Add image.fullOverride
(#550)
### Description of the change This PR is a continuation of the work done by @dgershman in [534](https://gitea.com/gitea/helm-chart/pulls/534), to allow users to override the image from the default rootless behavior of appending `-rootless` to the end of the image tag. ### Benefits Allows more flexibility to use externally maintained images that are rootless but don't follow the `-rootless` tag convention. ### Applicable issues - fixes #532 ### Additional information No breaking changes. This does not affect the `image.rootless` conditional checks or the current behavior if someone still wants to rely on the chart to append `-rootless`. ### Checklist - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [x] Breaking changes are documented in the `README.md` - [x] Templating unittests are added Co-authored-by: TristanHoladay <40547442+TristanHoladay@users.noreply.github.com> Co-authored-by: pat-s <pat-s@noreply.gitea.com> Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/550 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: TristanHoladay <tristanholaday@noreply.gitea.com> Co-committed-by: TristanHoladay <tristanholaday@noreply.gitea.com>
This commit is contained in:
parent
23847eba1c
commit
3cf91bf6e7
48
README.md
48
README.md
@ -10,6 +10,7 @@
|
||||
- [Database defaults](#database-defaults)
|
||||
- [Server defaults](#server-defaults)
|
||||
- [Metrics defaults](#metrics-defaults)
|
||||
- [Rootless defaults](#rootless-defaults)
|
||||
- [Single-Pod Configurations](#single-pod-configurations)
|
||||
- [Additional _app.ini_ settings](#additional-appini-settings)
|
||||
- [User defined environment variables in app.ini](#user-defined-environment-variables-in-appini)
|
||||
@ -172,6 +173,26 @@ The Prometheus `/metrics` endpoint is disabled by default.
|
||||
ENABLED = false
|
||||
```
|
||||
|
||||
#### Rootless Defaults
|
||||
|
||||
If `.Values.image.rootless: true`, then the following will occur. In case you use `.Values.image.fullOverride`, check that this works in your image:
|
||||
|
||||
- `$HOME` becomes `/data/gitea/git`
|
||||
|
||||
[see deployment.yaml](./templates/gitea/deployment.yaml) template inside (init-)container "env" declarations
|
||||
|
||||
- `START_SSH_SERVER: true` (Unless explicity overwritten by `gitea.config.server.START_SSH_SERVER`)
|
||||
|
||||
[see \_helpers.tpl](./templates/_helpers.tpl) in `gitea.inline_configuration.defaults.server` definition
|
||||
|
||||
- `SSH_LISTEN_PORT: 2222` (Unless explicity overwritten by `gitea.config.server.SSH_LISTEN_PORT`)
|
||||
|
||||
[see \_helpers.tpl](./templates/_helpers.tpl) in `gitea.inline_configuration.defaults.server` definition
|
||||
|
||||
- `SSH_LOG_LEVEL` environment variable is not injected into the container
|
||||
|
||||
[see deployment.yaml](./templates/gitea/deployment.yaml) template inside container "env" declarations
|
||||
|
||||
### Single-Pod Configurations
|
||||
|
||||
If HA is not needed/desired, the following configurations can be used to deploy a single-pod Gitea instance.
|
||||
@ -216,9 +237,9 @@ If HA is not needed/desired, the following configurations can be used to deploy
|
||||
**Do not use this configuration for production use**.
|
||||
|
||||
<details>
|
||||
|
||||
|
||||
<summary>values.yml</summary>
|
||||
|
||||
|
||||
```yaml
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
@ -226,10 +247,10 @@ If HA is not needed/desired, the following configurations can be used to deploy
|
||||
enabled: false
|
||||
postgresql-ha:
|
||||
enabled: false
|
||||
|
||||
|
||||
persistence:
|
||||
enabled: false
|
||||
|
||||
|
||||
gitea:
|
||||
config:
|
||||
database:
|
||||
@ -785,15 +806,16 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
|
||||
|
||||
### Image
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------ | --------------------------------------------------------------------------------------------------------------------------------------- | ------------- |
|
||||
| `image.registry` | image registry, e.g. gcr.io,docker.io | `""` |
|
||||
| `image.repository` | Image to start for this pod | `gitea/gitea` |
|
||||
| `image.tag` | Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml. | `""` |
|
||||
| `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` |
|
||||
| `image.pullPolicy` | Image pull policy | `Always` |
|
||||
| `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `true` |
|
||||
| `imagePullSecrets` | Secret to use for pulling the image | `[]` |
|
||||
| Name | Description | Value |
|
||||
| -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------- |
|
||||
| `image.registry` | image registry, e.g. gcr.io,docker.io | `""` |
|
||||
| `image.repository` | Image to start for this pod | `gitea/gitea` |
|
||||
| `image.tag` | Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml. | `""` |
|
||||
| `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` |
|
||||
| `image.pullPolicy` | Image pull policy | `Always` |
|
||||
| `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `true` |
|
||||
| `image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** | `""` |
|
||||
| `imagePullSecrets` | Secret to use for pulling the image | `[]` |
|
||||
|
||||
### Security
|
||||
|
||||
|
@ -56,6 +56,7 @@ Create chart name and version as used by the chart label.
|
||||
Create image name and tag used by the deployment.
|
||||
*/}}
|
||||
{{- define "gitea.image" -}}
|
||||
{{- $fullOverride := .Values.image.fullOverride | default "" -}}
|
||||
{{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}}
|
||||
{{- $repository := .Values.image.repository -}}
|
||||
{{- $separator := ":" -}}
|
||||
@ -65,7 +66,9 @@ Create image name and tag used by the deployment.
|
||||
{{- if .Values.image.digest }}
|
||||
{{- $digest = (printf "@%s" (.Values.image.digest | toString)) -}}
|
||||
{{- end -}}
|
||||
{{- if $registry }}
|
||||
{{- if $fullOverride }}
|
||||
{{- printf "%s" $fullOverride -}}
|
||||
{{- else if $registry }}
|
||||
{{- printf "%s/%s%s%s%s%s" $registry $repository $separator $tag $rootless $digest -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s%s%s%s%s" $repository $separator $tag $rootless $digest -}}
|
||||
|
@ -57,6 +57,21 @@ tests:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: "gitea/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
|
||||
- it: image fullOverride (does not append rootless)
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
image:
|
||||
fullOverride: gitea/gitea:1.19.3
|
||||
# setting rootless, registry, repository, tag, and digest to prove that override works
|
||||
rootless: true
|
||||
registry: example.com
|
||||
repository: example/image
|
||||
tag: "1.0.0"
|
||||
digest: sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: "gitea/gitea:1.19.3"
|
||||
- it: digest for root-based image
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
|
@ -27,6 +27,18 @@ tests:
|
||||
content:
|
||||
name: SSH_LOG_LEVEL
|
||||
value: "DEBUG"
|
||||
- it: supports overriding SSH log level (even when image.fullOverride set)
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
image.fullOverride: gitea/gitea:1.19.3
|
||||
image.rootless: false
|
||||
gitea.ssh.logLevel: "DEBUG"
|
||||
asserts:
|
||||
- contains:
|
||||
path: spec.template.spec.containers[0].env
|
||||
content:
|
||||
name: SSH_LOG_LEVEL
|
||||
value: "DEBUG"
|
||||
- it: skips SSH_LOG_LEVEL for rootless image
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
@ -38,3 +50,15 @@ tests:
|
||||
any: true
|
||||
content:
|
||||
name: SSH_LOG_LEVEL
|
||||
- it: skips SSH_LOG_LEVEL for rootless image (even when image.fullOverride set)
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
image.fullOverride: gitea/gitea:1.19.3
|
||||
image.rootless: true
|
||||
gitea.ssh.logLevel: "DEBUG" # explicitly defining a non-standard level here
|
||||
asserts:
|
||||
- notContains:
|
||||
path: spec.template.spec.containers[0].env
|
||||
any: true
|
||||
content:
|
||||
name: SSH_LOG_LEVEL
|
||||
|
@ -66,3 +66,23 @@ tests:
|
||||
chmod 700 "${GNUPGHOME}"
|
||||
chown 1000:1000 "${GNUPGHOME}"
|
||||
fi
|
||||
- it: it does not chown /data even when image.fullOverride is set
|
||||
template: templates/gitea/init.yaml
|
||||
set:
|
||||
image.fullOverride: gitea/gitea:1.20.5
|
||||
asserts:
|
||||
- equal:
|
||||
path: stringData["init_directory_structure.sh"]
|
||||
value: |-
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
set -x
|
||||
mkdir -p /data/git/.ssh
|
||||
chmod -R 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
|
||||
|
||||
# prepare temp directory structure
|
||||
mkdir -p "${GITEA_TEMP}"
|
||||
chmod ug+rwx "${GITEA_TEMP}"
|
||||
|
@ -43,6 +43,7 @@ clusterDomain: cluster.local
|
||||
## @param image.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest`
|
||||
## @param image.pullPolicy Image pull policy
|
||||
## @param image.rootless Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher
|
||||
## @param image.fullOverride Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).**
|
||||
image:
|
||||
registry: ""
|
||||
repository: gitea/gitea
|
||||
@ -51,6 +52,7 @@ image:
|
||||
digest: ""
|
||||
pullPolicy: Always
|
||||
rootless: true
|
||||
fullOverride: ""
|
||||
|
||||
## @param imagePullSecrets Secret to use for pulling the image
|
||||
imagePullSecrets: []
|
||||
|
Loading…
x
Reference in New Issue
Block a user