From 1c71764d3c5ffd02869700412b277323f6511a06 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 27 Jul 2024 00:42:36 +0000 Subject: [PATCH 01/13] chore(deps): update dependency helm-unittest/helm-unittest to v0.5.2 (#692) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .gitea/workflows/test-pr.yml | 2 +- .vscode/settings.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/test-pr.yml b/.gitea/workflows/test-pr.yml index cbbfcbd..78ed267 100644 --- a/.gitea/workflows/test-pr.yml +++ b/.gitea/workflows/test-pr.yml @@ -11,7 +11,7 @@ on: env: # renovate: datasource=github-releases depName=helm-unittest/helm-unittest - HELM_UNITTEST_VERSION: "v0.5.1" + HELM_UNITTEST_VERSION: "v0.5.2" jobs: check-and-test: diff --git a/.vscode/settings.json b/.vscode/settings.json index f7fde3e..5271d28 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,6 +1,6 @@ { "yaml.schemas": { - "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.5.1/schema/helm-testsuite.json": [ + "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.5.2/schema/helm-testsuite.json": [ "/unittests/**/*.yaml" ] }, From 339ee942606fd89ec38f95e57df16bc555e902f9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 28 Jul 2024 00:21:27 +0000 Subject: [PATCH 02/13] chore(deps): update subcharts (minor & patch) (#693) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 12 ++++++------ Chart.yaml | 8 ++++---- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Chart.lock b/Chart.lock index 0a1b8e3..9223ca5 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,15 +1,15 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.5.17 + version: 15.5.20 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 14.2.12 + version: 14.2.14 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 10.2.7 + version: 10.2.9 - name: redis repository: oci://registry-1.docker.io/bitnamicharts - version: 19.6.2 -digest: sha256:842e8878e2da9cd62c2233f5ebfcdaa05598633a8bc2fa84803006929cf0c3cc -generated: "2024-07-20T00:44:58.227558466Z" + version: 19.6.4 +digest: sha256:b6d81fdd70e6c2928e815f169749cb8f773c113a08088b0180180829558e4c18 +generated: "2024-07-27T00:47:31.621904982Z" diff --git a/Chart.yaml b/Chart.yaml index d65e571..9b467c3 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -36,20 +36,20 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.5.17 + version: 15.5.20 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 14.2.12 + version: 14.2.14 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 10.2.7 + version: 10.2.9 condition: redis-cluster.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml - name: redis repository: oci://registry-1.docker.io/bitnamicharts - version: 19.6.2 + version: 19.6.4 condition: redis.enabled From 036b469ff9d4c2c3fe385eb623d7356157140c69 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 3 Aug 2024 00:46:33 +0000 Subject: [PATCH 03/13] chore(deps): update subcharts (minor & patch) (#695) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 8 ++++---- Chart.yaml | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Chart.lock b/Chart.lock index 9223ca5..5023ad2 100644 --- a/Chart.lock +++ b/Chart.lock @@ -4,12 +4,12 @@ dependencies: version: 15.5.20 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 14.2.14 + version: 14.2.16 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 10.2.9 + version: 10.3.0 - name: redis repository: oci://registry-1.docker.io/bitnamicharts version: 19.6.4 -digest: sha256:b6d81fdd70e6c2928e815f169749cb8f773c113a08088b0180180829558e4c18 -generated: "2024-07-27T00:47:31.621904982Z" +digest: sha256:a28c809273f313c482e3f803a0a002c3bb3a0d2090bf6b732d68ecc4710b4732 +generated: "2024-08-03T00:21:16.080925346Z" diff --git a/Chart.yaml b/Chart.yaml index 9b467c3..3e62db5 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -41,12 +41,12 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 14.2.14 + version: 14.2.16 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 10.2.9 + version: 10.3.0 condition: redis-cluster.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml - name: redis From 9dc3f7c086797e1c9a104d699136c6dd3fe12b66 Mon Sep 17 00:00:00 2001 From: pat-s Date: Thu, 29 Aug 2024 09:20:27 +0000 Subject: [PATCH 04/13] Fix persistence for `postgresql-ha` (#704) fix #703 Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/704 Reviewed-by: techknowlogick Co-authored-by: pat-s Co-committed-by: pat-s --- README.md | 2 +- values.yaml | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index ec29243..31bb251 100644 --- a/README.md +++ b/README.md @@ -1090,7 +1090,7 @@ Redis and [Redis cluster](#redis-cluster) cannot be enabled at the same time. | `postgresql-ha.postgresql.postgresPassword` | postgres Password | `changeme1` | | `postgresql-ha.pgpool.adminPassword` | pgpool adminPassword | `changeme3` | | `postgresql-ha.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `5432` | -| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL HA volume | `10Gi` | +| `postgresql-ha.persistence.size` | PVC Storage Request for PostgreSQL HA volume | `10Gi` | ### PostgreSQL diff --git a/values.yaml b/values.yaml index af66f24..90b6f4f 100644 --- a/values.yaml +++ b/values.yaml @@ -529,7 +529,7 @@ redis: ## @param postgresql-ha.postgresql.postgresPassword postgres Password ## @param postgresql-ha.pgpool.adminPassword pgpool adminPassword ## @param postgresql-ha.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`) -## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL HA volume +## @param postgresql-ha.persistence.size PVC Storage Request for PostgreSQL HA volume postgresql-ha: global: postgresql: @@ -546,9 +546,8 @@ postgresql-ha: service: ports: postgresql: 5432 - primary: - persistence: - size: 10Gi + persistence: + size: 10Gi ## @section PostgreSQL # From 3fdb39df6808cb04046acc7f5d33efd332ae7f3a Mon Sep 17 00:00:00 2001 From: tobiasbp Date: Wed, 11 Sep 2024 12:49:18 +0000 Subject: [PATCH 05/13] Do not log errors in init-directories container during Gitea launch (#708) When the _init-directories_ container runs, the shell script _init_directory_structure.sh_ logs to _stderr_ because debugging is enabled with _set -x_. The output from the script, should be logged to _stdout_ instead. The issue is discussed here: https://gitea.com/gitea/helm-chart/issues/701 ### Description of the change This PR uses the _verbose_ flag with all commands in the script to log what the script is doing. ### Benefits Log entries with incorrect severity _ERROR_ will no longer be logged in _Kubernetes_. ### Possible drawbacks Log output will change. If someone had a check for certain log entries from the _init container_, that check would break. ### Checklist Updated unit tests. Co-authored-by: tobias.petersen Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/708 Reviewed-by: techknowlogick Reviewed-by: pat-s Co-authored-by: tobiasbp Co-committed-by: tobiasbp --- templates/gitea/init.yaml | 22 +++++----- .../init_directory_structure.sh-rootless.yaml | 42 ++++++++----------- .../init/init_directory_structure.sh.yaml | 38 ++++++++--------- 3 files changed, 45 insertions(+), 57 deletions(-) diff --git a/templates/gitea/init.yaml b/templates/gitea/init.yaml index 0352836..71973e3 100644 --- a/templates/gitea/init.yaml +++ b/templates/gitea/init.yaml @@ -24,27 +24,25 @@ stringData: # END: initPreScript {{- end }} - set -x - {{- if not .Values.image.rootless }} - chown 1000:1000 /data + chown -v 1000:1000 /data {{- end }} - mkdir -p /data/git/.ssh - chmod -R 700 /data/git/.ssh - [ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf + mkdir -pv /data/git/.ssh + chmod -Rv 700 /data/git/.ssh + [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf # prepare temp directory structure - mkdir -p "${GITEA_TEMP}" + mkdir -pv "${GITEA_TEMP}" {{- if not .Values.image.rootless }} - chown 1000:1000 "${GITEA_TEMP}" + chown -v 1000:1000 "${GITEA_TEMP}" {{- end }} - chmod ug+rwx "${GITEA_TEMP}" + chmod -v ug+rwx "${GITEA_TEMP}" {{ if .Values.signing.enabled -}} if [ ! -d "${GNUPGHOME}" ]; then - mkdir -p "${GNUPGHOME}" - chmod 700 "${GNUPGHOME}" - chown 1000:1000 "${GNUPGHOME}" + mkdir -pv "${GNUPGHOME}" + chmod -v 700 "${GNUPGHOME}" + chown -v 1000:1000 "${GNUPGHOME}" fi {{- end }} diff --git a/unittests/init/init_directory_structure.sh-rootless.yaml b/unittests/init/init_directory_structure.sh-rootless.yaml index 29dac81..e41ca4d 100644 --- a/unittests/init/init_directory_structure.sh-rootless.yaml +++ b/unittests/init/init_directory_structure.sh-rootless.yaml @@ -28,15 +28,13 @@ tests: #!/usr/bin/env bash set -euo pipefail - - set -x - mkdir -p /data/git/.ssh - chmod -R 700 /data/git/.ssh - [ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf + mkdir -pv /data/git/.ssh + chmod -Rv 700 /data/git/.ssh + [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf # prepare temp directory structure - mkdir -p "${GITEA_TEMP}" - chmod ug+rwx "${GITEA_TEMP}" + mkdir -pv "${GITEA_TEMP}" + chmod -v ug+rwx "${GITEA_TEMP}" - it: adds gpg script block for enabled signing set: signing.enabled: true @@ -51,20 +49,18 @@ tests: #!/usr/bin/env bash set -euo pipefail - - set -x - mkdir -p /data/git/.ssh - chmod -R 700 /data/git/.ssh - [ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf + mkdir -pv /data/git/.ssh + chmod -Rv 700 /data/git/.ssh + [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf # prepare temp directory structure - mkdir -p "${GITEA_TEMP}" - chmod ug+rwx "${GITEA_TEMP}" + mkdir -pv "${GITEA_TEMP}" + chmod -v ug+rwx "${GITEA_TEMP}" if [ ! -d "${GNUPGHOME}" ]; then - mkdir -p "${GNUPGHOME}" - chmod 700 "${GNUPGHOME}" - chown 1000:1000 "${GNUPGHOME}" + mkdir -pv "${GNUPGHOME}" + chmod -v 700 "${GNUPGHOME}" + chown -v 1000:1000 "${GNUPGHOME}" fi - it: it does not chown /data even when image.fullOverride is set template: templates/gitea/init.yaml @@ -77,12 +73,10 @@ tests: #!/usr/bin/env bash set -euo pipefail - - set -x - mkdir -p /data/git/.ssh - chmod -R 700 /data/git/.ssh - [ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf + mkdir -pv /data/git/.ssh + chmod -Rv 700 /data/git/.ssh + [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf # prepare temp directory structure - mkdir -p "${GITEA_TEMP}" - chmod ug+rwx "${GITEA_TEMP}" + mkdir -pv "${GITEA_TEMP}" + chmod -v ug+rwx "${GITEA_TEMP}" diff --git a/unittests/init/init_directory_structure.sh.yaml b/unittests/init/init_directory_structure.sh.yaml index 7e59404..7327265 100644 --- a/unittests/init/init_directory_structure.sh.yaml +++ b/unittests/init/init_directory_structure.sh.yaml @@ -31,17 +31,15 @@ tests: #!/usr/bin/env bash set -euo pipefail - - set -x - chown 1000:1000 /data - mkdir -p /data/git/.ssh - chmod -R 700 /data/git/.ssh - [ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf + chown -v 1000:1000 /data + mkdir -pv /data/git/.ssh + chmod -Rv 700 /data/git/.ssh + [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf # prepare temp directory structure - mkdir -p "${GITEA_TEMP}" - chown 1000:1000 "${GITEA_TEMP}" - chmod ug+rwx "${GITEA_TEMP}" + mkdir -pv "${GITEA_TEMP}" + chown -v 1000:1000 "${GITEA_TEMP}" + chmod -v ug+rwx "${GITEA_TEMP}" - it: adds gpg script block for enabled signing set: image.rootless: false @@ -57,20 +55,18 @@ tests: #!/usr/bin/env bash set -euo pipefail - - set -x - chown 1000:1000 /data - mkdir -p /data/git/.ssh - chmod -R 700 /data/git/.ssh - [ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf + chown -v 1000:1000 /data + mkdir -pv /data/git/.ssh + chmod -Rv 700 /data/git/.ssh + [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf # prepare temp directory structure - mkdir -p "${GITEA_TEMP}" - chown 1000:1000 "${GITEA_TEMP}" - chmod ug+rwx "${GITEA_TEMP}" + mkdir -pv "${GITEA_TEMP}" + chown -v 1000:1000 "${GITEA_TEMP}" + chmod -v ug+rwx "${GITEA_TEMP}" if [ ! -d "${GNUPGHOME}" ]; then - mkdir -p "${GNUPGHOME}" - chmod 700 "${GNUPGHOME}" - chown 1000:1000 "${GNUPGHOME}" + mkdir -pv "${GNUPGHOME}" + chmod -v 700 "${GNUPGHOME}" + chown -v 1000:1000 "${GNUPGHOME}" fi From 77aa11a3bbbbfc3864b91cd6055bbd3baa096787 Mon Sep 17 00:00:00 2001 From: pat-s Date: Wed, 11 Sep 2024 15:14:37 +0200 Subject: [PATCH 06/13] bump to gitea 1.22.2 --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 3e62db5..235deb6 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -4,7 +4,7 @@ description: Gitea Helm chart for Kubernetes type: application version: 0.0.0 # renovate datasource=github-releases depName=go-gitea/gitea extractVersion=^v(?.*)$ -appVersion: 1.22.1 +appVersion: 1.22.2 icon: https://gitea.com/assets/img/logo.svg keywords: From e636984db1009e7bd1cb4961bdd6906131eb196d Mon Sep 17 00:00:00 2001 From: Markus Pesch Date: Wed, 18 Sep 2024 17:55:28 +0000 Subject: [PATCH 07/13] feat(serviceMonitor): custom configuration (#710) This patch extends the serviceMonitor resource to specify a custom TLS configuration used by prometheus to scrape the metrics. Furthermore, the interval and scrapeTimeout can now be adapted without changing the global defaults of the prometheus instance. Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/710 Reviewed-by: pat-s Co-authored-by: Markus Pesch Co-committed-by: Markus Pesch --- README.md | 39 +++++++------ templates/gitea/servicemonitor.yaml | 19 +++++- unittests/servicemonitor/basic.yaml | 89 +++++++++++++++++++++++++++++ values.yaml | 12 +++- 4 files changed, 140 insertions(+), 19 deletions(-) create mode 100644 unittests/servicemonitor/basic.yaml diff --git a/README.md b/README.md index 31bb251..c0da2d2 100644 --- a/README.md +++ b/README.md @@ -1001,23 +1001,28 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo ### Gitea -| Name | Description | Value | -| -------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -------------------- | -| `gitea.admin.username` | Username for the Gitea admin user | `gitea_admin` | -| `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` | -| `gitea.admin.password` | Password for the Gitea admin user | `r8sA8CPHD9!bt6d` | -| `gitea.admin.email` | Email for the Gitea admin user | `gitea@local.domain` | -| `gitea.admin.passwordMode` | Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated | `keepUpdated` | -| `gitea.metrics.enabled` | Enable Gitea metrics | `false` | -| `gitea.metrics.serviceMonitor.enabled` | Enable Gitea metrics service monitor | `false` | -| `gitea.ldap` | LDAP configuration | `[]` | -| `gitea.oauth` | OAuth configuration | `[]` | -| `gitea.config.server.SSH_PORT` | SSH port for rootlful Gitea image | `22` | -| `gitea.config.server.SSH_LISTEN_PORT` | SSH port for rootless Gitea image | `2222` | -| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` | -| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` | -| `gitea.podAnnotations` | Annotations for the Gitea pod | `{}` | -| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Gitea image. | `INFO` | +| Name | Description | Value | +| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | -------------------- | +| `gitea.admin.username` | Username for the Gitea admin user | `gitea_admin` | +| `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` | +| `gitea.admin.password` | Password for the Gitea admin user | `r8sA8CPHD9!bt6d` | +| `gitea.admin.email` | Email for the Gitea admin user | `gitea@local.domain` | +| `gitea.admin.passwordMode` | Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated | `keepUpdated` | +| `gitea.metrics.enabled` | Enable Gitea metrics | `false` | +| `gitea.metrics.serviceMonitor.enabled` | Enable Gitea metrics service monitor. Requires, that `gitea.metrics.enabled` is also set to true, to enable metrics generally. | `false` | +| `gitea.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `""` | +| `gitea.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. | `[]` | +| `gitea.metrics.serviceMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. Default is http. | `""` | +| `gitea.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `""` | +| `gitea.metrics.serviceMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` | +| `gitea.ldap` | LDAP configuration | `[]` | +| `gitea.oauth` | OAuth configuration | `[]` | +| `gitea.config.server.SSH_PORT` | SSH port for rootlful Gitea image | `22` | +| `gitea.config.server.SSH_LISTEN_PORT` | SSH port for rootless Gitea image | `2222` | +| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` | +| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` | +| `gitea.podAnnotations` | Annotations for the Gitea pod | `{}` | +| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Gitea image. | `INFO` | ### LivenessProbe diff --git a/templates/gitea/servicemonitor.yaml b/templates/gitea/servicemonitor.yaml index 02750d0..d049f31 100644 --- a/templates/gitea/servicemonitor.yaml +++ b/templates/gitea/servicemonitor.yaml @@ -1,4 +1,4 @@ -{{- if .Values.gitea.metrics.serviceMonitor.enabled -}} +{{- if and .Values.gitea.metrics.enabled .Values.gitea.metrics.serviceMonitor.enabled -}} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -14,4 +14,21 @@ spec: {{- include "gitea.selectorLabels" . | nindent 6 }} endpoints: - port: http + {{- if .Values.gitea.metrics.serviceMonitor.interval }} + interval: {{ .Values.gitea.metrics.serviceMonitor.interval }} + {{- end }} + {{- with .Values.gitea.metrics.serviceMonitor.relabelings }} + relabelings: + {{- . | toYaml | nindent 6 }} + {{- end }} + {{- if .Values.gitea.metrics.serviceMonitor.scheme }} + scheme: {{ .Values.gitea.metrics.serviceMonitor.scheme }} + {{- end }} + {{- if .Values.gitea.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.gitea.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- with .Values.gitea.metrics.serviceMonitor.tlsConfig }} + tlsConfig: + {{- . | toYaml | nindent 6 }} + {{- end }} {{- end -}} \ No newline at end of file diff --git a/unittests/servicemonitor/basic.yaml b/unittests/servicemonitor/basic.yaml new file mode 100644 index 0000000..f5d0091 --- /dev/null +++ b/unittests/servicemonitor/basic.yaml @@ -0,0 +1,89 @@ +suite: ServiceMonitor template (basic) +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/servicemonitor.yaml +tests: + - it: skips rendering by default + asserts: + - hasDocuments: + count: 0 + - it: renders default ServiceMonitor object with gitea.metrics.enabled=true + set: + gitea.metrics.enabled: true + asserts: + - hasDocuments: + count: 0 + - it: renders default ServiceMonitor object with gitea.metrics.serviceMonitor.enabled=true + set: + gitea.metrics.serviceMonitor.enabled: true + asserts: + - hasDocuments: + count: 0 + - it: renders defaults + set: + gitea.metrics.enabled: true + gitea.metrics.serviceMonitor.enabled: true + asserts: + - hasDocuments: + count: 1 + - containsDocument: + kind: ServiceMonitor + apiVersion: monitoring.coreos.com/v1 + name: gitea-unittests + - notExists: + path: metadata.annotations + - notExists: + path: spec.endpoints[0].interval + - equal: + path: spec.endpoints[0].port + value: http + - notExists: + path: spec.endpoints[0].scheme + - notExists: + path: spec.endpoints[0].scrapeTimeout + - notExists: + path: spec.endpoints[0].tlsConfig + - it: renders custom scrape interval + set: + gitea.metrics.enabled: true + gitea.metrics.serviceMonitor.enabled: true + gitea.metrics.serviceMonitor.interval: 30s + gitea.metrics.serviceMonitor.scrapeTimeout: 5s + asserts: + - equal: + path: spec.endpoints[0].interval + value: 30s + - equal: + path: spec.endpoints[0].scrapeTimeout + value: 5s + - it: renders custom tls config + set: + gitea.metrics.enabled: true + gitea.metrics.serviceMonitor.enabled: true + gitea.metrics.serviceMonitor.scheme: https + gitea.metrics.serviceMonitor.tlsConfig.caFile: /etc/prometheus/tls/ca.crt + gitea.metrics.serviceMonitor.tlsConfig.certFile: /etc/prometheus/tls/tls.crt + gitea.metrics.serviceMonitor.tlsConfig.keyFile: /etc/prometheus/tls/tls.key + gitea.metrics.serviceMonitor.tlsConfig.insecureSkipVerify: false + gitea.metrics.serviceMonitor.tlsConfig.serverName: gitea-unittest + asserts: + - equal: + path: spec.endpoints[0].scheme + value: https + - equal: + path: spec.endpoints[0].tlsConfig.caFile + value: /etc/prometheus/tls/ca.crt + - equal: + path: spec.endpoints[0].tlsConfig.certFile + value: /etc/prometheus/tls/tls.crt + - equal: + path: spec.endpoints[0].tlsConfig.keyFile + value: /etc/prometheus/tls/tls.key + - equal: + path: spec.endpoints[0].tlsConfig.insecureSkipVerify + value: false + - equal: + path: spec.endpoints[0].tlsConfig.serverName + value: gitea-unittest diff --git a/values.yaml b/values.yaml index 90b6f4f..c9cc53b 100644 --- a/values.yaml +++ b/values.yaml @@ -356,13 +356,23 @@ gitea: passwordMode: keepUpdated ## @param gitea.metrics.enabled Enable Gitea metrics - ## @param gitea.metrics.serviceMonitor.enabled Enable Gitea metrics service monitor + ## @param gitea.metrics.serviceMonitor.enabled Enable Gitea metrics service monitor. Requires, that `gitea.metrics.enabled` is also set to true, to enable metrics generally. + ## @param gitea.metrics.serviceMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. + ## @param gitea.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping. + ## @param gitea.metrics.serviceMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`. Default is http. + ## @param gitea.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. + ## @param gitea.metrics.serviceMonitor.tlsConfig TLS configuration to use when scraping the metric endpoint by Prometheus. metrics: enabled: false serviceMonitor: enabled: false # additionalLabels: # prometheus-release: prom1 + interval: "" + relabelings: [] + scheme: "" + scrapeTimeout: "" + tlsConfig: {} ## @param gitea.ldap LDAP configuration ldap: From c039673e5af0350811837cbab3cb02599faf92db Mon Sep 17 00:00:00 2001 From: pat-s Date: Thu, 19 Sep 2024 21:59:47 +0000 Subject: [PATCH 08/13] Add comments about redis password policy (#706) fix #690 Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/706 Co-authored-by: pat-s Co-committed-by: pat-s --- README.md | 3 +++ values.yaml | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/README.md b/README.md index c0da2d2..cf35855 100644 --- a/README.md +++ b/README.md @@ -498,6 +498,9 @@ redis-cluster: enabled: true ``` +⚠️ The redis charts [do not work well with special characters in the password](https://gitea.com/gitea/helm-chart/issues/690). +Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed. + ### Persistence Gitea will be deployed as a deployment. diff --git a/values.yaml b/values.yaml index c9cc53b..6e42107 100644 --- a/values.yaml +++ b/values.yaml @@ -498,6 +498,8 @@ gitea: ## @section redis-cluster ## @param redis-cluster.enabled Enable redis cluster +# ⚠️ The redis charts do not work well with special characters in the password (). +# Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed. ## @param redis-cluster.usePassword Whether to use password authentication ## @param redis-cluster.cluster.nodes Number of redis cluster master nodes ## @param redis-cluster.cluster.replicas Number of redis cluster master node replicas @@ -514,6 +516,8 @@ redis-cluster: ## @section redis ## @param redis.enabled Enable redis standalone or replicated ## @param redis.architecture Whether to use standalone or replication +# ⚠️ The redis charts do not work well with special characters in the password (). +# Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed. ## @param redis.global.redis.password Required password ## @param redis.master.count Number of Redis master instances to deploy ## @descriptionStart From a08e39f8ff005a118769a2458f6a091c51ad53fd Mon Sep 17 00:00:00 2001 From: SorsOps Date: Tue, 8 Oct 2024 16:40:23 +0000 Subject: [PATCH 09/13] Fix namespace templating inconsistencies (#713) ### Description of the change Added namespaces to all the template files to better support alternate templaters in gitops systems ### Benefits Gitops system that have different ways of handling helm templates can actually deploy this chart correct, especially through subcharts ### Possible drawbacks Potential regression when upgrading, though this should be unlikely per @jessesanford 's comments with it defaulting back to the existing behaviour ### Applicable issues - Addresses https://gitea.com/gitea/helm-chart/issues/630 - Addresses https://gitea.com/gitea/helm-chart/issues/557 - Addresses https://gitea.com/gitea/helm-chart/issues/623 ### Checklist - [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [X] Breaking changes are documented in the `README.md` Co-authored-by: SorsOps <80043879+sorsOps@users.noreply.github.com> Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/713 Reviewed-by: pat-s Reviewed-by: justusbunsi Co-authored-by: SorsOps Co-committed-by: SorsOps --- README.md | 15 ++++++++------- templates/gitea/config.yaml | 2 ++ templates/gitea/deployment.yaml | 1 + templates/gitea/gpg-secret.yaml | 1 + templates/gitea/http-svc.yaml | 1 + templates/gitea/ingress.yaml | 1 + templates/gitea/init.yaml | 1 + templates/gitea/poddisruptionbudget.yaml | 1 + templates/gitea/pvc.yaml | 2 +- templates/gitea/serviceaccount.yaml | 2 +- templates/gitea/servicemonitor.yaml | 1 + templates/gitea/ssh-svc.yaml | 1 + templates/tests/test-http-connection.yaml | 1 + values.yaml | 3 +++ 14 files changed, 24 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index cf35855..56c0ac2 100644 --- a/README.md +++ b/README.md @@ -852,13 +852,14 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo ### Global -| Name | Description | Value | -| ------------------------- | ------------------------------------------------------------------------- | ----- | -| `global.imageRegistry` | global image registry override | `""` | -| `global.imagePullSecrets` | global image pull secrets override; can be extended by `imagePullSecrets` | `[]` | -| `global.storageClass` | global storage class override | `""` | -| `global.hostAliases` | global hostAliases which will be added to the pod's hosts files | `[]` | -| `replicaCount` | number of replicas for the deployment | `1` | +| Name | Description | Value | +| ------------------------- | ---------------------------------------------------------------------------------------------- | ----- | +| `global.imageRegistry` | global image registry override | `""` | +| `global.imagePullSecrets` | global image pull secrets override; can be extended by `imagePullSecrets` | `[]` | +| `global.storageClass` | global storage class override | `""` | +| `global.hostAliases` | global hostAliases which will be added to the pod's hosts files | `[]` | +| `namespace` | An explicit namespace to deploy Gitea into. Defaults to the release namespace if not specified | `""` | +| `replicaCount` | number of replicas for the deployment | `1` | ### strategy diff --git a/templates/gitea/config.yaml b/templates/gitea/config.yaml index 68df5f8..897c8c9 100644 --- a/templates/gitea/config.yaml +++ b/templates/gitea/config.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "gitea.fullname" . }}-inline-config + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "gitea.labels" . | nindent 4 }} type: Opaque @@ -12,6 +13,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "gitea.fullname" . }} + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "gitea.labels" . | nindent 4 }} type: Opaque diff --git a/templates/gitea/deployment.yaml b/templates/gitea/deployment.yaml index f321f22..e66df68 100644 --- a/templates/gitea/deployment.yaml +++ b/templates/gitea/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "gitea.fullname" . }} + namespace: {{ .Values.namespace | default .Release.Namespace }} annotations: {{- if .Values.deployment.annotations }} {{- toYaml .Values.deployment.annotations | nindent 4 }} diff --git a/templates/gitea/gpg-secret.yaml b/templates/gitea/gpg-secret.yaml index 12dce66..46633c8 100644 --- a/templates/gitea/gpg-secret.yaml +++ b/templates/gitea/gpg-secret.yaml @@ -7,6 +7,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "gitea.gpg-key-secret-name" . }} + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "gitea.labels" . | nindent 4 }} type: Opaque diff --git a/templates/gitea/http-svc.yaml b/templates/gitea/http-svc.yaml index 06163a6..28bd218 100644 --- a/templates/gitea/http-svc.yaml +++ b/templates/gitea/http-svc.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "gitea.fullname" . }}-http + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "gitea.labels" . | nindent 4 }} {{- if .Values.service.http.labels }} diff --git a/templates/gitea/ingress.yaml b/templates/gitea/ingress.yaml index cd743fe..dce7c90 100644 --- a/templates/gitea/ingress.yaml +++ b/templates/gitea/ingress.yaml @@ -13,6 +13,7 @@ apiVersion: {{ $apiVersion }} kind: Ingress metadata: name: {{ $fullName }} + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "gitea.labels" . | nindent 4 }} annotations: diff --git a/templates/gitea/init.yaml b/templates/gitea/init.yaml index 71973e3..5adc9a3 100644 --- a/templates/gitea/init.yaml +++ b/templates/gitea/init.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "gitea.fullname" . }}-init + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "gitea.labels" . | nindent 4 }} type: Opaque diff --git a/templates/gitea/poddisruptionbudget.yaml b/templates/gitea/poddisruptionbudget.yaml index d2b7e17..270d5cf 100644 --- a/templates/gitea/poddisruptionbudget.yaml +++ b/templates/gitea/poddisruptionbudget.yaml @@ -7,6 +7,7 @@ apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: {{ include "gitea.fullname" . }} + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "gitea.labels" . | nindent 4 }} spec: diff --git a/templates/gitea/pvc.yaml b/templates/gitea/pvc.yaml index 601483e..035dbc4 100644 --- a/templates/gitea/pvc.yaml +++ b/templates/gitea/pvc.yaml @@ -3,7 +3,7 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: name: {{ .Values.persistence.claimName }} - namespace: {{ $.Release.Namespace }} + namespace: {{ .Values.namespace | default .Release.Namespace }} annotations: {{ .Values.persistence.annotations | toYaml | indent 4}} labels: diff --git a/templates/gitea/serviceaccount.yaml b/templates/gitea/serviceaccount.yaml index e730f9c..0c211c5 100644 --- a/templates/gitea/serviceaccount.yaml +++ b/templates/gitea/serviceaccount.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "gitea.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "gitea.labels" . | nindent 4 }} {{- with .Values.serviceAccount.labels }} diff --git a/templates/gitea/servicemonitor.yaml b/templates/gitea/servicemonitor.yaml index d049f31..1774214 100644 --- a/templates/gitea/servicemonitor.yaml +++ b/templates/gitea/servicemonitor.yaml @@ -3,6 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "gitea.fullname" . }} + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "gitea.labels" . | nindent 4 }} {{- if .Values.gitea.metrics.serviceMonitor.additionalLabels }} diff --git a/templates/gitea/ssh-svc.yaml b/templates/gitea/ssh-svc.yaml index 131b0b9..b2046fe 100644 --- a/templates/gitea/ssh-svc.yaml +++ b/templates/gitea/ssh-svc.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Service metadata: name: {{ include "gitea.fullname" . }}-ssh + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{- include "gitea.labels" . | nindent 4 }} {{- if .Values.service.ssh.labels }} diff --git a/templates/tests/test-http-connection.yaml b/templates/tests/test-http-connection.yaml index 8157442..da28ea6 100644 --- a/templates/tests/test-http-connection.yaml +++ b/templates/tests/test-http-connection.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Pod metadata: name: "{{ include "gitea.fullname" . }}-test-connection" + namespace: {{ .Values.namespace | default .Release.Namespace }} labels: {{ include "gitea.labels" . | nindent 4 }} annotations: diff --git a/values.yaml b/values.yaml index 6e42107..a919224 100644 --- a/values.yaml +++ b/values.yaml @@ -20,6 +20,9 @@ global: # hostnames: # - example.com +## @param namespace An explicit namespace to deploy gitea into. Defaults to the release namespace if not specified +namespace: "" + ## @param replicaCount number of replicas for the deployment replicaCount: 1 From aa9808bc2766c90292a57218bf442b1a0714580a Mon Sep 17 00:00:00 2001 From: rossigee Date: Fri, 18 Oct 2024 13:44:37 +0000 Subject: [PATCH 10/13] Add 'extraContainers' parameter (#697) ### Description of the change Adds an 'extraContainers' parameter. ### Benefits Users will be able to run sidecar containers as required by their environment. ### Possible drawbacks N/A ### Applicable issues - Fixes #696 ### Checklist - [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/697 Reviewed-by: justusbunsi Co-authored-by: rossigee Co-committed-by: rossigee --- README.md | 1 + templates/gitea/deployment.yaml | 5 ++++- unittests/deployment/sidecar-container.yaml | 21 +++++++++++++++++++++ values.yaml | 6 ++++++ 4 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 unittests/deployment/sidecar-container.yaml diff --git a/README.md b/README.md index 56c0ac2..3589736 100644 --- a/README.md +++ b/README.md @@ -980,6 +980,7 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo | `persistence.storageClass` | Name of the storage class to use | `nil` | | `persistence.subPath` | Subdirectory of the volume to mount at | `nil` | | `persistence.volumeName` | Name of persistent volume in PVC | `""` | +| `extraContainers` | Additional sidecar containers to run in the pod | `[]` | | `extraVolumes` | Additional volumes to mount to the Gitea deployment | `[]` | | `extraContainerVolumeMounts` | Mounts that are only mapped into the Gitea runtime/main container, to e.g. override custom templates. | `[]` | | `extraInitVolumeMounts` | Mounts that are only mapped into the init-containers. Can be used for additional preconfiguration. | `[]` | diff --git a/templates/gitea/deployment.yaml b/templates/gitea/deployment.yaml index e66df68..90f0e76 100644 --- a/templates/gitea/deployment.yaml +++ b/templates/gitea/deployment.yaml @@ -340,6 +340,9 @@ spec: subPath: {{ .Values.persistence.subPath }} {{- end }} {{- include "gitea.container-additional-mounts" . | nindent 12 }} + {{- if .Values.extraContainers }} + {{- toYaml .Values.extraContainers | nindent 8 }} + {{- end }} {{- with .Values.global.hostAliases }} hostAliases: {{- toYaml . | nindent 8 }} @@ -403,4 +406,4 @@ spec: {{- else if not .Values.persistence.enabled }} - name: data emptyDir: {} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/unittests/deployment/sidecar-container.yaml b/unittests/deployment/sidecar-container.yaml new file mode 100644 index 0000000..e41e193 --- /dev/null +++ b/unittests/deployment/sidecar-container.yaml @@ -0,0 +1,21 @@ +suite: sidecar container +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/deployment.yaml + - templates/gitea/config.yaml +tests: + - it: supports adding a sidecar container + template: templates/gitea/deployment.yaml + set: + extraContainers: + - name: sidecar-bob + image: busybox + asserts: + - equal: + path: spec.template.spec.containers[1].name + value: "sidecar-bob" + - equal: + path: spec.template.spec.containers[1].image + value: "busybox" diff --git a/values.yaml b/values.yaml index a919224..2b7ad7d 100644 --- a/values.yaml +++ b/values.yaml @@ -283,6 +283,12 @@ persistence: annotations: helm.sh/resource-policy: keep +## @param extraContainers Additional sidecar containers to run in the pod +extraContainers: [] +# - name: sidecar-bob +# image: busybox +# command: [/bin/sh, -c, 'echo "Hello world"; sleep 86400'] + ## @param extraVolumes Additional volumes to mount to the Gitea deployment extraVolumes: [] # - name: postgres-ssl-vol From 7c4d6c3797da5ca5aee05a8dc12a51a9f4ee4955 Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Fri, 18 Oct 2024 13:50:35 +0000 Subject: [PATCH 11/13] Fix configuration in "external database" docs (#716) Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/716 Co-authored-by: justusbunsi Co-committed-by: justusbunsi --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 3589736..2888fc7 100644 --- a/README.md +++ b/README.md @@ -420,6 +420,9 @@ gitea: postgresql: enabled: false + +postgresql-ha: + enabled: false ``` ### Ports and external url From 478af4e381b65a9236d262714c6808ac8c586f95 Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Fri, 18 Oct 2024 15:09:14 +0000 Subject: [PATCH 12/13] Fix probe definition overrides (#717) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### Description of the change This fixes an issue when trying to apply a custom probe that is not `tcpSocket`. ### Benefits Custom probes 🥳 ### Applicable issues - Fixes #694 ### Checklist - [x] Templating unittests are added Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/717 Co-authored-by: justusbunsi Co-committed-by: justusbunsi --- templates/_helpers.tpl | 18 +++ templates/gitea/deployment.yaml | 6 +- unittests/deployment/probes.yaml | 188 +++++++++++++++++++++++++++++++ 3 files changed, 209 insertions(+), 3 deletions(-) create mode 100644 unittests/deployment/probes.yaml diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index c7d13d9..9e9c613 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -408,3 +408,21 @@ https {{ printf "gitea.admin.passwordMode must be set to one of 'keepUpdated', 'initialOnlyNoReset', or 'initialOnlyRequireReset'. Received: '%s'" .Values.gitea.admin.passwordMode | fail }} {{- end -}} {{- end -}} + +{{/* Create a functioning probe object for rendering. Given argument must be either a livenessProbe, readinessProbe, or startupProbe */}} +{{- define "gitea.deployment.probe" -}} + {{- $probe := unset . "enabled" -}} + {{- $probeKeys := keys $probe -}} + {{- $containsCustomMethod := false -}} + {{- $chartDefaultMethod := "tcpSocket" -}} + {{- $nonChartDefaultMethods := list "exec" "httpGet" "grpc" -}} + {{- range $probeKeys -}} + {{- if has . $nonChartDefaultMethods -}} + {{- $containsCustomMethod = true -}} + {{- end -}} + {{- end -}} + {{- if $containsCustomMethod -}} + {{- $probe = unset . $chartDefaultMethod -}} + {{- end -}} + {{- toYaml $probe -}} +{{- end -}} diff --git a/templates/gitea/deployment.yaml b/templates/gitea/deployment.yaml index 90f0e76..9981e67 100644 --- a/templates/gitea/deployment.yaml +++ b/templates/gitea/deployment.yaml @@ -312,15 +312,15 @@ spec: {{- end }} {{- if .Values.gitea.livenessProbe.enabled }} livenessProbe: - {{- toYaml (omit .Values.gitea.livenessProbe "enabled") | nindent 12 }} + {{- include "gitea.deployment.probe" .Values.gitea.livenessProbe | nindent 12 }} {{- end }} {{- if .Values.gitea.readinessProbe.enabled }} readinessProbe: - {{- toYaml (omit .Values.gitea.readinessProbe "enabled") | nindent 12 }} + {{- include "gitea.deployment.probe" .Values.gitea.readinessProbe | nindent 12 }} {{- end }} {{- if .Values.gitea.startupProbe.enabled }} startupProbe: - {{- toYaml (omit .Values.gitea.startupProbe "enabled") | nindent 12 }} + {{- include "gitea.deployment.probe" .Values.gitea.startupProbe | nindent 12 }} {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/unittests/deployment/probes.yaml b/unittests/deployment/probes.yaml new file mode 100644 index 0000000..259f3bf --- /dev/null +++ b/unittests/deployment/probes.yaml @@ -0,0 +1,188 @@ +suite: deployment template (probes) +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/deployment.yaml + - templates/gitea/config.yaml +tests: + - it: renders default liveness probe + template: templates/gitea/deployment.yaml + asserts: + - notExists: + path: spec.template.spec.containers[0].livenessProbe.enabled + - isSubset: + path: spec.template.spec.containers[0].livenessProbe + content: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + - it: renders default readiness probe + template: templates/gitea/deployment.yaml + asserts: + - notExists: + path: spec.template.spec.containers[0].readinessProbe.enabled + - isSubset: + path: spec.template.spec.containers[0].readinessProbe + content: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + - it: does not render a default startup probe + template: templates/gitea/deployment.yaml + asserts: + - notExists: + path: spec.template.spec.containers[0].startupProbe + - it: allows enabling a startup probe + template: templates/gitea/deployment.yaml + set: + gitea.startupProbe.enabled: true + asserts: + - notExists: + path: spec.template.spec.containers[0].startupProbe.enabled + - isSubset: + path: spec.template.spec.containers[0].startupProbe + content: + failureThreshold: 10 + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + + - it: allows overwriting the default port of the liveness probe + template: templates/gitea/deployment.yaml + set: + gitea: + livenessProbe: + tcpSocket: + port: my-port + asserts: + - isSubset: + path: spec.template.spec.containers[0].livenessProbe + content: + tcpSocket: + port: my-port + + - it: allows overwriting the default port of the readiness probe + template: templates/gitea/deployment.yaml + set: + gitea: + readinessProbe: + tcpSocket: + port: my-port + asserts: + - isSubset: + path: spec.template.spec.containers[0].readinessProbe + content: + tcpSocket: + port: my-port + + - it: allows overwriting the default port of the startup probe + template: templates/gitea/deployment.yaml + set: + gitea: + startupProbe: + enabled: true + tcpSocket: + port: my-port + asserts: + - isSubset: + path: spec.template.spec.containers[0].startupProbe + content: + tcpSocket: + port: my-port + + - it: allows using a non-default method as liveness probe + template: templates/gitea/deployment.yaml + set: + gitea: + livenessProbe: + httpGet: + path: /api/healthz + port: http + initialDelaySeconds: 13371 + timeoutSeconds: 13372 + periodSeconds: 13373 + successThreshold: 13374 + failureThreshold: 13375 + asserts: + - notExists: + path: spec.template.spec.containers[0].livenessProbe.tcpSocket + - isSubset: + path: spec.template.spec.containers[0].livenessProbe + content: + failureThreshold: 13375 + initialDelaySeconds: 13371 + periodSeconds: 13373 + successThreshold: 13374 + httpGet: + path: /api/healthz + port: http + timeoutSeconds: 13372 + + - it: allows using a non-default method as readiness probe + template: templates/gitea/deployment.yaml + set: + gitea: + readinessProbe: + httpGet: + path: /api/healthz + port: http + initialDelaySeconds: 13371 + timeoutSeconds: 13372 + periodSeconds: 13373 + successThreshold: 13374 + failureThreshold: 13375 + asserts: + - notExists: + path: spec.template.spec.containers[0].readinessProbe.tcpSocket + - isSubset: + path: spec.template.spec.containers[0].readinessProbe + content: + failureThreshold: 13375 + initialDelaySeconds: 13371 + periodSeconds: 13373 + successThreshold: 13374 + httpGet: + path: /api/healthz + port: http + timeoutSeconds: 13372 + + - it: allows using a non-default method as startup probe + template: templates/gitea/deployment.yaml + set: + gitea: + startupProbe: + enabled: true + httpGet: + path: /api/healthz + port: http + initialDelaySeconds: 13371 + timeoutSeconds: 13372 + periodSeconds: 13373 + successThreshold: 13374 + failureThreshold: 13375 + asserts: + - notExists: + path: spec.template.spec.containers[0].startupProbe.tcpSocket + - isSubset: + path: spec.template.spec.containers[0].startupProbe + content: + failureThreshold: 13375 + initialDelaySeconds: 13371 + periodSeconds: 13373 + successThreshold: 13374 + httpGet: + path: /api/healthz + port: http + timeoutSeconds: 13372 From 5c7e78b467185e1d98df77dce3ba514b2a3e5a2d Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Fri, 18 Oct 2024 15:14:56 +0000 Subject: [PATCH 13/13] Bump Gitea to 1.22.3 (#718) Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/718 Co-authored-by: justusbunsi Co-committed-by: justusbunsi --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 235deb6..dbdcae0 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -4,7 +4,7 @@ description: Gitea Helm chart for Kubernetes type: application version: 0.0.0 # renovate datasource=github-releases depName=go-gitea/gitea extractVersion=^v(?.*)$ -appVersion: 1.22.2 +appVersion: 1.22.3 icon: https://gitea.com/assets/img/logo.svg keywords: