Compare commits

...

445 Commits

Author SHA1 Message Date
42402355e9 WIP
All checks were successful
generate-chart / generate-chart-publish (push) Successful in 1m21s
2025-06-06 21:07:49 +02:00
8236ad3285 WIP
All checks were successful
generate-chart / generate-chart-publish (push) Successful in 1m27s
2025-06-06 21:05:48 +02:00
a4d1c3da04 WIP
Some checks failed
generate-chart / generate-chart-publish (push) Failing after 1m44s
2025-06-06 21:03:26 +02:00
4968a19d49 WIP
Some checks failed
generate-chart / generate-chart-publish (push) Failing after 1m55s
2025-06-06 20:56:50 +02:00
154da3c94c WIP 2025-06-06 20:56:17 +02:00
2b336de657 WIP
Some checks failed
generate-chart / generate-chart-publish (push) Failing after 1m33s
2025-06-06 20:53:34 +02:00
495e03e5ea WIP
Some checks failed
generate-chart / generate-chart-publish (push) Failing after 1m24s
2025-06-06 20:51:23 +02:00
7445fe65c0 WIP
Some checks failed
generate-chart / generate-chart-publish (push) Failing after 32s
2025-06-06 20:48:55 +02:00
8d77652523 WIP
Some checks failed
generate-chart / generate-chart-publish (push) Failing after 31s
2025-06-06 20:47:32 +02:00
73625c4807 WIP 2025-06-06 20:46:36 +02:00
fe46a4b896 WIP
Some checks failed
generate-chart / generate-chart-publish (push) Failing after 1m39s
2025-06-06 20:40:49 +02:00
6ea72ebc90 WIP
Some checks failed
generate-chart / generate-chart-publish (push) Failing after 30s
2025-06-06 17:00:59 +02:00
0ea64ae840 WIP
Some checks failed
generate-chart / generate-chart-publish (push) Failing after 1m34s
2025-06-06 16:56:58 +02:00
f84f84ed53 WIP
Some checks failed
generate-chart / generate-chart-publish (push) Failing after 30s
2025-06-06 16:43:44 +02:00
10cef87bc3 WIP
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2025-06-06 16:42:19 +02:00
40acee36ff WIP
All checks were successful
generate-chart / generate-chart-publish (push) Successful in 10s
2025-06-06 16:40:54 +02:00
c17d70067c WIP
All checks were successful
generate-chart / generate-chart-publish (push) Successful in 9s
2025-06-06 16:39:51 +02:00
ba6415b5b8 WIP
All checks were successful
changelog / changelog (push) Successful in 20s
check-and-test / check-and-test (push) Successful in 1m46s
2025-06-06 16:39:05 +02:00
540350dbfa feat: add Artifacthub annotation 'artifacthub.io/changes'
The following PR add the annotation 'artifacthub.io/changes'. For each semantic
commit will be the annotation extended. Further information can be found in the
documentation of
[Artifacthub.io](https://artifacthub.io/docs/topics/annotations/helm/#supported-annotations).

The CI has been adapted. The binary jq as well as yq in >= v4.0 is required.
Otherwise will not be concatenated the YAML file correctly via the yq expression,
because the `loadstr()` expression is not available in lower versions.

Additionally the relation between the semantic commit and the Artifacthub.io
change log type should be clarified. The current relationshiop can be adapted if
needed.

Furthermore, yq will be installed as part of the CI steps. It would be great if
yq is also available as deb package in >=v4.0. This would reduce the boiler
plate to install yq and maintain the version via renovate.

Regarding the renovate expression. In my environment works this expression, but
I don't know if it also works in this gitea/renovate instance.
2025-06-05 08:10:30 +02:00
Renovate Bot
0d532363eb chore(deps): update subcharts (minor & patch) (#879)
All checks were successful
changelog / changelog (push) Successful in 20s
check-and-test / check-and-test (push) Successful in 1m47s
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-26 00:09:45 +00:00
Renovate Bot
8f0f44a864 chore(deps): update unittests/bash/bats digest to 5ec2d81 (#878)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-25 00:22:08 +00:00
Renovate Bot
cf86118976 chore(deps): update subcharts (minor & patch) (#874)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-19 00:20:49 +00:00
pat-s
7f96084a30 ci: fully re-enable release-workflow 2025-05-16 17:10:37 +02:00
pat-s
5292684a4a ci: fix release workflow
Some checks failed
generate-chart / release-gitea (push) Has been cancelled
2025-05-16 17:07:16 +02:00
pat-s
edc42f69a9 fix: ingress unittests 2025-05-16 15:40:13 +02:00
pat-s
9c607f8a4b docs: refine v12 update notes 2025-05-16 15:28:47 +02:00
pat-s
6d89d0a1b7 fix: remove ingressClassName (not in use yet) 2025-05-16 15:28:20 +02:00
pat-s
8f35f45e31 chore: execute releases via git-sv (#865)
Following the creation of the changelog via `git-sv`, the release process can also be simplified.

The new approach only requires to call `git sv tag` from a Maintainer with write access to the repo.
This will create and push the tag.
The release notes and subsequent Gitea release will then be created by the new workflow job.

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/865
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-05-16 13:11:07 +00:00
pat-s
a94eec4238 refactor: migrate ingress definition out of beta (#679)
### Description of the change

Redesigned ingress configuration to align better with implicit best practices.

### Benefits

- Smarter defaults
- More tests
- Remove [deprecated API Versions](extensions/v1beta1) (e.g. `extensions/v1beta1`) and always use `networking.k8s.io/v1`

### Possible drawbacks

Hopefully 🙃 none

### Applicable issues

fix #674

### Additional information

- Define `ingress.annotations` via helpers
- Move tests from `tests/deployment` to `tests/ingress`
- Use own tests file for ingress tpl tests
- Ensure defaults of `path` and `pathType` are always rendered
- Set top-level default value for `ingress. pathType`
- Change default of `ingress.hosts[0].paths` to `[]` to ensure proper rendering via template

### ⚠ BREAKING

I think all of these changes should be backward comp with existing ingress definitions, but surely worth highlighting in the changelog of the release.

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Breaking changes are documented in the `README.md`
- [x] Templating unittests are added

Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/679
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-05-16 13:08:27 +00:00
Renovate Bot
87272a1244 chore(deps): update dependency go-gitea/gitea to v1.23.8 (#867)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-13 00:15:59 +00:00
Renovate Bot
ed06694adf chore(deps): update dependency helm-unittest/helm-unittest to v0.8.2 (#866)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-11 00:15:46 +00:00
Renovate Bot
443a6d0cd7 chore(deps): update postgresql-ha docker tag to v16 (#864)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `15.3.17` -> `16.0.3` |

---

### Release Notes

<details>
<summary>bitnami/charts (postgresql-ha)</summary>

### [`v16.0.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#1603-2025-05-09)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;33599](https://github.com/bitnami/charts/pull/33599))

### [`v16.0.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1602-2025-05-08-small)

-   \[bitnami/postgresql-ha]  ⬆️ Update dependency references ([#&#8203;33576](https://github.com/bitnami/charts/issues/33576)) ([42b31bd](42b31bd7a2)), closes [#&#8203;33576](https://github.com/bitnami/charts/issues/33576)

### [`v16.0.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#1600-2025-05-08)

-   \[bitnami/postgresql-ha] feat: Customizable Stream Replication Check credentials ([#&#8203;33552](https://github.com/bitnami/charts/issues/33552)) ([cff2e93](cff2e93f9d)), closes [#&#8203;33552](https://github.com/bitnami/charts/issues/33552)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC44LjEiLCJ1cGRhdGVkSW5WZXIiOiI0MC4xMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJraW5kL2RlcGVuZGVuY3kiXX0=-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/864
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-10 13:56:46 +00:00
Renovate Bot
8854e62572 chore(deps): update workflow dependencies (minor & patch) (#862)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) |  | patch | `3.17.2` -> `3.17.3` |
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) | container | patch | `3.17.2` -> `3.17.3` |
| [commitlint/commitlint](https://github.com/conventional-changelog/commitlint) | container | patch | `19.8.0` -> `19.8.1` |
| [docker.io/thegeeklab/git-sv](https://github.com/thegeeklab/git-sv) | container | patch | `2.0.0` -> `2.0.1` |

---

### Release Notes

<details>
<summary>conventional-changelog/commitlint (commitlint/commitlint)</summary>

### [`v19.8.1`](https://github.com/conventional-changelog/commitlint/blob/HEAD/CHANGELOG.md#1981-2025-05-08)

[Compare Source](https://github.com/conventional-changelog/commitlint/compare/v19.8.0...v19.8.1)

##### Bug Fixes

-   update dependency tinyexec to v1 ([#&#8203;4332](https://github.com/conventional-changelog/commitlint/issues/4332)) ([e49449f](e49449fa94))
-   update dependency tinyexec to v1.0.1 ([#&#8203;4347](https://github.com/conventional-changelog/commitlint/issues/4347)) ([c1b26d1](c1b26d1579))

##### Performance Improvements

-   **rules:** optimize header-trim ([#&#8203;4363](https://github.com/conventional-changelog/commitlint/issues/4363)) ([b7e404b](b7e404bc03))

</details>

<details>
<summary>thegeeklab/git-sv (docker.io/thegeeklab/git-sv)</summary>

### [`v2.0.1`](https://github.com/thegeeklab/git-sv/releases/tag/v2.0.1)

[Compare Source](https://github.com/thegeeklab/git-sv/compare/v2.0.0...v2.0.1)

#### v2.0.1 (2025-05-09)

##### Bug Fixes

-   **deps:** update module dario.cat/mergo to v1.0.2 ([#&#8203;195](https://github.com/thegeeklab/git-sv/issues/195)) ([`3cac8ab`](https://github.com/thegeeklab/git-sv/commit/3cac8ab))
-   **deps:** update module github.com/urfave/cli/v3 to v3.3.2 ([#&#8203;194](https://github.com/thegeeklab/git-sv/issues/194)) ([`6278830`](https://github.com/thegeeklab/git-sv/commit/6278830))

##### Others

-   **deps:** update dependency golangci/golangci-lint to v2.1.6 ([#&#8203;193](https://github.com/thegeeklab/git-sv/issues/193)) ([`d63bf99`](https://github.com/thegeeklab/git-sv/commit/d63bf99))

##### CI Pipeline

-   use github token for link check ([`780f384`](https://github.com/thegeeklab/git-sv/commit/780f384))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC44LjEiLCJ1cGRhdGVkSW5WZXIiOiI0MC44LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/862
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-10 13:56:13 +00:00
pat-s
da2d169d65 chore: refine CODEOWNERS to skip request triggers for CI yaml changes 2025-05-10 15:55:55 +02:00
Renovate Bot
ebb4b1ee49 chore(deps): update subcharts (minor & patch) (#863)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-10 03:22:58 +00:00
Renovate Bot
e64afe393e chore(deps): update subcharts (minor & patch) (#853)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-06 00:18:49 +00:00
Sean Teo
6e4e414771 chore(deps)!: Migrate to Valkey from Redis (#775)
<!--
 Before you open the request please review the following guidelines and tips to help it be more easily integrated:

 - Describe the scope of your change - i.e. what the change does.
 - Describe any known limitations with your change.
 - Please run any tests or examples that can exercise your modified code.

 Thank you for contributing! We will try to review, test and integrate the change as soon as we can.
 -->

### Description of the change

Migrates from Redis to Valkey.

### Benefits

The Redis License is changing from BSD-3-Clause to RSALv2 and SSPLv1 which are not open source under the OSI definition. We should consider open-source alternatives as a default replacement for Redis.

### Possible drawbacks

Large scale change, potentially breaking.

### Applicable issues

https://github.com/go-gitea/gitea/issues/32056

### ⚠ BREAKING

Major version change, redis provider changed to valkey.

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Breaking changes are documented in the `README.md`
- [X] Helm templating unittests are added (required when changing anything in `templates` folder)

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/775
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Sean Teo <sawntoe@gmail.com>
Co-committed-by: Sean Teo <sawntoe@gmail.com>
2025-05-05 08:12:41 +00:00
Renovate Bot
037eca0c91 chore(config): migrate renovate config (#861)
The Renovate config in this repository needs migrating. Typically this is because one or more configuration options you are using have been renamed.

  You don't need to merge this PR right away, because Renovate will continue to migrate these fields internally each time it runs. But later some of these fields may be fully deprecated and the migrations removed. So it's a good idea to merge this migration PR soon.

#### [PLEASE NOTE](https://docs.renovatebot.com/configuration-options#configmigration): JSON5 config file migrated! All comments & trailing commas were removed.

🔕 **Ignore**: Close this PR and you won't be reminded about config migration again, but one day your current config may no longer be valid.

 Got questions? Does something look wrong to you? Please don't hesitate to [request help here](https://github.com/renovatebot/renovate/discussions).

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/861
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-05 07:01:15 +00:00
Renovate Bot
d10adfd064 chore(deps): update docker.io/thegeeklab/git-sv docker tag to v2 (#860)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [docker.io/thegeeklab/git-sv](https://github.com/thegeeklab/git-sv) | container | major | `1.0.14` -> `2.0.0` |

---

### Release Notes

<details>
<summary>thegeeklab/git-sv (docker.io/thegeeklab/git-sv)</summary>

### [`v2.0.0`](https://github.com/thegeeklab/git-sv/releases/tag/v2.0.0)

[Compare Source](https://github.com/thegeeklab/git-sv/compare/v1.0.14...v2.0.0)

#### v2.0.0 (2025-04-30)

##### Bug Fixes

-   **deps:** update module github.com/urfave/cli/v3 to v3.3.1 ([#&#8203;190](https://github.com/thegeeklab/git-sv/issues/190)) ([`6c0e0f8`](https://github.com/thegeeklab/git-sv/commit/6c0e0f8))

##### Code Refactoring

-   migrate git commands to go-git ([#&#8203;188](https://github.com/thegeeklab/git-sv/issues/188)) ([`accf3d1`](https://github.com/thegeeklab/git-sv/commit/accf3d1))

##### Others

-   **docker:** update docker.io/library/golang:1.24.2 docker digest to [`30baaea`](https://github.com/thegeeklab/git-sv/commit/30baaea) ([#&#8203;191](https://github.com/thegeeklab/git-sv/issues/191)) ([`9b411e2`](https://github.com/thegeeklab/git-sv/commit/9b411e2))
-   **deps:** update dependency golangci/golangci-lint to v2.1.5 ([#&#8203;189](https://github.com/thegeeklab/git-sv/issues/189)) ([`400bb96`](https://github.com/thegeeklab/git-sv/commit/400bb96))
-   add tests for git exec commands ([#&#8203;187](https://github.com/thegeeklab/git-sv/issues/187)) ([`70615ab`](https://github.com/thegeeklab/git-sv/commit/70615ab))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC4xLjEiLCJ1cGRhdGVkSW5WZXIiOiI0MC4xLjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/860
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-04 07:08:41 +00:00
Renovate Bot
a1fc670df5 chore(deps): update docker.io/thegeeklab/git-sv docker tag to v1.0.14 (#858)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-04 00:04:30 +00:00
Renovate Bot
0cfe38aec5 chore(deps): update unittests/bash/bats digest to fed179f (#857)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-05-03 00:15:16 +00:00
Renovate Bot
5410bb08c2 chore(deps): update dependency go-gitea/gitea to v1.23.7 (#852)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-04-09 00:04:40 +00:00
techknowlogick
3b32a04b9c chore(actions): check actions is not configured (#849)
This is @ChristopherHX's PR

### Description of the change

Do not silently ignore actions.enabled set by user.

### Benefits

Everybody who has enabled actions act_runner do not silently end up without runners, but directly see an actionable error message.

### Possible drawbacks

You need to remove the actions section from your own values.yml to upgrade/install this chart.

The Migration Guide has not been written yet, I consider this issue as a community wiki where other maintainers are free to edit my initial post.

### Applicable issues

N/A

### Additional information

I couldn't add helm-gitea as a dependency, because of
- conflict with a7035ca4e5/templates/_helpers.tpl (L223-L230)
  with one difference helm-actions did not have the referenced values and failed to render
- after resolving the above by either renaming in the helm-actions chart or removal of this leftover code in helm-gitea
  - helm does not allow me to derive dynamic default values for the `actions` section for the subchart
  - using yaml anchors only provided default values into helm-actions, without respecting user changes
  - I only found a feature request
- It is not feasible for me in short term to add support of this section back using helm-actions
### Checklist

- [X] Helm templating unittests are added (required when changing anything in `templates` folder)

Co-authored-by: Christopher Homberger <christopher.homberger@web.de>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/849
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-committed-by: techknowlogick <techknowlogick@noreply.gitea.com>
2025-04-07 09:16:22 +00:00
Renovate Bot
5b247ea860 chore(deps): update dependency helm-unittest/helm-unittest to v0.8.1 (#851)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [helm-unittest/helm-unittest](https://github.com/helm-unittest/helm-unittest) | minor | `v0.7.2` -> `v0.8.1` |

---

### Release Notes

<details>
<summary>helm-unittest/helm-unittest (helm-unittest/helm-unittest)</summary>

### [`v0.8.1`](https://github.com/helm-unittest/helm-unittest/releases/tag/v0.8.1)

[Compare Source](https://github.com/helm-unittest/helm-unittest/compare/v0.8.0...v0.8.1)

**Fixes**

-   Fix special characters in template filename (resolves [#&#8203;619](https://github.com/helm-unittest/helm-unittest/issues/619))
-   Fix tests with conditional sub-charts fail to find templates since 0.8.0 (resolves [#&#8203;588](https://github.com/helm-unittest/helm-unittest/issues/588), credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))
-   Fix skipEmptyTemplate fails when no matching templates are found (resolves [#&#8203;609](https://github.com/helm-unittest/helm-unittest/issues/609), credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))

**Improvements**

-   Improvement enable documentSelector for hasDocument asserts (resolves [#&#8203;590](https://github.com/helm-unittest/helm-unittest/issues/590))-
-   Improvement by supporting ppc64le (credits [@&#8203;Vaibhav-Nazare](https://github.com/Vaibhav-Nazare))
-   Improvement refactoring configs for jobs and assertions (credits credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))

**Updates**

-   Update packages to latest patch versions
-   Update pipeline actions
-   Update documentation (credits [@&#8203;bogdan-deac](https://github.com/bogdan-deac))

### [`v0.8.0`](https://github.com/helm-unittest/helm-unittest/releases/tag/v0.8.0)

[Compare Source](https://github.com/helm-unittest/helm-unittest/compare/v0.7.2...v0.8.0)

**Features**

-   Add flag to exclude certain templates from testing (resolves [#&#8203;169](https://github.com/helm-unittest/helm-unittest/issues/169), credits [@&#8203;snorwin](https://github.com/snorwin))
-   Support for test packaged helmcharts (resolves [#&#8203;186](https://github.com/helm-unittest/helm-unittest/issues/186), resolves [#&#8203;250](https://github.com/helm-unittest/helm-unittest/issues/250))
-   Support to allow skipping tests (resolves [#&#8203;504](https://github.com/helm-unittest/helm-unittest/issues/504), credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))
-   Add helm post-renderer option (resolves [#&#8203;574](https://github.com/helm-unittest/helm-unittest/issues/574), credits [@&#8203;jcogilvie](https://github.com/jcogilvie))

**Fixes**

-   Resolve multiline errormessages (resolves [#&#8203;559](https://github.com/helm-unittest/helm-unittest/issues/559), credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))

**Updates**

-   Update packages to latest patch versions
-   Update pipeline actions
-   Update documentation

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 0,6" (UTC), Automerge - "* 0-3 * * *" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMzMuMCIsInVwZGF0ZWRJblZlciI6IjM5LjIzMy4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJraW5kL2RlcGVuZGVuY3kiXX0=-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/851
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-04-05 08:20:36 +00:00
Christopher Homberger
3aea811f1f chore(actions): remove obsolete gitea.act_runner.local_root_url (#850)
Co-authored-by: Christopher Homberger <christopher.homberger@web.de>
Co-committed-by: Christopher Homberger <christopher.homberger@web.de>
2025-04-04 20:18:59 +00:00
developerguy
a7035ca4e5 feat: make it configurable of the initContainers volume mount path for scripts (#848)
### Description of the change

Makes it configurable volume mount path for initContainers for init scripts

### Benefits

Configurable initContainers volumeMount path for init scripts

### Possible drawbacks

I don't think that there will be any drawbacks

### Applicable issues

- Fixes #847

Signed-off-by: Batuhan Apaydin <batuhan.apaydin@chainguard.dev>

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/848
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: developerguy <developerguy@noreply.gitea.com>
Co-committed-by: developerguy <developerguy@noreply.gitea.com>
2025-04-03 18:03:13 +00:00
Ceddaerrix
fa36d2beef fix: reverting use of TPL in "gitea.inline_configuration" (#846)
### Description of the change

Reverting TPL use in "gitea.inline_configuration" mistakenly committed under https://gitea.com/gitea/helm-gitea/pulls/840

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/846
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
2025-03-31 10:46:51 +00:00
pat-s
6c5b42c482 refactor!: remove actions related files (#825)
see #824

Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/825
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-03-31 07:47:23 +00:00
justusbunsi
356dd6e710 chore(renovate): group bats framework dependencies (#844)
Related to https://gitea.com/gitea/helm-gitea/pulls/724#issuecomment-995049

Groups following updates:

- unittests/bash/bats
- unittests/bash/test_helper/bats-assert
- unittests/bash/test_helper/bats-mock
- unittests/bash/test_helper/bats-support

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/844
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-03-31 07:41:02 +00:00
Ceddaerrix
1f313ac70e feat: adding dry support to gitea additional config from envs parameter (#840)
### Description of the change

Based on the discussion under https://gitea.com/gitea/helm-gitea/issues/60, it is possible to use `gitea.additionalConfigFromEnvs` to provide variables in order to override configurations from `app.ini`.
Especially when using gitea as a dependency of an umbrella, some values may need to be repeated in multiple places (such has database configuration). Hence, introducing the `tpl` function on `gitea.additionalConfigFromEnvs` will simplify such repetition by having the value only set in one place...

### Benefits

With the same intentions as https://gitea.com/gitea/helm-gitea/pulls/759, https://gitea.com/gitea/helm-gitea/pulls/664, https://gitea.com/gitea/helm-gitea/pulls/529 or https://gitea.com/gitea/helm-gitea/pulls/498, this change will allow reusing the value from other value parameters to avoid duplicating the same value in multiple places.

### Possible drawbacks

N/A

### Applicable issues

N/A

### Additional information

N/A

### Checklist

- [X] Helm templating unittests are added (required when changing anything in `templates` folder)

Co-authored-by: 212597596 <cedric.henry@ge.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/840
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
2025-03-30 14:30:35 +00:00
Renovate Bot
d2d542e625 chore(deps): update workflow dependencies (minor & patch) (#827)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) |  | patch | `3.17.1` -> `3.17.2` |
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) | container | patch | `3.17.1` -> `3.17.2` |
| [commitlint/commitlint](https://github.com/conventional-changelog/commitlint) | container | minor | `19.7.1` -> `19.8.0` |
| [docker.io/thegeeklab/git-sv](https://github.com/thegeeklab/git-sv) | container | patch | `1.0.12` -> `1.0.13` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/827
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-30 12:49:34 +00:00
Renovate Bot
75cd261b37 chore(deps): update subcharts (minor & patch) (#816)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | minor | `16.4.14` -> `16.6.0` |
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | minor | `15.2.3` -> `15.3.8` |
| [redis](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis)) | minor | `20.8.0` -> `20.11.4` |
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | patch | `11.4.3` -> `11.4.6` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/816
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-30 12:14:51 +00:00
bachorp
2c78da9c3e docs: set full path of values.yaml key in output to user (#832)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Currently, the reported path of the values to be changed is not always correct (especially `gitea.persistence` vs. `persistence`).

Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/832
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: bachorp <bachorp@noreply.gitea.com>
Co-committed-by: bachorp <bachorp@noreply.gitea.com>
2025-03-26 17:16:17 +00:00
bachorp
06f5179273 docs: fix typo in initialization script (#842)
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/842
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: bachorp <gitea.revivable069@passmail.net>
Co-committed-by: bachorp <gitea.revivable069@passmail.net>
2025-03-26 17:12:56 +00:00
Renovate Bot
e7e2ae9610 chore(deps): update dependency go-gitea/gitea to v1.23.6 (#838)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-25 00:18:08 +00:00
Renovate Bot
62f5ed6d46 chore(deps): update unittests/bash/test_helper/bats-assert digest to b93143a (#837)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-24 00:16:56 +00:00
Renovate Bot
d2e9bcf4b8 chore(deps): update unittests/bash/bats digest to 3172a45 (#835)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-24 00:05:48 +00:00
Renovate Bot
b44d43d2b0 chore(deps): update unittests/bash/test_helper/bats-support digest to d007fc1 (#836)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-23 00:05:43 +00:00
Renovate Bot
03918a126b chore(deps): update unittests/bash/bats digest to 261b029 (#830)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-17 00:17:10 +00:00
Renovate Bot
8d3f4d2260 chore(deps): update unittests/bash/test_helper/bats-assert digest to 0ec504e (#826)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| unittests/bash/test_helper/bats-assert | digest | `e2d855b` -> `0ec504e` |

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 0,6" (UTC), Automerge - "* 0-3 * * *" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xOTAuMCIsInVwZGF0ZWRJblZlciI6IjM5LjE5MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJraW5kL2RlcGVuZGVuY3kiXX0=-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/826
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-08 08:57:43 +00:00
pat-s
74d550922b chore: chart renaming aftermath 2025-03-06 22:29:58 +01:00
pat-s
7245b3b4cc chore: change repo name to helm-gitea (#823)
Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/823
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-03-06 20:54:40 +00:00
Renovate Bot
c0cadb9056 chore(deps): update dependency go-gitea/gitea to v1.23.5 (#822)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-06 00:06:34 +00:00
justusbunsi
c38703f21e ci(release): fix aws-cli installation
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-03-01 18:44:59 +01:00
justusbunsi
ad475405e9 docs(README): add upgrade notes regarding PostgreSQL + Gitea major updates (#818)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/818
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-03-01 17:07:55 +00:00
justusbunsi
60ef163b22 docs(README): add installation instructions for docker.gitea.com (#817)
Follow-up to https://gitea.com/gitea/helm-chart/pulls/814 and https://gitea.com/gitea/blog/pulls/429.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/817
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-03-01 16:51:57 +00:00
Renovate Bot
941ab3ef49 chore(deps): update docker.io/thegeeklab/git-sv docker tag to v1.0.12 (#815)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-03-01 00:13:56 +00:00
techknowlogick
ff7783fcbe chore: use docker.gitea.com registry URLs (#814)
Due to ratelimits

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/814
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Co-committed-by: techknowlogick <techknowlogick@gitea.com>
2025-02-28 10:48:04 +00:00
pat-s
9f659afc47 ci: hardcode gitea.com domain (#808)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/808
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-23 15:30:58 +00:00
pat-s
f74ab67b59 ci: use fetch-depth instead of fetch-tags (#807)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/807
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-23 14:50:17 +00:00
pat-s
724ebc5258 ci: fetch tags during checkout (#806)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/806
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-23 14:43:29 +00:00
justusbunsi
44563bed35 chore: install nodejs into changelog creation container (#805)
Follow-up of https://gitea.com/gitea/helm-chart/pulls/794

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/805
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-02-23 14:29:43 +00:00
pat-s
6cb068ae12 ci: create upcoming changelog via git-sv (#794)
https://github.com/thegeeklab/git-sv

- Creates a changelog from conventional commits
- Updates the changelog in an static issue (creates the issue if missing)
- Only runs after a new commit was merged into `main`
- Automatically determines the next version based on conv commits logic
- Follows up on #788

---

The logic can also be used to create the release notes on `tag` events and the subsequent Gitea release. Didn't wanted to add all at once, though.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/794
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-23 14:20:33 +00:00
justusbunsi
3c931de904 chore: ensure Gitea update at any possible time (#802)
This reduces manual overhead from all of us. It should overrule the "schedule only on weekends" at the top of our Renovate config.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/802
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-02-23 14:19:13 +00:00
justusbunsi
cb516e0f7f chore: rerun commitlint check on PR title change (#804)
This makes it easier for contributors. They don't need to update the branch itself by e.g. empty commits.

However, it now triggers the commitlint even when the PR description is updated.

Solution inspired by https://github.com/orgs/community/discussions/48695 and https://github.com/orgs/community/discussions/101695.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/804
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2025-02-23 14:05:51 +00:00
Renovate Bot
31d8e7c79f chore(deps): update dependency go-gitea/gitea to v1.23.4 (#800)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [go-gitea/gitea](https://github.com/go-gitea/gitea) | patch | `1.23.1` -> `1.23.4` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/800
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-23 13:17:17 +00:00
Renovate Bot
11d3fbcc77 chore(deps): update subcharts (minor & patch) (#801)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | patch | `16.4.6` -> `16.4.14` |
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | minor | `15.1.7` -> `15.2.3` |
| [redis](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis)) | minor | `20.6.3` -> `20.8.0` |
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | patch | `11.4.1` -> `11.4.3` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/801
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-23 13:13:48 +00:00
Renovate Bot
05143021fe chore(deps): update alpine/helm docker tag to v3.17.1 (#799)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-23 00:10:38 +00:00
tobiasbp
a983974568 fix: quote node selector values (#796)
### Description of the change

This pr add quotes to values for _nodeSelector_ entries. This is needed if the value is a _boolean_. An example is using [Spot VMs](https://cloud.google.com/kubernetes-engine/docs/concepts/spot-vms) on _GCP_:
````
apiVersion: v1
kind: Pod
spec:
  nodeSelector:
    cloud.google.com/gke-spot: "true"
````

Currently, the Chart uses the _toYaml_ function when adding the _nodeSelector_ values, however, _toYaml_ does not quote the values as discussed [here](https://github.com/helm/helm/issues/4262).

The same issue, for ingress configurations, was discussed in [this issue](https://gitea.com/gitea/helm-chart/issues/483), and fixed in [this PR](https://gitea.com/gitea/helm-chart/pulls/497).

### Benefits

Allows the usage of _boolean_ values for _nodeSelectors_.

### Possible drawbacks

None known.

Co-authored-by: tobias.petersen <tobias.petersen@unity3d.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/796
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: tobiasbp <tobiasbp@noreply.gitea.com>
Co-committed-by: tobiasbp <tobiasbp@noreply.gitea.com>
2025-02-19 13:20:18 +00:00
edd8557bb0 docs(README): hint of CPU limit lower than 1000m (#795)
The example of my latest PR based on a cpu resource limit of `100m`. But as the article describes, a cpu limit of lower than `1000m` or `1` can also lead to cpu throttling.

I've updates the README, to be correct and inform the user to take care of a correct cpu resource limit.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/795
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2025-02-19 09:24:31 +00:00
pat-s
a4c706f521 chore: renovate: automerge digest (#787)
related to https://gitea.com/gitea/helm-chart/pulls/754

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/787
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-15 13:42:56 +00:00
pat-s
d8f155562b chore: enforce conventional commits and lint via commitlint (#788)
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2025-02-06 21:27:40 +00:00
Renovate Bot
8bf5b2104d chore(deps): update unittests/bash/bats digest to 7ca23b1 (#754)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| unittests/bash/bats | digest | `b640ec3` -> `7ca23b1` |

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 0,6" (UTC), Automerge - "* 0-3 * * *" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS43NS4xIiwidXBkYXRlZEluVmVyIjoiMzkuMTE4LjIiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/754
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-05 18:01:04 +00:00
Renovate Bot
d8ec7dc2f5 chore(deps): update postgresql docker tag to v16 (#736)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | major | `15.5.38` -> `16.4.6` |

---

### Release Notes

<details>
<summary>bitnami/charts (postgresql)</summary>

### [`v16.4.6`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#1646-2025-02-02)

-   \[bitnami/postgresql] Release 16.4.6 ([#&#8203;31702](https://github.com/bitnami/charts/pull/31702))

### [`v16.4.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1645-2025-01-20-small)

-   \[bitnami/postgresql] Release 16.4.5 ([#&#8203;31484](https://github.com/bitnami/charts/issues/31484)) ([b11637c](b11637c36a)), closes [#&#8203;31484](https://github.com/bitnami/charts/issues/31484)

### [`v16.4.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1644-2025-01-20-small)

-   \[bitnami/postgresql] Release 16.4.4 ([#&#8203;31482](https://github.com/bitnami/charts/issues/31482)) ([e784f18](e784f187c0)), closes [#&#8203;31482](https://github.com/bitnami/charts/issues/31482)

### [`v16.4.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1643-2025-01-14-small)

-   bitnami/postgresql Fix missing dot in include statement for passwordUpdate job template ([#&#8203;31364](https://github.com/bitnami/charts/issues/31364)) ([901b26c](901b26c4b7)), closes [#&#8203;31364](https://github.com/bitnami/charts/issues/31364)

### [`v16.4.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1642-2025-01-13-small)

-   \[bitnami/postgresql] Release 16.4.2 ([#&#8203;31342](https://github.com/bitnami/charts/issues/31342)) ([946b638](946b638fd6)), closes [#&#8203;31342](https://github.com/bitnami/charts/issues/31342)

### [`v16.4.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1641-2025-01-13-small)

-   Dynamic assignment of custom schema name if defined in update-password job ([#&#8203;31146](https://github.com/bitnami/charts/issues/31146)) ([364ac45](364ac45ea6)), closes [#&#8203;31146](https://github.com/bitnami/charts/issues/31146)

### [`v16.3.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1635-2025-01-03-small)

-   Revert "\[bitnami/postgresql] Add Storage Class Configuration to Templates ([#&#8203;30858](https://github.com/bitnami/charts/issues/30858))" ([#&#8203;31204](https://github.com/bitnami/charts/issues/31204)) ([c03fe0c](c03fe0c3e3)), closes [#&#8203;30858](https://github.com/bitnami/charts/issues/30858) [#&#8203;31204](https://github.com/bitnami/charts/issues/31204)

### [`v16.3.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1634-2024-12-23-small)

-   \[bitnami/postgresql] Release 16.3.4 ([#&#8203;31143](https://github.com/bitnami/charts/issues/31143)) ([05a9583](05a9583f94)), closes [#&#8203;31143](https://github.com/bitnami/charts/issues/31143)

### [`v16.3.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1633-2024-12-20-small)

-   \[bitnami/postgresql] Release 16.3.3 ([#&#8203;31133](https://github.com/bitnami/charts/issues/31133)) ([41671f2](41671f2e78)), closes [#&#8203;31133](https://github.com/bitnami/charts/issues/31133)

### [`v16.3.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1632-2024-12-16-small)

-   \[bitnami/\*] Fix typo in README ([#&#8203;31052](https://github.com/bitnami/charts/issues/31052)) ([b41a51d](b41a51d1bd)), closes [#&#8203;31052](https://github.com/bitnami/charts/issues/31052)
-   \[bitnami/postgresql] Release 16.3.2 ([#&#8203;31060](https://github.com/bitnami/charts/issues/31060)) ([1406ab1](1406ab116e)), closes [#&#8203;31060](https://github.com/bitnami/charts/issues/31060)

### [`v16.3.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1631-2024-12-13-small)

-   \[bitnami/postgresql] Add Storage Class Configuration to Templates ([#&#8203;30858](https://github.com/bitnami/charts/issues/30858)) ([b0d2c2e](b0d2c2e53c)), closes [#&#8203;30858](https://github.com/bitnami/charts/issues/30858)

### [`v16.3.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#1630-2024-12-10)

-   \[bitnami/\*] Add Bitnami Premium to NOTES.txt ([#&#8203;30854](https://github.com/bitnami/charts/issues/30854)) ([3dfc003](3dfc00376d)), closes [#&#8203;30854](https://github.com/bitnami/charts/issues/30854)
-   \[bitnami/postgresql] Detect non-standard images ([#&#8203;30936](https://github.com/bitnami/charts/issues/30936)) ([ac96151](ac96151bdb)), closes [#&#8203;30936](https://github.com/bitnami/charts/issues/30936)

### [`v16.2.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1625-2024-12-03-small)

-   \[bitnami/postgresql] Release 16.2.5 ([#&#8203;30733](https://github.com/bitnami/charts/issues/30733)) ([34606c1](34606c10de)), closes [#&#8203;30733](https://github.com/bitnami/charts/issues/30733)

### [`v16.2.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1624-2024-12-03-small)

-   \[bitnami/\*] docs: 📝 Add "Backup & Restore" section ([#&#8203;30711](https://github.com/bitnami/charts/issues/30711)) ([35ab536](35ab536374)), closes [#&#8203;30711](https://github.com/bitnami/charts/issues/30711)
-   \[bitnami/\*] docs: 📝 Add "Prometheus metrics" (batch 5) ([#&#8203;30674](https://github.com/bitnami/charts/issues/30674)) ([ed2a546](ed2a54617f)), closes [#&#8203;30674](https://github.com/bitnami/charts/issues/30674)
-   \[bitnami/postgresql] use adminPassword for metrics user when custom user is not set ([#&#8203;30720](https://github.com/bitnami/charts/issues/30720)) ([8f4bc7b](8f4bc7b46b)), closes [#&#8203;30720](https://github.com/bitnami/charts/issues/30720)

### [`v16.2.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1623-2024-11-28-small)

-   \[bitnami/postgresql] Release 16.2.3 ([#&#8203;30645](https://github.com/bitnami/charts/issues/30645)) ([22a4c51](22a4c51dc3)), closes [#&#8203;30645](https://github.com/bitnami/charts/issues/30645)

### [`v16.2.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1622-2024-11-21-small)

-   \[bitnami/postgresql] Release 16.2.2 ([#&#8203;30570](https://github.com/bitnami/charts/issues/30570)) ([7b3a6d5](7b3a6d5808)), closes [#&#8203;30570](https://github.com/bitnami/charts/issues/30570)

### [`v16.2.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1621-2024-11-14-small)

-   \[bitnami/postgresql] Release 16.2.1 ([#&#8203;30463](https://github.com/bitnami/charts/issues/30463)) ([2360527](236052763a)), closes [#&#8203;30463](https://github.com/bitnami/charts/issues/30463)

### [`v16.2.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#1620-2024-11-14)

-   \[bitnami/postgresql] feat:  Add password update job ([#&#8203;30444](https://github.com/bitnami/charts/issues/30444)) ([ea896db](ea896dbfbf)), closes [#&#8203;30444](https://github.com/bitnami/charts/issues/30444)

### [`v16.1.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1612-2024-11-06-small)

-   \[bitnami/postgresql] Release 16.1.2 ([#&#8203;30250](https://github.com/bitnami/charts/issues/30250)) ([423c554](423c554547)), closes [#&#8203;30250](https://github.com/bitnami/charts/issues/30250)

### [`v16.1.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1611-2024-11-04-small)

-   \[bitnami/postgresql] metrics.collectors applies to read replicas ([#&#8203;30133](https://github.com/bitnami/charts/issues/30133)) ([696f113](696f113b68)), closes [#&#8203;30133](https://github.com/bitnami/charts/issues/30133)

### [`v16.1.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#1610-2024-10-30)

-   \[bitnami/\*] Remove wrong comment about imagePullPolicy ([#&#8203;30107](https://github.com/bitnami/charts/issues/30107)) ([a51f9e4](a51f9e4bb0)), closes [#&#8203;30107](https://github.com/bitnami/charts/issues/30107)
-   \[bitnami/postgresql] Added support for `namespaceOverride` ([#&#8203;30113](https://github.com/bitnami/charts/issues/30113)) ([4253372](4253372e0b)), closes [#&#8203;30113](https://github.com/bitnami/charts/issues/30113)

### [`v16.0.6`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1606-2024-10-24-small)

-   \[bitnami/postgresql] Release 16.0.6 ([#&#8203;30069](https://github.com/bitnami/charts/issues/30069)) ([e431b4a](e431b4a915)), closes [#&#8203;30069](https://github.com/bitnami/charts/issues/30069)

### [`v16.0.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1605-2024-10-22-small)

-   \[bitnami/postgresql] Release 16.0.5 ([#&#8203;30046](https://github.com/bitnami/charts/issues/30046)) ([a825e37](a825e37775)), closes [#&#8203;30046](https://github.com/bitnami/charts/issues/30046)

### [`v16.0.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1604-2024-10-21-small)

-   \[bitnami/postgresql] Release 16.0.4 ([#&#8203;30013](https://github.com/bitnami/charts/issues/30013)) ([8435f88](8435f88ae0)), closes [#&#8203;30013](https://github.com/bitnami/charts/issues/30013)

### [`v16.0.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1603-2024-10-16-small)

-   \[bitnami/postgresql] Release 16.0.3 ([#&#8203;29942](https://github.com/bitnami/charts/issues/29942)) ([7b3f2bb](7b3f2bb7a6)), closes [#&#8203;29942](https://github.com/bitnami/charts/issues/29942)

### [`v16.0.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1602-2024-10-16-small)

-   \[bitnami/postgresql] Release 16.0.2 ([#&#8203;29938](https://github.com/bitnami/charts/issues/29938)) ([766c157](766c1577e8)), closes [#&#8203;29938](https://github.com/bitnami/charts/issues/29938)
-   Update documentation links to techdocs.broadcom.com ([#&#8203;29931](https://github.com/bitnami/charts/issues/29931)) ([f0d9ad7](f0d9ad78f3)), closes [#&#8203;29931](https://github.com/bitnami/charts/issues/29931)

### [`v16.0.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#small1601-2024-10-04-small)

-   \[bitnami/postgresql] Release 16.0.1 ([#&#8203;29776](https://github.com/bitnami/charts/issues/29776)) ([9d7fcdc](9d7fcdc44c)), closes [#&#8203;29776](https://github.com/bitnami/charts/issues/29776)

### [`v16.0.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql/CHANGELOG.md#1600-2024-10-02)

-   \[bitnami/postgresql] Release 16.0.0 ([#&#8203;29723](https://github.com/bitnami/charts/issues/29723)) ([aeedc0e](aeedc0e67b)), closes [#&#8203;29723](https://github.com/bitnami/charts/issues/29723)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 0,6" (UTC), Automerge - "* 0-3 * * *" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS40MC4xIiwidXBkYXRlZEluVmVyIjoiMzkuMTU2LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/736
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-05 17:33:18 +00:00
Renovate Bot
70cc590eb3 chore(deps): update postgresql-ha docker tag to v15 (#741)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `14.3.10` -> `15.1.7` |

---

### Release Notes

<details>
<summary>bitnami/charts (postgresql-ha)</summary>

### [`v15.1.7`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#1517-2025-02-02)

-   \[bitnami/postgresql-ha] Release 15.1.7 ([#&#8203;31701](https://github.com/bitnami/charts/pull/31701))

### [`v15.1.6`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1516-2025-01-13-small)

-   \[bitnami/postgresql-ha] Release 15.1.6 ([#&#8203;31341](https://github.com/bitnami/charts/issues/31341)) ([30c2b39](30c2b394da)), closes [#&#8203;31341](https://github.com/bitnami/charts/issues/31341)

### [`v15.1.5`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1515-2025-01-13-small)

-   \[bitnami/postgresql-ha] setting ServiceAccount also when is not created by the bitnami chart ([#&#8203;31293](https://github.com/bitnami/charts/issues/31293) ([2316c35](2316c354ab)), closes [#&#8203;31293](https://github.com/bitnami/charts/issues/31293)

### [`v15.1.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1514-2024-12-23-small)

-   \[bitnami/postgresql-ha] Release 15.1.4 ([#&#8203;31144](https://github.com/bitnami/charts/issues/31144)) ([6a0ca8f](6a0ca8f0d1)), closes [#&#8203;31144](https://github.com/bitnami/charts/issues/31144)

### [`v15.1.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1513-2024-12-23-small)

-   \[bitnami/postgresql-ha] Release 15.1.3 ([#&#8203;31135](https://github.com/bitnami/charts/issues/31135)) ([b1fde05](b1fde05a5d)), closes [#&#8203;31135](https://github.com/bitnami/charts/issues/31135)

### [`v15.1.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1512-2024-12-20-small)

-   \[bitnami/\*] Fix typo in README ([#&#8203;31052](https://github.com/bitnami/charts/issues/31052)) ([b41a51d](b41a51d1bd)), closes [#&#8203;31052](https://github.com/bitnami/charts/issues/31052)
-   \[bitnami/postgresql-ha] Fix typo in documentation ([#&#8203;31069](https://github.com/bitnami/charts/issues/31069)) ([b3b4ac7](b3b4ac71e4)), closes [#&#8203;31069](https://github.com/bitnami/charts/issues/31069)
-   \[bitnami/postgresql-ha] Release 15.1.2 ([#&#8203;31132](https://github.com/bitnami/charts/issues/31132)) ([a352680](a352680c0b)), closes [#&#8203;31132](https://github.com/bitnami/charts/issues/31132)

### [`v15.1.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1511-2024-12-13-small)

-   \[bitnami/postgresql-ha]Add Storage Class Configuration to Templates ([#&#8203;30993](https://github.com/bitnami/charts/issues/30993)) ([485796b](485796bfe6)), closes [#&#8203;30993](https://github.com/bitnami/charts/issues/30993)

### [`v15.1.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#1510-2024-12-10)

-   \[bitnami/\*] Add Bitnami Premium to NOTES.txt ([#&#8203;30854](https://github.com/bitnami/charts/issues/30854)) ([3dfc003](3dfc00376d)), closes [#&#8203;30854](https://github.com/bitnami/charts/issues/30854)
-   \[bitnami/postgresql-ha] Detect non-standard images ([#&#8203;30937](https://github.com/bitnami/charts/issues/30937)) ([5149845](5149845424)), closes [#&#8203;30937](https://github.com/bitnami/charts/issues/30937)

### [`v15.0.4`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1504-2024-12-03-small)

-   \[bitnami/postgresql-ha] Release 15.0.4 ([#&#8203;30732](https://github.com/bitnami/charts/issues/30732)) ([dd65642](dd6564295a)), closes [#&#8203;30732](https://github.com/bitnami/charts/issues/30732)

### [`v15.0.3`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1503-2024-12-03-small)

-   \[bitnami/\*] docs: 📝 Add "Backup & Restore" section ([#&#8203;30711](https://github.com/bitnami/charts/issues/30711)) ([35ab536](35ab536374)), closes [#&#8203;30711](https://github.com/bitnami/charts/issues/30711)
-   \[bitnami/\*] docs: 📝 Add "Update Credentials" (batch 3) ([#&#8203;30688](https://github.com/bitnami/charts/issues/30688)) ([10a49f9](10a49f9ff2)), closes [#&#8203;30688](https://github.com/bitnami/charts/issues/30688)
-   \[bitnami/postgresql-ha] Release 15.0.3 ([#&#8203;30730](https://github.com/bitnami/charts/issues/30730)) ([1e7e0de](1e7e0dee58)), closes [#&#8203;30730](https://github.com/bitnami/charts/issues/30730)

### [`v15.0.2`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1502-2024-11-28-small)

-   \[bitnami/\*] docs: 📝 Add "Prometheus metrics" (batch 5) ([#&#8203;30674](https://github.com/bitnami/charts/issues/30674)) ([ed2a546](ed2a54617f)), closes [#&#8203;30674](https://github.com/bitnami/charts/issues/30674)
-   \[bitnami/postgresql-ha] Release 15.0.2 ([#&#8203;30676](https://github.com/bitnami/charts/issues/30676)) ([de62c88](de62c88da5)), closes [#&#8203;30676](https://github.com/bitnami/charts/issues/30676)

### [`v15.0.1`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#small1501-2024-11-27-small)

-   \[bitnami/postgresql-ha] Release 15.0.1 ([#&#8203;30644](https://github.com/bitnami/charts/issues/30644)) ([ebb2f96](ebb2f960e7)), closes [#&#8203;30644](https://github.com/bitnami/charts/issues/30644)

### [`v15.0.0`](https://github.com/bitnami/charts/blob/HEAD/bitnami/postgresql-ha/CHANGELOG.md#1500-2024-11-25)

-   \[bitnami/postgresql-ha] Release 15.0.0 ([#&#8203;30618](https://github.com/bitnami/charts/issues/30618)) ([2d17a50](2d17a50466)), closes [#&#8203;30618](https://github.com/bitnami/charts/issues/30618)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 0,6" (UTC), Automerge - "* 0-3 * * *" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS40MC4xIiwidXBkYXRlZEluVmVyIjoiMzkuMTU2LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImtpbmQvZGVwZW5kZW5jeSJdfQ==-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/741
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-05 17:18:22 +00:00
yael-tramier
3ac51f2628 Replace claimName value to existingClaim to manage your PVC value for PostgreSQL chart. (#786)
### Description of the change

Hello, following the documentation, I saw that there was a small error concerning the declaration of a PVC on the PostgreSQL part.
So I just changed this value from claimName to existingClaim

### Applicable issues

- Fixes #778

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/786
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: yael-tramier <yael-tramier@noreply.gitea.com>
Co-committed-by: yael-tramier <yael-tramier@noreply.gitea.com>
2025-02-05 16:59:07 +00:00
4f42f4bee3 [Close #771] fix: set GOMAXPROCS (#772)
The following patch add automatically the environment variable `GOMAXPROCS`,
when a CPU limit is defined. Otherwise CPU throttling may occur.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/772
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2025-02-02 21:30:00 +00:00
Renovate Bot
cc7532ec90 chore(deps): update dependency helm-unittest/helm-unittest to v0.7.2 (#784)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-02-01 00:33:28 +00:00
grandmou
1d908965a8 feat(act_runner): allow to mount volumes (#756)
### Description of the change

In the act_runner StatefulSet, this allows to mount volumes.

### Benefits

It allows to mount some volumes in any of the two containers, e.g. certificates for a private registry.

### Possible drawbacks

I can't think of any.

### Applicable issues

- Fixes #744

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Helm templating unittests are added (required when changing anything in `templates` folder)

Co-authored-by: Xav <grandmou@protonmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/756
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: grandmou <grandmou@noreply.gitea.com>
Co-committed-by: grandmou <grandmou@noreply.gitea.com>
2025-01-28 17:17:57 +00:00
Renovate Bot
43e0918cfc chore(deps): update dependency markdownlint-cli to ^0.44.0 (#782)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-26 01:13:52 +00:00
Renovate Bot
41deaf977e chore(deps): update redis-cluster docker tag to v11.4.1 (#780)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-26 00:48:40 +00:00
Renovate Bot
b8b909be0b chore(deps): update workflow dependencies (minor & patch) (#781)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-25 00:47:04 +00:00
Renovate Bot
4f9a48ae51 chore(deps): update subcharts (minor & patch) (#774)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-19 00:11:05 +00:00
Renovate Bot
ef8ad0f050 chore(deps): update dependency go-gitea/gitea to v1.23.1 (#767)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-12 00:22:58 +00:00
Renovate Bot
680d95c943 chore(deps): update subcharts (minor & patch) (#766)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-12 00:10:25 +00:00
Renovate Bot
48e61b164b chore(deps): update dependency helm-unittest/helm-unittest to v0.7.1 (#760)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-01-04 00:21:59 +00:00
Renovate Bot
3e72e8b983 chore(deps): update alpine/helm docker tag to v3.16.4 (#757)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-28 00:21:37 +00:00
Renovate Bot
9b28e264f7 chore(deps): update subcharts (minor & patch) (#755)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-22 00:25:58 +00:00
justusbunsi
8c4e8e8f30 Introduce bash scripting unittests (#724)
### Description of the change

This adds an environment for unit testing our bash scripts, using [BATS](https://github.com/bats-core/bats-core).
It implements first tests for `config_environment.sh`.

### Benefits

Writing unit tests for bash scripts documents the expected behavior and allows it being a quality gate in our CI.

### Possible drawbacks

Not everyone is familiar with this approach and unit testing framework. Me neither, it took me some hours to get into it.

### Applicable issues

- Related to #691 where an issue in `config_environment.sh` was detected. It doesn't fixes it yet. This will be a dedicated Pull Request.

### Additional information

I've verified that the changes for Renovate are indeed working.

You may wonder why there is only one `run $PROJECT_ROOT/scripts/init-containers/config/config_environment.sh` and many `run execute_test_script` calls.
Usually, testing a script itself would be executing `run $PROJECT_ROOT/scripts/init-containers/config/config_environment.sh`. You then can assert the exit code and other things. Since the `config_environment.sh` exports environment variables and we are not able to access them from outside a `run` execution, the function `execute_test_script` wraps our script execution between environment comparison. Doing so allows us capture environment variables that were added/removed during script execution.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/724
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-20 09:45:01 +00:00
justusbunsi
5968cfa1d4 Disable renovate branch builds (#753)
Renovate PRs currently trigger 2 builds:

- For the PR itself
- For the `renovate/...` branch

This only increases builds without any benefit.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/753
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-19 18:18:58 +00:00
Renovate Bot
12f253db10 chore(deps): update redis-cluster docker tag to v11 (#743)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | major | `10.3.0` -> `11.2.0` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/743
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-19 18:09:01 +00:00
Renovate Bot
535aa1cf1a chore(deps): update redis docker tag to v20 (#742)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [redis](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis)) | major | `19.6.4` -> `20.6.0` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/742
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-19 17:47:00 +00:00
justusbunsi
a79fd31f7e Increase testability of shell scripts (#752)
This is a preparation for #724 (bash script testing) which would be too complex to review if done there.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/752
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-19 12:04:00 +00:00
justusbunsi
726b36c6d8 Extract raw shell/bash scripts as actual shell script files (#751)
### Description of the change

This is a preparation for #724 (bash script testing) which would be too complex to review if done there. I haven't changed the script contents.

### Benefits

Better IDE support, possibility for shell checks, tests.

### Possible drawbacks

-

### Additional information

I only extracted files that are native bash scripts. There are others, being a mix of Helm templating and shell scripts. Those scripts must be cleared first before extracting them as well.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/751
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-19 10:56:12 +00:00
justusbunsi
4691b63f7a Move Helm unittests into subfolder (#750)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/750
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-18 12:04:15 +00:00
justusbunsi
8f516048e4 Move actions related readme into docs folder (#749)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/749
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-18 11:42:31 +00:00
justusbunsi
e9084e1833 Ensure default customization of Chart dependencies (#748)
### Description of the change

This adds unittests for the default configuration of our dependencies.

### Benefits

We are able to detect changes in upstream Charts for those settings.

### Applicable issues

- fixes #409

### Additional information

I merged existing unittests with the new ones for `postgresql-ha` and `postgresql`.
However, I decided to not do this for `redis-cluster` and `redis`, because the existing tests[^1] also ensure how the Chart behaves when both redis dependencies are disabled. It didn't felt right to split those files.

### Checklist

- [x] Templating unittests are added

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

[^1]: e733287dc2/unittests/config/cache-config.yaml, e733287dc2/unittests/config/queue-config.yaml, e733287dc2/unittests/config/session-config.yaml

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/748
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-18 11:12:29 +00:00
justusbunsi
e733287dc2 Fix runner label issues (#739)
### Description of the change

This addresses 2 bugs regarding configured runner labels:
- `Cannot find: node in PATH` due to a default label that matches the runner host, not the docker-in-docker environment
- After changing the runner config, users have to manually replace the StatefulSet Pod of the runner

### Benefits

- Out-of-the-box functioning node environment
- Auto-updated runner config on changes in values

### Applicable issues

- fixes https://gitea.com/gitea/helm-chart/issues/728
- fixes https://gitea.com/gitea/helm-chart/issues/725

### Additional information

With removing the default labels from `values.yaml`, the act runner defaults will be used for new runners which fixes the "missing node" issue.
I had issues replacing the labels once the Chart defaults were used, so users might have to replace their runner manually if this is an issue.

### Checklist

- [x] Templating unittests are added

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/739
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-12-17 13:30:31 +00:00
Renovate Bot
f4d1a6b516 chore(deps): update dependency go-gitea/gitea to v1.22.6 (#746)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-14 00:24:12 +00:00
Renovate Bot
c3d0bae515 chore(deps): update dependency go-gitea/gitea to v1.22.5 (#745)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-12-13 01:35:36 +00:00
Renovate Bot
aec87c2490 chore(deps): update workflow dependencies (minor & patch) (#735)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) |  | minor | `3.15.3` -> `3.16.3` |
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) | container | minor | `3.15.3` -> `3.16.3` |
| [helm-unittest/helm-unittest](https://github.com/helm-unittest/helm-unittest) |  | minor | `v0.5.2` -> `v0.7.0` |
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | devDependencies | minor | [`^0.41.0` -> `^0.43.0`](https://renovatebot.com/diffs/npm/markdownlint-cli/0.41.0/0.43.0) |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/735
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 23:47:49 +00:00
Renovate Bot
e3db83e22b chore(deps): update dependency go-gitea/gitea to v1.22.4 (#740)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [go-gitea/gitea](https://github.com/go-gitea/gitea) | patch | `1.22.3` -> `1.22.4` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS40MC4xIiwidXBkYXRlZEluVmVyIjoiMzkuNDAuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsia2luZC9kZXBlbmRlbmN5Il19-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/740
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 23:44:11 +00:00
Renovate Bot
7cae9d3404 chore(deps): update busybox docker tag to v1.37.0 (#734)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| busybox | minor | `1.36.1` -> `1.37.0` |

---

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/734
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 23:34:16 +00:00
justusbunsi
52153021e3 Finetune Renovate configuration (#738)
`go-gitea/gitea` is no workflow dependency and therefore should not be grouped as such.
It got automatically matched due to `custom.regex` manager in that rule.

Since we now have image dependencies in our `values.yaml`, PR builds will fail when these changes are not represented in `README.md`.
Using a [postUpgradeTask](https://docs.renovatebot.com/configuration-options/#postupgradetasks) allows customized Renovate behavior.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/738
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-11-30 16:07:23 +00:00
justusbunsi
5f7d353901 Prevent reoccurring namespace inconsistencies (#737)
https://gitea.com/gitea/helm-chart/pulls/713 ensured that all resources
contain a `namespace` field. When adding Gitea actions runner support in
https://gitea.com/gitea/helm-chart/pulls/666, this was an oversight.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/737
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-11-30 14:47:18 +00:00
Hitesh Nayak
389a8460e4 feat(service-monitor): support bearer token authentication on metrics endpoint (#719)
### Benefits

Can protect metrics endpoint with `Bearer` token authentication provided by gitea.
see PR #637 for previous discussion.

### Possible drawbacks

No possible drawbacks

### Applicable issues

- fixes #635

### Additional information

```
gitea:
  metrics:
    enabled: true
    token: "somepassword"
    serviceMonitor:
      enabled: true
```

Using above configuration is sufficient to secure /metrics endpoint with bearer token and corresponding ServiceMonitor.

### Checklist

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [ ] ~~Breaking changes are documented in the `README.md`~~ Not applicable
- [x] Templating unittests are added

Signed-off-by: Hitesh Nayak <hiteshnayak305@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/719
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Hitesh Nayak <hiteshnayak305@gmail.com>
Co-committed-by: Hitesh Nayak <hiteshnayak305@gmail.com>
2024-11-30 13:59:29 +00:00
Renovate Bot
3bacaaad84 chore(deps): update subcharts (minor & patch) (#733)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 02:09:16 +00:00
justusbunsi
2be2e2a639 Ensure dev-only files are not added to the tgz package (#723)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/723
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
2024-11-10 20:15:46 +00:00
justusbunsi
7b892431d6 Support custom envs for Action DinD container (#722)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Follow-up to https://gitea.com/gitea/helm-chart/pulls/666.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/722
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-11-10 14:02:15 +00:00
vjm
f7c66c0336 Add Gitea Actions act runner (#666)
Co-authored-by: dementhorr <dementhorr@proton.me>
Co-authored-by: Vince Montalbano <vince.montalbano@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/666
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: vjm <vjm@noreply.gitea.com>
Co-committed-by: vjm <vjm@noreply.gitea.com>
2024-11-10 13:35:56 +00:00
justusbunsi
5c7e78b467 Bump Gitea to 1.22.3 (#718)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/718
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-10-18 15:14:56 +00:00
justusbunsi
478af4e381 Fix probe definition overrides (#717)
### Description of the change

This fixes an issue when trying to apply a custom probe that is not `tcpSocket`.

### Benefits

Custom probes 🥳

### Applicable issues

- Fixes #694

### Checklist

- [x] Templating unittests are added

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/717
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-10-18 15:09:14 +00:00
justusbunsi
7c4d6c3797 Fix configuration in "external database" docs (#716)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/716
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-10-18 13:50:35 +00:00
rossigee
aa9808bc27 Add 'extraContainers' parameter (#697)
### Description of the change

Adds an 'extraContainers' parameter.

### Benefits

Users will be able to run sidecar containers as required by their environment.

### Possible drawbacks

N/A

### Applicable issues

- Fixes #696

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/697
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: rossigee <rossigee@noreply.gitea.com>
Co-committed-by: rossigee <rossigee@noreply.gitea.com>
2024-10-18 13:44:37 +00:00
SorsOps
a08e39f8ff Fix namespace templating inconsistencies (#713)
### Description of the change

Added namespaces to all the template files to better support alternate templaters in gitops systems

### Benefits

Gitops system that have different ways of handling helm templates can actually deploy this chart correct, especially through subcharts

### Possible drawbacks

Potential regression when upgrading, though this should be unlikely per @jessesanford 's comments with it defaulting back to the existing behaviour

### Applicable issues

  - Addresses https://gitea.com/gitea/helm-chart/issues/630
  - Addresses https://gitea.com/gitea/helm-chart/issues/557
  - Addresses https://gitea.com/gitea/helm-chart/issues/623

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Breaking changes are documented in the `README.md`

Co-authored-by: SorsOps <80043879+sorsOps@users.noreply.github.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/713
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: SorsOps <sorsops@noreply.gitea.com>
Co-committed-by: SorsOps <sorsops@noreply.gitea.com>
2024-10-08 16:40:23 +00:00
pat-s
c039673e5a Add comments about redis password policy (#706)
fix #690

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/706
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-09-19 21:59:47 +00:00
e636984db1 feat(serviceMonitor): custom configuration (#710)
This patch extends the serviceMonitor resource to specify a custom TLS
configuration used by prometheus to scrape the metrics.

Furthermore, the interval and scrapeTimeout can now be adapted without changing
the global defaults of the prometheus instance.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/710
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2024-09-18 17:55:28 +00:00
pat-s
77aa11a3bb bump to gitea 1.22.2
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2024-09-11 15:14:37 +02:00
tobiasbp
3fdb39df68 Do not log errors in init-directories container during Gitea launch (#708)
When the _init-directories_ container runs, the shell script  _init_directory_structure.sh_ logs to _stderr_ because debugging is enabled with _set -x_. The output from the script, should be logged to _stdout_ instead. The issue is discussed here: https://gitea.com/gitea/helm-chart/issues/701

### Description of the change

This PR uses the _verbose_ flag with all commands in the script to log what the script is doing.

### Benefits

Log entries with incorrect severity _ERROR_ will no longer be logged in _Kubernetes_.

### Possible drawbacks

Log output will change. If someone had a check for certain log entries from the _init container_, that check would break.

### Checklist

Updated unit tests.

Co-authored-by: tobias.petersen <tobias.petersen@unity3d.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/708
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: tobiasbp <tobiasbp@noreply.gitea.com>
Co-committed-by: tobiasbp <tobiasbp@noreply.gitea.com>
2024-09-11 12:49:18 +00:00
pat-s
9dc3f7c086 Fix persistence for postgresql-ha (#704)
fix #703

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/704
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-08-29 09:20:27 +00:00
Renovate Bot
036b469ff9 chore(deps): update subcharts (minor & patch) (#695)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-08-03 00:46:33 +00:00
Renovate Bot
339ee94260 chore(deps): update subcharts (minor & patch) (#693)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-28 00:21:27 +00:00
Renovate Bot
1c71764d3c chore(deps): update dependency helm-unittest/helm-unittest to v0.5.2 (#692)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-27 00:42:36 +00:00
justusbunsi
e19723a3fb Improve Renovate behavior (#689)
- Add Gitea releases for `appVersion`
- Rewrite Helm changelog url to retrieve release notes

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/689
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-07-23 13:38:49 +00:00
pat-s
2a762f0865 Gitea 1.22.1 (#684)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/684
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-07-21 11:46:40 +00:00
Renovate Bot
c32c6f929f chore(deps): update subcharts (minor & patch) (#688)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-21 00:21:49 +00:00
Renovate Bot
e29cd1c289 chore(deps): update alpine/helm docker tag to v3.15.3 (#687)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-20 00:40:11 +00:00
Karitham
a535919025 feat: service.{http,ssh}.loadBalancerClass (#640)
### Description of the change

Introduce `service.{http,ssh}.loadBalancerClass`

### Benefits

Feature was not supported before. This is required if your cluster has multiple loadBalancer options and you want to select one

### Possible drawbacks

More yaml.

### Checklist

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Templating unittests are added

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/640
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Karitham <kar@karitham.dev>
Co-committed-by: Karitham <kar@karitham.dev>
2024-07-15 15:13:25 +00:00
Renovate Bot
5c6cd932fe chore(deps): update postgresql docker tag to v15.5.16 (#683)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-13 00:41:15 +00:00
justusbunsi
3265a5ed53 Drop helm signing to release 10.3.0
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Right now, the generated `.prov` file is not uploaded along with the actual `.tgz` file. This makes it impossible to verify our Helm Charts.
In addition, we only sign the old-fashioned `.tgz` file, not the OCI-based releases on DockerHub.
The incentive to do this very commit is an expired GPG key that prevents our release.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-07-07 14:48:54 +02:00
James Harmison
1dbf171ad3 Enable admin user password creation/update mode in values (#677)
### Description of the change

This enables sane modes for forcing reset, as well as providing more options to users of the chart by giving them the flexibility to set the mode for password creation/modification as part of init whether the user exists or not.

### Benefits

The new default should revert to the behavior before #673 became an issue, while also providing more flexibility for users who want to be able to manage their initial admin user password out-of-band after creating it the first time.

### Possible drawbacks

None that I can think of.

### Applicable issues

- fixes #673

### Additional information

See the discussion in #675 as well

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/677
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: James Harmison <jharmison@gmail.com>
Co-committed-by: James Harmison <jharmison@gmail.com>
2024-07-07 09:59:29 +00:00
pat-s
6226e4eaea Add non-clustered redis as sub-chart (#672)
Co-authored-by: Julien <julienym@gmail.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/672
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-07-07 09:57:16 +00:00
Renovate Bot
6ffc0a3790 chore(deps): update subcharts (minor & patch) (#680)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-06 00:43:22 +00:00
Renovate Bot
1ac39a6f5d chore(deps): update subcharts (minor & patch) (#670)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-30 00:21:50 +00:00
Renovate Bot
c4168dd029 chore(deps): update subcharts (minor & patch) (#669)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-23 00:21:38 +00:00
Renovate Bot
4dd17f045b chore(deps): update alpine/helm docker tag to v3.15.2 (#668)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-22 00:40:03 +00:00
Renovate Bot
030322170e chore(deps): update subcharts (minor & patch) (#667)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-15 00:42:23 +00:00
Renovate Bot
d407eda496 chore(deps): update subcharts (minor & patch) (#665)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-08 01:01:27 +00:00
Ceddaerrix
b7b60dd51f DRY improvements (#664)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
### Description of the change

Adding support for DRY principle (via use of the TPL function) to the PVC storage class and the ingress class

### Benefits

It allows to reference a variable into another one to avoid duplicating them (or using YAML anchors).
It is useful and valuable when including Gitea into an umbrella chart with multiple components and to have a single variable while the components variable only refer to that single one.

Example 1
```
global:
  persistence:
    storageClass: "storage-class"
persistence:
  storageClass: "{{ .Values.global.persistence.storageClass }}"
```
This results in having `spec.storageClassName` equal to `storage-class` in the PVC object

Example 2
```
global:
  ingress:
    className: "ingress-class"
ingress:
  className: "{{ .Values.global.ingress.className}}"
```
This results in having `spec.ingressClassName` equal to `ingress-class` in the Ingress object

### Possible drawbacks

N/A

### Checklist

- [X] Templating unittests are added

Co-authored-by: 212597596 <cedric.henry@ge.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/664
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
2024-06-06 20:39:41 +00:00
pat-s
22848d0ce7 Bump Gitea to 1.22 (#662)
@justusbunsi

I've been running 1.22 with this chart on some clusters for some days now without issues.
I think no further adjustments are needed on the chart side.

Maybe we can get some of the other open PRs in?

Also: Let me know if you want to do the release this time - I did a lot lately, happy to let you have a go for this one :)

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/662
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-06-06 20:36:53 +00:00
Renovate Bot
157e87593d chore(deps): update subcharts (minor & patch) (#663)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-02 00:23:26 +00:00
Renovate Bot
f897e6350b chore(deps): update workflow dependencies (minor & patch) (#660)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| alpine/helm |  | minor | `3.14.4` -> `3.15.1` |
| alpine/helm | container | minor | `3.14.4` -> `3.15.1` |
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | devDependencies | minor | [`^0.40.0` -> `^0.41.0`](https://renovatebot.com/diffs/npm/markdownlint-cli/0.40.0/0.41.0) |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/660
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-27 14:54:59 +00:00
Renovate Bot
21bc9a548b chore(deps): update subcharts (minor & patch) (#658)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-26 00:41:07 +00:00
Renovate Bot
b13063ad7a chore(deps): update subcharts (minor & patch) (#656)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-23 00:45:28 +00:00
Renovate Bot
4d62136a3d chore(deps): update workflow dependencies (minor & patch) (#653)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-14 00:40:39 +00:00
Renovate Bot
548f932422 chore(deps): update postgresql docker tag to v15.2.12 (#654)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-12 00:41:34 +00:00
Renovate Bot
dc30c66d25 chore(deps): update subcharts (minor & patch) (#652)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-05 01:11:45 +00:00
pat-s
0b2f3d6eb9 Quote image tag (#641)
fix #631

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/641
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-05-02 08:05:26 +00:00
Dalton Russell
dd304c1c1a Add deployment labels to deployment (#649)
### Description of the change

Applies `deployment.labels` to the deployment itself.

### Benefits

Allows the user to add labels to the deployment.

### Possible drawbacks

None

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Templating unittests are added

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/649
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Dalton Russell <dalton.russell@tangramflex.com>
Co-committed-by: Dalton Russell <dalton.russell@tangramflex.com>
2024-05-02 04:43:42 +00:00
Renovate Bot
4f4c71fb39 chore(deps): update postgresql-ha docker tag to v14.0.6 (#647)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-29 00:41:48 +00:00
Renovate Bot
509ee975c4 chore(deps): update dependency @bitnami/readme-generator-for-helm to v2.6.1 (#646)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-28 00:43:28 +00:00
Renovate Bot
15385d02ee chore(deps): update subcharts (minor & patch) (#645)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | patch | `14.0.3` -> `14.0.5` |
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | patch | `10.0.1` -> `10.0.2` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMxOC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJraW5kL2RlcGVuZGVuY3kiXX0=-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/645
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-23 07:13:16 +00:00
Renovate Bot
617c773b7e chore(deps): update alpine/helm docker tag to v3.14.4 (#644)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-22 00:41:51 +00:00
pat-s
42937062d9 Add codeowners file (#642)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/642
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-04-18 07:23:34 +00:00
Renovate Bot
a91624b52d chore(deps): update redis-cluster docker tag to v10 (#629)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | major | `9.8.1` -> `10.0.1` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNDYuMSIsInVwZGF0ZWRJblZlciI6IjM3LjI3OS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/629
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-17 06:58:01 +00:00
Renovate Bot
b768ded932 chore(deps): update postgresql docker tag to v15 (#634)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | major | `14.3.3` -> `15.2.5` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjYuMCIsInVwZGF0ZWRJblZlciI6IjM3LjI4MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/634
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-16 08:20:32 +00:00
pat-s
fd8246e51d remove apt install helm command
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2024-04-16 10:14:50 +02:00
pat-s
20b14b01c1 update helm install logic in release wf 2024-04-16 10:14:04 +02:00
pat-s
74bae066c4 update docker install for release workflow from debian to ubuntu 2024-04-16 09:58:31 +02:00
pat-s
2f809390be bump Gitea to 1.21.11 2024-04-16 09:52:13 +02:00
Renovate Bot
153a664138 chore(deps): update postgresql-ha docker tag to v14.0.3 (#639)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-14 00:37:58 +00:00
Renovate Bot
0135b10295 chore(deps): update postgresql-ha docker tag to v14.0.2 (#638)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | patch | `14.0.0` -> `14.0.2` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNzkuMyIsInVwZGF0ZWRJblZlciI6IjM3LjI3OS4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJraW5kL2RlcGVuZGVuY3kiXX0=-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/638
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-10 12:49:03 +00:00
Renovate Bot
2a9273d32f chore(deps): update workflow dependencies (minor & patch) (#633)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-25 00:38:32 +00:00
Renovate Bot
3b2b700441 chore(deps): update postgresql-ha docker tag to v14 (#628)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `13.6.1` -> `14.0.0` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNDYuMSIsInVwZGF0ZWRJblZlciI6IjM3LjI0Ni4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/628
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-16 12:52:11 +00:00
justusbunsi
7fa896a0ce Resolve conflicting behavior during make readme (#627)
The current README content is a result of running markdownlint with simple fixes enabled.
It shouldn't fix _any_ issues, even after generating the parameter section.
Unfortunately, this is not the case right now.

This resolves the long-running dispute of both tools. 😉

---

Since I already modified the `values.yaml`, I decided to include a change regarding code signing.
Otherwise, it may confuse users after merging #596.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/627
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-03-15 16:02:06 +00:00
Renovate Bot
d2bfa0250d chore(deps): update subcharts (minor & patch) (#626)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-13 00:35:30 +00:00
Renovate Bot
2d77b626ac chore(deps): update postgresql-ha docker tag to v13 (#624)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `12.8.2` -> `13.4.5` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMjIuMyIsInVwZGF0ZWRJblZlciI6IjM3LjIyNC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/624
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-04 14:55:47 +00:00
Renovate Bot
6644c1701b chore(deps): update postgresql docker tag to v14 (#622)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | major | `13.4.6` -> `14.2.3` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMjIuMyIsInVwZGF0ZWRJblZlciI6IjM3LjIyMi4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/622
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-03 09:37:52 +00:00
Renovate Bot
a3fafc90a8 chore(deps): update redis-cluster docker tag to v9.7.0 (#621)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-03 00:23:32 +00:00
pat-s
ceb6de12a8 bump to gitea 1.21.7
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2024-02-26 11:16:57 +01:00
Renovate Bot
ab5ec8ddb9 chore(deps): update workflow dependencies (minor & patch) (#616)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| alpine/helm |  | patch | `3.14.0` -> `3.14.2` |
| alpine/helm | container | patch | `3.14.0` -> `3.14.2` |
| [helm-unittest/helm-unittest](https://github.com/helm-unittest/helm-unittest) |  | patch | `v0.4.1` -> `v0.4.2` |

---

### Release Notes

<details>
<summary>helm-unittest/helm-unittest (helm-unittest/helm-unittest)</summary>

### [`v0.4.2`](https://github.com/helm-unittest/helm-unittest/releases/tag/v0.4.2)

[Compare Source](https://github.com/helm-unittest/helm-unittest/compare/v0.4.1...v0.4.2)

**Improvements**

-   Improve storing generated template when debug flag enabled (credits [@&#8203;thepeak99](https://github.com/thepeak99))
-   Improve development (credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))

**Fixes**

-   Fix global set and set override (resolves [#&#8203;210](https://github.com/helm-unittest/helm-unittest/issues/210), resolves [#&#8203;276](https://github.com/helm-unittest/helm-unittest/issues/276))
-   Fix debug flag by changing name to debugPlugin flag (resolves [#&#8203;241](https://github.com/helm-unittest/helm-unittest/issues/241))
-   Fix empty documentSelector (credits [@&#8203;michaelruigrok](https://github.com/michaelruigrok))

**Updates**

-   Update packages to latest patch versions (credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk), credits [@&#8203;stavros-k](https://github.com/stavros-k), resolves [#&#8203;295](https://github.com/helm-unittest/helm-unittest/issues/295))
-   Update documentation (credits [@&#8203;tochev](https://github.com/tochev))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIxMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/616
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-02-26 09:51:06 +00:00
Renovate Bot
d65737681a chore(deps): update redis-cluster docker tag to v9.6.2 (#617)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | minor | `9.5.20` -> `9.6.2` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIxMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/617
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-02-26 09:50:40 +00:00
Renovate Bot
8ee589a56f chore(deps): update crazy-max/ghaction-import-gpg action to v6 (#620)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) | action | major | `v5` -> `v6` |

---

### Release Notes

<details>
<summary>crazy-max/ghaction-import-gpg (crazy-max/ghaction-import-gpg)</summary>

### [`v6`](https://github.com/crazy-max/ghaction-import-gpg/compare/v5...v6)

[Compare Source](https://github.com/crazy-max/ghaction-import-gpg/compare/v5...v6)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTIuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIxMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/620
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-02-26 09:42:27 +00:00
Renovate Bot
a82540e7eb chore(deps): update aws-actions/configure-aws-credentials action to v4 (#619)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | action | major | `v2` -> `v4` |

---

### Release Notes

<details>
<summary>aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials)</summary>

### [`v4`](https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4)

[Compare Source](https://github.com/aws-actions/configure-aws-credentials/compare/v3...v4)

This tag tracks the latest v4.x.x release

### [`v3`](https://github.com/aws-actions/configure-aws-credentials/releases/tag/v3)

[Compare Source](https://github.com/aws-actions/configure-aws-credentials/compare/v2...v3)

This tag tracks the latest v3.x.x release

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTIuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIxMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/619
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-02-26 09:41:41 +00:00
pat-s
0794fe5b8b bump to gitea 1.21.6
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2024-02-23 08:36:10 +01:00
pat-s
3ac530f66d Add tests for HA assertion and clean up (#611)
fix #604

- Assertions in `_helpers.tpl` were not effective, removed them
- Updated and indented assertions in `config.yaml`
- Added tests to check the assertions

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/611
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-02-23 07:27:46 +00:00
Renovate Bot
00fbf45f03 chore(deps): update subcharts (minor & patch) (#613)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | minor | `13.3.1` -> `13.4.6` |
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | minor | `12.7.0` -> `12.8.2` |
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | minor | `9.2.1` -> `9.5.20` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNDAuMTQiLCJ1cGRhdGVkSW5WZXIiOiIzNy4xNDAuMTQiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/613
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-02-17 21:30:54 +00:00
Renovate Bot
4d339bb05b chore(deps): update workflow dependencies (minor & patch) (#614)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| alpine/helm |  | minor | `3.13.3` -> `3.14.0` |
| alpine/helm | container | minor | `3.13.3` -> `3.14.0` |
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | devDependencies | minor | [`^0.38.0` -> `^0.39.0`](https://renovatebot.com/diffs/npm/markdownlint-cli/0.38.0/0.39.0) |

---

### Release Notes

<details>
<summary>igorshubovych/markdownlint-cli (markdownlint-cli)</summary>

### [`v0.39.0`](https://github.com/igorshubovych/markdownlint-cli/releases/tag/v0.39.0): 0.39.0

[Compare Source](https://github.com/igorshubovych/markdownlint-cli/compare/v0.38.0...v0.39.0)

-   Update `markdownlint` dependency to `0.33.0`
    -   Add `MD055`/`table-pipe-style`, `MD056`/`table-column-count`
    -   Improve `MD005`/`MD007`/`MD024`/`MD026`/`MD038`
    -   Incorporate `micromark-extension-directive`
    -   Improve JSON schema, document validation
-   Handle trailing commas in JSONC configuration
-   Update all dependencies via `Dependabot`

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNDAuMTQiLCJ1cGRhdGVkSW5WZXIiOiIzNy4xNDAuMTQiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/614
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-02-17 21:24:38 +00:00
pat-s
829bca241d bump gitea to 1.21.5
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2024-02-01 14:11:32 +01:00
yardenshoham
6be4f8bb97 Remove outdated comment regarding Bitnami's charts (#608)
We use OCI charts from Bitnami, so this comment is no longer relevant

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/608
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: yardenshoham <yardenshoham@noreply.gitea.com>
Co-committed-by: yardenshoham <yardenshoham@noreply.gitea.com>
2024-01-26 16:27:49 +00:00
pat-s
aeea86b26a bump to gitea 1.21.4
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2024-01-22 10:45:18 +01:00
Oliver Fueckert
4ed7818ec2 Add labels to PVC manifest (#581)
Hi,

 In reference to #580

I noticed that one cannot apply labels to the created PVC with persistance.labels.

The label statement is missing in the template.

best regards,

Oliver.

**helm-chart/templates/gitea/pvc.yaml:**
```
{{- if and .Values.persistence.enabled .Values.persistence.create }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: {{ .Values.persistence.claimName }}
  namespace: {{ $.Release.Namespace }}
  annotations:
{{ .Values.persistence.annotations | toYaml | indent 4}}
spec:
...
```
**values.yaml:**

```
persistence:
    ## @param primary.persistence.enabled Enable PostgreSQL Primary data persistence using PVC
    ##
    enabled: true
    ## @param primary.persistence.existingClaim Name of an existing PVC to use
    ##
    existingClaim: ""
    ## @param primary.persistence.mountPath The path the volume will be mounted at
    ## Note: useful when using custom PostgreSQL images
    ##
    mountPath: /bitnami/postgresql
    ## @param primary.persistence.subPath The subdirectory of the volume to mount to
    ## Useful in dev environments and one PV for multiple services
    ##
    subPath: ""
    ## @param primary.persistence.storageClass PVC Storage Class for PostgreSQL Primary data volume
    ## If defined, storageClassName: <storageClass>
    ## If set to "-", storageClassName: "", which disables dynamic provisioning
    ## If undefined (the default) or set to null, no storageClassName spec is
    ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
    ##   GKE, AWS & OpenStack)
    ##
    storageClass: ""
    ## @param primary.persistence.accessModes PVC Access Mode for PostgreSQL volume
    ##
    accessModes:
      - ReadWriteOnce
    ## @param primary.persistence.size PVC Storage Request for PostgreSQL volume
    ##
    size: 8Gi
    ## @param primary.persistence.annotations Annotations for the PVC
    ##
    annotations: {}
    ## @param primary.persistence.labels Labels for the PVC
    ##
    labels: {}
```

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Co-authored-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/581
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Oliver Fueckert <oliver@cubinet.de>
Co-committed-by: Oliver Fueckert <oliver@cubinet.de>
2024-01-22 09:35:58 +00:00
florianspk
b84a431854 Storage Class don´t use global.storageClass (#601) (#602)
### Description of the change

The code change ensures proper usage of gitea.persistence.storageClass, improving configuration accuracy and code readability.

### Applicable issues

  - fixes #601

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/602
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: florianspk <florianspk@gmail.com>
Co-committed-by: florianspk <florianspk@gmail.com>
2024-01-22 09:33:07 +00:00
Renovate Bot
a1af5eab4e chore(deps): update subcharts (minor & patch) (#603)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-01-20 00:51:24 +00:00
Renovate Bot
f5ad4eb33d chore(deps): update subcharts (minor & patch) (#600)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-01-15 00:20:49 +00:00
remogeissbuehler
5dfaca13f2 Allowing Custom Labels in SVC Templates (#597)
### Description of the change
The change allows users of this chart to specify custom labels for the HTTP & SSH Services that get deployed. They are optional and if given are added to the standard list of labels.

### Benefits
Certain use cases require labelling services to be able to select them in other places. Specifiying them directly in the helm chart avoids having to label by hand everytime.

Concrete Use Case Example: Cilium Layer 2 Announcements require selecting services to announce via labels (see [docs](https://docs.cilium.io/en/stable/network/l2-announcements/#service-selector)). I would like to add a label to the SSH service, but not the HTTP Service (which is handled via an ingress).

### Possible drawbacks
I don't see any, using this feature is optional :)

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Breaking changes are documented in the `README.md`
- [X] Templating unittests are added

Co-authored-by: Remo Geissbühler <git@remogeissbuehler.ch>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/597
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: remogeissbuehler <remogeissbuehler@noreply.gitea.com>
Co-committed-by: remogeissbuehler <remogeissbuehler@noreply.gitea.com>
2024-01-13 09:58:30 +00:00
Renovate Bot
70e5da077a chore(deps): update dependency helm-unittest/helm-unittest to v0.4.1 (#599)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-01-13 00:35:47 +00:00
Renovate Bot
d7cba5443f chore(deps): update subcharts (minor & patch) (#594)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-01-07 01:56:33 +00:00
Renovate Bot
e9d401a9ee chore(deps): update dependency helm-unittest/helm-unittest to v0.4.0 (#595)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-01-07 01:35:43 +00:00
Renovate Bot
7b7789e65d chore(deps): update alpine/helm docker tag to v3.13.3 (#592)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-12-29 02:33:50 +00:00
Renovate Bot
8a191f0eca chore(deps): update subcharts (minor & patch) (#593)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-12-28 00:33:07 +00:00
pat-s
469eacaf1c bump to gitea 1.21.3
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-12-23 16:12:59 +01:00
justusbunsi
f0d0c00ed6 Properly sanitize gitea admin output (#590)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
### Description of the change

With https://github.com/go-gitea/gitea/pull/28390, Gitea 1.21.2 introduced warning log output within the result of `gitea admin <subcommand>` and therefore affects the current provisioning script.
That script previously assumed a clean result set and was therefore doomed to fail at _some_ point.

This introduces output sanitizing to trim such logs above the actual result table.

### Applicable issues

- fixes #589

### Additional information

The non-sanitized output were only an issue for admin account provisioning, and only when the username matched one of these words (in case of #589 it was `gitea`):
```text
.../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.
```

LDAP and OAuth sources were not affected by this particular log line, but also processed non-sanitized result sets. Changing their code is a precaution.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/590
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-12-21 07:59:18 +00:00
pat-s
323bcd7526 Bump Gitea to 1.21.2 (#588)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/588
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-12-18 08:51:39 +00:00
justusbunsi
59b246302b Properly distinguish predefined and custom env vars in environment-to-ini (#586)
### Description of the change

https://gitea.com/gitea/helm-chart/pulls/464#issuecomment-744656 was never taken into account. Somehow I missed that the PR was already merged when I replied.

### Benefits

Without this fix:

```text
Reloading preset envs...
  + 'GITEA_POSTGRESQL_HA_PGPOOL_SERVICE_PORT'
  + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP_PROTO'
  + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP_PROTO'
  + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT'
  + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP_PORT'
  + 'GITEA_APP_INI'
  + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP_ADDR'
  + 'GITEA_POSTGRESQL_HA_POSTGRESQL_SERVICE_HOST'
  + 'GITEA_WORK_DIR'
  + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT'
  + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP_ADDR'
  + 'GITEA_POSTGRESQL_HA_POSTGRESQL_SERVICE_PORT_POSTGRESQL'
  + 'GITEA_TEMP'
  + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP_PORT'
  + 'GITEA_POSTGRESQL_HA_PGPOOL_SERVICE_PORT_POSTGRESQL'
  + 'GITEA_POSTGRESQL_HA_POSTGRESQL_SERVICE_PORT'
  + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP'
  + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP'
  + 'GITEA_CUSTOM'
  + 'GITEA_POSTGRESQL_HA_PGPOOL_SERVICE_HOST'
  + 'GITEA__metrics__ENABLED'
=== All configuration sources loaded ===
```

With this fix:

```text
Reloading preset envs...
  + 'GITEA__metrics__ENABLED'
=== All configuration sources loaded ===
```

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/586
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-12-18 08:44:51 +00:00
pat-s
223069d042 Add config fallbacks for session, cache and queue when disabling redis-cluster (#585)
### Description of the change

Add config fallbacks for `session`, `cache` and `queue` including tests.

### Benefits

If users disable the default `redis-cluster` sub-chart dependency, this will configure the respective sections to use the Gitea defaults as listed in https://docs.gitea.com/next/administration/config-cheat-sheet.

### Possible drawbacks

Users will run on non-optimal settings for production without knowing their config.

### Applicable issues

  - fixes #584 #573 #489 #476 #468 #453

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Breaking changes are documented in the `README.md`
- [x] Templating unittests are added

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/585
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
2023-12-18 08:43:18 +00:00
Renovate Bot
060945a486 chore(deps): update postgresql-ha docker tag to v12.3.3 (#587)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-12-17 00:21:50 +00:00
pat-s
ff932a0bf9 Update README with new dependency versioning approach (#578)
As discussed in https://gitea.com/gitea/helm-chart/issues/572.

Also added a bit more context and updates to the overall "Dependencies" sections.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/578
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-12-13 16:56:02 +00:00
Renovate Bot
88a1650ce4 chore(deps): update postgresql docker tag to v13 (#579)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | major | `12.12.10` -> `13.2.24` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS40IiwidXBkYXRlZEluVmVyIjoiMzcuODMuMiIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/579
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-12-11 13:18:16 +00:00
Renovate Bot
d875809299 chore(deps): update dependency markdownlint-cli to ^0.38.0 (#583)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-12-11 00:13:00 +00:00
Renovate Bot
a1d9059e53 chore(deps): update postgresql-ha docker tag to v12.3.2 (#582)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-12-10 00:20:59 +00:00
Renovate Bot
7e403d5ef6 chore(deps): update postgresql-ha docker tag to v12 (#528)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `11.9.4` -> `12.3.1` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44LjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy43Ny4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/528
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-12-04 19:49:43 +00:00
pat-s
0081cabe0b Bump to 1.21.1 (#576)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Changelog: https://github.com/go-gitea/gitea/releases/tag/v1.21.1
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/576
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-11-27 21:00:37 +00:00
justusbunsi
b265d87f55 Improve experience on writing unittests (#570)
While working on #409, I noticed that some unittests contains either
invalid assertion methods (`isNotEmpty`) or invalid properties (`any`)
for a specific assertion method (`notContains`).

As our tests pass - and I have ensured that they can fail - this seems
related to the YAML schema validation in the IDE.

I've noticed that `isNotEmpty` was replaced by `isNotNullOrEmpty`[^1]
in version v0.3.2[^2]. At least from a schema validation point of view.
It is still working. Maybe deprecated? I don't know.

Regarding the `any` property, the documentation seems incorrect. I've
filed a PR for it[^3]. As soon as that PR is merged and released, we
could probably validate the test YAML files in our PR workflow.

Last, since we renovate the used helm-unittest version, we should also
renovate the used YAML schema file.

[^1]: https://github.com/helm-unittest/helm-unittest/pull/139
[^2]: https://github.com/helm-unittest/helm-unittest/releases/tag/v0.3.2
[^3]: https://github.com/helm-unittest/helm-unittest/pull/243

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/570
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
2023-11-27 18:38:14 +00:00
justusbunsi
8bcd2dc63b Detect major dependency version bumps (#571)
As seen in #507 and #569, there is no guarantee for us that minor
dependency updates are actually minor updates for the dependent
application itself. The Chart version might be minor - and therefore
automatically merged when build is green - but the used Docker image
inside the Chart could still be a major version change.

To effectively prevent such automerge when the application major version
changes, there is now a test file that has the currently used major
versions hard-coded. In case of an actual major bump, this file has to
be adjusted.

Looking at `redis-cluster`, there might be several major Chart versions
with the same major application version.

This PR is related to #409 but does not fully resolve it.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/571
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
2023-11-27 18:36:47 +00:00
justusbunsi
34c1212939 Use helm dependency build in release build (#563)
Using `helm dependency update` may result in unwillingly updating the
dependencies while cutting a release. I wasn't able to do so. Most
likely due to the dependency pinning in Chart.yaml and Chart.lock.

Based on Helm documentation, `update` uses Chart.yaml[^1] while `build`
uses Chart.lock[^2].
All in all it is safer to use `helm dependency build`. :D

[^1]: https://helm.sh/docs/helm/helm_dependency_update/
[^2]: https://helm.sh/docs/helm/helm_dependency_build/

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/563
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
2023-11-27 18:35:42 +00:00
Renovate Bot
5c4bcaa1e3 chore(config): migrate renovate config (#575)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-11-25 04:10:18 +00:00
pat-s
f7d661ee3a fix release workflow
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-11-16 22:07:25 +01:00
justusbunsi
6c0699e86e Switch imagePullPolicy to "IfNotPresent" (#568)
### Benefits

Less image pulls.

### Additional information

committed via GUI - so no signature on first commit.

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/568
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-11-16 21:00:39 +00:00
pat-s
d52ead0be7 Renovate: run tests on branches, group deps and adjust schedule to weekends (#556)
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/556
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-11-16 20:45:10 +00:00
pat-s
ead62a0dbc Bump to 1.21.0 (#566)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/566
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-11-16 20:42:17 +00:00
pat-s
7eea1acf05 chore: reduce redis-cluster pods and move HA out of "experimental" state (#565)
The pod reduction for `redis-cluster` should help users seeking for a Gitea deployment with less pods. Users seeking for a minimal deployment are further advised to follow https://gitea.com/gitea/helm-chart#user-content-single-pod-configurations.

HA is working fine in the provided configuration and should be moved out of the "experimental" state given that there were no reports of Gitea malfunctioning reported to HA usage in recent months/since v9 release.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/565
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-11-16 10:14:34 +00:00
pat-s
dcf1891edd Publish chart on Dockerhub (#525)
As title.

Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/525
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
2023-11-14 23:27:27 +00:00
justusbunsi
7499fecc1a Fix domain macro (#560)
### Description of the change

This supersedes #359 by fixing the fallback domain value when no ingress host is defined.

Memcached is not used anymore. PostgreSQL macro has already been fixed otherwise.

### Checklist

- [x] Templating unittests are added

Co-authored-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/560
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-11-14 22:23:01 +00:00
TristanHoladay
3cf91bf6e7 Add image.fullOverride (#550)
### Description of the change

This PR is a continuation of the work done by @dgershman in [534](https://gitea.com/gitea/helm-chart/pulls/534), to allow users to override the image from the default rootless behavior of appending `-rootless` to the end of the image tag.

### Benefits

Allows more flexibility to use externally maintained images that are rootless but don't follow the `-rootless` tag convention.

### Applicable issues

- fixes #532

### Additional information

No breaking changes. This does not affect the `image.rootless` conditional checks or the current behavior if someone still wants to rely on the chart to append `-rootless`.

### Checklist

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Breaking changes are documented in the `README.md`
- [x] Templating unittests are added

Co-authored-by: TristanHoladay <40547442+TristanHoladay@users.noreply.github.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/550
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: TristanHoladay <tristanholaday@noreply.gitea.com>
Co-committed-by: TristanHoladay <tristanholaday@noreply.gitea.com>
2023-11-14 21:42:26 +00:00
Renovate Bot
23847eba1c chore(deps): update redis-cluster docker tag to v9.1.3 (#561)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-11-14 00:15:26 +00:00
Renovate Bot
bc872acdd3 chore(deps): update alpine/helm docker tag to v3.13.2 (#562)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| alpine/helm |  | minor | `3.12.3` -> `3.13.2` |
| alpine/helm | container | minor | `3.12.3` -> `3.13.2` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/562
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-11-13 17:19:31 +00:00
Ceddaerrix
7de8e83433 Further improvement on DRY principle support (#529)
### Description of the change

- Adding TPL use into './templates/_helpers.tpl' in "gitea.inline_configuration.defaults.server" since '.Values.ingress.hosts' referred

### Benefits

- Avoid error in deployment using Gitea CHart 9.5.0 such as "Invalid ROOT_URL 'https://{{ .Values.global.giteaHostName }}': parse "https://{{ .Values.global.giteaHostName }}": invalid character "{" in host name"

### Possible drawbacks

N/A

### Applicable issues

 - fixes #530

### Checklist

- [x] Fixing './templates/_helpers.tpl' "gitea.inline_configuration.defaults.server
- [x] Templating unittests are added

Co-authored-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: 212597596 <cedric.henry@ge.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/529
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
2023-11-06 19:03:46 +00:00
Renovate Bot
41e389c7cd chore(deps): update dependency helm-unittest/helm-unittest to v0.3.6 (#554)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [helm-unittest/helm-unittest](https://github.com/helm-unittest/helm-unittest) | patch | `0.3.4` -> `v0.3.6` |

---

### Release Notes

<details>
<summary>helm-unittest/helm-unittest (helm-unittest/helm-unittest)</summary>

### [`v0.3.6`](https://github.com/helm-unittest/helm-unittest/releases/tag/v0.3.6)

[Compare Source](https://github.com/helm-unittest/helm-unittest/compare/v0.3.5...v0.3.6)

**Added Features**

-   Added templated Test Suites, to make re-usable tests possible (credits [@&#8203;hanseltime](https://github.com/hanseltime), resolves [#&#8203;57](https://github.com/helm-unittest/helm-unittest/issues/57), resolves [#&#8203;186](https://github.com/helm-unittest/helm-unittest/issues/186))

**Improvements**

-   Optimize installation (resolves [#&#8203;176](https://github.com/helm-unittest/helm-unittest/issues/176), resolves [#&#8203;214](https://github.com/helm-unittest/helm-unittest/issues/214), resolves [#&#8203;225](https://github.com/helm-unittest/helm-unittest/issues/225))

**Fixes**

-   Fix incorrect filtering template files (resolves [#&#8203;219](https://github.com/helm-unittest/helm-unittest/issues/219))
-   Fix snapshot validator with Empty documents (credits [@&#8203;matthyx](https://github.com/matthyx))
-   Fix inconsistent results lengthEqual validator (credits [@&#8203;hanseltime](https://github.com/hanseltime))
-   Fix global values (credit [@&#8203;zidoshare](https://github.com/zidoshare), resolves [#&#8203;215](https://github.com/helm-unittest/helm-unittest/issues/215))

**Updates**

-   Update packages to latest patch versions
-   Update documenation

### [`v0.3.5`](https://github.com/helm-unittest/helm-unittest/releases/tag/v0.3.5)

[Compare Source](https://github.com/helm-unittest/helm-unittest/compare/v0.3.4...v0.3.5)

**Fixes**

-   Fix recursive subchart testing (credits [@&#8203;zidoshare](https://github.com/zidoshare), resolves [#&#8203;206](https://github.com/helm-unittest/helm-unittest/issues/206))
-   Fix old containsDocument behaviour to ignore other documents in multidocument validation (resolves [#&#8203;205](https://github.com/helm-unittest/helm-unittest/issues/205))
-   Fix failed_template to also work when empty documents are found (resolves [#&#8203;191](https://github.com/helm-unittest/helm-unittest/issues/191))
-   Fix failed_template multi colon handling (resolves [#&#8203;200](https://github.com/helm-unittest/helm-unittest/issues/200))
-   Fix glob all valid filenames (resolves [#&#8203;201](https://github.com/helm-unittest/helm-unittest/issues/201))

**Updates**

-   Update packages to latest patch versions
-   Update documenation (thanks to [@&#8203;yariksheptykin](https://github.com/yariksheptykin))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NC4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDQuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/554
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-11-06 08:05:05 +00:00
Renovate Bot
82dc077673 chore(deps): update redis-cluster docker tag to v9.1.1 (#555)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-11-06 00:17:45 +00:00
Renovate Bot
ebc4600920 chore(deps): update dependency @bitnami/readme-generator-for-helm to v2.6.0 (#546)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [@bitnami/readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) | devDependencies | minor | [`2.5.2` -> `2.6.0`](https://renovatebot.com/diffs/npm/@bitnami%2freadme-generator-for-helm/2.5.2/2.6.0) |

---

### Release Notes

<details>
<summary>bitnami-labs/readme-generator-for-helm (@&#8203;bitnami/readme-generator-for-helm)</summary>

### [`v2.6.0`](https://github.com/bitnami-labs/readme-generator-for-helm/releases/tag/2.6.0)

[Compare Source](https://github.com/bitnami-labs/readme-generator-for-helm/compare/2.5.2...2.6.0)

##### Description of the changes

This new version allows setting a default value for a parameter using the default modifier

##### Issues and PRs

-   [#&#8203;78](https://github.com/bitnami-labs/readme-generator-for-helm/issues/78)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yOC4wIiwidXBkYXRlZEluVmVyIjoiMzcuMzQuMyIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/546
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-11-01 08:34:47 +00:00
Renovate Bot
f3abf73ebc chore(deps): update redis-cluster docker tag to v9.0.13 (#547)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-10-24 00:07:01 +00:00
Renovate Bot
3707755373 chore(deps): update redis-cluster docker tag to v9.0.12 (#511)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-10-16 00:05:56 +00:00
Renovate Bot
074def2acc chore(deps): update postgresql docker tag to v12.12.10 (#521)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-10-15 01:15:46 +00:00
pat-s
a249229ccf Downgrade postgresql-ha to 11.9.4 (#541)
As 11.9.8 included (by mistake) a major version bump from 15 -> 16

https://github.com/bitnami/charts/issues/19596

Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/541
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-10-14 16:30:51 +00:00
justusbunsi
b68b9d91cf [postgresql-ha] Use pgpool service as db connection proxy (#542)
### Description of the change

The `postgresql-ha` provides a dedicated deployment and service called `pgpool`. This application is a proxy that routes the db queries to the active database replica. There's a note about that in their README[^1].

Issue #502 is a side-effect of not using that proxy.

### Possible drawbacks

Using the Charts' default configuration, the `pgpool` deployment has 1 replica, making this a single-point of failure. But users can change the related `postgresql-ha.pgpool.replicaCount` to their needs.

### Applicable issues

- fixes #502

### Checklist

- [x] Templating unittests are added

[^1]: https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/templates/postgresql/statefulset.yaml#introduction

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/542
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-10-14 16:05:59 +00:00
Renovate Bot
0cc8c6d558 chore(deps): update postgresql-ha docker tag to v11.9.8 (#507)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-10-14 00:14:31 +00:00
justusbunsi
64c6d80dcf Add .vscode profile for easier contributions (#536)
### Description of the change

This adds a `.vscode` folder with recommended extensions and some useful settings like unittest schema validation.
The `.vscode` folder is already helm ignored during packaging.

### Possible drawbacks

We would have to be careful about PR changes in that directory.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/536
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-10-13 19:20:26 +00:00
justusbunsi
eb17917b53 Bump helm-unittest to 0.3.4 (#537)
There is a regression that prevents us from going directly to 0.3.5.
To prevent the upcoming Renovate PR for 0.3.5 being stuck until 0.3.6,
we can use 0.3.4 until a working version is released.
The Renovate PR for 0.3.5 can then be closed directly so that Renovate
ignores that version.

https://github.com/helm-unittest/helm-unittest/issues/219

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/537
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-10-13 19:20:01 +00:00
justusbunsi
7d96eb2940 Tell Renovate to use kind/dependency label (#538)
As title. I think using that label helps categorizing Pull Requests.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/538
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-10-13 19:19:06 +00:00
justusbunsi
ca903c9cf3 Fix helm dependency build once and for all (#535)
### Description of the change

We are affected by a regression of a Helm bug from May 2023. I've tested
the Helm versions 3.13.1, 3.13.0 and 3.12.3. Both 3.13.x are affected.
3.12.3 works. So let's downgrade and drop the docker login in PR builds.

I've also switched the `apt install helm` with an official `alpine/helm`
image I am using at work. Pinning the helm version and receiving updates
helps us identifying such issues in the future.

For the release workflow I was a bit more reluctant with changes, since
I cannot easily test them. That's why I just pinned the Helm version.

Renovate will provide one PR changing both files because it's the same
dependency (alpine/helm) from the same datasource (docker).

https://github.com/helm/helm/issues/12062

### Applicable issues

- implicitly fixes #527

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/535
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-10-13 16:04:27 +00:00
Renovate Bot
40751af5c7 chore(deps): update dependency @bitnami/readme-generator-for-helm to v2.5.2 (#533)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [@bitnami/readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) | devDependencies | patch | [`2.5.1` -> `2.5.2`](https://renovatebot.com/diffs/npm/@bitnami%2freadme-generator-for-helm/2.5.1/2.5.2) |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/533
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-10-12 04:27:39 +00:00
pat-s
226564b74d Add single-pod configuration examples to README (#531)
Relates to #524, #515.

Both examples have been tested on a k8s dev install locally by deploying in a fresh namespace.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/531
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-10-11 19:04:37 +00:00
pat-s
9802e9ae41 Login to docker to fix workflow (#526)
Same as for the release workflow.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/526
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-10-10 19:48:00 +00:00
pat-s
7d2a375685 fix workflow secrets
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-10-05 21:40:40 +02:00
pat-s
ef4e0dc77d refine 2023-10-05 21:38:19 +02:00
pat-s
cbaad0ed8f add gpg key first 2023-10-05 21:35:51 +02:00
pat-s
d2598c6161 remove sudo 2023-10-05 21:33:39 +02:00
pat-s
183b54fc27 add docker apt repo 2023-10-05 21:32:54 +02:00
pat-s
cd4271a1ad install docker-ce-cli 2023-10-05 21:29:09 +02:00
pat-s
dc8a2bd667 login as the first action 2023-10-05 21:27:16 +02:00
pat-s
c1c186b901 login to docker before packaging chart 2023-10-05 21:24:10 +02:00
techknowlogick
1551065946 bump to gitea 1.20.5 2023-10-03 17:40:34 +00:00
pat-s
1f72352f14 renovate: set automergeStrategy 2023-09-27 09:42:41 +02:00
mmalyska
7a9df83d18 Update readme with renovate configuration for digest updates (#514)
### Description of the change

Update README with information how to configure renovate to update digest for gitea charts.

### Benefits

Automatic digest updates for people using renovate.

Co-authored-by: Michał Małyska <999598+mmalyska@users.noreply.github.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/514
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: mmalyska <mmalyska@noreply.gitea.com>
Co-committed-by: mmalyska <mmalyska@noreply.gitea.com>
2023-09-27 07:31:52 +00:00
Renovate Bot
c2b0b677c1 chore(deps): update actions/checkout action to v4 (#509)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-09-25 03:41:55 +00:00
Renovate Bot
ffbec41c88 chore(deps): update dependency markdownlint-cli to ^0.37.0 (#517)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-09-24 17:58:16 +00:00
Renovate Bot
74cec11931 chore(deps): update postgresql docker tag to v12.12.5 (#506)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-09-24 17:55:21 +00:00
Ceddaerrix
5e76871731 Improving DRY principle support on gitea Ingress host name (#498)
### Description of the change

Introducing `tpl` function on variables related to hostname in `./templates/gitea/ingress.yaml`

### Benefits

The change is intending to support the following syntax in a values.yaml such as:
```
global:
  giteaHostName: "gitea.my-org.com"

ingress:
  enabled: true
  hosts:
    - host: "{{ .Values.global.giteaHostName }}"
      paths:
        - path: /
          pathType: Prefix
  tls:
      - secretName: gitea-tls
        hosts:
          - "{{ .Values.global.giteaHostName }}"
```

### Possible drawbacks

N/A

### Applicable issues

N/A

### Additional information

N/A

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/498
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
2023-09-22 15:09:13 +00:00
pat-s
453ab0e211 json5 2023-09-15 09:12:22 +01:00
pat-s
c6887fde0a fix renovate config 2023-09-15 09:11:53 +01:00
pat-s
08c50abba9 Update helm deps weekly (#510)
As title. This modification should only apply the minor+patch updates for the helm deps of this chart on a weekly basis. Major updates should still come in with the daily renovate runs.

Automerge is included but won't work as the bot cannot self-approve it's PRs and does not have merge permissions yet.
The only way this might work if we allow the bot to push to a branch only and merge without opening a PR.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/510
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-09-14 16:48:36 +00:00
Renovate Bot
779563141d chore(deps): update redis-cluster docker tag to v9 (#504)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [redis-cluster](https://github.com/bitnami/charts) | major | `8.8.2` -> `9.0.4` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi43OS4xIiwidXBkYXRlZEluVmVyIjoiMzYuODkuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/504
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-09-13 07:48:55 +00:00
pat-s
0e5bccd732 Add support for image.digest (#444)
fix #398

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/444
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-09-09 15:36:19 +00:00
justusbunsi
95d5fb209b Disable Docker digest pinning (#508)
As per conversation in Discord.

https://docs.renovatebot.com/configuration-options/#pindigests

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/508
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-09-09 14:11:47 +00:00
techknowlogick
88d0f132d1 pin docker digests 2023-09-08 18:10:31 +00:00
pat-s
eb13916386 Gitea 1.20.4
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-09-08 15:03:50 +02:00
Renovate Bot
38776e2b51 chore(deps): update postgresql docker tag to v12.10.1 (#505)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) | patch | `12.10.0` -> `12.10.1` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi43OS4xIiwidXBkYXRlZEluVmVyIjoiMzYuNzkuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/505
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-09-07 02:23:12 +00:00
Renovate Bot
74fef7e4c6 chore(deps): update redis-cluster docker tag to v8.8.2 (#503)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [redis-cluster](https://github.com/bitnami/charts) | minor | `8.6.9` -> `8.8.2` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi43OS4xIiwidXBkYXRlZEluVmVyIjoiMzYuNzkuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/503
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-09-06 03:29:23 +00:00
Renovate Bot
054ee87a8c chore(deps): update dependency markdownlint-cli to ^0.36.0 (#500)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | devDependencies | minor | [`^0.35.0` -> `^0.36.0`](https://renovatebot.com/diffs/npm/markdownlint-cli/0.35.0/0.36.0) |

---

### Release Notes

<details>
<summary>igorshubovych/markdownlint-cli (markdownlint-cli)</summary>

### [`v0.36.0`](https://github.com/igorshubovych/markdownlint-cli/releases/tag/v0.36.0): 0.36.0

[Compare Source](https://github.com/igorshubovych/markdownlint-cli/compare/v0.35.0...v0.36.0)

-   Update `markdownlint` dependency to `0.30.0`
    -   Use `micromark` in MD022/MD026/MD032/MD037/MD045/MD051
    -   Incorporate `micromark-extension-math` for math syntax
    -   Allow custom rules to override information URL
-   Update all dependencies via `Dependabot`

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi43OS4xIiwidXBkYXRlZEluVmVyIjoiMzYuNzkuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/500
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-09-05 07:16:15 +00:00
Renovate Bot
07fe17caf4 chore(deps): update postgresql-ha docker tag to v11.9.2 (#499)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) | patch | `11.9.0` -> `11.9.2` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi43OS4xIiwidXBkYXRlZEluVmVyIjoiMzYuNzkuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/499
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-09-05 07:15:49 +00:00
justusbunsi
0d9d6bcbb2 Extends centralized renovate configuration
Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-09-05 08:43:24 +02:00
justusbunsi
28bd87b5a9 Use modern renovate.json5 file
Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-09-05 08:35:29 +02:00
pat-s
30000677d7 update chart.lock
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-08-31 19:12:49 +02:00
tobiasbp
1550f9b4e0 Quote values for ingress annotations as discussed in #483 (#497)
Quote all values for Ingress annotations as discussed in https://gitea.com/gitea/helm-chart/issues/483
Annotations are currently not quoted, and can not be set to non-string values using the _--set_ with _helm_ (see examples in issue).

Annotations for ingress-nginx MUST be quoted: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md#annotations

```
!!! tip Annotation keys and values can only be strings. Other types, such as boolean or numeric values must be quoted, i.e. "true", "false", "100".
```

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/497
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: tobiasbp <tobiasbp@noreply.gitea.com>
Co-committed-by: tobiasbp <tobiasbp@noreply.gitea.com>
2023-08-31 17:07:45 +00:00
Renovate Bot
3276f1e76d Update postgresql Docker tag to v12.10.0 (#495)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| postgresql | minor | `12.6.6` -> `12.10.0` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xMTguMCIsInVwZGF0ZWRJblZlciI6IjM1LjExOC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/495
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-08-31 11:35:49 +00:00
Renovate Bot
22872112cd Update postgresql-ha Docker tag to v11.9.0 (#496)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| postgresql-ha | minor | `11.7.9` -> `11.9.0` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xMTguMCIsInVwZGF0ZWRJblZlciI6IjM1LjExOC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/496
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-08-31 11:35:23 +00:00
Renovate Bot
3dd6632c5f Update dependency markdownlint-cli to ^0.35.0 (#494)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | devDependencies | minor | [`^0.34.0` -> `^0.35.0`](https://renovatebot.com/diffs/npm/markdownlint-cli/0.34.0/0.35.0) |

⚠️ Release Notes retrieval for this PR were skipped because no github.com credentials were available.
If you are self-hosted, please see [this instruction](https://github.com/renovatebot/renovate/blob/master/docs/usage/examples/self-hosting.md#githubcom-token-for-release-notes).

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [x] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xMTguMCIsInVwZGF0ZWRJblZlciI6IjM1LjExOC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/494
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-08-30 07:14:45 +00:00
Renovate Bot
ff83bab0e2 Update dependency @bitnami/readme-generator-for-helm to v2.5.1 (#493)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [@bitnami/readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) | devDependencies | patch | [`2.5.0` -> `2.5.1`](https://renovatebot.com/diffs/npm/@bitnami%2freadme-generator-for-helm/2.5.0/2.5.1) |

⚠️ Release Notes retrieval for this PR were skipped because no github.com credentials were available.
If you are self-hosted, please see [this instruction](https://github.com/renovatebot/renovate/blob/master/docs/usage/examples/self-hosting.md#githubcom-token-for-release-notes).

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xMTguMCIsInVwZGF0ZWRJblZlciI6IjM1LjExOC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/493
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-08-30 07:04:59 +00:00
Renovate Bot
7604d5606f Configure Renovate (#492)
Welcome to [Renovate](https://github.com/renovatebot/renovate)! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---
### Detected Package Files

 * `values.yaml` (helm-values)
 * `Chart.yaml` (helmv3)
 * `package.json` (npm)

### What to Expect

With your current configuration, Renovate will create 6 Pull Requests:

<details>
<summary>Update dependency @&#8203;bitnami/readme-generator-for-helm to v2.5.1</summary>

  - Schedule: ["at any time"]
  - Branch name: `renovate/bitnami-readme-generator-for-helm-2.x-lockfile`
  - Merge into: `main`
  - Upgrade [@bitnami/readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) to `2.5.1`

</details>

<details>
<summary>Update dependency markdownlint-cli to ^0.35.0</summary>

  - Schedule: ["at any time"]
  - Branch name: `renovate/markdownlint-cli-0.x`
  - Merge into: `main`
  - Upgrade [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) to `^0.35.0`

</details>

<details>
<summary>Update postgresql Docker tag to v12.10.0</summary>

  - Schedule: ["at any time"]
  - Branch name: `renovate/postgresql-12.x`
  - Merge into: `main`
  - Upgrade postgresql to `12.10.0`

</details>

<details>
<summary>Update postgresql-ha Docker tag to v11.9.0</summary>

  - Schedule: ["at any time"]
  - Branch name: `renovate/postgresql-ha-11.x`
  - Merge into: `main`
  - Upgrade postgresql-ha to `11.9.0`

</details>

<details>
<summary>Update redis-cluster Docker tag to v8.8.2</summary>

  - Schedule: ["at any time"]
  - Branch name: `renovate/redis-cluster-8.x`
  - Merge into: `main`
  - Upgrade redis-cluster to `8.8.2`

</details>

<details>
<summary>Update redis-cluster Docker tag to v9</summary>

  - Schedule: ["at any time"]
  - Branch name: `renovate/redis-cluster-9.x`
  - Merge into: `main`
  - Upgrade redis-cluster to `9.0.1`

</details>

<br />

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for `prhourlylimit` for details.

---

 Got questions? Check out Renovate's [Docs](https://docs.renovatebot.com/), particularly the Getting Started section.
If you need any further assistance then you can also [request help here](https://github.com/renovatebot/renovate/discussions).

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/492
Reviewed-by: Jason Song <i@wolfogre.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2023-08-30 06:42:34 +00:00
pat-s
1331ae5e96 Fix GIT_GC_CHECK for multiple replicas (#490)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
### Benefits

Asserting the value existence failed previously.

### Applicable issues

fixes #488

### Additional information

No unit tests possible as value is parsed as a secret and then into `app.ini`.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/490
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-08-27 12:05:56 +00:00
techknowlogick
35fcb41ce2 1.20.3
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-08-21 16:07:51 +00:00
pat-s
9e00bff9bd add upgrade note WRT to rootless image switch 2023-08-21 16:27:02 +02:00
Lunny Xiao
5e148748ce Update documentations link to new addresses and some other links update (#482)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/482
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-committed-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-08-03 07:25:52 +00:00
pat-s
1ea6cb4633 1.20.2
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-07-31 09:04:23 +02:00
pat-s
478fd6044e add minimal config example
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-07-22 14:06:08 +02:00
pat-s
860c2ce542 Auto-configure non-postgresql DNS and assert single PG instance (#478)
### Description of the change

Before only `postgresql-ha` was auto-configured WRT to DNS.

### Benefits

Add DNS auto-config for `postgresql` dependency and assert that either `postgresql` or `postgresql-ha` is enabled.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/478
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-07-22 11:46:44 +00:00
pat-s
269ca48586 1.20.1 2023-07-22 10:50:27 +02:00
pat-s
9dda709997 update terraform custom theme instructions 2023-07-20 09:51:13 +02:00
pat-s
aa8f543c08 bump to 1.20 nightly for env-to-ini fix
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-07-19 23:08:55 +02:00
pat-s
a5884ec67f readd missing postgresql password for db 2023-07-19 23:05:52 +02:00
pat-s
81612bd788 Update default params of chart dependencies (#473)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
### Description of the change

Update default params of chart dependencies. Tested with multiple upgrades and fresh installations.
Using no password auth for redis simplifies things for basic installations. Production installations should properly configure auth as they need it.

### Benefits

To avoid/solve upgrading issues as in #407 and #472

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/473
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-07-19 15:16:45 +00:00
pat-s
565cbaf292 Expose persistence.volumeName (#471)
### Benefits

possibly fix #470

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/471
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-07-19 12:37:53 +00:00
pat-s
19841604f7 use redis-cluster instead of redis 2023-07-19 09:57:44 +02:00
pat-s
29c9bbb4bf postgresql-ha: provide defaults for postgresPassword and repmgrPassword due to upstream bug
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-07-18 20:06:16 +02:00
pat-s
75893ad9c6 add explicit config example for session, cache and queue to migration instructions 2023-07-18 19:28:40 +02:00
pat-s
a247071b07 don't condition session config on multiple replicas 2023-07-18 19:22:51 +02:00
pat-s
5f8de23c15 remove "auth" mapping in helpers.tpl 2023-07-18 19:16:33 +02:00
pat-s
c6fbb6d72e adjust postgresql-ha service port mappings 2023-07-18 19:07:33 +02:00
pat-s
f108be0cd6 fix postgresql.dns 2023-07-18 18:50:18 +02:00
pat-s
dc6bab1958 another index 2023-07-18 18:34:56 +02:00
pat-s
de1d5af8c8 more postgresql-ha adjustments 2023-07-18 18:31:58 +02:00
pat-s
46fb4d8026 use index function for helm 2023-07-18 18:23:29 +02:00
pat-s
3a9e60ce40 fix postgresql.dns definition in helpers.tpl 2023-07-18 18:10:38 +02:00
pat-s
de5a6edbc8 lint 2023-07-18 08:27:11 +02:00
yinheli
2ded843924 fix: Deployment has no field serviceName #466 (#467)
<!--
 Before you open the request please review the following guidelines and tips to help it be more easily integrated:

 - Describe the scope of your change - i.e. what the change does.
 - Describe any known limitations with your change.
 - Please run any tests or examples that can exercise your modified code.

 Thank you for contributing! We will try to review, test and integrate the change as soon as we can.
 -->

### Description of the change

<!-- Describe the scope of your change - i.e. what the change does. -->

remove deployment, `serviceName`

### Benefits

<!-- What benefits will be realized by the code change? -->

### Possible drawbacks

<!-- Describe any known limitations with your change -->

### Applicable issues

<!-- Enter any applicable Issues here (You can reference an issue using #). Please remove this section if there is no referenced issue. -->
  - fixes #466

### Additional information

<!-- If there's anything else that's important and relevant to your pull request, mention that information here. Please remove this section if it remains empty. -->

### ⚠ BREAKING

<!-- If there's a breaking change, please shortly describe in which way users are affected and how they can mitigate it. If there are no breakings, please remove this section. -->

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Breaking changes are documented in the `README.md`
- [x] Templating unittests are added

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/467
Co-authored-by: yinheli <me@yinheli.com>
Co-committed-by: yinheli <me@yinheli.com>
2023-07-18 06:25:38 +00:00
pat-s
ede76d4b68 update helm deps and add makefile rule
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
2023-07-17 21:26:45 +02:00
pat-s
00433b97c4 add release process to contributing 2023-07-17 21:19:48 +02:00
pat-s
a20c014e49 add env-to-ini prefix to upgrading notes 2023-07-17 21:17:26 +02:00
pat-s
950e46ce44 add experimental note 2023-07-17 21:13:01 +02:00
pat-s
8e27bb9bae [Breaking] Add HA-support; switch to Deployment (#437)
# Changes

A big shoutout to @luhahn for all his work in #205 which served as the base for this PR.

## Documentation

- [x] After thinking for some time about it, I still prefer the distinct option (as started in #350), i.e. having a standalone "HA" doc under `docs/ha-setup.md` to not have a very long README (which is already quite long).
      Most of the information below should go into it with more details and explanations behind all of the individual components.

## Chart deps

~~- Adds `meilisearch` as a chart dependency for a HA-ready issue indexer. Only works with >= Gitea 1.20~~
~~- Adds `redis` as a chart dependency for a HA-ready session and queue store.~~
- Adds `redis-cluster` as a chart dependency for a HA-ready session and queue store (alternative to `redis`). Only works with >= Gitea 1.19.2.
- Removes `memcached` instead of `redis-cluster`
- Add `postgresql-ha` as default DB dep in favor of `postgres`

## Adds smart HA chart logic

The goal is to set smart config values that result in a HA-ready Gitea deployment if `replicaCount` > 1.

- If `replicaCount` > 1,
  - `gitea.config.session.PROVIDER` is automatically set to `redis-cluster`
  - `gitea.config.indexer.REPO_INDEXER_ENABLED` is automatically set to `false` unless the value is `elasticsearch` or `meilisearch`
  - `redis-cluster` is used for `[queue]` and `[cache]` and `[session]`mode or not

Configuration of external instances of `meilisearch` and `minio` are documented in a new markdown doc.

## Deployment vs Statefulset

Given all the discussions about this lately (#428), I think we could use both.
In the end, we do not have the requirement for a sequential pod scale up/scale down as it would happen in statefulsets.
On the other side, we do not have actual stateless pods as we are attaching a RWX to the deployment.
Yet I think because we do not have a leader-election requirement, spawning the pods as a deployment makes "Rolling Updates" easier and also signals users that there is no "leader election" logic and each pod can just be "destroyed" at anytime without causing interruption.

Hence I think we should be able to switch from a statefulset to a deployment, even in the single-replica case.

This change also brought up a templating/linting issue: the definition of `.Values.gitea.config.server.SSH_LISTEN_PORT` in `ssh-svc.yaml` just "luckily" worked so far due to naming-related lint processing. Due to the change from "statefulset" to "deployment", the processing queue changed and caused a failure complaining about `config.server.SSH_LISTEN_PORT` not being defined yet.
The only way I could see to fix this was to "properly" define the value in `values.yaml` instead of conditionally definining it in `helpers.tpl`. Maybe there's a better way?

## Chart PVC Creation

I've adapted the automated PVC creation from another chart to be able to provide the `storageClassName` as I couldn't get dynamic provisioning for EFS going with the current implementation.
In addition the naming and approach within the Gitea chart for PV creation is a bit unusual and aligning it might be beneficial.

A semi-unrelated change which will result in a breaking change for existing users but this PR includes a lot of breaking changes already, so including another one might not make it much worse...

- New `persistence.mount`: whether to mount an existing PVC (via `persistence.existingClaim`
- New `persistence.create`: whether to create a new PVC

## Testing

As this PR does a lot of things, we need proper testing.
The helm chart can be installed from the Git branch via `helm-git` as follows:

```
helm repo add gitea-charts git+https://gitea.com/gitea/helm-chart@/?ref=deployment
helm install gitea --version 0.0.0
```
It is **highly recommended** to test the chart in a dedicated namespace.

I've tested this myself with both `redis` and `redis-cluster` and it seemed to work fine.
I just did some basic operations though and we should do more niche testing before merging.

Examplary `values.yml` for testing (only needs a valid RWX storage class):

<details>

<summary>values.yaml</summary>

```yml
image:
  tag: "dev"
  PullPolicy: "Always"
  rootless: true

replicaCount: 2

persistence:
  enabled: true
  accessModes:
    - ReadWriteMany
  storageClass: FIXME

redis-cluster:
  enabled: false
  global:
    redis:
      password: gitea

gitea:
  config:
    indexer:
      ISSUE_INDEXER_ENABLED: true
      REPO_INDEXER_ENABLED: false
```
</details>

## Preferred setup

The preferred HA setup with respect to performance and stability might currently be as follows:

- Repos: RWX (e.g. EFS or Azurefiles NFS)
- Issue indexer: Meilisearch (HA)
- Session and cache: Redis Cluster (HA)
- Attachments/Avatars: Minio (HA)

This will result in a ~ 10-pod HA setup overall.
All pods have very low resource requests.

fix #98

Co-authored-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/437
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-07-17 19:09:42 +00:00
pat-s
f66a192d45 document env-to-ini env saving 2023-07-17 07:42:51 +02:00
techknowlogick
6814f7f6d9 bump 1.20.0 2023-07-17 01:26:32 +00:00
pat-s
cab7f3d0b5 Change env-to-ini prefix and remove custom prefix (#464)
### Description of the change

Change env-to-ini prefix and remove custom prefix.
`GITEA` is the default prefix.

### Benefits

Compatibility wit v1.20 (`-p` got removed)

### Possible drawbacks

None

### Additional information

See https://github.com/go-gitea/gitea/pull/25799

Tested with Gitea < 1.20 and >= 1.20

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/464
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-07-16 22:00:46 +00:00
techknowlogick
ca76cc571c bump 1.19.4 2023-07-12 05:20:01 +00:00
pat-s
868c029e4d Document how to add custom themes (#460)
<!--
 Before you open the request please review the following guidelines and tips to help it be more easily integrated:

 - Describe the scope of your change - i.e. what the change does.
 - Describe any known limitations with your change.
 - Please run any tests or examples that can exercise your modified code.

 Thank you for contributing! We will try to review, test and integrate the change as soon as we can.
 -->

### Description of the change

Add documentation how to add custom themes

### Benefits

<!-- What benefits will be realized by the code change? -->

### Possible drawbacks

<!-- Describe any known limitations with your change -->

### Applicable issues

<!-- Enter any applicable Issues here (You can reference an issue using #). Please remove this section if there is no referenced issue. -->
  - fixes #301

### Additional information

<!-- If there's anything else that's important and relevant to your pull request, mention that information here. Please remove this section if it remains empty. -->

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Breaking changes are documented in the `README.md`
- [x] Templating unittests are added

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/460
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-06-28 06:57:19 +00:00
pat-s
81252dcb18 Add toc to README and lint contributing.md (#461)
### Description of the change

- Add ToC to README for easier navigation (and add note to `contributing.md`)
- Fix some heading levels in README
- Put upgrading notes into collapsible blocks
- Format `contributing.md` according to MD rules
- Allow `details` and `summary` elements in README
- Allow for longer headings

### Benefits

Better documentation

### Possible drawbacks

None

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/461
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-06-28 06:54:22 +00:00
pat-s
5ed140088e Set image.rootless to true by default (#449)
fix #432

Assuming that "everybody" is meanwhile on > 1.14.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/449
2023-06-27 20:32:01 +00:00
pat-s
aa33330abe Add upgrading note WRT to postgres major version update (#458)
Should help users with their move from PG 11 to 15. Thanks again @pi3ch!

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/458
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-06-17 22:15:49 +00:00
justusbunsi
b11c9c7568 Add unittests to PR checklist (#455)
### Description of the change

This should clarify that we more and more rely on unittests for the templating behavior.

### Applicable issues

 - fixes #199

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/455
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.com>
2023-06-11 08:15:59 +00:00
justusbunsi
5e5496f15d Add support for ServiceAccount configuration (#451)
### Description of the change

This adds a new values object `serviceAccount`, that allows creating a dedicated ServiceAccount with the Helm Release into the cluster. It supports all common options like labels, annotations, name override (or referring to an externally created ServiceAccount), auto-mount token, image pull secrets.

It supersedes the stale PR #357.

### Benefits

Users can deploy Gitea with more fine-tuned security settings.

### Applicable issues

- related to #448

### Additional information

I've bumped the helm-unittest plugin in the CI build, to be able to use the `exists` and `notExists` feature in the new tests.

### Checklist

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/451
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2023-05-31 08:47:58 +00:00
pat-s
0ca013647d Set $HOME to /data/gitea/git for rootless image (#447)
fix #396

Set the default of `$HOME` to `/data/gitea/git` for rootless images to make chart openshift compliant.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/447
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-05-24 05:01:22 +08:00
pat-s
9c7e85a2bb Sign helm releases (#427)
fix #31

First stab, need to iterate most likely.

@techknowlogick @lunny Could one of you add the GPG secrets here so the signing can be tested?

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/427
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-05-13 18:11:14 +08:00
pat-s
eefa169b8d Update node packages (#445)
Followed https://stackoverflow.com/a/71186834/4185785.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/445
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-05-05 13:27:17 +08:00
pat-s
e28c1520c0 bump to 1.19.3 (#443)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/443
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-05-04 09:45:36 +08:00
Cyril Jouve
55b22d2225 add extraDeploy to add arbitrary objects to the release (#441)
Signed-off-by: Cyril Jouve <jv.cyril@gmail.com>

<!--
 Before you open the request please review the following guidelines and tips to help it be more easily integrated:

 - Describe the scope of your change - i.e. what the change does.
 - Describe any known limitations with your change.
 - Please run any tests or examples that can exercise your modified code.

 Thank you for contributing! We will try to review, test and integrate the change as soon as we can.
 -->

### Description of the change

<!-- Describe the scope of your change - i.e. what the change does. -->
add a new value `extraDeploy`  to add arbitrary resources

inspired by bitnami charts ([example](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/values.yaml#L58)

### Benefits

<!-- What benefits will be realized by the code change? -->
with the change, I can deploy additional resources and keep them consistent with the chart (reuse macro, same labels, etc)., same workflow (helm upgrade), etc

### Possible drawbacks

<!-- Describe any known limitations with your change -->

### Additional information

<!-- If there's anything else that's important and relevant to your pull request, mention that information here. Please remove this section if it remains empty. -->

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Co-authored-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/441
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: Cyril Jouve <jv.cyril@gmail.com>
Co-committed-by: Cyril Jouve <jv.cyril@gmail.com>
2023-05-02 21:32:54 +08:00
pat-s
5876a9e7fc Update Gitea to 1.19.2 and bump chart deps (#442)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
No substantial changes in chart deps.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/442
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-04-30 11:05:33 +08:00
pat-s
c274911aab README: one sentence per line (#440)
Fix #376

Editors should do the job of soft-wrapping in case a line get's too long.
One sentence per line simplifies reviews and diffs a lot as it let's one comment on a piece of text that is contextually sound and not split over multiple lines.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/440
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-04-19 23:01:03 +08:00
techknowlogick
0861260c5d update to use actions for testing PRs (#439)
Run PR tests using Gitea Actions

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/439
Reviewed-by: yardenshoham <yardenshoham@noreply.gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-committed-by: techknowlogick <techknowlogick@gitea.io>
2023-04-15 04:21:00 +08:00
pat-s
d8bb352765 Fix aws secrets (#438)
Some checks failed
generate-chart / generate-chart-publish (push) Has been cancelled
@lunny

It still looks like that the IAM user does not have enough permissions for the S3 sync operation.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/438
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-04-14 21:06:43 +08:00
Lunny Xiao
76e47ef6f0 Add -y to fix apt install on ci 2023-04-14 18:19:41 +08:00
Lunny Xiao
95076eb11f Fix yaml lint 2023-04-14 16:08:04 +08:00
Lunny Xiao
e768a6acdc Fix release tag ci 2023-04-14 15:49:18 +08:00
techknowlogick
7434556b37 Use Gitea Actions for release publishing (#436)
Co-authored-by: pat-s <pat-s@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/436
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-committed-by: techknowlogick <techknowlogick@gitea.io>
2023-04-14 14:54:34 +08:00
pat-s
9f0b65f386 Fix unittests (#434)
Unclear why it only appeared now and not earlier.

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/434
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-04-14 14:45:37 +08:00
pat-s
a9779c9724 Bump to 1.19.1 (#433)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/433
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-04-14 02:25:37 +08:00
pat-s
c0b2fdf8fa Remove discord webhook (#435)
Broken since a long time and probably not used by anyone

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/435
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-04-14 02:21:21 +08:00
Casey Buto
bfaf822a36 feat: Add support for setting priorityClassName (#430)
### Description of the change

Adds support for setting priorityClassName on the Gitea pod.

### Benefits

Users can take advantage of https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/ with Gitea.

### Applicable issues

  - fixes #429

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/430
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Co-authored-by: Casey Buto <cbuto@d2iq.com>
Co-committed-by: Casey Buto <cbuto@d2iq.com>
2023-04-07 18:58:34 +08:00
pat-s
00395e79b0 Add resource specs to init container (#423)
Supersedes stalled #362

I opted for defining `requests` while leaving `limits` open. This might help for scheduling without restricting performance during init.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/423
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-04-01 19:35:11 +08:00
pat-s
25500d7ca2 Ignore Chart.lock for formatters/linters (#424)
This might hopefully help with the formatting issues around `Chart.lock`.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/424
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-04-01 19:18:17 +08:00
pat-s
87c59b2fca Format all files with prettier VSCode plugin and add yamllint in CI (#413)
@justusbunsi to end my formatting mess... ;)

I am not fully sure myself about the linebreaks in `values.yaml` but I don't think there's an easy way to change that behavior.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/413
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-03-29 05:18:23 +08:00
pat-s
6915a4b401 Add chart author (#411)
and format YAML

(maybe we should also update the maintainers list if some are not active anymore?)

Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/411
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-03-29 05:12:10 +08:00
pat-s
a0ba3c9bef Bump memcached to add arm64 support (#422)
And allow overriding the `image` section so users could possible also use other image tags.

fix #285

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/422
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-03-29 05:11:33 +08:00
Maximilian Marschall
0f4e1e488a remove mariadb and mysql from _helpers.tpl (#421)
### Description of the change

Removes checks for mariadb and mysql from _helpers.tpl

### Benefits

Fixes the helm-chart version 8.0.0 if using a external database

### Applicable issues

- fixes #420
- fixes #419

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/421
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: John Olheiser <john+gitea@jolheiser.com>
Reviewed-by: delvh <dev.lh@web.de>
Reviewed-by: yardenshoham <yardenshoham@noreply.gitea.io>
Co-authored-by: Maximilian Marschall <maximilian.marschall@3xm.at>
Co-committed-by: Maximilian Marschall <maximilian.marschall@3xm.at>
2023-03-29 03:02:29 +08:00
justusbunsi
fb5c615f61 Bump Gitea to 1.19.0 (#418)
As title.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/418
Reviewed-by: John Olheiser <john+gitea@jolheiser.com>
Reviewed-by: yardenshoham <yardenshoham@noreply.gitea.io>
2023-03-29 01:10:15 +08:00
pat-s
ae9a71ea11 Remove mysql and mariadb chart deps (#417)
As discussed in Discord.

Supersedes #412 and #407.

**⚠️ BREAKING**

Users depending on the built-in MySQL or MariaDB chart have to switch to an self-managed database, or Postgres

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/417
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: John Olheiser <john+gitea@jolheiser.com>
Reviewed-by: yardenshoham <yardenshoham@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-03-29 01:02:04 +08:00
pat-s
5cb0802b7b [Breaking] Bump postgres chart to latest release (#391)
See discussion in #387

Upgrade notes to Chart v11.x and Postgres 14.x: https://docs.bitnami.com/kubernetes/infrastructure/postgresql/administration/upgrade/

The current version in Gitea is using `11.11.0-debian-10-r62` from 2021-04.

Bumping the chart to the latest (v12.x) would use the image `15.2.0-debian-11-r14` which would be a jump from postgres 11 to postgres 15. There are no specific notes for the v12.x chart release, hence we might be able to just go to 12.x directly.

There have been some param renamings which I've reflected in the README.

**⚠️ BREAKING**

Users have to migrate their Postgres DB by e.g. restoring a previously created database dump into a clean installation.

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/391
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2023-03-28 01:12:29 +08:00
pi3ch
fdac9e9048 Support for SSH log level (#358)
Re https://gitea.com/gitea/helm-chart/issues/224#issuecomment-717087

Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/358
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: strk <strk@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: pi3ch <pi3ch@noreply.gitea.io>
Co-committed-by: pi3ch <pi3ch@noreply.gitea.io>
2023-03-22 16:13:31 +08:00
Michael Kriese
1be9fae08b test: use official unittest plugin (#410)
### Description of the change

Switch to official `helm-unittest` which is now alive again at https://github.com/helm-unittest/helm-unittest

### Applicable issues

- ref #199

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [ ] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [ ] Breaking changes are documented in the `README.md`

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/410
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Co-committed-by: Michael Kriese <michael.kriese@visualon.de>
2023-03-21 23:53:13 +08:00
towo
4869aed6ad Fix wrong reference to existingKey (#415)
### Description of the change

Fix a wrong reference to `signing.existingKey`, `signing.existingSecret` was what was meant and what is used in the chart.

### Benefits

Less confusion when trying to use the Helm chart.

### Possible drawbacks

Evangelists of `existingKey` storming the barricades even though `existingKey` is long dead.

### Applicable issues

None, nobody noticed enough to care, apparently.

Co-authored-by: Tobias Wolter <towo@towo.eu>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/415
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: towo <towo@noreply.gitea.io>
Co-committed-by: towo <towo@noreply.gitea.io>
2023-03-21 14:16:41 +08:00
ooms97
9a6cb4d357 Make test pods optional and allow image override (#360)
### Description of the change

Make the test-connection Pod optional and override the wget container's image.

### Benefits

Allows users to enable/disabled the test-connection Pod and override the wget container's image.

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Breaking changes are documented in the `README.md`

Co-authored-by: Umer Anwar <umer.anwar@nuance.com>
Co-authored-by: ooms97 <anwarumer97@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/360
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: ooms97 <ooms97@noreply.gitea.io>
Co-committed-by: ooms97 <ooms97@noreply.gitea.io>
2023-03-09 23:25:45 +08:00
pat-s
452aeadddf Add section describing versioning and update policy (#347)
After recent discussions in Discord.

Feel free to modify as needed!

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/347
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.io>
Co-authored-by: pat-s <pat-s@noreply.gitea.io>
Co-committed-by: pat-s <pat-s@noreply.gitea.io>
2023-03-09 01:14:33 +08:00
pat-s
c46bf7c60f Format README (#408)
Some small formatting changes which are auto-applied by the markdown code styler in vscode (which I am using a lot).

These are also present in #407.
Merging this before/in general would help be a bit when tinkering with the README.
Mainly indentation related, plus some single quotes -> double quotes changes.

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/408
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.io>
Co-authored-by: pat-s <pat-s@noreply.gitea.io>
Co-committed-by: pat-s <pat-s@noreply.gitea.io>
2023-03-08 03:50:40 +08:00
justusbunsi
18100cca11 Fixup Chart.lock inconsistency (#406)
Introduced with b6d275c4f5

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/406
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2023-02-26 22:42:43 +08:00
pat-s
b6d275c4f5 Update memcached and use new OCI registry (#405)
OCI registry: https://blog.bitnami.com/2023/01/bitnami-helm-charts-available-as-oci.html

fixes #404

I think we should switch all other binami charts to also use the new OCI registry as according to their blog post, this will be the future method they're heading to.

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/405
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-26 20:52:32 +08:00
justusbunsi
578a6cb867 Bump Gitea to 1.18.5 (#403)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/403
Reviewed-by: John Olheiser <john+gitea@jolheiser.com>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
2023-02-22 04:38:08 +08:00
podain77
01bb9b4a77 Add support for hostAliases (#401)
### Description of the change

It is required to add custom mapping between hostnames and IP addresses for the gitea pods to be able to access external services like oauth providers or webhook servers.
It is common to take global variables for the entires and set them using hostAliases in the pod template.

### Benefits

Give us more flexibility when using gitea in various network environments.

### Applicable issues

- fixes #400

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Co-authored-by: Taekyun Kim <tkq.kim@samsung.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/401
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: podain77 <podain77@noreply.gitea.io>
Co-committed-by: podain77 <podain77@noreply.gitea.io>
2023-02-22 01:53:25 +08:00
siretart
513ad81228 Bump Gitea to 1.18.4 (#402)
Signed-off-by: siretart <siretart@tauware.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/402
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: John Olheiser <john+gitea@jolheiser.com>
Co-authored-by: siretart <siretart@noreply.gitea.io>
Co-committed-by: siretart <siretart@noreply.gitea.io>
2023-02-21 05:09:04 +08:00
techknowlogick
e47edbddf9 use drone secrets for s3 info (#399)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/399
2023-02-08 05:57:32 +08:00
justusbunsi
da4120809f Bump Gitea to 1.18.3 (#397)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/397
Reviewed-by: John Olheiser <john+gitea@jolheiser.com>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
2023-01-24 00:53:20 +08:00
techknowlogick
83c184826b bump to 1.18.2 2023-01-20 14:26:45 +08:00
justusbunsi
ccec32c144 Bump Gitea image to 1.18.1 (#395)
As title: Bump Gitea image to 1.18.1.

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/395
Reviewed-by: John Olheiser <john+gitea@jolheiser.com>
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2023-01-18 19:40:04 +08:00
justusbunsi
19e9b07e6e Re-add GPG configuration feature (#374)
This reverts d5ce1a47ea and therefore adds the GPG feature back into main.
As it is a breaking change, this PR now also contains the required upgrade notes.

Closes #107 again.

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/374
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: John Olheiser <john+gitea@jolheiser.com>
2023-01-18 00:58:10 +08:00
robv89r
8b6a00603a Update 'values.yaml' (#394)
### Description of the change

Corrects the spelling of the word deprecated.

### Benefits

Documentation free of misspelled words is more likely to be viewed as "professional".

### Possible drawbacks

None that I can think of

### Applicable issues

- fixes #393

### Additional information

There may be other misspelled words or incorrectly phrased passages that aren't addressed in this PR.

For reference, see the online dictionary for the correct spelling of deprecated.

https://www.merriam-webster.com/dictionary/deprecated

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Breaking changes are documented in the `README.md`

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/394
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: robv89r <robv8r@noreply.gitea.io>
Co-committed-by: robv89r <robv8r@noreply.gitea.io>
2023-01-10 14:54:55 +08:00
JSchlarb
6574b1b232 Ignore unrelated helm files from bundling (#385)
<!--
 Before you open the request please review the following guidelines and tips to help it be more easily integrated:

 - Describe the scope of your change - i.e. what the change does.
 - Describe any known limitations with your change.
 - Please run any tests or examples that can exercise your modified code.

 Thank you for contributing! We will try to review, test and integrate the change as soon as we can.
 -->

### Description of the change
Exluding non helm chart related files from release artifact

### Benefits
Smaller release artifacts

### Possible drawbacks
Exluded files not visible any within the artifact

### Applicable issues
None

### Additional information
None

### ⚠ BREAKING
None

### Checklist

<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Breaking changes are documented in the `README.md`

Co-authored-by: Julian Schlarb <js@project-deadline.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/385
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Co-authored-by: JSchlarb <jschlarb@noreply.gitea.io>
Co-committed-by: JSchlarb <jschlarb@noreply.gitea.io>
2022-12-28 18:30:15 +08:00
pat-s
4f7bc17d34 Bump alpine version in CI (#384)
To fix package installation issues. Apparently installing `helm` in 3.16 fails constantly.

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/384
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.io>
Co-committed-by: pat-s <pat-s@noreply.gitea.io>
2022-12-27 17:18:36 +08:00
techknowlogick
279bacb941 v1.17.4 2022-12-22 08:18:31 +08:00
justusbunsi
9ed671d685 Switch to official npm release of readme generator (#375)
This is a follow up for #369. They published the package on NPM.

https://github.com/bitnami-labs/readme-generator-for-helm/issues/36

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/375
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-12-05 20:56:08 +08:00
justusbunsi
d5ce1a47ea Temporary revert GPG feature for semver based retagging (#373)
Feature #343 happens to be a breaking change when enabling `.Values.signing` but not specifying
any of the new private key properties. Tag `v6.0.2` is therefore not following semantic versioning.

This temporarily reverts commit b8f0310c43 and a fix-up commit 57a1cd27d9
to retag 6.0.2 as 6.0.3.

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/373
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
2022-10-21 00:35:19 +08:00
dajoen74
57a1cd27d9 Gpg init fails to import key (#371)
### Description of the change

The init container for gpg key import doesn´t work. There is a not a tty error.

### Benefits

This will run gpg in batch mode. Eliminating the tty error.

### Possible drawbacks

None that I can think off.

### Applicable issues

  - fixes #370

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Breaking changes are documented in the `README.md`

Co-authored-by: Jeroen Verhoeven <jeroen@joentje.org>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/371
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: dajoen74 <dajoen74@noreply.gitea.io>
Co-committed-by: dajoen74 <dajoen74@noreply.gitea.io>
2022-10-18 13:47:21 +08:00
techknowlogick
6c59fe361d v1.17.3 2022-10-17 04:19:45 +08:00
justusbunsi
d1f5dca573 Lock readme-generator-for-helm dependency (#369)
With every push on main/master branch of that repository, the referenced
tarball is replaced, causing npm integrity checks to fail. Locking the used
reference to a specific commit hash is more reliable.

There is an open issue regarding publishing on NPM. As long as this is
not resolved, we would need to use this workaround to get updates.

(https://github.com/bitnami-labs/readme-generator-for-helm/issues/36)

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/369
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-10-14 00:16:41 +08:00
justusbunsi
b8f0310c43 Add gpg configuration settings (#343)
### Description of the change

This PR adds support for gpg key setup. It allows to pass the gpg private key content inline inside `values.yaml` or refer to an existing secret containing the key content data.

### Benefits

Administrators don't need to manually setup the gpg environment from inside a running container. It also eliminates the breaking change of Gitea 1.17 regarding `[git].HOME` as the `GNUPGHOME` environment variable is used consistently to relocate the `.gnupg` directory to its former location.

### Applicable issues

  - fixes #107

### Additional information

This PR add the first unit tests to this Helm Chart, ensuring templating integrity for signing related configuration.

### Checklist

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/343
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-09-28 16:18:59 +08:00
cboin1996
0d1f748898 check existence of /data/gitea/conf/ instead of /data/gitea/ (#310)
### Description of the change

Checking the existence of the config directory should be done with the directory path itself. Not its parent directory.

This simple fix addresses that by using the config directory for its existence check.

### Benefits

Prior to #337 there was no other way to install this helm chart using the `extraVolumeMounts` setting with these values:

```yaml
replicaCount: %d

extraVolumes:
  - name: config-volume
    configMap:
      name: %s

extraVolumeMounts:
  - name: config-volume
    mountPath: /data/gitea/templates/custom
```

Without this fix, the Gitea pod would never initialize, and would crashloop with the same error in #296.

### Additional information

Mounting a configMap to `/data/gitea/templates/custom` causes the `/data/gitea` folder to exist even though the `/data/gitea/conf` had not been initialized yet. The initialization script saw that the `/data/gitea` dir existed and exited early without initializing `/data/gitea/conf`.

Co-authored-by: cboin1996 <christianboin@hotmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/310
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Co-authored-by: cboin1996 <cboin1996@noreply.gitea.io>
Co-committed-by: cboin1996 <cboin1996@noreply.gitea.io>
2022-09-26 04:08:56 +08:00
pat-s
6e5ae5c912 Increase line length linter to 200 (#355)
As discussed in #348

fix #348

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/355
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.io>
Co-committed-by: pat-s <pat-s@noreply.gitea.io>
2022-09-25 23:21:52 +08:00
techknowlogick
bb26a872e9 1.17.2 2022-09-07 09:21:38 +08:00
techknowlogick
51bb72090e bogus commit 2022-08-23 03:22:30 +08:00
justusbunsi
58d21e07f9 Bump Gitea version to 1.17.1 (#353)
### Description of the change

Bumps Gitea version to 1.17.1. 🙂

### Applicable issues

  - fixes #340

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/353
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-08-23 02:51:21 +08:00
justusbunsi
299d6db142 Split "extraVolumeMounts" into init and container mounts (#337)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/337
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: lafriks <lafriks@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-08-08 03:32:19 +08:00
justusbunsi
a4ab5f981f Skip processing non-provided additional configs (#336)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/336
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-08-04 21:46:04 +08:00
justusbunsi
7801c9c5c9 Pre-generate LFS_JWT_SECRET during init phase (#335)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/335
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: lafriks <lafriks@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-08-04 20:47:24 +08:00
huww98
58fc28f6d0 fix: correctly handle tls ingress (#94)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/94
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: huww98 <huww98@outlook.com>
Co-committed-by: huww98 <huww98@outlook.com>
2022-07-28 16:29:33 +08:00
justusbunsi
32735ed4df Restructure changelog/upgrading approach (#331)
Description of the change

Mostly, this change just moves the changelog to the bottom of the README which helps new users to see the actual documentation. As the structure for the changes itself is slightly different, there are some changes in wording so that it still makes sense. But mostly structural changes.

The change within the dependency section is due to a broken link since auto-generating the parameters section. Now there are links to every dependency related parameters.
Benefits

It helps us to maintain a clear structure for the README of this project.
Possible drawbacks

Our users are currently trained to look at the top of the document to see the changes. They now have to scroll down or use the quick link from installation section.
Applicable issues

    fixes #247

Additional information

Every version section starts with a disclaimer right now. This is duplicated and might hide important text due to its existence. A centralized intruduction at top of the upgrading section tells the reader what to expect from that whole section.

I've also noticed that on ArtifactHub the emotes are not rendered correctly. So I replaced them with the actual ones and reduced their usage. That way it better highlights those parts the reader must not miss.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/331
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-07-16 01:27:48 +08:00
justusbunsi
aa97cdab5b Restore default behavior description for image tag (#330)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/330
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: wxiaoguang <wxiaoguang@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-07-10 04:43:04 +08:00
dek
bc16cc8134 add dnsConfig value support (#329)
Description of the change

Add support for a new value: dnsConfig, to be passed to the statefulset pod template configuration.

Default is {}, and does not change anything from current default pod configuration.
Benefits

Ability to fix some issues encountered with Alpine-based docker images, which may break DNS resolving on some clusters.

In particular, this allows to lower the ndots value, which fixes DNS resolving of FQDNs.

dnsConfig:
  options:
    - name: ndots
      value: "1"

Also, with this setting, one can set other parameters to finely tune DNS configuration for Gitea pods, if needed:

https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config
Possible drawbacks

None.
Additional information

Some relevant links about the issue this setting allows to fix:

https://stackoverflow.com/questions/65181012/does-alpine-have-known-dns-issue-within-kubernetes

https://gitlab.alpinelinux.org/alpine/aports/-/issues/9017
Checklist

    Parameters are documented in the values.yaml and added to the README.md using readme-generator-for-helm

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/329
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: dek <dek@noreply.gitea.io>
Co-committed-by: dek <dek@noreply.gitea.io>
2022-06-27 14:35:55 +08:00
justusbunsi
33586d26cf Describe breaking changes for 6.0.0 (#327)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/327
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: wxiaoguang <wxiaoguang@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-06-23 23:41:10 +08:00
justusbunsi
0172a59889 Properly lock chart dependencies (#326)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/326
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-06-15 15:37:25 +08:00
justusbunsi
2cc3195eaa Improve contribution part of this repository (#328)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/328
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-06-13 03:35:24 +08:00
cnfatal
b3b91e2044 generate readme Parameters from values.yaml (#323)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/323
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: cnfatal <cnfatal@noreply.gitea.io>
Co-committed-by: cnfatal <cnfatal@noreply.gitea.io>
2022-06-09 19:21:25 +08:00
cnfatal
9cb822f41c add global values support (#322)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/322
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: cnfatal <cnfatal@noreply.gitea.io>
Co-committed-by: cnfatal <cnfatal@noreply.gitea.io>
2022-06-09 18:55:08 +08:00
takirala
e59fbc4008 feat: switch to github raw url for bitnami charts (#324)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/324
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: takirala <takirala@noreply.gitea.io>
Co-committed-by: takirala <takirala@noreply.gitea.io>
2022-06-03 13:50:12 +08:00
techknowlogick
a466206d9e 1.16.8 2022-05-17 09:01:34 +08:00
techknowlogick
80032dfc5c 1.16.7 2022-05-02 13:36:55 +08:00
svenihoney
52ed32ae74 Allow configuration of ipFamilyPolicy and ipFamilies (#313)
To enable access to e.g. the SSH port by IPv6, the selection of ipFamilyPolicy and ipFamilies service attributes is necessary. Enable the possibility to configure these by helm values.

Co-authored-by: Sven Fischer <sven@leiderfischer.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/313
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: svenihoney <svenihoney@noreply.gitea.io>
Co-committed-by: svenihoney <svenihoney@noreply.gitea.io>
2022-04-25 19:56:25 +08:00
justusbunsi
b06b3edf1d Consider imagePullPolicy for init containers (#317)
The default behaviour for container image pulls depend on different values
such as image tag usage and its value.
See https://kubernetes.io/docs/concepts/containers/images/#imagepullpolicy-defaulting

It leads to an unintended behaviour for this Helm Chart. Kubernetes
will always pull the image for init containers when using the `latest`
Gitea image tag, even if `Values.image.pullPolicy` defines a different
value for the runtime container.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/317
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-04-22 06:13:19 +08:00
takirala
a7bc46015e feat: configurable annotations for gitea StatefulSet (#315)
Fixes #314

Right now, the gitea StatefulSet does not allow any annotations to be configured via the helmchart - see https://gitea.com/gitea/helm-chart/src/tag/v5.0.4/templates/gitea/statefulset.yaml#L4-L6

My use case:

I am trying to use Reloader (https://github.com/stakater/Reloader) so that I can configure my values.yaml such that i can set some annotations on the StatefulSet and thus Reloader can rollout a restart of gitea StatefulSet whenever a watched secret or configmap is updated.

Co-authored-by: Tarun Gupta Akirala <tarugupta.92@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/315
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: takirala <takirala@noreply.gitea.io>
Co-committed-by: takirala <takirala@noreply.gitea.io>
2022-04-21 23:55:53 +08:00
techknowlogick
46b190adda 1.16.6 2022-04-21 09:03:01 +08:00
techknowlogick
d94226765d close #302
Signed-off-by: techknowlogick <techknowlogick@gitea.io>
2022-03-26 02:28:39 +08:00
techknowlogick
844c8daa0b 1.16.5
Signed-off-by: techknowlogick <techknowlogick@gitea.io>
2022-03-24 10:59:17 +08:00
techknowlogick
982ae60d8e 1.16.4
Signed-off-by: techknowlogick <techknowlogick@gitea.io>
2022-03-15 06:16:48 +08:00
luhahn
62b82459de Consider environment variables during app.ini creation (#298)
This PR improves the handling and injection into _app.ini_ of user defined environment variables via env-to-ini script.

Fixes #297

Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/298
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: 6543 <6543@obermui.de>
2022-03-09 14:47:55 +08:00
techknowlogick
9530967163 1.16.3 (#300)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/300
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
2022-03-04 16:32:18 +08:00
luhahn
d35de55248 Remove db connection check (#299)
This will remove the db connection check, which has caused some trouble in the past.

It will now simply run _gitea migrate_ and output a message, if the database is not available.

Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/299
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
2022-03-02 08:25:49 +08:00
justusbunsi
78b5858009 Simplify version handling (#250)
- Drop super legacy `image.version` value (see #92 description)
- Always use `appVersion` from Chart.yaml as image tag if non specified

---

Don't know whether this is a breaking change regarding image.version
drop.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/250
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-03-01 22:55:44 +08:00
techknowlogick
1a3ce54dfc update to 1.16.2 (#293)
replaces #290

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/293
2022-02-26 06:01:16 +08:00
a-zen
6896c7caae added hostPort support for ssh (#276)
This fixes my feature request (#275) to support hostPort to expose the ssh port.

Co-authored-by: alex <alex@zengers.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/276
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: a-zen <a-zen@noreply.gitea.io>
Co-committed-by: a-zen <a-zen@noreply.gitea.io>
2022-02-25 17:18:57 +08:00
justusbunsi
7bdf742e81 Add example for Kubernetes secret as additional source (#294)
As discussed in #286, an example for using Kubernetes secrets as additional configuration source was missing. This adds it.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/294
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-02-14 16:00:47 +08:00
justusbunsi
f2948646ba Fix markdown lint in CI (#295)
I saw a few PRs including this. Maybe it's good to have this as fast as possible to prevent others providing this fix, too.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/295
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2022-02-10 23:44:41 +08:00
techknowlogick
c010c3857e update to gitea 1.15.10 (#278)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/278
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-committed-by: techknowlogick <techknowlogick@gitea.io>
2022-01-20 16:22:36 +08:00
luhahn
7fc444c08e Update README with multiple LDAP Sources (#271)
We did not mention the multiple LDAP Sources as a breaking change.

Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/271
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: Andrew Thornton <art27@cantab.net>
2021-12-23 21:43:21 +08:00
nmasse-itix
d550b5a2c4 Improve support for gitea instances not running as root or uid 1000 (#266)
## Context

PR #259 introduced support for running Gitea as a uid different than 1000 (git) or 0 (root).

## Problem

In init_directory_structure.sh, there is a "chown 1000:1000" on /tmp/gitea.
This chown only works when running as root or when the target directory is already owned by uid 1000.

As a result, the init container "init-directories" fails on startup when running Gitea with a uid different from 0 or 1000.

Initially, I worked around it by implementing an "initPreScript". But it would make user's life easier if we can make it work out-of-the-box.

## Resolution

I'm taking model on the chown a few lines above that depends on the value of image.rootless. Since the chown only works on default (root) image and is useless on rootless image, there is no need to run it on rootless image.

Co-authored-by: Nicolas MASSE <nicolas.masse@itix.fr>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/266
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: nmasse-itix <nmasse-itix@noreply.gitea.io>
Co-committed-by: nmasse-itix <nmasse-itix@noreply.gitea.io>
2021-12-23 18:50:56 +08:00
justusbunsi
5bb91510df Bump Gitea version to 1.15.8 (#270)
As title.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/270
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: Gusted <gusted@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-12-23 03:56:36 +08:00
justusbunsi
c27140c4cb Add deprecation fail-safe for Chart templating (#269)
With release 5.0.0 there are so many deprecations and breaking changes
that it is probably a good way to assist the users with values migration
before breaking their environments.

This adds another template file that doesn't render anything but ensures
the removal of dropped or deprecated settings from customized values
files.

For when it is necessary, this check can be disabled via new setting
`checkDeprecation`.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/269
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: wxiaoguang <wxiaoguang@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-12-23 00:25:32 +08:00
luhahn
d97ea18626 Remove builtIn dependency values (#268)
⚠️ Breaking

Moved the values to enable the dependencies into the dependencies itself, this way we don't need a seperate field in the values and it is more obvious how to enable for example postgresql.

Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/268
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: Andrew Thornton <art27@cantab.net>
2021-12-22 23:41:35 +08:00
justusbunsi
7b0a1c7ae6 Generic way for configuring Gitea app.ini (#240)
With the result of PR #239 it is much easier to provide additional values to the _app.ini_ configuration from different sources.
These changes adds an _additionalConfigSources_ field where the users can define such sources. This enables the users to choose
on their own whether to store values in _values.yaml_ or load them from Kuberetes Secrets or ConfigMaps.

- Fixes #243
- Fixes #174
- Fixes #260

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/240
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: wxiaoguang <wxiaoguang@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-12-22 18:44:04 +08:00
justusbunsi
66683e14df Remove "enabled" key check from OAuth (#267)
As this key must not exist anymore, we don't have to check it.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/267
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: wxiaoguang <wxiaoguang@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-12-21 18:59:18 +08:00
justusbunsi
6d9362ed39 Rework OAuth sources (#244)
This change request includes two different things to improve OAuth source handling:

- Allow multiple OAuth source configuration (Fixes: #191)
- Support reading sensitive OAuth configuration data from Kubernetes secrets (Closes: #242)

⚠️ BREAKING ⚠️
---

Users need to migrate their `gitea.oauth` configuration.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/244
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-12-20 22:43:55 +08:00
aleksey.sergey
cd09ccfcdb add support for persistence.subPath option (#263)
Hello,

PR adds a `persistence.subPath` option to provide user more flexibility on mounting the `data` PV.
https://kubernetes.io/docs/concepts/storage/volumes/#using-subpath

The setting is similar to e.g. `primary.persistence.subPath` in MariaDB helm chart:
https://github.com/bitnami/charts/tree/master/bitnami/mariadb

Co-authored-by: Aleksey Sergey <sergey.aleksey90@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/263
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: aleksey.sergey <aleksey.sergey@noreply.gitea.io>
Co-committed-by: aleksey.sergey <aleksey.sergey@noreply.gitea.io>
2021-12-20 19:58:44 +08:00
iMartyn
d97b1567e2 Enable overriding of ingress api version for systems where detection doesn't work (#252)
fixes #251

The rendering is a bit more programatic but the result is the same if you don't have an override.  This makes the code a little easier at the end of the template, and slightly less easier to read at the beginning, which I think is a valid tradeoff.

Co-authored-by: Martyn Ranyard <m@rtyn.berlin>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/252
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: iMartyn <imartyn@noreply.gitea.io>
Co-committed-by: iMartyn <imartyn@noreply.gitea.io>
2021-12-20 19:54:37 +08:00
nmasse-itix
bef0cea1b1 split the securityContext in two: pod and container securityContext (#259)
Hello !

I'm using the new Helm chart (5.x) and I really like the new configuration mechanism. 👍

I would like to contribute the following enhancement.

## The problem I want to solve

I'm trying to deploy Gitea in a Kubernetes shared platform and I need to make sure each instance is running as a different user so that in case of container escape, the risk of data leak is minimized.

Additionally, on my platform (OpenShift), arbitrary users (such as uid 1000 for Gitea) are not allowed.

The current helm chart does not allow me to achieve this because:
- the container security context is configurable only for the main container. The security context of init containers cannot be specified.
- a fixed uid is hard coded
- a fixed fs group is hard coded

Also, the securityContext of a pod and the securityContext of a container do not accept the same options.

- https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#podsecuritycontext-v1-core
- https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#securitycontext-v1-core

## How I'm solving the problem

I split the `securityContext` (values.yaml) in two: `containerSecurityContext` and `podSecurityContext`. The containerSecurityContext applies to all containers (init and main) in order to be consistent with file permissions.

The behavior for existing deployments is unchanged:

- fsGroup 1000 is the default value for the podSecurityContext variable
- the "configure-gitea" init container uses the uid 1000 unless otherwise stated in the containerSecurityContext
- the main container is using the existing securityContext variable when defined in order not to break existing deployments and uses the new containerSecurityContext variable if not.

This approach is well tested: it is used consistently on bitnami's Helm charts.

## How I tested

I tested both root and rootless variants on a Kubernetes 1.22, as well as rootless variant on OpenShift 4.7.

**rootless variant on Kubernetes**:

```yaml
podSecurityContext:
  fsGroup: 10001

containerSecurityContext:
  allowPrivilegeEscalation: false
  capabilities:
    drop:
      - ALL
    add:
      - SYS_CHROOT
  privileged: false
  runAsGroup: 10001
  runAsNonRoot: true
  runAsUser: 10001

extraVolumes:
- name: var-lib-gitea
  emptyDir: {}

extraVolumeMounts:
- name: var-lib-gitea
  readOnly: false
  mountPath: "/var/lib/gitea"
```

**rootless variant on OpenShift**:

```yaml
podSecurityContext:
  fsGroup: null

containerSecurityContext:
  allowPrivilegeEscalation: false
  privileged: false
  runAsNonRoot: true
  runAsUser: 1000790000

extraVolumes:
- name: var-lib-gitea
  emptyDir: {}

extraVolumeMounts:
- name: var-lib-gitea
  readOnly: false
  mountPath: "/var/lib/gitea"
```

Let me know if something is unclear.

Co-authored-by: Nicolas MASSE <nicolas.masse@itix.fr>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/259
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: nmasse-itix <nmasse-itix@noreply.gitea.io>
Co-committed-by: nmasse-itix <nmasse-itix@noreply.gitea.io>
2021-12-18 19:10:48 +08:00
justusbunsi
bfa68f6f58 Drop custom probes (#248)
As a replacement, the default probes are now fully configurable and used
as-is during Chart deployment.

Fixes: #189

⚠️ BREAKING ⚠️
---

Users have to remove the `custom` prefix from their probes, if customized.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/248
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-12-13 16:50:08 +08:00
luhahn
0461fa92a9 Rework app.ini generation (#239)
App ini is now generated by environment-to-ini

This should prevent some of the problems we had earlier with persisting the app.ini

Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/239
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
2021-11-20 05:15:45 +08:00
Markus Pesch
82763f109b feat/markdownlint (#200)
Hi,
this patch contains a markdownlinter. I think this has the advantage that all users stick to the same format and the `README.md` follows a consistent structure.

The markdownlinter can be configured via the `.markdownlint.yaml` file. All possible options are [here](https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml) documented.

I have created the initialie configuration. However, can be adapted to suggestions for change. Has of course the consequence that if necessary the `README.md` would have to be adapted. I have formatted this in advance according to the defined rules.

For users which use visual-code as IDE is additionally a plugin [available](https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint).

Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/200
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Co-authored-by: Markus Pesch <volker.raschek@noreply.gitea.io>
Co-committed-by: Markus Pesch <volker.raschek@noreply.gitea.io>
2021-11-05 12:06:48 +08:00
techknowlogick
3fd34a9455 1.15.4 (#230)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/230
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-committed-by: techknowlogick <techknowlogick@gitea.io>
2021-10-17 00:08:17 +08:00
luhahn
3273b245e7 Add multiple LDAP sources (#222)
Add multiple add sources.

Instead of a single entry for ldap configuration we now would have a dictionary for ldap config.

This would be a breaking change for those working with the ldap config.

fixes: #190

Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/222
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
2021-10-08 20:16:24 +08:00
pat-s
b344673d11 Add dev instructions to README (#228)
FYI: My editor automatically changes two trailing whitespaces into a linebreak. I know it's not completely the same but maybe it can be accepted (would make things easier in the long run).
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/228
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: pat-s <pat-s@noreply.gitea.io>
Co-committed-by: pat-s <pat-s@noreply.gitea.io>
2021-09-28 03:52:37 +08:00
techknowlogick
5a7d168c2e 1.15.3 (#225)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/225
Reviewed-by: pat-s <pat-s@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-committed-by: techknowlogick <techknowlogick@gitea.io>
2021-09-26 08:44:59 +08:00
techknowlogick
9a220c2ddd 1.15.0 (#218)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/218
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-committed-by: techknowlogick <techknowlogick@gitea.io>
2021-09-12 06:40:47 +08:00
wkit23
ce3e9babec Add support for ingressClassName (#217)
Hi,

I just add some minor changes to support specifying ingressClassName to support the newer specification in `networking.k8s.io/v1`. The annotation `kubernetes.io/ingress.class: nginx` only works with older API `networking.k8s.io/v1beta1`.

This is part of our move to support kubernetes 1.22.

Co-authored-by: Leong Wai Kit <waikit.leong@bertelsmann.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/217
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: wkit23 <wkit23@noreply.gitea.io>
Co-committed-by: wkit23 <wkit23@noreply.gitea.io>
2021-09-02 10:53:48 +08:00
Michael Kriese
4ef9a3ec35 fix: Only create conf directoy if not exists (#211)
Only create conf directory if not yet exists

fixes #210

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/211
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Co-committed-by: Michael Kriese <michael.kriese@visualon.de>
2021-08-15 20:43:51 +08:00
techknowlogick
ba0e8b18b5 1.14.6 (#212)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/212
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-committed-by: techknowlogick <techknowlogick@gitea.io>
2021-08-13 04:14:49 +08:00
skriesch
9e7387f0f8 Fix for #203 possible existingClaim at persistence with namespace variable in the name (#204)
Fix for #203

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/204
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: skriesch <skriesch@noreply.gitea.io>
Co-committed-by: skriesch <skriesch@noreply.gitea.io>
2021-07-17 10:47:41 +08:00
luhahn
6342a4dabd Document breaking changes (#202)
Documented some breaking changes. Please have a look and tell me, if I missed something :)

Fixes: #194
Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/202
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
2021-07-13 01:33:38 +08:00
justusbunsi
7de326d931 Drop kebab-case configuration notation (#196)
Currently there are two different styles for defining both ldap and oauth configuration in _values.yaml_ file: `camelCase` and `kebab-case`.
Supporting both styles created multiple regressions in the past.

⚠️ BREAKING ⚠️
---------------
These changes completely remove any support for `kebab-case` notation in _values.yaml_ in favor of `camelCase`. Configuration keys must use `camelCase`.
Only exception are Kubernetes resource keys for annotations or labels.

Fixes: #188

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/196
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-07-06 13:28:13 +08:00
Markus Pesch
767a073a0a SSH not working due missing security capability in CRI-O environment (#176)
This patch add the SYS_CHROOT capability if the securityContext is
undefined. Otherwise the SSH Server does not work correctly as described
in the issue #161.

Fixes: #161

Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/176
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: Markus Pesch <volker.raschek@noreply.gitea.io>
Co-committed-by: Markus Pesch <volker.raschek@noreply.gitea.io>
2021-07-01 23:02:56 +08:00
justusbunsi
b7dbb22025 Upgrade Gitea to 1.14.3 (#197)
Fixes: #195

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/197
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-06-30 23:25:56 +08:00
justusbunsi
9059229acb Rewrite init script (#178)
These changes rewrite the init script to be error aware, informative and have a bit more security awareness.

During rewrite several hidden bugs could be identified and fixed, such as:

- LDAP configuration options interpreted by the shell before passed to command
- Finding multiple ldap ids instead of one during lookup when their names are almost identical
e.g. `_my-ldap-auth` and `my-ldap-auth`
- Properly filter auth sources by their types to prevent unintended type converting attempts that fail

In addition to that the script is a bit cleaner. Some commands do not exist anymore and would cause false-positive errors during script execution.

Helps for: #149

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/178
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-06-30 04:09:16 +08:00
justusbunsi
6a6eb35106 Fix regression for unspecified DOMAIN and ROOT_URL (#185)
In case a user did not specify DOMAIN in .Values.gitea.config.server,
the chart generated incorrect value for that app.ini setting so that
Gitea crashed on startup.

Same for ROOT_URL.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/185
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-06-30 03:24:44 +08:00
justusbunsi
7a3515c2f2 Customizable .gnupg folder location (#186)
The `HOME` path is not persistent when using the rootless image, so the
`.gnupg` folder isn't either. Since the chart always used `/data/...` as
mount point for storage of all kinds, it is a minimal impact to just
relocate the dynamic `$HOME/.gnupg` folder location to the persistent
`/data/git/.gnupg`. This is where the signing keys are stored when
running root based environments. Doing so will

 - allow migrations between both image variants
 - persist signing keys for rootless environments

Fixes: #155

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/186
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-06-30 03:23:32 +08:00
justusbunsi
2901671d23 Update maintainers (#192)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/192
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-06-30 03:22:46 +08:00
mattkaar
0e191bfc7a Support custom Ingress path (#151)
Adds support for a custom Ingress path. This allows us to run Gitea as a path in an existing domain.

Co-authored-by: Matt Kaar <mkaar@cert.org>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/151
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: mattkaar <mattkaar@noreply.gitea.io>
Co-committed-by: mattkaar <mattkaar@noreply.gitea.io>
2021-06-25 02:28:45 +08:00
justusbunsi
d6eb50ca35 Fix admin + ldap configuration (#183)
This fixes several flaws introduced by commits for #169 (see c49dc047a4).

 - Respect kebab-case ldap bind inline definition
 - Prevent camelCase ldap bind inline definition from being overridden by empty string
 - Create admin account when `existingSecret` is used

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/183
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-06-21 21:28:18 +08:00
justusbunsi
f0ed41de9e Fix minor README flaws (#184)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/184
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
2021-06-20 03:35:21 +08:00
luhahn
f344b4559d Upgrade Gitea dependencies (#141)
- postgresql 9.7.2 to 10.3.17
- mariadb 8.0.0 to 9.3.6
- memcached 4.2.20 to 5.9.0

Tested on my clusters.

Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/141
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
2021-06-16 05:09:02 +08:00
luhahn
e3b03cd61a Fix LDAP Ppassword env variable (#182)
Fixes: #179

Co-authored-by: Lucas Hahn <lucas.hahn@novum-rgi.de>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/182
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: luhahn <luhahn@noreply.gitea.io>
Co-committed-by: luhahn <luhahn@noreply.gitea.io>
2021-06-16 05:07:59 +08:00
99 changed files with 8895 additions and 1047 deletions

7
.commitlintrc.json Normal file
View File

@@ -0,0 +1,7 @@
{
"extends": ["@commitlint/config-conventional"],
"rules": {
"type-enum": [2, "always", ["feat", "fix", "chore", "docs", "style", "refactor", "test", "perf", "ci", "WIP"]],
"type-case": [0, "always", "lower-case"]
}
}

View File

@@ -1,69 +0,0 @@
---
kind: pipeline
name: lint
platform:
os: linux
arch: arm64
steps:
- name: lint
pull: always
image: alpine:3.13
commands:
- apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing helm
- helm lint
- name: discord
pull: always
image: appleboy/drone-discord:1.2.4
environment:
DISCORD_WEBHOOK_ID:
from_secret: discord_webhook_id
DISCORD_WEBHOOK_TOKEN:
from_secret: discord_webhook_token
when:
status:
- changed
- failure
---
kind: pipeline
name: release-version
platform:
os: linux
arch: arm64
trigger:
event:
- tag
steps:
- name: generate-chart
pull: always
image: alpine:3.13
commands:
- apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing helm
- apk add --no-cache curl
- helm dependency update
- helm package --version "${DRONE_TAG##v}" ./
- mkdir gitea
- mv gitea*.tgz gitea/
- curl -L -o gitea/index.yaml https://dl.gitea.io/charts/index.yaml
- helm repo index gitea/ --url https://dl.gitea.io/charts --merge gitea/index.yaml
- name: upload-chart
pull: always
image: plugins/s3:latest
settings:
bucket: gitea-artifacts
endpoint: https://storage.gitea.io
path_style: true
access_key:
from_secret: aws_access_key_id
secret_key:
from_secret: aws_secret_access_key
source: gitea/*
target: /charts
strip_prefix: gitea/

12
.editorconfig Normal file
View File

@@ -0,0 +1,12 @@
# EditorConfig is awesome: https://EditorConfig.org
# top-most EditorConfig file
root = true
[*]
indent_style = space
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = false
insert_final_newline = false

View File

@@ -0,0 +1,44 @@
<!--
Before you open the request please review the following guidelines and tips to help it be more easily integrated:
- Describe the scope of your change - i.e. what the change does.
- Describe any known limitations with your change.
- Please run any tests or examples that can exercise your modified code.
Thank you for contributing! We will try to review, test and integrate the change as soon as we can.
-->
### Description of the change
<!-- Describe the scope of your change - i.e. what the change does. -->
### Benefits
<!-- What benefits will be realized by the code change? -->
### Possible drawbacks
<!-- Describe any known limitations with your change -->
### Applicable issues
<!-- Enter any applicable Issues here (You can reference an issue using #). Please remove this section if there is no referenced issue. -->
- Fixes #
### Additional information
<!-- If there's anything else that's important and relevant to your pull request, mention that information here. Please remove this section if it remains empty. -->
### ⚠ BREAKING
<!-- If there's a breaking change, please shortly describe in which way users are affected and how they can mitigate it. If there are no breakings, please remove this section. -->
### Checklist
<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->
- [ ] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [ ] Breaking changes are documented in the `README.md`
- [ ] Helm templating unittests are added (required when changing anything in `templates` folder)
- [ ] Bash unittests are added (required when changing anything in `scripts` folder)
- [ ] All added template resources MUST render a namespace in metadata

114
.gitea/scripts/add-annotations.sh Executable file
View File

@@ -0,0 +1,114 @@
#!/bin/bash
set -e
CHART_FILE="Chart.yaml"
if [ ! -f "${CHART_FILE}" ]; then
echo "ERROR: ${CHART_FILE} not found!" 1>&2
exit 1
fi
DEFAULT_NEW_TAG="$(git tag --sort=-version:refname | head -n 1)"
DEFAULT_OLD_TAG="$(git tag --sort=-version:refname | head -n 2 | tail -n 1)"
if [ -z "${1}" ]; then
read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG
if [ -z "${OLD_TAG}" ]; then
OLD_TAG="${DEFAULT_OLD_TAG}"
fi
while [ -z "$(git tag --list "${OLD_TAG}")" ]; do
echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2
read -p "Enter start tag [${DEFAULT_OLD_TAG}]: " OLD_TAG
if [ -z "${OLD_TAG}" ]; then
OLD_TAG="${DEFAULT_OLD_TAG}"
fi
done
else
OLD_TAG=${1}
if [ -z "$(git tag --list "${OLD_TAG}")" ]; then
echo "ERROR: Tag '${OLD_TAG}' not found!" 1>&2
exit 1
fi
fi
if [ -z "${2}" ]; then
read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG
if [ -z "${NEW_TAG}" ]; then
NEW_TAG="${DEFAULT_NEW_TAG}"
fi
while [ -z "$(git tag --list "${NEW_TAG}")" ]; do
echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2
read -p "Enter end tag [${DEFAULT_NEW_TAG}]: " NEW_TAG
if [ -z "${NEW_TAG}" ]; then
NEW_TAG="${DEFAULT_NEW_TAG}"
fi
done
else
NEW_TAG=${2}
if [ -z "$(git tag --list "${NEW_TAG}")" ]; then
echo "ERROR: Tag '${NEW_TAG}' not found!" 1>&2
exit 1
fi
fi
CHANGE_LOG_YAML=$(mktemp)
echo "[]" > "${CHANGE_LOG_YAML}"
function map_type_to_kind() {
case "${1}" in
feat)
echo "added"
;;
fix)
echo "fixed"
;;
chore|style|test|ci|docs|refac)
echo "changed"
;;
revert)
echo "removed"
;;
sec)
echo "security"
;;
*)
echo "skip"
;;
esac
}
COMMIT_TITLES="$(git log --pretty=format:"%s" "${OLD_TAG}..${NEW_TAG}")"
echo "INFO: Generate change log entries from ${OLD_TAG} until ${NEW_TAG}"
while IFS= read -r line; do
if [[ "${line}" =~ ^([a-zA-Z]+)(\([^\)]+\))?\:\ (.+)$ ]]; then
TYPE="${BASH_REMATCH[1]}"
KIND=$(map_type_to_kind "${TYPE}")
if [ "${KIND}" == "skip" ]; then
continue
fi
DESC="${BASH_REMATCH[3]}"
echo "- ${KIND}: ${DESC}"
jq --arg kind changed --arg description "$DESC" '. += [ $ARGS.named ]' < ${CHANGE_LOG_YAML} > ${CHANGE_LOG_YAML}.new
mv ${CHANGE_LOG_YAML}.new ${CHANGE_LOG_YAML}
fi
done <<< "${COMMIT_TITLES}"
if [ -s "${CHANGE_LOG_YAML}" ]; then
yq --inplace --input-format json --output-format yml "${CHANGE_LOG_YAML}"
yq --no-colors --inplace ".annotations.\"artifacthub.io/changes\" |= loadstr(\"${CHANGE_LOG_YAML}\") | sort_keys(.)" "${CHART_FILE}"
else
echo "ERROR: Changelog file is empty: ${CHANGE_LOG_YAML}" 1>&2
exit 1
fi
rm "${CHANGE_LOG_YAML}"

View File

@@ -0,0 +1,146 @@
name: generate-chart
on:
push:
branches:
- "*"
env:
# renovate: datasource=docker depName=alpine/helm
HELM_VERSION: "3.17.3"
jobs:
generate-chart-publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Determine Architecture and Operating System to support x86_64 and ARM based CI nodes
run: |
# determine operating system
OS=$(uname | tr '[:upper:]' '[:lower:]')
echo "OS=${OS}" >> $GITHUB_ENV
echo "INFO: Set environment variable OS=${OS}"
# determine architecture
ARCH="$(uname -m)"
case "${ARCH}" in
aarch64) ARCH=arm64;;
x86_64) ARCH=amd64;;
esac
echo "ARCH=${ARCH}" >> $GITHUB_ENV
echo "INFO: Set environment variable ARCH=${ARCH}"
- name: Install packages via apt
run: |
apt update --yes
echo "INFO: Install packages via apt"
apt install --yes curl ca-certificates curl gnupg jq
- name: Install helm
run: |
curl --fail --location --output /dev/stdout --silent --show-error https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-${OS}-${ARCH}.tar.gz | tar --extract --gzip --file /dev/stdin
mv ${OS}-${ARCH}/helm /usr/local/bin/
rm --force --recursive ${OS}-${ARCH} helm-v${{ env.HELM_VERSION }}-${OS}-${ARCH}.tar.gz
helm version
- name: Install yq
env:
YQ_VERSION: v4.45.4 # renovate: datasource=github-releases depName=mikefarah/yq
run: |
curl --fail --location --output /dev/stdout --silent --show-error https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_${OS}_${ARCH}.tar.gz | tar --extract --gzip --file /dev/stdin
mv yq_${OS}_${ARCH} /usr/local/bin
rm --force --recursive yq_${OS}_${ARCH} yq_${OS}_${ARCH}.tar.gz
yq --version
- name: Install docker-ce via apt
run: |
echo "INFO: Install docker"
install -m 0755 -d /etc/apt/keyrings
curl --fail --location --silent --show-error https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update --yes
apt install --yes python3 python3-pip apt-transport-https docker-ce-cli
- name: Install awscli
run: |
echo "INFO: Install awscli via python pip"
pip install awscli --break-system-packages
aws --version
# - name: Import GPG key
# id: import_gpg
# uses: https://github.com/crazy-max/ghaction-import-gpg@v6
# with:
# gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
# passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
# fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0
- name: Add Artifacthub.io annotations
run: |
NEW_TAG=v12.0.0
OLD_TAG=v11.0.1
# NEW_TAG="$(git tag --sort=-version:refname | head --lines 1)"
# OLD_TAG="$(git tag --sort=-version:refname | head --lines 2 | tail --lines 1)"
.gitea/scripts/add-annotations.sh "${OLD_TAG}" "${NEW_TAG}"
- name: Print Chart.yaml
run: cat Chart.yaml
# # Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
# - name: package chart
# run: |
# echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin
# # FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
# helm plugin install https://github.com/pat-s/helm-gpg
# helm dependency build
# helm package --version "${GITHUB_REF#refs/tags/v}" ./
# mkdir gitea
# mv gitea*.tgz gitea/
# curl --fail --location --output gitea/index.yaml --silent --show-error https://dl.gitea.com/charts/index.yaml
# helm repo index gitea/ --url https://dl.gitea.com/charts --merge gitea/index.yaml
# # push to dockerhub
# echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin
# helm push gitea/gitea-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts
# helm registry logout registry-1.docker.io
# - name: aws credential configure
# uses: https://github.com/aws-actions/configure-aws-credentials@v4
# with:
# aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: ${{ secrets.AWS_REGION }}
# - name: Copy files to S3 and clear cache
# run: |
# aws s3 sync gitea/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/
# release-gitea:
# # needs: generate-chart-publish
# runs-on: ubuntu-latest
# container: docker.io/thegeeklab/git-sv:2.0.1
# steps:
# - name: install tools
# run: |
# apk add -q --update --no-cache nodejs
# - uses: actions/checkout@v4
# with:
# fetch-tags: true
# fetch-depth: 0
# - name: Create changelog
# run: |
# git sv current-version
# git sv release-notes -t ${GITHUB_REF#refs/tags/} -o CHANGELOG.md
# sed -i '1,2d' CHANGELOG.md # remove version
# cat CHANGELOG.md
# - name: Release
# uses: https://github.com/akkuman/gitea-release-action@v1
# with:
# body_path: CHANGELOG.md
# token: "${{ secrets.RELEASE_TOKEN }}"

5
.gitignore vendored
View File

@@ -1,3 +1,4 @@
charts charts/
Chart.lock node_modules/
.DS_Store .DS_Store
unittests/*/__snapshot__/

12
.gitmodules vendored Normal file
View File

@@ -0,0 +1,12 @@
[submodule "unittests/bash/bats"]
path = unittests/bash/bats
url = https://github.com/bats-core/bats-core.git
[submodule "unittests/bash/test_helper/bats-support"]
path = unittests/bash/test_helper/bats-support
url = https://github.com/bats-core/bats-support.git
[submodule "unittests/bash/test_helper/bats-assert"]
path = unittests/bash/test_helper/bats-assert
url = https://github.com/bats-core/bats-assert.git
[submodule "unittests/bash/test_helper/bats-mock"]
path = unittests/bash/test_helper/bats-mock
url = https://github.com/jasonkarns/bats-mock.git

57
.gitsv/config.yaml Normal file
View File

@@ -0,0 +1,57 @@
version: '1.1' # Configuration version.
versioning:
update-major: [breaking] # Commit types used to bump major.
update-minor: [feat, perf] # Commit types used to bump minor.
update-patch: [build, ci, chore, fix, perf, refactor, test] # Commit types used to bump patch.
# When type is not present on update rules and is unknown (not mapped on commit message types);
# if ignore-unknown=false bump patch, if ignore-unknown=true do not bump version.
ignore-unknown: false
tag:
pattern: 'v%d.%d.%d' # Pattern used to create git tag.
filter: '' # Enables you to filter for considerable tags using git pattern syntax.
release-notes:
sections: # Array with each section of release note. Check template section for more information.
- name: Breaking Changes
section-type: breaking-changes
- name: Features # Name used on section.
section-type: commits # Type of the section, supported types: commits, breaking-changes.
commit-types: [feat, perf] # Commit types for commit section-type, one commit type cannot be in more than one section.
- name: Bug Fixes
section-type: commits
commit-types: [fix]
- name: Maintenance
section-type: commits
commit-types: [chore, refactor]
- name: Documentation
commit-types: [docs]
section-type: commits
- name: CI
commit-types: [ci]
section-type: commits
branches: # Git branches config.
prefix: ([a-z]+\/)? # Prefix used on branch name, it should be a regex group.
suffix: (-.*)? # Suffix used on branch name, it should be a regex group.
disable-issue: false # Set true if there is no need to recover issue id from branch name.
skip: [] # List of branch names ignored on commit message validation.
skip-detached: false # Set true if a detached branch should be ignored on commit message validation.
commit-message:
# Supported commit types.
types: [build, ci, chore, docs, feat, fix, perf, refactor, revert, style, test]
header-selector: '' # You can put in a regex here to select only a certain part of the commit message. Please define a regex group 'header'.
scope:
# Define supported scopes, if blank, scope will not be validated, if not, only scope listed will be valid.
# Don't forget to add "" on your list if you need to define scopes and keep it optional.
values: []
footer:
issue: # Use "issue: {}" if you wish to disable issue footer.
key: jira # Name used to define an issue on footer metadata.
key-synonyms: [Jira, JIRA] # Supported variations for footer metadata.
use-hash: false # If false, use :<space> separator. If true, use <space># separator.
add-value-prefix: '' # Add a prefix to issue value.
issue:
regex: '[A-Z]+-[0-9]+' # Regex for issue id.

View File

@@ -5,6 +5,7 @@
# Common VCS dirs # Common VCS dirs
.git/ .git/
.gitignore .gitignore
.gitmodules
.bzr/ .bzr/
.bzrignore .bzrignore
.hg/ .hg/
@@ -20,5 +21,21 @@
.idea/ .idea/
*.tmproj *.tmproj
.vscode/ .vscode/
#charts/ node_modules/
#Chart.lock .npmrc
package.json
package-lock.json
.gitea/
Makefile
.markdownlintignore
.markdownlint.yaml
.drone.yml
CONTRIBUTING.md
unittests/
.editorconfig
.prettierignore
.yamllint
CODEOWNERS
renovate.json5
.commitlintrc.json
.gitsv/

150
.markdownlint.yaml Normal file
View File

@@ -0,0 +1,150 @@
# markdownlint YAML configuration
# https://github.com/DavidAnson/markdownlint/blob/main/schema/.markdownlint.yaml
# Default state for all rules
default: true
# Path to configuration file to extend
extends: null
# MD003/heading-style/header-style - Heading style
MD003:
# Heading style
style: "atx"
# MD004/ul-style - Unordered list style
MD004:
style: "dash"
# MD007/ul-indent - Unordered list indentation
MD007:
# Spaces for indent
indent: 2
# Whether to indent the first level of the list
start_indented: false
# MD009/no-trailing-spaces - Trailing spaces
MD009:
# Spaces for line break
br_spaces: 2
# Allow spaces for empty lines in list items
list_item_empty_lines: false
# Include unnecessary breaks
strict: false
# MD010/no-hard-tabs - Hard tabs
MD010:
# Include code blocks
code_blocks: true
# MD012/no-multiple-blanks - Multiple consecutive blank lines
MD012:
# Consecutive blank lines
maximum: 1
# MD013/line-length - Line length
MD013:
# Number of characters
line_length: 200
# Number of characters for headings
heading_line_length: 100
# Number of characters for code blocks
code_block_line_length: 80
# Include code blocks
code_blocks: false
# Include tables
tables: false
# Include headings
headings: true
# Include headings
headers: true
# Strict length checking
strict: false
# Stern length checking
stern: false
# MD022/blanks-around-headings/blanks-around-headers - Headings should be surrounded by blank lines
MD022:
# Blank lines above heading
lines_above: 1
# Blank lines below heading
lines_below: 1
# MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content
MD024:
# Only check sibling headings
siblings_only: true
# MD025/single-title/single-h1 - Multiple top-level headings in the same document
MD025:
# Heading level
level: 1
# RegExp for matching title in front matter
front_matter_title: "^\\s*title\\s*[:=]"
# MD026/no-trailing-punctuation - Trailing punctuation in heading
MD026:
# Punctuation characters
punctuation: ".,;:!。,;:!"
# MD029/ol-prefix - Ordered list item prefix
MD029:
# List style
style: "one_or_ordered"
# MD030/list-marker-space - Spaces after list markers
MD030:
# Spaces for single-line unordered list items
ul_single: 1
# Spaces for single-line ordered list items
ol_single: 1
# Spaces for multi-line unordered list items
ul_multi: 1
# Spaces for multi-line ordered list items
ol_multi: 1
# MD033/no-inline-html - Inline HTML
MD033:
# Allowed elements
allowed_elements: [details, summary]
# MD035/hr-style - Horizontal rule style
MD035:
# Horizontal rule style
style: "---"
# MD036/no-emphasis-as-heading/no-emphasis-as-header - Emphasis used instead of a heading
MD036:
# Punctuation characters
punctuation: ".,;:!?。,;:!?"
# MD041/first-line-heading/first-line-h1 - First line in a file should be a top-level heading
MD041:
# Heading level
level: 1
# RegExp for matching title in front matter
front_matter_title: "^\\s*title\\s*[:=]"
# MD044/proper-names - Proper names should have the correct capitalization
MD044:
# List of proper names
names:
- docker.gitea.com
- Gitea
- PostgreSQL
- Memcached
- Prometheus
- Git
- GitOps
# Include code blocks
code_blocks: false
# MD046/code-block-style - Code block style
MD046:
# Block style
style: "fenced"
# MD048/code-fence-style - Code fence style
MD048:
# Code fence syle
style: "backtick"

4
.markdownlintignore Normal file
View File

@@ -0,0 +1,4 @@
.gitea/
node_modules/
charts/
Chart.lock

1
.npmrc Normal file
View File

@@ -0,0 +1 @@
engine-strict=true

1
.prettierignore Normal file
View File

@@ -0,0 +1 @@
Chart.lock

9
.vscode/extensions.json vendored Normal file
View File

@@ -0,0 +1,9 @@
{
"recommendations": [
"yzhang.markdown-all-in-one",
"DavidAnson.vscode-markdownlint",
"Tim-Koehler.helm-intellisense",
"esbenp.prettier-vscode",
"jetmartin.bats"
]
}

15
.vscode/settings.json vendored Normal file
View File

@@ -0,0 +1,15 @@
{
"yaml.schemas": {
"https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.8.2/schema/helm-testsuite.json": [
"/unittests/**/*.yaml"
]
},
"yaml.schemaStore.enable": true,
"[bats]": {
"editor.tabSize": 2
},
"[shellscript]": {
"files.eol": "\n",
"editor.tabSize": 2
}
}

20
.yamllint Normal file
View File

@@ -0,0 +1,20 @@
---
extends: default
ignore: |
.yamllint
node_modules
templates
unittests/bash
rules:
truthy:
allowed-values: ['true', 'false']
check-keys: False
level: error
line-length: disable
document-start: disable
comments:
min-spaces-from-content: 1
braces:
max-spaces-inside: 2

1
CODEOWNERS Normal file
View File

@@ -0,0 +1 @@
charts/* @justusbunsi @pat-s

80
CONTRIBUTING.md Normal file
View File

@@ -0,0 +1,80 @@
# Contribution Guidelines
Any type of contribution is welcome; from new features, bug fixes, tests,
refactorings for easier maintainability or documentation improvements.
## Development environment
- [`node`](https://nodejs.org/en/) at least current LTS
- [`helm`](https://helm.sh/docs/intro/install/)
- `make` is optional; you may call the commands directly
When using Visual Studio Code as IDE, a [ready-to-use profile](.vscode/) is available.
## Documentation Requirements
The `README.md` must include all configuration options.
The parameters section is generated by extracting the parameter annotations from the `values.yaml` file, by using [this tool](https://github.com/bitnami-labs/readme-generator-for-helm).
If changes were made on configuration options, run `make readme` to update the README file.
The ToC is created via the VSCode [Markdown All in One](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one) extension which can/must also be used used to update it.
## Pull Request Requirements
When submitting or updating a PR:
- make sure it passes CI builds.
- do not make independent changes in one PR.
- try to avoid rebases. They make code reviews for large PRs and comments much harder.
- if applicable, use the PR template for a well-defined PR description.
- clearly mark breaking changes.
- format the PR title following the [conventional commits](https://www.conventionalcommits.org/en/v1.0.0/#specification) schema
## Local development & testing
For local development and testing of pull requests, the following workflow can
be used:
1. Install `minikube` and `helm`.
1. Start a `minikube` cluster via `minikube start`.
1. From the `gitea/helm-gitea` directory execute the following command.
This will install the dependencies listed in `Chart.yml` and deploy the current state of the helm chart found locally.
If you want to test a branch, make sure to switch to the respective branch first.
`helm install --dependency-update gitea . -f values.yaml`.
1. Gitea is now deployed in `minikube`.
To access it, it's port needs to be forwarded first from `minikube` to localhost first via `kubectl --namespace
default port-forward svc/gitea-http 3000:3000`.
Now Gitea is accessible at [http://localhost:3000](http://localhost:3000).
### Unit tests
#### Helm templating tests
```bash
# install the unittest plugin
$ helm plugin install https://github.com/helm-unittest/helm-unittest
# run the Helm unittests
make unittests-helm
```
See [plugin documentation](https://github.com/helm-unittest/helm-unittest/blob/main/DOCUMENT.md) for usage instructions.
#### Bash script tests
```bash
# setup the environment
git submodule update --init --recursive
# run the bash tests
make unittests-bash
```
See [bats documentation](https://bats-core.readthedocs.io/en/stable/) for usage instructions.
## Release process
1. Ensure you have [`git-sv`](https://github.com/thegeeklab/git-sv) installed
1. Run `git sv tag` (this creates and pushes the tag following the respective next tag according to the semver commits issued since the last release)
1. Let CI do it's work

15
Chart.lock Normal file
View File

@@ -0,0 +1,15 @@
dependencies:
- name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts
version: 16.7.4
- name: postgresql-ha
repository: oci://registry-1.docker.io/bitnamicharts
version: 16.0.6
- name: valkey-cluster
repository: oci://registry-1.docker.io/bitnamicharts
version: 3.0.10
- name: valkey
repository: oci://registry-1.docker.io/bitnamicharts
version: 3.0.9
digest: sha256:aeafc605b86db0ff3999cd808af1c9ca3a6a749aae0d42f2fdae89803b3bb60a
generated: "2025-05-25T00:23:17.804516988Z"

View File

@@ -3,8 +3,9 @@ name: gitea
description: Gitea Helm chart for Kubernetes description: Gitea Helm chart for Kubernetes
type: application type: application
version: 0.0.0 version: 0.0.0
appVersion: 1.14.2 # renovate datasource=github-releases depName=go-gitea/gitea extractVersion=^v(?<version>.*)$
icon: https://docs.gitea.io/images/gitea.png appVersion: 1.23.8
icon: https://gitea.com/assets/img/logo.svg
keywords: keywords:
- git - git
@@ -14,9 +15,9 @@ keywords:
- gitea - gitea
- gogs - gogs
sources: sources:
- https://gitea.com/gitea/helm-chart - https://gitea.com/gitea/helm-gitea
- https://github.com/go-gitea/gitea - https://github.com/go-gitea/gitea
- https://hub.docker.com/r/gitea/gitea/ - https://docker.gitea.com/gitea
maintainers: maintainers:
- name: Charlie Drage - name: Charlie Drage
email: charlie@charliedrage.com email: charlie@charliedrage.com
@@ -26,21 +27,29 @@ maintainers:
email: konrad.lother@novum-rgi.de email: konrad.lother@novum-rgi.de
- name: Lucas Hahn - name: Lucas Hahn
email: lucas.hahn@novum-rgi.de email: lucas.hahn@novum-rgi.de
- name: Steven Kriegler
email: sk.bunsenbrenner@gmail.com
- name: Patrick Schratz
email: patrick.schratz@gmail.com
dependencies: dependencies:
- name: memcached # https://github.com/bitnami/charts/blob/main/bitnami/postgresql
repository: https://charts.bitnami.com/bitnami - name: postgresql
version: 4.2.20 repository: oci://registry-1.docker.io/bitnamicharts
condition: gitea.cache.builtIn.enabled version: 16.7.4
- name: mysql condition: postgresql.enabled
repository: https://charts.bitnami.com/bitnami # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml
version: 6.14.10 - name: postgresql-ha
condition: gitea.database.builtIn.mysql.enabled repository: oci://registry-1.docker.io/bitnamicharts
- name: postgresql version: 16.0.6
repository: https://charts.bitnami.com/bitnami condition: postgresql-ha.enabled
version: 9.7.2 # https://github.com/bitnami/charts/blob/main/bitnami/valkey-cluster/Chart.yaml
condition: gitea.database.builtIn.postgresql.enabled - name: valkey-cluster
- name: mariadb repository: oci://registry-1.docker.io/bitnamicharts
repository: https://charts.bitnami.com/bitnami version: 3.0.10
version: 8.0.0 condition: valkey-cluster.enabled
condition: gitea.database.builtIn.mariadb.enabled # https://github.com/bitnami/charts/blob/main/bitnami/valkey/Chart.yaml
- name: valkey
repository: oci://registry-1.docker.io/bitnamicharts
version: 3.0.9
condition: valkey.enabled

26
Makefile Normal file
View File

@@ -0,0 +1,26 @@
SHELL := /usr/bin/env bash -O globstar
.PHONY: prepare-environment
prepare-environment:
npm install
.PHONY: readme
readme: prepare-environment
npm run readme:parameters
npm run readme:lint
.PHONY: unittests
unittests: unittests-helm unittests-bash
.PHONY: unittests-helm
unittests-helm:
helm unittest --strict -f 'unittests/helm/**/*.yaml' -f 'unittests/helm/values-conflicting-checks.yaml' ./
.PHONY: unittests-bash
unittests-bash:
./unittests/bash/bats/bin/bats --pretty ./unittests/bash/tests/**/*.bats
.PHONY: helm
update-helm-dependencies:
helm dependency update

1561
README.md

File diff suppressed because it is too large Load Diff

178
docs/ha-setup.md Normal file
View File

@@ -0,0 +1,178 @@
# High Availability
All components (in-memory DB, volume/asset storage, code indexer) used by Gitea must be deployed in a HA-ready fashion to achieve a full HA-ready Gitea deployment.
The following document explains how to achieve this for all individual components.
The resulting Gitea deployment will consist of ~ 10 pods (depending on the chosen components and their replicas).
One should evaluate upfront whether a HA-deployment is required as switching between HA/non-HA comes with some effort.
For production instances, HA is always recommended to increase uptime and have a frictionless update process.
A general comment about chart dependencies and external services:
Instead of relying on chart dependencies, it is often better to rely on an external, (managed) instances (in-memory database, asset storage provider, database, etc.).
Many cloud providers offer such services, at least for databases or in-memory databases.
They might cost a bit more than using a self-hosted k8s variant but are usually easier to maintain and scale, if needed.
Also they can be centrally managed and are not linked to the Gitea helm chart or namespace.
Please consider using external services before you start with your Gitea HA setup, it will make your life (and the life of the Gitea maintainers) easier.
This helm chart tries to help as much as possible to simplify and assert the provisioning of a HA-ready Gitea instance by implementing smart conditionals if `replicaCount` is set to a value > 1.
Nevertheless, we cannot guarantee for every possible combination of Gitea settings to work together perfectly in a HA setup.
As a general advice, we recommend to have a test environment aside on which to test possible changes/upgrades before applying these to a production installation.
## Requirements for HA
Storage-wise, the HA-Gitea setup requires a RWX file-system which can be shared among the deployment-based replica pods.
In addition, the following components are required for full HA-readiness:
- A HA-ready issue (and optionally code) indexer: `elasticsearch` or `meilisearch`
- A HA-ready external object/asset storage (`minio`) (optional, assets can also be stored on the RWX file-system)
- A HA-ready cache (`valkey-cluster`)
- A HA-ready DB
`postgres.enabled`, which default to `true`, must be set to `false` for a HA setup.
The default `postgres` chart dependency is not HA-ready (there's a dedicated `postgres-ha` chart).
The following sections discuss each of the components in more detail.
Note that for each component discussed, the shown configurations only provides a (working) starting point, not necessarily the most optimal setup.
We try to optimize this document over time as we have gained more experience with HA setups from users.
## Indexers (Issues and code/repo)
The default code indexer `bleve` is not able to allow multiple connections and hence cannot be used in a HA setup.
Alternatives are `elasticsearch` and `meilisearch` (as of >= 1.19.2).
Unless you have an existing `elasticsearch` cluster, we recommend using `meilisearch` as it is faster and requires way less resources.
Unfortunately, `meilisearch` does only support the `ISSUE_INDEXER` and not the `REPO_INDEXER` yet ([tracking issue](https://github.com/go-gitea/gitea/pull/24149)).
This means that the `REPO_INDEXER` must still be disabled for a HA setup right now.
An alternative to the two options above for the `ISSUE_INDEXER` is `"db"`, however we recommend to just go with `meilisearch` in this case and to not bother the DB with indexing.
To configure `meilisearch` within Gitea, do the following:
```yml
gitea:
config:
indexer:
ISSUE_INDEXER_CONN_STR: <http://meilisearch.<namespace>.svc.cluster.local:7700>
ISSUE_INDEXER_ENABLED: true
ISSUE_INDEXER_TYPE: meilisearch
REPO_INDEXER_ENABLED: false
# REPO_INDEXER_TYPE: meilisearch # not yet working
```
Unfortunately `meilisearch` cannot be deployed in HA as of now.
Nevertheless it allows for multiple Gitea requests at the same time and is therefore required in a HA setup.
Exemplary configuration for the [meilisearch-kubernetes](https://github.com/meilisearch/meilisearch-kubernetes/tree/main/charts/meilisearch) chart:
```yaml
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 5Gi
```
## Cache, session and queue
A `valkey` instance is required for the in-memory cache.
Two options exist:
- `valkey`
- `valkey-cluster`
The chart provides `valkey-cluster` as a dependency as this one can be used for both HA and non-HA setups.
You're also welcome to go with `valkey` if you prefer or already have a running instance.
It should be noted that `valkey-cluster` support is only available starting with Gitea 1.19.2.
You can also configure an external (managed) `valkey` instance to be used.
To do so, you need to set the following configuration values yourself:
- `gitea.config.queue.TYPE`: valkey`
- `gitea.config.queue.CONN_STR`: `<your valkey connection string>`
- `gitea.config.session.PROVIDER`: `valkey`
- `gitea.config.session.PROVIDER_CONFIG`: `<your valkey connection string>`
- `gitea.config.cache.ENABLED`: `true`
- `gitea.config.cache.ADAPTER`: `valkey`
- `gitea.config.cache.HOST`: `<your valkey connection string>`
By default, the `valkey-cluster` chart provisions three standalone master nodes of which each has a single replica.
To reduce the number of pods for a default Gitea deployment, we opted to omit the replicas (`replicas: 0`) by default.
Only the minimum required number of master pods for a functional `valkey-cluster` deployment are provisioned.
For a "proper" `valkey-cluster` setup however, we recommend to set `replicas: 1` and `nodes: 6`.
## Object and asset storage
Object/asset storage refers to the storage of attachments, avatars, LFS files, etc.
While most of these can be stored on the RWX file-system, it is recommended to use an external S3-compatible object storage for such, mainly for performance reasons.
By default the chart provisions a single RWO volume to store everything (repos, avatars, packages, etc.).
This volume cannot be mounted by multiple pods.
Hence, a RWX volume is required and (optionally) an external HA-ready object storage.
> **Note:** Double-check that the file permissions are set correctly on the RWX volume! That is everything should be owned by the `git` user which usually has `uid=1000` and `gid=1000`.
To use `minio` you need to deploy and configure an external `minio` instance yourself and explicitly define the `STORAGE_TYPE` values as shown below.
Note that `MINIO_BUCKET` here is just a name and does not refer to a S3 bucket.
It's the root access point for all objects belonging to the respective application, i.e., to Gitea in this case.
```yaml
gitea:
config:
attachment:
STORAGE_TYPE: minio
lfs:
STORAGE_TYPE: minio
picture:
AVATAR_STORAGE_TYPE: minio
"storage.packages":
STORAGE_TYPE: minio
storage:
MINIO_ENDPOINT: <minio-headless.<namespace>.svc.cluster.local:9000>
MINIO_LOCATION: <location>
MINIO_ACCESS_KEY_ID: <access key>
MINIO_SECRET_ACCESS_KEY: <secret key>
MINIO_BUCKET: <bucket name>
MINIO_USE_SSL: false
```
Exemplary configuration for the [bitnami minio](https://github.com/bitnami/charts/blob/main/bitnami/minio) chart:
```yaml
auth:
rootUser: minio
mode: distributed
replicaCount: 4
persistence:
enabled: true
size: 20Gi
accessModes:
- ReadWriteOnce
```
## Database
If you do not have an HA-ready DB, using a managed database service in the cloud might be the easiest and most robust solution.
Remember: disable the built-in `postgres` dependency and configure the database connection manually via `gitea.config.database`:
```yml
gitea:
database:
builtIn:
postgresql:
enabled: false
config:
database:
DB_TYPE: postgres
HOST: <host>
NAME: <name>
USER: <user>
```
## Known issues
- Currently Cron jobs are run on all replicas as no leader election is implemented.
See [https://github.com/go-gitea/gitea/issues/13791](https://github.com/go-gitea/gitea/issues/13791) for a discussion and possible solution.
- Running with multiple replicas slows down Gitea a bit, i.e. page loading time increases.

1663
package-lock.json generated Normal file

File diff suppressed because it is too large Load Diff

19
package.json Normal file
View File

@@ -0,0 +1,19 @@
{
"name": "gitea-helm",
"homepage": "https://gitea.com/gitea/helm-gitea.git",
"license": "MIT",
"private": true,
"engineStrict": true,
"engines": {
"node": ">=16.0.0",
"npm": ">=8.0.0"
},
"scripts": {
"readme:lint": "markdownlint *.md -f",
"readme:parameters": "readme-generator -v values.yaml -r README.md"
},
"devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.5.0",
"markdownlint-cli": "^0.44.0"
}
}

124
renovate.json5 Normal file
View File

@@ -0,0 +1,124 @@
{
$schema: 'https://docs.renovatebot.com/renovate-schema.json',
extends: [
'gitea>gitea/renovate-config',
':automergeMinor',
'schedule:automergeDaily',
'schedule:weekends',
],
labels: [
'kind/dependency',
],
digest: {
automerge: true,
},
automergeStrategy: 'squash',
'git-submodules': {
enabled: true,
},
customManagers: [
{
description: 'Gitea-version of https://docs.renovatebot.com/presets-regexManagers/#regexmanagersgithubactionsversions',
customType: 'regex',
managerFilePatterns: [
'/.gitea/workflows/.+\\.ya?ml$/',
],
matchStrings: [
'# renovate: datasource=(?<datasource>[a-z-.]+?) depName=(?<depName>[^\\s]+?)(?: (?:lookupName|packageName)=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?<currentValue>.+?)["\']?\\s',
],
},
{
description: 'Detect helm-unittest yaml schema file',
customType: 'regex',
managerFilePatterns: [
'/.vscode/settings\\.json$/',
],
matchStrings: [
'https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json',
],
datasourceTemplate: 'github-releases',
},
{
description: 'Automatically detect new Gitea releases',
customType: 'regex',
managerFilePatterns: [
'/(^|/)Chart\\.yaml$/',
],
matchStrings: [
'# renovate datasource=(?<datasource>\\S+) depName=(?<depName>\\S+) extractVersion=(?<extractVersion>\\S+)\\nappVersion:\\s?(?<currentValue>\\S+)\\n',
],
},
],
packageRules: [
{
groupName: 'subcharts (minor & patch)',
matchManagers: [
'helmv3',
],
matchUpdateTypes: [
'minor',
'patch',
'digest',
],
},
{
groupName: 'bats testing framework',
matchManagers: [
'git-submodules',
],
matchUpdateTypes: [
'minor',
'patch',
'digest',
],
},
{
groupName: 'workflow dependencies (minor & patch)',
matchManagers: [
'github-actions',
'npm',
'custom.regex',
],
matchUpdateTypes: [
'minor',
'patch',
'digest',
],
matchFileNames: [
'!Chart.yaml',
],
},
{
description: 'Update README.md on changes in values.yaml',
matchManagers: [
'helm-values',
],
postUpgradeTasks: {
commands: [
'install-tool node',
'make readme',
],
fileFilters: [
'README.md',
],
executionMode: 'update',
},
},
{
description: 'Override changelog url for Helm image, to have release notes in our PRs',
matchDepNames: [
'alpine/helm',
],
changelogUrl: 'https://github.com/helm/helm',
},
{
description: 'Bump Gitea as fast as possible - not only on weekends',
matchDepNames: [
'go-gitea/gitea',
],
schedule: [
'at any time',
],
},
],
}

43
scripts/act_runner/token.sh Executable file
View File

@@ -0,0 +1,43 @@
#!/bin/sh
set -eu
timeout_delay=15
check_token() {
set +e
echo "Checking for existing token..."
token="$(kubectl get secret "$SECRET_NAME" -o jsonpath="{.data['token']}" 2> /dev/null)"
[ $? -ne 0 ] && return 1
[ -z "$token" ] && return 2
return 0
}
create_token() {
echo "Waiting for new token to be generated..."
begin=$(date +%s)
end=$((begin + timeout_delay))
while true; do
[ -f /data/actions/token ] && return 0
[ "$(date +%s)" -gt $end ] && return 1
sleep 5
done
}
store_token() {
echo "Storing the token in Kubernetes secret..."
kubectl patch secret "$SECRET_NAME" -p "{\"data\":{\"token\":\"$(base64 /data/actions/token | tr -d '\n')\"}}"
}
if check_token; then
echo "Key already in place, exiting."
exit
fi
if ! create_token; then
echo "Checking for an existing act runner token in secret $SECRET_NAME timed out after $timeout_delay"
exit 1
fi
store_token

View File

@@ -0,0 +1,154 @@
#!/usr/bin/env bash
set -euo pipefail
function env2ini::log() {
printf "${1}\n"
}
function env2ini::read_config_to_env() {
local section="${1}"
local line="${2}"
if [[ -z "${line}" ]]; then
# skip empty line
return
fi
# 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line
local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)"
if [[ -z "${setting}" ]]; then
env2ini::log ' ! invalid setting'
exit 1
fi
local value=''
local regex="^${setting}(\s*)=(\s*)(.*)"
if [[ $line =~ $regex ]]; then
value="${BASH_REMATCH[3]}"
else
env2ini::log ' ! invalid setting'
exit 1
fi
env2ini::log " + '${setting}'"
if [[ -z "${section}" ]]; then
export "GITEA____${setting^^}=${value}" # '^^' makes the variable content uppercase
return
fi
local masked_section="${section//./_0X2E_}" # '//' instructs to replace all matches
masked_section="${masked_section//-/_0X2D_}"
export "GITEA__${masked_section^^}__${setting^^}=${value}" # '^^' makes the variable content uppercase
}
function env2ini::reload_preset_envs() {
env2ini::log "Reloading preset envs..."
while read -r line; do
if [[ -z "${line}" ]]; then
# skip empty line
return
fi
# 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line
local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)"
if [[ -z "${setting}" ]]; then
env2ini::log ' ! invalid setting'
exit 1
fi
local value=''
local regex="^${setting}(\s*)=(\s*)(.*)"
if [[ $line =~ $regex ]]; then
value="${BASH_REMATCH[3]}"
else
env2ini::log ' ! invalid setting'
exit 1
fi
env2ini::log " + '${setting}'"
export "${setting^^}=${value}" # '^^' makes the variable content uppercase
done < "$TMP_EXISTING_ENVS_FILE"
rm $TMP_EXISTING_ENVS_FILE
}
function env2ini::process_config_file() {
local config_file="${1}"
local section="$(basename "${config_file}")"
if [[ $section == '_generals_' ]]; then
env2ini::log " [ini root]"
section=''
else
env2ini::log " ${section}"
fi
while read -r line; do
env2ini::read_config_to_env "${section}" "${line}"
done < <(awk 1 "${config_file}") # Helm .toYaml trims the trailing new line which breaks line processing; awk 1 ... adds it back while reading
}
function env2ini::load_config_sources() {
local path="${1}"
if [[ -d "${path}" ]]; then
env2ini::log "Processing $(basename "${path}")..."
while read -d '' configFile; do
env2ini::process_config_file "${configFile}"
done < <(find "${path}" -type l -not -name '..data' -print0)
env2ini::log "\n"
fi
}
function env2ini::generate_initial_secrets() {
# These environment variables will either be
# - overwritten with user defined values,
# - initially used to set up Gitea
# Anyway, they won't harm existing app.ini files
export GITEA__SECURITY__INTERNAL_TOKEN=$(gitea generate secret INTERNAL_TOKEN)
export GITEA__SECURITY__SECRET_KEY=$(gitea generate secret SECRET_KEY)
export GITEA__OAUTH2__JWT_SECRET=$(gitea generate secret JWT_SECRET)
export GITEA__SERVER__LFS_JWT_SECRET=$(gitea generate secret LFS_JWT_SECRET)
env2ini::log "...Initial secrets generated\n"
}
# save existing envs prior to script execution. Necessary to keep order of preexisting and custom envs
env | (grep -e '^GITEA__' || [[ $? == 1 ]]) > $TMP_EXISTING_ENVS_FILE
# MUST BE CALLED BEFORE OTHER CONFIGURATION
env2ini::generate_initial_secrets
env2ini::load_config_sources "$ENV_TO_INI_MOUNT_POINT/inlines/"
env2ini::load_config_sources "$ENV_TO_INI_MOUNT_POINT/additionals/"
# load existing envs to override auto generated envs
env2ini::reload_preset_envs
env2ini::log "=== All configuration sources loaded ===\n"
# safety to prevent rewrite of secret keys if an app.ini already exists
if [ -f ${GITEA_APP_INI} ]; then
env2ini::log 'An app.ini file already exists. To prevent overwriting secret keys, these settings are dropped and remain unchanged:'
env2ini::log ' - security.INTERNAL_TOKEN'
env2ini::log ' - security.SECRET_KEY'
env2ini::log ' - oauth2.JWT_SECRET'
env2ini::log ' - server.LFS_JWT_SECRET'
unset GITEA__SECURITY__INTERNAL_TOKEN
unset GITEA__SECURITY__SECRET_KEY
unset GITEA__OAUTH2__JWT_SECRET
unset GITEA__SERVER__LFS_JWT_SECRET
fi
environment-to-ini -o $GITEA_APP_INI

View File

@@ -0,0 +1,4 @@
#!/usr/bin/env bash
set -eu
gpg --batch --import "$TMP_RAW_GPG_KEY"

View File

@@ -1,7 +1,9 @@
1. Get the application URL by running these commands: 1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }} {{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }} {{- range $host := .Values.ingress.hosts }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host }}/ {{- range .paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
{{- end }}
{{- end }} {{- end }}
{{- else if contains "NodePort" .Values.service.http.type }} {{- else if contains "NodePort" .Values.service.http.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "gitea.fullname" . }}) export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "gitea.fullname" . }})
@@ -16,3 +18,19 @@
echo "Visit http://127.0.0.1:{{ .Values.service.http.port }} to use your application" echo "Visit http://127.0.0.1:{{ .Values.service.http.port }} to use your application"
kubectl --namespace {{ .Release.Namespace }} port-forward svc/{{ .Release.Name }}-http {{ .Values.service.http.port }}:{{ .Values.service.http.port }} kubectl --namespace {{ .Release.Namespace }} port-forward svc/{{ .Release.Name }}-http {{ .Values.service.http.port }}:{{ .Values.service.http.port }}
{{- end }} {{- end }}
{{- $warnings := list -}}
{{- if eq (get .Values.gitea.config.cache "ADAPTER") "memory" -}}
{{- $warnings = append $warnings "Gitea uses 'memory' for caching which is not recommended for production use. See https://docs.gitea.com/next/administration/config-cheat-sheet#cache-cache for available options." -}}
{{- end }}
{{- if eq (get .Values.gitea.config.queue "TYPE") "level" -}}
{{- $warnings = append $warnings "Gitea uses 'leveldb' for queue actions which is not recommended for production use. See https://docs.gitea.com/next/administration/config-cheat-sheet#queue-queue-and-queue for available options." -}}
{{- end }}
{{- if eq (get .Values.gitea.config.session "PROVIDER") "memory" -}}
{{- $warnings = append $warnings "Gitea uses 'memory' for sessions which is not recommended for production use. See https://docs.gitea.com/next/administration/config-cheat-sheet#session-session for available options." -}}
{{- end }}
{{- if gt (len $warnings) 0 }}
2. Review these warnings:
{{- range $warnings }}
- {{ . }}
{{- end }}
{{- end }}

View File

@@ -2,6 +2,7 @@
{{/* {{/*
Expand the name of the chart. Expand the name of the chart.
*/}} */}}
{{- define "gitea.name" -}} {{- define "gitea.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}} {{- end -}}
@@ -24,6 +25,13 @@ If release name contains chart name it will be used as a full name.
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{/*
Create a default worker name.
*/}}
{{- define "gitea.workername" -}}
{{- printf "%s-%s" .global.Release.Name .worker | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* {{/*
Create chart name and version as used by the chart label. Create chart name and version as used by the chart label.
*/}} */}}
@@ -35,10 +43,48 @@ Create chart name and version as used by the chart label.
Create image name and tag used by the deployment. Create image name and tag used by the deployment.
*/}} */}}
{{- define "gitea.image" -}} {{- define "gitea.image" -}}
{{- $name := .Values.image.repository -}} {{- $fullOverride := .Values.image.fullOverride | default "" -}}
{{- $tag := ternary .Values.image.version .Values.image.tag (hasKey .Values.image "version") -}} {{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}}
{{- $repository := .Values.image.repository -}}
{{- $separator := ":" -}}
{{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}}
{{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}} {{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}}
{{- printf "%s:%s%s" $name $tag $rootless -}} {{- $digest := "" -}}
{{- if .Values.image.digest }}
{{- $digest = (printf "@%s" (.Values.image.digest | toString)) -}}
{{- end -}}
{{- if $fullOverride }}
{{- printf "%s" $fullOverride -}}
{{- else if $registry }}
{{- printf "%s/%s%s%s%s%s" $registry $repository $separator $tag $rootless $digest -}}
{{- else -}}
{{- printf "%s%s%s%s%s" $repository $separator $tag $rootless $digest -}}
{{- end -}}
{{- end -}}
{{/*
Docker Image Registry Secret Names evaluating values as templates
*/}}
{{- define "gitea.images.pullSecrets" -}}
{{- $pullSecrets := .Values.imagePullSecrets -}}
{{- range .Values.global.imagePullSecrets -}}
{{- $pullSecrets = append $pullSecrets (dict "name" .) -}}
{{- end -}}
{{- if (not (empty $pullSecrets)) }}
imagePullSecrets:
{{ toYaml $pullSecrets }}
{{- end }}
{{- end -}}
{{/*
Storage Class
*/}}
{{- define "gitea.persistence.storageClass" -}}
{{- $storageClass := (tpl ( default "" .Values.persistence.storageClass) .) | default (tpl ( default "" .Values.global.storageClass) .) }}
{{- if $storageClass }}
storageClassName: {{ $storageClass | quote }}
{{- end }}
{{- end -}} {{- end -}}
{{/* {{/*
@@ -48,10 +94,17 @@ Common labels
helm.sh/chart: {{ include "gitea.chart" . }} helm.sh/chart: {{ include "gitea.chart" . }}
app: {{ include "gitea.name" . }} app: {{ include "gitea.name" . }}
{{ include "gitea.selectorLabels" . }} {{ include "gitea.selectorLabels" . }}
{{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
version: {{ .Chart.AppVersion | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }} {{- end -}}
{{- define "gitea.labels.actRunner" -}}
helm.sh/chart: {{ include "gitea.chart" . }}
app: {{ include "gitea.name" . }}-act-runner
{{ include "gitea.selectorLabels.actRunner" . }}
app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}} {{- end -}}
@@ -63,78 +116,356 @@ app.kubernetes.io/name: {{ include "gitea.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}} {{- end -}}
{{- define "db.servicename" -}} {{- define "gitea.selectorLabels.actRunner" -}}
{{- if .Values.gitea.database.builtIn.postgresql.enabled -}} app.kubernetes.io/name: {{ include "gitea.name" . }}-act-runner
{{- printf "%s-postgresql" .Release.Name -}} app.kubernetes.io/instance: {{ .Release.Name }}
{{- else if .Values.gitea.database.builtIn.mysql.enabled -}}
{{- printf "%s-mysql" .Release.Name -}}
{{- else if .Values.gitea.database.builtIn.mariadb.enabled -}}
{{- printf "%s-mariadb" .Release.Name -}}
{{- else if ne .Values.gitea.config.database.DB_TYPE "sqlite3" -}}
{{- $parts := split ":" .Values.gitea.config.database.HOST -}}
{{- printf "%s %s" $parts._0 $parts._1 -}}
{{- end -}}
{{- end -}} {{- end -}}
{{- define "db.port" -}} {{- define "postgresql-ha.dns" -}}
{{- if .Values.gitea.database.builtIn.postgresql.enabled -}} {{- if (index .Values "postgresql-ha").enabled -}}
{{ .Values.postgresql.global.postgresql.servicePort }} {{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}}
{{- else if .Values.gitea.database.builtIn.mysql.enabled -}}
{{ .Values.mysql.service.port }}
{{- else if .Values.gitea.database.builtIn.mariadb.enabled -}}
{{ .Values.mariadb.primary.service.port }}
{{- else -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "postgresql.dns" -}} {{- define "postgresql.dns" -}}
{{- printf "%s-postgresql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.postgresql.global.postgresql.servicePort -}} {{- if (index .Values "postgresql").enabled -}}
{{- printf "%s-postgresql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.postgresql.global.postgresql.service.ports.postgresql -}}
{{- end -}}
{{- end -}} {{- end -}}
{{- define "mysql.dns" -}} {{- define "valkey.dns" -}}
{{- printf "%s-mysql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.mysql.service.port | trunc 63 | trimSuffix "-" -}} {{- if and ((index .Values "valkey-cluster").enabled) ((index .Values "valkey").enabled) -}}
{{- fail "valkey and valkey-cluster cannot be enabled at the same time. Please only choose one." -}}
{{- else if (index .Values "valkey-cluster").enabled -}}
{{- printf "redis+cluster://:%s@%s-valkey-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "valkey-cluster").global.valkey.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "valkey-cluster").service.ports.valkey -}}
{{- else if (index .Values "valkey").enabled -}}
{{- printf "redis://:%s@%s-valkey-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "valkey").global.valkey.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "valkey").master.service.ports.valkey -}}
{{- end -}}
{{- end -}} {{- end -}}
{{- define "mariadb.dns" -}} {{- define "valkey.port" -}}
{{- printf "%s-mariadb.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.mariadb.primary.service.port | trunc 63 | trimSuffix "-" -}} {{- if (index .Values "valkey-cluster").enabled -}}
{{ (index .Values "valkey-cluster").service.ports.valkey }}
{{- else if (index .Values "valkey").enabled -}}
{{ (index .Values "valkey").master.service.ports.valkey }}
{{- end -}}
{{- end -}} {{- end -}}
{{- define "memcached.dns" -}} {{- define "valkey.servicename" -}}
{{- printf "%s-memcached.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.memcached.service.port | trunc 63 | trimSuffix "-" -}} {{- if (index .Values "valkey-cluster").enabled -}}
{{- printf "%s-valkey-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
{{- else if (index .Values "valkey").enabled -}}
{{- printf "%s-valkey-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
{{- end -}}
{{- end -}} {{- end -}}
{{- define "gitea.default_domain" -}} {{- define "gitea.default_domain" -}}
{{- printf "%s-gitea.%s.svc.%s" (include "gitea.fullname" .) .Release.Namespace .Values.clusterDomain | trunc 63 | trimSuffix "-" -}} {{- printf "%s-http.%s.svc.%s" (include "gitea.fullname" .) .Release.Namespace .Values.clusterDomain -}}
{{- end -}} {{- end -}}
{{- define "gitea.ldap_settings" -}} {{- define "gitea.ldap_settings" -}}
{{- if or (not (hasKey .Values.gitea.ldap "bindDn")) (not (hasKey .Values.gitea.ldap "bind-dn")) -}} {{- $idx := index . 0 }}
{{- $_ := set .Values.gitea.ldap "bindDn" "" -}} {{- $values := index . 1 }}
{{- if not (hasKey $values "bindDn") -}}
{{- $_ := set $values "bindDn" "" -}}
{{- end -}} {{- end -}}
{{- if or (not (hasKey .Values.gitea.ldap "bindPassword")) (not (hasKey .Values.gitea.ldap "bind-password")) -}} {{- if not (hasKey $values "bindPassword") -}}
{{- $_ := set .Values.gitea.ldap "bindPassword" "" -}} {{- $_ := set $values "bindPassword" "" -}}
{{- end -}} {{- end -}}
{{- range $key, $val := .Values.gitea.ldap -}} {{- $flags := list "notActive" "skipTlsVerify" "allowDeactivateAll" "synchronizeUsers" "attributesInBind" -}}
{{- range $key, $val := $values -}}
{{- if and (ne $key "enabled") (ne $key "existingSecret") -}} {{- if and (ne $key "enabled") (ne $key "existingSecret") -}}
{{- if eq ($key | kebabcase) "bind-dn" -}} {{- if eq $key "bindDn" -}}
{{- printf "--%s %s " ($key | kebabcase) ("${GITEA_LDAP_BIND_DN}" | quote ) -}} {{- printf "--%s \"${GITEA_LDAP_BIND_DN_%d}\" " ($key | kebabcase) ($idx) -}}
{{- else if eq ($key | kebabcase) "bind-password" -}} {{- else if eq $key "bindPassword" -}}
{{- printf "--%s %s " ($key | kebabcase) ("${GITEA_LDAP_PASSWORD}" | quote ) -}} {{- printf "--%s \"${GITEA_LDAP_PASSWORD_%d}\" " ($key | kebabcase) ($idx) -}}
{{- else if eq $key "port" -}} {{- else if eq $key "port" -}}
{{- printf "--%s %d " ($key | kebabcase) ($val | int) -}} {{- printf "--%s %d " $key ($val | int) -}}
{{- else if has $key $flags -}}
{{- printf "--%s " ($key | kebabcase) -}}
{{- else -}} {{- else -}}
{{- printf "--%s %s " ($key | kebabcase) ($val | quote) -}} {{- printf "--%s %s " ($key | kebabcase) ($val | squote) -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "gitea.oauth_settings" -}} {{- define "gitea.oauth_settings" -}}
{{- range $key, $val := .Values.gitea.oauth -}} {{- $idx := index . 0 }}
{{- if ne $key "enabled" -}} {{- $values := index . 1 }}
{{- if not (hasKey $values "key") -}}
{{- $_ := set $values "key" (printf "${GITEA_OAUTH_KEY_%d}" $idx) -}}
{{- end -}}
{{- if not (hasKey $values "secret") -}}
{{- $_ := set $values "secret" (printf "${GITEA_OAUTH_SECRET_%d}" $idx) -}}
{{- end -}}
{{- range $key, $val := $values -}}
{{- if ne $key "existingSecret" -}}
{{- printf "--%s %s " ($key | kebabcase) ($val | quote) -}} {{- printf "--%s %s " ($key | kebabcase) ($val | quote) -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "gitea.public_protocol" -}}
{{- if and .Values.ingress.enabled (gt (len .Values.ingress.tls) 0) -}}
https
{{- else -}}
{{ .Values.gitea.config.server.PROTOCOL }}
{{- end -}}
{{- end -}}
{{- define "gitea.inline_configuration" -}}
{{- include "gitea.inline_configuration.init" . -}}
{{- include "gitea.inline_configuration.defaults" . -}}
{{- $generals := list -}}
{{- $inlines := dict -}}
{{- range $key, $value := .Values.gitea.config }}
{{- if kindIs "map" $value }}
{{- if gt (len $value) 0 }}
{{- $section := default list (get $inlines $key) -}}
{{- range $n_key, $n_value := $value }}
{{- $section = append $section (printf "%s=%v" $n_key $n_value) -}}
{{- end }}
{{- $_ := set $inlines $key (join "\n" $section) -}}
{{- end -}}
{{- else }}
{{- if or (eq $key "APP_NAME") (eq $key "RUN_USER") (eq $key "RUN_MODE") -}}
{{- $generals = append $generals (printf "%s=%s" $key $value) -}}
{{- else -}}
{{- (printf "Key %s cannot be on top level of configuration" $key) | fail -}}
{{- end -}}
{{- end }}
{{- end }}
{{- $_ := set $inlines "_generals_" (join "\n" $generals) -}}
{{- toYaml $inlines -}}
{{- end -}}
{{- define "gitea.inline_configuration.init" -}}
{{- if not (hasKey .Values.gitea.config "cache") -}}
{{- $_ := set .Values.gitea.config "cache" dict -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "server") -}}
{{- $_ := set .Values.gitea.config "server" dict -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "metrics") -}}
{{- $_ := set .Values.gitea.config "metrics" dict -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "database") -}}
{{- $_ := set .Values.gitea.config "database" dict -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "security") -}}
{{- $_ := set .Values.gitea.config "security" dict -}}
{{- end -}}
{{- if not .Values.gitea.config.repository -}}
{{- $_ := set .Values.gitea.config "repository" dict -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "oauth2") -}}
{{- $_ := set .Values.gitea.config "oauth2" dict -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "session") -}}
{{- $_ := set .Values.gitea.config "session" dict -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "queue") -}}
{{- $_ := set .Values.gitea.config "queue" dict -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "queue.issue_indexer") -}}
{{- $_ := set .Values.gitea.config "queue.issue_indexer" dict -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "indexer") -}}
{{- $_ := set .Values.gitea.config "indexer" dict -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "actions") -}}
{{- $_ := set .Values.gitea.config "actions" dict -}}
{{- end -}}
{{- end -}}
{{- define "gitea.inline_configuration.defaults" -}}
{{- include "gitea.inline_configuration.defaults.server" . -}}
{{- include "gitea.inline_configuration.defaults.database" . -}}
{{- if not .Values.gitea.config.repository.ROOT -}}
{{- $_ := set .Values.gitea.config.repository "ROOT" "/data/git/gitea-repositories" -}}
{{- end -}}
{{- if not .Values.gitea.config.security.INSTALL_LOCK -}}
{{- $_ := set .Values.gitea.config.security "INSTALL_LOCK" "true" -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}}
{{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}}
{{- end -}}
{{- if and (not (hasKey .Values.gitea.config.metrics "TOKEN")) (.Values.gitea.metrics.token) (.Values.gitea.metrics.enabled) -}}
{{- $_ := set .Values.gitea.config.metrics "TOKEN" .Values.gitea.metrics.token -}}
{{- end -}}
{{- /* valkey queue */ -}}
{{- if or ((index .Values "valkey-cluster").enabled) ((index .Values "valkey").enabled) -}}
{{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}}
{{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "valkey.dns" .) -}}
{{- $_ := set .Values.gitea.config.session "PROVIDER" "redis" -}}
{{- $_ := set .Values.gitea.config.session "PROVIDER_CONFIG" (include "valkey.dns" .) -}}
{{- $_ := set .Values.gitea.config.cache "ADAPTER" "redis" -}}
{{- $_ := set .Values.gitea.config.cache "HOST" (include "valkey.dns" .) -}}
{{- else -}}
{{- if not (get .Values.gitea.config.session "PROVIDER") -}}
{{- $_ := set .Values.gitea.config.session "PROVIDER" "memory" -}}
{{- end -}}
{{- if not (get .Values.gitea.config.session "PROVIDER_CONFIG") -}}
{{- $_ := set .Values.gitea.config.session "PROVIDER_CONFIG" "" -}}
{{- end -}}
{{- if not (get .Values.gitea.config.queue "TYPE") -}}
{{- $_ := set .Values.gitea.config.queue "TYPE" "level" -}}
{{- end -}}
{{- if not (get .Values.gitea.config.queue "CONN_STR") -}}
{{- $_ := set .Values.gitea.config.queue "CONN_STR" "" -}}
{{- end -}}
{{- if not (get .Values.gitea.config.cache "ADAPTER") -}}
{{- $_ := set .Values.gitea.config.cache "ADAPTER" "memory" -}}
{{- end -}}
{{- if not (get .Values.gitea.config.cache "HOST") -}}
{{- $_ := set .Values.gitea.config.cache "HOST" "" -}}
{{- end -}}
{{- end -}}
{{- if not .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE -}}
{{- $_ := set .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE" "db" -}}
{{- end -}}
{{- end -}}
{{- define "gitea.inline_configuration.defaults.server" -}}
{{- if not (hasKey .Values.gitea.config.server "HTTP_PORT") -}}
{{- $_ := set .Values.gitea.config.server "HTTP_PORT" .Values.service.http.port -}}
{{- end -}}
{{- if not .Values.gitea.config.server.PROTOCOL -}}
{{- $_ := set .Values.gitea.config.server "PROTOCOL" "http" -}}
{{- end -}}
{{- if not (.Values.gitea.config.server.DOMAIN) -}}
{{- if gt (len .Values.ingress.hosts) 0 -}}
{{- $_ := set .Values.gitea.config.server "DOMAIN" ( tpl (index .Values.ingress.hosts 0).host $) -}}
{{- else -}}
{{- $_ := set .Values.gitea.config.server "DOMAIN" (include "gitea.default_domain" .) -}}
{{- end -}}
{{- end -}}
{{- if not .Values.gitea.config.server.ROOT_URL -}}
{{- $_ := set .Values.gitea.config.server "ROOT_URL" (printf "%s://%s" (include "gitea.public_protocol" .) .Values.gitea.config.server.DOMAIN) -}}
{{- end -}}
{{- if not .Values.gitea.config.server.SSH_DOMAIN -}}
{{- $_ := set .Values.gitea.config.server "SSH_DOMAIN" .Values.gitea.config.server.DOMAIN -}}
{{- end -}}
{{- if not .Values.gitea.config.server.SSH_PORT -}}
{{- $_ := set .Values.gitea.config.server "SSH_PORT" .Values.service.ssh.port -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config.server "SSH_LISTEN_PORT") -}}
{{- if not .Values.image.rootless -}}
{{- $_ := set .Values.gitea.config.server "SSH_LISTEN_PORT" .Values.gitea.config.server.SSH_PORT -}}
{{- else -}}
{{- $_ := set .Values.gitea.config.server "SSH_LISTEN_PORT" "2222" -}}
{{- end -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config.server "START_SSH_SERVER") -}}
{{- if .Values.image.rootless -}}
{{- $_ := set .Values.gitea.config.server "START_SSH_SERVER" "true" -}}
{{- end -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config.server "APP_DATA_PATH") -}}
{{- $_ := set .Values.gitea.config.server "APP_DATA_PATH" "/data" -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config.server "ENABLE_PPROF") -}}
{{- $_ := set .Values.gitea.config.server "ENABLE_PPROF" false -}}
{{- end -}}
{{- end -}}
{{- define "gitea.inline_configuration.defaults.database" -}}
{{- if (index .Values "postgresql-ha" "enabled") -}}
{{- $_ := set .Values.gitea.config.database "DB_TYPE" "postgres" -}}
{{- if not (.Values.gitea.config.database.HOST) -}}
{{- $_ := set .Values.gitea.config.database "HOST" (include "postgresql-ha.dns" .) -}}
{{- end -}}
{{- $_ := set .Values.gitea.config.database "NAME" (index .Values "postgresql-ha" "global" "postgresql" "database") -}}
{{- $_ := set .Values.gitea.config.database "USER" (index .Values "postgresql-ha" "global" "postgresql" "username") -}}
{{- $_ := set .Values.gitea.config.database "PASSWD" (index .Values "postgresql-ha" "global" "postgresql" "password") -}}
{{- end -}}
{{- if (index .Values "postgresql" "enabled") -}}
{{- $_ := set .Values.gitea.config.database "DB_TYPE" "postgres" -}}
{{- if not (.Values.gitea.config.database.HOST) -}}
{{- $_ := set .Values.gitea.config.database "HOST" (include "postgresql.dns" .) -}}
{{- end -}}
{{- $_ := set .Values.gitea.config.database "NAME" .Values.postgresql.global.postgresql.auth.database -}}
{{- $_ := set .Values.gitea.config.database "USER" .Values.postgresql.global.postgresql.auth.username -}}
{{- $_ := set .Values.gitea.config.database "PASSWD" .Values.postgresql.global.postgresql.auth.password -}}
{{- end -}}
{{- end -}}
{{- define "gitea.init-additional-mounts" -}}
{{- /* Honor the deprecated extraVolumeMounts variable when defined */ -}}
{{- if gt (len .Values.extraInitVolumeMounts) 0 -}}
{{- toYaml .Values.extraInitVolumeMounts -}}
{{- else if gt (len .Values.extraVolumeMounts) 0 -}}
{{- toYaml .Values.extraVolumeMounts -}}
{{- end -}}
{{- end -}}
{{- define "gitea.container-additional-mounts" -}}
{{- /* Honor the deprecated extraVolumeMounts variable when defined */ -}}
{{- if gt (len .Values.extraContainerVolumeMounts) 0 -}}
{{- toYaml .Values.extraContainerVolumeMounts -}}
{{- else if gt (len .Values.extraVolumeMounts) 0 -}}
{{- toYaml .Values.extraVolumeMounts -}}
{{- end -}}
{{- end -}}
{{- define "gitea.gpg-key-secret-name" -}}
{{ default (printf "%s-gpg-key" (include "gitea.fullname" .)) .Values.signing.existingSecret }}
{{- end -}}
{{- define "gitea.serviceAccountName" -}}
{{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }}
{{- end -}}
{{- define "ingress.annotations" -}}
{{- if .Values.ingress.annotations }}
annotations:
{{- $tp := typeOf .Values.ingress.annotations }}
{{- if eq $tp "string" }}
{{- tpl .Values.ingress.annotations . | nindent 4 }}
{{- else }}
{{- toYaml .Values.ingress.annotations | nindent 4 }}
{{- end }}
{{- end }}
{{- end -}}
{{- define "gitea.admin.passwordMode" -}}
{{- if has .Values.gitea.admin.passwordMode (tuple "keepUpdated" "initialOnlyNoReset" "initialOnlyRequireReset") -}}
{{ .Values.gitea.admin.passwordMode }}
{{- else -}}
{{ printf "gitea.admin.passwordMode must be set to one of 'keepUpdated', 'initialOnlyNoReset', or 'initialOnlyRequireReset'. Received: '%s'" .Values.gitea.admin.passwordMode | fail }}
{{- end -}}
{{- end -}}
{{/* Create a functioning probe object for rendering. Given argument must be either a livenessProbe, readinessProbe, or startupProbe */}}
{{- define "gitea.deployment.probe" -}}
{{- $probe := unset . "enabled" -}}
{{- $probeKeys := keys $probe -}}
{{- $containsCustomMethod := false -}}
{{- $chartDefaultMethod := "tcpSocket" -}}
{{- $nonChartDefaultMethods := list "exec" "httpGet" "grpc" -}}
{{- range $probeKeys -}}
{{- if has . $nonChartDefaultMethods -}}
{{- $containsCustomMethod = true -}}
{{- end -}}
{{- end -}}
{{- if $containsCustomMethod -}}
{{- $probe = unset . $chartDefaultMethod -}}
{{- end -}}
{{- toYaml $probe -}}
{{- end -}}
{{- define "gitea.metrics-secret-name" -}}
{{ default (printf "%s-metrics-secret" (include "gitea.fullname" .)) }}
{{- end -}}

View File

@@ -0,0 +1,3 @@
{{- if .Values.actions -}}
{{- fail "The actions sub-chart has been outsourced to a dedicated chart available at https://gitea.com/gitea/helm-actions. For assistance with the migration process, check https://gitea.com/gitea/helm-actions/issues/9." -}}
{{- end -}}

View File

@@ -1,148 +1,57 @@
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "gitea.fullname" . }} name: {{ include "gitea.fullname" . }}-inline-config
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
type: Opaque type: Opaque
stringData: stringData:
app.ini: |- {{- include "gitea.inline_configuration" . | nindent 2 }}
{{- if not (hasKey .Values.gitea.config "cache") -}} ---
{{- $_ := set .Values.gitea.config "cache" dict -}} apiVersion: v1
{{- end -}} kind: Secret
metadata:
name: {{ include "gitea.fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
type: Opaque
stringData:
{{ (.Files.Glob "scripts/init-containers/config/*.sh").AsConfig | indent 2 }}
assertions: |
{{- if not (hasKey .Values.gitea.config "server") -}} {{- /*assert that only one PG dep is enabled */ -}}
{{- $_ := set .Values.gitea.config "server" dict -}} {{- if and (.Values.postgresql.enabled) (index .Values "postgresql-ha" "enabled") -}}
{{- end -}} {{- fail "Only one of postgresql or postgresql-ha can be enabled at the same time." -}}
{{- end }}
{{- if not (hasKey .Values.gitea.config "metrics") -}} {{- /* multiple replicas assertions */ -}}
{{- $_ := set .Values.gitea.config "metrics" dict -}} {{- if gt .Values.replicaCount 1.0 -}}
{{- end -}} {{- if .Values.gitea.config.cron -}}
{{- if .Values.gitea.config.cron.GIT_GC_REPOS -}}
{{- if not (hasKey .Values.gitea.config "database") -}} {{- if eq .Values.gitea.config.cron.GIT_GC_REPOS.ENABLED true -}}
{{- $_ := set .Values.gitea.config "database" dict -}} {{ fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'gitea.config.cron.GIT_GC_REPOS.enabled = false'." }}
{{- end -}}
{{- if not (hasKey .Values.gitea.config "security") -}}
{{- $_ := set .Values.gitea.config "security" dict -}}
{{- end -}}
{{- if not .Values.gitea.config.repository -}}
{{- $_ := set .Values.gitea.config "repository" dict -}}
{{- end -}}
{{- /* repository default settings */ -}}
{{- if not .Values.gitea.config.repository.ROOT -}}
{{- $_ := set .Values.gitea.config.repository "ROOT" "/data/git/gitea-repositories" -}}
{{- end -}}
{{- /* security default settings */ -}}
{{- if not .Values.gitea.config.security.INSTALL_LOCK -}}
{{- $_ := set .Values.gitea.config.security "INSTALL_LOCK" "true" -}}
{{- end -}}
{{- /* server default settings */ -}}
{{- if not (hasKey .Values.gitea.config.server "HTTP_PORT") -}}
{{- $_ := set .Values.gitea.config.server "HTTP_PORT" .Values.service.http.port -}}
{{- end -}}
{{- if not .Values.gitea.config.server.PROTOCOL -}}
{{- $_ := set .Values.gitea.config.server "PROTOCOL" "http" -}}
{{- end -}}
{{- if not (.Values.gitea.config.server.DOMAIN) -}}
{{- if gt (len .Values.ingress.hosts) 0 -}}
{{- $_ := set .Values.gitea.config.server "DOMAIN" (index .Values.ingress.hosts 0) -}}
{{- else -}}
{{- $_ := set .Values.gitea.config.server "DOMAIN" (include "gitea.default_domain" .) -}}
{{- end -}}
{{- end -}}
{{- if not .Values.gitea.config.server.ROOT_URL -}}
{{- if .Values.ingress.enabled -}}
{{- if gt (len .Values.ingress.tls) 0 -}}
{{- $_ := set .Values.gitea.config.server "ROOT_URL" (printf "%s://%s" .Values.gitea.config.server.PROTOCOL (index (index .Values.ingress.tls 0).hosts 0)) -}}
{{- else -}}
{{- $_ := set .Values.gitea.config.server "ROOT_URL" (printf "%s://%s" .Values.gitea.config.server.PROTOCOL (index .Values.ingress.hosts 0)) -}}
{{- end -}}
{{- else -}}
{{- $_ := set .Values.gitea.config.server "ROOT_URL" (printf "%s://%s" .Values.gitea.config.server.PROTOCOL .Values.gitea.config.server.DOMAIN) -}}
{{- end -}}
{{- end -}}
{{- if not .Values.gitea.config.server.SSH_DOMAIN -}}
{{- $_ := set .Values.gitea.config.server "SSH_DOMAIN" .Values.gitea.config.server.DOMAIN -}}
{{- end -}}
{{- if not .Values.gitea.config.server.SSH_PORT -}}
{{- $_ := set .Values.gitea.config.server "SSH_PORT" .Values.service.ssh.port -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config.server "SSH_LISTEN_PORT") -}}
{{- if not .Values.image.rootless -}}
{{- $_ := set .Values.gitea.config.server "SSH_LISTEN_PORT" .Values.gitea.config.server.SSH_PORT -}}
{{- else -}}
{{- $_ := set .Values.gitea.config.server "SSH_LISTEN_PORT" "2222" -}}
{{- end -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config.server "START_SSH_SERVER") -}}
{{- if .Values.image.rootless -}}
{{- $_ := set .Values.gitea.config.server "START_SSH_SERVER" "true" -}}
{{- end -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config.server "APP_DATA_PATH") -}}
{{- $_ := set .Values.gitea.config.server "APP_DATA_PATH" "/data" -}}
{{- end -}}
{{- if not (hasKey .Values.gitea.config.server "ENABLE_PPROF") -}}
{{- $_ := set .Values.gitea.config.server "ENABLE_PPROF" false -}}
{{- end -}}
{{- /* metrics default settings */ -}}
{{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}}
{{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}}
{{- end -}}
{{- /* database default settings */ -}}
{{- if .Values.gitea.database.builtIn.postgresql.enabled -}}
{{- $_ := set .Values.gitea.config.database "DB_TYPE" "postgres" -}}
{{- if not (.Values.gitea.config.database.HOST) -}}
{{- $_ := set .Values.gitea.config.database "HOST" (include "postgresql.dns" .) -}}
{{- end -}}
{{- $_ := set .Values.gitea.config.database "NAME" .Values.postgresql.global.postgresql.postgresqlDatabase -}}
{{- $_ := set .Values.gitea.config.database "USER" .Values.postgresql.global.postgresql.postgresqlUsername -}}
{{- $_ := set .Values.gitea.config.database "PASSWD" .Values.postgresql.global.postgresql.postgresqlPassword -}}
{{ else if .Values.gitea.database.builtIn.mysql.enabled -}}
{{- $_ := set .Values.gitea.config.database "DB_TYPE" "mysql" -}}
{{- if not (.Values.gitea.config.database.HOST) -}}
{{- $_ := set .Values.gitea.config.database "HOST" (include "mysql.dns" .) -}}
{{- end -}}
{{- $_ := set .Values.gitea.config.database "NAME" .Values.mysql.db.name -}}
{{- $_ := set .Values.gitea.config.database "USER" .Values.mysql.db.user -}}
{{- $_ := set .Values.gitea.config.database "PASSWD" .Values.mysql.db.password -}}
{{ else if .Values.gitea.database.builtIn.mariadb.enabled -}}
{{- $_ := set .Values.gitea.config.database "DB_TYPE" "mysql" -}}
{{- if not (.Values.gitea.config.database.HOST) -}}
{{- $_ := set .Values.gitea.config.database "HOST" (include "mariadb.dns" .) -}}
{{- end -}}
{{- $_ := set .Values.gitea.config.database "NAME" .Values.mariadb.auth.database -}}
{{- $_ := set .Values.gitea.config.database "USER" .Values.mariadb.auth.username -}}
{{- $_ := set .Values.gitea.config.database "PASSWD" .Values.mariadb.auth.password -}}
{{- end -}}
{{- /* cache default settings */ -}}
{{- if .Values.gitea.cache.builtIn.enabled -}}
{{- $_ := set .Values.gitea.config.cache "ENABLED" "true" -}}
{{- $_ := set .Values.gitea.config.cache "ADAPTER" "memcache" -}}
{{- if not (.Values.gitea.config.cache.HOST) -}}
{{- $_ := set .Values.gitea.config.cache "HOST" (include "memcached.dns" .) -}}
{{- end -}}
{{- end -}}
{{- /* autogenerate app.ini */ -}}
{{- range $key, $value := .Values.gitea.config }}
{{- if kindIs "map" $value }}
{{- if gt (len $value) 0 }}
[{{ $key }}]
{{- range $n_key, $n_value := $value }}
{{ $n_key | upper }} = {{ $n_value }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- else }} {{- end }}
{{ $key | upper }} = {{ $value }}
{{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}}
{{- fail "When using multiple replicas, a RWX file system is required and persistence.accessModes[0] must be set to ReadWriteMany." -}}
{{- end }}
{{- if .Values.gitea.config.indexer -}}
{{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}}
{{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}}
{{- end }}
{{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}}
{{- if eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve" -}}
{{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}}
{{- if eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED true -}}
{{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

View File

@@ -0,0 +1,426 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "gitea.fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
annotations:
{{- if .Values.deployment.annotations }}
{{- toYaml .Values.deployment.annotations | nindent 4 }}
{{- end }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.deployment.labels }}
{{- toYaml .Values.deployment.labels | nindent 4 }}
{{- end }}
spec:
replicas: {{ .Values.replicaCount }}
strategy:
type: {{ .Values.strategy.type }}
{{- if eq .Values.strategy.type "RollingUpdate" }}
rollingUpdate:
maxUnavailable: {{ .Values.strategy.rollingUpdate.maxUnavailable }}
maxSurge: {{ .Values.strategy.rollingUpdate.maxSurge }}
{{- end }}
selector:
matchLabels:
{{- include "gitea.selectorLabels" . | nindent 6 }}
{{- if .Values.deployment.labels }}
{{- toYaml .Values.deployment.labels | nindent 6 }}
{{- end }}
template:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/gitea/config.yaml") . | sha256sum }}
{{- range $idx, $value := .Values.gitea.ldap }}
checksum/ldap_{{ $idx }}: {{ include "gitea.ldap_settings" (list $idx $value) | sha256sum }}
{{- end }}
{{- range $idx, $value := .Values.gitea.oauth }}
checksum/oauth_{{ $idx }}: {{ include "gitea.oauth_settings" (list $idx $value) | sha256sum }}
{{- end }}
{{- with .Values.gitea.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "gitea.labels" . | nindent 8 }}
{{- if .Values.deployment.labels }}
{{- toYaml .Values.deployment.labels | nindent 8 }}
{{- end }}
spec:
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- if (or .Values.serviceAccount.create .Values.serviceAccount.name) }}
serviceAccountName: {{ include "gitea.serviceAccountName" . }}
{{- end }}
{{- if .Values.priorityClassName }}
priorityClassName: "{{ .Values.priorityClassName }}"
{{- end }}
{{- include "gitea.images.pullSecrets" . | nindent 6 }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
- name: init-directories
image: "{{ include "gitea.image" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/init_directory_structure.sh"
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
{{- if .Values.deployment.env }}
{{- toYaml .Values.deployment.env | nindent 12 }}
{{- end }}
{{- if .Values.signing.enabled }}
- name: GNUPGHOME
value: {{ .Values.signing.gpgHome }}
{{- end }}
volumeMounts:
- name: init
mountPath: {{ .Values.initContainersScriptsVolumeMountPath }}
- name: temp
mountPath: /tmp
- name: data
mountPath: /data
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
{{- include "gitea.init-additional-mounts" . | nindent 12 }}
securityContext:
{{- toYaml .Values.containerSecurityContext | nindent 12 }}
resources:
{{- toYaml .Values.initContainers.resources | nindent 12 }}
- name: init-app-ini
image: "{{ include "gitea.image" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/config_environment.sh"
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
{{- if .Values.deployment.env }}
{{- toYaml .Values.deployment.env | nindent 12 }}
{{- end }}
{{- if .Values.gitea.additionalConfigFromEnvs }}
{{- tpl (toYaml .Values.gitea.additionalConfigFromEnvs) $ | nindent 12 }}
{{- end }}
volumeMounts:
- name: config
mountPath: {{ .Values.initContainersScriptsVolumeMountPath }}
- name: temp
mountPath: /tmp
- name: data
mountPath: /data
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
- name: inline-config-sources
mountPath: /env-to-ini-mounts/inlines/
{{- range $idx, $value := .Values.gitea.additionalConfigSources }}
- name: additional-config-sources-{{ $idx }}
mountPath: "/env-to-ini-mounts/additionals/{{ $idx }}/"
{{- end }}
{{- include "gitea.init-additional-mounts" . | nindent 12 }}
securityContext:
{{- toYaml .Values.containerSecurityContext | nindent 12 }}
resources:
{{- toYaml .Values.initContainers.resources | nindent 12 }}
{{- if .Values.signing.enabled }}
- name: configure-gpg
image: "{{ include "gitea.image" . }}"
command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/configure_gpg_environment.sh"
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- /* By default this container runs as user 1000 unless otherwise stated */ -}}
{{- $csc := deepCopy .Values.containerSecurityContext -}}
{{- if not (hasKey $csc "runAsUser") -}}
{{- $_ := set $csc "runAsUser" 1000 -}}
{{- end -}}
{{- toYaml $csc | nindent 12 }}
env:
- name: GNUPGHOME
value: {{ .Values.signing.gpgHome }}
- name: TMP_RAW_GPG_KEY
value: /raw/private.asc
volumeMounts:
- name: init
mountPath: {{ .Values.initContainersScriptsVolumeMountPath }}
- name: data
mountPath: /data
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
- name: gpg-private-key
mountPath: /raw
readOnly: true
{{- if .Values.extraVolumeMounts }}
{{- toYaml .Values.extraVolumeMounts | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.initContainers.resources | nindent 12 }}
{{- end }}
- name: configure-gitea
image: "{{ include "gitea.image" . }}"
command:
- "{{ .Values.initContainersScriptsVolumeMountPath }}/configure_gitea.sh"
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{- /* By default this container runs as user 1000 unless otherwise stated */ -}}
{{- $csc := deepCopy .Values.containerSecurityContext -}}
{{- if not (hasKey $csc "runAsUser") -}}
{{- $_ := set $csc "runAsUser" 1000 -}}
{{- end -}}
{{- toYaml $csc | nindent 12 }}
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
{{- if .Values.image.rootless }}
- name: HOME
value: /data/gitea/git
{{- end }}
{{- if .Values.gitea.ldap }}
{{- range $idx, $value := .Values.gitea.ldap }}
{{- if $value.existingSecret }}
- name: GITEA_LDAP_BIND_DN_{{ $idx }}
valueFrom:
secretKeyRef:
key: bindDn
name: {{ $value.existingSecret }}
- name: GITEA_LDAP_PASSWORD_{{ $idx }}
valueFrom:
secretKeyRef:
key: bindPassword
name: {{ $value.existingSecret }}
{{- else }}
- name: GITEA_LDAP_BIND_DN_{{ $idx }}
value: {{ $value.bindDn | quote }}
- name: GITEA_LDAP_PASSWORD_{{ $idx }}
value: {{ $value.bindPassword | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.gitea.oauth }}
{{- range $idx, $value := .Values.gitea.oauth }}
{{- if $value.existingSecret }}
- name: GITEA_OAUTH_KEY_{{ $idx }}
valueFrom:
secretKeyRef:
key: key
name: {{ $value.existingSecret }}
- name: GITEA_OAUTH_SECRET_{{ $idx }}
valueFrom:
secretKeyRef:
key: secret
name: {{ $value.existingSecret }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.gitea.admin.existingSecret }}
- name: GITEA_ADMIN_USERNAME
valueFrom:
secretKeyRef:
key: username
name: {{ .Values.gitea.admin.existingSecret }}
- name: GITEA_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: {{ .Values.gitea.admin.existingSecret }}
{{- else }}
- name: GITEA_ADMIN_USERNAME
value: {{ .Values.gitea.admin.username | quote }}
- name: GITEA_ADMIN_PASSWORD
value: {{ .Values.gitea.admin.password | quote }}
{{- end }}
- name: GITEA_ADMIN_PASSWORD_MODE
value: {{ include "gitea.admin.passwordMode" $ }}
{{- if .Values.deployment.env }}
{{- toYaml .Values.deployment.env | nindent 12 }}
{{- end }}
volumeMounts:
- name: init
mountPath: {{ .Values.initContainersScriptsVolumeMountPath }}
- name: temp
mountPath: /tmp
- name: data
mountPath: /data
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
{{- include "gitea.init-additional-mounts" . | nindent 12 }}
resources:
{{- toYaml .Values.initContainers.resources | nindent 12 }}
terminationGracePeriodSeconds: {{ .Values.deployment.terminationGracePeriodSeconds }}
containers:
- name: {{ .Chart.Name }}
image: "{{ include "gitea.image" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
# SSH Port values have to be set here as well for openssh configuration
- name: SSH_LISTEN_PORT
value: {{ .Values.gitea.config.server.SSH_LISTEN_PORT | quote }}
- name: SSH_PORT
value: {{ .Values.gitea.config.server.SSH_PORT | quote }}
{{- if not .Values.image.rootless }}
- name: SSH_LOG_LEVEL
value: {{ .Values.gitea.ssh.logLevel | quote }}
{{- end }}
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
{{- if and (hasKey .Values.resources "limits") (hasKey .Values.resources.limits "cpu") }}
- name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: "1"
resource: limits.cpu
{{- end }}
- name: TMPDIR
value: /tmp/gitea
{{- if .Values.image.rootless }}
- name: HOME
value: /data/gitea/git
{{- end }}
{{- if .Values.signing.enabled }}
- name: GNUPGHOME
value: {{ .Values.signing.gpgHome }}
{{- end }}
{{- if .Values.deployment.env }}
{{- toYaml .Values.deployment.env | nindent 12 }}
{{- end }}
ports:
- name: ssh
containerPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }}
{{- if .Values.service.ssh.hostPort }}
hostPort: {{ .Values.service.ssh.hostPort }}
{{- end }}
- name: http
containerPort: {{ .Values.gitea.config.server.HTTP_PORT }}
{{- if .Values.gitea.config.server.ENABLE_PPROF }}
- name: profiler
containerPort: 6060
{{- end }}
{{- if .Values.gitea.livenessProbe.enabled }}
livenessProbe:
{{- include "gitea.deployment.probe" .Values.gitea.livenessProbe | nindent 12 }}
{{- end }}
{{- if .Values.gitea.readinessProbe.enabled }}
readinessProbe:
{{- include "gitea.deployment.probe" .Values.gitea.readinessProbe | nindent 12 }}
{{- end }}
{{- if .Values.gitea.startupProbe.enabled }}
startupProbe:
{{- include "gitea.deployment.probe" .Values.gitea.startupProbe | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
securityContext:
{{- /* Honor the deprecated securityContext variable when defined */ -}}
{{- if .Values.containerSecurityContext -}}
{{ toYaml .Values.containerSecurityContext | nindent 12 -}}
{{- else -}}
{{ toYaml .Values.securityContext | nindent 12 -}}
{{- end }}
volumeMounts:
- name: temp
mountPath: /tmp
- name: data
mountPath: /data
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
{{- include "gitea.container-additional-mounts" . | nindent 12 }}
{{- if .Values.extraContainers }}
{{- toYaml .Values.extraContainers | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- range $key, $value := .Values.nodeSelector }}
nodeSelector:
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.dnsConfig }}
dnsConfig:
{{- toYaml .Values.dnsConfig | nindent 8 }}
{{- end }}
volumes:
- name: init
secret:
secretName: {{ include "gitea.fullname" . }}-init
defaultMode: 110
- name: config
secret:
secretName: {{ include "gitea.fullname" . }}
defaultMode: 110
{{- if gt (len .Values.extraVolumes) 0 }}
{{- toYaml .Values.extraVolumes | nindent 8 }}
{{- end }}
- name: inline-config-sources
secret:
secretName: {{ include "gitea.fullname" . }}-inline-config
{{- range $idx, $value := .Values.gitea.additionalConfigSources }}
- name: additional-config-sources-{{ $idx }}
{{- toYaml $value | nindent 10 }}
{{- end }}
- name: temp
emptyDir: {}
{{- if .Values.signing.enabled }}
- name: gpg-private-key
secret:
secretName: {{ include "gitea.gpg-key-secret-name" . }}
items:
- key: privateKey
path: private.asc
defaultMode: 0100
{{- end }}
{{- if .Values.persistence.enabled }}
{{- if .Values.persistence.mount }}
- name: data
persistentVolumeClaim:
claimName: {{ .Values.persistence.claimName }}
{{- end }}
{{- else if not .Values.persistence.enabled }}
- name: data
emptyDir: {}
{{- end }}

View File

@@ -0,0 +1,34 @@
{{- if .Values.checkDeprecation -}}
{{/* CUSTOM PROBES */}}
{{- if .Values.gitea.customLivenessProbe -}}
{{- fail "`gitea.customLivenessProbe` does no longer exist. Please refer to the changelog and configure `gitea.livenessProbe` instead." -}}
{{- end -}}
{{- if .Values.gitea.customReadinessProbe -}}
{{- fail "`gitea.customReadinessProbe` does no longer exist. Please refer to the changelog and configure `gitea.readinessProbe` instead." -}}
{{- end -}}
{{- if .Values.gitea.customStartupProbe -}}
{{- fail "`gitea.customStartupProbe` does no longer exist. Please refer to the changelog and configure `gitea.startupProbe` instead." -}}
{{- end -}}
{{/* LDAP SOURCES */}}
{{- if kindIs "map" .Values.gitea.ldap -}}
{{- fail "You can configure multiple LDAP sources. Please refer to the changelog and switch `gitea.ldap` from object to array notation." -}}
{{- end -}}
{{/* OAUTH SOURCES */}}
{{- if kindIs "map" .Values.gitea.oauth -}}
{{- fail "You can configure multiple OAuth sources. Please refer to the changelog and switch `gitea.oauth` from object to array notation." -}}
{{- end -}}
{{/* BUILTIN */}}
{{- if .Values.gitea.cache -}}
{{- if .Values.gitea.cache.builtIn -}}
{{- fail "`gitea.cache.builtIn` does no longer exist. Please use `memcached` at root level instead." -}}
{{- end -}}
{{- end -}}
{{- if .Values.gitea.database -}}
{{- if .Values.gitea.database.builtIn -}}
{{- fail "`gitea.database.builtIn` does no longer exist. Builtin databases can be configured inside the dependencies itself. Please refer to the changelog." -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@@ -0,0 +1,8 @@
{{- range .Values.extraDeploy }}
---
{{- if typeIs "string" . }}
{{- tpl . $ }}
{{- else }}
{{- tpl (. | toYaml) $ }}
{{- end }}
{{- end }}

View File

@@ -0,0 +1,17 @@
{{- if .Values.signing.enabled -}}
{{- if and (empty .Values.signing.privateKey) (empty .Values.signing.existingSecret) -}}
{{- fail "Either specify `signing.privateKey` or `signing.existingSecret`" -}}
{{- end }}
{{- if and (not (empty .Values.signing.privateKey)) (empty .Values.signing.existingSecret) -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "gitea.gpg-key-secret-name" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
type: Opaque
data:
privateKey: {{ .Values.signing.privateKey | b64enc }}
{{- end }}
{{- end }}

View File

@@ -2,13 +2,21 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ include "gitea.fullname" . }}-http name: {{ include "gitea.fullname" . }}-http
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.service.http.labels }}
{{- toYaml .Values.service.http.labels | nindent 4 }}
{{- end }}
annotations: annotations:
{{- toYaml .Values.service.http.annotations | nindent 4 }} {{- toYaml .Values.service.http.annotations | nindent 4 }}
spec: spec:
type: {{ .Values.service.http.type }} type: {{ .Values.service.http.type }}
{{- if and .Values.service.http.loadBalancerIP (eq .Values.service.http.type "LoadBalancer") }} {{- if eq .Values.service.http.type "LoadBalancer" }}
{{- if .Values.service.http.loadBalancerClass }}
loadBalancerClass: {{ .Values.service.http.loadBalancerClass }}
{{- end }}
{{- if and .Values.service.http.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.http.loadBalancerIP }} loadBalancerIP: {{ .Values.service.http.loadBalancerIP }}
{{- end }} {{- end }}
{{- if .Values.service.http.loadBalancerSourceRanges }} {{- if .Values.service.http.loadBalancerSourceRanges }}
@@ -17,10 +25,18 @@ spec:
- {{ . }} - {{ . }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }}
{{- if .Values.service.http.externalIPs }} {{- if .Values.service.http.externalIPs }}
externalIPs: externalIPs:
{{- toYaml .Values.service.http.externalIPs | nindent 4 }} {{- toYaml .Values.service.http.externalIPs | nindent 4 }}
{{- end }} {{- end }}
{{- if .Values.service.http.ipFamilyPolicy }}
ipFamilyPolicy: {{ .Values.service.http.ipFamilyPolicy }}
{{- end }}
{{- with .Values.service.http.ipFamilies }}
ipFamilies:
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- if .Values.service.http.externalTrafficPolicy }} {{- if .Values.service.http.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.service.http.externalTrafficPolicy }} externalTrafficPolicy: {{ .Values.service.http.externalTrafficPolicy }}
{{- end }} {{- end }}

View File

@@ -1,51 +1,62 @@
{{- if .Values.ingress.enabled -}} {{- if .Values.ingress.enabled -}}
{{- $fullName := include "gitea.fullname" . -}} {{- $fullName := include "gitea.fullname" . -}}
{{- $httpPort := .Values.service.http.port -}} {{- $httpPort := .Values.service.http.port -}}
{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}}
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress" -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress kind: Ingress
metadata: metadata:
name: {{ $fullName }} name: {{ $fullName }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations: annotations:
{{- toYaml . | nindent 4 }} {{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }} {{- end }}
spec: spec:
ingressClassName: {{ tpl .Values.ingress.className . }}
{{- if .Values.ingress.tls }} {{- if .Values.ingress.tls }}
tls: tls:
{{- range .Values.ingress.tls }} {{- range .Values.ingress.tls }}
- hosts: - hosts:
{{- range .hosts }} {{- range .hosts }}
- {{ . | quote }} - {{ tpl . $ | quote }}
{{- end }} {{- end }}
secretName: {{ .secretName }} secretName: {{ .secretName }}
{{- end }} {{- end }}
{{- end }} {{- end }}
rules: rules:
{{- range .Values.ingress.hosts }} {{- range .Values.ingress.hosts }}
- host: {{ . | quote }} - host: {{ tpl .host $ | quote }}
http: http:
paths: paths:
- path: / {{- if .paths }}
{{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }} {{- range .paths }}
pathType: Prefix {{- if kindIs "string" . }}
{{- end }} - path: {{ . }}
pathType: {{ default "Prefix" $.Values.ingress.pathType }}
backend: backend:
{{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" }}
service: service:
name: {{ $fullName }}-http name: {{ $fullName }}-http
port: port:
number: {{ $httpPort }} number: {{ $httpPort }}
{{- else }} {{- else }}
serviceName: {{ $fullName }}-http - path: {{ .path | default "/" }}
servicePort: {{ $httpPort }} pathType: {{ .pathType | default "Prefix" }}
backend:
service:
name: {{ $fullName }}-http
port:
number: {{ $httpPort }}
{{- end }}
{{- end }}
{{- else }}
- path: "/"
pathType: "Prefix"
backend:
service:
name: {{ $fullName }}-http
port:
number: {{ $httpPort }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}

View File

@@ -2,12 +2,17 @@ apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "gitea.fullname" . }}-init name: {{ include "gitea.fullname" . }}-init
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
type: Opaque type: Opaque
stringData: stringData:
init_gitea.sh: |- {{ (.Files.Glob "scripts/init-containers/init/*.sh").AsConfig | indent 2 }}
#!/bin/bash init_directory_structure.sh: |-
#!/usr/bin/env bash
set -euo pipefail
{{- if .Values.initPreScript }} {{- if .Values.initPreScript }}
# BEGIN: initPreScript # BEGIN: initPreScript
{{- with .Values.initPreScript -}} {{- with .Values.initPreScript -}}
@@ -17,58 +22,207 @@ stringData:
{{- end }} {{- end }}
{{- if not .Values.image.rootless }} {{- if not .Values.image.rootless }}
chown 1000:1000 /data chown -v 1000:1000 /data
{{- end }} {{- end }}
mkdir -p /data/git/.ssh mkdir -pv /data/git/.ssh
chmod -R 700 /data/git/.ssh chmod -Rv 700 /data/git/.ssh
mkdir -p /data/gitea/conf [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
# prepare temp directory structure # prepare temp directory structure
mkdir -p "${GITEA_TEMP}" mkdir -pv "${GITEA_TEMP}"
chown 1000:1000 "${GITEA_TEMP}" {{- if not .Values.image.rootless }}
chmod ug+rwx "${GITEA_TEMP}" chown -v 1000:1000 "${GITEA_TEMP}"
{{- end }}
chmod -v ug+rwx "${GITEA_TEMP}"
# Copy config file to writable volume {{ if .Values.signing.enabled -}}
cp /etc/gitea/conf/app.ini /data/gitea/conf/app.ini if [ ! -d "${GNUPGHOME}" ]; then
chmod a+rwx /data/gitea/conf/app.ini mkdir -pv "${GNUPGHOME}"
{{- if include "db.servicename" . }} chmod -v 700 "${GNUPGHOME}"
# Wait for database to become avialble chown -v 1000:1000 "${GNUPGHOME}"
nc -v -w2 -z {{ include "db.servicename" . }} {{ include "db.port" . }} && \ fi
{{- end }} {{- end }}
{{- if not .Values.image.rootless }}
su git -c ' \ configure_gitea.sh: |-
#!/usr/bin/env bash
set -euo pipefail
echo '==== BEGIN GITEA CONFIGURATION ===='
{ # try
gitea migrate
} || { # catch
echo "Gitea migrate might fail due to database connection...This init-container will try again in a few seconds"
exit 1
}
{{- if include "valkey.servicename" . }}
function test_valkey_connection() {
local RETRY=0
local MAX=30
echo 'Wait for valkey to become avialable...'
until [ "${RETRY}" -ge "${MAX}" ]; do
nc -vz -w2 {{ include "valkey.servicename" . }} {{ include "valkey.port" . }} && break
RETRY=$[${RETRY}+1]
echo "...not ready yet (${RETRY}/${MAX})"
done
if [ "${RETRY}" -ge "${MAX}" ]; then
echo "Valkey not reachable after '${MAX}' attempts!"
exit 1
fi
}
test_valkey_connection
{{- end }} {{- end }}
set -x; \
gitea migrate; \
{{- if and .Values.gitea.admin.username .Values.gitea.admin.password }} {{- if or .Values.gitea.admin.existingSecret (and .Values.gitea.admin.username .Values.gitea.admin.password) }}
gitea admin create-user --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email }} --admin --must-change-password=false \ function configure_admin_user() {
|| \ local full_admin_list=$(gitea admin user list --admin)
gitea admin change-password --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" \ local actual_user_table=''
|| \
gitea admin user create --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email }} --admin --must-change-password=false \ # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line
|| \ local regex="(.*)(ID\s+Username\s+Email\s+IsActive.*)"
gitea admin user change-password --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}"; \ if [[ "${full_admin_list}" =~ $regex ]]; then
actual_user_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline
else
# This code block should never be reached, as long as the output table header remains the same.
# If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.
echo "ERROR: 'configure_admin_user' was not able to determine the current list of admin users."
echo " Please review the output of 'gitea admin user list --admin' shown below."
echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-gitea/issues."
echo "DEBUG: Output of 'gitea admin user list --admin'"
echo "--"
echo "${full_admin_list}"
echo "--"
exit 1
fi
local ACCOUNT_ID=$(echo "${actual_user_table}" | grep -E "\s+${GITEA_ADMIN_USERNAME}\s+" | awk -F " " "{printf \$1}")
if [[ -z "${ACCOUNT_ID}" ]]; then
local -a create_args
create_args=(--admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }})
if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = initialOnlyRequireReset ]]; then
create_args+=(--must-change-password=true)
else
create_args+=(--must-change-password=false)
fi
echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..."
gitea admin user create "${create_args[@]}"
echo '...created.'
else
if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = keepUpdated ]]; then
echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..."
# See https://gitea.com/gitea/helm-gitea/issues/673
# --must-change-password argument was added to change-password, defaulting to true, counter to the previous behavior
# which acted as if it were provided with =false. If the argument is present in this version of gitea, then we
# should add it to prevent requiring frequent admin password resets.
local -a change_args
change_args=(--username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}")
if gitea admin user change-password --help | grep -qF -- '--must-change-password'; then
change_args+=(--must-change-password=false)
fi
gitea admin user change-password "${change_args[@]}"
echo '...password sync done.'
else
echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist, but update mode is set to '${GITEA_ADMIN_PASSWORD_MODE}'. Skipping."
fi
fi
}
configure_admin_user
{{- end }} {{- end }}
{{- if .Values.gitea.ldap.enabled }}
gitea admin auth add-ldap \ function configure_ldap() {
{{- include "gitea.ldap_settings" . | nindent 6 }} \ {{- if .Values.gitea.ldap }}
|| \ {{- range $idx, $value := .Values.gitea.ldap }}
( \ local LDAP_NAME={{ (printf "%s" $value.name) | squote }}
export GITEA_AUTH_ID=$(gitea admin auth list | grep {{ .Values.gitea.ldap.name | quote }} | awk -F " " "{print \$1}"); \ local full_auth_list=$(gitea admin auth list --vertical-bars)
gitea admin auth update-ldap --id ${GITEA_AUTH_ID} \ local actual_auth_table=''
{{- include "gitea.ldap_settings" . | nindent 6 }} \
) \ # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line
local regex="(.*)(ID\s+\|Name\s+\|Type\s+\|Enabled.*)"
if [[ "${full_auth_list}" =~ $regex ]]; then
actual_auth_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline
else
# This code block should never be reached, as long as the output table header remains the same.
# If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.
echo "ERROR: 'configure_ldap' was not able to determine the current list of authentication sources."
echo " Please review the output of 'gitea admin auth list --vertical-bars' shown below."
echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-gitea/issues."
echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'"
echo "--"
echo "${full_auth_list}"
echo "--"
exit 1
fi
local GITEA_AUTH_ID=$(echo "${actual_auth_table}" | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " " "{print \$1}")
if [[ -z "${GITEA_AUTH_ID}" ]]; then
echo "No ldap configuration found with name '${LDAP_NAME}'. Installing it now..."
gitea admin auth add-ldap {{- include "gitea.ldap_settings" (list $idx $value) | indent 1 }}
echo '...installed.'
else
echo "Existing ldap configuration with name '${LDAP_NAME}': '${GITEA_AUTH_ID}'. Running update to sync settings..."
gitea admin auth update-ldap --id "${GITEA_AUTH_ID}" {{- include "gitea.ldap_settings" (list $idx $value) | indent 1 }}
echo '...sync settings done.'
fi
{{- end }} {{- end }}
{{- if .Values.gitea.oauth.enabled }} {{- else }}
gitea admin auth add-oauth \ echo 'no ldap configuration... skipping.'
{{- include "gitea.oauth_settings" . | nindent 6 }} \
|| \
( \
export GITEA_AUTH_ID=$(gitea admin auth list | grep {{ .Values.gitea.oauth.name | quote }} | awk -F " " "{print \$1}"); \
gitea admin auth update-oauth --id ${GITEA_AUTH_ID} \
{{- include "gitea.oauth_settings" . | nindent 6 }} \
) \
{{- end }} {{- end }}
{{- if not .Values.image.rootless }} }
'
configure_ldap
function configure_oauth() {
{{- if .Values.gitea.oauth }}
{{- range $idx, $value := .Values.gitea.oauth }}
local OAUTH_NAME={{ (printf "%s" $value.name) | squote }}
local full_auth_list=$(gitea admin auth list --vertical-bars)
local actual_auth_table=''
# We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line
local regex="(.*)(ID\s+\|Name\s+\|Type\s+\|Enabled.*)"
if [[ "${full_auth_list}" =~ $regex ]]; then
actual_auth_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline
else
# This code block should never be reached, as long as the output table header remains the same.
# If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.
echo "ERROR: 'configure_oauth' was not able to determine the current list of authentication sources."
echo " Please review the output of 'gitea admin auth list --vertical-bars' shown below."
echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-gitea/issues."
echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'"
echo "--"
echo "${full_auth_list}"
echo "--"
exit 1
fi
local AUTH_ID=$(echo "${actual_auth_table}" | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " " "{print \$1}")
if [[ -z "${AUTH_ID}" ]]; then
echo "No oauth configuration found with name '${OAUTH_NAME}'. Installing it now..."
gitea admin auth add-oauth {{- include "gitea.oauth_settings" (list $idx $value) | indent 1 }}
echo '...installed.'
else
echo "Existing oauth configuration with name '${OAUTH_NAME}': '${AUTH_ID}'. Running update to sync settings..."
gitea admin auth update-oauth --id "${AUTH_ID}" {{- include "gitea.oauth_settings" (list $idx $value) | indent 1 }}
echo '...sync settings done.'
fi
{{- end }} {{- end }}
{{- else }}
echo 'no oauth configuration... skipping.'
{{- end }}
}
configure_oauth
echo '==== END GITEA CONFIGURATION ===='

View File

@@ -0,0 +1,12 @@
{{- if and (.Values.gitea.metrics.enabled) (.Values.gitea.metrics.serviceMonitor.enabled) (.Values.gitea.metrics.token) -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "gitea.metrics-secret-name" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
type: Opaque
data:
token: {{ .Values.gitea.metrics.token | b64enc }}
{{- end }}

View File

@@ -0,0 +1,18 @@
{{- if .Values.podDisruptionBudget -}}
{{- if .Capabilities.APIVersions.Has "policy/v1" }}
apiVersion: policy/v1
{{- else }}
apiVersion: policy/v1beta1
{{- end }}
kind: PodDisruptionBudget
metadata:
name: {{ include "gitea.fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
{{- include "gitea.selectorLabels" . | nindent 6 }}
{{- toYaml .Values.podDisruptionBudget | nindent 2 }}
{{- end -}}

26
templates/gitea/pvc.yaml Normal file
View File

@@ -0,0 +1,26 @@
{{- if and .Values.persistence.enabled .Values.persistence.create }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ .Values.persistence.claimName }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
annotations:
{{ .Values.persistence.annotations | toYaml | indent 4}}
labels:
{{ .Values.persistence.labels | toYaml | indent 4}}
spec:
accessModes:
{{- if gt .Values.replicaCount 1.0 }}
- ReadWriteMany
{{- else }}
{{- .Values.persistence.accessModes | toYaml | nindent 4 }}
{{- end }}
volumeMode: Filesystem
{{- include "gitea.persistence.storageClass" . | nindent 2 }}
{{- with .Values.persistence.volumeName }}
volumeName: {{ . }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size }}
{{- end }}

View File

@@ -0,0 +1,21 @@
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "gitea.serviceAccountName" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.labels }}
{{- . | toYaml | nindent 4 }}
{{- end }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- . | toYaml | nindent 4 }}
{{- end }}
automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
{{- with .Values.serviceAccount.imagePullSecrets }}
imagePullSecrets:
{{- . | toYaml | nindent 2 }}
{{- end }}
{{- end }}

View File

@@ -1,8 +1,9 @@
{{- if .Values.gitea.metrics.serviceMonitor.enabled -}} {{- if and .Values.gitea.metrics.enabled .Values.gitea.metrics.serviceMonitor.enabled -}}
apiVersion: monitoring.coreos.com/v1 apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor kind: ServiceMonitor
metadata: metadata:
name: {{ include "gitea.fullname" . }} name: {{ include "gitea.fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.gitea.metrics.serviceMonitor.additionalLabels }} {{- if .Values.gitea.metrics.serviceMonitor.additionalLabels }}
@@ -14,4 +15,29 @@ spec:
{{- include "gitea.selectorLabels" . | nindent 6 }} {{- include "gitea.selectorLabels" . | nindent 6 }}
endpoints: endpoints:
- port: http - port: http
{{- if .Values.gitea.metrics.serviceMonitor.interval }}
interval: {{ .Values.gitea.metrics.serviceMonitor.interval }}
{{- end }}
{{- with .Values.gitea.metrics.serviceMonitor.relabelings }}
relabelings:
{{- . | toYaml | nindent 6 }}
{{- end }}
{{- if .Values.gitea.metrics.serviceMonitor.scheme }}
scheme: {{ .Values.gitea.metrics.serviceMonitor.scheme }}
{{- end }}
{{- if .Values.gitea.metrics.serviceMonitor.scrapeTimeout }}
scrapeTimeout: {{ .Values.gitea.metrics.serviceMonitor.scrapeTimeout }}
{{- end }}
{{- with .Values.gitea.metrics.serviceMonitor.tlsConfig }}
tlsConfig:
{{- . | toYaml | nindent 6 }}
{{- end }}
{{- if .Values.gitea.metrics.token }}
authorization:
type: Bearer
credentials:
name: {{ include "gitea.metrics-secret-name" . }}
key: token
optional: false
{{- end }}
{{- end -}} {{- end -}}

View File

@@ -2,13 +2,20 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ include "gitea.fullname" . }}-ssh name: {{ include "gitea.fullname" . }}-ssh
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.service.ssh.labels }}
{{- toYaml .Values.service.ssh.labels | nindent 4 }}
{{- end }}
annotations: annotations:
{{- toYaml .Values.service.ssh.annotations | nindent 4 }} {{- toYaml .Values.service.ssh.annotations | nindent 4 }}
spec: spec:
type: {{ .Values.service.ssh.type }} type: {{ .Values.service.ssh.type }}
{{- if eq .Values.service.ssh.type "LoadBalancer" }} {{- if eq .Values.service.ssh.type "LoadBalancer" }}
{{- if .Values.service.ssh.loadBalancerClass }}
loadBalancerClass: {{ .Values.service.ssh.loadBalancerClass }}
{{- end }}
{{- if .Values.service.ssh.loadBalancerIP }} {{- if .Values.service.ssh.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.ssh.loadBalancerIP }} loadBalancerIP: {{ .Values.service.ssh.loadBalancerIP }}
{{- end -}} {{- end -}}
@@ -26,13 +33,22 @@ spec:
externalIPs: externalIPs:
{{- toYaml .Values.service.ssh.externalIPs | nindent 4 }} {{- toYaml .Values.service.ssh.externalIPs | nindent 4 }}
{{- end }} {{- end }}
{{- if .Values.service.ssh.ipFamilyPolicy }}
ipFamilyPolicy: {{ .Values.service.ssh.ipFamilyPolicy }}
{{- end }}
{{- with .Values.service.ssh.ipFamilies }}
ipFamilies:
{{- toYaml . | nindent 4 }}
{{- end -}}
{{- if .Values.service.ssh.externalTrafficPolicy }} {{- if .Values.service.ssh.externalTrafficPolicy }}
externalTrafficPolicy: {{ .Values.service.ssh.externalTrafficPolicy }} externalTrafficPolicy: {{ .Values.service.ssh.externalTrafficPolicy }}
{{- end }} {{- end }}
ports: ports:
- name: ssh - name: ssh
port: {{ .Values.service.ssh.port }} port: {{ .Values.service.ssh.port }}
{{- if .Values.gitea.config.server.SSH_LISTEN_PORT }}
targetPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }} targetPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }}
{{- end }}
protocol: TCP protocol: TCP
{{- if .Values.service.ssh.nodePort }} {{- if .Values.service.ssh.nodePort }}
nodePort: {{ .Values.service.ssh.nodePort }} nodePort: {{ .Values.service.ssh.nodePort }}

View File

@@ -1,245 +0,0 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "gitea.fullname" . }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "gitea.selectorLabels" . | nindent 6 }}
{{- if .Values.statefulset.labels }}
{{- toYaml .Values.statefulset.labels | nindent 6 }}
{{- end }}
serviceName: {{ include "gitea.fullname" . }}
template:
metadata:
annotations:
checksum/config: {{ include (print $.Template.BasePath "/gitea/config.yaml") . | sha256sum }}
checksum/ldap: {{ include "gitea.ldap_settings" . | sha256sum }}
checksum/oauth: {{ include "gitea.oauth_settings" . | sha256sum }}
{{- with .Values.gitea.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "gitea.labels" . | nindent 8 }}
{{- if .Values.statefulset.labels }}
{{- toYaml .Values.statefulset.labels | nindent 8 }}
{{- end }}
spec:
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
fsGroup: 1000
initContainers:
- name: init
image: "{{ include "gitea.image" . }}"
command: ["/usr/sbin/init_gitea.sh"]
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
{{- if .Values.gitea.ldap.existingSecret }}
- name: GITEA_LDAP_BIND_DN
valueFrom:
secretKeyRef:
key: bindDn
name: {{ .Values.gitea.ldap.existingSecret }}
- name: GITEA_LDAP_PASSWORD
valueFrom:
secretKeyRef:
key: bindPassword
name: {{ .Values.gitea.ldap.existingSecret }}
{{- else }}
- name: GITEA_LDAP_BIND_DN
value: {{ .Values.gitea.ldap.bindDn | quote }}
- name: GITEA_ADMIN_PASSWORD
value: {{ .Values.gitea.ldap.bindPassword | quote }}
{{- end }}
{{- if .Values.gitea.admin.existingSecret }}
- name: GITEA_ADMIN_USERNAME
valueFrom:
secretKeyRef:
key: username
name: {{ .Values.gitea.admin.existingSecret }}
- name: GITEA_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: {{ .Values.gitea.admin.existingSecret }}
{{- else }}
- name: GITEA_ADMIN_USERNAME
value: {{ .Values.gitea.admin.username | quote }}
- name: GITEA_ADMIN_PASSWORD
value: {{ .Values.gitea.admin.password | quote }}
{{- end }}
{{- if .Values.statefulset.env }}
{{- toYaml .Values.statefulset.env | nindent 12 }}
{{- end }}
volumeMounts:
- name: init
mountPath: /usr/sbin
- name: temp
mountPath: /tmp
- name: config
mountPath: /etc/gitea/conf
- name: data
mountPath: /data
{{- if .Values.extraVolumeMounts }}
{{- toYaml .Values.extraVolumeMounts | nindent 12 }}
{{- end }}
terminationGracePeriodSeconds: {{ .Values.statefulset.terminationGracePeriodSeconds }}
containers:
- name: {{ .Chart.Name }}
image: "{{ include "gitea.image" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
# SSH Port values have to be set here as well for openssh configuration
- name: SSH_LISTEN_PORT
value: {{ .Values.gitea.config.server.SSH_LISTEN_PORT | quote }}
- name: SSH_PORT
value: {{ .Values.gitea.config.server.SSH_PORT | quote }}
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TMPDIR
value: /tmp/gitea
{{- if .Values.statefulset.env }}
{{- toYaml .Values.statefulset.env | nindent 12 }}
{{- end }}
ports:
- name: ssh
containerPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }}
- name: http
containerPort: {{ .Values.gitea.config.server.HTTP_PORT }}
{{- if .Values.gitea.config.server.ENABLE_PPROF }}
- name: profiler
containerPort: 6060
{{- end }}
{{- if .Values.gitea.livenessProbe.enabled }}
livenessProbe:
tcpSocket:
port: http
initialDelaySeconds: {{ .Values.gitea.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.gitea.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.gitea.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.gitea.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.gitea.livenessProbe.failureThreshold }}
{{- else if .Values.gitea.customLivenessProbe }}
livenessProbe:
{{- toYaml .Values.gitea.customLivenessProbe | nindent 12 }}
{{- end }}
{{- if .Values.gitea.readinessProbe.enabled }}
readinessProbe:
tcpSocket:
port: http
initialDelaySeconds: {{ .Values.gitea.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.gitea.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.gitea.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.gitea.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.gitea.readinessProbe.failureThreshold }}
{{- else if .Values.gitea.customReadinessProbe }}
readinessProbe:
{{- toYaml .Values.gitea.customReadinessProbe | nindent 12 }}
{{- end }}
{{- if .Values.gitea.startupProbe.enabled }}
startupProbe:
tcpSocket:
port: http
initialDelaySeconds: {{ .Values.gitea.startupProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.gitea.startupProbe.periodSeconds }}
timeoutSeconds: {{ .Values.gitea.startupProbe.timeoutSeconds }}
successThreshold: {{ .Values.gitea.startupProbe.successThreshold }}
failureThreshold: {{ .Values.gitea.startupProbe.failureThreshold }}
{{- else if .Values.gitea.customStartupProbe }}
startupProbe:
{{- toYaml .Values.gitea.customStartupProbe | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
volumeMounts:
- name: temp
mountPath: /tmp
- name: data
mountPath: /data
{{- if .Values.extraVolumeMounts }}
{{- toYaml .Values.extraVolumeMounts | nindent 12 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: init
secret:
secretName: {{ include "gitea.fullname" . }}-init
defaultMode: 0777
- name: config
secret:
secretName: {{ include "gitea.fullname" . }}
{{- if .Values.extraVolumes }}
{{- toYaml .Values.extraVolumes | nindent 8 }}
{{- end }}
- name: temp
emptyDir: {}
{{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
- name: data
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim }}
{{- else if not .Values.persistence.enabled }}
- name: data
emptyDir: {}
{{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
volumeClaimTemplates:
- metadata:
name: data
{{- with .Values.persistence.annotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value }}
{{- end }}
{{- end }}
{{- with .Values.persistence.labels }}
labels:
{{- range $key, $value := . }}
{{ $key }}: {{ $value }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
{{- if .Values.persistence.storageClass }}
storageClassName: {{ .Values.persistence.storageClass | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- end }}

View File

@@ -1,7 +1,9 @@
{{- if .Values.test.enabled }}
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: "{{ include "gitea.fullname" . }}-test-connection" name: "{{ include "gitea.fullname" . }}-test-connection"
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{ include "gitea.labels" . | nindent 4 }} {{ include "gitea.labels" . | nindent 4 }}
annotations: annotations:
@@ -9,7 +11,8 @@ metadata:
spec: spec:
containers: containers:
- name: wget - name: wget
image: busybox image: "{{ .Values.test.image.name }}:{{ .Values.test.image.tag }}"
command: ['wget'] command: ['wget']
args: ['{{ include "gitea.fullname" . }}-http:{{ .Values.service.http.port }}'] args: ['{{ include "gitea.fullname" . }}-http:{{ .Values.service.http.port }}']
restartPolicy: Never restartPolicy: Never
{{- end }}

1
unittests/bash/bats Submodule

Submodule unittests/bash/bats added at 5ec2d81510

View File

@@ -0,0 +1,7 @@
#!/usr/bin/env bash
function common_setup() {
load "$TEST_ROOT/test_helper/bats-support/load"
load "$TEST_ROOT/test_helper/bats-assert/load"
load "$TEST_ROOT/test_helper/bats-mock/stub"
}

View File

@@ -0,0 +1,204 @@
#!/usr/bin/env bats
function setup() {
PROJECT_ROOT="$(git rev-parse --show-toplevel)"
TEST_ROOT="$PROJECT_ROOT/unittests/bash"
load "$TEST_ROOT/test_helper/common-setup"
common_setup
export GITEA_APP_INI="$BATS_TEST_TMPDIR/app.ini"
export TMP_EXISTING_ENVS_FILE="$BATS_TEST_TMPDIR/existing-envs"
export ENV_TO_INI_MOUNT_POINT="$BATS_TEST_TMPDIR/env-to-ini-mounts"
stub gitea \
"generate secret INTERNAL_TOKEN : echo 'mocked-internal-token'" \
"generate secret SECRET_KEY : echo 'mocked-secret-key'" \
"generate secret JWT_SECRET : echo 'mocked-jwt-secret'" \
"generate secret LFS_JWT_SECRET : echo 'mocked-lfs-jwt-secret'"
}
function teardown() {
unstub gitea
# This condition exists due to https://github.com/jasonkarns/bats-mock/pull/37 being still open
if [ $ENV_TO_INI_EXPECTED -eq 1 ]; then
unstub environment-to-ini
fi
}
# This function exists due to https://github.com/jasonkarns/bats-mock/pull/37 being still open
function expect_environment_to_ini_call() {
export ENV_TO_INI_EXPECTED=1
stub environment-to-ini \
"-o $GITEA_APP_INI : echo 'Stubbed environment-to-ini was called!'"
}
function execute_test_script() {
currentEnvsBefore=$(env | sort)
source $PROJECT_ROOT/scripts/init-containers/config/config_environment.sh
local exitCode=$?
currentEnvsAfter=$(env | sort)
# diff as unified +/- output without context before/after
diff --unified=0 <(echo "$currentEnvsBefore") <(echo "$currentEnvsAfter")
exit $exitCode
}
function write_mounted_file() {
# either "inlines" or "additionals"
scope="${1}"
file="${2}"
content="${3}"
mkdir -p "$ENV_TO_INI_MOUNT_POINT/$scope/..data/"
echo "${content}" > "$ENV_TO_INI_MOUNT_POINT/$scope/..data/$file"
ln -sf "$ENV_TO_INI_MOUNT_POINT/$scope/..data/$file" "$ENV_TO_INI_MOUNT_POINT/$scope/$file"
}
@test "works as expected when nothing is configured" {
expect_environment_to_ini_call
run $PROJECT_ROOT/scripts/init-containers/config/config_environment.sh
assert_success
assert_line '...Initial secrets generated'
assert_line 'Reloading preset envs...'
assert_line '=== All configuration sources loaded ==='
assert_line 'Stubbed environment-to-ini was called!'
}
@test "exports initial secrets" {
expect_environment_to_ini_call
run execute_test_script
assert_success
assert_line '+GITEA__OAUTH2__JWT_SECRET=mocked-jwt-secret'
assert_line '+GITEA__SECURITY__INTERNAL_TOKEN=mocked-internal-token'
assert_line '+GITEA__SECURITY__SECRET_KEY=mocked-secret-key'
assert_line '+GITEA__SERVER__LFS_JWT_SECRET=mocked-lfs-jwt-secret'
}
@test "does NOT export initial secrets when app.ini already exists" {
expect_environment_to_ini_call
touch $GITEA_APP_INI
run execute_test_script
assert_success
assert_line --partial 'An app.ini file already exists.'
refute_line '+GITEA__OAUTH2__JWT_SECRET=mocked-jwt-secret'
refute_line '+GITEA__SECURITY__INTERNAL_TOKEN=mocked-internal-token'
refute_line '+GITEA__SECURITY__SECRET_KEY=mocked-secret-key'
refute_line '+GITEA__SERVER__LFS_JWT_SECRET=mocked-lfs-jwt-secret'
}
@test "ensures that preset environment variables take precedence over auto-generated ones" {
expect_environment_to_ini_call
export GITEA__OAUTH2__JWT_SECRET="pre-defined-jwt-secret"
run execute_test_script
assert_success
refute_line '+GITEA__OAUTH2__JWT_SECRET=mocked-jwt-secret'
}
@test "ensures that preset environment variables take precedence over mounted ones" {
expect_environment_to_ini_call
export GITEA__OAUTH2__JWT_SECRET="pre-defined-jwt-secret"
write_mounted_file "inlines" "oauth2" "$(cat << EOF
JWT_SECRET=inline-jwt-secret
EOF
)"
run execute_test_script
assert_success
refute_line '+GITEA__OAUTH2__JWT_SECRET=mocked-jwt-secret'
refute_line '+GITEA__OAUTH2__JWT_SECRET=inline-jwt-secret'
}
@test "ensures that additionals take precedence over inlines" {
expect_environment_to_ini_call
write_mounted_file "inlines" "oauth2" "$(cat << EOF
JWT_SECRET=inline-jwt-secret
EOF
)"
write_mounted_file "additionals" "oauth2" "$(cat << EOF
JWT_SECRET=additional-jwt-secret
EOF
)"
run execute_test_script
assert_success
refute_line '+GITEA__OAUTH2__JWT_SECRET=mocked-jwt-secret'
refute_line '+GITEA__OAUTH2__JWT_SECRET=inline-jwt-secret'
assert_line '+GITEA__OAUTH2__JWT_SECRET=additional-jwt-secret'
}
@test "ensures that dotted/dashed sections are properly masked" {
expect_environment_to_ini_call
write_mounted_file "inlines" "repository.pull-request" "$(cat << EOF
WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]
EOF
)"
run execute_test_script
assert_success
assert_line '+GITEA__REPOSITORY_0X2E_PULL_0X2D_REQUEST__WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]'
}
###############################################################
##### THIS IS A BUG, BUT I WANT IT TO BE COVERED BY TESTS #####
###############################################################
@test "ensures uppercase section and setting names (🐞)" {
expect_environment_to_ini_call
export GITEA__oauth2__JwT_Secret="pre-defined-jwt-secret"
write_mounted_file "inlines" "repository.pull-request" "$(cat << EOF
WORK_IN_progress_PREFIXES=WIP:,[WIP]
EOF
)"
run execute_test_script
assert_success
assert_line '+GITEA__REPOSITORY_0X2E_PULL_0X2D_REQUEST__WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]'
assert_line '+GITEA__OAUTH2__JWT_SECRET=pre-defined-jwt-secret'
}
@test "treats top-level configuration as section-less" {
expect_environment_to_ini_call
write_mounted_file "inlines" "_generals_" "$(cat << EOF
APP_NAME=Hello top-level configuration
RUN_MODE=dev
EOF
)"
run execute_test_script
assert_success
assert_line '+GITEA____APP_NAME=Hello top-level configuration'
assert_line '+GITEA____RUN_MODE=dev'
}
@test "fails on invalid setting" {
write_mounted_file "inlines" "_generals_" "$(cat << EOF
some random invalid string
EOF
)"
run execute_test_script
assert_failure
}
@test "treats empty setting name as invalid setting" {
write_mounted_file "inlines" "_generals_" "$(cat << EOF
=value
EOF
)"
run execute_test_script
assert_failure
}

View File

@@ -0,0 +1,12 @@
suite: Check if actions raises an error
release:
name: gitea-unittests
namespace: testing
tests:
- it: fails when trying to configure actions due to removal
set:
actions:
enabled: true
asserts:
- failedTemplate:
errorMessage: The actions sub-chart has been outsourced to a dedicated chart available at https://gitea.com/gitea/helm-actions. For assistance with the migration process, check https://gitea.com/gitea/helm-actions/issues/9.

View File

@@ -0,0 +1,24 @@
suite: config template | actions config
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/config.yaml
tests:
- it: "actions are enabled by default (based on vanilla Gitea behavior)"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
notExists:
path: stringData.actions
- it: "actions can be disabled via inline config"
template: templates/gitea/config.yaml
set:
gitea.config.actions.ENABLED: false
asserts:
- documentIndex: 0
equal:
path: stringData.actions
value: |-
ENABLED=false

View File

@@ -0,0 +1,66 @@
suite: config template | cache config
release:
name: gitea-unittests
namespace: testing
tests:
- it: "cache is configured correctly for valkey-cluster"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: true
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=redis
HOST=redis+cluster://:@gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "cache is configured correctly for valkey"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: true
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=redis
HOST=redis://:changeme@gitea-unittests-valkey-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "cache is configured correctly for 'memory' when valkey (or valkey-cluster) is disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=memory
HOST=
- it: "cache can be customized when valkey (or valkey-cluster) is disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
gitea.config.cache.ADAPTER: custom-adapter
gitea.config.cache.HOST: custom-host
asserts:
- documentIndex: 0
equal:
path: stringData.cache
value: |-
ADAPTER=custom-adapter
HOST=custom-host

View File

@@ -0,0 +1,58 @@
suite: config template | metrics section (metrics token)
release:
name: gitea-unittests
namespace: testing
tests:
- it: metrics token is set
template: templates/gitea/config.yaml
set:
gitea:
metrics:
enabled: true
token: "somepassword"
asserts:
- documentIndex: 0
equal:
path: stringData.metrics
value: |-
ENABLED=true
TOKEN=somepassword
- it: metrics token is empty
template: templates/gitea/config.yaml
set:
gitea:
metrics:
enabled: true
token: ""
asserts:
- documentIndex: 0
equal:
path: stringData.metrics
value: |-
ENABLED=true
- it: metrics token is nil
template: templates/gitea/config.yaml
set:
gitea:
metrics:
enabled: true
token:
asserts:
- documentIndex: 0
equal:
path: stringData.metrics
value: |-
ENABLED=true
- it: does not configures a token if metrics are disabled
template: templates/gitea/config.yaml
set:
gitea:
metrics:
enabled: false
token: "somepassword"
asserts:
- documentIndex: 0
equal:
path: stringData.metrics
value: |-
ENABLED=false

View File

@@ -0,0 +1,66 @@
suite: config template | queue config
release:
name: gitea-unittests
namespace: testing
tests:
- it: "queue is configured correctly for valkey-cluster"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: true
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=redis+cluster://:@gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
TYPE=redis
- it: "queue is configured correctly for valkey"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: true
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=redis://:changeme@gitea-unittests-valkey-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
TYPE=redis
- it: "queue is configured correctly for 'levelDB' when valkey (and valkey-cluster) is disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=
TYPE=level
- it: "queue can be customized when valkey (and valkey-cluster) are disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
gitea.config.queue.TYPE: custom-type
gitea.config.queue.CONN_STR: custom-connection-string
asserts:
- documentIndex: 0
equal:
path: stringData.queue
value: |-
CONN_STR=custom-connection-string
TYPE=custom-type

View File

@@ -0,0 +1,67 @@
suite: config template | server section (domain related)
release:
name: gitea-unittests
namespace: testing
tests:
- it: "[default values] uses ingress host for DOMAIN|SSH_DOMAIN|ROOT_URL"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: \nDOMAIN=git.example.com
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: \nSSH_DOMAIN=git.example.com
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: \nROOT_URL=http://git.example.com
################################################
- it: "[no ingress hosts] uses gitea http service for DOMAIN|SSH_DOMAIN|ROOT_URL"
template: templates/gitea/config.yaml
set:
ingress:
hosts: []
asserts:
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: \nDOMAIN=gitea-unittests-http.testing.svc.cluster.local
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: \nSSH_DOMAIN=gitea-unittests-http.testing.svc.cluster.local
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: \nROOT_URL=http://gitea-unittests-http.testing.svc.cluster.local
################################################
- it: "[provided via values] uses that for DOMAIN|SSH_DOMAIN|ROOT_URL"
template: templates/gitea/config.yaml
set:
gitea.config.server.DOMAIN: provided.example.com
ingress:
hosts:
- host: non-used.example.com
paths:
- path: /
pathType: Prefix
asserts:
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: \nDOMAIN=provided.example.com
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: \nSSH_DOMAIN=provided.example.com
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: \nROOT_URL=http://provided.example.com

View File

@@ -0,0 +1,66 @@
suite: config template | session config
release:
name: gitea-unittests
namespace: testing
tests:
- it: "session is configured correctly for valkey-cluster"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: true
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=redis
PROVIDER_CONFIG=redis+cluster://:@gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "session is configured correctly for valkey"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: true
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=redis
PROVIDER_CONFIG=redis://:changeme@gitea-unittests-valkey-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
- it: "session is configured correctly for 'memory' when valkey (and valkey-cluster) is disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=memory
PROVIDER_CONFIG=
- it: "session can be customized when valkey (and valkey-cluster) is disabled"
template: templates/gitea/config.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: false
gitea.config.session.PROVIDER: custom-provider
gitea.config.session.PROVIDER_CONFIG: custom-provider-config
asserts:
- documentIndex: 0
equal:
path: stringData.session
value: |-
PROVIDER=custom-provider
PROVIDER_CONFIG=custom-provider-config

View File

@@ -0,0 +1,121 @@
suite: Dependency checks | Customization integrity | postgresql-ha
release:
name: gitea-unittests
namespace: testing
set:
postgresql:
enabled: false
postgresql-ha:
enabled: true
global:
postgresql:
database: gitea-database
password: gitea-password
username: gitea-username
postgresql:
repmgrPassword: custom-password-repmgr
postgresPassword: custom-password-postgres
password: custom-password-overwritten-by-global-postgresql-password
pgpool:
adminPassword: custom-password-pgpool
service:
ports:
postgresql: 1234
persistence:
size: 1337Mi
tests:
- it: "[postgresql-ha] DB settings are applied as expected"
template: charts/postgresql-ha/templates/postgresql/statefulset.yaml
asserts:
- documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: POSTGRES_DB
value: "gitea-database"
- documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: POSTGRES_USER
value: "gitea-username"
- it: "[postgresql-ha] DB passwords are applied as expected"
template: charts/postgresql-ha/templates/postgresql/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["repmgr-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXJlcG1ncg=="
- documentIndex: 0
equal:
path: data["postgres-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXBvc3RncmVz"
- documentIndex: 0
equal:
path: data["password"]
value: "Z2l0ZWEtcGFzc3dvcmQ=" # postgresql-ha.postgresql.password is overwritten by postgresql-ha.global.postgresql.password and should not be referenced here
- it: "[postgresql-ha] pgpool.adminPassword is applied as expected"
template: charts/postgresql-ha/templates/pgpool/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["admin-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXBncG9vbA=="
- it: "[postgresql-ha] pgpool.adminPassword is applied as expected"
template: charts/postgresql-ha/templates/pgpool/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["admin-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXBncG9vbA=="
- it: "[postgresql-ha] pgpool.adminPassword is applied as expected"
template: charts/postgresql-ha/templates/pgpool/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["admin-password"]
value: "Y3VzdG9tLXBhc3N3b3JkLXBncG9vbA=="
- it: "[postgresql-ha] persistence.size is applied as expected"
template: charts/postgresql-ha/templates/postgresql/statefulset.yaml
asserts:
- documentIndex: 0
equal:
path: spec.volumeClaimTemplates[0].spec.resources.requests.storage
value: "1337Mi"
- it: "[postgresql-ha] service.ports.postgresql is applied as expected"
template: charts/postgresql-ha/templates/pgpool/service.yaml
asserts:
- documentIndex: 0
equal:
path: spec.ports[0].port
value: 1234
- it: "[postgresql-ha] renders the referenced service"
template: charts/postgresql-ha/templates/pgpool/service.yaml
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-postgresql-ha-pgpool
namespace: testing
- it: "[gitea] connects to pgpool service"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: HOST=gitea-unittests-postgresql-ha-pgpool.testing.svc.cluster.local:1234
- it: "[gitea] connects to configured database"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: NAME=gitea-database
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: USER=gitea-username
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: PASSWD=gitea-password

View File

@@ -0,0 +1,88 @@
suite: Dependency checks | Customization integrity | postgresql
release:
name: gitea-unittests
namespace: testing
set:
postgresql-ha:
enabled: false
postgresql:
enabled: true
global:
postgresql:
auth:
password: gitea-password
database: gitea-database
username: gitea-username
service:
ports:
postgresql: 1234
primary:
persistence:
size: 1337Mi
tests:
- it: "[postgresql] DB settings are applied as expected"
template: charts/postgresql/templates/primary/statefulset.yaml
asserts:
- documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: POSTGRES_DATABASE
value: "gitea-database"
- documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: POSTGRES_USER
value: "gitea-username"
- it: "[postgresql] DB password is applied as expected"
template: charts/postgresql/templates/secrets.yaml
asserts:
- documentIndex: 0
equal:
path: data["password"]
value: "Z2l0ZWEtcGFzc3dvcmQ="
- it: "[postgresql] primary.persistence.size is applied as expected"
template: charts/postgresql/templates/primary/statefulset.yaml
asserts:
- documentIndex: 0
equal:
path: spec.volumeClaimTemplates[0].spec.resources.requests.storage
value: "1337Mi"
- it: "[postgresql] global.postgresql.service.ports.postgresql is applied as expected"
template: charts/postgresql/templates/primary/svc.yaml
asserts:
- documentIndex: 0
equal:
path: spec.ports[0].port
value: 1234
- it: "[postgresql] renders the referenced service"
template: charts/postgresql/templates/primary/svc.yaml
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-postgresql
namespace: testing
- it: "[gitea] connects to postgresql service"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: HOST=gitea-unittests-postgresql.testing.svc.cluster.local:1234
- it: "[gitea] connects to configured database"
template: templates/gitea/config.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: NAME=gitea-database
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: USER=gitea-username
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: PASSWD=gitea-password

View File

@@ -0,0 +1,90 @@
suite: Dependency checks | Customization integrity | valkey-cluster
release:
name: gitea-unittests
namespace: testing
set:
valkey:
enabled: false
valkey-cluster:
enabled: true
usePassword: false
cluster:
nodes: 5
replicas: 2
tests:
- it: "[valkey-cluster] configures correct nodes/replicas"
template: charts/valkey-cluster/templates/valkey-statefulset.yaml
asserts:
- documentIndex: 0
equal:
path: spec.replicas
value: 5
- documentIndex: 0
matchRegex:
path: spec.template.spec.containers[0].args[0]
pattern: VALKEY_CLUSTER_REPLICAS="2"
- it: "[valkey-cluster] support auth-less connections"
asserts:
- template: charts/valkey-cluster/templates/secret.yaml
hasDocuments:
count: 0
- template: charts/valkey-cluster/templates/valkey-statefulset.yaml
documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: ALLOW_EMPTY_PASSWORD
value: "yes"
- it: "[valkey-cluster] support auth-full connections"
set:
valkey-cluster:
usePassword: true
asserts:
- template: charts/valkey-cluster/templates/secret.yaml
containsDocument:
kind: Secret
apiVersion: v1
name: gitea-unittests-valkey-cluster
namespace: testing
- template: charts/valkey-cluster/templates/valkey-statefulset.yaml
documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: REDISCLI_AUTH
valueFrom:
secretKeyRef:
name: gitea-unittests-valkey-cluster
key: valkey-password
- template: charts/valkey-cluster/templates/valkey-statefulset.yaml
documentIndex: 0
contains:
path: spec.template.spec.containers[0].env
content:
name: REDISCLI_AUTH
valueFrom:
secretKeyRef:
name: gitea-unittests-valkey-cluster
key: valkey-password
- it: "[valkey-cluster] renders the referenced service"
template: charts/valkey-cluster/templates/headless-svc.yaml
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-valkey-cluster-headless
namespace: testing
- documentIndex: 0
contains:
path: spec.ports
content:
name: tcp-redis
port: 6379
targetPort: tcp-redis
- it: "[gitea] waits for valkey-cluster to be up and running"
template: templates/gitea/init.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData["configure_gitea.sh"]
pattern: nc -vz -w2 gitea-unittests-valkey-cluster-headless.testing.svc.cluster.local 6379

View File

@@ -0,0 +1,52 @@
suite: Dependency checks | Customization integrity | valkey
release:
name: gitea-unittests
namespace: testing
set:
valkey-cluster:
enabled: false
valkey:
enabled: true
architecture: standalone
global:
valkey:
password: gitea-password
master:
count: 2
tests:
- it: "[valkey] configures correct 'master' nodes"
template: charts/valkey/templates/primary/application.yaml
asserts:
- documentIndex: 0
equal:
path: spec.replicas
value: 1
- it: "[valkey] valkey.global.valkey.password is applied as expected"
template: charts/valkey/templates/secret.yaml
asserts:
- documentIndex: 0
equal:
path: data["valkey-password"]
value: "Z2l0ZWEtcGFzc3dvcmQ="
- it: "[valkey] renders the referenced service"
template: charts/valkey/templates/headless-svc.yaml
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-valkey-headless
namespace: testing
- documentIndex: 0
contains:
path: spec.ports
content:
name: tcp-redis
port: 6379
targetPort: redis
- it: "[gitea] waits for valkey to be up and running"
template: templates/gitea/init.yaml
asserts:
- documentIndex: 0
matchRegex:
path: stringData["configure_gitea.sh"]
pattern: nc -vz -w2 gitea-unittests-valkey-headless.testing.svc.cluster.local 6379

View File

@@ -0,0 +1,57 @@
suite: Dependency checks | Major image bumps
release:
name: gitea-unittests
namespace: testing
tests:
- it: "[postgresql-ha] ensures we detect major image version upgrades"
template: charts/postgresql-ha/templates/postgresql/statefulset.yaml
set:
postgresql:
enabled: false
postgresql-ha:
enabled: true
asserts:
- documentIndex: 0
matchRegex:
path: spec.template.spec.containers[0].image
# IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST
pattern: bitnami/postgresql-repmgr:17.+$
- it: "[postgresql] ensures we detect major image version upgrades"
template: charts/postgresql/templates/primary/statefulset.yaml
set:
postgresql:
enabled: true
postgresql-ha:
enabled: false
asserts:
- documentIndex: 0
matchRegex:
path: spec.template.spec.containers[0].image
# IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST
pattern: bitnami/postgresql:17.+$
- it: "[valkey-cluster] ensures we detect major image version upgrades"
template: charts/valkey-cluster/templates/valkey-statefulset.yaml
set:
valkey-cluster:
enabled: true
valkey:
enabled: false
asserts:
- documentIndex: 0
matchRegex:
path: spec.template.spec.containers[0].image
# IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST
pattern: bitnami/valkey-cluster:8.+$
- it: "[valkey] ensures we detect major image version upgrades"
template: charts/valkey/templates/primary/application.yaml
set:
valkey-cluster:
enabled: false
valkey:
enabled: true
asserts:
- documentIndex: 0
matchRegex:
path: spec.template.spec.containers[0].image
# IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST
pattern: bitnami/valkey:8.+$

View File

@@ -0,0 +1,59 @@
suite: deployment template (HA)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: fails with multiple replicas and "GIT_GC_REPOS" enabled
template: templates/gitea/deployment.yaml
set:
replicaCount: 2
persistence:
accessModes:
- ReadWriteMany
gitea:
config:
cron:
GIT_GC_REPOS:
ENABLED: true
asserts:
- failedTemplate:
errorMessage: "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'gitea.config.cron.GIT_GC_REPOS.enabled = false'."
- it: fails with multiple replicas and RWX file system not set
template: templates/gitea/deployment.yaml
set:
replicaCount: 2
asserts:
- failedTemplate:
errorMessage: "When using multiple replicas, a RWX file system is required and persistence.accessModes[0] must be set to ReadWriteMany."
- it: fails with multiple replicas and bleve issue indexer
template: templates/gitea/deployment.yaml
set:
replicaCount: 2
persistence:
accessModes:
- ReadWriteMany
gitea:
config:
indexer:
ISSUE_INDEXER_TYPE: bleve
asserts:
- failedTemplate:
errorMessage: "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)."
- it: fails with multiple replicas and bleve repo indexer
template: templates/gitea/deployment.yaml
set:
replicaCount: 2
persistence:
accessModes:
- ReadWriteMany
gitea:
config:
indexer:
REPO_INDEXER_TYPE: bleve
REPO_INDEXER_ENABLED: true
asserts:
- failedTemplate:
errorMessage: "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled."

View File

@@ -0,0 +1,95 @@
suite: deployment template (basic)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: renders a deployment
template: templates/gitea/deployment.yaml
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: Deployment
apiVersion: apps/v1
name: gitea-unittests
- it: deployment labels are set
template: templates/gitea/deployment.yaml
set:
deployment.labels:
hello: world
asserts:
- isSubset:
path: metadata.labels
content:
hello: world
- isSubset:
path: spec.template.metadata.labels
content:
hello: world
- it: "injects TMP_EXISTING_ENVS_FILE as environment variable to 'init-app-ini' init container"
template: templates/gitea/deployment.yaml
asserts:
- contains:
path: spec.template.spec.initContainers[1].env
content:
name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- it: "injects ENV_TO_INI_MOUNT_POINT as environment variable to 'init-app-ini' init container"
template: templates/gitea/deployment.yaml
asserts:
- contains:
path: spec.template.spec.initContainers[1].env
content:
name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- it: CPU resources are defined as well as GOMAXPROCS
template: templates/gitea/deployment.yaml
set:
resources:
limits:
cpu: 200ms
memory: 200Mi
requests:
cpu: 100ms
memory: 100Mi
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: GOMAXPROCS
valueFrom:
resourceFieldRef:
divisor: "1"
resource: limits.cpu
- equal:
path: spec.template.spec.containers[0].resources
value:
limits:
cpu: 200ms
memory: 200Mi
requests:
cpu: 100ms
memory: 100Mi
- it: Init containers have correct volumeMount path
template: templates/gitea/deployment.yaml
set:
initContainersScriptsVolumeMountPath: "/custom/init/path"
asserts:
- equal:
path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="init")].mountPath
value: "/custom/init/path"
- equal:
path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="config")].mountPath
value: "/custom/init/path"
- it: Init containers have correct volumeMount path if there is no override
template: templates/gitea/deployment.yaml
asserts:
- equal:
path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="init")].mountPath
value: "/usr/sbinx"
- equal:
path: spec.template.spec.initContainers[*].volumeMounts[?(@.name=="config")].mountPath
value: "/usr/sbinx"

View File

@@ -0,0 +1,150 @@
suite: deployment template
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: Renders a deployment
template: templates/gitea/deployment.yaml
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: Deployment
apiVersion: apps/v1
name: gitea-unittests
- it: Deployment with empty additionalConfigFromEnvs
template: templates/gitea/deployment.yaml
set:
gitea.additionalConfigFromEnvs: []
asserts:
- hasDocuments:
count: 1
- exists:
path: spec.template.spec.initContainers[1].env
- lengthEqual:
path: spec.template.spec.initContainers[1].env
count: 6
- isSubset:
path: spec.template.spec.initContainers[1]
content:
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- it: Deployment with standard additionalConfigFromEnvs
template: templates/gitea/deployment.yaml
set:
gitea.additionalConfigFromEnvs: [{name: GITEA_database_HOST, value: my-db:123}, {name: GITEA_database_USER, value: my-user}]
asserts:
- hasDocuments:
count: 1
- exists:
path: spec.template.spec.initContainers[1].env
- lengthEqual:
path: spec.template.spec.initContainers[1].env
count: 8
- isSubset:
path: spec.template.spec.initContainers[1]
content:
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- name: GITEA_database_HOST
value: my-db:123
- name: GITEA_database_USER
value: my-user
- it: Deployment with templated additionalConfigFromEnvs
template: templates/gitea/deployment.yaml
set:
gitea.misc.host: my-db-host:321
gitea.misc.user: my-db-user
gitea.additionalConfigFromEnvs: [{name: GITEA_database_HOST, value: "{{ .Values.gitea.misc.host }}"}, {name: GITEA_database_USER, value: "{{ .Values.gitea.misc.user }}"}]
asserts:
- hasDocuments:
count: 1
- exists:
path: spec.template.spec.initContainers[1].env
- lengthEqual:
path: spec.template.spec.initContainers[1].env
count: 8
- isSubset:
path: spec.template.spec.initContainers[1]
content:
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- name: GITEA_database_HOST
value: my-db-host:321
- name: GITEA_database_USER
value: my-db-user
- it: Deployment with additionalConfigFromEnvs templated secret name
template: templates/gitea/deployment.yaml
set:
gitea.misc.existingSecret: my-db-secret
gitea.additionalConfigFromEnvs[0]:
name: GITEA_database_HOST
valueFrom:
secretKeyRef:
name: "{{ .Values.gitea.misc.existingSecret }}"
key: password
asserts:
- hasDocuments:
count: 1
- exists:
path: spec.template.spec.initContainers[1].env
- lengthEqual:
path: spec.template.spec.initContainers[1].env
count: 7
- isSubset:
path: spec.template.spec.initContainers[1]
content:
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
value: /data/gitea
- name: GITEA_WORK_DIR
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TMP_EXISTING_ENVS_FILE
value: /tmp/existing-envs
- name: ENV_TO_INI_MOUNT_POINT
value: /env-to-ini-mounts
- name: GITEA_database_HOST
valueFrom:
secretKeyRef:
name: "my-db-secret"
key: password

View File

@@ -0,0 +1,110 @@
suite: deployment template (image configuration)
release:
name: gitea-unittests
namespace: testing
chart:
# Override appVersion to be consistent with used digest :)
appVersion: 1.19.3
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: default values
template: templates/gitea/deployment.yaml
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.3-rootless"
- it: tag override
template: templates/gitea/deployment.yaml
set:
image.tag: "1.19.4"
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.4-rootless"
- it: root-based image
template: templates/gitea/deployment.yaml
set:
image.rootless: false
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.3"
- it: scoped registry
template: templates/gitea/deployment.yaml
set:
image.registry: "example.com"
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "example.com/gitea:1.19.3-rootless"
- it: global registry
template: templates/gitea/deployment.yaml
set:
global.imageRegistry: "global.example.com"
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "global.example.com/gitea:1.19.3-rootless"
- it: digest for rootless image
template: templates/gitea/deployment.yaml
set:
image:
rootless: true
digest: sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: image fullOverride (does not append rootless)
template: templates/gitea/deployment.yaml
set:
image:
fullOverride: docker.gitea.com/gitea:1.19.3
# setting rootless, registry, repository, tag, and digest to prove that override works
rootless: true
registry: example.com
repository: example/image
tag: "1.0.0"
digest: sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.3"
- it: digest for root-based image
template: templates/gitea/deployment.yaml
set:
image:
rootless: false
digest: sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.19.3@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: digest and global registry
template: templates/gitea/deployment.yaml
set:
global.imageRegistry: "global.example.com"
image.digest: "sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "global.example.com/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: correctly renders floating tag references
template: templates/gitea/deployment.yaml
set:
image.tag: 1.21 # use non-quoted value on purpose. See: https://gitea.com/gitea/helm-gitea/issues/631
asserts:
- equal:
path: spec.template.spec.initContainers[0].image
value: "docker.gitea.com/gitea:1.21-rootless"
- equal:
path: spec.template.spec.initContainers[1].image
value: "docker.gitea.com/gitea:1.21-rootless"
- equal:
path: spec.template.spec.initContainers[2].image
value: "docker.gitea.com/gitea:1.21-rootless"
- equal:
path: spec.template.spec.containers[0].image
value: "docker.gitea.com/gitea:1.21-rootless"

View File

@@ -0,0 +1,45 @@
suite: Test ingress tpl use
templates:
- templates/gitea/ingress.yaml
tests:
- it: Ingress Class using TPL
set:
global.ingress.className: "ingress-class"
ingress.className: "{{ .Values.global.ingress.className }}"
ingress.enabled: true
ingress.hosts[0].host: "some-host"
ingress.tls:
- secretName: gitea-tls
hosts:
- "some-host"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "some-host"
- equal:
path: spec.rules[0].host
value: "some-host"
- equal:
path: spec.ingressClassName
value: "ingress-class"
- it: hostname using TPL
set:
global.giteaHostName: "gitea.example.com"
ingress.enabled: true
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
ingress.tls:
- secretName: gitea-tls
hosts:
- "{{ .Values.global.giteaHostName }}"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "gitea.example.com"
- equal:
path: spec.rules[0].host
value: "gitea.example.com"

View File

@@ -0,0 +1,33 @@
suite: config template
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/config.yaml
tests:
- it: inline config stringData.server using TPL
set:
global.giteaHostName: "gitea.example.com"
ingress.enabled: true
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
ingress.tls:
- secretName: gitea-tls
hosts:
- "{{ .Values.global.giteaHostName }}"
asserts:
- documentIndex: 0
matchRegex:
path: metadata.name
pattern: .*-inline-config$
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: DOMAIN=gitea\.example\.com
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: ROOT_URL=https://gitea\.example\.com
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: SSH_DOMAIN=gitea\.example\.com

View File

@@ -0,0 +1,188 @@
suite: deployment template (probes)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: renders default liveness probe
template: templates/gitea/deployment.yaml
asserts:
- notExists:
path: spec.template.spec.containers[0].livenessProbe.enabled
- isSubset:
path: spec.template.spec.containers[0].livenessProbe
content:
failureThreshold: 10
initialDelaySeconds: 200
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: http
timeoutSeconds: 1
- it: renders default readiness probe
template: templates/gitea/deployment.yaml
asserts:
- notExists:
path: spec.template.spec.containers[0].readinessProbe.enabled
- isSubset:
path: spec.template.spec.containers[0].readinessProbe
content:
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: http
timeoutSeconds: 1
- it: does not render a default startup probe
template: templates/gitea/deployment.yaml
asserts:
- notExists:
path: spec.template.spec.containers[0].startupProbe
- it: allows enabling a startup probe
template: templates/gitea/deployment.yaml
set:
gitea.startupProbe.enabled: true
asserts:
- notExists:
path: spec.template.spec.containers[0].startupProbe.enabled
- isSubset:
path: spec.template.spec.containers[0].startupProbe
content:
failureThreshold: 10
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: http
timeoutSeconds: 1
- it: allows overwriting the default port of the liveness probe
template: templates/gitea/deployment.yaml
set:
gitea:
livenessProbe:
tcpSocket:
port: my-port
asserts:
- isSubset:
path: spec.template.spec.containers[0].livenessProbe
content:
tcpSocket:
port: my-port
- it: allows overwriting the default port of the readiness probe
template: templates/gitea/deployment.yaml
set:
gitea:
readinessProbe:
tcpSocket:
port: my-port
asserts:
- isSubset:
path: spec.template.spec.containers[0].readinessProbe
content:
tcpSocket:
port: my-port
- it: allows overwriting the default port of the startup probe
template: templates/gitea/deployment.yaml
set:
gitea:
startupProbe:
enabled: true
tcpSocket:
port: my-port
asserts:
- isSubset:
path: spec.template.spec.containers[0].startupProbe
content:
tcpSocket:
port: my-port
- it: allows using a non-default method as liveness probe
template: templates/gitea/deployment.yaml
set:
gitea:
livenessProbe:
httpGet:
path: /api/healthz
port: http
initialDelaySeconds: 13371
timeoutSeconds: 13372
periodSeconds: 13373
successThreshold: 13374
failureThreshold: 13375
asserts:
- notExists:
path: spec.template.spec.containers[0].livenessProbe.tcpSocket
- isSubset:
path: spec.template.spec.containers[0].livenessProbe
content:
failureThreshold: 13375
initialDelaySeconds: 13371
periodSeconds: 13373
successThreshold: 13374
httpGet:
path: /api/healthz
port: http
timeoutSeconds: 13372
- it: allows using a non-default method as readiness probe
template: templates/gitea/deployment.yaml
set:
gitea:
readinessProbe:
httpGet:
path: /api/healthz
port: http
initialDelaySeconds: 13371
timeoutSeconds: 13372
periodSeconds: 13373
successThreshold: 13374
failureThreshold: 13375
asserts:
- notExists:
path: spec.template.spec.containers[0].readinessProbe.tcpSocket
- isSubset:
path: spec.template.spec.containers[0].readinessProbe
content:
failureThreshold: 13375
initialDelaySeconds: 13371
periodSeconds: 13373
successThreshold: 13374
httpGet:
path: /api/healthz
port: http
timeoutSeconds: 13372
- it: allows using a non-default method as startup probe
template: templates/gitea/deployment.yaml
set:
gitea:
startupProbe:
enabled: true
httpGet:
path: /api/healthz
port: http
initialDelaySeconds: 13371
timeoutSeconds: 13372
periodSeconds: 13373
successThreshold: 13374
failureThreshold: 13375
asserts:
- notExists:
path: spec.template.spec.containers[0].startupProbe.tcpSocket
- isSubset:
path: spec.template.spec.containers[0].startupProbe
content:
failureThreshold: 13375
initialDelaySeconds: 13371
periodSeconds: 13373
successThreshold: 13374
httpGet:
path: /api/healthz
port: http
timeoutSeconds: 13372

View File

@@ -0,0 +1,21 @@
suite: sidecar container
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: supports adding a sidecar container
template: templates/gitea/deployment.yaml
set:
extraContainers:
- name: sidecar-bob
image: busybox
asserts:
- equal:
path: spec.template.spec.containers[1].name
value: "sidecar-bob"
- equal:
path: spec.template.spec.containers[1].image
value: "busybox"

View File

@@ -0,0 +1,40 @@
suite: deployment template (signing disabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: skips gpg init container
template: templates/gitea/deployment.yaml
asserts:
- notContains:
path: spec.template.spec.initContainers
any: true
content:
name: configure-gpg
- it: skips gpg env in `init-directories` init container
template: templates/gitea/deployment.yaml
set:
signing.enabled: false
asserts:
- notContains:
path: spec.template.spec.initContainers[0].env
content:
name: GNUPGHOME
value: /data/git/.gnupg
- it: skips gpg env in runtime container
template: templates/gitea/deployment.yaml
asserts:
- notContains:
path: spec.template.spec.containers[0].env
content:
name: GNUPGHOME
- it: skips gpg volume spec
template: templates/gitea/deployment.yaml
asserts:
- notContains:
path: spec.template.spec.volumes
content:
name: gpg-private-key

View File

@@ -0,0 +1,98 @@
suite: deployment template (signing enabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: adds gpg init container
template: templates/gitea/deployment.yaml
set:
signing:
enabled: true
existingSecret: "custom-gpg-secret"
asserts:
- equal:
path: spec.template.spec.initContainers[2].name
value: configure-gpg
- equal:
path: spec.template.spec.initContainers[2].command
value: ["/usr/sbinx/configure_gpg_environment.sh"]
- equal:
path: spec.template.spec.initContainers[2].securityContext
value:
runAsUser: 1000
- equal:
path: spec.template.spec.initContainers[2].env
value:
- name: GNUPGHOME
value: /data/git/.gnupg
- name: TMP_RAW_GPG_KEY
value: /raw/private.asc
- equal:
path: spec.template.spec.initContainers[2].volumeMounts
value:
- name: init
mountPath: /usr/sbinx
- name: data
mountPath: /data
- name: gpg-private-key
mountPath: /raw
readOnly: true
- it: adds gpg env in `init-directories` init container
template: templates/gitea/deployment.yaml
set:
signing.enabled: true
signing.existingSecret: "custom-gpg-secret"
asserts:
- contains:
path: spec.template.spec.initContainers[0].env
content:
name: GNUPGHOME
value: /data/git/.gnupg
- it: adds gpg env in runtime container
template: templates/gitea/deployment.yaml
set:
signing.enabled: true
signing.existingSecret: "custom-gpg-secret"
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: GNUPGHOME
value: /data/git/.gnupg
- it: adds gpg volume spec
template: templates/gitea/deployment.yaml
set:
signing:
enabled: true
existingSecret: "gitea-unittests-gpg-key"
asserts:
- contains:
path: spec.template.spec.volumes
content:
name: gpg-private-key
secret:
secretName: gitea-unittests-gpg-key
items:
- key: privateKey
path: private.asc
defaultMode: 0100
- it: supports gpg volume spec with external reference
template: templates/gitea/deployment.yaml
set:
signing:
enabled: true
existingSecret: custom-gpg-secret
asserts:
- contains:
path: spec.template.spec.volumes
content:
name: gpg-private-key
secret:
secretName: custom-gpg-secret
items:
- key: privateKey
path: private.asc
defaultMode: 0100

View File

@@ -0,0 +1,64 @@
suite: deployment template (SSH configuration)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: supports defining SSH log level for root based image
template: templates/gitea/deployment.yaml
set:
image.rootless: false
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: SSH_LOG_LEVEL
value: "INFO"
- it: supports overriding SSH log level
template: templates/gitea/deployment.yaml
set:
image.rootless: false
gitea.ssh.logLevel: "DEBUG"
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: SSH_LOG_LEVEL
value: "DEBUG"
- it: supports overriding SSH log level (even when image.fullOverride set)
template: templates/gitea/deployment.yaml
set:
image.fullOverride: docker.gitea.com/gitea:1.19.3
image.rootless: false
gitea.ssh.logLevel: "DEBUG"
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: SSH_LOG_LEVEL
value: "DEBUG"
- it: skips SSH_LOG_LEVEL for rootless image
template: templates/gitea/deployment.yaml
set:
image.rootless: true
gitea.ssh.logLevel: "DEBUG" # explicitly defining a non-standard level here
asserts:
- notContains:
path: spec.template.spec.containers[0].env
any: true
content:
name: SSH_LOG_LEVEL
- it: skips SSH_LOG_LEVEL for rootless image (even when image.fullOverride set)
template: templates/gitea/deployment.yaml
set:
image.fullOverride: docker.gitea.com/gitea:1.19.3
image.rootless: true
gitea.ssh.logLevel: "DEBUG" # explicitly defining a non-standard level here
asserts:
- notContains:
path: spec.template.spec.containers[0].env
any: true
content:
name: SSH_LOG_LEVEL

View File

@@ -0,0 +1,39 @@
# File: tests/gitea-storageclass-tests.yaml
suite: storage class configuration tests
release:
name: gitea-storageclass-tests
namespace: testing
templates:
- templates/gitea/pvc.yaml
tests:
- it: should set storageClassName when persistence.storageClass is defined
template: templates/gitea/pvc.yaml
set:
persistence.storageClass: "my-storage-class"
asserts:
- equal:
path: "spec.storageClassName"
value: "my-storage-class"
- it: should set global.storageClass when persistence.storageClass is not defined
template: templates/gitea/pvc.yaml
set:
global.storageClass: "default-storage-class"
asserts:
- equal:
path: spec.storageClassName
value: "default-storage-class"
- it: should set storageClassName when persistence.storageClass is defined and global.storageClass is defined
template: templates/gitea/pvc.yaml
set:
global.storageClass: "default-storage-class"
persistence.storageClass: "my-storage-class"
asserts:
- equal:
path: spec.storageClassName
value: "my-storage-class"

View File

@@ -0,0 +1,118 @@
suite: ssh-svc / http-svc template (Services configuration)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/ssh-svc.yaml
- templates/gitea/http-svc.yaml
tests:
- it: supports adding custom labels to ssh-svc
template: templates/gitea/ssh-svc.yaml
set:
service:
ssh:
labels:
gitea/testkey: testvalue
asserts:
- equal:
path: metadata.labels["gitea/testkey"]
value: "testvalue"
- it: keeps existing labels (ssh)
template: templates/gitea/ssh-svc.yaml
set:
service:
ssh:
labels: {}
asserts:
- exists:
path: metadata.labels["app"]
- it: supports adding custom labels to http-svc
template: templates/gitea/http-svc.yaml
set:
service:
http:
labels:
gitea/testkey: testvalue
asserts:
- equal:
path: metadata.labels["gitea/testkey"]
value: "testvalue"
- it: keeps existing labels (http)
template: templates/gitea/http-svc.yaml
set:
service:
http:
labels: {}
asserts:
- exists:
path: metadata.labels["app"]
- it: render service.ssh.loadBalancerClass if set and type is LoadBalancer
template: templates/gitea/ssh-svc.yaml
set:
service:
ssh:
loadBalancerClass: "example.com/class"
type: LoadBalancer
loadBalancerIP: "1.2.3.4"
loadBalancerSourceRanges:
- "1.2.3.4/32"
- "5.6.7.8/32"
asserts:
- equal:
path: spec.loadBalancerClass
value: "example.com/class"
- equal:
path: spec.loadBalancerIP
value: "1.2.3.4"
- equal:
path: spec.loadBalancerSourceRanges
value: ["1.2.3.4/32", "5.6.7.8/32"]
- it: does not render when loadbalancer properties are set but type is not loadBalancerClass
template: templates/gitea/http-svc.yaml
set:
service:
http:
type: ClusterIP
loadBalancerClass: "example.com/class"
loadBalancerIP: "1.2.3.4"
loadBalancerSourceRanges:
- "1.2.3.4/32"
- "5.6.7.8/32"
asserts:
- notExists:
path: spec.loadBalancerClass
- notExists:
path: spec.loadBalancerIP
- notExists:
path: spec.loadBalancerSourceRanges
- it: does not render loadBalancerClass by default even when type is LoadBalancer
template: templates/gitea/http-svc.yaml
set:
service:
http:
type: LoadBalancer
loadBalancerIP: "1.2.3.4"
asserts:
- notExists:
path: spec.loadBalancerClass
- equal:
path: spec.loadBalancerIP
value: "1.2.3.4"
- it: both ssh and http services exist
templates:
- templates/gitea/ssh-svc.yaml
- templates/gitea/http-svc.yaml
asserts:
- matchRegex:
path: metadata.name
pattern: "^gitea-unittests-(?:ssh|http)$"
- matchRegex:
path: spec.ports[0].name
pattern: "^(?:ssh|http)$"

View File

@@ -0,0 +1,13 @@
suite: GPG secret template (signing disabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/gpg-secret.yaml
tests:
- it: renders nothing
set:
signing.enabled: false
asserts:
- hasDocuments:
count: 0

View File

@@ -0,0 +1,40 @@
suite: GPG secret template (signing enabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/gpg-secret.yaml
tests:
- it: fails rendering when nothing is configured
set:
signing:
enabled: true
asserts:
- failedTemplate:
errorMessage: Either specify `signing.privateKey` or `signing.existingSecret`
- it: skips rendering using external secret reference
set:
signing:
enabled: true
existingSecret: "external-secret-reference"
asserts:
- hasDocuments:
count: 0
- it: renders secret specification using inline gpg key
set:
signing:
enabled: true
privateKey: "gpg-key-placeholder"
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
containsDocument:
kind: Secret
apiVersion: v1
name: gitea-unittests-gpg-key
- isNotNullOrEmpty:
path: metadata.labels
- equal:
path: data.privateKey
value: "Z3BnLWtleS1wbGFjZWhvbGRlcg=="

View File

@@ -0,0 +1,93 @@
suite: Test ingress.yaml
templates:
- templates/gitea/ingress.yaml
tests:
- it: should enable ingress when ingress.enabled is true
set:
ingress.enabled: true
ingress.apiVersion: networking.k8s.io/v1
ingress.annotations:
kubernetes.io/ingress.class: nginx
ingress.className: nginx
ingress.tls:
- hosts:
- example.com
secretName: tls-secret
ingress.hosts:
- host: example.com
paths: ["/"]
asserts:
- hasDocuments:
count: 1
- isKind:
of: Ingress
- equal:
path: metadata.name
value: RELEASE-NAME-gitea
- matchRegex:
path: apiVersion
pattern: networking.k8s.io/v1
- equal:
path: spec.ingressClassName
value: nginx
- equal:
path: spec.rules[0].host
value: "example.com"
- equal:
path: spec.tls[0].hosts[0]
value: "example.com"
- equal:
path: spec.tls[0].secretName
value: tls-secret
- equal:
path: metadata.annotations["kubernetes.io/ingress.class"]
value: nginx
- it: should not create ingress when ingress.enabled is false
set:
ingress.enabled: false
asserts:
- hasDocuments:
count: 0
- it: Ingress Class using TPL
set:
global.ingress.className: "ingress-class"
ingress.className: "{{ .Values.global.ingress.className }}"
ingress.enabled: true
ingress.hosts[0].host: "some-host"
ingress.tls:
- secretName: gitea-tls
hosts:
- "some-host"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "some-host"
- equal:
path: spec.rules[0].host
value: "some-host"
- equal:
path: spec.ingressClassName
value: "ingress-class"
- it: hostname using TPL
set:
global.giteaHostName: "gitea.example.com"
ingress.enabled: true
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
ingress.tls:
- secretName: gitea-tls
hosts:
- "{{ .Values.global.giteaHostName }}"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "gitea.example.com"
- equal:
path: spec.rules[0].host
value: "gitea.example.com"

View File

@@ -0,0 +1,23 @@
suite: Test ingress with implicit path defaults
templates:
- templates/gitea/ingress.yaml
tests:
- it: should use default path and pathType when no paths are specified
set:
ingress.enabled: true
ingress.hosts:
- host: git.example.com
asserts:
- hasDocuments:
count: 1
- isKind:
of: Ingress
- equal:
path: spec.rules[0].host
value: "git.example.com"
- equal:
path: spec.rules[0].http.paths[0].path
value: "/"
- equal:
path: spec.rules[0].http.paths[0].pathType
value: "Prefix"

View File

@@ -0,0 +1,45 @@
suite: Test ingress tpl use
templates:
- templates/gitea/ingress.yaml
tests:
- it: Ingress Class using TPL
set:
global.ingress.className: "ingress-class"
ingress.className: "{{ .Values.global.ingress.className }}"
ingress.enabled: true
ingress.hosts[0].host: "some-host"
ingress.tls:
- secretName: gitea-tls
hosts:
- "some-host"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "some-host"
- equal:
path: spec.rules[0].host
value: "some-host"
- equal:
path: spec.ingressClassName
value: "ingress-class"
- it: hostname using TPL
set:
global.giteaHostName: "gitea.example.com"
ingress.enabled: true
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
ingress.tls:
- secretName: gitea-tls
hosts:
- "{{ .Values.global.giteaHostName }}"
asserts:
- isKind:
of: Ingress
- equal:
path: spec.tls[0].hosts[0]
value: "gitea.example.com"
- equal:
path: spec.rules[0].host
value: "gitea.example.com"

View File

@@ -0,0 +1,26 @@
suite: Test ingress with structured paths
templates:
- templates/gitea/ingress.yaml
tests:
- it: should work with structured path definitions
set:
ingress.enabled: true
ingress.hosts:
- host: git.devxy.io
paths:
- path: /
pathType: Prefix
asserts:
- hasDocuments:
count: 1
- isKind:
of: Ingress
- equal:
path: spec.rules[0].host
value: "git.devxy.io"
- equal:
path: spec.rules[0].http.paths[0].path
value: "/"
- equal:
path: spec.rules[0].http.paths[0].pathType
value: "Prefix"

View File

@@ -0,0 +1,15 @@
suite: Init template (basic)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/init.yaml
tests:
- it: renders a secret
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: Secret
apiVersion: v1
name: gitea-unittests-init

View File

@@ -0,0 +1,82 @@
suite: Init template
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/init.yaml
tests:
- it: runs gpg in batch mode
set:
signing.enabled: true
signing.privateKey: |-
-----BEGIN PGP PRIVATE KEY BLOCK-----
{placeholder}
-----END PGP PRIVATE KEY BLOCK-----
asserts:
- equal:
path: stringData["configure_gpg_environment.sh"]
value: |
#!/usr/bin/env bash
set -eu
gpg --batch --import "$TMP_RAW_GPG_KEY"
- it: skips gpg script block for disabled signing
asserts:
- equal:
path: stringData["init_directory_structure.sh"]
value: |-
#!/usr/bin/env bash
set -euo pipefail
mkdir -pv /data/git/.ssh
chmod -Rv 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
# prepare temp directory structure
mkdir -pv "${GITEA_TEMP}"
chmod -v ug+rwx "${GITEA_TEMP}"
- it: adds gpg script block for enabled signing
set:
signing.enabled: true
signing.privateKey: |-
-----BEGIN PGP PRIVATE KEY BLOCK-----
{placeholder}
-----END PGP PRIVATE KEY BLOCK-----
asserts:
- equal:
path: stringData["init_directory_structure.sh"]
value: |-
#!/usr/bin/env bash
set -euo pipefail
mkdir -pv /data/git/.ssh
chmod -Rv 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
# prepare temp directory structure
mkdir -pv "${GITEA_TEMP}"
chmod -v ug+rwx "${GITEA_TEMP}"
if [ ! -d "${GNUPGHOME}" ]; then
mkdir -pv "${GNUPGHOME}"
chmod -v 700 "${GNUPGHOME}"
chown -v 1000:1000 "${GNUPGHOME}"
fi
- it: it does not chown /data even when image.fullOverride is set
template: templates/gitea/init.yaml
set:
image.fullOverride: docker.gitea.com/gitea:1.20.5
asserts:
- equal:
path: stringData["init_directory_structure.sh"]
value: |-
#!/usr/bin/env bash
set -euo pipefail
mkdir -pv /data/git/.ssh
chmod -Rv 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
# prepare temp directory structure
mkdir -pv "${GITEA_TEMP}"
chmod -v ug+rwx "${GITEA_TEMP}"

View File

@@ -0,0 +1,72 @@
suite: Init template
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/init.yaml
tests:
- it: runs gpg in batch mode
set:
image.rootless: false
signing.enabled: true
signing.privateKey: |-
-----BEGIN PGP PRIVATE KEY BLOCK-----
{placeholder}
-----END PGP PRIVATE KEY BLOCK-----
asserts:
- equal:
path: stringData["configure_gpg_environment.sh"]
value: |
#!/usr/bin/env bash
set -eu
gpg --batch --import "$TMP_RAW_GPG_KEY"
- it: skips gpg script block for disabled signing
set:
image.rootless: false
asserts:
- equal:
path: stringData["init_directory_structure.sh"]
value: |-
#!/usr/bin/env bash
set -euo pipefail
chown -v 1000:1000 /data
mkdir -pv /data/git/.ssh
chmod -Rv 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
# prepare temp directory structure
mkdir -pv "${GITEA_TEMP}"
chown -v 1000:1000 "${GITEA_TEMP}"
chmod -v ug+rwx "${GITEA_TEMP}"
- it: adds gpg script block for enabled signing
set:
image.rootless: false
signing.enabled: true
signing.privateKey: |-
-----BEGIN PGP PRIVATE KEY BLOCK-----
{placeholder}
-----END PGP PRIVATE KEY BLOCK-----
asserts:
- equal:
path: stringData["init_directory_structure.sh"]
value: |-
#!/usr/bin/env bash
set -euo pipefail
chown -v 1000:1000 /data
mkdir -pv /data/git/.ssh
chmod -Rv 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
# prepare temp directory structure
mkdir -pv "${GITEA_TEMP}"
chown -v 1000:1000 "${GITEA_TEMP}"
chmod -v ug+rwx "${GITEA_TEMP}"
if [ ! -d "${GNUPGHOME}" ]; then
mkdir -pv "${GNUPGHOME}"
chmod -v 700 "${GNUPGHOME}"
chown -v 1000:1000 "${GNUPGHOME}"
fi

View File

@@ -0,0 +1,23 @@
suite: Metrics secret template (monitoring disabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/metrics-secret.yaml
tests:
- it: renders nothing if monitoring disabled and gitea.metrics.token empty
set:
gitea.metrics.enabled: false
gitea.metrics.serviceMonitor.enabled: false
gitea.metrics.token: ""
asserts:
- hasDocuments:
count: 0
- it: renders nothing if monitoring disabled and gitea.metrics.token not empty
set:
gitea.metrics.enabled: false
gitea.metrics.serviceMonitor.enabled: false
gitea.metrics.token: "test-token"
asserts:
- hasDocuments:
count: 0

View File

@@ -0,0 +1,33 @@
suite: Metrics secret template (monitoring enabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/metrics-secret.yaml
tests:
- it: renders nothing if monitoring enabled and gitea.metrics.token empty
set:
gitea.metrics.enabled: true
gitea.metrics.serviceMonitor.enabled: true
gitea.metrics.token: ""
asserts:
- hasDocuments:
count: 0
- it: renders Secret if monitoring enabled and gitea.metrics.token not empty
set:
gitea.metrics.enabled: true
gitea.metrics.serviceMonitor.enabled: true
gitea.metrics.token: "test-token"
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
containsDocument:
kind: Secret
apiVersion: v1
name: gitea-unittests-metrics-secret
- isNotNullOrEmpty:
path: metadata.labels
- equal:
path: data.token
value: "dGVzdC10b2tlbg=="

View File

@@ -0,0 +1,19 @@
suite: PVC template
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/pvc.yaml
tests:
- it: Storage Class using TPL
set:
global.persistence.storageClass: "storage-class"
persistence.enabled: true
persistence.create: true
persistence.storageClass: "{{ .Values.global.persistence.storageClass }}"
asserts:
- isKind:
of: PersistentVolumeClaim
- equal:
path: spec.storageClassName
value: "storage-class"

View File

@@ -0,0 +1,82 @@
suite: ServiceAccount template (basic)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/serviceaccount.yaml
tests:
- it: skips rendering by default
asserts:
- hasDocuments:
count: 0
- it: renders default ServiceAccount object with serviceAccount.create=true
set:
serviceAccount.create: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: ServiceAccount
apiVersion: v1
name: gitea-unittests
- equal:
path: automountServiceAccountToken
value: false
- notExists:
path: imagePullSecrets
- notExists:
path: metadata.annotations
- it: allows for adding custom labels
set:
serviceAccount:
create: true
labels:
custom: label
asserts:
- equal:
path: metadata.labels.custom
value: label
- it: allows for adding custom annotations
set:
serviceAccount:
create: true
annotations:
myCustom: annotation
asserts:
- equal:
path: metadata.annotations.myCustom
value: annotation
- it: allows to override the generated name
set:
serviceAccount:
create: true
name: provided-serviceaccount-name
asserts:
- equal:
path: metadata.name
value: provided-serviceaccount-name
- it: allows to mount the token
set:
serviceAccount:
create: true
automountServiceAccountToken: true
asserts:
- equal:
path: automountServiceAccountToken
value: true
- it: allows to reference image pull secrets
set:
serviceAccount:
create: true
imagePullSecrets:
- name: testing-image-pull-secret
- name: another-pull-secret
asserts:
- contains:
path: imagePullSecrets
content:
name: testing-image-pull-secret
- contains:
path: imagePullSecrets
content:
name: another-pull-secret

View File

@@ -0,0 +1,32 @@
suite: ServiceAccount template (reference)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/serviceaccount.yaml
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: does not modify the deployment by default
template: templates/gitea/deployment.yaml
asserts:
- notExists:
path: spec.serviceAccountName
- it: adds the reference to the deployment with serviceAccount.create=true
template: templates/gitea/deployment.yaml
set:
serviceAccount.create: true
asserts:
- equal:
path: spec.template.spec.serviceAccountName
value: gitea-unittests
- it: allows referencing an externally created ServiceAccount to the deployment
template: templates/gitea/deployment.yaml
set:
serviceAccount:
create: false # explicitly set to define rendering behavior
name: "externally-existing-serviceaccount"
asserts:
- equal:
path: spec.template.spec.serviceAccountName
value: externally-existing-serviceaccount

View File

@@ -0,0 +1,89 @@
suite: ServiceMonitor template (basic)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/servicemonitor.yaml
tests:
- it: skips rendering by default
asserts:
- hasDocuments:
count: 0
- it: renders default ServiceMonitor object with gitea.metrics.enabled=true
set:
gitea.metrics.enabled: true
asserts:
- hasDocuments:
count: 0
- it: renders default ServiceMonitor object with gitea.metrics.serviceMonitor.enabled=true
set:
gitea.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 0
- it: renders defaults
set:
gitea.metrics.enabled: true
gitea.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: ServiceMonitor
apiVersion: monitoring.coreos.com/v1
name: gitea-unittests
- notExists:
path: metadata.annotations
- notExists:
path: spec.endpoints[0].interval
- equal:
path: spec.endpoints[0].port
value: http
- notExists:
path: spec.endpoints[0].scheme
- notExists:
path: spec.endpoints[0].scrapeTimeout
- notExists:
path: spec.endpoints[0].tlsConfig
- it: renders custom scrape interval
set:
gitea.metrics.enabled: true
gitea.metrics.serviceMonitor.enabled: true
gitea.metrics.serviceMonitor.interval: 30s
gitea.metrics.serviceMonitor.scrapeTimeout: 5s
asserts:
- equal:
path: spec.endpoints[0].interval
value: 30s
- equal:
path: spec.endpoints[0].scrapeTimeout
value: 5s
- it: renders custom tls config
set:
gitea.metrics.enabled: true
gitea.metrics.serviceMonitor.enabled: true
gitea.metrics.serviceMonitor.scheme: https
gitea.metrics.serviceMonitor.tlsConfig.caFile: /etc/prometheus/tls/ca.crt
gitea.metrics.serviceMonitor.tlsConfig.certFile: /etc/prometheus/tls/tls.crt
gitea.metrics.serviceMonitor.tlsConfig.keyFile: /etc/prometheus/tls/tls.key
gitea.metrics.serviceMonitor.tlsConfig.insecureSkipVerify: false
gitea.metrics.serviceMonitor.tlsConfig.serverName: gitea-unittest
asserts:
- equal:
path: spec.endpoints[0].scheme
value: https
- equal:
path: spec.endpoints[0].tlsConfig.caFile
value: /etc/prometheus/tls/ca.crt
- equal:
path: spec.endpoints[0].tlsConfig.certFile
value: /etc/prometheus/tls/tls.crt
- equal:
path: spec.endpoints[0].tlsConfig.keyFile
value: /etc/prometheus/tls/tls.key
- equal:
path: spec.endpoints[0].tlsConfig.insecureSkipVerify
value: false
- equal:
path: spec.endpoints[0].tlsConfig.serverName
value: gitea-unittest

View File

@@ -0,0 +1,23 @@
suite: ServiceMonitor template (monitoring disabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/servicemonitor.yaml
tests:
- it: renders nothing if gitea.metrics.serviceMonitor disabled and gitea.metrics.token empty
set:
gitea.metrics.enabled: false
gitea.metrics.token: ""
gitea.metrics.serviceMonitor.enabled: false
asserts:
- hasDocuments:
count: 0
- it: renders nothing if gitea.metrics.serviceMonitor disabled and gitea.metrics.token not empty
set:
gitea.metrics.enabled: false
gitea.metrics.token: "test-token"
gitea.metrics.serviceMonitor.enabled: false
asserts:
- hasDocuments:
count: 0

View File

@@ -0,0 +1,70 @@
suite: ServiceMonitor template (monitoring enabled)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/servicemonitor.yaml
tests:
- it: renders unsecure ServiceMonitor if gitea.metrics.token nil
set:
gitea.metrics.enabled: true
gitea.metrics.token:
gitea.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
containsDocument:
kind: ServiceMonitor
apiVersion: monitoring.coreos.com/v1
name: gitea-unittests
- isNotNullOrEmpty:
path: metadata.labels
- equal:
path: spec.endpoints
value:
- port: http
- it: renders unsecure ServiceMonitor if gitea.metrics.token empty
set:
gitea.metrics.enabled: true
gitea.metrics.token: ""
gitea.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
containsDocument:
kind: ServiceMonitor
apiVersion: monitoring.coreos.com/v1
name: gitea-unittests
- isNotNullOrEmpty:
path: metadata.labels
- equal:
path: spec.endpoints
value:
- port: http
- it: renders secure ServiceMonitor if gitea.metrics.token not empty
set:
gitea.metrics.enabled: true
gitea.metrics.token: "test-token"
gitea.metrics.serviceMonitor.enabled: true
asserts:
- hasDocuments:
count: 1
- documentIndex: 0
containsDocument:
kind: ServiceMonitor
apiVersion: monitoring.coreos.com/v1
name: gitea-unittests
- isNotNullOrEmpty:
path: metadata.labels
- equal:
path: spec.endpoints
value:
- port: http
authorization:
type: Bearer
credentials:
name: gitea-unittests-metrics-secret
key: token
optional: false

View File

@@ -0,0 +1,14 @@
suite: Values conflicting checks
release:
name: gitea-unittests
namespace: testing
tests:
- it: fails when trying to configure valkey and valkey-cluster the same time
set:
valkey-cluster:
enabled: true
valkey:
enabled: true
asserts:
- failedTemplate:
errorMessage: valkey and valkey-cluster cannot be enabled at the same time. Please only choose one.

View File

@@ -1,66 +1,187 @@
# Default values for gitea. # Default values for gitea.
# This is a YAML-formatted file. # This is a YAML-formatted file.
# Declare variables to be passed into your templates. # Declare variables to be passed into your templates.
## @section Global
#
## @param global.imageRegistry global image registry override
## @param global.imagePullSecrets global image pull secrets override; can be extended by `imagePullSecrets`
## @param global.storageClass global storage class override
## @param global.hostAliases global hostAliases which will be added to the pod's hosts files
global:
imageRegistry: ""
## E.g.
## imagePullSecrets:
## - myRegistryKeySecretName
##
imagePullSecrets: []
storageClass: ""
hostAliases: []
# - ip: 192.168.137.2
# hostnames:
# - example.com
## @param namespace An explicit namespace to deploy gitea into. Defaults to the release namespace if not specified
namespace: ""
## @param replicaCount number of replicas for the deployment
replicaCount: 1 replicaCount: 1
## @section strategy
## @param strategy.type strategy type
## @param strategy.rollingUpdate.maxSurge maxSurge
## @param strategy.rollingUpdate.maxUnavailable maxUnavailable
strategy:
type: "RollingUpdate"
rollingUpdate:
maxSurge: "100%"
maxUnavailable: 0
## @param clusterDomain cluster domain
clusterDomain: cluster.local clusterDomain: cluster.local
## @section Image
## @param image.registry image registry, e.g. gcr.io,docker.io
## @param image.repository Image to start for this pod
## @param image.tag Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml.
## @param image.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest`
## @param image.pullPolicy Image pull policy
## @param image.rootless Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher
## @param image.fullOverride Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).**
image: image:
repository: gitea/gitea registry: "docker.gitea.com"
tag: 1.14.2 repository: gitea
pullPolicy: Always # Overrides the image tag whose default is the chart appVersion.
rootless: false # only possible when running 1.14 or later tag: ""
digest: ""
pullPolicy: IfNotPresent
rootless: true
fullOverride: ""
## @param imagePullSecrets Secret to use for pulling the image
imagePullSecrets: [] imagePullSecrets: []
# only usable with rootless image due to image design ## @section Security
securityContext: {} # Security context is only usable with rootless image due to image design
## @param podSecurityContext.fsGroup Set the shared file system group for all containers in the pod.
podSecurityContext:
fsGroup: 1000
## @param containerSecurityContext Security context
containerSecurityContext: {}
# allowPrivilegeEscalation: false # allowPrivilegeEscalation: false
# capabilities: # capabilities:
# drop: # drop:
# - ALL # - ALL
# # Add the SYS_CHROOT capability for root and rootless images if you intend to
# # run pods on nodes that use the container runtime cri-o. Otherwise, you will
# # get an error message from the SSH server that it is not possible to read from
# # the repository.
# # https://gitea.com/gitea/helm-gitea/issues/161
# add:
# - SYS_CHROOT
# privileged: false # privileged: false
# readOnlyRootFilesystem: true # readOnlyRootFilesystem: true
# runAsGroup: 1000 # runAsGroup: 1000
# runAsNonRoot: true # runAsNonRoot: true
# runAsUser: 1000 # runAsUser: 1000
## @deprecated The securityContext variable has been split two:
## - containerSecurityContext
## - podSecurityContext.
## @param securityContext Run init and Gitea containers as a specific securityContext
securityContext: {}
## @param podDisruptionBudget Pod disruption budget
podDisruptionBudget: {}
# maxUnavailable: 1
# minAvailable: 1
## @section Service
service: service:
## @param service.http.type Kubernetes service type for web traffic
## @param service.http.port Port number for web traffic
## @param service.http.clusterIP ClusterIP setting for http autosetup for deployment is None
## @param service.http.loadBalancerIP LoadBalancer IP setting
## @param service.http.nodePort NodePort for http service
## @param service.http.externalTrafficPolicy If `service.http.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation
## @param service.http.externalIPs External IPs for service
## @param service.http.ipFamilyPolicy HTTP service dual-stack policy
## @param service.http.ipFamilies HTTP service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/).
## @param service.http.loadBalancerSourceRanges Source range filter for http loadbalancer
## @param service.http.annotations HTTP service annotations
## @param service.http.labels HTTP service additional labels
## @param service.http.loadBalancerClass Loadbalancer class
http: http:
type: ClusterIP type: ClusterIP
port: 3000 port: 3000
clusterIP: None clusterIP: None
#loadBalancerIP: loadBalancerIP:
#nodePort: nodePort:
#externalTrafficPolicy: externalTrafficPolicy:
#externalIPs: externalIPs:
ipFamilyPolicy:
ipFamilies:
loadBalancerSourceRanges: [] loadBalancerSourceRanges: []
annotations: annotations: {}
labels: {}
loadBalancerClass:
## @param service.ssh.type Kubernetes service type for ssh traffic
## @param service.ssh.port Port number for ssh traffic
## @param service.ssh.clusterIP ClusterIP setting for ssh autosetup for deployment is None
## @param service.ssh.loadBalancerIP LoadBalancer IP setting
## @param service.ssh.nodePort NodePort for ssh service
## @param service.ssh.externalTrafficPolicy If `service.ssh.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation
## @param service.ssh.externalIPs External IPs for service
## @param service.ssh.ipFamilyPolicy SSH service dual-stack policy
## @param service.ssh.ipFamilies SSH service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/).
## @param service.ssh.hostPort HostPort for ssh service
## @param service.ssh.loadBalancerSourceRanges Source range filter for ssh loadbalancer
## @param service.ssh.annotations SSH service annotations
## @param service.ssh.labels SSH service additional labels
## @param service.ssh.loadBalancerClass Loadbalancer class
ssh: ssh:
type: ClusterIP type: ClusterIP
port: 22 port: 22
clusterIP: None clusterIP: None
#loadBalancerIP: loadBalancerIP:
#nodePort: nodePort:
#externalTrafficPolicy: externalTrafficPolicy:
#externalIPs: externalIPs:
ipFamilyPolicy:
ipFamilies:
hostPort:
loadBalancerSourceRanges: [] loadBalancerSourceRanges: []
annotations: annotations: {}
labels: {}
loadBalancerClass:
## @section Ingress
## @param ingress.enabled Enable ingress
## @param ingress.className DEPRECATED: Ingress class name.
## @param ingress.pathType Ingress Path Type
## @param ingress.annotations Ingress annotations
## @param ingress.hosts[0].host Default Ingress host
## @param ingress.hosts[0].paths[0].path Default Ingress path
## @param ingress.tls Ingress tls settings
ingress: ingress:
enabled: false enabled: false
className: ""
pathType: Prefix
annotations: {} annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts: hosts:
- git.example.com - host: git.example.com
paths:
- path: /
tls: [] tls: []
# - secretName: chart-example-tls # - secretName: chart-example-tls
# hosts: # hosts:
# - git.example.com # - git.example.com
resources: {} ## @section deployment
#
## @param resources Kubernetes resources
resources:
{}
# We usually recommend not to specify default resources and to leave this as a conscious # We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little # choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following # resources, such as Minikube. If you do want to specify resources, uncomment the following
@@ -75,48 +196,118 @@ resources: {}
## Use an alternate scheduler, e.g. "stork". ## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
## ##
# schedulerName: ## @param schedulerName Use an alternate scheduler, e.g. "stork"
schedulerName: ""
## @param nodeSelector NodeSelector for the deployment
nodeSelector: {} nodeSelector: {}
## @param tolerations Tolerations for the deployment
tolerations: [] tolerations: []
## @param affinity Affinity for the deployment
affinity: {} affinity: {}
statefulset: ## @param topologySpreadConstraints TopologySpreadConstraints for the deployment
env: [] topologySpreadConstraints: []
## @param dnsConfig dnsConfig for the deployment
dnsConfig: {}
## @param priorityClassName priorityClassName for the deployment
priorityClassName: ""
## @param deployment.env Additional environment variables to pass to containers
## @param deployment.terminationGracePeriodSeconds How long to wait until forcefully kill the pod
## @param deployment.labels Labels for the deployment
## @param deployment.annotations Annotations for the Gitea deployment to be created
deployment:
env:
[]
# - name: VARIABLE # - name: VARIABLE
# value: my-value # value: my-value
terminationGracePeriodSeconds: 60 terminationGracePeriodSeconds: 60
labels: {} labels: {}
annotations: {}
## @section ServiceAccount
## @param serviceAccount.create Enable the creation of a ServiceAccount
## @param serviceAccount.name Name of the created ServiceAccount, defaults to release name. Can also link to an externally provided ServiceAccount that should be used.
## @param serviceAccount.automountServiceAccountToken Enable/disable auto mounting of the service account token
## @param serviceAccount.imagePullSecrets Image pull secrets, available to the ServiceAccount
## @param serviceAccount.annotations Custom annotations for the ServiceAccount
## @param serviceAccount.labels Custom labels for the ServiceAccount
serviceAccount:
create: false
name: ""
automountServiceAccountToken: false
imagePullSecrets: []
# - name: private-registry-access
annotations: {}
labels: {}
## @section Persistence
#
## @param persistence.enabled Enable persistent storage
## @param persistence.create Whether to create the persistentVolumeClaim for shared storage
## @param persistence.mount Whether the persistentVolumeClaim should be mounted (even if not created)
## @param persistence.claimName Use an existing claim to store repository information
## @param persistence.size Size for persistence to store repo information
## @param persistence.accessModes AccessMode for persistence
## @param persistence.labels Labels for the persistence volume claim to be created
## @param persistence.annotations.helm.sh/resource-policy Resource policy for the persistence volume claim
## @param persistence.storageClass Name of the storage class to use
## @param persistence.subPath Subdirectory of the volume to mount at
## @param persistence.volumeName Name of persistent volume in PVC
persistence: persistence:
enabled: true enabled: true
# existingClaim: create: true
mount: true
claimName: gitea-shared-storage
size: 10Gi size: 10Gi
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
labels: {} labels: {}
annotations: {} storageClass:
# storageClass: subPath:
volumeName: ""
annotations:
helm.sh/resource-policy: keep
# additional volumes to add to the Gitea statefulset. ## @param extraContainers Additional sidecar containers to run in the pod
extraVolumes: extraContainers: []
# - name: sidecar-bob
# image: busybox
# command: [/bin/sh, -c, 'echo "Hello world"; sleep 86400']
## @param extraVolumes Additional volumes to mount to the Gitea deployment
extraVolumes: []
# - name: postgres-ssl-vol # - name: postgres-ssl-vol
# secret: # secret:
# secretName: gitea-postgres-ssl # secretName: gitea-postgres-ssl
## @param extraContainerVolumeMounts Mounts that are only mapped into the Gitea runtime/main container, to e.g. override custom templates.
extraContainerVolumeMounts: []
# additional volumes to mount, both to the init container and to the main ## @param extraInitVolumeMounts Mounts that are only mapped into the init-containers. Can be used for additional preconfiguration.
# container. As an example, can be used to mount a client cert when connecting extraInitVolumeMounts: []
# to an external Postgres server.
extraVolumeMounts: ## @deprecated The extraVolumeMounts variable has been split two:
## - extraContainerVolumeMounts
## - extraInitVolumeMounts
## As an example, can be used to mount a client cert when connecting to an external Postgres server.
## @param extraVolumeMounts **DEPRECATED** Additional volume mounts for init containers and the Gitea main container
extraVolumeMounts: []
# - name: postgres-ssl-vol # - name: postgres-ssl-vol
# readOnly: true # readOnly: true
# mountPath: "/pg-ssl" # mountPath: "/pg-ssl"
# bash shell script copied verbatim to the start of the init-container. ## @section Init
## @param initPreScript Bash shell script copied verbatim to the start of the init-container.
initPreScript: "" initPreScript: ""
## @param initContainersScriptsVolumeMountPath Path to mount the scripts consumed from the Secrets
initContainersScriptsVolumeMountPath: "/usr/sbinx"
# #
# initPreScript: | # initPreScript: |
# mkdir -p /data/git/.postgresql # mkdir -p /data/git/.postgresql
@@ -124,155 +315,306 @@ initPreScript: ""
# chown -R git:git /data/git/.postgresql/ # chown -R git:git /data/git/.postgresql/
# chmod 400 /data/git/.postgresql/postgresql.key # chmod 400 /data/git/.postgresql/postgresql.key
## @param initContainers.resources.limits initContainers.limits Kubernetes resource limits for init containers
## @param initContainers.resources.requests.cpu initContainers.requests.cpu Kubernetes cpu resource limits for init containers
## @param initContainers.resources.requests.memory initContainers.requests.memory Kubernetes memory resource limits for init containers
initContainers:
resources:
limits: {}
requests:
cpu: 100m
memory: 128Mi
# Configure commit/action signing prerequisites
## @section Signing
#
## @param signing.enabled Enable commit/action signing
## @param signing.gpgHome GPG home directory
## @param signing.privateKey Inline private gpg key for signed internal Git activity
## @param signing.existingSecret Use an existing secret to store the value of `signing.privateKey`
signing:
enabled: false
gpgHome: /data/git/.gnupg
privateKey: ""
# privateKey: |-
# -----BEGIN PGP PRIVATE KEY BLOCK-----
# ...
# -----END PGP PRIVATE KEY BLOCK-----
existingSecret: ""
## @section Gitea
#
gitea: gitea:
## @param gitea.admin.username Username for the Gitea admin user
## @param gitea.admin.existingSecret Use an existing secret to store admin user credentials
## @param gitea.admin.password Password for the Gitea admin user
## @param gitea.admin.email Email for the Gitea admin user
## @param gitea.admin.passwordMode Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated
admin: admin:
#existingSecret: gitea-admin-secret # existingSecret: gitea-admin-secret
existingSecret:
username: gitea_admin username: gitea_admin
password: r8sA8CPHD9!bt6d password: r8sA8CPHD9!bt6d
email: "gitea@local.domain" email: "gitea@local.domain"
passwordMode: keepUpdated
## @param gitea.metrics.enabled Enable Gitea metrics
## @param gitea.metrics.token used for `bearer` token authentication on metrics endpoint. If not specified or empty metrics endpoint is public.
## @param gitea.metrics.serviceMonitor.enabled Enable Gitea metrics service monitor. Requires, that `gitea.metrics.enabled` is also set to true, to enable metrics generally.
## @param gitea.metrics.serviceMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.
## @param gitea.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping.
## @param gitea.metrics.serviceMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`. Default is http.
## @param gitea.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.
## @param gitea.metrics.serviceMonitor.tlsConfig TLS configuration to use when scraping the metric endpoint by Prometheus.
metrics: metrics:
enabled: false enabled: false
token:
serviceMonitor: serviceMonitor:
enabled: false enabled: false
# additionalLabels: # additionalLabels:
# prometheus-release: prom1 # prometheus-release: prom1
interval: ""
relabelings: []
scheme: ""
scrapeTimeout: ""
tlsConfig: {}
## @param gitea.ldap LDAP configuration
ldap: ldap:
enabled: false []
#existingSecret: gitea-ldap-secret # - name: "LDAP 1"
#name: # existingSecret:
#securityProtocol: # securityProtocol:
#host: # host:
#port: # port:
#userSearchBase: # userSearchBase:
#userFilter: # userFilter:
#adminFilter: # adminFilter:
#emailAttribute: # emailAttribute:
#bindDn: # bindDn:
#bindPassword: # bindPassword:
#usernameAttribute: # usernameAttribute:
#sshPublicKeyAttribute: # publicSSHKeyAttribute:
# Either specify inline `key` and `secret` or refer to them via `existingSecret`
## @param gitea.oauth OAuth configuration
oauth: oauth:
enabled: false []
#name: # - name: 'OAuth 1'
#provider: # provider:
#key: # key:
#secret: # secret:
#autoDiscoverUrl: # existingSecret:
#useCustomUrls: # autoDiscoverUrl:
#customAuthUrl: # useCustomUrls:
#customTokenUrl: # customAuthUrl:
#customProfileUrl: # customTokenUrl:
#customEmailUrl: # customProfileUrl:
# customEmailUrl:
config: {} ## @param gitea.config.server.SSH_PORT SSH port for rootlful Gitea image
## @param gitea.config.server.SSH_LISTEN_PORT SSH port for rootless Gitea image
config:
# APP_NAME: "Gitea: Git with a cup of tea" # APP_NAME: "Gitea: Git with a cup of tea"
# RUN_MODE: dev # RUN_MODE: dev
# server:
# server: SSH_PORT: 22 # rootful image
# SSH_PORT: 22 SSH_LISTEN_PORT: 2222 # rootless image
# #
# security: # security:
# PASSWORD_COMPLEXITY: spec # PASSWORD_COMPLEXITY: spec
## @param gitea.additionalConfigSources Additional configuration from secret or configmap
additionalConfigSources: []
# - secret:
# secretName: gitea-app-ini-oauth
# - configMap:
# name: gitea-app-ini-plaintext
## @param gitea.additionalConfigFromEnvs Additional configuration sources from environment variables
additionalConfigFromEnvs: []
## @param gitea.podAnnotations Annotations for the Gitea pod
podAnnotations: {} podAnnotations: {}
database: ## @param gitea.ssh.logLevel Configure OpenSSH's log level. Only available for root-based Gitea image.
builtIn: ssh:
postgresql: logLevel: "INFO"
enabled: true
mysql:
enabled: false
mariadb:
enabled: false
cache:
builtIn:
enabled: true
## @section LivenessProbe
#
## @param gitea.livenessProbe.enabled Enable liveness probe
## @param gitea.livenessProbe.tcpSocket.port Port to probe for liveness
## @param gitea.livenessProbe.initialDelaySeconds Initial delay before liveness probe is initiated
## @param gitea.livenessProbe.timeoutSeconds Timeout for liveness probe
## @param gitea.livenessProbe.periodSeconds Period for liveness probe
## @param gitea.livenessProbe.successThreshold Success threshold for liveness probe
## @param gitea.livenessProbe.failureThreshold Failure threshold for liveness probe
# Modify the liveness probe for your needs or completely disable it by commenting out.
livenessProbe: livenessProbe:
enabled: true enabled: true
tcpSocket:
port: http
initialDelaySeconds: 200 initialDelaySeconds: 200
timeoutSeconds: 1 timeoutSeconds: 1
periodSeconds: 10 periodSeconds: 10
successThreshold: 1 successThreshold: 1
failureThreshold: 10 failureThreshold: 10
## @section ReadinessProbe
#
## @param gitea.readinessProbe.enabled Enable readiness probe
## @param gitea.readinessProbe.tcpSocket.port Port to probe for readiness
## @param gitea.readinessProbe.initialDelaySeconds Initial delay before readiness probe is initiated
## @param gitea.readinessProbe.timeoutSeconds Timeout for readiness probe
## @param gitea.readinessProbe.periodSeconds Period for readiness probe
## @param gitea.readinessProbe.successThreshold Success threshold for readiness probe
## @param gitea.readinessProbe.failureThreshold Failure threshold for readiness probe
# Modify the readiness probe for your needs or completely disable it by commenting out.
readinessProbe: readinessProbe:
enabled: true enabled: true
tcpSocket:
port: http
initialDelaySeconds: 5 initialDelaySeconds: 5
timeoutSeconds: 1 timeoutSeconds: 1
periodSeconds: 10 periodSeconds: 10
successThreshold: 1 successThreshold: 1
failureThreshold: 3 failureThreshold: 3
# # Uncomment the startup probe to enable and modify it for your needs.
## @section StartupProbe
#
## @param gitea.startupProbe.enabled Enable startup probe
## @param gitea.startupProbe.tcpSocket.port Port to probe for startup
## @param gitea.startupProbe.initialDelaySeconds Initial delay before startup probe is initiated
## @param gitea.startupProbe.timeoutSeconds Timeout for startup probe
## @param gitea.startupProbe.periodSeconds Period for startup probe
## @param gitea.startupProbe.successThreshold Success threshold for startup probe
## @param gitea.startupProbe.failureThreshold Failure threshold for startup probe
startupProbe: startupProbe:
enabled: false enabled: false
tcpSocket:
port: http
initialDelaySeconds: 60 initialDelaySeconds: 60
timeoutSeconds: 1
periodSeconds: 10 periodSeconds: 10
successThreshold: 1 successThreshold: 1
failureThreshold: 10 failureThreshold: 10
# customLivenessProbe: ## @section valkey-cluster
# httpGet: ## @param valkey-cluster.enabled Enable valkey cluster
# path: /user/login # ⚠️ The valkey charts do not work well with special characters in the password (<https://gitea.com/gitea/helm-chart/issues/690>).
# port: http # Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed.
# initialDelaySeconds: 60 ## @param valkey-cluster.usePassword Whether to use password authentication
# periodSeconds: 10 ## @param valkey-cluster.usePasswordFiles Whether to mount passwords as files instead of environment variables
# successThreshold: 1 ## @param valkey-cluster.cluster.nodes Number of valkey cluster master nodes
# failureThreshold: 10 ## @param valkey-cluster.cluster.replicas Number of valkey cluster master node replicas
# customReadinessProbe: ## @param valkey-cluster.service.ports.valkey Port of Valkey service
# httpGet: ## @descriptionStart
# path: /user/login ## Valkey cluster and [Valkey](#valkey) cannot be enabled at the same time.
# port: http ## @descriptionEnd
# initialDelaySeconds: 5 valkey-cluster:
# periodSeconds: 10 enabled: true
# successThreshold: 1 usePassword: false
# failureThreshold: 3 usePasswordFiles: false
# customStartupProbe: cluster:
# httpGet: nodes: 3 # default: 6
# path: /user/login replicas: 0 # default: 1
# port: http
# initialDelaySeconds: 60
# periodSeconds: 10
# successThreshold: 1
# failureThreshold: 10
memcached:
service: service:
port: 11211 ports:
valkey: 6379
postgresql: ## @section valkey
## @param valkey.enabled Enable valkey standalone or replicated
## @param valkey.architecture Whether to use standalone or replication
# ⚠️ The valkey charts do not work well with special characters in the password (<https://gitea.com/gitea/helm-chart/issues/690>).
# Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed.
## @param valkey.global.valkey.password Required password
## @param valkey.master.count Number of Valkey master instances to deploy
## @param valkey.master.service.ports.valkey Port of Valkey service
## @descriptionStart
## Valkey and [Valkey cluster](#valkey-cluster) cannot be enabled at the same time.
## @descriptionEnd
valkey:
enabled: false
architecture: standalone
global:
valkey:
password: changeme
master:
count: 1
service:
ports:
valkey: 6379
## @section PostgreSQL HA
#
## @param postgresql-ha.enabled Enable PostgreSQL HA
## @param postgresql-ha.postgresql.password Password for the `gitea` user (overrides `auth.password`)
## @param postgresql-ha.global.postgresql.database Name for a custom database to create (overrides `auth.database`)
## @param postgresql-ha.global.postgresql.username Name for a custom user to create (overrides `auth.username`)
## @param postgresql-ha.global.postgresql.password Name for a custom password to create (overrides `auth.password`)
## @param postgresql-ha.postgresql.repmgrPassword Repmgr Password
## @param postgresql-ha.postgresql.postgresPassword postgres Password
## @param postgresql-ha.pgpool.adminPassword pgpool adminPassword
## @param postgresql-ha.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`)
## @param postgresql-ha.persistence.size PVC Storage Request for PostgreSQL HA volume
postgresql-ha:
global: global:
postgresql: postgresql:
postgresqlDatabase: gitea database: gitea
postgresqlUsername: gitea
postgresqlPassword: gitea
servicePort: 5432
persistence:
size: 10Gi
mysql:
root:
password: gitea password: gitea
db: username: gitea
user: gitea enabled: true
password: gitea postgresql:
name: gitea repmgrPassword: changeme2
postgresPassword: changeme1
password: changeme4
pgpool:
adminPassword: changeme3
service: service:
port: 3306 ports:
postgresql: 5432
persistence: persistence:
size: 10Gi size: 10Gi
mariadb: ## @section PostgreSQL
#
## @param postgresql.enabled Enable PostgreSQL
## @param postgresql.global.postgresql.auth.password Password for the `gitea` user (overrides `auth.password`)
## @param postgresql.global.postgresql.auth.database Name for a custom database to create (overrides `auth.database`)
## @param postgresql.global.postgresql.auth.username Name for a custom user to create (overrides `auth.username`)
## @param postgresql.global.postgresql.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`)
## @param postgresql.primary.persistence.size PVC Storage Request for PostgreSQL volume
postgresql:
enabled: false
global:
postgresql:
auth: auth:
password: gitea
database: gitea database: gitea
username: gitea username: gitea
password: gitea
rootPassword: gitea
primary:
service: service:
port: 3306 ports:
postgresql: 5432
primary:
persistence: persistence:
size: 10Gi size: 10Gi
# By default, removed or moved settings that still remain in a user defined values.yaml will cause Helm to fail running the install/update.
# Set it to false to skip this basic validation check.
## @section Advanced
## @param checkDeprecation Set it to false to skip this basic validation check.
## @param test.enabled Set it to false to disable test-connection Pod.
## @param test.image.name Image name for the wget container used in the test-connection Pod.
## @param test.image.tag Image tag for the wget container used in the test-connection Pod.
checkDeprecation: true
test:
enabled: true
image:
name: busybox
tag: latest
## @param extraDeploy Array of extra objects to deploy with the release
##
extraDeploy: []