of handling helm templates can actually deploy this chart correct, especially through subcharts

### Possible drawbacks

Potential regression when upgrading, though this should be unlikely per @jessesanford 's comments with it defaulting back to the existing behaviour

### Applicable issues

  - Addresses https://gitea.com/gitea/helm-chart/issues/630
  - Addresses https://gitea.com/gitea/helm-chart/issues/557
  - Addresses https://gitea.com/gitea/helm-chart/issues/623

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Breaking changes are documented in the `README.md`

Co-authored-by: SorsOps <80043879+sorsOps@users.noreply.github.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/713
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: SorsOps <sorsops@noreply.gitea.com>
Co-committed-by: SorsOps <sorsops@noreply.gitea.com>
2024-10-08 16:40:23 +00:00
pat-s
c039673e5a Add comments about redis password policy (#706)
fix #690

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/706
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-09-19 21:59:47 +00:00
e636984db1 feat(serviceMonitor): custom configuration (#710)
This patch extends the serviceMonitor resource to specify a custom TLS
configuration used by prometheus to scrape the metrics.

Furthermore, the interval and scrapeTimeout can now be adapted without changing
the global defaults of the prometheus instance.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/710
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2024-09-18 17:55:28 +00:00
pat-s
77aa11a3bb bump to gitea 1.22.2
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2024-09-11 15:14:37 +02:00
tobiasbp
3fdb39df68 Do not log errors in init-directories container during Gitea launch (#708)
When the _init-directories_ container runs, the shell script  _init_directory_structure.sh_ logs to _stderr_ because debugging is enabled with _set -x_. The output from the script, should be logged to _stdout_ instead. The issue is discussed here: https://gitea.com/gitea/helm-chart/issues/701

### Description of the change

This PR uses the _verbose_ flag with all commands in the script to log what the script is doing.

### Benefits

Log entries with incorrect severity _ERROR_ will no longer be logged in _Kubernetes_.

### Possible drawbacks

Log output will change. If someone had a check for certain log entries from the _init container_, that check would break.

### Checklist

Updated unit tests.

Co-authored-by: tobias.petersen <tobias.petersen@unity3d.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/708
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: tobiasbp <tobiasbp@noreply.gitea.com>
Co-committed-by: tobiasbp <tobiasbp@noreply.gitea.com>
2024-09-11 12:49:18 +00:00
pat-s
9dc3f7c086 Fix persistence for postgresql-ha (#704)
fix #703

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/704
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-08-29 09:20:27 +00:00
Renovate Bot
036b469ff9 chore(deps): update subcharts (minor & patch) (#695)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-08-03 00:46:33 +00:00
Renovate Bot
339ee94260 chore(deps): update subcharts (minor & patch) (#693)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-28 00:21:27 +00:00
Renovate Bot
1c71764d3c chore(deps): update dependency helm-unittest/helm-unittest to v0.5.2 (#692)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-27 00:42:36 +00:00
justusbunsi
e19723a3fb Improve Renovate behavior (#689)
- Add Gitea releases for `appVersion`
- Rewrite Helm changelog url to retrieve release notes

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/689
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-07-23 13:38:49 +00:00
pat-s
2a762f0865 Gitea 1.22.1 (#684)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/684
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-07-21 11:46:40 +00:00
Renovate Bot
c32c6f929f chore(deps): update subcharts (minor & patch) (#688)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-21 00:21:49 +00:00
Renovate Bot
e29cd1c289 chore(deps): update alpine/helm docker tag to v3.15.3 (#687)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-20 00:40:11 +00:00
Karitham
a535919025 feat: service.{http,ssh}.loadBalancerClass (#640)
### Description of the change

Introduce `service.{http,ssh}.loadBalancerClass`

### Benefits

Feature was not supported before. This is required if your cluster has multiple loadBalancer options and you want to select one

### Possible drawbacks

More yaml.

### Checklist

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Templating unittests are added

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/640
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Karitham <kar@karitham.dev>
Co-committed-by: Karitham <kar@karitham.dev>
2024-07-15 15:13:25 +00:00
Renovate Bot
5c6cd932fe chore(deps): update postgresql docker tag to v15.5.16 (#683)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-13 00:41:15 +00:00
justusbunsi
3265a5ed53 Drop helm signing to release 10.3.0
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Right now, the generated `.prov` file is not uploaded along with the actual `.tgz` file. This makes it impossible to verify our Helm Charts.
In addition, we only sign the old-fashioned `.tgz` file, not the OCI-based releases on DockerHub.
The incentive to do this very commit is an expired GPG key that prevents our release.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-07-07 14:48:54 +02:00
James Harmison
1dbf171ad3 Enable admin user password creation/update mode in values (#677)
### Description of the change

This enables sane modes for forcing reset, as well as providing more options to users of the chart by giving them the flexibility to set the mode for password creation/modification as part of init whether the user exists or not.

### Benefits

The new default should revert to the behavior before #673 became an issue, while also providing more flexibility for users who want to be able to manage their initial admin user password out-of-band after creating it the first time.

### Possible drawbacks

None that I can think of.

### Applicable issues

- fixes #673

### Additional information

See the discussion in #675 as well

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/677
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: James Harmison <jharmison@gmail.com>
Co-committed-by: James Harmison <jharmison@gmail.com>
2024-07-07 09:59:29 +00:00
pat-s
6226e4eaea Add non-clustered redis as sub-chart (#672)
Co-authored-by: Julien <julienym@gmail.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/672
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-07-07 09:57:16 +00:00
Renovate Bot
6ffc0a3790 chore(deps): update subcharts (minor & patch) (#680)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-06 00:43:22 +00:00
Renovate Bot
1ac39a6f5d chore(deps): update subcharts (minor & patch) (#670)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-30 00:21:50 +00:00
Renovate Bot
c4168dd029 chore(deps): update subcharts (minor & patch) (#669)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-23 00:21:38 +00:00
Renovate Bot
4dd17f045b chore(deps): update alpine/helm docker tag to v3.15.2 (#668)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-22 00:40:03 +00:00
Renovate Bot
030322170e chore(deps): update subcharts (minor & patch) (#667)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-15 00:42:23 +00:00
Renovate Bot
d407eda496 chore(deps): update subcharts (minor & patch) (#665)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-08 01:01:27 +00:00
100 changed files with 4398 additions and 1015 deletions

7
.commitlintrc.json Normal file
View File

@@ -0,0 +1,7 @@
{
"extends": ["@commitlint/config-conventional"],
"rules": {
"type-enum": [2, "always", ["feat", "fix", "chore", "docs", "style", "refactor", "test", "perf", "ci", "WIP"]],
"type-case": [0, "always", "lower-case"]
}
}

View File

@@ -23,7 +23,7 @@
### Applicable issues ### Applicable issues
<!-- Enter any applicable Issues here (You can reference an issue using #). Please remove this section if there is no referenced issue. --> <!-- Enter any applicable Issues here (You can reference an issue using #). Please remove this section if there is no referenced issue. -->
- fixes # - Fixes #
### Additional information ### Additional information
@@ -39,4 +39,6 @@
- [ ] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [ ] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [ ] Breaking changes are documented in the `README.md` - [ ] Breaking changes are documented in the `README.md`
- [ ] Templating unittests are added - [ ] Helm templating unittests are added (required when changing anything in `templates` folder)
- [ ] Bash unittests are added (required when changing anything in `scripts` folder)
- [ ] All added template resources MUST render a namespace in metadata

114
.gitea/scripts/add-annotations.sh Executable file
View File

@@ -0,0 +1,114 @@
#!/bin/bash
set -e
CHART_FILE="Chart.yaml"
if [ ! -f "${CHART_FILE}" ]; then
echo "ERROR: ${CHART_FILE} not found!" 1>&2
exit 1
fi
DEFAULT_NEW_TAG="$(git tag --sort=-version:refname | head -n 1)"
DEFAULT_OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)"
if [ -z "${1}" ]; then
read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG
if [ -z "${OLD_TAG}" ]; then
OLD_TAG="${DEFAULT_OLD_TAG}"
fi
while [ -z "$(git tag --list "${OLD_TAG}")" ]; do
echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2
read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG
if [ -z "${OLD_TAG}" ]; then
OLD_TAG="${DEFAULT_OLD_TAG}"
fi
done
else
OLD_TAG=${1}
if [ -z "$(git tag --list "${OLD_TAG}")" ]; then
echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2
exit 1
fi
fi
if [ -z "${2}" ]; then
read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG
if [ -z "${NEW_TAG}" ]; then
NEW_TAG="${DEFAULT_NEW_TAG}"
fi
while [ -z "$(git tag --list "${NEW_TAG}")" ]; do
echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2
read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG
if [ -z "${NEW_TAG}" ]; then
NEW_TAG="${DEFAULT_NEW_TAG}"
fi
done
else
NEW_TAG=${2}
if [ -z "$(git tag --list "${NEW_TAG}")" ]; then
echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2
exit 1
fi
fi
CHANGE_LOG_YAML=$(mktemp)
echo "[]" > "${CHANGE_LOG_YAML}"
function map_type_to_kind() {
case "${1}" in
feat)
echo "added"
;;
fix)
echo "fixed"
;;
chore|style|test|ci|docs|refac)
echo "changed"
;;
revert)
echo "removed"
;;
sec)
echo "security"
;;
*)
echo "skip"
;;
esac
}
COMMIT_TITLES="$(git log --pretty=format:"%s" "${OLD_TAG}..${NEW_TAG}")"
echo "INFO: Generate change log entries from ${OLD_TAG} until ${NEW_TAG}"
while IFS= read -r line; do
if [[ "${line}" =~ ^([a-zA-Z]+)(\([^\)]+\))?\:\ (.+)$ ]]; then
TYPE="${BASH_REMATCH[1]}"
KIND=$(map_type_to_kind "${TYPE}")
if [ "${KIND}" == "skip" ]; then
continue
fi
DESC="${BASH_REMATCH[3]}"
echo "- ${KIND}: ${DESC}"
jq --arg kind "${KIND}" --arg description "${DESC}" '. += [ $ARGS.named ]' < "${CHANGE_LOG_YAML}" > "${CHANGE_LOG_YAML}.new"
mv "${CHANGE_LOG_YAML}.new" "${CHANGE_LOG_YAML}"
fi
done <<< "${COMMIT_TITLES}"
if [ -s "${CHANGE_LOG_YAML}" ]; then
yq --inplace --input-format json --output-format yml "${CHANGE_LOG_YAML}"
yq --no-colors --inplace ".annotations.\"artifacthub.io/changes\" |= loadstr(\"${CHANGE_LOG_YAML}\") | sort_keys(.)" "${CHART_FILE}"
else
echo "ERROR: Changelog file is empty: ${CHANGE_LOG_YAML}" 1>&2
exit 1
fi
rm "${CHANGE_LOG_YAML}"

View File

@@ -0,0 +1,32 @@
name: changelog
on:
push:
branches:
- main
jobs:
changelog:
runs-on: ubuntu-latest
container: docker.io/thegeeklab/git-sv:2.0.5
steps:
- name: install tools
run: |
apk add -q --update --no-cache nodejs curl jq sed
- uses: actions/checkout@v5
with:
fetch-depth: 0
- name: Generate upcoming changelog
run: |
git sv rn -o changelog.md
export RELEASE_NOTES=$(cat changelog.md)
export ISSUE_NUMBER=$(curl -s "https://gitea.com/api/v1/repos/gitea/helm-gitea/issues?state=open&q=Changelog%20for%20upcoming%20version" | jq '.[].number')
echo $RELEASE_NOTES
JSON_DATA=$(echo "" | jq -Rs --arg title 'Changelog for upcoming version' --arg body "$(cat changelog.md)" '{title: $title, body: $body}')
if [ -z "$ISSUE_NUMBER" ]; then
curl -s -X POST "https://gitea.com/api/v1/repos/gitea/helm-gitea/issues" -H "Authorization: token ${{ secrets.ISSUE_RW_TOKEN }}" -H "Content-Type: application/json" -d "$JSON_DATA"
else
curl -s -X PATCH "https://gitea.com/api/v1/repos/gitea/helm-gitea/issues/$ISSUE_NUMBER" -H "Authorization: token ${{ secrets.ISSUE_RW_TOKEN }}" -H "Content-Type: application/json" -d "$JSON_DATA"
fi

View File

@@ -0,0 +1,19 @@
name: commitlint
on:
pull_request:
branches:
- "*"
types:
- opened
- edited
jobs:
check-and-test:
runs-on: ubuntu-latest
container: commitlint/commitlint:19.9.1
steps:
- uses: actions/checkout@v5
- name: check PR title
run: |
echo "${{ gitea.event.pull_request.title }}" | commitlint --config .commitlintrc.json

View File

@@ -5,33 +5,51 @@ on:
tags: tags:
- "*" - "*"
env:
# renovate: datasource=docker depName=alpine/helm
HELM_VERSION: "3.15.1"
jobs: jobs:
generate-chart-publish: generate-chart-publish:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v5
- name: install tools with:
fetch-depth: 0
- name: Install packages via apt
run: | run: |
apt update -y apt update --yes
apt install -y curl ca-certificates curl gnupg apt install --yes curl ca-certificates curl gnupg jq
# helm
curl -O https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz - name: Install helm
tar -xzf helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz env:
mv linux-amd64/helm /usr/local/bin/ # renovate: datasource=docker depName=alpine/helm
rm -rf linux-amd64 helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz HELM_VERSION: "3.18.6"
run: |
curl --fail --location --output /dev/stdout --silent --show-error https://get.helm.sh/helm-v${HELM_VERSION}-linux-$(dpkg --print-architecture).tar.gz | tar --extract --gzip --file /dev/stdin
mv linux-$(dpkg --print-architecture)/helm /usr/local/bin/
rm --force --recursive linux-$(dpkg --print-architecture) helm-v${HELM_VERSION}-linux-$(dpkg --print-architecture).tar.gz
helm version helm version
# docker
- name: Install yq
env:
YQ_VERSION: v4.45.4 # renovate: datasource=github-releases depName=mikefarah/yq
run: |
curl --fail --location --output /dev/stdout --silent --show-error https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_$(dpkg --print-architecture).tar.gz | tar --extract --gzip --file /dev/stdin
mv yq_linux_$(dpkg --print-architecture) /usr/local/bin
rm --force --recursive yq_linux_$(dpkg --print-architecture) yq_linux_$(dpkg --print-architecture).tar.gz
yq --version
- name: Install docker-ce via apt
run: |
install -m 0755 -d /etc/apt/keyrings install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg curl --fail --location --silent --show-error https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update -y apt update --yes
apt install -y python3 python3-pip apt-transport-https docker-ce-cli apt install --yes python3 python3-pip apt-transport-https docker-ce-cli
pip install awscli
- name: Install awscli
run: |
pip install awscli --break-system-packages
aws --version
- name: Import GPG key - name: Import GPG key
id: import_gpg id: import_gpg
@@ -41,6 +59,15 @@ jobs:
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }} passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0 fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0
- name: Add Artifacthub.io annotations
run: |
NEW_TAG="$(git tag --sort=-version:refname | head --lines 1)"
OLD_TAG="$(git tag --sort=-version:refname | head --lines 2 | tail --lines 1)"
.gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}"
- name: Print Chart.yaml
run: cat Chart.yaml
# Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843 # Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
- name: package chart - name: package chart
run: | run: |
@@ -49,10 +76,9 @@ jobs:
helm plugin install https://github.com/pat-s/helm-gpg helm plugin install https://github.com/pat-s/helm-gpg
helm dependency build helm dependency build
helm package --version "${GITHUB_REF#refs/tags/v}" ./ helm package --version "${GITHUB_REF#refs/tags/v}" ./
helm gpg sign "gitea-${GITHUB_REF#refs/tags/v}.tgz"
mkdir gitea mkdir gitea
mv gitea*.tgz gitea/ mv gitea*.tgz gitea/
curl -s -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml curl --fail --location --output gitea/index.yaml --silent --show-error https://dl.gitea.com/charts/index.yaml
helm repo index gitea/ --url https://dl.gitea.com/charts --merge gitea/index.yaml helm repo index gitea/ --url https://dl.gitea.com/charts --merge gitea/index.yaml
# push to dockerhub # push to dockerhub
echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin
@@ -60,7 +86,7 @@ jobs:
helm registry logout registry-1.docker.io helm registry logout registry-1.docker.io
- name: aws credential configure - name: aws credential configure
uses: https://github.com/aws-actions/configure-aws-credentials@v4 uses: https://github.com/aws-actions/configure-aws-credentials@v5
with: with:
aws-access-key-id: ${{ secrets.AWS_KEY_ID }} aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -69,3 +95,29 @@ jobs:
- name: Copy files to S3 and clear cache - name: Copy files to S3 and clear cache
run: | run: |
aws s3 sync gitea/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/ aws s3 sync gitea/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/
release-gitea:
needs: generate-chart-publish
runs-on: ubuntu-latest
container: docker.io/thegeeklab/git-sv:2.0.5
steps:
- name: install tools
run: |
apk add -q --update --no-cache nodejs
- uses: actions/checkout@v5
with:
fetch-tags: true
fetch-depth: 0
- name: Create changelog
run: |
git sv current-version
git sv release-notes -t ${GITHUB_REF#refs/tags/} -o CHANGELOG.md
sed -i '1,2d' CHANGELOG.md # remove version
cat CHANGELOG.md
- name: Release
uses: https://github.com/akkuman/gitea-release-action@v1
with:
body_path: CHANGELOG.md
token: "${{ secrets.RELEASE_TOKEN }}"

View File

@@ -7,31 +7,35 @@ on:
push: push:
branches: branches:
- main - main
- "renovate/**"
env: env:
# renovate: datasource=github-releases depName=helm-unittest/helm-unittest # renovate: datasource=github-releases depName=helm-unittest/helm-unittest
HELM_UNITTEST_VERSION: "v0.5.1" HELM_UNITTEST_VERSION: "v1.0.1"
jobs: jobs:
check-and-test: check-and-test:
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: alpine/helm:3.15.1 container: alpine/helm:3.18.6
steps: steps:
- name: install tools - name: install tools
run: | run: |
apk update apk update
apk add --update make nodejs npm yamllint apk add --update bash make nodejs npm yamllint ncurses
- uses: actions/checkout@v4 - uses: actions/checkout@v5
- name: install chart dependencies - name: install chart dependencies
run: helm dependency build run: helm dependency build
- name: lint - name: lint
run: helm lint run: helm lint
- name: template - name: template
run: helm template --debug gitea-helm . run: helm template --debug gitea-helm .
- name: unit tests - name: prepare unit test environment
run: | run: |
helm plugin install --version ${{ env.HELM_UNITTEST_VERSION }} https://github.com/helm-unittest/helm-unittest helm plugin install --version ${{ env.HELM_UNITTEST_VERSION }} https://github.com/helm-unittest/helm-unittest
git submodule update --init --recursive
- name: unit tests
env:
TERM: xterm
run: |
make unittests make unittests
- name: verify readme - name: verify readme
run: | run: |

12
.gitmodules vendored Normal file
View File

@@ -0,0 +1,12 @@
[submodule "unittests/bash/bats"]
path = unittests/bash/bats
url = https://github.com/bats-core/bats-core.git
[submodule "unittests/bash/test_helper/bats-support"]
path = unittests/bash/test_helper/bats-support
url = https://github.com/bats-core/bats-support.git
[submodule "unittests/bash/test_helper/bats-assert"]
path = unittests/bash/test_helper/bats-assert
url = https://github.com/bats-core/bats-assert.git
[submodule "unittests/bash/test_helper/bats-mock"]
path = unittests/bash/test_helper/bats-mock
url = https://github.com/jasonkarns/bats-mock.git

57
.gitsv/config.yaml Normal file
View File

@@ -0,0 +1,57 @@
version: '1.1' # Configuration version.
versioning:
update-major: [breaking] # Commit types used to bump major.
update-minor: [feat, perf] # Commit types used to bump minor.
update-patch: [build, ci, chore, fix, perf, refactor, test] # Commit types used to bump patch.
# When type is not present on update rules and is unknown (not mapped on commit message types);
# if ignore-unknown=false bump patch, if ignore-unknown=true do not bump version.
ignore-unknown: false
tag:
pattern: 'v%d.%d.%d' # Pattern used to create git tag.
filter: '' # Enables you to filter for considerable tags using git pattern syntax.
release-notes:
sections: # Array with each section of release note. Check template section for more information.
- name: Breaking Changes
section-type: breaking-changes
- name: Features # Name used on section.
section-type: commits # Type of the section, supported types: commits, breaking-changes.
commit-types: [feat, perf] # Commit types for commit section-type, one commit type cannot be in more than one section.
- name: Bug Fixes
section-type: commits
commit-types: [fix]
- name: Maintenance
section-type: commits
commit-types: [chore, refactor]
- name: Documentation
commit-types: [docs]
section-type: commits
- name: CI
commit-types: [ci]
section-type: commits
branches: # Git branches config.
prefix: ([a-z]+\/)? # Prefix used on branch name, it should be a regex group.
suffix: (-.*)? # Suffix used on branch name, it should be a regex group.
disable-issue: false # Set true if there is no need to recover issue id from branch name.
skip: [] # List of branch names ignored on commit message validation.
skip-detached: false # Set true if a detached branch should be ignored on commit message validation.
commit-message:
# Supported commit types.
types: [build, ci, chore, docs, feat, fix, perf, refactor, revert, style, test]
header-selector: '' # You can put in a regex here to select only a certain part of the commit message. Please define a regex group 'header'.
scope:
# Define supported scopes, if blank, scope will not be validated, if not, only scope listed will be valid.
# Don't forget to add "" on your list if you need to define scopes and keep it optional.
values: []
footer:
issue: # Use "issue: {}" if you wish to disable issue footer.
key: jira # Name used to define an issue on footer metadata.
key-synonyms: [Jira, JIRA] # Supported variations for footer metadata.
use-hash: false # If false, use :<space> separator. If true, use <space># separator.
add-value-prefix: '' # Add a prefix to issue value.
issue:
regex: '[A-Z]+-[0-9]+' # Regex for issue id.

View File

@@ -5,6 +5,7 @@
# Common VCS dirs # Common VCS dirs
.git/ .git/
.gitignore .gitignore
.gitmodules
.bzr/ .bzr/
.bzrignore .bzrignore
.hg/ .hg/
@@ -31,3 +32,10 @@ Makefile
.drone.yml .drone.yml
CONTRIBUTING.md CONTRIBUTING.md
unittests/ unittests/
.editorconfig
.prettierignore
.yamllint
CODEOWNERS
renovate.json5
.commitlintrc.json
.gitsv/

View File

@@ -129,6 +129,7 @@ MD041:
MD044: MD044:
# List of proper names # List of proper names
names: names:
- docker.gitea.com
- Gitea - Gitea
- PostgreSQL - PostgreSQL
- Memcached - Memcached

View File

@@ -3,6 +3,7 @@
"yzhang.markdown-all-in-one", "yzhang.markdown-all-in-one",
"DavidAnson.vscode-markdownlint", "DavidAnson.vscode-markdownlint",
"Tim-Koehler.helm-intellisense", "Tim-Koehler.helm-intellisense",
"esbenp.prettier-vscode" "esbenp.prettier-vscode",
"jetmartin.bats"
] ]
} }

11
.vscode/settings.json vendored
View File

@@ -1,8 +1,15 @@
{ {
"yaml.schemas": { "yaml.schemas": {
"https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.5.1/schema/helm-testsuite.json": [ "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v1.0.1/schema/helm-testsuite.json": [
"/unittests/**/*.yaml" "/unittests/**/*.yaml"
] ]
}, },
"yaml.schemaStore.enable": true "yaml.schemaStore.enable": true,
"[bats]": {
"editor.tabSize": 2
},
"[shellscript]": {
"files.eol": "\n",
"editor.tabSize": 2
}
} }

View File

@@ -5,7 +5,7 @@ ignore: |
.yamllint .yamllint
node_modules node_modules
templates templates
unittests/bash
rules: rules:
truthy: truthy:

View File

@@ -1 +1 @@
* @justusbunsi @pat-s * @rossigee @volker.raschek @ChristopherHX

View File

@@ -29,6 +29,7 @@ When submitting or updating a PR:
- try to avoid rebases. They make code reviews for large PRs and comments much harder. - try to avoid rebases. They make code reviews for large PRs and comments much harder.
- if applicable, use the PR template for a well-defined PR description. - if applicable, use the PR template for a well-defined PR description.
- clearly mark breaking changes. - clearly mark breaking changes.
- format the PR title following the [conventional commits](https://www.conventionalcommits.org/en/v1.0.0/#specification) schema
## Local development & testing ## Local development & testing
@@ -37,7 +38,7 @@ be used:
1. Install `minikube` and `helm`. 1. Install `minikube` and `helm`.
1. Start a `minikube` cluster via `minikube start`. 1. Start a `minikube` cluster via `minikube start`.
1. From the `gitea/helm-chart` directory execute the following command. 1. From the `gitea/helm-gitea` directory execute the following command.
This will install the dependencies listed in `Chart.yml` and deploy the current state of the helm chart found locally. This will install the dependencies listed in `Chart.yml` and deploy the current state of the helm chart found locally.
If you want to test a branch, make sure to switch to the respective branch first. If you want to test a branch, make sure to switch to the respective branch first.
`helm install --dependency-update gitea . -f values.yaml`. `helm install --dependency-update gitea . -f values.yaml`.
@@ -48,18 +49,32 @@ default port-forward svc/gitea-http 3000:3000`.
### Unit tests ### Unit tests
#### Helm templating tests
```bash ```bash
# install the unittest plugin # install the unittest plugin
$ helm plugin install https://github.com/helm-unittest/helm-unittest $ helm plugin install https://github.com/helm-unittest/helm-unittest
# run the unittests # run the Helm unittests
make unittests make unittests-helm
``` ```
See [plugin documentation](https://github.com/helm-unittest/helm-unittest/blob/main/DOCUMENT.md) for usage instructions. See [plugin documentation](https://github.com/helm-unittest/helm-unittest/blob/main/DOCUMENT.md) for usage instructions.
#### Bash script tests
```bash
# setup the environment
git submodule update --init --recursive
# run the bash tests
make unittests-bash
```
See [bats documentation](https://bats-core.readthedocs.io/en/stable/) for usage instructions.
## Release process ## Release process
1. Create a tag following the tagging schema 1. Ensure you have [`git-sv`](https://github.com/thegeeklab/git-sv) installed
1. Push the tag 1. Run `git sv tag` (this creates and pushes the tag following the respective next tag according to the semver commits issued since the last release)
1. Let CI do it's work 1. Let CI do it's work

View File

@@ -1,12 +1,15 @@
dependencies: dependencies:
- name: postgresql - name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 15.5.0 version: 16.7.27
- name: postgresql-ha - name: postgresql-ha
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 14.1.3 version: 16.3.2
- name: redis-cluster - name: valkey-cluster
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 10.2.0 version: 3.0.24
digest: sha256:f7feb678e253951354014684cca973ce7656aa8fd812e627534257dad7765069 - name: valkey
generated: "2024-06-01T00:49:20.470701261Z" repository: oci://registry-1.docker.io/bitnamicharts
version: 3.0.31
digest: sha256:ceb6a1890cfdc2627abb85d3e2a4baa64d30afd21dcfabce978a824a67f0a2bb
generated: "2025-08-30T00:03:04.59764502Z"

View File

@@ -3,7 +3,8 @@ name: gitea
description: Gitea Helm chart for Kubernetes description: Gitea Helm chart for Kubernetes
type: application type: application
version: 0.0.0 version: 0.0.0
appVersion: 1.22.0 # renovate datasource=github-releases depName=go-gitea/gitea extractVersion=^v(?<version>.*)$
appVersion: 1.24.6
icon: https://gitea.com/assets/img/logo.svg icon: https://gitea.com/assets/img/logo.svg
keywords: keywords:
@@ -14,36 +15,44 @@ keywords:
- gitea - gitea
- gogs - gogs
sources: sources:
- https://gitea.com/gitea/helm-chart - https://gitea.com/gitea/helm-gitea
- https://github.com/go-gitea/gitea - https://github.com/go-gitea/gitea
- https://hub.docker.com/r/gitea/gitea/ - https://docker.gitea.com/gitea
maintainers: maintainers:
- name: Charlie Drage # https://gitea.com/rossigee
email: charlie@charliedrage.com - name: Ross Golder
- name: Gitea Authors email: ross@golder.org
email: maintainers@gitea.io
- name: Konrad Lother # https://gitea.com/volker.raschek
email: konrad.lother@novum-rgi.de - name: Markus Pesch
- name: Lucas Hahn email: markus.pesch+apps@cryptic.systems
email: lucas.hahn@novum-rgi.de
- name: Steven Kriegler # https://gitea.com/DaanSelen
email: sk.bunsenbrenner@gmail.com - name: Daan Selen
- name: Patrick Schratz email: dselen@nerthus.nl
email: patrick.schratz@gmail.com
# https://gitea.com/ChristopherHX
- name: Christopher Homberger
email: christopher.homberger@web.de
dependencies: dependencies:
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql # https://github.com/bitnami/charts/blob/main/bitnami/postgresql
- name: postgresql - name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 15.5.0 version: 16.7.27
condition: postgresql.enabled condition: postgresql.enabled
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml
- name: postgresql-ha - name: postgresql-ha
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 14.1.3 version: 16.3.2
condition: postgresql-ha.enabled condition: postgresql-ha.enabled
# https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml # https://github.com/bitnami/charts/blob/main/bitnami/valkey-cluster/Chart.yaml
- name: redis-cluster - name: valkey-cluster
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 10.2.0 version: 3.0.24
condition: redis-cluster.enabled condition: valkey-cluster.enabled
# https://github.com/bitnami/charts/blob/main/bitnami/valkey/Chart.yaml
- name: valkey
repository: oci://registry-1.docker.io/bitnamicharts
version: 3.0.31
condition: valkey.enabled

View File

@@ -1,3 +1,5 @@
SHELL := /usr/bin/env bash -O globstar
.PHONY: prepare-environment .PHONY: prepare-environment
prepare-environment: prepare-environment:
npm install npm install
@@ -8,8 +10,15 @@ readme: prepare-environment
npm run readme:lint npm run readme:lint
.PHONY: unittests .PHONY: unittests
unittests: unittests: unittests-helm unittests-bash
helm unittest --strict -f 'unittests/**/*.yaml' -f 'unittests/dependency-major-image-check.yaml' ./
.PHONY: unittests-helm
unittests-helm:
helm unittest --strict -f 'unittests/helm/**/*.yaml' -f 'unittests/helm/values-conflicting-checks.yaml' ./
.PHONY: unittests-bash
unittests-bash:
./unittests/bash/bats/bin/bats --pretty ./unittests/bash/tests/**/*.bats
.PHONY: helm .PHONY: helm
update-helm-dependencies: update-helm-dependencies:

360
README.md
View File

@@ -8,6 +8,7 @@
- [Dependency Versioning](#dependency-versioning) - [Dependency Versioning](#dependency-versioning)
- [Installing](#installing) - [Installing](#installing)
- [High Availability](#high-availability) - [High Availability](#high-availability)
- [Limit resources](#limit-resources)
- [Configuration](#configuration) - [Configuration](#configuration)
- [Default Configuration](#default-configuration) - [Default Configuration](#default-configuration)
- [Database defaults](#database-defaults) - [Database defaults](#database-defaults)
@@ -30,7 +31,9 @@
- [OAuth2 Settings](#oauth2-settings) - [OAuth2 Settings](#oauth2-settings)
- [Configure commit signing](#configure-commit-signing) - [Configure commit signing](#configure-commit-signing)
- [Metrics and profiling](#metrics-and-profiling) - [Metrics and profiling](#metrics-and-profiling)
- [Secure Metrics Endpoint](#secure-metrics-endpoint)
- [Pod annotations](#pod-annotations) - [Pod annotations](#pod-annotations)
- [TLS certificate rotation](#tls-certificate-rotation)
- [Themes](#themes) - [Themes](#themes)
- [Renovate](#renovate) - [Renovate](#renovate)
- [Parameters](#parameters) - [Parameters](#parameters)
@@ -49,7 +52,8 @@
- [LivenessProbe](#livenessprobe) - [LivenessProbe](#livenessprobe)
- [ReadinessProbe](#readinessprobe) - [ReadinessProbe](#readinessprobe)
- [StartupProbe](#startupprobe) - [StartupProbe](#startupprobe)
- [redis-cluster](#redis-cluster) - [valkey-cluster](#valkey-cluster)
- [valkey](#valkey)
- [PostgreSQL HA](#postgresql-ha) - [PostgreSQL HA](#postgresql-ha)
- [PostgreSQL](#postgresql) - [PostgreSQL](#postgresql)
- [Advanced](#advanced) - [Advanced](#advanced)
@@ -68,7 +72,7 @@ Additionally, this chart allows to provide LDAP and admin user configuration wit
## Update and versioning policy ## Update and versioning policy
The Gitea helm chart versioning does not follow Gitea's versioning. The Gitea helm chart versioning does not follow Gitea's versioning.
The latest chart version can be looked up in [https://dl.gitea.com/charts](https://dl.gitea.com/charts) or in the [repository releases](https://gitea.com/gitea/helm-chart/releases). The latest chart version can be looked up in [https://dl.gitea.com/charts](https://dl.gitea.com/charts) or in the [repository releases](https://gitea.com/gitea/helm-gitea/releases).
The chart aims to follow Gitea's releases closely. The chart aims to follow Gitea's releases closely.
There might be times when the chart is behind the latest Gitea release. There might be times when the chart is behind the latest Gitea release.
@@ -92,13 +96,14 @@ Users can also configure their own external providers via the configuration.
These dependencies are enabled by default: These dependencies are enabled by default:
- PostgreSQL HA ([Bitnami PostgreSQL-HA](https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml)) - PostgreSQL HA ([Bitnami PostgreSQL-HA](https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml))
- Redis-Cluster ([Bitnami Redis-Cluster](https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml)) - Valkey-Cluster ([Bitnami Valkey-Cluster](https://github.com/bitnami/charts/blob/main/bitnami/valkey-cluster/Chart.yaml))
### Non-HA Dependencies ### Non-HA Dependencies
Alternatively, the following non-HA replacements are available: Alternatively, the following non-HA replacements are available:
- PostgreSQL ([Bitnami PostgreSQL](postgresql](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml))) - PostgreSQL ([Bitnami PostgreSQL](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml))
- Valkey ([Bitnami Valkey](https://github.com/bitnami/charts/blob/main/bitnami/valkey/Chart.yaml))
### Dependency Versioning ### Dependency Versioning
@@ -116,7 +121,8 @@ Please double-check the image repository and available tags in the sub-chart:
- [PostgreSQL-HA](https://hub.docker.com/r/bitnami/postgresql-repmgr/tags) - [PostgreSQL-HA](https://hub.docker.com/r/bitnami/postgresql-repmgr/tags)
- [PostgreSQL](https://hub.docker.com/r/bitnami/postgresql/tags) - [PostgreSQL](https://hub.docker.com/r/bitnami/postgresql/tags)
- [Redis Cluster](https://hub.docker.com/r/bitnami/redis-cluster/tags) - [Valkey Cluster](https://hub.docker.com/r/bitnami/valkey-cluster/tags)
- [Valkey](https://hub.docker.com/r/bitnami/valkey/tags)
and look up the image tag which fits your needs on Dockerhub. and look up the image tag which fits your needs on Dockerhub.
@@ -134,6 +140,12 @@ Alternatively, the chart can also be installed from Dockerhub (since v9.6.0)
helm install gitea oci://registry-1.docker.io/giteacharts/gitea helm install gitea oci://registry-1.docker.io/giteacharts/gitea
``` ```
To avoid potential Dockerhub rate limits, the chart can also be installed via [docker.gitea.com](https://blog.gitea.com/docker-registry-update/) (since v9.6.0)
```sh
helm install gitea oci://docker.gitea.com/charts/gitea
```
When upgrading, please refer to the [Upgrading](#upgrading) section at the bottom of this document for major and breaking changes. When upgrading, please refer to the [Upgrading](#upgrading) section at the bottom of this document for major and breaking changes.
## High Availability ## High Availability
@@ -144,6 +156,44 @@ Care must be taken for production use as not all implementation details of Gitea
Deploying a HA-ready Gitea instance requires some effort including using HA-ready dependencies. Deploying a HA-ready Gitea instance requires some effort including using HA-ready dependencies.
See the [HA Setup](docs/ha-setup.md) document for more details. See the [HA Setup](docs/ha-setup.md) document for more details.
## Limit resources
If the application is deployed with a CPU resource limit, Prometheus may throw a CPU throttling warning for the
application. This has more or less to do with the fact that the application finds the number of CPUs of the host, but
cannot use the available CPU time to perform computing operations.
The application must be informed that despite several CPUs only a part (limit) of the available computing time is
available. As this is a Golang application, this can be implemented using `GOMAXPROCS`. The following example is one way
of defining `GOMAXPROCS` automatically based on the defined CPU limit like `1000m`. Please keep in mind, that the CFS
rate of `100ms` - default on each kubernetes node, is also very important to avoid CPU throttling.
Further information about this topic can be found [under this link](https://kanishk.io/posts/cpu-throttling-in-containerized-go-apps/).
> [!NOTE]
> The environment variable `GOMAXPROCS` is set automatically, when a CPU limit is defined. An explicit configuration is
> not anymore required.
>
> Please note that a CPU limit < `1000m` can also lead to CPU throttling. Please read the linked documentation carefully.
```yaml
deployment:
env:
# Will be automatically defined!
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: "1" # Is required for GitDevOps systems like ArgoCD/Flux. Otherwise throw the system a diff error. (k8s-default=1)
resource: limits.cpu
resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 100m
memory: 512Mi
```
## Configuration ## Configuration
Gitea offers lots of configuration options. Gitea offers lots of configuration options.
@@ -232,27 +282,29 @@ If `.Values.image.rootless: true`, then the following will occur. In case you us
#### Session, Cache and Queue #### Session, Cache and Queue
The session, cache and queue settings are set to use the built-in Redis Cluster sub-chart dependency. The session, cache and queue settings are set to use the built-in Valkey Cluster sub-chart dependency.
If Redis Cluster is disabled, the chart will fall back to the Gitea defaults which use "memory" for `session` and `cache` and "level" for `queue`. If Valkey Cluster is disabled, the chart will fall back to the Gitea defaults which use "memory" for `session` and `cache` and "level" for `queue`.
While these will work and even not cause immediate issues after startup, **they are not recommended for production use**. While these will work and even not cause immediate issues after startup, **they are not recommended for production use**.
Reasons being that a single pod will take on all the work for `session` and `cache` tasks in its available memory. Reasons being that a single pod will take on all the work for `session` and `cache` tasks in its available memory.
It is likely that the pod will run out of memory or will face substantial memory spikes, depending on the workload. It is likely that the pod will run out of memory or will face substantial memory spikes, depending on the workload.
External tools such as `redis-cluster` or `memcached` handle these workloads much better. External tools such as `valkey-cluster` or `memcached` handle these workloads much better.
### Single-Pod Configurations ### Single-Pod Configurations
If HA is not needed/desired, the following configurations can be used to deploy a single-pod Gitea instance. If HA is not needed/desired, the following configurations can be used to deploy a single-pod Gitea instance.
1. For a production-ready single-pod Gitea instance without external dependencies (using the chart dependency `postgresql`): 1. For a production-ready single-pod Gitea instance without external dependencies (using the chart dependency `postgresql` and `valkey`):
<details> <details>
<summary>values.yml</summary> <summary>values.yml</summary>
```yaml ```yaml
redis-cluster: valkey-cluster:
enabled: false enabled: false
valkey:
enabled: true
postgresql: postgresql:
enabled: true enabled: true
postgresql-ha: postgresql-ha:
@@ -265,12 +317,6 @@ If HA is not needed/desired, the following configurations can be used to deploy
config: config:
database: database:
DB_TYPE: postgres DB_TYPE: postgres
session:
PROVIDER: db
cache:
ADAPTER: memory
queue:
TYPE: level
indexer: indexer:
ISSUE_INDEXER_TYPE: bleve ISSUE_INDEXER_TYPE: bleve
REPO_INDEXER_ENABLED: true REPO_INDEXER_ENABLED: true
@@ -288,7 +334,9 @@ If HA is not needed/desired, the following configurations can be used to deploy
<summary>values.yml</summary> <summary>values.yml</summary>
```yaml ```yaml
redis-cluster: valkey-cluster:
enabled: false
valkey:
enabled: false enabled: false
postgresql: postgresql:
enabled: false enabled: false
@@ -419,6 +467,9 @@ gitea:
postgresql: postgresql:
enabled: false enabled: false
postgresql-ha:
enabled: false
``` ```
### Ports and external url ### Ports and external url
@@ -483,20 +534,23 @@ and the repository exists.
``` ```
To solve this problem add the capability `SYS_CHROOT` to the `securityContext`. To solve this problem add the capability `SYS_CHROOT` to the `securityContext`.
More about this issue [here](https://gitea.com/gitea/helm-chart/issues/161). More about this issue [under this link](https://gitea.com/gitea/helm-gitea/issues/161).
### Cache ### Cache
The cache handling is done via `redis-cluster` (via the `bitnami` chart) by default. The cache handling is done via `valkey-cluster` (via the `bitnami` chart) by default.
This deployment is HA-ready but can also be used for single-pod deployments. This deployment is HA-ready but can also be used for single-pod deployments.
By default, 6 replicas are deployed for a working `redis-cluster` deployment. By default, 6 replicas are deployed for a working `valkey-cluster` deployment.
Many cloud providers offer a managed redis service, which can be used instead of the built-in `redis-cluster`. Many cloud providers offer a managed valkey service, which can be used instead of the built-in `valkey-cluster`.
```yaml ```yaml
redis-cluster: valkey-cluster:
enabled: true enabled: true
``` ```
⚠️ The valkey charts [do not work well with special characters in the password](https://gitea.com/gitea/helm-chart/issues/690).
Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed.
### Persistence ### Persistence
Gitea will be deployed as a deployment. Gitea will be deployed as a deployment.
@@ -530,7 +584,7 @@ You can interact with the postgres settings as displayed in the following exampl
postgresql: postgresql:
persistence: persistence:
enabled: true enabled: true
claimName: MyAwesomeGiteaPostgresClaim existingClaim: MyAwesomeGiteaPostgresClaim
``` ```
### Admin User ### Admin User
@@ -568,6 +622,20 @@ gitea:
existingSecret: gitea-admin-secret existingSecret: gitea-admin-secret
``` ```
Whether you use the existing Secret or specify a user name and password, there are three modes for how the admin user password is created or set.
- `keepUpdated` (the default) will set the admin user password, and reset it to the defined value every time the pod is recreated.
- `initialOnlyNoReset` will set the admin user password when creating it, but never try to update the password.
- `initialOnlyRequireReset` will set the admin user password when creating it, never update it, and require that the password be changed at the initial login.
These modes can be set like the following:
```yaml
gitea:
admin:
passwordMode: initialOnlyRequireReset
```
### LDAP Settings ### LDAP Settings
Like the admin user the LDAP settings can be updated. Like the admin user the LDAP settings can be updated.
@@ -626,7 +694,7 @@ Affected options:
Like the admin user, OAuth2 settings can be updated and disabled but not deleted. Like the admin user, OAuth2 settings can be updated and disabled but not deleted.
Deleting OAuth2 settings has to be done in the ui. Deleting OAuth2 settings has to be done in the ui.
All OAuth2 values, which are documented [here](https://docs.gitea.com/administration/command-line#admin), are All OAuth2 values, which are documented [under this link](https://docs.gitea.com/administration/command-line#admin), are
available. available.
Multiple OAuth2 sources can be configured with additional OAuth list items. Multiple OAuth2 sources can be configured with additional OAuth list items.
@@ -671,7 +739,7 @@ gitea:
When using the rootless image the gpg key folder is not persistent by default. When using the rootless image the gpg key folder is not persistent by default.
If you consider using signed commits for internal Gitea activities (e.g. initial commit), you'd need to provide a signing key. If you consider using signed commits for internal Gitea activities (e.g. initial commit), you'd need to provide a signing key.
Prior to [PR186](https://gitea.com/gitea/helm-chart/pulls/186), imported keys had to be re-imported once the container got replaced by another. Prior to [PR186](https://gitea.com/gitea/helm-gitea/pulls/186), imported keys had to be re-imported once the container got replaced by another.
The mentioned PR introduced a new configuration object `signing` allowing you to configure prerequisites for commit signing. The mentioned PR introduced a new configuration object `signing` allowing you to configure prerequisites for commit signing.
By default this section is disabled to maintain backwards compatibility. By default this section is disabled to maintain backwards compatibility.
@@ -725,6 +793,21 @@ gitea:
ENABLE_PPROF: true ENABLE_PPROF: true
``` ```
### Secure Metrics Endpoint
Metrics endpoint `/metrics` can be secured by using `Bearer` token authentication.
**Note:** Providing non-empty `TOKEN` value will also require authentication for `ServiceMonitor`.
```yaml
gitea:
metrics:
token: "secure-token"
enabled: true
serviceMonitor:
enabled: true
```
## Pod annotations ## Pod annotations
Annotations can be added to the Gitea pod. Annotations can be added to the Gitea pod.
@@ -734,6 +817,31 @@ gitea:
podAnnotations: {} podAnnotations: {}
``` ```
## TLS certificate rotation
If Gitea uses TLS certificates that are mounted as a secret in the container file system, Gitea will not automatically apply them when the TLS certificates are rotated.
Such a rotation can be for example triggered, when the cert-manager issues new TLS certificates before expiring. Further information is described as GitHub
[issue](https://github.com/go-gitea/gitea/issues/27962).
Until the issue is present, a workaround can be applied.
For example stakater's [reloader](https://github.com/stakater/Reloader) controller can be used to trigger a rolling update.
The following annotation must be added to instruct the reloader controller to trigger a rolling update, when the mounted `configMaps` and `secrets` have been changed.
```yaml
deployment:
annotations:
reloader.stakater.com/auto: "true"
```
Instead of triggering a rolling update for configMap and secret resources, this action can also be defined for individual items.
For example, when the secret named `gitea-tls` is mounted and the reloader controller should only listen for changes of this secret:
```yaml
deployment:
annotations:
secret.reloader.stakater.com/reload: "gitea-tls"
```
## Themes ## Themes
Custom themes can be added via k8s secrets and referencing them in `values.yaml`. Custom themes can be added via k8s secrets and referencing them in `values.yaml`.
@@ -834,13 +942,14 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
### Global ### Global
| Name | Description | Value | | Name | Description | Value |
| ------------------------- | ------------------------------------------------------------------------- | ----- | | ------------------------- | ---------------------------------------------------------------------------------------------- | ----- |
| `global.imageRegistry` | global image registry override | `""` | | `global.imageRegistry` | global image registry override | `""` |
| `global.imagePullSecrets` | global image pull secrets override; can be extended by `imagePullSecrets` | `[]` | | `global.imagePullSecrets` | global image pull secrets override; can be extended by `imagePullSecrets` | `[]` |
| `global.storageClass` | global storage class override | `""` | | `global.storageClass` | global storage class override | `""` |
| `global.hostAliases` | global hostAliases which will be added to the pod's hosts files | `[]` | | `global.hostAliases` | global hostAliases which will be added to the pod's hosts files | `[]` |
| `replicaCount` | number of replicas for the deployment | `1` | | `namespace` | An explicit namespace to deploy Gitea into. Defaults to the release namespace if not specified | `""` |
| `replicaCount` | number of replicas for the deployment | `1` |
### strategy ### strategy
@@ -853,16 +962,16 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
### Image ### Image
| Name | Description | Value | | Name | Description | Value |
| -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | | -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ |
| `image.registry` | image registry, e.g. gcr.io,docker.io | `""` | | `image.registry` | image registry, e.g. gcr.io,docker.io | `docker.gitea.com` |
| `image.repository` | Image to start for this pod | `gitea/gitea` | | `image.repository` | Image to start for this pod | `gitea` |
| `image.tag` | Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml. | `""` | | `image.tag` | Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml. | `""` |
| `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | | `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` | | `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `true` | | `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `true` |
| `image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** | `""` | | `image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** | `""` |
| `imagePullSecrets` | Secret to use for pulling the image | `[]` | | `imagePullSecrets` | Secret to use for pulling the image | `[]` |
### Security ### Security
@@ -889,6 +998,7 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
| `service.http.loadBalancerSourceRanges` | Source range filter for http loadbalancer | `[]` | | `service.http.loadBalancerSourceRanges` | Source range filter for http loadbalancer | `[]` |
| `service.http.annotations` | HTTP service annotations | `{}` | | `service.http.annotations` | HTTP service annotations | `{}` |
| `service.http.labels` | HTTP service additional labels | `{}` | | `service.http.labels` | HTTP service additional labels | `{}` |
| `service.http.loadBalancerClass` | Loadbalancer class | `nil` |
| `service.ssh.type` | Kubernetes service type for ssh traffic | `ClusterIP` | | `service.ssh.type` | Kubernetes service type for ssh traffic | `ClusterIP` |
| `service.ssh.port` | Port number for ssh traffic | `22` | | `service.ssh.port` | Port number for ssh traffic | `22` |
| `service.ssh.clusterIP` | ClusterIP setting for ssh autosetup for deployment is None | `None` | | `service.ssh.clusterIP` | ClusterIP setting for ssh autosetup for deployment is None | `None` |
@@ -902,19 +1012,19 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
| `service.ssh.loadBalancerSourceRanges` | Source range filter for ssh loadbalancer | `[]` | | `service.ssh.loadBalancerSourceRanges` | Source range filter for ssh loadbalancer | `[]` |
| `service.ssh.annotations` | SSH service annotations | `{}` | | `service.ssh.annotations` | SSH service annotations | `{}` |
| `service.ssh.labels` | SSH service additional labels | `{}` | | `service.ssh.labels` | SSH service additional labels | `{}` |
| `service.ssh.loadBalancerClass` | Loadbalancer class | `nil` |
### Ingress ### Ingress
| Name | Description | Value | | Name | Description | Value |
| ------------------------------------ | --------------------------------------------------------------------------- | ----------------- | | -------------------------------- | ------------------------------- | ----------------- |
| `ingress.enabled` | Enable ingress | `false` | | `ingress.enabled` | Enable ingress | `false` |
| `ingress.className` | Ingress class name | `nil` | | `ingress.className` | DEPRECATED: Ingress class name. | `""` |
| `ingress.annotations` | Ingress annotations | `{}` | | `ingress.pathType` | Ingress Path Type | `Prefix` |
| `ingress.hosts[0].host` | Default Ingress host | `git.example.com` | | `ingress.annotations` | Ingress annotations | `{}` |
| `ingress.hosts[0].paths[0].path` | Default Ingress path | `/` | | `ingress.hosts[0].host` | Default Ingress host | `git.example.com` |
| `ingress.hosts[0].paths[0].pathType` | Ingress path type | `Prefix` | | `ingress.hosts[0].paths[0].path` | Default Ingress path | `/` |
| `ingress.tls` | Ingress tls settings | `[]` | | `ingress.tls` | Ingress tls settings | `[]` |
| `ingress.apiVersion` | Specify APIVersion of ingress object. Mostly would only be used for argocd. | |
### deployment ### deployment
@@ -959,6 +1069,9 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
| `persistence.storageClass` | Name of the storage class to use | `nil` | | `persistence.storageClass` | Name of the storage class to use | `nil` |
| `persistence.subPath` | Subdirectory of the volume to mount at | `nil` | | `persistence.subPath` | Subdirectory of the volume to mount at | `nil` |
| `persistence.volumeName` | Name of persistent volume in PVC | `""` | | `persistence.volumeName` | Name of persistent volume in PVC | `""` |
| `extraContainers` | Additional sidecar containers to run in the pod | `[]` |
| `preExtraInitContainers` | Additional init containers to run in the pod before Gitea runs it owns init containers. | `[]` |
| `postExtraInitContainers` | Additional init containers to run in the pod after Gitea runs it owns init containers. | `[]` |
| `extraVolumes` | Additional volumes to mount to the Gitea deployment | `[]` | | `extraVolumes` | Additional volumes to mount to the Gitea deployment | `[]` |
| `extraContainerVolumeMounts` | Mounts that are only mapped into the Gitea runtime/main container, to e.g. override custom templates. | `[]` | | `extraContainerVolumeMounts` | Mounts that are only mapped into the Gitea runtime/main container, to e.g. override custom templates. | `[]` |
| `extraInitVolumeMounts` | Mounts that are only mapped into the init-containers. Can be used for additional preconfiguration. | `[]` | | `extraInitVolumeMounts` | Mounts that are only mapped into the init-containers. Can be used for additional preconfiguration. | `[]` |
@@ -966,12 +1079,13 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
### Init ### Init
| Name | Description | Value | | Name | Description | Value |
| ------------------------------------------ | ------------------------------------------------------------------------------------ | ------- | | ------------------------------------------ | ------------------------------------------------------------------------------------ | ------------ |
| `initPreScript` | Bash shell script copied verbatim to the start of the init-container. | `""` | | `initPreScript` | Bash shell script copied verbatim to the start of the init-container. | `""` |
| `initContainers.resources.limits` | initContainers.limits Kubernetes resource limits for init containers | `{}` | | `initContainersScriptsVolumeMountPath` | Path to mount the scripts consumed from the Secrets | `/usr/sbinx` |
| `initContainers.resources.requests.cpu` | initContainers.requests.cpu Kubernetes cpu resource limits for init containers | `100m` | | `initContainers.resources.limits` | initContainers.limits Kubernetes resource limits for init containers | `{}` |
| `initContainers.resources.requests.memory` | initContainers.requests.memory Kubernetes memory resource limits for init containers | `128Mi` | | `initContainers.resources.requests.cpu` | initContainers.requests.cpu Kubernetes cpu resource limits for init containers | `100m` |
| `initContainers.resources.requests.memory` | initContainers.requests.memory Kubernetes memory resource limits for init containers | `128Mi` |
### Signing ### Signing
@@ -984,22 +1098,29 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
### Gitea ### Gitea
| Name | Description | Value | | Name | Description | Value |
| -------------------------------------- | ------------------------------------------------------------------------- | -------------------- | | -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | -------------------- |
| `gitea.admin.username` | Username for the Gitea admin user | `gitea_admin` | | `gitea.admin.username` | Username for the Gitea admin user | `gitea_admin` |
| `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` | | `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` |
| `gitea.admin.password` | Password for the Gitea admin user | `r8sA8CPHD9!bt6d` | | `gitea.admin.password` | Password for the Gitea admin user | `r8sA8CPHD9!bt6d` |
| `gitea.admin.email` | Email for the Gitea admin user | `gitea@local.domain` | | `gitea.admin.email` | Email for the Gitea admin user | `gitea@local.domain` |
| `gitea.metrics.enabled` | Enable Gitea metrics | `false` | | `gitea.admin.passwordMode` | Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated | `keepUpdated` |
| `gitea.metrics.serviceMonitor.enabled` | Enable Gitea metrics service monitor | `false` | | `gitea.metrics.enabled` | Enable Gitea metrics | `false` |
| `gitea.ldap` | LDAP configuration | `[]` | | `gitea.metrics.token` | used for `bearer` token authentication on metrics endpoint. If not specified or empty metrics endpoint is public. | `nil` |
| `gitea.oauth` | OAuth configuration | `[]` | | `gitea.metrics.serviceMonitor.enabled` | Enable Gitea metrics service monitor. Requires, that `gitea.metrics.enabled` is also set to true, to enable metrics generally. | `false` |
| `gitea.config.server.SSH_PORT` | SSH port for rootlful Gitea image | `22` | | `gitea.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `""` |
| `gitea.config.server.SSH_LISTEN_PORT` | SSH port for rootless Gitea image | `2222` | | `gitea.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. | `[]` |
| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` | | `gitea.metrics.serviceMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. Default is http. | `""` |
| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` | | `gitea.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `""` |
| `gitea.podAnnotations` | Annotations for the Gitea pod | `{}` | | `gitea.metrics.serviceMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` |
| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Gitea image. | `INFO` | | `gitea.ldap` | LDAP configuration | `[]` |
| `gitea.oauth` | OAuth configuration | `[]` |
| `gitea.config.server.SSH_PORT` | SSH port for rootlful Gitea image | `22` |
| `gitea.config.server.SSH_LISTEN_PORT` | SSH port for rootless Gitea image | `2222` |
| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` |
| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` |
| `gitea.podAnnotations` | Annotations for the Gitea pod | `{}` |
| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Gitea image. | `INFO` |
### LivenessProbe ### LivenessProbe
@@ -1037,14 +1158,30 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
| `gitea.startupProbe.successThreshold` | Success threshold for startup probe | `1` | | `gitea.startupProbe.successThreshold` | Success threshold for startup probe | `1` |
| `gitea.startupProbe.failureThreshold` | Failure threshold for startup probe | `10` | | `gitea.startupProbe.failureThreshold` | Failure threshold for startup probe | `10` |
### redis-cluster ### valkey-cluster
| Name | Description | Value | Valkey cluster and [Valkey](#valkey) cannot be enabled at the same time.
| -------------------------------- | -------------------------------------------- | ------- |
| `redis-cluster.enabled` | Enable redis | `true` | | Name | Description | Value |
| `redis-cluster.usePassword` | Whether to use password authentication | `false` | | ------------------------------------- | -------------------------------------------------------------------- | ------- |
| `redis-cluster.cluster.nodes` | Number of redis cluster master nodes | `3` | | `valkey-cluster.enabled` | Enable valkey cluster | `true` |
| `redis-cluster.cluster.replicas` | Number of redis cluster master node replicas | `0` | | `valkey-cluster.usePassword` | Whether to use password authentication | `false` |
| `valkey-cluster.usePasswordFiles` | Whether to mount passwords as files instead of environment variables | `false` |
| `valkey-cluster.cluster.nodes` | Number of valkey cluster master nodes | `3` |
| `valkey-cluster.cluster.replicas` | Number of valkey cluster master node replicas | `0` |
| `valkey-cluster.service.ports.valkey` | Port of Valkey service | `6379` |
### valkey
Valkey and [Valkey cluster](#valkey-cluster) cannot be enabled at the same time.
| Name | Description | Value |
| ------------------------------------ | ------------------------------------------- | ------------ |
| `valkey.enabled` | Enable valkey standalone or replicated | `false` |
| `valkey.architecture` | Whether to use standalone or replication | `standalone` |
| `valkey.global.valkey.password` | Required password | `changeme` |
| `valkey.master.count` | Number of Valkey master instances to deploy | `1` |
| `valkey.master.service.ports.valkey` | Port of Valkey service | `6379` |
### PostgreSQL HA ### PostgreSQL HA
@@ -1058,8 +1195,9 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
| `postgresql-ha.postgresql.repmgrPassword` | Repmgr Password | `changeme2` | | `postgresql-ha.postgresql.repmgrPassword` | Repmgr Password | `changeme2` |
| `postgresql-ha.postgresql.postgresPassword` | postgres Password | `changeme1` | | `postgresql-ha.postgresql.postgresPassword` | postgres Password | `changeme1` |
| `postgresql-ha.pgpool.adminPassword` | pgpool adminPassword | `changeme3` | | `postgresql-ha.pgpool.adminPassword` | pgpool adminPassword | `changeme3` |
| `postgresql-ha.pgpool.srCheckPassword` | pgpool srCheckPassword | `changeme4` |
| `postgresql-ha.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `5432` | | `postgresql-ha.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `5432` |
| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL HA volume | `10Gi` | | `postgresql-ha.persistence.size` | PVC Storage Request for PostgreSQL HA volume | `10Gi` |
### PostgreSQL ### PostgreSQL
@@ -1096,6 +1234,52 @@ If you miss this, blindly upgrading may delete your Postgres instance and you ma
<details> <details>
<summary>To 12.0.0</summary>
<!-- prettier-ignore-start -->
<!-- markdownlint-disable-next-line -->
**Breaking changes**
<!-- prettier-ignore-end -->
- Outsourced "Actions" related configuration.
To deploy and use "Actions", please see the new dedicated chart at <https://gitea.com/gitea/helm-actions>.
It is maintained by a seperate maintainer group and hasn't seen a release yet (at the time of the 12.0 release).
Feel encouraged to contribute if "Actions" is important to you!
This change was made to avoid overloading the existing helm chart, which is already quite large in size and configuration options.
In addition, the existing maintainers team was not actively using "Actions" which slowed down development and community contributions.
While the new chart is still young (and waiting for contributions! and maintainers), we believe that it is the best way moving forward for both parts.
- Migrated from Redis/Redis-cluster to Valkey/Valkey-cluster charts (#775).
While marked as breaking, there is no need to migrate data.
The cache will start to refill automatically.
- Migrated ingress from `networking.k8s.io/v1beta` to `networking.k8s.io/v1`.
We didn't make any changes to the syntax, so the upgrade should be seamless.
</details>
<details>
<summary>To 11.0.0</summary>
<!-- prettier-ignore-start -->
<!-- markdownlint-disable-next-line -->
**Breaking changes**
<!-- prettier-ignore-end -->
- Update Gitea to 1.23.x (review the [1.23 release blog post](https://blog.gitea.com/release-of-1.23.0/) for all application breaking changes)
- Update PostgreSQL sub-chart dependencies to appVersion 17.x
- Update Redis sub-chart to version 20.x (appVersion 7.4)
Although there are no breaking changes in the Redis Chart itself, it updates Redis from `7.2` to `7.4`. We recommend checking the release notes:
- [Redis Chart release notes (starting with v20.0.0)](https://github.com/bitnami/charts/blob/HEAD/bitnami/redis/CHANGELOG.md#2000-2024-08-09).
- [Redis 7.4 release notes](https://raw.githubusercontent.com/redis/redis/7.4/00-RELEASENOTES).
- Update Redis Cluster sub-chart to version 11.x (appVersion 7.4)
Although there are no breaking changes in the Redis Chart itself, it updates Redis from `7.2` to `7.4`. We recommend checking the release notes:
- [Redis Chart release notes (starting with v11.0.0)](https://github.com/bitnami/charts/blob/HEAD/bitnami/redis-cluster/CHANGELOG.md#1100-2024-08-09).
- [Redis 7.4 release notes](https://raw.githubusercontent.com/redis/redis/7.4/00-RELEASENOTES).
</details>
<details>
<summary>To 10.0.0</summary> <summary>To 10.0.0</summary>
<!-- prettier-ignore-start --> <!-- prettier-ignore-start -->
@@ -1162,23 +1346,23 @@ The first item here (`<memcache service name>`) will be different compared to th
The above changes are motivated by the idea to tidy dependencies but also have HA-ready ones at the same time. The above changes are motivated by the idea to tidy dependencies but also have HA-ready ones at the same time.
The previous `memcache` default was not HA-ready, hence we decided to switch to `redis-cluster` by default. The previous `memcache` default was not HA-ready, hence we decided to switch to `redis-cluster` by default.
If you are coming from an existing deployment and [#356](https://gitea.com/gitea/helm-chart/issues/356) is still open, you need to set the config sections for `cache`, `session` and `queue` explicitly: If you are coming from an existing deployment and [#356](https://gitea.com/gitea/helm-gitea/issues/356) is still open, you need to set the config sections for `cache`, `session` and `queue` explicitly:
```yaml ```yaml
gitea: gitea:
config: config:
session: session:
PROVIDER: redis-cluster PROVIDER: redis-cluster
PROVIDER_CONFIG: redis+cluster://:gitea@gitea-redis-cluster-headless.<namespace>.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& PROVIDER_CONFIG: redis+cluster://:gitea@gitea-valkey-cluster-headless.<namespace>.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
cache: cache:
ENABLED: true ENABLED: true
ADAPTER: redis-cluster ADAPTER: redis-cluster
HOST: redis+cluster://:gitea@gitea-redis-cluster-headless.<namespace>.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& HOST: redis+cluster://:gitea@gitea-valkey-cluster-headless.<namespace>.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
queue: queue:
TYPE: redis TYPE: redis
CONN_STR: redis+cluster://:gitea@gitea-redis-cluster-headless.<namespace>.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& CONN_STR: redis+cluster://:gitea@gitea-valkey-cluster-headless.<namespace>.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
``` ```
<!-- prettier-ignore-start --> <!-- prettier-ignore-start -->
@@ -1187,7 +1371,7 @@ gitea:
<!-- prettier-ignore-end --> <!-- prettier-ignore-end -->
If you are facing errors like `WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED` due to this automatic transition: If you are facing errors like `WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED` due to this automatic transition:
Have a look at [this discussion](https://gitea.com/gitea/helm-chart/issues/487#issue-220660) and either set `image.rootless: false` or manually update your `~/.ssh/known_hosts` file(s). Have a look at [this discussion](https://gitea.com/gitea/helm-gitea/issues/487#issue-220660) and either set `image.rootless: false` or manually update your `~/.ssh/known_hosts` file(s).
<!-- prettier-ignore-start --> <!-- prettier-ignore-start -->
<!-- markdownlint-disable-next-line --> <!-- markdownlint-disable-next-line -->
@@ -1243,7 +1427,7 @@ With respect to `values.yaml`, parameters `username`, `database` and `password`
Please adjust your `values.yaml` accordingly. Please adjust your `values.yaml` accordingly.
**Attention**: The Postgres upgrade is not automatically handled by the chart and must be done by yourself. **Attention**: The Postgres upgrade is not automatically handled by the chart and must be done by yourself.
See [this comment](https://gitea.com/gitea/helm-chart/issues/452#issuecomment-740885) for an extensive walkthrough. See [this comment](https://gitea.com/gitea/helm-gitea/issues/452#issuecomment-740885) for an extensive walkthrough.
We again highly encourage users to use an external (managed) database for production instances. We again highly encourage users to use an external (managed) database for production instances.
</details> </details>

View File

@@ -25,7 +25,7 @@ In addition, the following components are required for full HA-readiness:
- A HA-ready issue (and optionally code) indexer: `elasticsearch` or `meilisearch` - A HA-ready issue (and optionally code) indexer: `elasticsearch` or `meilisearch`
- A HA-ready external object/asset storage (`minio`) (optional, assets can also be stored on the RWX file-system) - A HA-ready external object/asset storage (`minio`) (optional, assets can also be stored on the RWX file-system)
- A HA-ready cache (`redis-cluster`) - A HA-ready cache (`valkey-cluster`)
- A HA-ready DB - A HA-ready DB
`postgres.enabled`, which default to `true`, must be set to `false` for a HA setup. `postgres.enabled`, which default to `true`, must be set to `false` for a HA setup.
@@ -72,33 +72,33 @@ persistence:
## Cache, session and queue ## Cache, session and queue
A `redis` instance is required for the in-memory cache. A `valkey` instance is required for the in-memory cache.
Two options exist: Two options exist:
- `redis` - `valkey`
- `redis-cluster` - `valkey-cluster`
The chart provides `redis-cluster` as a dependency as this one can be used for both HA and non-HA setups. The chart provides `valkey-cluster` as a dependency as this one can be used for both HA and non-HA setups.
You're also welcome to go with `redis` if you prefer or already have a running instance. You're also welcome to go with `valkey` if you prefer or already have a running instance.
It should be noted that `redis-cluster` support is only available starting with Gitea 1.19.2. It should be noted that `valkey-cluster` support is only available starting with Gitea 1.19.2.
You can also configure an external (managed) `redis` instance to be used. You can also configure an external (managed) `valkey` instance to be used.
To do so, you need to set the following configuration values yourself: To do so, you need to set the following configuration values yourself:
- `gitea.config.queue.TYPE`: redis` - `gitea.config.queue.TYPE`: valkey`
- `gitea.config.queue.CONN_STR`: `<your redis connection string>` - `gitea.config.queue.CONN_STR`: `<your valkey connection string>`
- `gitea.config.session.PROVIDER`: `redis` - `gitea.config.session.PROVIDER`: `valkey`
- `gitea.config.session.PROVIDER_CONFIG`: `<your redis connection string>` - `gitea.config.session.PROVIDER_CONFIG`: `<your valkey connection string>`
- `gitea.config.cache.ENABLED`: `true` - `gitea.config.cache.ENABLED`: `true`
- `gitea.config.cache.ADAPTER`: `redis` - `gitea.config.cache.ADAPTER`: `valkey`
- `gitea.config.cache.HOST`: `<your redis connection string>` - `gitea.config.cache.HOST`: `<your valkey connection string>`
By default, the `redis-cluster` chart provisions three standalone master nodes of which each has a single replica. By default, the `valkey-cluster` chart provisions three standalone master nodes of which each has a single replica.
To reduce the number of pods for a default Gitea deployment, we opted to omit the replicas (`replicas: 0`) by default. To reduce the number of pods for a default Gitea deployment, we opted to omit the replicas (`replicas: 0`) by default.
Only the minimum required number of master pods for a functional `redis-cluster` deployment are provisioned. Only the minimum required number of master pods for a functional `valkey-cluster` deployment are provisioned.
For a "proper" `redis-cluster` setup however, we recommend to set `replicas: 1` and `nodes: 6`. For a "proper" `valkey-cluster` setup however, we recommend to set `replicas: 1` and `nodes: 6`.
## Object and asset storage ## Object and asset storage

1171
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@@ -1,6 +1,6 @@
{ {
"name": "gitea-helm-chart", "name": "gitea-helm",
"homepage": "https://gitea.com/gitea/helm-chart.git", "homepage": "https://gitea.com/gitea/helm-gitea.git",
"license": "MIT", "license": "MIT",
"private": true, "private": true,
"engineStrict": true, "engineStrict": true,
@@ -14,6 +14,6 @@
}, },
"devDependencies": { "devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.5.0", "@bitnami/readme-generator-for-helm": "^2.5.0",
"markdownlint-cli": "^0.41.0" "markdownlint-cli": "^0.45.0"
} }
} }

View File

@@ -9,13 +9,19 @@
labels: [ labels: [
'kind/dependency', 'kind/dependency',
], ],
digest: {
automerge: true,
},
automergeStrategy: 'squash', automergeStrategy: 'squash',
'git-submodules': {
enabled: true,
},
customManagers: [ customManagers: [
{ {
description: 'Gitea-version of https://docs.renovatebot.com/presets-regexManagers/#regexmanagersgithubactionsversions', description: 'Gitea-version of https://docs.renovatebot.com/presets-regexManagers/#regexmanagersgithubactionsversions',
customType: 'regex', customType: 'regex',
fileMatch: [ managerFilePatterns: [
'.gitea/workflows/.+\\.ya?ml$', '/.gitea/workflows/.+\\.ya?ml$/',
], ],
matchStrings: [ matchStrings: [
'# renovate: datasource=(?<datasource>[a-z-.]+?) depName=(?<depName>[^\\s]+?)(?: (?:lookupName|packageName)=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?<currentValue>.+?)["\']?\\s', '# renovate: datasource=(?<datasource>[a-z-.]+?) depName=(?<depName>[^\\s]+?)(?: (?:lookupName|packageName)=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?<currentValue>.+?)["\']?\\s',
@@ -24,13 +30,33 @@
{ {
description: 'Detect helm-unittest yaml schema file', description: 'Detect helm-unittest yaml schema file',
customType: 'regex', customType: 'regex',
fileMatch: ['.vscode/settings\\.json$'], managerFilePatterns: [
'/.vscode/settings\\.json$/',
],
matchStrings: [ matchStrings: [
'https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json', 'https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json',
], ],
datasourceTemplate: 'github-releases', datasourceTemplate: 'github-releases',
}, },
{
description: 'Automatically detect new Gitea releases',
customType: 'regex',
managerFilePatterns: [
'/(^|/)Chart\\.yaml$/',
],
matchStrings: [
'# renovate datasource=(?<datasource>\\S+) depName=(?<depName>\\S+) extractVersion=(?<extractVersion>\\S+)\\nappVersion:\\s?(?<currentValue>\\S+)\\n',
],
},
], ],
lockFileMaintenance: {
"enabled": true,
"commitMessageAction": "update",
"commitMessageTopic": "lockfiles",
schedule: [
'at any time',
]
},
packageRules: [ packageRules: [
{ {
groupName: 'subcharts (minor & patch)', groupName: 'subcharts (minor & patch)',
@@ -43,6 +69,17 @@
'digest', 'digest',
], ],
}, },
{
groupName: 'bats testing framework',
matchManagers: [
'git-submodules',
],
matchUpdateTypes: [
'minor',
'patch',
'digest',
],
},
{ {
groupName: 'workflow dependencies (minor & patch)', groupName: 'workflow dependencies (minor & patch)',
matchManagers: [ matchManagers: [
@@ -55,6 +92,41 @@
'patch', 'patch',
'digest', 'digest',
], ],
matchFileNames: [
'!Chart.yaml',
],
},
{
description: 'Update README.md on changes in values.yaml',
matchManagers: [
'helm-values',
],
postUpgradeTasks: {
commands: [
'install-tool node',
'make readme',
],
fileFilters: [
'README.md',
],
executionMode: 'update',
},
},
{
description: 'Override changelog url for Helm image, to have release notes in our PRs',
matchDepNames: [
'alpine/helm',
],
changelogUrl: 'https://github.com/helm/helm',
},
{
description: 'Bump Gitea as fast as possible - not only on weekends',
matchDepNames: [
'go-gitea/gitea',
],
schedule: [
'at any time',
],
}, },
], ],
} }

43
scripts/act_runner/token.sh Executable file
View File

@@ -0,0 +1,43 @@
#!/bin/sh
set -eu
timeout_delay=15
check_token() {
set +e
echo "Checking for existing token..."
token="$(kubectl get secret "$SECRET_NAME" -o jsonpath="{.data['token']}" 2> /dev/null)"
[ $? -ne 0 ] && return 1
[ -z "$token" ] && return 2
return 0
}
create_token() {
echo "Waiting for new token to be generated..."
begin=$(date +%s)
end=$((begin + timeout_delay))
while true; do
[ -f /data/actions/token ] && return 0
[ "$(date +%s)" -gt $end ] && return 1
sleep 5
done
}
store_token() {
echo "Storing the token in Kubernetes secret..."
kubectl patch secret "$SECRET_NAME" -p "{\"data\":{\"token\":\"$(base64 /data/actions/token | tr -d '\n')\"}}"
}
if check_token; then
echo "Key already in place, exiting."
exit
fi
if ! create_token; then
echo "Checking for an existing act runner token in secret $SECRET_NAME timed out after $timeout_delay"
exit 1
fi
store_token

View File

@@ -0,0 +1,154 @@
#!/usr/bin/env bash
set -euo pipefail
function env2ini::log() {
printf "${1}\n"
}
function env2ini::read_config_to_env() {
local section="${1}"
local line="${2}"
if [[ -z "${line}" ]]; then
# skip empty line
return
fi
# 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line
local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)"
if [[ -z "${setting}" ]]; then
env2ini::log ' ! invalid setting'
exit 1
fi
local value=''
local regex="^${setting}(\s*)=(\s*)(.*)"
if [[ $line =~ $regex ]]; then
value="${BASH_REMATCH[3]}"
else
env2ini::log ' ! invalid setting'
exit 1
fi
env2ini::log " + '${setting}'"
if [[ -z "${section}" ]]; then
export "GITEA____${setting^^}=${value}" # '^^' makes the variable content uppercase
return
fi
local masked_section="${section//./_0X2E_}" # '//' instructs to replace all matches
masked_section="${masked_section//-/_0X2D_}"
export "GITEA__${masked_section^^}__${setting^^}=${value}" # '^^' makes the variable content uppercase
}
function env2ini::reload_preset_envs() {
env2ini::log "Reloading preset envs..."
while read -r line; do
if [[ -z "${line}" ]]; then
# skip empty line
return
fi
# 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line
local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)"
if [[ -z "${setting}" ]]; then
env2ini::log ' ! invalid setting'
exit 1
fi
local value=''
local regex="^${setting}(\s*)=(\s*)(.*)"
if [[ $line =~ $regex ]]; then
value="${BASH_REMATCH[3]}"
else
env2ini::log ' ! invalid setting'
exit 1
fi
env2ini::log " + '${setting}'"
export "${setting^^}=${value}" # '^^' makes the variable content uppercase
done < "$TMP_EXISTING_ENVS_FILE"
rm $TMP_EXISTING_ENVS_FILE
}
function env2ini::process_config_file() {
local config_file="${1}"
local section="$(basename "${config_file}")"
if [[ $section == '_generals_' ]]; then
env2ini::log " [ini root]"
section=''
else
env2ini::log " ${section}"
fi
while read -r line; do
env2ini::read_config_to_env "${section}" "${line}"
done < <(awk 1 "${config_file}") # Helm .toYaml trims the trailing new line which breaks line processing; awk 1 ... adds it back while reading
}
function env2ini::load_config_sources() {
local path="${1}"
if [[ -d "${path}" ]]; then
env2ini::log "Processing $(basename "${path}")..."
while read -d '' configFile; do
env2ini::process_config_file "${configFile}"
done < <(find "${path}" -type l -not -name '..data' -print0)
env2ini::log "\n"
fi
}
function env2ini::generate_initial_secrets() {
# These environment variables will either be
# - overwritten with user defined values,
# - initially used to set up Gitea
# Anyway, they won't harm existing app.ini files
export GITEA__SECURITY__INTERNAL_TOKEN=$(gitea generate secret INTERNAL_TOKEN)
export GITEA__SECURITY__SECRET_KEY=$(gitea generate secret SECRET_KEY)
export GITEA__OAUTH2__JWT_SECRET=$(gitea generate secret JWT_SECRET)
export GITEA__SERVER__LFS_JWT_SECRET=$(gitea generate secret LFS_JWT_SECRET)
env2ini::log "...Initial secrets generated\n"
}
# save existing envs prior to script execution. Necessary to keep order of preexisting and custom envs
env | (grep -e '^GITEA__' || [[ $? == 1 ]]) > $TMP_EXISTING_ENVS_FILE
# MUST BE CALLED BEFORE OTHER CONFIGURATION
env2ini::generate_initial_secrets
env2ini::load_config_sources "$ENV_TO_INI_MOUNT_POINT/inlines/"
env2ini::load_config_sources "$ENV_TO_INI_MOUNT_POINT/additionals/"
# load existing envs to override auto generated envs
env2ini::reload_preset_envs
env2ini::log "=== All configuration sources loaded ===\n"
# safety to prevent rewrite of secret keys if an app.ini already exists
if [ -f ${GITEA_APP_INI} ]; then
env2ini::log 'An app.ini file already exists. To prevent overwriting secret keys, these settings are dropped and remain unchanged:'
env2ini::log ' - security.INTERNAL_TOKEN'
env2ini::log ' - security.SECRET_KEY'
env2ini::log ' - oauth2.JWT_SECRET'
env2ini::log ' - server.LFS_JWT_SECRET'
unset GITEA__SECURITY__INTERNAL_TOKEN
unset GITEA__SECURITY__SECRET_KEY
unset GITEA__OAUTH2__JWT_SECRET
unset GITEA__SERVER__LFS_JWT_SECRET
fi
environment-to-ini -o $GITEA_APP_INI

View File

@@ -0,0 +1,4 @@
#!/usr/bin/env bash
set -eu
gpg --batch --import "$TMP_RAW_GPG_KEY"

View File

@@ -25,6 +25,13 @@ If release name contains chart name it will be used as a full name.
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{/*
Create a default worker name.
*/}}
{{- define "gitea.workername" -}}
{{- printf "%s-%s" .global.Release.Name .worker | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* {{/*
Create chart name and version as used by the chart label. Create chart name and version as used by the chart label.
*/}} */}}
@@ -92,6 +99,15 @@ version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}} {{- end -}}
{{- define "gitea.labels.actRunner" -}}
helm.sh/chart: {{ include "gitea.chart" . }}
app: {{ include "gitea.name" . }}-act-runner
{{ include "gitea.selectorLabels.actRunner" . }}
app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/* {{/*
Selector labels Selector labels
*/}} */}}
@@ -100,6 +116,11 @@ app.kubernetes.io/name: {{ include "gitea.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}} {{- end -}}
{{- define "gitea.selectorLabels.actRunner" -}}
app.kubernetes.io/name: {{ include "gitea.name" . }}-act-runner
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "postgresql-ha.dns" -}} {{- define "postgresql-ha.dns" -}}
{{- if (index .Values "postgresql-ha").enabled -}} {{- if (index .Values "postgresql-ha").enabled -}}
{{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}} {{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}}
@@ -112,21 +133,29 @@ app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "redis.dns" -}} {{- define "valkey.dns" -}}
{{- if (index .Values "redis-cluster").enabled -}} {{- if and ((index .Values "valkey-cluster").enabled) ((index .Values "valkey").enabled) -}}
{{- printf "redis+cluster://:%s@%s-redis-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis-cluster").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis-cluster").service.ports.redis -}} {{- fail "valkey and valkey-cluster cannot be enabled at the same time. Please only choose one." -}}
{{- else if (index .Values "valkey-cluster").enabled -}}
{{- printf "redis+cluster://:%s@%s-valkey-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "valkey-cluster").global.valkey.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "valkey-cluster").service.ports.valkey -}}
{{- else if (index .Values "valkey").enabled -}}
{{- printf "redis://:%s@%s-valkey-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "valkey").global.valkey.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "valkey").master.service.ports.valkey -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "redis.port" -}} {{- define "valkey.port" -}}
{{- if (index .Values "redis-cluster").enabled -}} {{- if (index .Values "valkey-cluster").enabled -}}
{{ (index .Values "redis-cluster").service.ports.redis }} {{ (index .Values "valkey-cluster").service.ports.valkey }}
{{- else if (index .Values "valkey").enabled -}}
{{ (index .Values "valkey").master.service.ports.valkey }}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "redis.servicename" -}} {{- define "valkey.servicename" -}}
{{- if (index .Values "redis-cluster").enabled -}} {{- if (index .Values "valkey-cluster").enabled -}}
{{- printf "%s-redis-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}} {{- printf "%s-valkey-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
{{- else if (index .Values "valkey").enabled -}}
{{- printf "%s-valkey-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
@@ -255,6 +284,9 @@ https
{{- if not (hasKey .Values.gitea.config "indexer") -}} {{- if not (hasKey .Values.gitea.config "indexer") -}}
{{- $_ := set .Values.gitea.config "indexer" dict -}} {{- $_ := set .Values.gitea.config "indexer" dict -}}
{{- end -}} {{- end -}}
{{- if not (hasKey .Values.gitea.config "actions") -}}
{{- $_ := set .Values.gitea.config "actions" dict -}}
{{- end -}}
{{- end -}} {{- end -}}
{{- define "gitea.inline_configuration.defaults" -}} {{- define "gitea.inline_configuration.defaults" -}}
@@ -270,14 +302,17 @@ https
{{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}} {{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}}
{{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}} {{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}}
{{- end -}} {{- end -}}
{{- /* redis queue */ -}} {{- if and (not (hasKey .Values.gitea.config.metrics "TOKEN")) (.Values.gitea.metrics.token) (.Values.gitea.metrics.enabled) -}}
{{- if (index .Values "redis-cluster").enabled -}} {{- $_ := set .Values.gitea.config.metrics "TOKEN" .Values.gitea.metrics.token -}}
{{- end -}}
{{- /* valkey queue */ -}}
{{- if or ((index .Values "valkey-cluster").enabled) ((index .Values "valkey").enabled) -}}
{{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}} {{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}}
{{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "redis.dns" .) -}} {{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "valkey.dns" .) -}}
{{- $_ := set .Values.gitea.config.session "PROVIDER" "redis" -}} {{- $_ := set .Values.gitea.config.session "PROVIDER" "redis" -}}
{{- $_ := set .Values.gitea.config.session "PROVIDER_CONFIG" (include "redis.dns" .) -}} {{- $_ := set .Values.gitea.config.session "PROVIDER_CONFIG" (include "valkey.dns" .) -}}
{{- $_ := set .Values.gitea.config.cache "ADAPTER" "redis" -}} {{- $_ := set .Values.gitea.config.cache "ADAPTER" "redis" -}}
{{- $_ := set .Values.gitea.config.cache "HOST" (include "redis.dns" .) -}} {{- $_ := set .Values.gitea.config.cache "HOST" (include "valkey.dns" .) -}}
{{- else -}} {{- else -}}
{{- if not (get .Values.gitea.config.session "PROVIDER") -}} {{- if not (get .Values.gitea.config.session "PROVIDER") -}}
{{- $_ := set .Values.gitea.config.session "PROVIDER" "memory" -}} {{- $_ := set .Values.gitea.config.session "PROVIDER" "memory" -}}
@@ -326,16 +361,18 @@ https
{{- if not .Values.gitea.config.server.SSH_PORT -}} {{- if not .Values.gitea.config.server.SSH_PORT -}}
{{- $_ := set .Values.gitea.config.server "SSH_PORT" .Values.service.ssh.port -}} {{- $_ := set .Values.gitea.config.server "SSH_PORT" .Values.service.ssh.port -}}
{{- end -}} {{- end -}}
{{- if not (hasKey .Values.gitea.config.server "SSH_LISTEN_PORT") -}}
{{- if not .Values.image.rootless -}}
{{- $_ := set .Values.gitea.config.server "SSH_LISTEN_PORT" .Values.gitea.config.server.SSH_PORT -}}
{{- else -}}
{{- $_ := set .Values.gitea.config.server "SSH_LISTEN_PORT" "2222" -}}
{{- end -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config.server "START_SSH_SERVER") -}} {{- if not (hasKey .Values.gitea.config.server "START_SSH_SERVER") -}}
{{- if .Values.image.rootless -}} {{- if .Values.image.rootless -}}
{{- $_ := set .Values.gitea.config.server "START_SSH_SERVER" "true" -}} {{- $_ := set .Values.gitea.config.server "START_SSH_SERVER" "true" -}}
{{- if not (hasKey .Values.gitea.config.server "SSH_LISTEN_PORT") -}}
{{- if not .Values.gitea.config.server.SSH_LISTEN_PORT -}}
{{- $_ := set .Values.gitea.config.server "SSH_LISTEN_PORT" .Values.gitea.config.server.SSH_PORT -}}
{{- else -}}
{{- $_ := set .Values.gitea.config.server "SSH_LISTEN_PORT" .Values.gitea.config.server.SSH_LISTEN_PORT -}}
{{- end -}}
{{- end -}}
{{- else -}}
{{- $_ := set .Values.gitea.config.server "START_SSH_SERVER" "false" -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- if not (hasKey .Values.gitea.config.server "APP_DATA_PATH") -}} {{- if not (hasKey .Values.gitea.config.server "APP_DATA_PATH") -}}
@@ -392,3 +429,45 @@ https
{{- define "gitea.serviceAccountName" -}} {{- define "gitea.serviceAccountName" -}}
{{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }} {{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }}
{{- end -}} {{- end -}}
{{- define "ingress.annotations" -}}
{{- if .Values.ingress.annotations }}
annotations:
{{- $tp := typeOf .Values.ingress.annotations }}
{{- if eq $tp "string" }}
{{- tpl .Values.ingress.annotations . | nindent 4 }}
{{- else }}
{{- toYaml .Values.ingress.annotations | nindent 4 }}
{{- end }}
{{- end }}
{{- end -}}
{{- define "gitea.admin.passwordMode" -}}
{{- if has .Values.gitea.admin.passwordMode (tuple "keepUpdated" "initialOnlyNoReset" "initialOnlyRequireReset") -}}
{{ .Values.gitea.admin.passwordMode }}
{{- else -}}
{{ printf "gitea.admin.passwordMode must be set to one of 'keepUpdated', 'initialOnlyNoReset', or 'initialOnlyRequireReset'. Received: '%s'" .Values.gitea.admin.passwordMode | fail }}
{{- end -}}
{{- end -}}
{{/* Create a functioning probe object for rendering. Given argument must be either a livenessProbe, readinessProbe, or startupProbe */}}
{{- define "gitea.deployment.probe" -}}
{{- $probe := unset . "enabled" -}}
{{- $probeKeys := keys $probe -}}
{{- $containsCustomMethod := false -}}
{{- $chartDefaultMethod := "tcpSocket" -}}
{{- $nonChartDefaultMethods := list "exec" "httpGet" "grpc" -}}
{{- range $probeKeys -}}
{{- if has . $nonChartDefaultMethods -}}
{{- $containsCustomMethod = true -}}
{{- end -}}
{{- end -}}
{{- if $containsCustomMethod -}}
{{- $probe = unset . $chartDefaultMethod -}}
{{- end -}}
{{- toYaml $probe -}}
{{- end -}}
{{- define "gitea.metrics-secret-name" -}}
{{ default (printf "%s-metrics-secret" (include "gitea.fullname" .)) }}
{{- end -}}

View File

@@ -0,0 +1,3 @@
{{- if .Values.actions -}}
{{- fail "The actions sub-chart has been outsourced to a dedicated chart available at https://gitea.com/gitea/helm-actions. For assistance with the migration process, check https://gitea.com/gitea/helm-actions/issues/9." -}}
{{- end -}}

View File

@@ -2,6 +2,7 @@ apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "gitea.fullname" . }}-inline-config name: {{ include "gitea.fullname" . }}-inline-config
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
type: Opaque type: Opaque
@@ -12,10 +13,12 @@ apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "gitea.fullname" . }} name: {{ include "gitea.fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
type: Opaque type: Opaque
stringData: stringData:
{{ (.Files.Glob "scripts/init-containers/config/*.sh").AsConfig | indent 2 }}
assertions: | assertions: |
{{- /*assert that only one PG dep is enabled */ -}} {{- /*assert that only one PG dep is enabled */ -}}
@@ -24,17 +27,17 @@ stringData:
{{- end }} {{- end }}
{{- /* multiple replicas assertions */ -}} {{- /* multiple replicas assertions */ -}}
{{- if gt .Values.replicaCount 1.0 -}} {{- if gt (.Values.replicaCount | int) 1 -}}
{{- if .Values.gitea.config.cron -}} {{- if .Values.gitea.config.cron -}}
{{- if .Values.gitea.config.cron.GIT_GC_REPOS -}} {{- if .Values.gitea.config.cron.GIT_GC_REPOS -}}
{{- if eq .Values.gitea.config.cron.GIT_GC_REPOS.ENABLED true -}} {{- if eq .Values.gitea.config.cron.GIT_GC_REPOS.ENABLED true -}}
{{ fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." }} {{ fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'gitea.config.cron.GIT_GC_REPOS.enabled = false'." }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}} {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}}
{{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}} {{- fail "When using multiple replicas, a RWX file system is required and persistence.accessModes[0] must be set to ReadWriteMany." -}}
{{- end }} {{- end }}
{{- if .Values.gitea.config.indexer -}} {{- if .Values.gitea.config.indexer -}}
{{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}} {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}}
@@ -52,158 +55,3 @@ stringData:
{{- end }} {{- end }}
{{- end }} {{- end }}
config_environment.sh: |-
#!/usr/bin/env bash
set -euo pipefail
function env2ini::log() {
printf "${1}\n"
}
function env2ini::read_config_to_env() {
local section="${1}"
local line="${2}"
if [[ -z "${line}" ]]; then
# skip empty line
return
fi
# 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line
local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)"
if [[ -z "${setting}" ]]; then
env2ini::log ' ! invalid setting'
exit 1
fi
local value=''
local regex="^${setting}(\s*)=(\s*)(.*)"
if [[ $line =~ $regex ]]; then
value="${BASH_REMATCH[3]}"
else
env2ini::log ' ! invalid setting'
exit 1
fi
env2ini::log " + '${setting}'"
if [[ -z "${section}" ]]; then
export "GITEA____${setting^^}=${value}" # '^^' makes the variable content uppercase
return
fi
local masked_section="${section//./_0X2E_}" # '//' instructs to replace all matches
masked_section="${masked_section//-/_0X2D_}"
export "GITEA__${masked_section^^}__${setting^^}=${value}" # '^^' makes the variable content uppercase
}
function env2ini::reload_preset_envs() {
env2ini::log "Reloading preset envs..."
while read -r line; do
if [[ -z "${line}" ]]; then
# skip empty line
return
fi
# 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line
local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)"
if [[ -z "${setting}" ]]; then
env2ini::log ' ! invalid setting'
exit 1
fi
local value=''
local regex="^${setting}(\s*)=(\s*)(.*)"
if [[ $line =~ $regex ]]; then
value="${BASH_REMATCH[3]}"
else
env2ini::log ' ! invalid setting'
exit 1
fi
env2ini::log " + '${setting}'"
export "${setting^^}=${value}" # '^^' makes the variable content uppercase
done < "/tmp/existing-envs"
rm /tmp/existing-envs
}
function env2ini::process_config_file() {
local config_file="${1}"
local section="$(basename "${config_file}")"
if [[ $section == '_generals_' ]]; then
env2ini::log " [ini root]"
section=''
else
env2ini::log " ${section}"
fi
while read -r line; do
env2ini::read_config_to_env "${section}" "${line}"
done < <(awk 1 "${config_file}") # Helm .toYaml trims the trailing new line which breaks line processing; awk 1 ... adds it back while reading
}
function env2ini::load_config_sources() {
local path="${1}"
if [[ -d "${path}" ]]; then
env2ini::log "Processing $(basename "${path}")..."
while read -d '' configFile; do
env2ini::process_config_file "${configFile}"
done < <(find "${path}" -type l -not -name '..data' -print0)
env2ini::log "\n"
fi
}
function env2ini::generate_initial_secrets() {
# These environment variables will either be
# - overwritten with user defined values,
# - initially used to set up Gitea
# Anyway, they won't harm existing app.ini files
export GITEA__SECURITY__INTERNAL_TOKEN=$(gitea generate secret INTERNAL_TOKEN)
export GITEA__SECURITY__SECRET_KEY=$(gitea generate secret SECRET_KEY)
export GITEA__OAUTH2__JWT_SECRET=$(gitea generate secret JWT_SECRET)
export GITEA__SERVER__LFS_JWT_SECRET=$(gitea generate secret LFS_JWT_SECRET)
env2ini::log "...Initial secrets generated\n"
}
# save existing envs prior to script execution. Necessary to keep order of preexisting and custom envs
env | (grep -e '^GITEA__' || [[ $? == 1 ]]) > /tmp/existing-envs
# MUST BE CALLED BEFORE OTHER CONFIGURATION
env2ini::generate_initial_secrets
env2ini::load_config_sources '/env-to-ini-mounts/inlines/'
env2ini::load_config_sources '/env-to-ini-mounts/additionals/'
# load existing envs to override auto generated envs
env2ini::reload_preset_envs
env2ini::log "=== All configuration sources loaded ===\n"
# safety to prevent rewrite of secret keys if an app.ini already exists
if [ -f ${GITEA_APP_INI} ]; then
env2ini::log 'An app.ini file already exists. To prevent overwriting secret keys, these settings are dropped and remain unchanged:'
env2ini::log ' - security.INTERNAL_TOKEN'
env2ini::log ' - security.SECRET_KEY'
env2ini::log ' - oauth2.JWT_SECRET'
env2ini::log ' - server.LFS_JWT_SECRET'
unset GITEA__SECURITY__INTERNAL_TOKEN
unset GITEA__SECURITY__SECRET_KEY
unset GITEA__OAUTH2__JWT_SECRET
unset GITEA__SERVER__LFS_JWT_SECRET
fi
environment-to-ini -o $GITEA_APP_INI

View File

@@ -2,6 +2,7 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: {{ include "gitea.fullname" . }} name: {{ include "gitea.fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
annotations: annotations:
{{- if .Values.deployment.annotations }} {{- if .Values.deployment.annotations }}
{{- toYaml .Values.deployment.annotations | nindent 4 }} {{- toYaml .Values.deployment.annotations | nindent 4 }}
@@ -58,10 +59,14 @@ spec:
securityContext: securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }} {{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers: initContainers:
{{- if .Values.preExtraInitContainers }}
{{- toYaml .Values.preExtraInitContainers | nindent 8 }}
{{- end }}
- name: init-directories - name: init-directories
image: "{{ include "gitea.image" . }}" image: "{{ include "gitea.image" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ["/usr/sbin/init_directory_structure.sh"] command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/init_directory_structure.sh"
env: env:
- name: GITEA_APP_INI - name: GITEA_APP_INI
value: /data/gitea/conf/app.ini value: /data/gitea/conf/app.ini
@@ -80,7 +85,7 @@ spec:
{{- end }} {{- end }}
volumeMounts: volumeMounts:
- name: init - name: init
mountPath: /usr/sbin mountPath: {{ .Values.initContainersScriptsVolumeMountPath }}
- name: temp - name: temp
mountPath: /tmp mountPath: /tmp
- name: data - name: data
@@ -96,7 +101,8 @@ spec:
- name: init-app-ini - name: init-app-ini
image: "{{ include "gitea.image" . }}" image: "{{ include "gitea.image" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.image.pullPolicy }}
command: ["/usr/sbin/config_environment.sh"] command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/config_environment.sh"
env: env:
- name: GITEA_APP_INI - name: GITEA_APP_INI
value: /data/gitea/conf/app.ini value: /data/gitea/conf/app.ini
@@ -106,15 +112,19 @@ spec:
value: /data value: /data
- name: GITEA_TEMP - name: GITEA_TEMP
value: /tmp/gitea value: /tmp/gitea
- name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
{{- if .Values.deployment.env }} {{- if .Values.deployment.env }}
{{- toYaml .Values.deployment.env | nindent 12 }} {{- toYaml .Values.deployment.env | nindent 12 }}
{{- end }} {{- end }}
{{- if .Values.gitea.additionalConfigFromEnvs }} {{- if .Values.gitea.additionalConfigFromEnvs }}
{{- toYaml .Values.gitea.additionalConfigFromEnvs | nindent 12 }} {{- tpl (toYaml .Values.gitea.additionalConfigFromEnvs) $ | nindent 12 }}
{{- end }} {{- end }}
volumeMounts: volumeMounts:
- name: config - name: config
mountPath: /usr/sbin mountPath: {{ .Values.initContainersScriptsVolumeMountPath }}
- name: temp - name: temp
mountPath: /tmp mountPath: /tmp
- name: data - name: data
@@ -136,7 +146,8 @@ spec:
{{- if .Values.signing.enabled }} {{- if .Values.signing.enabled }}
- name: configure-gpg - name: configure-gpg
image: "{{ include "gitea.image" . }}" image: "{{ include "gitea.image" . }}"
command: ["/usr/sbin/configure_gpg_environment.sh"] command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/configure_gpg_environment.sh"
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext: securityContext:
{{- /* By default this container runs as user 1000 unless otherwise stated */ -}} {{- /* By default this container runs as user 1000 unless otherwise stated */ -}}
@@ -148,9 +159,11 @@ spec:
env: env:
- name: GNUPGHOME - name: GNUPGHOME
value: {{ .Values.signing.gpgHome }} value: {{ .Values.signing.gpgHome }}
- name: TMP_RAW_GPG_KEY
value: /raw/private.asc
volumeMounts: volumeMounts:
- name: init - name: init
mountPath: /usr/sbin mountPath: {{ .Values.initContainersScriptsVolumeMountPath }}
- name: data - name: data
mountPath: /data mountPath: /data
{{- if .Values.persistence.subPath }} {{- if .Values.persistence.subPath }}
@@ -167,7 +180,8 @@ spec:
{{- end }} {{- end }}
- name: configure-gitea - name: configure-gitea
image: "{{ include "gitea.image" . }}" image: "{{ include "gitea.image" . }}"
command: ["/usr/sbin/configure_gitea.sh"] command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/configure_gitea.sh"
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext: securityContext:
{{- /* By default this container runs as user 1000 unless otherwise stated */ -}} {{- /* By default this container runs as user 1000 unless otherwise stated */ -}}
@@ -243,12 +257,14 @@ spec:
- name: GITEA_ADMIN_PASSWORD - name: GITEA_ADMIN_PASSWORD
value: {{ .Values.gitea.admin.password | quote }} value: {{ .Values.gitea.admin.password | quote }}
{{- end }} {{- end }}
- name: GITEA_ADMIN_PASSWORD_MODE
value: {{ include "gitea.admin.passwordMode" $ }}
{{- if .Values.deployment.env }} {{- if .Values.deployment.env }}
{{- toYaml .Values.deployment.env | nindent 12 }} {{- toYaml .Values.deployment.env | nindent 12 }}
{{- end }} {{- end }}
volumeMounts: volumeMounts:
- name: init - name: init
mountPath: /usr/sbin mountPath: {{ .Values.initContainersScriptsVolumeMountPath }}
- name: temp - name: temp
mountPath: /tmp mountPath: /tmp
- name: data - name: data
@@ -259,6 +275,9 @@ spec:
{{- include "gitea.init-additional-mounts" . | nindent 12 }} {{- include "gitea.init-additional-mounts" . | nindent 12 }}
resources: resources:
{{- toYaml .Values.initContainers.resources | nindent 12 }} {{- toYaml .Values.initContainers.resources | nindent 12 }}
{{- if .Values.postExtraInitContainers }}
{{- toYaml .Values.postExtraInitContainers | nindent 8 }}
{{- end }}
terminationGracePeriodSeconds: {{ .Values.deployment.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.deployment.terminationGracePeriodSeconds }}
containers: containers:
- name: {{ .Chart.Name }} - name: {{ .Chart.Name }}
@@ -282,6 +301,13 @@ spec:
value: /data value: /data
- name: GITEA_TEMP - name: GITEA_TEMP
value: /tmp/gitea value: /tmp/gitea
{{- if and (hasKey .Values.resources "limits") (hasKey .Values.resources.limits "cpu") }}
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: "1"
resource: limits.cpu
{{- end }}
- name: TMPDIR - name: TMPDIR
value: /tmp/gitea value: /tmp/gitea
{{- if .Values.image.rootless }} {{- if .Values.image.rootless }}
@@ -309,15 +335,15 @@ spec:
{{- end }} {{- end }}
{{- if .Values.gitea.livenessProbe.enabled }} {{- if .Values.gitea.livenessProbe.enabled }}
livenessProbe: livenessProbe:
{{- toYaml (omit .Values.gitea.livenessProbe "enabled") | nindent 12 }} {{- include "gitea.deployment.probe" .Values.gitea.livenessProbe | nindent 12 }}
{{- end }} {{- end }}
{{- if .Values.gitea.readinessProbe.enabled }} {{- if .Values.gitea.readinessProbe.enabled }}
readinessProbe: readinessProbe:
{{- toYaml (omit .Values.gitea.readinessProbe "enabled") | nindent 12 }} {{- include "gitea.deployment.probe" .Values.gitea.readinessProbe | nindent 12 }}
{{- end }} {{- end }}
{{- if .Values.gitea.startupProbe.enabled }} {{- if .Values.gitea.startupProbe.enabled }}
startupProbe: startupProbe:
{{- toYaml (omit .Values.gitea.startupProbe "enabled") | nindent 12 }} {{- include "gitea.deployment.probe" .Values.gitea.startupProbe | nindent 12 }}
{{- end }} {{- end }}
resources: resources:
{{- toYaml .Values.resources | nindent 12 }} {{- toYaml .Values.resources | nindent 12 }}
@@ -337,13 +363,16 @@ spec:
subPath: {{ .Values.persistence.subPath }} subPath: {{ .Values.persistence.subPath }}
{{- end }} {{- end }}
{{- include "gitea.container-additional-mounts" . | nindent 12 }} {{- include "gitea.container-additional-mounts" . | nindent 12 }}
{{- if .Values.extraContainers }}
{{- toYaml .Values.extraContainers | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }} {{- with .Values.global.hostAliases }}
hostAliases: hostAliases:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
{{- with .Values.nodeSelector }} {{- range $key, $value := .Values.nodeSelector }}
nodeSelector: nodeSelector:
{{- toYaml . | nindent 8 }} {{ $key }}: {{ $value | quote }}
{{- end }} {{- end }}
{{- with .Values.affinity }} {{- with .Values.affinity }}
affinity: affinity:

View File

@@ -7,6 +7,7 @@ apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "gitea.gpg-key-secret-name" . }} name: {{ include "gitea.gpg-key-secret-name" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
type: Opaque type: Opaque

View File

@@ -2,6 +2,7 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ include "gitea.fullname" . }}-http name: {{ include "gitea.fullname" . }}-http
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.service.http.labels }} {{- if .Values.service.http.labels }}
@@ -11,7 +12,11 @@ metadata:
{{- toYaml .Values.service.http.annotations | nindent 4 }} {{- toYaml .Values.service.http.annotations | nindent 4 }}
spec: spec:
type: {{ .Values.service.http.type }} type: {{ .Values.service.http.type }}
{{- if and .Values.service.http.loadBalancerIP (eq .Values.service.http.type "LoadBalancer") }} {{- if eq .Values.service.http.type "LoadBalancer" }}
{{- if .Values.service.http.loadBalancerClass }}
loadBalancerClass: {{ .Values.service.http.loadBalancerClass }}
{{- end }}
{{- if and .Values.service.http.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.http.loadBalancerIP }} loadBalancerIP: {{ .Values.service.http.loadBalancerIP }}
{{- end }} {{- end }}
{{- if .Values.service.http.loadBalancerSourceRanges }} {{- if .Values.service.http.loadBalancerSourceRanges }}
@@ -20,6 +25,7 @@ spec:
- {{ . }} - {{ . }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }}
{{- if .Values.service.http.externalIPs }} {{- if .Values.service.http.externalIPs }}
externalIPs: externalIPs:
{{- toYaml .Values.service.http.externalIPs | nindent 4 }} {{- toYaml .Values.service.http.externalIPs | nindent 4 }}

View File

@@ -1,18 +1,11 @@
{{- if .Values.ingress.enabled -}} {{- if .Values.ingress.enabled -}}
{{- $fullName := include "gitea.fullname" . -}} {{- $fullName := include "gitea.fullname" . -}}
{{- $httpPort := .Values.service.http.port -}} {{- $httpPort := .Values.service.http.port -}}
{{- $apiVersion := "extensions/v1beta1" -}} apiVersion: networking.k8s.io/v1
{{- if .Values.ingress.apiVersion -}}
{{- $apiVersion = .Values.ingress.apiVersion -}}
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}}
{{- $apiVersion = "networking.k8s.io/v1" }}
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress" -}}
{{- $apiVersion = "networking.k8s.io/v1beta1" }}
{{- end }}
apiVersion: {{ $apiVersion }}
kind: Ingress kind: Ingress
metadata: metadata:
name: {{ $fullName }} name: {{ $fullName }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
annotations: annotations:
@@ -20,9 +13,7 @@ metadata:
{{ $key }}: {{ $value | quote }} {{ $key }}: {{ $value | quote }}
{{- end }} {{- end }}
spec: spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ tpl .Values.ingress.className . }} ingressClassName: {{ tpl .Values.ingress.className . }}
{{- end }}
{{- if .Values.ingress.tls }} {{- if .Values.ingress.tls }}
tls: tls:
{{- range .Values.ingress.tls }} {{- range .Values.ingress.tls }}
@@ -38,21 +29,34 @@ spec:
- host: {{ tpl .host $ | quote }} - host: {{ tpl .host $ | quote }}
http: http:
paths: paths:
{{- if .paths }}
{{- range .paths }} {{- range .paths }}
- path: {{ .path }} {{- if kindIs "string" . }}
{{- if and .pathType (eq $apiVersion "networking.k8s.io/v1") }} - path: {{ . }}
pathType: {{ .pathType }} pathType: {{ default "Prefix" $.Values.ingress.pathType }}
{{- end }} backend:
service:
name: {{ $fullName }}-http
port:
number: {{ $httpPort }}
{{- else }}
- path: {{ .path | default "/" }}
pathType: {{ .pathType | default "Prefix" }}
backend:
service:
name: {{ $fullName }}-http
port:
number: {{ $httpPort }}
{{- end }}
{{- end }}
{{- else }}
- path: "/"
pathType: "Prefix"
backend: backend:
{{- if eq $apiVersion "networking.k8s.io/v1" }}
service: service:
name: {{ $fullName }}-http name: {{ $fullName }}-http
port: port:
number: {{ $httpPort }} number: {{ $httpPort }}
{{- else }}
serviceName: {{ $fullName }}-http
servicePort: {{ $httpPort }}
{{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}

View File

@@ -2,15 +2,12 @@ apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "gitea.fullname" . }}-init name: {{ include "gitea.fullname" . }}-init
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
type: Opaque type: Opaque
stringData: stringData:
configure_gpg_environment.sh: |- {{ (.Files.Glob "scripts/init-containers/init/*.sh").AsConfig | indent 2 }}
#!/usr/bin/env bash
set -eu
gpg --batch --import /raw/private.asc
init_directory_structure.sh: |- init_directory_structure.sh: |-
#!/usr/bin/env bash #!/usr/bin/env bash
@@ -24,27 +21,25 @@ stringData:
# END: initPreScript # END: initPreScript
{{- end }} {{- end }}
set -x
{{- if not .Values.image.rootless }} {{- if not .Values.image.rootless }}
chown 1000:1000 /data chown -v 1000:1000 /data
{{- end }} {{- end }}
mkdir -p /data/git/.ssh mkdir -pv /data/git/.ssh
chmod -R 700 /data/git/.ssh chmod -Rv 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
# prepare temp directory structure # prepare temp directory structure
mkdir -p "${GITEA_TEMP}" mkdir -pv "${GITEA_TEMP}"
{{- if not .Values.image.rootless }} {{- if not .Values.image.rootless }}
chown 1000:1000 "${GITEA_TEMP}" chown -v 1000:1000 "${GITEA_TEMP}"
{{- end }} {{- end }}
chmod ug+rwx "${GITEA_TEMP}" chmod -v ug+rwx "${GITEA_TEMP}"
{{ if .Values.signing.enabled -}} {{ if .Values.signing.enabled -}}
if [ ! -d "${GNUPGHOME}" ]; then if [ ! -d "${GNUPGHOME}" ]; then
mkdir -p "${GNUPGHOME}" mkdir -pv "${GNUPGHOME}"
chmod 700 "${GNUPGHOME}" chmod -v 700 "${GNUPGHOME}"
chown 1000:1000 "${GNUPGHOME}" chown -v 1000:1000 "${GNUPGHOME}"
fi fi
{{- end }} {{- end }}
@@ -62,25 +57,25 @@ stringData:
exit 1 exit 1
} }
{{- if include "redis.servicename" . }} {{- if include "valkey.servicename" . }}
function test_redis_connection() { function test_valkey_connection() {
local RETRY=0 local RETRY=0
local MAX=30 local MAX=30
echo 'Wait for redis to become avialable...' echo 'Wait for valkey to become avialable...'
until [ "${RETRY}" -ge "${MAX}" ]; do until [ "${RETRY}" -ge "${MAX}" ]; do
nc -vz -w2 {{ include "redis.servicename" . }} {{ include "redis.port" . }} && break nc -vz -w2 {{ include "valkey.servicename" . }} {{ include "valkey.port" . }} && break
RETRY=$[${RETRY}+1] RETRY=$[${RETRY}+1]
echo "...not ready yet (${RETRY}/${MAX})" echo "...not ready yet (${RETRY}/${MAX})"
done done
if [ "${RETRY}" -ge "${MAX}" ]; then if [ "${RETRY}" -ge "${MAX}" ]; then
echo "Redis not reachable after '${MAX}' attempts!" echo "Valkey not reachable after '${MAX}' attempts!"
exit 1 exit 1
fi fi
} }
test_redis_connection test_valkey_connection
{{- end }} {{- end }}
@@ -99,7 +94,7 @@ stringData:
echo "ERROR: 'configure_admin_user' was not able to determine the current list of admin users." echo "ERROR: 'configure_admin_user' was not able to determine the current list of admin users."
echo " Please review the output of 'gitea admin user list --admin' shown below." echo " Please review the output of 'gitea admin user list --admin' shown below."
echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues." echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-gitea/issues."
echo "DEBUG: Output of 'gitea admin user list --admin'" echo "DEBUG: Output of 'gitea admin user list --admin'"
echo "--" echo "--"
echo "${full_admin_list}" echo "${full_admin_list}"
@@ -109,13 +104,33 @@ stringData:
local ACCOUNT_ID=$(echo "${actual_user_table}" | grep -E "\s+${GITEA_ADMIN_USERNAME}\s+" | awk -F " " "{printf \$1}") local ACCOUNT_ID=$(echo "${actual_user_table}" | grep -E "\s+${GITEA_ADMIN_USERNAME}\s+" | awk -F " " "{printf \$1}")
if [[ -z "${ACCOUNT_ID}" ]]; then if [[ -z "${ACCOUNT_ID}" ]]; then
local -a create_args
create_args=(--admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }})
if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = initialOnlyRequireReset ]]; then
create_args+=(--must-change-password=true)
else
create_args+=(--must-change-password=false)
fi
echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..." echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..."
gitea admin user create --admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }} --must-change-password=false gitea admin user create "${create_args[@]}"
echo '...created.' echo '...created.'
else else
echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..." if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = keepUpdated ]]; then
gitea admin user change-password --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..."
echo '...password sync done.' # See https://gitea.com/gitea/helm-gitea/issues/673
# --must-change-password argument was added to change-password, defaulting to true, counter to the previous behavior
# which acted as if it were provided with =false. If the argument is present in this version of gitea, then we
# should add it to prevent requiring frequent admin password resets.
local -a change_args
change_args=(--username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}")
if gitea admin user change-password --help | grep -qF -- '--must-change-password'; then
change_args+=(--must-change-password=false)
fi
gitea admin user change-password "${change_args[@]}"
echo '...password sync done.'
else
echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist, but update mode is set to '${GITEA_ADMIN_PASSWORD_MODE}'. Skipping."
fi
fi fi
} }
@@ -139,7 +154,7 @@ stringData:
echo "ERROR: 'configure_ldap' was not able to determine the current list of authentication sources." echo "ERROR: 'configure_ldap' was not able to determine the current list of authentication sources."
echo " Please review the output of 'gitea admin auth list --vertical-bars' shown below." echo " Please review the output of 'gitea admin auth list --vertical-bars' shown below."
echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues." echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-gitea/issues."
echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'" echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'"
echo "--" echo "--"
echo "${full_auth_list}" echo "${full_auth_list}"
@@ -183,7 +198,7 @@ stringData:
echo "ERROR: 'configure_oauth' was not able to determine the current list of authentication sources." echo "ERROR: 'configure_oauth' was not able to determine the current list of authentication sources."
echo " Please review the output of 'gitea admin auth list --vertical-bars' shown below." echo " Please review the output of 'gitea admin auth list --vertical-bars' shown below."
echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues." echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-gitea/issues."
echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'" echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'"
echo "--" echo "--"
echo "${full_auth_list}" echo "${full_auth_list}"

View File

@@ -0,0 +1,12 @@
{{- if and (.Values.gitea.metrics.enabled) (.Values.gitea.metrics.serviceMonitor.enabled) (.Values.gitea.metrics.token) -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "gitea.metrics-secret-name" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
type: Opaque
data:
token: {{ .Values.gitea.metrics.token | b64enc }}
{{- end }}

View File

@@ -7,6 +7,7 @@ apiVersion: policy/v1beta1
kind: PodDisruptionBudget kind: PodDisruptionBudget
metadata: metadata:
name: {{ include "gitea.fullname" . }} name: {{ include "gitea.fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
spec: spec:

View File

@@ -3,14 +3,14 @@ kind: PersistentVolumeClaim
apiVersion: v1 apiVersion: v1
metadata: metadata:
name: {{ .Values.persistence.claimName }} name: {{ .Values.persistence.claimName }}
namespace: {{ $.Release.Namespace }} namespace: {{ .Values.namespace | default .Release.Namespace }}
annotations: annotations:
{{ .Values.persistence.annotations | toYaml | indent 4}} {{ .Values.persistence.annotations | toYaml | indent 4}}
labels: labels:
{{ .Values.persistence.labels | toYaml | indent 4}} {{ .Values.persistence.labels | toYaml | indent 4}}
spec: spec:
accessModes: accessModes:
{{- if gt .Values.replicaCount 1.0 }} {{- if gt (.Values.replicaCount | int) 1 }}
- ReadWriteMany - ReadWriteMany
{{- else }} {{- else }}
{{- .Values.persistence.accessModes | toYaml | nindent 4 }} {{- .Values.persistence.accessModes | toYaml | nindent 4 }}

View File

@@ -3,7 +3,7 @@ apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: {{ include "gitea.serviceAccountName" . }} name: {{ include "gitea.serviceAccountName" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.labels }} {{- with .Values.serviceAccount.labels }}

View File

@@ -1,8 +1,9 @@
{{- if .Values.gitea.metrics.serviceMonitor.enabled -}} {{- if and .Values.gitea.metrics.enabled .Values.gitea.metrics.serviceMonitor.enabled -}}
apiVersion: monitoring.coreos.com/v1 apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor kind: ServiceMonitor
metadata: metadata:
name: {{ include "gitea.fullname" . }} name: {{ include "gitea.fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.gitea.metrics.serviceMonitor.additionalLabels }} {{- if .Values.gitea.metrics.serviceMonitor.additionalLabels }}
@@ -14,4 +15,29 @@ spec:
{{- include "gitea.selectorLabels" . | nindent 6 }} {{- include "gitea.selectorLabels" . | nindent 6 }}
endpoints: endpoints:
- port: http - port: http
{{- if .Values.gitea.metrics.serviceMonitor.interval }}
interval: {{ .Values.gitea.metrics.serviceMonitor.interval }}
{{- end }}
{{- with .Values.gitea.metrics.serviceMonitor.relabelings }}
relabelings:
{{- . | toYaml | nindent 6 }}
{{- end }}
{{- if .Values.gitea.metrics.serviceMonitor.scheme }}
scheme: {{ .Values.gitea.metrics.serviceMonitor.scheme }}
{{- end }}
{{- if .Values.gitea.metrics.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.gitea.metrics.serviceMonitor.scrapeTimeout }}
{{- end }}
{{- with .Values.gitea.metrics.serviceMonitor.tlsConfig }}
tlsConfig:
{{- . | toYaml | nindent 6 }}
{{- end }}
{{- if .Values.gitea.metrics.token }}
authorization:
type: Bearer
credentials:
name: {{ include "gitea.metrics-secret-name" . }}
key: token
optional: false
{{- end }}
{{- end -}} {{- end -}}

View File

@@ -2,6 +2,7 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ include "gitea.fullname" . }}-ssh name: {{ include "gitea.fullname" . }}-ssh
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.service.ssh.labels }} {{- if .Values.service.ssh.labels }}
@@ -12,6 +13,9 @@ metadata:
spec: spec:
type: {{ .Values.service.ssh.type }} type: {{ .Values.service.ssh.type }}
{{- if eq .Values.service.ssh.type "LoadBalancer" }} {{- if eq .Values.service.ssh.type "LoadBalancer" }}
{{- if .Values.service.ssh.loadBalancerClass }}
loadBalancerClass: {{ .Values.service.ssh.loadBalancerClass }}
{{- end }}
{{- if .Values.service.ssh.loadBalancerIP }} {{- if .Values.service.ssh.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.ssh.loadBalancerIP }} loadBalancerIP: {{ .Values.service.ssh.loadBalancerIP }}
{{- end -}} {{- end -}}

View File

@@ -3,6 +3,7 @@ apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: "{{ include "gitea.fullname" . }}-test-connection" name: "{{ include "gitea.fullname" . }}-test-connection"
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{ include "gitea.labels" . | nindent 4 }} {{ include "gitea.labels" . | nindent 4 }}
annotations: annotations:

1
unittests/bash/bats Submodule

Submodule unittests/bash/bats added at 855844b834

View File

@@ -0,0 +1,7 @@
#!/usr/bin/env bash
function common_setup() {
load "$TEST_ROOT/test_helper/bats-support/load"
load "$TEST_ROOT/test_helper/bats-assert/load"
load "$TEST_ROOT/test_helper/bats-mock/stub"
}

View File

@@ -0,0 +1,204 @@
#!/usr/bin/env bats
function setup() {
PROJECT_ROOT="$(git rev-parse --show-toplevel)"
TEST_ROOT="$PROJECT_ROOT/unittests/bash"
load "$TEST_ROOT/test_helper/common-setup"
common_setup
export GITEA_APP_INI="$BATS_TEST_TMPDIR/app.ini"
export TMP_EXISTING_ENVS_FILE="$BATS_TEST_TMPDIR/existing-envs"
export ENV_TO_INI_MOUNT_POINT="$BATS_TEST_TMPDIR/env-to-ini-mounts"
stub gitea \
"generate secret INTERNAL_TOKEN : echo 'mocked-internal-token'" \
"generate secret SECRET_KEY : echo 'mocked-secret-key'" \
"generate secret JWT_SECRET : echo 'mocked-jwt-secret'" \
"generate secret LFS_JWT_SECRET : echo 'mocked-lfs-jwt-secret'"
}
function teardown() {
unstub gitea
# This condition exists due to https://github.com/jasonkarns/bats-mock/pull/37 being still open
if [ $ENV_TO_INI_EXPECTED -eq 1 ]; then
unstub environment-to-ini
fi
}
# This function exists due to https://github.com/jasonkarns/bats-mock/pull/37 being still open
function expect_environment_to_ini_call() {
export ENV_TO_INI_EXPECTED=1
stub environment-to-ini \
"-o $GITEA_APP_INI : echo 'Stubbed environment-to-ini was called!'"
}
function execute_test_script() {
currentEnvsBefore=$(env | sort)
source $PROJECT_ROOT/scripts/init-containers/config/config_environment.sh
local exitCode=$?
currentEnvsAfter=$(env | sort)
# diff as unified +/- output without context before/after
diff --unified=0 <(echo "$currentEnvsBefore") <(echo "$currentEnvsAfter")
exit $exitCode
}
function write_mounted_file() {
# either "inlines" or "additionals"
scope="${1}"
file="${2}"
content="${3}"
mkdir -p "$ENV_TO_INI_MOUNT_POINT/$scope/..data/"
echo "${content}" > "$ENV_TO_INI_MOUNT_POINT/$scope/..data/$file"
ln -sf "$ENV_TO_INI_MOUNT_POINT/$scope/..data/$file" "$ENV_TO_INI_MOUNT_POINT/$scope/$file"
}
@test "works as expected when nothing is configured" {
expect_environment_to_ini_call
run $PROJECT_ROOT/scripts/init-containers/config/config_environment.sh
assert_success
assert_line '...Initial secrets generated'
assert_line 'Reloading preset envs...'
assert_line '=== All configuration sources loaded ==='
assert_line 'Stubbed environment-to-ini was called!'
}
@test "exports initial secrets" {
expect_environment_to_ini_call
run execute_test_script
assert_success
assert_line '+GITEA__OAUTH2__JWT_SECRET=mocked-jwt-secret'
assert_line '+GITEA__SECURITY__INTERNAL_TOKEN=mocked-internal-token'
assert_line '+GITEA__SECURITY__SECRET_KEY=mocked-secret-key'
assert_line '+GITEA__SERVER__LFS_JWT_SECRET=mocked-lfs-jwt-secret'
}
@test "does NOT export initial secrets when app.ini already exists" {
expect_environment_to_ini_call
touch $GITEA_APP_INI
run execute_test_script
assert_success
assert_line --partial 'An app.ini file already exists.'
refute_line '+GITEA__OAUTH2__JWT_SECRET=mocked-jwt-secret'
refute_line '+GITEA__SECURITY__INTERNAL_TOKEN=mocked-internal-token'
refute_line '+GITEA__SECURITY__SECRET_KEY=mocked-secret-key'
refute_line '+GITEA__SERVER__LFS_JWT_SECRET=mocked-lfs-jwt-secret'
}
@test "ensures that preset environment variables take precedence over auto-generated ones" {
expect_environment_to_ini_call
export GITEA__OAUTH2__JWT_SECRET="pre-defined-jwt-secret"
run execute_test_script
assert_success
refute_line '+GITEA__OAUTH2__JWT_SECRET=mocked-jwt-secret'
}
@test "ensures that preset environment variables take precedence over mounted ones" {
expect_environment_to_ini_call
export GITEA__OAUTH2__JWT_SECRET="pre-defined-jwt-secret"
write_mounted_file "inlines" "oauth2" "$(cat << EOF
JWT_SECRET=inline-jwt-secret
EOF
)"
run execute_test_script
assert_success
refute_line '+GITEA__OAUTH2__JWT_SECRET=mocked-jwt-secret'
refute_line '+GITEA__OAUTH2__JWT_SECRET=inline-jwt-secret'
}
@test "ensures that additionals take precedence over inlines" {
expect_environment_to_ini_call
write_mounted_file "inlines" "oauth2" "$(cat << EOF
JWT_SECRET=inline-jwt-secret
EOF
)"
write_mounted_file "additionals" "oauth2" "$(cat << EOF
JWT_SECRET=additional-jwt-secret
EOF
)"
run execute_test_script
assert_success
refute_line '+GITEA__OAUTH2__JWT_SECRET=mocked-jwt-secret'
refute_line '+GITEA__OAUTH2__JWT_SECRET=inline-jwt-secret'
assert_line '+GITEA__OAUTH2__JWT_SECRET=additional-jwt-secret'
}
@test "ensures that dotted/dashed sections are properly masked" {
expect_environment_to_ini_call
write_mounted_file "inlines" "repository.pull-request" "$(cat << EOF
WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]
EOF
)"
run execute_test_script
assert_success
assert_line '+GITEA__REPOSITORY_0X2E_PULL_0X2D_REQUEST__WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]'
}
###############################################################
##### THIS IS A BUG, BUT I WANT IT TO BE COVERED BY TESTS #####
###############################################################
@test "ensures uppercase section and setting names (🐞)" {
expect_environment_to_ini_call
export GITEA__oauth2__JwT_Secret="pre-defined-jwt-secret"
write_mounted_file "inlines" "repository.pull-request" "$(cat << EOF
WORK_IN_progress_PREFIXES=WIP:,[WIP]
EOF
)"
run execute_test_script
assert_success
assert_line '+GITEA__REPOSITORY_0X2E_PULL_0X2D_REQUEST__WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]'
assert_line '+GITEA__OAUTH2__JWT_SECRET=pre-defined-jwt-secret'
}
@test "treats top-level configuration as section-less" {
expect_environment_to_ini_call
write_mounted_file "inlines" "_generals_" "$(cat << EOF
APP_NAME=Hello top-level configuration
RUN_MODE=dev
EOF
)"
run execute_test_script
assert_success
assert_line '+GITEA____APP_NAME=Hello top-level configuration'
assert_line '+GITEA____RUN_MODE=dev'
}
@test "fails on invalid setting" {
write_mounted_file "inlines" "_generals_" "$(cat << EOF
some random invalid string
EOF
)"
run execute_test_script
assert_failure
}
@test "treats empty setting name as invalid setting" {
write_mounted_file "inlines" "_generals_" "$(cat << EOF
=value
EOF
)"
run execute_test_script
assert_failure
}

View File

@@ -1,45 +0,0 @@
suite: config template | cache config
release:
name: gitea-unittests
namespace: testing
tests:
- it: "cache is configured correctly for redis-cluster"
template: templates/gitea/config.yaml
set:
redis-cluster:
enabled: true
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=redis
HOST=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "cache is configured correctly for 'memory' when redis-cluster is disabled"
template: templates/gitea/config.yaml
set:
redis-cluster:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=memory
HOST=
- it: "cache can be customized when redis-cluster is disabled"
template: templates/gitea/config.yaml
set:
redis-cluster:
enabled: false
gitea.config.cache.ADAPTER: custom-adapter
gitea.config.cache.HOST: custom-host
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=custom-adapter
HOST=custom-host

View File

@@ -1,30 +0,0 @@
suite: config template | database section (postgresql-ha)
release:
name: gitea-unittests
namespace: testing
tests:
- it: connects to pgpool service
template: templates/gitea/config.yaml
set:
postgresql:
enabled: false
postgresql-ha:
enabled: true
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: HOST=gitea-unittests-postgresql-ha-pgpool.testing.svc.cluster.local:5432
- it: renders the referenced service
template: charts/postgresql-ha/templates/pgpool/service.yaml
set:
postgresql:
enabled: false
postgresql-ha:
enabled: true
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-postgresql-ha-pgpool
namespace: testing

View File

@@ -1,30 +0,0 @@
suite: config template | database section (postgresql)
release:
name: gitea-unittests
namespace: testing
tests:
- it: "connects to postgresql service"
template: templates/gitea/config.yaml
set:
postgresql:
enabled: true
postgresql-ha:
enabled: false
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: HOST=gitea-unittests-postgresql.testing.svc.cluster.local:5432
- it: "renders the referenced service"
template: charts/postgresql/templates/primary/svc.yaml
set:
postgresql:
enabled: true
postgresql-ha:
enabled: false
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-postgresql
namespace: testing

View File

@@ -1,45 +0,0 @@
suite: config template | queue config
release:
name: gitea-unittests
namespace: testing
tests:
- it: "queue is configured correctly for redis-cluster"
template: templates/gitea/config.yaml
set:
redis-cluster:
enabled: true
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
TYPE=redis
- it: "queue is configured correctly for 'levelDB' when redis-cluster is disabled"
template: templates/gitea/config.yaml
set:
redis-cluster:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=
TYPE=level
- it: "queue can be customized when redis-cluster is disabled"
template: templates/gitea/config.yaml
set:
redis-cluster:
enabled: false
gitea.config.queue.TYPE: custom-type
gitea.config.queue.CONN_STR: custom-connection-string
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=custom-connection-string
TYPE=custom-type

View File

@@ -1,45 +0,0 @@
suite: config template | session config
release:
name: gitea-unittests
namespace: testing
tests:
- it: "session is configured correctly for redis-cluster"
template: templates/gitea/config.yaml
set:
redis-cluster:
enabled: true
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=redis
PROVIDER_CONFIG=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "session is configured correctly for 'memory' when redis-cluster is disabled"
template: templates/gitea/config.yaml
set:
redis-cluster:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=memory
PROVIDER_CONFIG=
- it: "session can be customized when redis-cluster is disabled"
template: templates/gitea/config.yaml
set:
redis-cluster:
enabled: false
gitea.config.session.PROVIDER: custom-provider
gitea.config.session.PROVIDER_CONFIG: custom-provider-config
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=custom-provider
PROVIDER_CONFIG=custom-provider-config

View File

@@ -1,31 +0,0 @@
suite: deployment template (basic)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: renders a deployment
template: templates/gitea/deployment.yaml
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: Deployment
apiVersion: apps/v1
name: gitea-unittests
- it: deployment labels are set
template: templates/gitea/deployment.yaml
set:
deployment.labels:
hello: world
asserts:
- isSubset:
path: metadata.labels
content:
hello: world
- isSubset:
path: spec.template.metadata.labels
content:
hello: world

View File

@@ -1,51 +0,0 @@
suite: ssh-svc / http-svc template (Services configuration)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/ssh-svc.yaml
- templates/gitea/http-svc.yaml
tests:
- it: supports adding custom labels to ssh-svc
template: templates/gitea/ssh-svc.yaml
set:
service:
ssh:
labels:
gitea/testkey: testvalue
asserts:
- equal:
path: metadata.labels["gitea/testkey"]
value: "testvalue"
- it: keeps existing labels (ssh)
template: templates/gitea/ssh-svc.yaml
set:
service:
ssh:
labels: {}
asserts:
- exists:
path: metadata.labels["app"]
- it: supports adding custom labels to http-svc
template: templates/gitea/http-svc.yaml
set:
service:
http:
labels:
gitea/testkey: testvalue
asserts:
- equal:
path: metadata.labels["gitea/testkey"]
value: "testvalue"
- it: keeps existing labels (http)
template: templates/gitea/http-svc.yaml
set:
service:
http:
labels: {}
asserts:
- exists:
path: metadata.labels["app"]

View File

@@ -0,0 +1,12 @@
suite: Check if actions raises an error
release:
name: gitea-unittests
namespace: testing
tests:
- it: fails when trying to configure actions due to removal
set:
actions:
enabled: true
asserts:
- failedTemplate:
errorMessage: The actions sub-chart has been outsourced to a dedicated chart available at https://gitea.com/gitea/helm-actions. For assistance with the migration process, check https://gitea.com/gitea/helm-actions/issues/9.

View File

@@ -0,0 +1,24 @@
suite: config template | actions config
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/config.yaml
tests:
- it: "actions are enabled by default (based on vanilla Gitea behavior)"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
notExists:
path: stringData.actions
- it: "actions can be disabled via inline config"
template: templates/gitea/config.yaml
set:
gitea.config.actions.ENABLED: false
asserts:
- documentIndex: 0
equal:
path: stringData.actions
value: |-
ENABLED=false

View File

@@ -0,0 +1,66 @@
suite: config template | cache config
release:
name: gitea-unittests
namespace: testing
tests:
- it: "cache is configured correctly for valkey-cluster"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: true
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=redis
HOST=redis+cluster://:@gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "cache is configured correctly for valkey"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: true
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=redis
HOST=redis://:changeme@gitea-unittests-valkey-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "cache is configured correctly for 'memory' when valkey (or valkey-cluster) is disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=memory
HOST=
- it: "cache can be customized when valkey (or valkey-cluster) is disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
gitea.config.cache.ADAPTER: custom-adapter
gitea.config.cache.HOST: custom-host
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=custom-adapter
HOST=custom-host

View File

@@ -0,0 +1,58 @@
suite: config template | metrics section (metrics token)
release:
name: gitea-unittests
namespace: testing
tests:
- it: metrics token is set
template: templates/gitea/config.yaml
set:
gitea:
metrics:
enabled: true
token: "somepassword"
asserts:
- documentIndex: 0
equal:
path: stringData.metrics
value: |-
ENABLED=true
TOKEN=somepassword
- it: metrics token is empty
template: templates/gitea/config.yaml
set:
gitea:
metrics:
enabled: true
token: ""
asserts:
- documentIndex: 0
equal:
path: stringData.metrics
value: |-
ENABLED=true
- it: metrics token is nil
template: templates/gitea/config.yaml
set:
gitea:
metrics:
enabled: true
token:
asserts:
- documentIndex: 0
equal:
path: stringData.metrics
value: |-
ENABLED=true
- it: does not configures a token if metrics are disabled
template: templates/gitea/config.yaml
set:
gitea:
metrics:
enabled: false
token: "somepassword"
asserts:
- documentIndex: 0
equal:
path: stringData.metrics
value: |-
ENABLED=false

View File

@@ -0,0 +1,66 @@
suite: config template | queue config
release:
name: gitea-unittests
namespace: testing
tests:
- it: "queue is configured correctly for valkey-cluster"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: true
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=redis+cluster://:@gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
TYPE=redis
- it: "queue is configured correctly for valkey"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: true
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=redis://:changeme@gitea-unittests-valkey-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
TYPE=redis
- it: "queue is configured correctly for 'levelDB' when valkey (and valkey-cluster) is disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=
TYPE=level
- it: "queue can be customized when valkey (and valkey-cluster) are disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
gitea.config.queue.TYPE: custom-type
gitea.config.queue.CONN_STR: custom-connection-string
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=custom-connection-string
TYPE=custom-type

View File

@@ -0,0 +1,66 @@
suite: config template | session config
release:
name: gitea-unittests
namespace: testing
tests:
- it: "session is configured correctly for valkey-cluster"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: true
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=redis
PROVIDER_CONFIG=redis+cluster://:@gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "session is configured correctly for valkey"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: true
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=redis
PROVIDER_CONFIG=redis://:changeme@gitea-unittests-valkey-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "session is configured correctly for 'memory' when valkey (and valkey-cluster) is disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=memory
PROVIDER_CONFIG=
- it: "session can be customized when valkey (and valkey-cluster) is disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
gitea.config.session.PROVIDER: custom-provider
gitea.config.session.PROVIDER_CONFIG: custom-provider-config
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=custom-provider
PROVIDER_CONFIG=custom-provider-config

View File

@@ -0,0 +1,129 @@
suite: Dependency checks | Customization integrity | postgresql-ha
release:
name: gitea-unittests
namespace: testing
set:
postgresql:
enabled: false
postgresql-ha:
enabled: true
global:
postgresql:
database: gitea-database
password: gitea-password
username: gitea-username
postgresql:
repmgrPassword: custom-password-repmgr
postgresPassword: custom-password-postgres
password: custom-password-overwritten-by-global-postgresql-password
pgpool:
adminPassword: custom-password-pgpool
srCheckPassword: custom-password-sr-check
service:
ports:
postgresql: 1234
persistence:
size: 1337Mi
tests:
- it: "[postgresql-ha] DB settings are applied as expected"
template: charts/postgresql-ha/templates/postgresql/statefulset.yaml
asserts:
- documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: POSTGRES_DB
value: "gitea-database"
- documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: POSTGRES_USER
value: "gitea-username"
- it: "[postgresql-ha] DB passwords are applied as expected"
template: charts/postgresql-ha/templates/postgresql/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["repmgr-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXJlcG1ncg=="
- documentIndex: 0
equal:
path: data["postgres-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXBvc3RncmVz"
- documentIndex: 0
equal:
path: data["password"]
value: "Z2l0ZWEtcGFzc3dvcmQ=" # postgresql-ha.postgresql.password is overwritten by postgresql-ha.global.postgresql.password and should not be referenced here
- it: "[postgresql-ha] pgpool.adminPassword is applied as expected"
template: charts/postgresql-ha/templates/pgpool/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["admin-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXBncG9vbA=="
- it: "[postgresql-ha] pgpool.adminPassword is applied as expected"
template: charts/postgresql-ha/templates/pgpool/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["admin-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXBncG9vbA=="
- it: "[postgresql-ha] pgpool.adminPassword is applied as expected"
template: charts/postgresql-ha/templates/pgpool/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["admin-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXBncG9vbA=="
- it: "[postgresql-ha] pgpool.srCheckPassword is applied as expected"
template: charts/postgresql-ha/templates/pgpool/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["sr-check-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXNyLWNoZWNr"
- it: "[postgresql-ha] persistence.size is applied as expected"
template: charts/postgresql-ha/templates/postgresql/statefulset.yaml
asserts:
- documentIndex: 0
equal:
path: spec.volumeClaimTemplates[0].spec.resources.requests.storage
value: "1337Mi"
- it: "[postgresql-ha] service.ports.postgresql is applied as expected"
template: charts/postgresql-ha/templates/pgpool/service.yaml
asserts:
- documentIndex: 0
equal:
path: spec.ports[0].port
value: 1234
- it: "[postgresql-ha] renders the referenced service"
template: charts/postgresql-ha/templates/pgpool/service.yaml
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-postgresql-ha-pgpool
namespace: testing
- it: "[gitea] connects to pgpool service"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: HOST=gitea-unittests-postgresql-ha-pgpool.testing.svc.cluster.local:1234
- it: "[gitea] connects to configured database"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: NAME=gitea-database
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: USER=gitea-username
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: PASSWD=gitea-password

View File

@@ -0,0 +1,88 @@
suite: Dependency checks | Customization integrity | postgresql
release:
name: gitea-unittests
namespace: testing
set:
postgresql-ha:
enabled: false
postgresql:
enabled: true
global:
postgresql:
auth:
password: gitea-password
database: gitea-database
username: gitea-username
service:
ports:
postgresql: 1234
primary:
persistence:
size: 1337Mi
tests:
- it: "[postgresql] DB settings are applied as expected"
template: charts/postgresql/templates/primary/statefulset.yaml
asserts:
- documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: POSTGRES_DATABASE
value: "gitea-database"
- documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: POSTGRES_USER
value: "gitea-username"
- it: "[postgresql] DB password is applied as expected"
template: charts/postgresql/templates/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["password"]
value: "Z2l0ZWEtcGFzc3dvcmQ="
- it: "[postgresql] primary.persistence.size is applied as expected"
template: charts/postgresql/templates/primary/statefulset.yaml
asserts:
- documentIndex: 0
equal:
path: spec.volumeClaimTemplates[0].spec.resources.requests.storage
value: "1337Mi"
- it: "[postgresql] global.postgresql.service.ports.postgresql is applied as expected"
template: charts/postgresql/templates/primary/svc.yaml
asserts:
- documentIndex: 0
equal:
path: spec.ports[0].port
value: 1234
- it: "[postgresql] renders the referenced service"
template: charts/postgresql/templates/primary/svc.yaml
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-postgresql
namespace: testing
- it: "[gitea] connects to postgresql service"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: HOST=gitea-unittests-postgresql.testing.svc.cluster.local:1234
- it: "[gitea] connects to configured database"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: NAME=gitea-database
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: USER=gitea-username
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: PASSWD=gitea-password

View File

@@ -0,0 +1,90 @@
suite: Dependency checks | Customization integrity | valkey-cluster
release:
name: gitea-unittests
namespace: testing
set:
valkey:
enabled: false
valkey-cluster:
enabled: true
usePassword: false
cluster:
nodes: 5
replicas: 2
tests:
- it: "[valkey-cluster] configures correct nodes/replicas"
template: charts/valkey-cluster/templates/valkey-statefulset.yaml
asserts:
- documentIndex: 0
equal:
path: spec.replicas
value: 5
- documentIndex: 0
matchRegex:
path: spec.template.spec.containers[0].args[0]
pattern: VALKEY_CLUSTER_REPLICAS="2"
- it: "[valkey-cluster] support auth-less connections"
asserts:
- template: charts/valkey-cluster/templates/secret.yaml
hasDocuments:
count: 0
- template: charts/valkey-cluster/templates/valkey-statefulset.yaml
documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: ALLOW_EMPTY_PASSWORD
value: "yes"
- it: "[valkey-cluster] support auth-full connections"
set:
valkey-cluster:
usePassword: true
asserts:
- template: charts/valkey-cluster/templates/secret.yaml
containsDocument:
kind: Secret
apiVersion: v1
name: gitea-unittests-valkey-cluster
namespace: testing
- template: charts/valkey-cluster/templates/valkey-statefulset.yaml
documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: REDISCLI_AUTH
valueFrom:
secretKeyRef:
name: gitea-unittests-valkey-cluster
key: valkey-password
- template: charts/valkey-cluster/templates/valkey-statefulset.yaml
documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: REDISCLI_AUTH
valueFrom:
secretKeyRef:
name: gitea-unittests-valkey-cluster
key: valkey-password
- it: "[valkey-cluster] renders the referenced service"
template: charts/valkey-cluster/templates/headless-svc.yaml
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-valkey-cluster-headless
namespace: testing
- documentIndex: 0
contains:
path: spec.ports
content:
name: tcp-redis
port: 6379
targetPort: tcp-redis
- it: "[gitea] waits for valkey-cluster to be up and running"
template: templates/gitea/init.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData["configure_gitea.sh"]
pattern: nc -vz -w2 gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local 6379

View File

@@ -0,0 +1,52 @@
suite: Dependency checks | Customization integrity | valkey
release:
name: gitea-unittests
namespace: testing
set:
valkey-cluster:
enabled: false
valkey:
enabled: true
architecture: standalone
global:
valkey:
password: gitea-password
master:
count: 2
tests:
- it: "[valkey] configures correct 'master' nodes"
template: charts/valkey/templates/primary/application.yaml
asserts:
- documentIndex: 0
equal:
path: spec.replicas
value: 1
- it: "[valkey] valkey.global.valkey.password is applied as expected"
template: charts/valkey/templates/secret.yaml
asserts:
- documentIndex: 0
equal:
path: data["valkey-password"]
value: "Z2l0ZWEtcGFzc3dvcmQ="
- it: "[valkey] renders the referenced service"
template: charts/valkey/templates/headless-svc.yaml
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-valkey-headless
namespace: testing
- documentIndex: 0
contains:
path: spec.ports
content:
name: tcp-redis
port: 6379
targetPort: redis
- it: "[gitea] waits for valkey to be up and running"
template: templates/gitea/init.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData["configure_gitea.sh"]
pattern: nc -vz -w2 gitea-unittests-valkey-headless.testing.svc.cluster.local 6379

View File

@@ -1,4 +1,4 @@
suite: Dependency update consistency suite: Dependency checks | Major image bumps
release: release:
name: gitea-unittests name: gitea-unittests
namespace: testing namespace: testing
@@ -15,7 +15,7 @@ tests:
matchRegex: matchRegex:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
# IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST
pattern: bitnami/postgresql-repmgr:16.+$ pattern: bitnami/postgresql-repmgr:17.+$
- it: "[postgresql] ensures we detect major image version upgrades" - it: "[postgresql] ensures we detect major image version upgrades"
template: charts/postgresql/templates/primary/statefulset.yaml template: charts/postgresql/templates/primary/statefulset.yaml
set: set:
@@ -28,15 +28,30 @@ tests:
matchRegex: matchRegex:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
# IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST
pattern: bitnami/postgresql:16.+$ pattern: bitnami/postgresql:17.+$
- it: "[redis-cluster] ensures we detect major image version upgrades" - it: "[valkey-cluster] ensures we detect major image version upgrades"
template: charts/redis-cluster/templates/redis-statefulset.yaml template: charts/valkey-cluster/templates/valkey-statefulset.yaml
set: set:
redis-cluster: valkey-cluster:
enabled: true
valkey:
enabled: false
asserts:
- documentIndex: 0
matchRegex:
path: spec.template.spec.containers[0].image
# IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST
pattern: bitnami/valkey-cluster:8.+$
- it: "[valkey] ensures we detect major image version upgrades"
template: charts/valkey/templates/primary/application.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: true enabled: true
asserts: asserts:
- documentIndex: 0 - documentIndex: 0
matchRegex: matchRegex:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
# IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST
pattern: bitnami/redis-cluster:7.+$ pattern: bitnami/valkey:8.+$

View File

@@ -20,14 +20,14 @@ tests:
ENABLED: true ENABLED: true
asserts: asserts:
- failedTemplate: - failedTemplate:
errorMessage: "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." errorMessage: "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'gitea.config.cron.GIT_GC_REPOS.enabled = false'."
- it: fails with multiple replicas and RWX file system not set - it: fails with multiple replicas and RWX file system not set
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
replicaCount: 2 replicaCount: 2
asserts: asserts:
- failedTemplate: - failedTemplate:
errorMessage: "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." errorMessage: "When using multiple replicas, a RWX file system is required and persistence.accessModes[0] must be set to ReadWriteMany."
- it: fails with multiple replicas and bleve issue indexer - it: fails with multiple replicas and bleve issue indexer
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:

View File

@@ -0,0 +1,95 @@
suite: deployment template (basic)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: renders a deployment
template: templates/gitea/deployment.yaml
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: Deployment
apiVersion: apps/v1
name: gitea-unittests
- it: deployment labels are set
template: templates/gitea/deployment.yaml
set:
deployment.labels:
hello: world
asserts:
- isSubset:
path: metadata.labels
content:
hello: world
- isSubset:
path: spec.template.metadata.labels
content:
hello: world
- it: "injects TMP_EXISTING_ENVS_FILE as environment variable to 'init-app-ini' init container"
template: templates/gitea/deployment.yaml
asserts:
- contains:
path: spec.template.spec.initContainers[1].env
content:
name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- it: "injects ENV_TO_INI_MOUNT_POINT as environment variable to 'init-app-ini' init container"
template: templates/gitea/deployment.yaml
asserts:
- contains:
path: spec.template.spec.initContainers[1].env
content:
name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- it: CPU resources are defined as well as GOMAXPROCS
template: templates/gitea/deployment.yaml
set:
resources:
limits:
cpu: 200ms
memory: 200Mi
requests:
cpu: 100ms
memory: 100Mi
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: "1"
resource: limits.cpu
- equal:
path: spec.template.spec.containers[0].resources
value:
limits:
cpu: 200ms
memory: 200Mi
requests:
cpu: 100ms
memory: 100Mi
- it: Init containers have correct volumeMount path
template: templates/gitea/deployment.yaml
set:
initContainersScriptsVolumeMountPath: "/custom/init/path"
asserts:
- equal:
path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="init")].mountPath
value: "/custom/init/path"
- equal:
path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="config")].mountPath
value: "/custom/init/path"
- it: Init containers have correct volumeMount path if there is no override
template: templates/gitea/deployment.yaml
asserts:
- equal:
path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="init")].mountPath
value: "/usr/sbinx"
- equal:
path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="config")].mountPath
value: "/usr/sbinx"

View File

@@ -0,0 +1,150 @@
suite: deployment template
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: Renders a deployment
template: templates/gitea/deployment.yaml
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: Deployment
apiVersion: apps/v1
name: gitea-unittests
- it: Deployment with empty additionalConfigFromEnvs
template: templates/gitea/deployment.yaml
set:
gitea.additionalConfigFromEnvs: []
asserts:
- hasDocuments:
count: 1
- exists:
path: spec.template.spec.initContainers[1].env
- lengthEqual:
path: spec.template.spec.initContainers[1].env
count: 6
- isSubset:
path: spec.template.spec.initContainers[1]
content:
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- it: Deployment with standard additionalConfigFromEnvs
template: templates/gitea/deployment.yaml
set:
gitea.additionalConfigFromEnvs: [{name: GITEA_database_HOST, value: my-db:123}, {name: GITEA_database_USER, value: my-user}]
asserts:
- hasDocuments:
count: 1
- exists:
path: spec.template.spec.initContainers[1].env
- lengthEqual:
path: spec.template.spec.initContainers[1].env
count: 8
- isSubset:
path: spec.template.spec.initContainers[1]
content:
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- name: GITEA_database_HOST
value: my-db:123
- name: GITEA_database_USER
value: my-user
- it: Deployment with templated additionalConfigFromEnvs
template: templates/gitea/deployment.yaml
set:
gitea.misc.host: my-db-host:321
gitea.misc.user: my-db-user
gitea.additionalConfigFromEnvs: [{name: GITEA_database_HOST, value: "{{ .Values.gitea.misc.host }}"}, {name: GITEA_database_USER, value: "{{ .Values.gitea.misc.user }}"}]
asserts:
- hasDocuments:
count: 1
- exists:
path: spec.template.spec.initContainers[1].env
- lengthEqual:
path: spec.template.spec.initContainers[1].env
count: 8
- isSubset:
path: spec.template.spec.initContainers[1]
content:
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- name: GITEA_database_HOST
value: my-db-host:321
- name: GITEA_database_USER
value: my-db-user
- it: Deployment with additionalConfigFromEnvs templated secret name
template: templates/gitea/deployment.yaml
set:
gitea.misc.existingSecret: my-db-secret
gitea.additionalConfigFromEnvs[0]:
name: GITEA_database_HOST
valueFrom:
secretKeyRef:
name: "{{ .Values.gitea.misc.existingSecret }}"
key: password
asserts:
- hasDocuments:
count: 1
- exists:
path: spec.template.spec.initContainers[1].env
- lengthEqual:
path: spec.template.spec.initContainers[1].env
count: 7
- isSubset:
path: spec.template.spec.initContainers[1]
content:
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- name: GITEA_database_HOST
valueFrom:
secretKeyRef:
name: "my-db-secret"
key: password

View File

@@ -0,0 +1,59 @@
suite: deployment template
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: Render the deployment (default)
asserts:
- hasDocuments:
count: 1
template: templates/gitea/deployment.yaml
- lengthEqual:
path: spec.template.spec.initContainers
count: 3
template: templates/gitea/deployment.yaml
- it: Render the deployment (signing)
set:
signing.enabled: true
asserts:
- hasDocuments:
count: 1
template: templates/gitea/deployment.yaml
- lengthEqual:
path: spec.template.spec.initContainers
count: 4
template: templates/gitea/deployment.yaml
- it: Render the deployment (extraInitContainers)
set:
postExtraInitContainers:
- name: foo
image: docker.io/library/busybox:latest
preExtraInitContainers:
- name: bar
image: docker.io/library/busybox:latest
signing.enabled: true
asserts:
- hasDocuments:
count: 1
template: templates/gitea/deployment.yaml
- lengthEqual:
path: spec.template.spec.initContainers
count: 6
template: templates/gitea/deployment.yaml
- contains:
path: spec.template.spec.initContainers
content:
name: foo
image: docker.io/library/busybox:latest
template: templates/gitea/deployment.yaml
- contains:
path: spec.template.spec.initContainers
content:
name: bar
image: docker.io/library/busybox:latest
template: templates/gitea/deployment.yaml

View File

@@ -14,7 +14,7 @@ tests:
asserts: asserts:
- equal: - equal:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.3-rootless" value: "docker.gitea.com/gitea:1.19.3-rootless"
- it: tag override - it: tag override
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
@@ -22,7 +22,7 @@ tests:
asserts: asserts:
- equal: - equal:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.4-rootless" value: "docker.gitea.com/gitea:1.19.4-rootless"
- it: root-based image - it: root-based image
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
@@ -30,7 +30,7 @@ tests:
asserts: asserts:
- equal: - equal:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.3" value: "docker.gitea.com/gitea:1.19.3"
- it: scoped registry - it: scoped registry
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
@@ -38,7 +38,7 @@ tests:
asserts: asserts:
- equal: - equal:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
value: "example.com/gitea/gitea:1.19.3-rootless" value: "example.com/gitea:1.19.3-rootless"
- it: global registry - it: global registry
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
@@ -46,7 +46,7 @@ tests:
asserts: asserts:
- equal: - equal:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
value: "global.example.com/gitea/gitea:1.19.3-rootless" value: "global.example.com/gitea:1.19.3-rootless"
- it: digest for rootless image - it: digest for rootless image
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
@@ -56,12 +56,12 @@ tests:
asserts: asserts:
- equal: - equal:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a" value: "docker.gitea.com/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: image fullOverride (does not append rootless) - it: image fullOverride (does not append rootless)
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
image: image:
fullOverride: gitea/gitea:1.19.3 fullOverride: docker.gitea.com/gitea:1.19.3
# setting rootless, registry, repository, tag, and digest to prove that override works # setting rootless, registry, repository, tag, and digest to prove that override works
rootless: true rootless: true
registry: example.com registry: example.com
@@ -71,7 +71,7 @@ tests:
asserts: asserts:
- equal: - equal:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.3" value: "docker.gitea.com/gitea:1.19.3"
- it: digest for root-based image - it: digest for root-based image
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
@@ -81,7 +81,7 @@ tests:
asserts: asserts:
- equal: - equal:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.3@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a" value: "docker.gitea.com/gitea:1.19.3@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: digest and global registry - it: digest and global registry
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
@@ -90,21 +90,21 @@ tests:
asserts: asserts:
- equal: - equal:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
value: "global.example.com/gitea/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a" value: "global.example.com/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: correctly renders floating tag references - it: correctly renders floating tag references
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
image.tag: 1.21 # use non-quoted value on purpose. See: https://gitea.com/gitea/helm-chart/issues/631 image.tag: 1.21 # use non-quoted value on purpose. See: https://gitea.com/gitea/helm-gitea/issues/631
asserts: asserts:
- equal: - equal:
path: spec.template.spec.initContainers[0].image path: spec.template.spec.initContainers[0].image
value: "gitea/gitea:1.21-rootless" value: "docker.gitea.com/gitea:1.21-rootless"
- equal: - equal:
path: spec.template.spec.initContainers[1].image path: spec.template.spec.initContainers[1].image
value: "gitea/gitea:1.21-rootless" value: "docker.gitea.com/gitea:1.21-rootless"
- equal: - equal:
path: spec.template.spec.initContainers[2].image path: spec.template.spec.initContainers[2].image
value: "gitea/gitea:1.21-rootless" value: "docker.gitea.com/gitea:1.21-rootless"
- equal: - equal:
path: spec.template.spec.containers[0].image path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.21-rootless" value: "docker.gitea.com/gitea:1.21-rootless"

View File

@@ -1,28 +1,7 @@
suite: ingress template suite: Test ingress tpl use
release:
name: gitea-unittests
namespace: testing
templates: templates:
- templates/gitea/ingress.yaml - templates/gitea/ingress.yaml
tests: tests:
- it: hostname using TPL
set:
global.giteaHostName: "gitea.example.com"
ingress.enabled: true
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
ingress.tls:
- secretName: gitea-tls
hosts:
- "{{ .Values.global.giteaHostName }}"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "gitea.example.com"
- equal:
path: spec.rules[0].host
value: "gitea.example.com"
- it: Ingress Class using TPL - it: Ingress Class using TPL
set: set:
global.ingress.className: "ingress-class" global.ingress.className: "ingress-class"
@@ -45,3 +24,22 @@ tests:
- equal: - equal:
path: spec.ingressClassName path: spec.ingressClassName
value: "ingress-class" value: "ingress-class"
- it: hostname using TPL
set:
global.giteaHostName: "gitea.example.com"
ingress.enabled: true
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
ingress.tls:
- secretName: gitea-tls
hosts:
- "{{ .Values.global.giteaHostName }}"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "gitea.example.com"
- equal:
path: spec.rules[0].host
value: "gitea.example.com"

View File

@@ -0,0 +1,188 @@
suite: deployment template (probes)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: renders default liveness probe
template: templates/gitea/deployment.yaml
asserts:
- notExists:
path: spec.template.spec.containers[0].livenessProbe.enabled
- isSubset:
path: spec.template.spec.containers[0].livenessProbe
content:
failureThreshold: 10
initialDelaySeconds: 200
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: http
timeoutSeconds: 1
- it: renders default readiness probe
template: templates/gitea/deployment.yaml
asserts:
- notExists:
path: spec.template.spec.containers[0].readinessProbe.enabled
- isSubset:
path: spec.template.spec.containers[0].readinessProbe
content:
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: http
timeoutSeconds: 1
- it: does not render a default startup probe
template: templates/gitea/deployment.yaml
asserts:
- notExists:
path: spec.template.spec.containers[0].startupProbe
- it: allows enabling a startup probe
template: templates/gitea/deployment.yaml
set:
gitea.startupProbe.enabled: true
asserts:
- notExists:
path: spec.template.spec.containers[0].startupProbe.enabled
- isSubset:
path: spec.template.spec.containers[0].startupProbe
content:
failureThreshold: 10
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: http
timeoutSeconds: 1
- it: allows overwriting the default port of the liveness probe
template: templates/gitea/deployment.yaml
set:
gitea:
livenessProbe:
tcpSocket:
port: my-port
asserts:
- isSubset:
path: spec.template.spec.containers[0].livenessProbe
content:
tcpSocket:
port: my-port
- it: allows overwriting the default port of the readiness probe
template: templates/gitea/deployment.yaml
set:
gitea:
readinessProbe:
tcpSocket:
port: my-port
asserts:
- isSubset:
path: spec.template.spec.containers[0].readinessProbe
content:
tcpSocket:
port: my-port
- it: allows overwriting the default port of the startup probe
template: templates/gitea/deployment.yaml
set:
gitea:
startupProbe:
enabled: true
tcpSocket:
port: my-port
asserts:
- isSubset:
path: spec.template.spec.containers[0].startupProbe
content:
tcpSocket:
port: my-port
- it: allows using a non-default method as liveness probe
template: templates/gitea/deployment.yaml
set:
gitea:
livenessProbe:
httpGet:
path: /api/healthz
port: http
initialDelaySeconds: 13371
timeoutSeconds: 13372
periodSeconds: 13373
successThreshold: 13374
failureThreshold: 13375
asserts:
- notExists:
path: spec.template.spec.containers[0].livenessProbe.tcpSocket
- isSubset:
path: spec.template.spec.containers[0].livenessProbe
content:
failureThreshold: 13375
initialDelaySeconds: 13371
periodSeconds: 13373
successThreshold: 13374
httpGet:
path: /api/healthz
port: http
timeoutSeconds: 13372
- it: allows using a non-default method as readiness probe
template: templates/gitea/deployment.yaml
set:
gitea:
readinessProbe:
httpGet:
path: /api/healthz
port: http
initialDelaySeconds: 13371
timeoutSeconds: 13372
periodSeconds: 13373
successThreshold: 13374
failureThreshold: 13375
asserts:
- notExists:
path: spec.template.spec.containers[0].readinessProbe.tcpSocket
- isSubset:
path: spec.template.spec.containers[0].readinessProbe
content:
failureThreshold: 13375
initialDelaySeconds: 13371
periodSeconds: 13373
successThreshold: 13374
httpGet:
path: /api/healthz
port: http
timeoutSeconds: 13372
- it: allows using a non-default method as startup probe
template: templates/gitea/deployment.yaml
set:
gitea:
startupProbe:
enabled: true
httpGet:
path: /api/healthz
port: http
initialDelaySeconds: 13371
timeoutSeconds: 13372
periodSeconds: 13373
successThreshold: 13374
failureThreshold: 13375
asserts:
- notExists:
path: spec.template.spec.containers[0].startupProbe.tcpSocket
- isSubset:
path: spec.template.spec.containers[0].startupProbe
content:
failureThreshold: 13375
initialDelaySeconds: 13371
periodSeconds: 13373
successThreshold: 13374
httpGet:
path: /api/healthz
port: http
timeoutSeconds: 13372

View File

@@ -0,0 +1,21 @@
suite: sidecar container
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: supports adding a sidecar container
template: templates/gitea/deployment.yaml
set:
extraContainers:
- name: sidecar-bob
image: busybox
asserts:
- equal:
path: spec.template.spec.containers[1].name
value: "sidecar-bob"
- equal:
path: spec.template.spec.containers[1].image
value: "busybox"

View File

@@ -18,7 +18,7 @@ tests:
value: configure-gpg value: configure-gpg
- equal: - equal:
path: spec.template.spec.initContainers[2].command path: spec.template.spec.initContainers[2].command
value: ["/usr/sbin/configure_gpg_environment.sh"] value: ["/usr/sbinx/configure_gpg_environment.sh"]
- equal: - equal:
path: spec.template.spec.initContainers[2].securityContext path: spec.template.spec.initContainers[2].securityContext
value: value:
@@ -28,11 +28,13 @@ tests:
value: value:
- name: GNUPGHOME - name: GNUPGHOME
value: /data/git/.gnupg value: /data/git/.gnupg
- name: TMP_RAW_GPG_KEY
value: /raw/private.asc
- equal: - equal:
path: spec.template.spec.initContainers[2].volumeMounts path: spec.template.spec.initContainers[2].volumeMounts
value: value:
- name: init - name: init
mountPath: /usr/sbin mountPath: /usr/sbinx
- name: data - name: data
mountPath: /data mountPath: /data
- name: gpg-private-key - name: gpg-private-key

View File

@@ -30,7 +30,7 @@ tests:
- it: supports overriding SSH log level (even when image.fullOverride set) - it: supports overriding SSH log level (even when image.fullOverride set)
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
image.fullOverride: gitea/gitea:1.19.3 image.fullOverride: docker.gitea.com/gitea:1.19.3
image.rootless: false image.rootless: false
gitea.ssh.logLevel: "DEBUG" gitea.ssh.logLevel: "DEBUG"
asserts: asserts:
@@ -53,7 +53,7 @@ tests:
- it: skips SSH_LOG_LEVEL for rootless image (even when image.fullOverride set) - it: skips SSH_LOG_LEVEL for rootless image (even when image.fullOverride set)
template: templates/gitea/deployment.yaml template: templates/gitea/deployment.yaml
set: set:
image.fullOverride: gitea/gitea:1.19.3 image.fullOverride: docker.gitea.com/gitea:1.19.3
image.rootless: true image.rootless: true
gitea.ssh.logLevel: "DEBUG" # explicitly defining a non-standard level here gitea.ssh.logLevel: "DEBUG" # explicitly defining a non-standard level here
asserts: asserts:

View File

@@ -0,0 +1,118 @@
suite: ssh-svc / http-svc template (Services configuration)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/ssh-svc.yaml
- templates/gitea/http-svc.yaml
tests:
- it: supports adding custom labels to ssh-svc
template: templates/gitea/ssh-svc.yaml
set:
service:
ssh:
labels:
gitea/testkey: testvalue
asserts:
- equal:
path: metadata.labels["gitea/testkey"]
value: "testvalue"
- it: keeps existing labels (ssh)
template: templates/gitea/ssh-svc.yaml
set:
service:
ssh:
labels: {}
asserts:
- exists:
path: metadata.labels["app"]
- it: supports adding custom labels to http-svc
template: templates/gitea/http-svc.yaml
set:
service:
http:
labels:
gitea/testkey: testvalue
asserts:
- equal:
path: metadata.labels["gitea/testkey"]
value: "testvalue"
- it: keeps existing labels (http)
template: templates/gitea/http-svc.yaml
set:
service:
http:
labels: {}
asserts:
- exists:
path: metadata.labels["app"]
- it: render service.ssh.loadBalancerClass if set and type is LoadBalancer
template: templates/gitea/ssh-svc.yaml
set:
service:
ssh:
loadBalancerClass: "example.com/class"
type: LoadBalancer
loadBalancerIP: "1.2.3.4"
loadBalancerSourceRanges:
- "1.2.3.4/32"
- "5.6.7.8/32"
asserts:
- equal:
path: spec.loadBalancerClass
value: "example.com/class"
- equal:
path: spec.loadBalancerIP
value: "1.2.3.4"
- equal:
path: spec.loadBalancerSourceRanges
value: ["1.2.3.4/32", "5.6.7.8/32"]
- it: does not render when loadbalancer properties are set but type is not loadBalancerClass
template: templates/gitea/http-svc.yaml
set:
service:
http:
type: ClusterIP
loadBalancerClass: "example.com/class"
loadBalancerIP: "1.2.3.4"
loadBalancerSourceRanges:
- "1.2.3.4/32"
- "5.6.7.8/32"
asserts:
- notExists:
path: spec.loadBalancerClass
- notExists:
path: spec.loadBalancerIP
- notExists:
path: spec.loadBalancerSourceRanges
- it: does not render loadBalancerClass by default even when type is LoadBalancer
template: templates/gitea/http-svc.yaml
set:
service:
http:
type: LoadBalancer
loadBalancerIP: "1.2.3.4"
asserts:
- notExists:
path: spec.loadBalancerClass
- equal:
path: spec.loadBalancerIP
value: "1.2.3.4"
- it: both ssh and http services exist
templates:
- templates/gitea/ssh-svc.yaml
- templates/gitea/http-svc.yaml
asserts:
- matchRegex:
path: metadata.name
pattern: "^gitea-unittests-(?:ssh|http)$"
- matchRegex:
path: spec.ports[0].name
pattern: "^(?:ssh|http)$"

View File

@@ -0,0 +1,93 @@
suite: Test ingress.yaml
templates:
- templates/gitea/ingress.yaml
tests:
- it: should enable ingress when ingress.enabled is true
set:
ingress.enabled: true
ingress.apiVersion: networking.k8s.io/v1
ingress.annotations:
kubernetes.io/ingress.class: nginx
ingress.className: nginx
ingress.tls:
- hosts:
- example.com
secretName: tls-secret
ingress.hosts:
- host: example.com
paths: ["/"]
asserts:
- hasDocuments:
count: 1
- isKind:
of: Ingress
- equal:
path: metadata.name
value: RELEASE-NAME-gitea
- matchRegex:
path: apiVersion
pattern: networking.k8s.io/v1
- equal:
path: spec.ingressClassName
value: nginx
- equal:
path: spec.rules[0].host
value: "example.com"
- equal:
path: spec.tls[0].hosts[0]
value: "example.com"
- equal:
path: spec.tls[0].secretName
value: tls-secret
- equal:
path: metadata.annotations["kubernetes.io/ingress.class"]
value: nginx
- it: should not create ingress when ingress.enabled is false
set:
ingress.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Ingress Class using TPL
set:
global.ingress.className: "ingress-class"
ingress.className: "{{ .Values.global.ingress.className }}"
ingress.enabled: true
ingress.hosts[0].host: "some-host"
ingress.tls:
- secretName: gitea-tls
hosts:
- "some-host"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "some-host"
- equal:
path: spec.rules[0].host
value: "some-host"
- equal:
path: spec.ingressClassName
value: "ingress-class"
- it: hostname using TPL
set:
global.giteaHostName: "gitea.example.com"
ingress.enabled: true
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
ingress.tls:
- secretName: gitea-tls
hosts:
- "{{ .Values.global.giteaHostName }}"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "gitea.example.com"
- equal:
path: spec.rules[0].host
value: "gitea.example.com"

View File

@@ -0,0 +1,23 @@
suite: Test ingress with implicit path defaults
templates:
- templates/gitea/ingress.yaml
tests:
- it: should use default path and pathType when no paths are specified
set:
ingress.enabled: true
ingress.hosts:
- host: git.example.com
asserts:
- hasDocuments:
count: 1
- isKind:
of: Ingress
- equal:
path: spec.rules[0].host
value: "git.example.com"
- equal:
path: spec.rules[0].http.paths[0].path
value: "/"
- equal:
path: spec.rules[0].http.paths[0].pathType
value: "Prefix"

View File

@@ -0,0 +1,45 @@
suite: Test ingress tpl use
templates:
- templates/gitea/ingress.yaml
tests:
- it: Ingress Class using TPL
set:
global.ingress.className: "ingress-class"
ingress.className: "{{ .Values.global.ingress.className }}"
ingress.enabled: true
ingress.hosts[0].host: "some-host"
ingress.tls:
- secretName: gitea-tls
hosts:
- "some-host"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "some-host"
- equal:
path: spec.rules[0].host
value: "some-host"
- equal:
path: spec.ingressClassName
value: "ingress-class"
- it: hostname using TPL
set:
global.giteaHostName: "gitea.example.com"
ingress.enabled: true
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
ingress.tls:
- secretName: gitea-tls
hosts:
- "{{ .Values.global.giteaHostName }}"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "gitea.example.com"
- equal:
path: spec.rules[0].host
value: "gitea.example.com"

View File

@@ -0,0 +1,26 @@
suite: Test ingress with structured paths
templates:
- templates/gitea/ingress.yaml
tests:
- it: should work with structured path definitions
set:
ingress.enabled: true
ingress.hosts:
- host: git.devxy.io
paths:
- path: /
pathType: Prefix
asserts:
- hasDocuments:
count: 1
- isKind:
of: Ingress
- equal:
path: spec.rules[0].host
value: "git.devxy.io"
- equal:
path: spec.rules[0].http.paths[0].path
value: "/"
- equal:
path: spec.rules[0].http.paths[0].pathType
value: "Prefix"

View File

@@ -15,11 +15,11 @@ tests:
asserts: asserts:
- equal: - equal:
path: stringData["configure_gpg_environment.sh"] path: stringData["configure_gpg_environment.sh"]
value: |- value: |
#!/usr/bin/env bash #!/usr/bin/env bash
set -eu set -eu
gpg --batch --import /raw/private.asc gpg --batch --import "$TMP_RAW_GPG_KEY"
- it: skips gpg script block for disabled signing - it: skips gpg script block for disabled signing
asserts: asserts:
- equal: - equal:
@@ -28,15 +28,13 @@ tests:
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
mkdir -pv /data/git/.ssh
set -x chmod -Rv 700 /data/git/.ssh
mkdir -p /data/git/.ssh [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
chmod -R 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
# prepare temp directory structure # prepare temp directory structure
mkdir -p "${GITEA_TEMP}" mkdir -pv "${GITEA_TEMP}"
chmod ug+rwx "${GITEA_TEMP}" chmod -v ug+rwx "${GITEA_TEMP}"
- it: adds gpg script block for enabled signing - it: adds gpg script block for enabled signing
set: set:
signing.enabled: true signing.enabled: true
@@ -51,25 +49,23 @@ tests:
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
mkdir -pv /data/git/.ssh
set -x chmod -Rv 700 /data/git/.ssh
mkdir -p /data/git/.ssh [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
chmod -R 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
# prepare temp directory structure # prepare temp directory structure
mkdir -p "${GITEA_TEMP}" mkdir -pv "${GITEA_TEMP}"
chmod ug+rwx "${GITEA_TEMP}" chmod -v ug+rwx "${GITEA_TEMP}"
if [ ! -d "${GNUPGHOME}" ]; then if [ ! -d "${GNUPGHOME}" ]; then
mkdir -p "${GNUPGHOME}" mkdir -pv "${GNUPGHOME}"
chmod 700 "${GNUPGHOME}" chmod -v 700 "${GNUPGHOME}"
chown 1000:1000 "${GNUPGHOME}" chown -v 1000:1000 "${GNUPGHOME}"
fi fi
- it: it does not chown /data even when image.fullOverride is set - it: it does not chown /data even when image.fullOverride is set
template: templates/gitea/init.yaml template: templates/gitea/init.yaml
set: set:
image.fullOverride: gitea/gitea:1.20.5 image.fullOverride: docker.gitea.com/gitea:1.20.5
asserts: asserts:
- equal: - equal:
path: stringData["init_directory_structure.sh"] path: stringData["init_directory_structure.sh"]
@@ -77,12 +73,10 @@ tests:
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
mkdir -pv /data/git/.ssh
set -x chmod -Rv 700 /data/git/.ssh
mkdir -p /data/git/.ssh [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
chmod -R 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
# prepare temp directory structure # prepare temp directory structure
mkdir -p "${GITEA_TEMP}" mkdir -pv "${GITEA_TEMP}"
chmod ug+rwx "${GITEA_TEMP}" chmod -v ug+rwx "${GITEA_TEMP}"

View File

@@ -16,11 +16,11 @@ tests:
asserts: asserts:
- equal: - equal:
path: stringData["configure_gpg_environment.sh"] path: stringData["configure_gpg_environment.sh"]
value: |- value: |
#!/usr/bin/env bash #!/usr/bin/env bash
set -eu set -eu
gpg --batch --import /raw/private.asc gpg --batch --import "$TMP_RAW_GPG_KEY"
- it: skips gpg script block for disabled signing - it: skips gpg script block for disabled signing
set: set:
image.rootless: false image.rootless: false
@@ -31,17 +31,15 @@ tests:
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
chown -v 1000:1000 /data
set -x mkdir -pv /data/git/.ssh
chown 1000:1000 /data chmod -Rv 700 /data/git/.ssh
mkdir -p /data/git/.ssh [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
chmod -R 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
# prepare temp directory structure # prepare temp directory structure
mkdir -p "${GITEA_TEMP}" mkdir -pv "${GITEA_TEMP}"
chown 1000:1000 "${GITEA_TEMP}" chown -v 1000:1000 "${GITEA_TEMP}"
chmod ug+rwx "${GITEA_TEMP}" chmod -v ug+rwx "${GITEA_TEMP}"
- it: adds gpg script block for enabled signing - it: adds gpg script block for enabled signing
set: set:
image.rootless: false image.rootless: false
@@ -57,20 +55,18 @@ tests:
#!/usr/bin/env bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
chown -v 1000:1000 /data
set -x mkdir -pv /data/git/.ssh
chown 1000:1000 /data chmod -Rv 700 /data/git/.ssh
mkdir -p /data/git/.ssh [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
chmod -R 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
# prepare temp directory structure # prepare temp directory structure
mkdir -p "${GITEA_TEMP}" mkdir -pv "${GITEA_TEMP}"
chown 1000:1000 "${GITEA_TEMP}" chown -v 1000:1000 "${GITEA_TEMP}"
chmod ug+rwx "${GITEA_TEMP}" chmod -v ug+rwx "${GITEA_TEMP}"
if [ ! -d "${GNUPGHOME}" ]; then if [ ! -d "${GNUPGHOME}" ]; then
mkdir -p "${GNUPGHOME}" mkdir -pv "${GNUPGHOME}"
chmod 700 "${GNUPGHOME}" chmod -v 700 "${GNUPGHOME}"
chown 1000:1000 "${GNUPGHOME}" chown -v 1000:1000 "${GNUPGHOME}"
fi fi

View File

@@ -0,0 +1,23 @@
suite: Metrics secret template (monitoring disabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/metrics-secret.yaml
tests:
- it: renders nothing if monitoring disabled and gitea.metrics.token empty
set:
gitea.metrics.enabled: false
gitea.metrics.serviceMonitor.enabled: false
gitea.metrics.token: ""
asserts:
- hasDocuments:
count: 0
- it: renders nothing if monitoring disabled and gitea.metrics.token not empty
set:
gitea.metrics.enabled: false
gitea.metrics.serviceMonitor.enabled: false
gitea.metrics.token: "test-token"
asserts:
- hasDocuments:
count: 0

View File

@@ -0,0 +1,33 @@
suite: Metrics secret template (monitoring enabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/metrics-secret.yaml
tests:
- it: renders nothing if monitoring enabled and gitea.metrics.token empty
set:
gitea.metrics.enabled: true
gitea.metrics.serviceMonitor.enabled: true
gitea.metrics.token: ""
asserts:
- hasDocuments:
count: 0
- it: renders Secret if monitoring enabled and gitea.metrics.token not empty
set:
gitea.metrics.enabled: true
gitea.metrics.serviceMonitor.enabled: true
gitea.metrics.token: "test-token"
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
containsDocument:
kind: Secret
apiVersion: v1
name: gitea-unittests-metrics-secret
- isNotNullOrEmpty:
path: metadata.labels
- equal:
path: data.token
value: "dGVzdC10b2tlbg=="

View File

@@ -0,0 +1,89 @@
suite: ServiceMonitor template (basic)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/servicemonitor.yaml
tests:
- it: skips rendering by default
asserts:
- hasDocuments:
count: 0
- it: renders default ServiceMonitor object with gitea.metrics.enabled=true
set:
gitea.metrics.enabled: true
asserts:
- hasDocuments:
count: 0
- it: renders default ServiceMonitor object with gitea.metrics.serviceMonitor.enabled=true
set:
gitea.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 0
- it: renders defaults
set:
gitea.metrics.enabled: true
gitea.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: ServiceMonitor
apiVersion: monitoring.coreos.com/v1
name: gitea-unittests
- notExists:
path: metadata.annotations
- notExists:
path: spec.endpoints[0].interval
- equal:
path: spec.endpoints[0].port
value: http
- notExists:
path: spec.endpoints[0].scheme
- notExists:
path: spec.endpoints[0].scrapeTimeout
- notExists:
path: spec.endpoints[0].tlsConfig
- it: renders custom scrape interval
set:
gitea.metrics.enabled: true
gitea.metrics.serviceMonitor.enabled: true
gitea.metrics.serviceMonitor.interval: 30s
gitea.metrics.serviceMonitor.scrapeTimeout: 5s
asserts:
- equal:
path: spec.endpoints[0].interval
value: 30s
- equal:
path: spec.endpoints[0].scrapeTimeout
value: 5s
- it: renders custom tls config
set:
gitea.metrics.enabled: true
gitea.metrics.serviceMonitor.enabled: true
gitea.metrics.serviceMonitor.scheme: https
gitea.metrics.serviceMonitor.tlsConfig.caFile: /etc/prometheus/tls/ca.crt
gitea.metrics.serviceMonitor.tlsConfig.certFile: /etc/prometheus/tls/tls.crt
gitea.metrics.serviceMonitor.tlsConfig.keyFile: /etc/prometheus/tls/tls.key
gitea.metrics.serviceMonitor.tlsConfig.insecureSkipVerify: false
gitea.metrics.serviceMonitor.tlsConfig.serverName: gitea-unittest
asserts:
- equal:
path: spec.endpoints[0].scheme
value: https
- equal:
path: spec.endpoints[0].tlsConfig.caFile
value: /etc/prometheus/tls/ca.crt
- equal:
path: spec.endpoints[0].tlsConfig.certFile
value: /etc/prometheus/tls/tls.crt
- equal:
path: spec.endpoints[0].tlsConfig.keyFile
value: /etc/prometheus/tls/tls.key
- equal:
path: spec.endpoints[0].tlsConfig.insecureSkipVerify
value: false
- equal:
path: spec.endpoints[0].tlsConfig.serverName
value: gitea-unittest

View File

@@ -0,0 +1,23 @@
suite: ServiceMonitor template (monitoring disabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/servicemonitor.yaml
tests:
- it: renders nothing if gitea.metrics.serviceMonitor disabled and gitea.metrics.token empty
set:
gitea.metrics.enabled: false
gitea.metrics.token: ""
gitea.metrics.serviceMonitor.enabled: false
asserts:
- hasDocuments:
count: 0
- it: renders nothing if gitea.metrics.serviceMonitor disabled and gitea.metrics.token not empty
set:
gitea.metrics.enabled: false
gitea.metrics.token: "test-token"
gitea.metrics.serviceMonitor.enabled: false
asserts:
- hasDocuments:
count: 0

View File

@@ -0,0 +1,70 @@
suite: ServiceMonitor template (monitoring enabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/servicemonitor.yaml
tests:
- it: renders unsecure ServiceMonitor if gitea.metrics.token nil
set:
gitea.metrics.enabled: true
gitea.metrics.token:
gitea.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
containsDocument:
kind: ServiceMonitor
apiVersion: monitoring.coreos.com/v1
name: gitea-unittests
- isNotNullOrEmpty:
path: metadata.labels
- equal:
path: spec.endpoints
value:
- port: http
- it: renders unsecure ServiceMonitor if gitea.metrics.token empty
set:
gitea.metrics.enabled: true
gitea.metrics.token: ""
gitea.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
containsDocument:
kind: ServiceMonitor
apiVersion: monitoring.coreos.com/v1
name: gitea-unittests
- isNotNullOrEmpty:
path: metadata.labels
- equal:
path: spec.endpoints
value:
- port: http
- it: renders secure ServiceMonitor if gitea.metrics.token not empty
set:
gitea.metrics.enabled: true
gitea.metrics.token: "test-token"
gitea.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
containsDocument:
kind: ServiceMonitor
apiVersion: monitoring.coreos.com/v1
name: gitea-unittests
- isNotNullOrEmpty:
path: metadata.labels
- equal:
path: spec.endpoints
value:
- port: http
authorization:
type: Bearer
credentials:
name: gitea-unittests-metrics-secret
key: token
optional: false

View File

@@ -0,0 +1,14 @@
suite: Values conflicting checks
release:
name: gitea-unittests
namespace: testing
tests:
- it: fails when trying to configure valkey and valkey-cluster the same time
set:
valkey-cluster:
enabled: true
valkey:
enabled: true
asserts:
- failedTemplate:
errorMessage: valkey and valkey-cluster cannot be enabled at the same time. Please only choose one.

View File

@@ -20,6 +20,9 @@ global:
# hostnames: # hostnames:
# - example.com # - example.com
## @param namespace An explicit namespace to deploy gitea into. Defaults to the release namespace if not specified
namespace: ""
## @param replicaCount number of replicas for the deployment ## @param replicaCount number of replicas for the deployment
replicaCount: 1 replicaCount: 1
@@ -45,8 +48,8 @@ clusterDomain: cluster.local
## @param image.rootless Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher ## @param image.rootless Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher
## @param image.fullOverride Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** ## @param image.fullOverride Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).**
image: image:
registry: "" registry: "docker.gitea.com"
repository: gitea/gitea repository: gitea
# Overrides the image tag whose default is the chart appVersion. # Overrides the image tag whose default is the chart appVersion.
tag: "" tag: ""
digest: "" digest: ""
@@ -73,7 +76,7 @@ containerSecurityContext: {}
# # run pods on nodes that use the container runtime cri-o. Otherwise, you will # # run pods on nodes that use the container runtime cri-o. Otherwise, you will
# # get an error message from the SSH server that it is not possible to read from # # get an error message from the SSH server that it is not possible to read from
# # the repository. # # the repository.
# # https://gitea.com/gitea/helm-chart/issues/161 # # https://gitea.com/gitea/helm-gitea/issues/161
# add: # add:
# - SYS_CHROOT # - SYS_CHROOT
# privileged: false # privileged: false
@@ -107,6 +110,7 @@ service:
## @param service.http.loadBalancerSourceRanges Source range filter for http loadbalancer ## @param service.http.loadBalancerSourceRanges Source range filter for http loadbalancer
## @param service.http.annotations HTTP service annotations ## @param service.http.annotations HTTP service annotations
## @param service.http.labels HTTP service additional labels ## @param service.http.labels HTTP service additional labels
## @param service.http.loadBalancerClass Loadbalancer class
http: http:
type: ClusterIP type: ClusterIP
port: 3000 port: 3000
@@ -120,6 +124,7 @@ service:
loadBalancerSourceRanges: [] loadBalancerSourceRanges: []
annotations: {} annotations: {}
labels: {} labels: {}
loadBalancerClass:
## @param service.ssh.type Kubernetes service type for ssh traffic ## @param service.ssh.type Kubernetes service type for ssh traffic
## @param service.ssh.port Port number for ssh traffic ## @param service.ssh.port Port number for ssh traffic
## @param service.ssh.clusterIP ClusterIP setting for ssh autosetup for deployment is None ## @param service.ssh.clusterIP ClusterIP setting for ssh autosetup for deployment is None
@@ -133,6 +138,7 @@ service:
## @param service.ssh.loadBalancerSourceRanges Source range filter for ssh loadbalancer ## @param service.ssh.loadBalancerSourceRanges Source range filter for ssh loadbalancer
## @param service.ssh.annotations SSH service annotations ## @param service.ssh.annotations SSH service annotations
## @param service.ssh.labels SSH service additional labels ## @param service.ssh.labels SSH service additional labels
## @param service.ssh.loadBalancerClass Loadbalancer class
ssh: ssh:
type: ClusterIP type: ClusterIP
port: 22 port: 22
@@ -147,36 +153,29 @@ service:
loadBalancerSourceRanges: [] loadBalancerSourceRanges: []
annotations: {} annotations: {}
labels: {} labels: {}
loadBalancerClass:
## @section Ingress ## @section Ingress
## @param ingress.enabled Enable ingress ## @param ingress.enabled Enable ingress
## @param ingress.className Ingress class name ## @param ingress.className DEPRECATED: Ingress class name.
## @param ingress.pathType Ingress Path Type
## @param ingress.annotations Ingress annotations ## @param ingress.annotations Ingress annotations
## @param ingress.hosts[0].host Default Ingress host ## @param ingress.hosts[0].host Default Ingress host
## @param ingress.hosts[0].paths[0].path Default Ingress path ## @param ingress.hosts[0].paths[0].path Default Ingress path
## @param ingress.hosts[0].paths[0].pathType Ingress path type
## @param ingress.tls Ingress tls settings ## @param ingress.tls Ingress tls settings
## @extra ingress.apiVersion Specify APIVersion of ingress object. Mostly would only be used for argocd.
ingress: ingress:
enabled: false enabled: false
# className: nginx className: ""
className: pathType: Prefix
annotations: annotations: {}
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts: hosts:
- host: git.example.com - host: git.example.com
paths: paths:
- path: / - path: /
pathType: Prefix
tls: [] tls: []
# - secretName: chart-example-tls # - secretName: chart-example-tls
# hosts: # hosts:
# - git.example.com # - git.example.com
# Mostly for argocd or any other CI that uses `helm template | kubectl apply` or similar
# If helm doesn't correctly detect your ingress API version you can set it here.
# apiVersion: networking.k8s.io/v1
## @section deployment ## @section deployment
# #
@@ -276,6 +275,24 @@ persistence:
annotations: annotations:
helm.sh/resource-policy: keep helm.sh/resource-policy: keep
## @param extraContainers Additional sidecar containers to run in the pod
extraContainers: []
# - name: sidecar-bob
# image: busybox
# command: [/bin/sh, -c, 'echo "Hello world"']
## @param preExtraInitContainers Additional init containers to run in the pod before gitea runs it owns init containers.
preExtraInitContainers: []
# - name: pre-init-container
# image: docker.io/library/busybox
# command: [ /bin/sh, -c, 'echo "Hello world! I am a pre init container."' ]
## @param postExtraInitContainers Additional init containers to run in the pod after gitea runs it owns init containers.
postExtraInitContainers: []
# - name: post-init-container
# image: docker.io/library/busybox
# command: [ /bin/sh, -c, 'echo "Hello world! I am a post init container."' ]
## @param extraVolumes Additional volumes to mount to the Gitea deployment ## @param extraVolumes Additional volumes to mount to the Gitea deployment
extraVolumes: [] extraVolumes: []
# - name: postgres-ssl-vol # - name: postgres-ssl-vol
@@ -301,6 +318,8 @@ extraVolumeMounts: []
## @section Init ## @section Init
## @param initPreScript Bash shell script copied verbatim to the start of the init-container. ## @param initPreScript Bash shell script copied verbatim to the start of the init-container.
initPreScript: "" initPreScript: ""
## @param initContainersScriptsVolumeMountPath Path to mount the scripts consumed from the Secrets
initContainersScriptsVolumeMountPath: "/usr/sbinx"
# #
# initPreScript: | # initPreScript: |
# mkdir -p /data/git/.postgresql # mkdir -p /data/git/.postgresql
@@ -342,21 +361,35 @@ gitea:
## @param gitea.admin.existingSecret Use an existing secret to store admin user credentials ## @param gitea.admin.existingSecret Use an existing secret to store admin user credentials
## @param gitea.admin.password Password for the Gitea admin user ## @param gitea.admin.password Password for the Gitea admin user
## @param gitea.admin.email Email for the Gitea admin user ## @param gitea.admin.email Email for the Gitea admin user
## @param gitea.admin.passwordMode Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated
admin: admin:
# existingSecret: gitea-admin-secret # existingSecret: gitea-admin-secret
existingSecret: existingSecret:
username: gitea_admin username: gitea_admin
password: r8sA8CPHD9!bt6d password: r8sA8CPHD9!bt6d
email: "gitea@local.domain" email: "gitea@local.domain"
passwordMode: keepUpdated
## @param gitea.metrics.enabled Enable Gitea metrics ## @param gitea.metrics.enabled Enable Gitea metrics
## @param gitea.metrics.serviceMonitor.enabled Enable Gitea metrics service monitor ## @param gitea.metrics.token used for `bearer` token authentication on metrics endpoint. If not specified or empty metrics endpoint is public.
## @param gitea.metrics.serviceMonitor.enabled Enable Gitea metrics service monitor. Requires, that `gitea.metrics.enabled` is also set to true, to enable metrics generally.
## @param gitea.metrics.serviceMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.
## @param gitea.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping.
## @param gitea.metrics.serviceMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`. Default is http.
## @param gitea.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.
## @param gitea.metrics.serviceMonitor.tlsConfig TLS configuration to use when scraping the metric endpoint by Prometheus.
metrics: metrics:
enabled: false enabled: false
token:
serviceMonitor: serviceMonitor:
enabled: false enabled: false
# additionalLabels: # additionalLabels:
# prometheus-release: prom1 # prometheus-release: prom1
interval: ""
relabelings: []
scheme: ""
scrapeTimeout: ""
tlsConfig: {}
## @param gitea.ldap LDAP configuration ## @param gitea.ldap LDAP configuration
ldap: ldap:
@@ -480,17 +513,51 @@ gitea:
successThreshold: 1 successThreshold: 1
failureThreshold: 10 failureThreshold: 10
## @section redis-cluster ## @section valkey-cluster
## @param redis-cluster.enabled Enable redis ## @param valkey-cluster.enabled Enable valkey cluster
## @param redis-cluster.usePassword Whether to use password authentication # ⚠️ The valkey charts do not work well with special characters in the password (<https://gitea.com/gitea/helm-chart/issues/690>).
## @param redis-cluster.cluster.nodes Number of redis cluster master nodes # Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed.
## @param redis-cluster.cluster.replicas Number of redis cluster master node replicas ## @param valkey-cluster.usePassword Whether to use password authentication
redis-cluster: ## @param valkey-cluster.usePasswordFiles Whether to mount passwords as files instead of environment variables
## @param valkey-cluster.cluster.nodes Number of valkey cluster master nodes
## @param valkey-cluster.cluster.replicas Number of valkey cluster master node replicas
## @param valkey-cluster.service.ports.valkey Port of Valkey service
## @descriptionStart
## Valkey cluster and [Valkey](#valkey) cannot be enabled at the same time.
## @descriptionEnd
valkey-cluster:
enabled: true enabled: true
usePassword: false usePassword: false
usePasswordFiles: false
cluster: cluster:
nodes: 3 # default: 6 nodes: 3 # default: 6
replicas: 0 # default: 1 replicas: 0 # default: 1
service:
ports:
valkey: 6379
## @section valkey
## @param valkey.enabled Enable valkey standalone or replicated
## @param valkey.architecture Whether to use standalone or replication
# ⚠️ The valkey charts do not work well with special characters in the password (<https://gitea.com/gitea/helm-chart/issues/690>).
# Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed.
## @param valkey.global.valkey.password Required password
## @param valkey.master.count Number of Valkey master instances to deploy
## @param valkey.master.service.ports.valkey Port of Valkey service
## @descriptionStart
## Valkey and [Valkey cluster](#valkey-cluster) cannot be enabled at the same time.
## @descriptionEnd
valkey:
enabled: false
architecture: standalone
global:
valkey:
password: changeme
master:
count: 1
service:
ports:
valkey: 6379
## @section PostgreSQL HA ## @section PostgreSQL HA
# #
@@ -502,8 +569,9 @@ redis-cluster:
## @param postgresql-ha.postgresql.repmgrPassword Repmgr Password ## @param postgresql-ha.postgresql.repmgrPassword Repmgr Password
## @param postgresql-ha.postgresql.postgresPassword postgres Password ## @param postgresql-ha.postgresql.postgresPassword postgres Password
## @param postgresql-ha.pgpool.adminPassword pgpool adminPassword ## @param postgresql-ha.pgpool.adminPassword pgpool adminPassword
## @param postgresql-ha.pgpool.srCheckPassword pgpool srCheckPassword
## @param postgresql-ha.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`) ## @param postgresql-ha.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`)
## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL HA volume ## @param postgresql-ha.persistence.size PVC Storage Request for PostgreSQL HA volume
postgresql-ha: postgresql-ha:
global: global:
postgresql: postgresql:
@@ -517,12 +585,12 @@ postgresql-ha:
password: changeme4 password: changeme4
pgpool: pgpool:
adminPassword: changeme3 adminPassword: changeme3
srCheckPassword: changeme4
service: service:
ports: ports:
postgresql: 5432 postgresql: 5432
primary: persistence:
persistence: size: 10Gi
size: 10Gi
## @section PostgreSQL ## @section PostgreSQL
# #