From 9d83b93ce69e371e70833532fa239f2c6963377a Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Wed, 30 Jun 2021 11:02:16 +0200 Subject: [PATCH] Drop kebab-case configuration keys --- README.md | 53 +++----------------------------- templates/_helpers.tpl | 14 ++++----- templates/gitea/statefulset.yaml | 6 ++-- 3 files changed, 16 insertions(+), 57 deletions(-) diff --git a/README.md b/README.md index 3682381..50024d2 100644 --- a/README.md +++ b/README.md @@ -314,9 +314,6 @@ gitea: Like the admin user the LDAP settings can be updated, but also disabled or deleted. All LDAP values from are available. -You can either use them in camel case or kebab case. - -camelCase: ```yaml gitea: @@ -336,25 +333,6 @@ camelCase: sshPublicKeyAttribute: sshPublicKey ``` -kebab-case: - -```yaml - gitea: - ldap: - enabled: true - name: 'MyAwesomeGiteaLdap' - security-protocol: unencrypted - host: "127.0.0.1" - port: "389" - user-search-base: ou=Users,dc=example,dc=com - user-filter: sAMAccountName=%s - admin-filter: CN=Admin,CN=Group,DC=example,DC=com - email-attribute: mail - bind-dn: CN=ldap read,OU=Spezial,DC=example,DC=com - bind-password: JustAnotherBindPw - username-attribute: CN -``` - You can also use an existing secret to set the bindDn and bindPassword: ```yaml @@ -376,19 +354,16 @@ gitea: :warning: Some options are just flags and therefore don't any values. If they are defined in `gitea.ldap` configuration, they will be passed to the gitea cli without any value. Affected options: -- notActive | not-active -- skipTlsVerify | skip-tls-verify -- allowDeactivateAll | allow-deactivate-all -- synchronizeUsers | synchronize-users -- attributesInBind | attributes-in-bind +- notActive +- skipTlsVerify +- allowDeactivateAll +- synchronizeUsers +- attributesInBind ### OAuth2 Settings Like the admin user, OAuth2 settings can be updated and disabled but not deleted. Deleting OAuth2 settings has to be done in the ui. All OAuth2 values from are available. -You can either use them in camel case or kebab case. - -camelCase: ```yaml gitea: @@ -406,24 +381,6 @@ camelCase: #customEmailUrl: ``` -kebab-case: - -```yaml - gitea: - oauth: - enabled: true - name: 'MyAwesomeGiteaOAuth' - provider: 'openidConnect' - key: 'hello' - secret: 'world' - auto-discover-url: 'https://gitea.example.com/.well-known/openid-configuration' - #use-custom-urls: - #custom-auth-url: - #custom-token-url: - #custom-profile-url: - #custom-email-url: -``` - ### Metrics and profiling A Prometheus `/metrics` endpoint on the `HTTP_PORT` and `pprof` profiling endpoints on port 6060 can be enabled under `gitea`. Beware that the metrics endpoint is exposed via the ingress, manage access using ingress annotations for example. diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index bd4339d..510f538 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -108,24 +108,24 @@ app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} {{- define "gitea.ldap_settings" -}} -{{- if and (not (hasKey .Values.gitea.ldap "bindDn")) (not (hasKey .Values.gitea.ldap "bind-dn")) -}} +{{- if not (hasKey .Values.gitea.ldap "bindDn") -}} {{- $_ := set .Values.gitea.ldap "bindDn" "" -}} {{- end -}} -{{- if and (not (hasKey .Values.gitea.ldap "bindPassword")) (not (hasKey .Values.gitea.ldap "bind-password")) -}} +{{- if not (hasKey .Values.gitea.ldap "bindPassword") -}} {{- $_ := set .Values.gitea.ldap "bindPassword" "" -}} {{- end -}} -{{- $flags := list "not-active" "skip-tls-verify" "allow-deactivate-all" "synchronize-users" "attributes-in-bind" -}} +{{- $flags := list "notActive" "skipTlsVerify" "allowDeactivateAll" "synchronizeUsers" "attributesInBind" -}} {{- range $key, $val := .Values.gitea.ldap -}} {{- if and (ne $key "enabled") (ne $key "existingSecret") -}} -{{- if eq ($key | kebabcase) "bind-dn" -}} +{{- if eq $key "bindDn" -}} {{- printf "--%s %s " ($key | kebabcase) ("${GITEA_LDAP_BIND_DN}" | quote ) -}} -{{- else if eq ($key | kebabcase) "bind-password" -}} +{{- else if eq $key "bindPassword" -}} {{- printf "--%s %s " ($key | kebabcase) ("${GITEA_LDAP_PASSWORD}" | quote ) -}} {{- else if eq $key "port" -}} -{{- printf "--%s %d " ($key | kebabcase) ($val | int) -}} -{{- else if (has ($key | kebabcase) $flags) -}} +{{- printf "--%s %d " $key ($val | int) -}} +{{- else if has $key $flags -}} {{- printf "--%s " ($key | kebabcase) -}} {{- else -}} {{- printf "--%s %s " ($key | kebabcase) ($val | squote) -}} diff --git a/templates/gitea/statefulset.yaml b/templates/gitea/statefulset.yaml index bf43597..bb13eea 100644 --- a/templates/gitea/statefulset.yaml +++ b/templates/gitea/statefulset.yaml @@ -79,6 +79,7 @@ spec: value: /data - name: GITEA_TEMP value: /tmp/gitea + {{- if .Values.gitea.ldap.enabled }} {{- if .Values.gitea.ldap.existingSecret }} - name: GITEA_LDAP_BIND_DN valueFrom: @@ -92,9 +93,10 @@ spec: name: {{ .Values.gitea.ldap.existingSecret }} {{- else }} - name: GITEA_LDAP_BIND_DN - value: {{ default (index .Values.gitea.ldap "bind-dn") .Values.gitea.ldap.bindDn | quote }} + value: {{ .Values.gitea.ldap.bindDn | quote }} - name: GITEA_LDAP_PASSWORD - value: {{ default (index .Values.gitea.ldap "bind-password") .Values.gitea.ldap.bindPassword | quote }} + value: {{ .Values.gitea.ldap.bindPassword | quote }} + {{- end }} {{- end }} {{- if .Values.gitea.admin.existingSecret }} - name: GITEA_ADMIN_USERNAME