Compare commits

...

74 Commits

Author SHA1 Message Date
Renovate Bot
aec87c2490 chore(deps): update workflow dependencies (minor & patch) (#735)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) |  | minor | `3.15.3` -> `3.16.3` |
| [alpine/helm](https://github.com/alpine-docker/helm) ([changelog](https://github.com/helm/helm)) | container | minor | `3.15.3` -> `3.16.3` |
| [helm-unittest/helm-unittest](https://github.com/helm-unittest/helm-unittest) |  | minor | `v0.5.2` -> `v0.7.0` |
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | devDependencies | minor | [`^0.41.0` -> `^0.43.0`](https://renovatebot.com/diffs/npm/markdownlint-cli/0.41.0/0.43.0) |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/735
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 23:47:49 +00:00
Renovate Bot
e3db83e22b chore(deps): update dependency go-gitea/gitea to v1.22.4 (#740)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [go-gitea/gitea](https://github.com/go-gitea/gitea) | patch | `1.22.3` -> `1.22.4` |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS40MC4xIiwidXBkYXRlZEluVmVyIjoiMzkuNDAuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsia2luZC9kZXBlbmRlbmN5Il19-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/740
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 23:44:11 +00:00
Renovate Bot
7cae9d3404 chore(deps): update busybox docker tag to v1.37.0 (#734)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| busybox | minor | `1.36.1` -> `1.37.0` |

---

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/734
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 23:34:16 +00:00
52153021e3 Finetune Renovate configuration (#738)
`go-gitea/gitea` is no workflow dependency and therefore should not be grouped as such.
It got automatically matched due to `custom.regex` manager in that rule.

Since we now have image dependencies in our `values.yaml`, PR builds will fail when these changes are not represented in `README.md`.
Using a [postUpgradeTask](https://docs.renovatebot.com/configuration-options/#postupgradetasks) allows customized Renovate behavior.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/738
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-11-30 16:07:23 +00:00
5f7d353901 Prevent reoccurring namespace inconsistencies (#737)
https://gitea.com/gitea/helm-chart/pulls/713 ensured that all resources
contain a `namespace` field. When adding Gitea actions runner support in
https://gitea.com/gitea/helm-chart/pulls/666, this was an oversight.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/737
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-11-30 14:47:18 +00:00
Hitesh Nayak
389a8460e4 feat(service-monitor): support bearer token authentication on metrics endpoint (#719)
### Benefits

Can protect metrics endpoint with `Bearer` token authentication provided by gitea.
see PR #637 for previous discussion.

### Possible drawbacks

No possible drawbacks

### Applicable issues

- fixes #635

### Additional information

```
gitea:
  metrics:
    enabled: true
    token: "somepassword"
    serviceMonitor:
      enabled: true
```

Using above configuration is sufficient to secure /metrics endpoint with bearer token and corresponding ServiceMonitor.

### Checklist

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [ ] ~~Breaking changes are documented in the `README.md`~~ Not applicable
- [x] Templating unittests are added

Signed-off-by: Hitesh Nayak <hiteshnayak305@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/719
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Hitesh Nayak <hiteshnayak305@gmail.com>
Co-committed-by: Hitesh Nayak <hiteshnayak305@gmail.com>
2024-11-30 13:59:29 +00:00
Renovate Bot
3bacaaad84 chore(deps): update subcharts (minor & patch) (#733)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-11-30 02:09:16 +00:00
justusbunsi
2be2e2a639 Ensure dev-only files are not added to the tgz package (#723)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/723
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
2024-11-10 20:15:46 +00:00
7b892431d6 Support custom envs for Action DinD container (#722)
Follow-up to https://gitea.com/gitea/helm-chart/pulls/666.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/722
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-11-10 14:02:15 +00:00
vjm
f7c66c0336 Add Gitea Actions act runner (#666)
Co-authored-by: dementhorr <dementhorr@proton.me>
Co-authored-by: Vince Montalbano <vince.montalbano@gmail.com>

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/666
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: vjm <vjm@noreply.gitea.com>
Co-committed-by: vjm <vjm@noreply.gitea.com>
2024-11-10 13:35:56 +00:00
5c7e78b467 Bump Gitea to 1.22.3 (#718)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/718
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-10-18 15:14:56 +00:00
478af4e381 Fix probe definition overrides (#717)
### Description of the change

This fixes an issue when trying to apply a custom probe that is not `tcpSocket`.

### Benefits

Custom probes 🥳

### Applicable issues

- Fixes #694

### Checklist

- [x] Templating unittests are added

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/717
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-10-18 15:09:14 +00:00
7c4d6c3797 Fix configuration in "external database" docs (#716)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/716
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-10-18 13:50:35 +00:00
rossigee
aa9808bc27 Add 'extraContainers' parameter (#697)
### Description of the change

Adds an 'extraContainers' parameter.

### Benefits

Users will be able to run sidecar containers as required by their environment.

### Possible drawbacks

N/A

### Applicable issues

- Fixes #696

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/697
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: rossigee <rossigee@noreply.gitea.com>
Co-committed-by: rossigee <rossigee@noreply.gitea.com>
2024-10-18 13:44:37 +00:00
SorsOps
a08e39f8ff Fix namespace templating inconsistencies (#713)
### Description of the change

Added namespaces to all the template files to better support alternate templaters in gitops systems

### Benefits

Gitops system that have different ways of handling helm templates can actually deploy this chart correct, especially through subcharts

### Possible drawbacks

Potential regression when upgrading, though this should be unlikely per @jessesanford 's comments with it defaulting back to the existing behaviour

### Applicable issues

  - Addresses https://gitea.com/gitea/helm-chart/issues/630
  - Addresses https://gitea.com/gitea/helm-chart/issues/557
  - Addresses https://gitea.com/gitea/helm-chart/issues/623

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Breaking changes are documented in the `README.md`

Co-authored-by: SorsOps <80043879+sorsOps@users.noreply.github.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/713
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: SorsOps <sorsops@noreply.gitea.com>
Co-committed-by: SorsOps <sorsops@noreply.gitea.com>
2024-10-08 16:40:23 +00:00
pat-s
c039673e5a Add comments about redis password policy (#706)
fix #690

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/706
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-09-19 21:59:47 +00:00
Markus Pesch
e636984db1 feat(serviceMonitor): custom configuration (#710)
This patch extends the serviceMonitor resource to specify a custom TLS
configuration used by prometheus to scrape the metrics.

Furthermore, the interval and scrapeTimeout can now be adapted without changing
the global defaults of the prometheus instance.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/710
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems>
Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>
2024-09-18 17:55:28 +00:00
pat-s
77aa11a3bb
bump to gitea 1.22.2 2024-09-11 15:14:37 +02:00
tobiasbp
3fdb39df68 Do not log errors in init-directories container during Gitea launch (#708)
When the _init-directories_ container runs, the shell script  _init_directory_structure.sh_ logs to _stderr_ because debugging is enabled with _set -x_. The output from the script, should be logged to _stdout_ instead. The issue is discussed here: https://gitea.com/gitea/helm-chart/issues/701

### Description of the change

This PR uses the _verbose_ flag with all commands in the script to log what the script is doing.

### Benefits

Log entries with incorrect severity _ERROR_ will no longer be logged in _Kubernetes_.

### Possible drawbacks

Log output will change. If someone had a check for certain log entries from the _init container_, that check would break.

### Checklist

Updated unit tests.

Co-authored-by: tobias.petersen <tobias.petersen@unity3d.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/708
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: tobiasbp <tobiasbp@noreply.gitea.com>
Co-committed-by: tobiasbp <tobiasbp@noreply.gitea.com>
2024-09-11 12:49:18 +00:00
pat-s
9dc3f7c086 Fix persistence for postgresql-ha (#704)
fix #703

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/704
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-08-29 09:20:27 +00:00
Renovate Bot
036b469ff9 chore(deps): update subcharts (minor & patch) (#695)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-08-03 00:46:33 +00:00
Renovate Bot
339ee94260 chore(deps): update subcharts (minor & patch) (#693)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-28 00:21:27 +00:00
Renovate Bot
1c71764d3c chore(deps): update dependency helm-unittest/helm-unittest to v0.5.2 (#692)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-27 00:42:36 +00:00
e19723a3fb Improve Renovate behavior (#689)
- Add Gitea releases for `appVersion`
- Rewrite Helm changelog url to retrieve release notes

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/689
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-07-23 13:38:49 +00:00
pat-s
2a762f0865 Gitea 1.22.1 (#684)
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/684
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-07-21 11:46:40 +00:00
Renovate Bot
c32c6f929f chore(deps): update subcharts (minor & patch) (#688)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-21 00:21:49 +00:00
Renovate Bot
e29cd1c289 chore(deps): update alpine/helm docker tag to v3.15.3 (#687)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-20 00:40:11 +00:00
Karitham
a535919025 feat: service.{http,ssh}.loadBalancerClass (#640)
### Description of the change

Introduce `service.{http,ssh}.loadBalancerClass`

### Benefits

Feature was not supported before. This is required if your cluster has multiple loadBalancer options and you want to select one

### Possible drawbacks

More yaml.

### Checklist

- [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [x] Templating unittests are added

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/640
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Karitham <kar@karitham.dev>
Co-committed-by: Karitham <kar@karitham.dev>
2024-07-15 15:13:25 +00:00
Renovate Bot
5c6cd932fe chore(deps): update postgresql docker tag to v15.5.16 (#683)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-13 00:41:15 +00:00
3265a5ed53
Drop helm signing to release 10.3.0
Right now, the generated `.prov` file is not uploaded along with the actual `.tgz` file. This makes it impossible to verify our Helm Charts.
In addition, we only sign the old-fashioned `.tgz` file, not the OCI-based releases on DockerHub.
The incentive to do this very commit is an expired GPG key that prevents our release.

Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-07-07 14:48:54 +02:00
James Harmison
1dbf171ad3 Enable admin user password creation/update mode in values (#677)
### Description of the change

This enables sane modes for forcing reset, as well as providing more options to users of the chart by giving them the flexibility to set the mode for password creation/modification as part of init whether the user exists or not.

### Benefits

The new default should revert to the behavior before #673 became an issue, while also providing more flexibility for users who want to be able to manage their initial admin user password out-of-band after creating it the first time.

### Possible drawbacks

None that I can think of.

### Applicable issues

- fixes #673

### Additional information

See the discussion in #675 as well

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/677
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: James Harmison <jharmison@gmail.com>
Co-committed-by: James Harmison <jharmison@gmail.com>
2024-07-07 09:59:29 +00:00
pat-s
6226e4eaea Add non-clustered redis as sub-chart (#672)
Co-authored-by: Julien <julienym@gmail.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/672
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-07-07 09:57:16 +00:00
Renovate Bot
6ffc0a3790 chore(deps): update subcharts (minor & patch) (#680)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-07-06 00:43:22 +00:00
Renovate Bot
1ac39a6f5d chore(deps): update subcharts (minor & patch) (#670)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-30 00:21:50 +00:00
Renovate Bot
c4168dd029 chore(deps): update subcharts (minor & patch) (#669)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-23 00:21:38 +00:00
Renovate Bot
4dd17f045b chore(deps): update alpine/helm docker tag to v3.15.2 (#668)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-22 00:40:03 +00:00
Renovate Bot
030322170e chore(deps): update subcharts (minor & patch) (#667)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-15 00:42:23 +00:00
Renovate Bot
d407eda496 chore(deps): update subcharts (minor & patch) (#665)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-08 01:01:27 +00:00
Ceddaerrix
b7b60dd51f DRY improvements (#664)
### Description of the change

Adding support for DRY principle (via use of the TPL function) to the PVC storage class and the ingress class

### Benefits

It allows to reference a variable into another one to avoid duplicating them (or using YAML anchors).
It is useful and valuable when including Gitea into an umbrella chart with multiple components and to have a single variable while the components variable only refer to that single one.

Example 1
```
global:
  persistence:
    storageClass: "storage-class"
persistence:
  storageClass: "{{ .Values.global.persistence.storageClass }}"
```
This results in having `spec.storageClassName` equal to `storage-class` in the PVC object

Example 2
```
global:
  ingress:
    className: "ingress-class"
ingress:
  className: "{{ .Values.global.ingress.className}}"
```
This results in having `spec.ingressClassName` equal to `ingress-class` in the Ingress object

### Possible drawbacks

N/A

### Checklist

- [X] Templating unittests are added

Co-authored-by: 212597596 <cedric.henry@ge.com>
Co-authored-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/664
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>
2024-06-06 20:39:41 +00:00
pat-s
22848d0ce7 Bump Gitea to 1.22 (#662)
@justusbunsi

I've been running 1.22 with this chart on some clusters for some days now without issues.
I think no further adjustments are needed on the chart side.

Maybe we can get some of the other open PRs in?

Also: Let me know if you want to do the release this time - I did a lot lately, happy to let you have a go for this one :)

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/662
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-06-06 20:36:53 +00:00
Renovate Bot
157e87593d chore(deps): update subcharts (minor & patch) (#663)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-06-02 00:23:26 +00:00
Renovate Bot
f897e6350b chore(deps): update workflow dependencies (minor & patch) (#660)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| alpine/helm |  | minor | `3.14.4` -> `3.15.1` |
| alpine/helm | container | minor | `3.14.4` -> `3.15.1` |
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | devDependencies | minor | [`^0.40.0` -> `^0.41.0`](https://renovatebot.com/diffs/npm/markdownlint-cli/0.40.0/0.41.0) |

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/660
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-27 14:54:59 +00:00
Renovate Bot
21bc9a548b chore(deps): update subcharts (minor & patch) (#658)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-26 00:41:07 +00:00
Renovate Bot
b13063ad7a chore(deps): update subcharts (minor & patch) (#656)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-23 00:45:28 +00:00
Renovate Bot
4d62136a3d chore(deps): update workflow dependencies (minor & patch) (#653)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-14 00:40:39 +00:00
Renovate Bot
548f932422 chore(deps): update postgresql docker tag to v15.2.12 (#654)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-12 00:41:34 +00:00
Renovate Bot
dc30c66d25 chore(deps): update subcharts (minor & patch) (#652)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-05-05 01:11:45 +00:00
pat-s
0b2f3d6eb9 Quote image tag (#641)
fix #631

Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/641
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-05-02 08:05:26 +00:00
Dalton Russell
dd304c1c1a Add deployment labels to deployment (#649)
### Description of the change

Applies `deployment.labels` to the deployment itself.

### Benefits

Allows the user to add labels to the deployment.

### Possible drawbacks

None

### Checklist

- [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [X] Templating unittests are added

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/649
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: Dalton Russell <dalton.russell@tangramflex.com>
Co-committed-by: Dalton Russell <dalton.russell@tangramflex.com>
2024-05-02 04:43:42 +00:00
Renovate Bot
4f4c71fb39 chore(deps): update postgresql-ha docker tag to v14.0.6 (#647)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-29 00:41:48 +00:00
Renovate Bot
509ee975c4 chore(deps): update dependency @bitnami/readme-generator-for-helm to v2.6.1 (#646)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-28 00:43:28 +00:00
Renovate Bot
15385d02ee chore(deps): update subcharts (minor & patch) (#645)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | patch | `14.0.3` -> `14.0.5` |
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | patch | `10.0.1` -> `10.0.2` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMxOC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJraW5kL2RlcGVuZGVuY3kiXX0=-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/645
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-23 07:13:16 +00:00
Renovate Bot
617c773b7e chore(deps): update alpine/helm docker tag to v3.14.4 (#644)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-22 00:41:51 +00:00
pat-s
42937062d9 Add codeowners file (#642)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/642
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>
Co-authored-by: pat-s <patrick.schratz@gmail.com>
Co-committed-by: pat-s <patrick.schratz@gmail.com>
2024-04-18 07:23:34 +00:00
Renovate Bot
a91624b52d chore(deps): update redis-cluster docker tag to v10 (#629)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | major | `9.8.1` -> `10.0.1` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNDYuMSIsInVwZGF0ZWRJblZlciI6IjM3LjI3OS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/629
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-17 06:58:01 +00:00
Renovate Bot
b768ded932 chore(deps): update postgresql docker tag to v15 (#634)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | major | `14.3.3` -> `15.2.5` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjYuMCIsInVwZGF0ZWRJblZlciI6IjM3LjI4MC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/634
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-16 08:20:32 +00:00
pat-s
fd8246e51d
remove apt install helm command 2024-04-16 10:14:50 +02:00
pat-s
20b14b01c1
update helm install logic in release wf 2024-04-16 10:14:04 +02:00
pat-s
74bae066c4
update docker install for release workflow from debian to ubuntu 2024-04-16 09:58:31 +02:00
pat-s
2f809390be
bump Gitea to 1.21.11 2024-04-16 09:52:13 +02:00
Renovate Bot
153a664138 chore(deps): update postgresql-ha docker tag to v14.0.3 (#639)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-14 00:37:58 +00:00
Renovate Bot
0135b10295 chore(deps): update postgresql-ha docker tag to v14.0.2 (#638)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | patch | `14.0.0` -> `14.0.2` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNzkuMyIsInVwZGF0ZWRJblZlciI6IjM3LjI3OS4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJraW5kL2RlcGVuZGVuY3kiXX0=-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/638
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-04-10 12:49:03 +00:00
Renovate Bot
2a9273d32f chore(deps): update workflow dependencies (minor & patch) (#633)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-25 00:38:32 +00:00
Renovate Bot
3b2b700441 chore(deps): update postgresql-ha docker tag to v14 (#628)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `13.6.1` -> `14.0.0` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNDYuMSIsInVwZGF0ZWRJblZlciI6IjM3LjI0Ni4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/628
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-16 12:52:11 +00:00
7fa896a0ce Resolve conflicting behavior during make readme (#627)
The current README content is a result of running markdownlint with simple fixes enabled.
It shouldn't fix _any_ issues, even after generating the parameter section.
Unfortunately, this is not the case right now.

This resolves the long-running dispute of both tools. 😉

---

Since I already modified the `values.yaml`, I decided to include a change regarding code signing.
Otherwise, it may confuse users after merging #596.

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/627
Reviewed-by: pat-s <pat-s@noreply.gitea.com>
Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com>
Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>
2024-03-15 16:02:06 +00:00
Renovate Bot
d2bfa0250d chore(deps): update subcharts (minor & patch) (#626)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-13 00:35:30 +00:00
Renovate Bot
2d77b626ac chore(deps): update postgresql-ha docker tag to v13 (#624)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `12.8.2` -> `13.4.5` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMjIuMyIsInVwZGF0ZWRJblZlciI6IjM3LjIyNC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/624
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-04 14:55:47 +00:00
Renovate Bot
6644c1701b chore(deps): update postgresql docker tag to v14 (#622)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | major | `13.4.6` -> `14.2.3` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMjIuMyIsInVwZGF0ZWRJblZlciI6IjM3LjIyMi4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/622
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-03 09:37:52 +00:00
Renovate Bot
a3fafc90a8 chore(deps): update redis-cluster docker tag to v9.7.0 (#621)
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-03-03 00:23:32 +00:00
pat-s
ceb6de12a8
bump to gitea 1.21.7 2024-02-26 11:16:57 +01:00
Renovate Bot
ab5ec8ddb9 chore(deps): update workflow dependencies (minor & patch) (#616)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| alpine/helm |  | patch | `3.14.0` -> `3.14.2` |
| alpine/helm | container | patch | `3.14.0` -> `3.14.2` |
| [helm-unittest/helm-unittest](https://github.com/helm-unittest/helm-unittest) |  | patch | `v0.4.1` -> `v0.4.2` |

---

### Release Notes

<details>
<summary>helm-unittest/helm-unittest (helm-unittest/helm-unittest)</summary>

### [`v0.4.2`](https://github.com/helm-unittest/helm-unittest/releases/tag/v0.4.2)

[Compare Source](https://github.com/helm-unittest/helm-unittest/compare/v0.4.1...v0.4.2)

**Improvements**

-   Improve storing generated template when debug flag enabled (credits [@&#8203;thepeak99](https://github.com/thepeak99))
-   Improve development (credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk))

**Fixes**

-   Fix global set and set override (resolves [#&#8203;210](https://github.com/helm-unittest/helm-unittest/issues/210), resolves [#&#8203;276](https://github.com/helm-unittest/helm-unittest/issues/276))
-   Fix debug flag by changing name to debugPlugin flag (resolves [#&#8203;241](https://github.com/helm-unittest/helm-unittest/issues/241))
-   Fix empty documentSelector (credits [@&#8203;michaelruigrok](https://github.com/michaelruigrok))

**Updates**

-   Update packages to latest patch versions (credits [@&#8203;ivankatliarchuk](https://github.com/ivankatliarchuk), credits [@&#8203;stavros-k](https://github.com/stavros-k), resolves [#&#8203;295](https://github.com/helm-unittest/helm-unittest/issues/295))
-   Update documentation (credits [@&#8203;tochev](https://github.com/tochev))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIxMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/616
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-02-26 09:51:06 +00:00
Renovate Bot
d65737681a chore(deps): update redis-cluster docker tag to v9.6.2 (#617)
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | minor | `9.5.20` -> `9.6.2` |

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIxMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: pat-s <patrick.schratz@gmail.com>
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/617
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-02-26 09:50:40 +00:00
Renovate Bot
8ee589a56f chore(deps): update crazy-max/ghaction-import-gpg action to v6 (#620)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) | action | major | `v5` -> `v6` |

---

### Release Notes

<details>
<summary>crazy-max/ghaction-import-gpg (crazy-max/ghaction-import-gpg)</summary>

### [`v6`](https://github.com/crazy-max/ghaction-import-gpg/compare/v5...v6)

[Compare Source](https://github.com/crazy-max/ghaction-import-gpg/compare/v5...v6)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTIuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIxMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/620
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-02-26 09:42:27 +00:00
Renovate Bot
a82540e7eb chore(deps): update aws-actions/configure-aws-credentials action to v4 (#619)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | action | major | `v2` -> `v4` |

---

### Release Notes

<details>
<summary>aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials)</summary>

### [`v4`](https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4)

[Compare Source](https://github.com/aws-actions/configure-aws-credentials/compare/v3...v4)

This tag tracks the latest v4.x.x release

### [`v3`](https://github.com/aws-actions/configure-aws-credentials/releases/tag/v3)

[Compare Source](https://github.com/aws-actions/configure-aws-credentials/compare/v2...v3)

This tag tracks the latest v3.x.x release

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMTIuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIxMi4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/619
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2024-02-26 09:41:41 +00:00
69 changed files with 2458 additions and 249 deletions

View File

@ -40,3 +40,4 @@
- [ ] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [ ] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
- [ ] Breaking changes are documented in the `README.md` - [ ] Breaking changes are documented in the `README.md`
- [ ] Templating unittests are added - [ ] Templating unittests are added
- [ ] All added template resources MUST render a namespace in metadata

View File

@ -7,7 +7,7 @@ on:
env: env:
# renovate: datasource=docker depName=alpine/helm # renovate: datasource=docker depName=alpine/helm
HELM_VERSION: "3.14.0" HELM_VERSION: "3.16.3"
jobs: jobs:
generate-chart-publish: generate-chart-publish:
@ -19,20 +19,23 @@ jobs:
apt update -y apt update -y
apt install -y curl ca-certificates curl gnupg apt install -y curl ca-certificates curl gnupg
# helm # helm
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | tee /usr/share/keyrings/helm.gpg > /dev/null curl -O https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | tee /etc/apt/sources.list.d/helm-stable-debian.list tar -xzf helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/
rm -rf linux-amd64 helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
helm version
# docker # docker
install -m 0755 -d /etc/apt/keyrings install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update -y apt update -y
apt install -y python helm=${{ env.HELM_VERSION }}-1 python3-pip apt-transport-https docker-ce-cli apt install -y python3 python3-pip apt-transport-https docker-ce-cli
pip install awscli pip install awscli
- name: Import GPG key - name: Import GPG key
id: import_gpg id: import_gpg
uses: https://github.com/crazy-max/ghaction-import-gpg@v5 uses: https://github.com/crazy-max/ghaction-import-gpg@v6
with: with:
gpg_private_key: ${{ secrets.GPGSIGN_KEY }} gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }} passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
@ -46,7 +49,6 @@ jobs:
helm plugin install https://github.com/pat-s/helm-gpg helm plugin install https://github.com/pat-s/helm-gpg
helm dependency build helm dependency build
helm package --version "${GITHUB_REF#refs/tags/v}" ./ helm package --version "${GITHUB_REF#refs/tags/v}" ./
helm gpg sign "gitea-${GITHUB_REF#refs/tags/v}.tgz"
mkdir gitea mkdir gitea
mv gitea*.tgz gitea/ mv gitea*.tgz gitea/
curl -s -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml curl -s -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml
@ -57,7 +59,7 @@ jobs:
helm registry logout registry-1.docker.io helm registry logout registry-1.docker.io
- name: aws credential configure - name: aws credential configure
uses: https://github.com/aws-actions/configure-aws-credentials@v2 uses: https://github.com/aws-actions/configure-aws-credentials@v4
with: with:
aws-access-key-id: ${{ secrets.AWS_KEY_ID }} aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

View File

@ -11,12 +11,12 @@ on:
env: env:
# renovate: datasource=github-releases depName=helm-unittest/helm-unittest # renovate: datasource=github-releases depName=helm-unittest/helm-unittest
HELM_UNITTEST_VERSION: "v0.4.1" HELM_UNITTEST_VERSION: "v0.7.0"
jobs: jobs:
check-and-test: check-and-test:
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: alpine/helm:3.14.0 container: alpine/helm:3.16.3
steps: steps:
- name: install tools - name: install tools
run: | run: |

View File

@ -31,3 +31,8 @@ Makefile
.drone.yml .drone.yml
CONTRIBUTING.md CONTRIBUTING.md
unittests/ unittests/
.editorconfig
.prettierignore
.yamllint
CODEOWNERS
renovate.json5

View File

@ -1,6 +1,6 @@
{ {
"yaml.schemas": { "yaml.schemas": {
"https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.4.1/schema/helm-testsuite.json": [ "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.7.0/schema/helm-testsuite.json": [
"/unittests/**/*.yaml" "/unittests/**/*.yaml"
] ]
}, },

1
CODEOWNERS Normal file
View File

@ -0,0 +1 @@
* @justusbunsi @pat-s

View File

@ -1,12 +1,15 @@
dependencies: dependencies:
- name: postgresql - name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 13.4.6 version: 15.5.38
- name: postgresql-ha - name: postgresql-ha
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 12.8.2 version: 14.3.10
- name: redis-cluster - name: redis-cluster
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 9.5.20 version: 10.3.0
digest: sha256:10ca7303e61effbe02163c0df6ed1a87f25d71edd44d1aadae971f56679ae985 - name: redis
generated: "2024-02-17T00:21:51.363456958Z" repository: oci://registry-1.docker.io/bitnamicharts
version: 19.6.4
digest: sha256:462d513ac8ef7abfe26030fd2ea93eb79df167a861ebe09d6c58c7dcd5601e85
generated: "2024-11-30T00:41:29.178889496Z"

View File

@ -3,7 +3,8 @@ name: gitea
description: Gitea Helm chart for Kubernetes description: Gitea Helm chart for Kubernetes
type: application type: application
version: 0.0.0 version: 0.0.0
appVersion: 1.21.6 # renovate datasource=github-releases depName=go-gitea/gitea extractVersion=^v(?<version>.*)$
appVersion: 1.22.4
icon: https://gitea.com/assets/img/logo.svg icon: https://gitea.com/assets/img/logo.svg
keywords: keywords:
@ -35,15 +36,20 @@ dependencies:
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql # https://github.com/bitnami/charts/blob/main/bitnami/postgresql
- name: postgresql - name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 13.4.6 version: 15.5.38
condition: postgresql.enabled condition: postgresql.enabled
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml
- name: postgresql-ha - name: postgresql-ha
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 12.8.2 version: 14.3.10
condition: postgresql-ha.enabled condition: postgresql-ha.enabled
# https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml
- name: redis-cluster - name: redis-cluster
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 9.5.20 version: 10.3.0
condition: redis-cluster.enabled condition: redis-cluster.enabled
# https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml
- name: redis
repository: oci://registry-1.docker.io/bitnamicharts
version: 19.6.4
condition: redis.enabled

View File

@ -9,7 +9,7 @@ readme: prepare-environment
.PHONY: unittests .PHONY: unittests
unittests: unittests:
helm unittest --strict -f 'unittests/**/*.yaml' -f 'unittests/dependency-major-image-check.yaml' ./ helm unittest --strict -f 'unittests/**/*.yaml' -f 'unittests/dependency-major-image-check.yaml' -f 'unittests/values-conflicting-checks.yaml' ./
.PHONY: helm .PHONY: helm
update-helm-dependencies: update-helm-dependencies:

171
README.md

File diff suppressed because it is too large Load Diff

213
package-lock.json generated

File diff suppressed because it is too large Load Diff

View File

@ -14,6 +14,6 @@
}, },
"devDependencies": { "devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.5.0", "@bitnami/readme-generator-for-helm": "^2.5.0",
"markdownlint-cli": "^0.39.0" "markdownlint-cli": "^0.43.0"
} }
} }

34
readme-actions-dev.md Normal file
View File

@ -0,0 +1,34 @@
# Gitea Actions
In order to use the Gitea Actions act-runner you must either:
- enable persistence (used for automatic deployment to be able to store the token in a place accessible for the Job)
- create a secret containing the act runner token and reference it as a `existingSecret`
In order to use Gitea Actions, you must log on the server that's running Gitea and run the command:
`gitea actions generate-runner-token`
This command will out a token that is needed by the act-runner to register with the Gitea backend.
Because this is a manual operation, we automated this using a Kubernetes Job using the following containers:
1) `actions-token-create`: it uses the current `gitea-rootless` image, mounts the persistent directory to `/data/` then it saves the output from `gitea actions generate-runner-token` to `/data/actions/token`
2) `actions-token-upload`: it uses a `bitnami/kubectl` image, mounts the scripts directory (`/scripts`) and
the persistent directory (`/data/`), and using the script from `/scripts/token.sh` stores the token in a Kubernetes secret
After the token is stored in a Kubernetes secret we can create the statefulset that contains the following containers:
1) `act-runner`: authenticates with Gitea using the token that was stored in the secret
2) `dind`: DockerInDocker image that is used to run the actions
If you are not using persistent volumes, you cannot use the Job to automatically generate the token.
In this case, you can use either the Web UI to generate the token or run a shell into a Gitea pod and invoke
the command `gitea actions generate-runner-token`. After generating the token, you must create a secret and use it via:
```yaml
actions:
provisioning:
enabled: false
existingSecret: "secret-name"
existingSecretKey: "secret-key"
```

View File

@ -30,6 +30,14 @@
], ],
datasourceTemplate: 'github-releases', datasourceTemplate: 'github-releases',
}, },
{
'description': 'Automatically detect new Gitea releases',
'customType': 'regex',
'fileMatch': ['(^|/)Chart\\.yaml$'],
'matchStrings': [
'# renovate datasource=(?<datasource>\\S+) depName=(?<depName>\\S+) extractVersion=(?<extractVersion>\\S+)\\nappVersion:\\s?(?<currentValue>\\S+)\\n',
],
},
], ],
packageRules: [ packageRules: [
{ {
@ -55,6 +63,32 @@
'patch', 'patch',
'digest', 'digest',
], ],
matchFileNames: [
'!Chart.yaml',
],
},
{
description: 'Update README.md on changes in values.yaml',
matchManagers: [
'helm-values',
],
postUpgradeTasks: {
commands: [
'install-tool node',
'make readme',
],
fileFilters: [
'README.md',
],
executionMode: 'update',
},
},
{
description: 'Override changelog url for Helm image, to have release notes in our PRs',
matchDepNames: [
'alpine/helm',
],
changelogUrl: 'https://github.com/helm/helm',
}, },
], ],
} }

43
scripts/token.sh Normal file
View File

@ -0,0 +1,43 @@
#!/bin/sh
set -eu
timeout_delay=15
check_token() {
set +e
echo "Checking for existing token..."
token="$(kubectl get secret "$SECRET_NAME" -o jsonpath="{.data['token']}" 2> /dev/null)"
[ $? -ne 0 ] && return 1
[ -z "$token" ] && return 2
return 0
}
create_token() {
echo "Waiting for new token to be generated..."
begin=$(date +%s)
end=$((begin + timeout_delay))
while true; do
[ -f /data/actions/token ] && return 0
[ "$(date +%s)" -gt $end ] && return 1
sleep 5
done
}
store_token() {
echo "Storing the token in Kubernetes secret..."
kubectl patch secret "$SECRET_NAME" -p "{\"data\":{\"token\":\"$(base64 /data/actions/token | tr -d '\n')\"}}"
}
if check_token; then
echo "Key already in place, exiting."
exit
fi
if ! create_token; then
echo "Checking for an existing act runner token in secret $SECRET_NAME timed out after $timeout_delay"
exit 1
fi
store_token

View File

@ -25,6 +25,13 @@ If release name contains chart name it will be used as a full name.
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{/*
Create a default worker name.
*/}}
{{- define "gitea.workername" -}}
{{- printf "%s-%s" .global.Release.Name .worker | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/* {{/*
Create chart name and version as used by the chart label. Create chart name and version as used by the chart label.
*/}} */}}
@ -40,7 +47,7 @@ Create image name and tag used by the deployment.
{{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}} {{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}}
{{- $repository := .Values.image.repository -}} {{- $repository := .Values.image.repository -}}
{{- $separator := ":" -}} {{- $separator := ":" -}}
{{- $tag := .Values.image.tag | default .Chart.AppVersion -}} {{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}}
{{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}} {{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}}
{{- $digest := "" -}} {{- $digest := "" -}}
{{- if .Values.image.digest }} {{- if .Values.image.digest }}
@ -74,7 +81,7 @@ imagePullSecrets:
Storage Class Storage Class
*/}} */}}
{{- define "gitea.persistence.storageClass" -}} {{- define "gitea.persistence.storageClass" -}}
{{- $storageClass := .Values.persistence.storageClass | default .Values.global.storageClass }} {{- $storageClass := (tpl ( default "" .Values.persistence.storageClass) .) | default (tpl ( default "" .Values.global.storageClass) .) }}
{{- if $storageClass }} {{- if $storageClass }}
storageClassName: {{ $storageClass | quote }} storageClassName: {{ $storageClass | quote }}
{{- end }} {{- end }}
@ -92,6 +99,15 @@ version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}} {{- end -}}
{{- define "gitea.labels.actRunner" -}}
helm.sh/chart: {{ include "gitea.chart" . }}
app: {{ include "gitea.name" . }}-act-runner
{{ include "gitea.selectorLabels.actRunner" . }}
app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/* {{/*
Selector labels Selector labels
*/}} */}}
@ -100,6 +116,11 @@ app.kubernetes.io/name: {{ include "gitea.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}} {{- end -}}
{{- define "gitea.selectorLabels.actRunner" -}}
app.kubernetes.io/name: {{ include "gitea.name" . }}-act-runner
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "postgresql-ha.dns" -}} {{- define "postgresql-ha.dns" -}}
{{- if (index .Values "postgresql-ha").enabled -}} {{- if (index .Values "postgresql-ha").enabled -}}
{{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}} {{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}}
@ -113,20 +134,28 @@ app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}} {{- end -}}
{{- define "redis.dns" -}} {{- define "redis.dns" -}}
{{- if (index .Values "redis-cluster").enabled -}} {{- if and ((index .Values "redis-cluster").enabled) ((index .Values "redis").enabled) -}}
{{- fail "redis and redis-cluster cannot be enabled at the same time. Please only choose one." -}}
{{- else if (index .Values "redis-cluster").enabled -}}
{{- printf "redis+cluster://:%s@%s-redis-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis-cluster").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis-cluster").service.ports.redis -}} {{- printf "redis+cluster://:%s@%s-redis-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis-cluster").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis-cluster").service.ports.redis -}}
{{- else if (index .Values "redis").enabled -}}
{{- printf "redis://:%s@%s-redis-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis").master.service.ports.redis -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "redis.port" -}} {{- define "redis.port" -}}
{{- if (index .Values "redis-cluster").enabled -}} {{- if (index .Values "redis-cluster").enabled -}}
{{ (index .Values "redis-cluster").service.ports.redis }} {{ (index .Values "redis-cluster").service.ports.redis }}
{{- else if (index .Values "redis").enabled -}}
{{ (index .Values "redis").master.service.ports.redis }}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "redis.servicename" -}} {{- define "redis.servicename" -}}
{{- if (index .Values "redis-cluster").enabled -}} {{- if (index .Values "redis-cluster").enabled -}}
{{- printf "%s-redis-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}} {{- printf "%s-redis-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
{{- else if (index .Values "redis").enabled -}}
{{- printf "%s-redis-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
@ -191,6 +220,15 @@ https
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- define "gitea.act_runner.local_root_url" -}}
{{- if not .Values.gitea.config.server.LOCAL_ROOT_URL -}}
{{- printf "http://%s-http:%.0f" (include "gitea.fullname" .) .Values.service.http.port -}}
{{- else -}}
{{/* fallback for allowing to overwrite this value via inline config */}}
{{- .Values.gitea.config.server.LOCAL_ROOT_URL -}}
{{- end -}}
{{- end -}}
{{- define "gitea.inline_configuration" -}} {{- define "gitea.inline_configuration" -}}
{{- include "gitea.inline_configuration.init" . -}} {{- include "gitea.inline_configuration.init" . -}}
{{- include "gitea.inline_configuration.defaults" . -}} {{- include "gitea.inline_configuration.defaults" . -}}
@ -255,6 +293,9 @@ https
{{- if not (hasKey .Values.gitea.config "indexer") -}} {{- if not (hasKey .Values.gitea.config "indexer") -}}
{{- $_ := set .Values.gitea.config "indexer" dict -}} {{- $_ := set .Values.gitea.config "indexer" dict -}}
{{- end -}} {{- end -}}
{{- if not (hasKey .Values.gitea.config "actions") -}}
{{- $_ := set .Values.gitea.config "actions" dict -}}
{{- end -}}
{{- end -}} {{- end -}}
{{- define "gitea.inline_configuration.defaults" -}} {{- define "gitea.inline_configuration.defaults" -}}
@ -270,8 +311,11 @@ https
{{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}} {{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}}
{{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}} {{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}}
{{- end -}} {{- end -}}
{{- if and (not (hasKey .Values.gitea.config.metrics "TOKEN")) (.Values.gitea.metrics.token) (.Values.gitea.metrics.enabled) -}}
{{- $_ := set .Values.gitea.config.metrics "TOKEN" .Values.gitea.metrics.token -}}
{{- end -}}
{{- /* redis queue */ -}} {{- /* redis queue */ -}}
{{- if (index .Values "redis-cluster").enabled -}} {{- if or ((index .Values "redis-cluster").enabled) ((index .Values "redis").enabled) -}}
{{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}} {{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}}
{{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "redis.dns" .) -}} {{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "redis.dns" .) -}}
{{- $_ := set .Values.gitea.config.session "PROVIDER" "redis" -}} {{- $_ := set .Values.gitea.config.session "PROVIDER" "redis" -}}
@ -301,6 +345,9 @@ https
{{- if not .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE -}} {{- if not .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE -}}
{{- $_ := set .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE" "db" -}} {{- $_ := set .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE" "db" -}}
{{- end -}} {{- end -}}
{{- if not .Values.gitea.config.actions.ENABLED -}}
{{- $_ := set .Values.gitea.config.actions "ENABLED" (ternary "true" "false" .Values.actions.enabled) -}}
{{- end -}}
{{- end -}} {{- end -}}
{{- define "gitea.inline_configuration.defaults.server" -}} {{- define "gitea.inline_configuration.defaults.server" -}}
@ -320,6 +367,9 @@ https
{{- if not .Values.gitea.config.server.ROOT_URL -}} {{- if not .Values.gitea.config.server.ROOT_URL -}}
{{- $_ := set .Values.gitea.config.server "ROOT_URL" (printf "%s://%s" (include "gitea.public_protocol" .) .Values.gitea.config.server.DOMAIN) -}} {{- $_ := set .Values.gitea.config.server "ROOT_URL" (printf "%s://%s" (include "gitea.public_protocol" .) .Values.gitea.config.server.DOMAIN) -}}
{{- end -}} {{- end -}}
{{- if .Values.actions.enabled -}}
{{- $_ := set .Values.gitea.config.server "LOCAL_ROOT_URL" (include "gitea.act_runner.local_root_url" .) -}}
{{- end -}}
{{- if not .Values.gitea.config.server.SSH_DOMAIN -}} {{- if not .Values.gitea.config.server.SSH_DOMAIN -}}
{{- $_ := set .Values.gitea.config.server "SSH_DOMAIN" .Values.gitea.config.server.DOMAIN -}} {{- $_ := set .Values.gitea.config.server "SSH_DOMAIN" .Values.gitea.config.server.DOMAIN -}}
{{- end -}} {{- end -}}
@ -392,3 +442,33 @@ https
{{- define "gitea.serviceAccountName" -}} {{- define "gitea.serviceAccountName" -}}
{{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }} {{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }}
{{- end -}} {{- end -}}
{{- define "gitea.admin.passwordMode" -}}
{{- if has .Values.gitea.admin.passwordMode (tuple "keepUpdated" "initialOnlyNoReset" "initialOnlyRequireReset") -}}
{{ .Values.gitea.admin.passwordMode }}
{{- else -}}
{{ printf "gitea.admin.passwordMode must be set to one of 'keepUpdated', 'initialOnlyNoReset', or 'initialOnlyRequireReset'. Received: '%s'" .Values.gitea.admin.passwordMode | fail }}
{{- end -}}
{{- end -}}
{{/* Create a functioning probe object for rendering. Given argument must be either a livenessProbe, readinessProbe, or startupProbe */}}
{{- define "gitea.deployment.probe" -}}
{{- $probe := unset . "enabled" -}}
{{- $probeKeys := keys $probe -}}
{{- $containsCustomMethod := false -}}
{{- $chartDefaultMethod := "tcpSocket" -}}
{{- $nonChartDefaultMethods := list "exec" "httpGet" "grpc" -}}
{{- range $probeKeys -}}
{{- if has . $nonChartDefaultMethods -}}
{{- $containsCustomMethod = true -}}
{{- end -}}
{{- end -}}
{{- if $containsCustomMethod -}}
{{- $probe = unset . $chartDefaultMethod -}}
{{- end -}}
{{- toYaml $probe -}}
{{- end -}}
{{- define "gitea.metrics-secret-name" -}}
{{ default (printf "%s-metrics-secret" (include "gitea.fullname" .)) }}
{{- end -}}

View File

@ -0,0 +1,15 @@
{{- if .Values.actions.enabled -}}
{{- if .Values.actions.provisioning.enabled -}}
{{- if not (and .Values.persistence.enabled .Values.persistence.mount) -}}
{{- fail "persistence.enabled and persistence.mount are required when provisioning is enabled" -}}
{{- end -}}
{{- if and .Values.persistence.enabled .Values.persistence.mount -}}
{{- if .Values.actions.existingSecret -}}
{{- fail "Can't specify both actions.provisioning.enabled and actions.existingSecret" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- if and (not .Values.actions.provisioning.enabled) (or (empty .Values.actions.existingSecret) (empty .Values.actions.existingSecretKey)) -}}
{{- fail "actions.existingSecret and actions.existingSecretKey are required when provisioning is disabled" -}}
{{- end -}}
{{- end -}}

View File

@ -0,0 +1,15 @@
{{- if .Values.actions.enabled }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "gitea.fullname" . }}-act-runner-config
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
data:
config.yaml: |
{{- with .Values.actions.statefulset.actRunner.config -}}
{{ . | nindent 4}}
{{- end -}}
{{- end }}

View File

@ -0,0 +1,14 @@
{{- if .Values.actions.enabled }}
{{- if and (and .Values.actions.provisioning.enabled .Values.persistence.enabled) .Values.persistence.mount }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "gitea.fullname" . }}-scripts
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
data:
{{ (.Files.Glob "scripts/*.sh").AsConfig | indent 2 }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,115 @@
{{- if .Values.actions.enabled }}
{{- if and (and .Values.actions.provisioning.enabled .Values.persistence.enabled) .Values.persistence.mount }}
{{- $name := include "gitea.workername" (dict "global" . "worker" "actions-token-job") }}
{{- $secretName := include "gitea.workername" (dict "global" . "worker" "actions-token") }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ $name }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
{{- with .Values.actions.provisioning.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
app.kubernetes.io/component: token-job
annotations:
{{- with .Values.actions.provisioning.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
ttlSecondsAfterFinished: {{ .Values.actions.provisioning.ttlSecondsAfterFinished }}
template:
metadata:
labels:
{{- include "gitea.labels" . | nindent 8 }}
{{- with .Values.actions.provisioning.labels }}
{{- toYaml . | nindent 8 }}
{{- end }}
app.kubernetes.io/component: token-job
spec:
initContainers:
- name: init-gitea
image: "{{ .Values.actions.init.image.repository }}:{{ .Values.actions.init.image.tag }}"
command:
- sh
- -c
- |
while ! nc -z {{ include "gitea.fullname" . }}-http {{ .Values.service.http.port }}; do
sleep 5
done
containers:
- name: actions-token-create
image: "{{ include "gitea.image" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
command:
- sh
- -c
- |
echo "Generating act_runner token via 'gitea actions generate-runner-token'..."
mkdir -p /data/actions/
gitea actions generate-runner-token | grep -E '^.{40}$' | tr -d '\n' > /data/actions/token
resources:
{{- toYaml .Values.actions.provisioning.resources | nindent 12 }}
volumeMounts:
- name: data
mountPath: /data
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
- name: actions-token-upload
image: "{{ .Values.actions.provisioning.publish.repository }}:{{ .Values.actions.provisioning.publish.tag }}"
imagePullPolicy: {{ .Values.actions.provisioning.publish.pullPolicy }}
env:
- name: SECRET_NAME
value: {{ $secretName }}
command:
- sh
- -c
- |
printf "Checking rights to update kubernetes act_runner secret..."
kubectl auth can-i update secret/${SECRET_NAME}
/scripts/token.sh
resources:
{{- toYaml .Values.actions.provisioning.resources | nindent 12 }}
volumeMounts:
- mountPath: /scripts
name: scripts
readOnly: true
- mountPath: /data
name: data
readOnly: true
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
{{- with .Values.actions.provisioning.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.actions.provisioning.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.actions.provisioning.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
restartPolicy: Never
serviceAccount: {{ $name }}
volumes:
- name: scripts
configMap:
name: {{ include "gitea.fullname" . }}-scripts
defaultMode: 0755
- name: data
persistentVolumeClaim:
claimName: {{ .Values.persistence.claimName }}
parallelism: 1
completions: 1
backoffLimit: 1
{{- end }}
{{- end }}

View File

@ -0,0 +1,26 @@
{{- if .Values.actions.enabled }}
{{- if and (and .Values.actions.provisioning.enabled .Values.persistence.enabled) .Values.persistence.mount }}
{{- $name := include "gitea.workername" (dict "global" . "worker" "actions-token-job") }}
{{- $secretName := include "gitea.workername" (dict "global" . "worker" "actions-token") }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ $name }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
rules:
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- {{ $secretName }}
verbs:
- get
- update
- patch
{{- end }}
{{- end }}

View File

@ -0,0 +1,23 @@
{{- if .Values.actions.enabled }}
{{- if and (and .Values.actions.provisioning.enabled .Values.persistence.enabled) .Values.persistence.mount }}
{{- $name := include "gitea.workername" (dict "global" . "worker" "actions-token-job") }}
{{- $secretName := include "gitea.workername" (dict "global" . "worker" "actions-token") }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ $name }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ $name }}
subjects:
- kind: ServiceAccount
name: {{ $name }}
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{- if .Values.actions.enabled }}
{{- if and (and .Values.actions.provisioning.enabled .Values.persistence.enabled) .Values.persistence.mount }}
{{- $name := include "gitea.workername" (dict "global" . "worker" "actions-token-job") }}
{{- $secretName := include "gitea.workername" (dict "global" . "worker" "actions-token") }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
{{ $secret := (lookup "v1" "Secret" .Release.Namespace $secretName) -}}
{{ if $secret -}}
data:
token: {{ (b64dec (index $secret.data "token")) | b64enc }}
{{ end -}}
{{- end }}
{{- end }}

View File

@ -0,0 +1,14 @@
{{- if .Values.actions.enabled }}
{{- if and (and .Values.actions.provisioning.enabled .Values.persistence.enabled) .Values.persistence.mount }}
{{- $name := include "gitea.workername" (dict "global" . "worker" "actions-token-job") }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ $name }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels:
{{- include "gitea.labels" . | nindent 4 }}
app.kubernetes.io/component: token-job
{{- end }}
{{- end }}

View File

@ -0,0 +1,118 @@
{{- if .Values.actions.enabled }}
{{- $secretName := include "gitea.workername" (dict "global" . "worker" "actions-token") }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
labels:
{{- include "gitea.labels.actRunner" . | nindent 4 }}
{{- with .Values.actions.statefulset.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
annotations:
{{- with .Values.actions.statefulset.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ include "gitea.fullname" . }}-act-runner
namespace: {{ .Values.namespace | default .Release.Namespace }}
spec:
selector:
matchLabels:
{{- include "gitea.selectorLabels.actRunner" . | nindent 6 }}
template:
metadata:
labels:
{{- include "gitea.labels.actRunner" . | nindent 8 }}
{{- with .Values.actions.statefulset.labels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
initContainers:
- name: init-gitea
image: "{{ .Values.actions.init.image.repository }}:{{ .Values.actions.init.image.tag }}"
command:
- sh
- -c
- |
while ! nc -z {{ include "gitea.fullname" . }}-http {{ .Values.service.http.port }}; do
sleep 5
done
containers:
- name: act-runner
image: "{{ .Values.actions.statefulset.actRunner.repository }}:{{ .Values.actions.statefulset.actRunner.tag }}"
imagePullPolicy: {{ .Values.actions.statefulset.actRunner.pullPolicy }}
workingDir: /data
env:
- name: DOCKER_HOST
value: tcp://127.0.0.1:2376
- name: DOCKER_TLS_VERIFY
value: "1"
- name: DOCKER_CERT_PATH
value: /certs/server
- name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom:
secretKeyRef:
name: "{{ .Values.actions.existingSecret | default $secretName }}"
key: "{{ .Values.actions.existingSecretKey | default "token" }}"
- name: GITEA_INSTANCE_URL
value: {{ include "gitea.act_runner.local_root_url" . }}
- name: CONFIG_FILE
value: /actrunner/config.yaml
resources:
{{- toYaml .Values.actions.statefulset.resources | nindent 12 }}
volumeMounts:
- mountPath: /actrunner/config.yaml
name: act-runner-config
subPath: config.yaml
- mountPath: /certs/server
name: docker-certs
- mountPath: /data
name: data-act-runner
- name: dind
image: "{{ .Values.actions.statefulset.dind.repository }}:{{ .Values.actions.statefulset.dind.tag }}"
imagePullPolicy: {{ .Values.actions.statefulset.dind.pullPolicy }}
env:
- name: DOCKER_HOST
value: tcp://127.0.0.1:2376
- name: DOCKER_TLS_VERIFY
value: "1"
- name: DOCKER_CERT_PATH
value: /certs/server
{{- if .Values.actions.statefulset.dind.extraEnvs }}
{{- toYaml .Values.actions.statefulset.dind.extraEnvs | nindent 12 }}
{{- end }}
securityContext:
privileged: true
resources:
{{- toYaml .Values.actions.statefulset.resources | nindent 12 }}
volumeMounts:
- mountPath: /certs/server
name: docker-certs
{{- with .Values.actions.statefulset.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.actions.statefulset.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.actions.statefulset.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: act-runner-config
configMap:
name: {{ include "gitea.fullname" . }}-act-runner-config
- name: docker-certs
emptyDir: {}
volumeClaimTemplates:
- metadata:
name: data-act-runner
spec:
accessModes: [ "ReadWriteOnce" ]
{{- include "gitea.persistence.storageClass" . | nindent 8 }}
resources:
requests:
storage: 1Mi
{{- end }}

View File

@ -2,6 +2,7 @@ apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "gitea.fullname" . }}-inline-config name: {{ include "gitea.fullname" . }}-inline-config
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
type: Opaque type: Opaque
@ -12,6 +13,7 @@ apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "gitea.fullname" . }} name: {{ include "gitea.fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
type: Opaque type: Opaque

View File

@ -2,12 +2,16 @@ apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: {{ include "gitea.fullname" . }} name: {{ include "gitea.fullname" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
annotations: annotations:
{{- if .Values.deployment.annotations }} {{- if .Values.deployment.annotations }}
{{- toYaml .Values.deployment.annotations | nindent 4 }} {{- toYaml .Values.deployment.annotations | nindent 4 }}
{{- end }} {{- end }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.deployment.labels }}
{{- toYaml .Values.deployment.labels | nindent 4 }}
{{- end }}
spec: spec:
replicas: {{ .Values.replicaCount }} replicas: {{ .Values.replicaCount }}
strategy: strategy:
@ -240,6 +244,8 @@ spec:
- name: GITEA_ADMIN_PASSWORD - name: GITEA_ADMIN_PASSWORD
value: {{ .Values.gitea.admin.password | quote }} value: {{ .Values.gitea.admin.password | quote }}
{{- end }} {{- end }}
- name: GITEA_ADMIN_PASSWORD_MODE
value: {{ include "gitea.admin.passwordMode" $ }}
{{- if .Values.deployment.env }} {{- if .Values.deployment.env }}
{{- toYaml .Values.deployment.env | nindent 12 }} {{- toYaml .Values.deployment.env | nindent 12 }}
{{- end }} {{- end }}
@ -306,15 +312,15 @@ spec:
{{- end }} {{- end }}
{{- if .Values.gitea.livenessProbe.enabled }} {{- if .Values.gitea.livenessProbe.enabled }}
livenessProbe: livenessProbe:
{{- toYaml (omit .Values.gitea.livenessProbe "enabled") | nindent 12 }} {{- include "gitea.deployment.probe" .Values.gitea.livenessProbe | nindent 12 }}
{{- end }} {{- end }}
{{- if .Values.gitea.readinessProbe.enabled }} {{- if .Values.gitea.readinessProbe.enabled }}
readinessProbe: readinessProbe:
{{- toYaml (omit .Values.gitea.readinessProbe "enabled") | nindent 12 }} {{- include "gitea.deployment.probe" .Values.gitea.readinessProbe | nindent 12 }}
{{- end }} {{- end }}
{{- if .Values.gitea.startupProbe.enabled }} {{- if .Values.gitea.startupProbe.enabled }}
startupProbe: startupProbe:
{{- toYaml (omit .Values.gitea.startupProbe "enabled") | nindent 12 }} {{- include "gitea.deployment.probe" .Values.gitea.startupProbe | nindent 12 }}
{{- end }} {{- end }}
resources: resources:
{{- toYaml .Values.resources | nindent 12 }} {{- toYaml .Values.resources | nindent 12 }}
@ -334,6 +340,9 @@ spec:
subPath: {{ .Values.persistence.subPath }} subPath: {{ .Values.persistence.subPath }}
{{- end }} {{- end }}
{{- include "gitea.container-additional-mounts" . | nindent 12 }} {{- include "gitea.container-additional-mounts" . | nindent 12 }}
{{- if .Values.extraContainers }}
{{- toYaml .Values.extraContainers | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }} {{- with .Values.global.hostAliases }}
hostAliases: hostAliases:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}

View File

@ -7,6 +7,7 @@ apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "gitea.gpg-key-secret-name" . }} name: {{ include "gitea.gpg-key-secret-name" . }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
type: Opaque type: Opaque

View File

@ -2,6 +2,7 @@ apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ include "gitea.fullname" . }}-http name: {{ include "gitea.fullname" . }}-http
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
{{- if .Values.service.http.labels }} {{- if .Values.service.http.labels }}
@ -11,7 +12,11 @@ metadata:
{{- toYaml .Values.service.http.annotations | nindent 4 }} {{- toYaml .Values.service.http.annotations | nindent 4 }}
spec: spec:
type: {{ .Values.service.http.type }} type: {{ .Values.service.http.type }}
{{- if and .Values.service.http.loadBalancerIP (eq .Values.service.http.type "LoadBalancer") }} {{- if eq .Values.service.http.type "LoadBalancer" }}
{{- if .Values.service.http.loadBalancerClass }}
loadBalancerClass: {{ .Values.service.http.loadBalancerClass }}
{{- end }}
{{- if and .Values.service.http.loadBalancerIP }}
loadBalancerIP: {{ .Values.service.http.loadBalancerIP }} loadBalancerIP: {{ .Values.service.http.loadBalancerIP }}
{{- end }} {{- end }}
{{- if .Values.service.http.loadBalancerSourceRanges }} {{- if .Values.service.http.loadBalancerSourceRanges }}
@ -20,6 +25,7 @@ spec:
- {{ . }} - {{ . }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }}
{{- if .Values.service.http.externalIPs }} {{- if .Values.service.http.externalIPs }}
externalIPs: externalIPs:
{{- toYaml .Values.service.http.externalIPs | nindent 4 }} {{- toYaml .Values.service.http.externalIPs | nindent 4 }}

View File

@ -13,6 +13,7 @@ apiVersion: {{ $apiVersion }}
kind: Ingress kind: Ingress
metadata: metadata:
name: {{ $fullName }} name: {{ $fullName }}
namespace: {{ .Values.namespace | default .Release.Namespace }}
labels: labels:
{{- include "gitea.labels" . | nindent 4 }} {{- include "gitea.labels" . | nindent 4 }}
annotations: annotations:
@ -21,7 +22,7 @@ metadata:
{{- end }} {{- end }}
spec: spec:
{{- if .Values.ingress.className }} {{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }} ingressClassName: {{ tpl .Values.ingress.className . }}
{{- end }} {{- end }}
{{- if .Values.ingress.tls }} {{- if .Values.ingress.tls }}
tls: tls:

Some files were not shown because too many files have changed in this diff Show More