Compare commits
23 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 justusbunsi
|
20fca813bc | ||
|
justusbunsi
|
5ec52eaef8 | ||
 justusbunsi
|
2b14bc7e4b | ||
|
Renovate Bot
|
c32c6f929f | ||
|
Renovate Bot
|
e29cd1c289 | ||
|
Karitham
|
a535919025 | ||
|
pat-s
|
4c0b7f83cd | ||
|
pat-s
|
d99b24fd2e | ||
|
pat-s
|
52a779f26c | ||
|
pat-s
|
f34fe9efb9 | ||
|
Renovate Bot
|
5c6cd932fe | ||
|
justusbunsi
|
3265a5ed53 | ||
|
James Harmison
|
1dbf171ad3 | ||
|
pat-s
|
6226e4eaea | ||
|
Renovate Bot
|
6ffc0a3790 | ||
|
pat-s
|
e5ed116dc0 | ||
|
pat-s
|
82f82a45c5 | ||
|
pat-s
|
37b92f265f | ||
|
Renovate Bot
|
1ac39a6f5d | ||
|
Renovate Bot
|
c4168dd029 | ||
|
Renovate Bot
|
4dd17f045b | ||
|
Renovate Bot
|
030322170e | ||
|
Renovate Bot
|
d407eda496 |
@@ -7,7 +7,7 @@ on:
|
||||
|
||||
env:
|
||||
# renovate: datasource=docker depName=alpine/helm
|
||||
HELM_VERSION: "3.15.1"
|
||||
HELM_VERSION: "3.15.3"
|
||||
|
||||
jobs:
|
||||
generate-chart-publish:
|
||||
@@ -49,7 +49,6 @@ jobs:
|
||||
helm plugin install https://github.com/pat-s/helm-gpg
|
||||
helm dependency build
|
||||
helm package --version "${GITHUB_REF#refs/tags/v}" ./
|
||||
helm gpg sign "gitea-${GITHUB_REF#refs/tags/v}.tgz"
|
||||
mkdir gitea
|
||||
mv gitea*.tgz gitea/
|
||||
curl -s -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml
|
||||
|
||||
@@ -16,7 +16,7 @@ env:
|
||||
jobs:
|
||||
check-and-test:
|
||||
runs-on: ubuntu-latest
|
||||
container: alpine/helm:3.15.1
|
||||
container: alpine/helm:3.15.3
|
||||
steps:
|
||||
- name: install tools
|
||||
run: |
|
||||
|
||||
+8
-5
@@ -1,12 +1,15 @@
|
||||
dependencies:
|
||||
- name: postgresql
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 15.5.0
|
||||
version: 15.5.17
|
||||
- name: postgresql-ha
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 14.1.3
|
||||
version: 14.2.12
|
||||
- name: redis-cluster
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 10.2.0
|
||||
digest: sha256:f7feb678e253951354014684cca973ce7656aa8fd812e627534257dad7765069
|
||||
generated: "2024-06-01T00:49:20.470701261Z"
|
||||
version: 10.2.7
|
||||
- name: redis
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 19.6.2
|
||||
digest: sha256:842e8878e2da9cd62c2233f5ebfcdaa05598633a8bc2fa84803006929cf0c3cc
|
||||
generated: "2024-07-20T00:44:58.227558466Z"
|
||||
|
||||
+8
-3
@@ -35,15 +35,20 @@ dependencies:
|
||||
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql
|
||||
- name: postgresql
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 15.5.0
|
||||
version: 15.5.17
|
||||
condition: postgresql.enabled
|
||||
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml
|
||||
- name: postgresql-ha
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 14.1.3
|
||||
version: 14.2.12
|
||||
condition: postgresql-ha.enabled
|
||||
# https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml
|
||||
- name: redis-cluster
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 10.2.0
|
||||
version: 10.2.7
|
||||
condition: redis-cluster.enabled
|
||||
# https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml
|
||||
- name: redis
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 19.6.2
|
||||
condition: redis.enabled
|
||||
|
||||
@@ -9,7 +9,7 @@ readme: prepare-environment
|
||||
|
||||
.PHONY: unittests
|
||||
unittests:
|
||||
helm unittest --strict -f 'unittests/**/*.yaml' -f 'unittests/dependency-major-image-check.yaml' ./
|
||||
helm unittest --strict -f 'unittests/**/*.yaml' -f 'unittests/dependency-major-image-check.yaml' -f 'unittests/values-conflicting-checks.yaml' ./
|
||||
|
||||
.PHONY: helm
|
||||
update-helm-dependencies:
|
||||
|
||||
@@ -50,6 +50,7 @@
|
||||
- [ReadinessProbe](#readinessprobe)
|
||||
- [StartupProbe](#startupprobe)
|
||||
- [redis-cluster](#redis-cluster)
|
||||
- [redis](#redis)
|
||||
- [PostgreSQL HA](#postgresql-ha)
|
||||
- [PostgreSQL](#postgresql)
|
||||
- [Advanced](#advanced)
|
||||
@@ -98,7 +99,8 @@ These dependencies are enabled by default:
|
||||
|
||||
Alternatively, the following non-HA replacements are available:
|
||||
|
||||
- PostgreSQL ([Bitnami PostgreSQL](postgresql](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml)))
|
||||
- PostgreSQL ([Bitnami PostgreSQL](<postgresql](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml)>))
|
||||
- Redis ([Bitnami Redis](<Redis](https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml)>))
|
||||
|
||||
### Dependency Versioning
|
||||
|
||||
@@ -117,6 +119,7 @@ Please double-check the image repository and available tags in the sub-chart:
|
||||
- [PostgreSQL-HA](https://hub.docker.com/r/bitnami/postgresql-repmgr/tags)
|
||||
- [PostgreSQL](https://hub.docker.com/r/bitnami/postgresql/tags)
|
||||
- [Redis Cluster](https://hub.docker.com/r/bitnami/redis-cluster/tags)
|
||||
- [Redis](https://hub.docker.com/r/bitnami/redis/tags)
|
||||
|
||||
and look up the image tag which fits your needs on Dockerhub.
|
||||
|
||||
@@ -244,7 +247,7 @@ External tools such as `redis-cluster` or `memcached` handle these workloads muc
|
||||
|
||||
If HA is not needed/desired, the following configurations can be used to deploy a single-pod Gitea instance.
|
||||
|
||||
1. For a production-ready single-pod Gitea instance without external dependencies (using the chart dependency `postgresql`):
|
||||
1. For a production-ready single-pod Gitea instance without external dependencies (using the chart dependency `postgresql` and `redis`):
|
||||
|
||||
<details>
|
||||
|
||||
@@ -253,6 +256,8 @@ If HA is not needed/desired, the following configurations can be used to deploy
|
||||
```yaml
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: true
|
||||
postgresql:
|
||||
enabled: true
|
||||
postgresql-ha:
|
||||
@@ -265,12 +270,6 @@ If HA is not needed/desired, the following configurations can be used to deploy
|
||||
config:
|
||||
database:
|
||||
DB_TYPE: postgres
|
||||
session:
|
||||
PROVIDER: db
|
||||
cache:
|
||||
ADAPTER: memory
|
||||
queue:
|
||||
TYPE: level
|
||||
indexer:
|
||||
ISSUE_INDEXER_TYPE: bleve
|
||||
REPO_INDEXER_ENABLED: true
|
||||
@@ -290,6 +289,8 @@ If HA is not needed/desired, the following configurations can be used to deploy
|
||||
```yaml
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: false
|
||||
postgresql:
|
||||
enabled: false
|
||||
postgresql-ha:
|
||||
@@ -568,6 +569,20 @@ gitea:
|
||||
existingSecret: gitea-admin-secret
|
||||
```
|
||||
|
||||
Whether you use the existing Secret or specify a user name and password, there are three modes for how the admin user password is created or set.
|
||||
|
||||
- `keepUpdated` (the default) will set the admin user password, and reset it to the defined value every time the pod is recreated.
|
||||
- `initialOnlyNoReset` will set the admin user password when creating it, but never try to update the password.
|
||||
- `initialOnlyRequireReset` will set the admin user password when creating it, never update it, and require that the password be changed at the initial login.
|
||||
|
||||
These modes can be set like the following:
|
||||
|
||||
```yaml
|
||||
gitea:
|
||||
admin:
|
||||
passwordMode: initialOnlyRequireReset
|
||||
```
|
||||
|
||||
### LDAP Settings
|
||||
|
||||
Like the admin user the LDAP settings can be updated.
|
||||
@@ -889,6 +904,7 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
|
||||
| `service.http.loadBalancerSourceRanges` | Source range filter for http loadbalancer | `[]` |
|
||||
| `service.http.annotations` | HTTP service annotations | `{}` |
|
||||
| `service.http.labels` | HTTP service additional labels | `{}` |
|
||||
| `service.http.loadBalancerClass` | Loadbalancer class | `nil` |
|
||||
| `service.ssh.type` | Kubernetes service type for ssh traffic | `ClusterIP` |
|
||||
| `service.ssh.port` | Port number for ssh traffic | `22` |
|
||||
| `service.ssh.clusterIP` | ClusterIP setting for ssh autosetup for deployment is None | `None` |
|
||||
@@ -902,19 +918,20 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
|
||||
| `service.ssh.loadBalancerSourceRanges` | Source range filter for ssh loadbalancer | `[]` |
|
||||
| `service.ssh.annotations` | SSH service annotations | `{}` |
|
||||
| `service.ssh.labels` | SSH service additional labels | `{}` |
|
||||
| `service.ssh.loadBalancerClass` | Loadbalancer class | `nil` |
|
||||
|
||||
### Ingress
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------------------------ | --------------------------------------------------------------------------- | ----------------- |
|
||||
| `ingress.enabled` | Enable ingress | `false` |
|
||||
| `ingress.className` | Ingress class name | `nil` |
|
||||
| `ingress.annotations` | Ingress annotations | `{}` |
|
||||
| `ingress.hosts[0].host` | Default Ingress host | `git.example.com` |
|
||||
| `ingress.hosts[0].paths[0].path` | Default Ingress path | `/` |
|
||||
| `ingress.hosts[0].paths[0].pathType` | Ingress path type | `Prefix` |
|
||||
| `ingress.tls` | Ingress tls settings | `[]` |
|
||||
| `ingress.apiVersion` | Specify APIVersion of ingress object. Mostly would only be used for argocd. | |
|
||||
| Name | Description | Value |
|
||||
| -------------------------- | --------------------------------------------------- | ----------------- |
|
||||
| `ingress.enabled` | Enable ingress | `false` |
|
||||
| `ingress.className` | DEPRECATED: Use `ingress.ingressClassName` instead. | `""` |
|
||||
| `ingress.ingressClassName` | Ingress class name | `""` |
|
||||
| `ingress.pathType` | Ingress Path Type | `Prefix` |
|
||||
| `ingress.annotations` | Ingress annotations | `{}` |
|
||||
| `ingress.hosts[0].host` | Default Ingress host | `git.example.com` |
|
||||
| `ingress.hosts[0].paths` | Default Ingress path | `[]` |
|
||||
| `ingress.tls` | Ingress tls settings | `[]` |
|
||||
|
||||
### deployment
|
||||
|
||||
@@ -984,22 +1001,23 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
|
||||
|
||||
### Gitea
|
||||
|
||||
| Name | Description | Value |
|
||||
| -------------------------------------- | ------------------------------------------------------------------------- | -------------------- |
|
||||
| `gitea.admin.username` | Username for the Gitea admin user | `gitea_admin` |
|
||||
| `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` |
|
||||
| `gitea.admin.password` | Password for the Gitea admin user | `r8sA8CPHD9!bt6d` |
|
||||
| `gitea.admin.email` | Email for the Gitea admin user | `gitea@local.domain` |
|
||||
| `gitea.metrics.enabled` | Enable Gitea metrics | `false` |
|
||||
| `gitea.metrics.serviceMonitor.enabled` | Enable Gitea metrics service monitor | `false` |
|
||||
| `gitea.ldap` | LDAP configuration | `[]` |
|
||||
| `gitea.oauth` | OAuth configuration | `[]` |
|
||||
| `gitea.config.server.SSH_PORT` | SSH port for rootlful Gitea image | `22` |
|
||||
| `gitea.config.server.SSH_LISTEN_PORT` | SSH port for rootless Gitea image | `2222` |
|
||||
| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` |
|
||||
| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` |
|
||||
| `gitea.podAnnotations` | Annotations for the Gitea pod | `{}` |
|
||||
| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Gitea image. | `INFO` |
|
||||
| Name | Description | Value |
|
||||
| -------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -------------------- |
|
||||
| `gitea.admin.username` | Username for the Gitea admin user | `gitea_admin` |
|
||||
| `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` |
|
||||
| `gitea.admin.password` | Password for the Gitea admin user | `r8sA8CPHD9!bt6d` |
|
||||
| `gitea.admin.email` | Email for the Gitea admin user | `gitea@local.domain` |
|
||||
| `gitea.admin.passwordMode` | Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated | `keepUpdated` |
|
||||
| `gitea.metrics.enabled` | Enable Gitea metrics | `false` |
|
||||
| `gitea.metrics.serviceMonitor.enabled` | Enable Gitea metrics service monitor | `false` |
|
||||
| `gitea.ldap` | LDAP configuration | `[]` |
|
||||
| `gitea.oauth` | OAuth configuration | `[]` |
|
||||
| `gitea.config.server.SSH_PORT` | SSH port for rootlful Gitea image | `22` |
|
||||
| `gitea.config.server.SSH_LISTEN_PORT` | SSH port for rootless Gitea image | `2222` |
|
||||
| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` |
|
||||
| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` |
|
||||
| `gitea.podAnnotations` | Annotations for the Gitea pod | `{}` |
|
||||
| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Gitea image. | `INFO` |
|
||||
|
||||
### LivenessProbe
|
||||
|
||||
@@ -1039,13 +1057,26 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
|
||||
|
||||
### redis-cluster
|
||||
|
||||
Redis cluster and [Redis](#redis) cannot be enabled at the same time.
|
||||
|
||||
| Name | Description | Value |
|
||||
| -------------------------------- | -------------------------------------------- | ------- |
|
||||
| `redis-cluster.enabled` | Enable redis | `true` |
|
||||
| `redis-cluster.enabled` | Enable redis cluster | `true` |
|
||||
| `redis-cluster.usePassword` | Whether to use password authentication | `false` |
|
||||
| `redis-cluster.cluster.nodes` | Number of redis cluster master nodes | `3` |
|
||||
| `redis-cluster.cluster.replicas` | Number of redis cluster master node replicas | `0` |
|
||||
|
||||
### redis
|
||||
|
||||
Redis and [Redis cluster](#redis-cluster) cannot be enabled at the same time.
|
||||
|
||||
| Name | Description | Value |
|
||||
| ----------------------------- | ------------------------------------------ | ------------ |
|
||||
| `redis.enabled` | Enable redis standalone or replicated | `false` |
|
||||
| `redis.architecture` | Whether to use standalone or replication | `standalone` |
|
||||
| `redis.global.redis.password` | Required password | `changeme` |
|
||||
| `redis.master.count` | Number of Redis master instances to deploy | `1` |
|
||||
|
||||
### PostgreSQL HA
|
||||
|
||||
| Name | Description | Value |
|
||||
|
||||
+44
-2
@@ -113,20 +113,28 @@ app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "redis.dns" -}}
|
||||
{{- if (index .Values "redis-cluster").enabled -}}
|
||||
{{- if and ((index .Values "redis-cluster").enabled) ((index .Values "redis").enabled) -}}
|
||||
{{- fail "redis and redis-cluster cannot be enabled at the same time. Please only choose one." -}}
|
||||
{{- else if (index .Values "redis-cluster").enabled -}}
|
||||
{{- printf "redis+cluster://:%s@%s-redis-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis-cluster").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis-cluster").service.ports.redis -}}
|
||||
{{- else if (index .Values "redis").enabled -}}
|
||||
{{- printf "redis://:%s@%s-redis-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis").master.service.ports.redis -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "redis.port" -}}
|
||||
{{- if (index .Values "redis-cluster").enabled -}}
|
||||
{{ (index .Values "redis-cluster").service.ports.redis }}
|
||||
{{- else if (index .Values "redis").enabled -}}
|
||||
{{ (index .Values "redis").master.service.ports.redis }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "redis.servicename" -}}
|
||||
{{- if (index .Values "redis-cluster").enabled -}}
|
||||
{{- printf "%s-redis-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
|
||||
{{- else if (index .Values "redis").enabled -}}
|
||||
{{- printf "%s-redis-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
@@ -271,7 +279,7 @@ https
|
||||
{{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}}
|
||||
{{- end -}}
|
||||
{{- /* redis queue */ -}}
|
||||
{{- if (index .Values "redis-cluster").enabled -}}
|
||||
{{- if or ((index .Values "redis-cluster").enabled) ((index .Values "redis").enabled) -}}
|
||||
{{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}}
|
||||
{{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "redis.dns" .) -}}
|
||||
{{- $_ := set .Values.gitea.config.session "PROVIDER" "redis" -}}
|
||||
@@ -392,3 +400,37 @@ https
|
||||
{{- define "gitea.serviceAccountName" -}}
|
||||
{{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "ingress.annotations" -}}
|
||||
{{- if .Values.ingress.annotations }}
|
||||
annotations:
|
||||
{{- $tp := typeOf .Values.ingress.annotations }}
|
||||
{{- if eq $tp "string" }}
|
||||
{{- tpl .Values.ingress.annotations . | nindent 4 }}
|
||||
{{- else }}
|
||||
{{- toYaml .Values.ingress.annotations | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "ingress.ingressClassName" -}}
|
||||
{{- if ne .Values.ingress.className "" -}}
|
||||
# WARNING: 'ingress.className' is deprecated and will be removed in a future release. Use 'ingress.ingressClassName' instead."
|
||||
{{ end -}}
|
||||
{{- if and (ne .Values.ingress.className "" ) (ne .Values.ingress.ingressClassName "") -}}
|
||||
{{- fail "ingress.ingressClassName and ingress.className cannot be defined at the same time. Please only choose one." -}}
|
||||
{{- end -}}
|
||||
{{- if ne .Values.ingress.className "" -}}
|
||||
ingressClassName: {{ tpl .Values.ingress.className . }}
|
||||
{{- else if ne .Values.ingress.ingressClassName "" -}}
|
||||
ingressClassName: {{ tpl .Values.ingress.ingressClassName . }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.admin.passwordMode" -}}
|
||||
{{- if has .Values.gitea.admin.passwordMode (tuple "keepUpdated" "initialOnlyNoReset" "initialOnlyRequireReset") -}}
|
||||
{{ .Values.gitea.admin.passwordMode }}
|
||||
{{- else -}}
|
||||
{{ printf "gitea.admin.passwordMode must be set to one of 'keepUpdated', 'initialOnlyNoReset', or 'initialOnlyRequireReset'. Received: '%s'" .Values.gitea.admin.passwordMode | fail }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
@@ -243,6 +243,8 @@ spec:
|
||||
- name: GITEA_ADMIN_PASSWORD
|
||||
value: {{ .Values.gitea.admin.password | quote }}
|
||||
{{- end }}
|
||||
- name: GITEA_ADMIN_PASSWORD_MODE
|
||||
value: {{ include "gitea.admin.passwordMode" $ }}
|
||||
{{- if .Values.deployment.env }}
|
||||
{{- toYaml .Values.deployment.env | nindent 12 }}
|
||||
{{- end }}
|
||||
|
||||
@@ -11,7 +11,11 @@ metadata:
|
||||
{{- toYaml .Values.service.http.annotations | nindent 4 }}
|
||||
spec:
|
||||
type: {{ .Values.service.http.type }}
|
||||
{{- if and .Values.service.http.loadBalancerIP (eq .Values.service.http.type "LoadBalancer") }}
|
||||
{{- if eq .Values.service.http.type "LoadBalancer" }}
|
||||
{{- if .Values.service.http.loadBalancerClass }}
|
||||
loadBalancerClass: {{ .Values.service.http.loadBalancerClass }}
|
||||
{{- end }}
|
||||
{{- if and .Values.service.http.loadBalancerIP }}
|
||||
loadBalancerIP: {{ .Values.service.http.loadBalancerIP }}
|
||||
{{- end }}
|
||||
{{- if .Values.service.http.loadBalancerSourceRanges }}
|
||||
@@ -20,6 +24,7 @@ spec:
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.service.http.externalIPs }}
|
||||
externalIPs:
|
||||
{{- toYaml .Values.service.http.externalIPs | nindent 4 }}
|
||||
|
||||
@@ -1,28 +1,16 @@
|
||||
{{- if .Values.ingress.enabled -}}
|
||||
{{- $fullName := include "gitea.fullname" . -}}
|
||||
{{- $httpPort := .Values.service.http.port -}}
|
||||
{{- $apiVersion := "extensions/v1beta1" -}}
|
||||
{{- if .Values.ingress.apiVersion -}}
|
||||
{{- $apiVersion = .Values.ingress.apiVersion -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}}
|
||||
{{- $apiVersion = "networking.k8s.io/v1" }}
|
||||
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress" -}}
|
||||
{{- $apiVersion = "networking.k8s.io/v1beta1" }}
|
||||
{{- end }}
|
||||
apiVersion: {{ $apiVersion }}
|
||||
{{- $pathType := .Values.ingress.pathType -}}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $fullName }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.ingress.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- template "ingress.annotations" . }}
|
||||
spec:
|
||||
{{- if .Values.ingress.className }}
|
||||
ingressClassName: {{ tpl .Values.ingress.className . }}
|
||||
{{- end }}
|
||||
{{- include "ingress.ingressClassName" . | nindent 2 }}
|
||||
{{- if .Values.ingress.tls }}
|
||||
tls:
|
||||
{{- range .Values.ingress.tls }}
|
||||
@@ -38,21 +26,14 @@ spec:
|
||||
- host: {{ tpl .host $ | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- range .paths }}
|
||||
- path: {{ .path }}
|
||||
{{- if and .pathType (eq $apiVersion "networking.k8s.io/v1") }}
|
||||
pathType: {{ .pathType }}
|
||||
{{- end }}
|
||||
{{- range (.paths | default (list "/")) }}
|
||||
- path: {{ . }}
|
||||
pathType: {{ $pathType }}
|
||||
backend:
|
||||
{{- if eq $apiVersion "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $fullName }}-http
|
||||
port:
|
||||
number: {{ $httpPort }}
|
||||
{{- else }}
|
||||
serviceName: {{ $fullName }}-http
|
||||
servicePort: {{ $httpPort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -109,13 +109,33 @@ stringData:
|
||||
|
||||
local ACCOUNT_ID=$(echo "${actual_user_table}" | grep -E "\s+${GITEA_ADMIN_USERNAME}\s+" | awk -F " " "{printf \$1}")
|
||||
if [[ -z "${ACCOUNT_ID}" ]]; then
|
||||
local -a create_args
|
||||
create_args=(--admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }})
|
||||
if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = initialOnlyRequireReset ]]; then
|
||||
create_args+=(--must-change-password=true)
|
||||
else
|
||||
create_args+=(--must-change-password=false)
|
||||
fi
|
||||
echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..."
|
||||
gitea admin user create --admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }} --must-change-password=false
|
||||
gitea admin user create "${create_args[@]}"
|
||||
echo '...created.'
|
||||
else
|
||||
echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..."
|
||||
gitea admin user change-password --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}"
|
||||
echo '...password sync done.'
|
||||
if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = keepUpdated ]]; then
|
||||
echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..."
|
||||
# See https://gitea.com/gitea/helm-chart/issues/673
|
||||
# --must-change-password argument was added to change-password, defaulting to true, counter to the previous behavior
|
||||
# which acted as if it were provided with =false. If the argument is present in this version of gitea, then we
|
||||
# should add it to prevent requiring frequent admin password resets.
|
||||
local -a change_args
|
||||
change_args=(--username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}")
|
||||
if gitea admin user change-password --help | grep -qF -- '--must-change-password'; then
|
||||
change_args+=(--must-change-password=false)
|
||||
fi
|
||||
gitea admin user change-password "${change_args[@]}"
|
||||
echo '...password sync done.'
|
||||
else
|
||||
echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist, but update mode is set to '${GITEA_ADMIN_PASSWORD_MODE}'. Skipping."
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
@@ -12,6 +12,9 @@ metadata:
|
||||
spec:
|
||||
type: {{ .Values.service.ssh.type }}
|
||||
{{- if eq .Values.service.ssh.type "LoadBalancer" }}
|
||||
{{- if .Values.service.ssh.loadBalancerClass }}
|
||||
loadBalancerClass: {{ .Values.service.ssh.loadBalancerClass }}
|
||||
{{- end }}
|
||||
{{- if .Values.service.ssh.loadBalancerIP }}
|
||||
loadBalancerIP: {{ .Values.service.ssh.loadBalancerIP }}
|
||||
{{- end -}}
|
||||
|
||||
@@ -8,6 +8,8 @@ tests:
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: true
|
||||
redis:
|
||||
enabled: false
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
@@ -16,11 +18,28 @@ tests:
|
||||
ADAPTER=redis
|
||||
HOST=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
|
||||
|
||||
- it: "cache is configured correctly for 'memory' when redis-cluster is disabled"
|
||||
- it: "cache is configured correctly for redis"
|
||||
template: templates/gitea/config.yaml
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: true
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
path: stringData.cache
|
||||
value: |-
|
||||
ADAPTER=redis
|
||||
HOST=redis://:changeme@gitea-unittests-redis-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
|
||||
|
||||
- it: "cache is configured correctly for 'memory' when redis (or redis-cluster) is disabled"
|
||||
template: templates/gitea/config.yaml
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: false
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
@@ -29,11 +48,13 @@ tests:
|
||||
ADAPTER=memory
|
||||
HOST=
|
||||
|
||||
- it: "cache can be customized when redis-cluster is disabled"
|
||||
- it: "cache can be customized when redis (or redis-cluster) is disabled"
|
||||
template: templates/gitea/config.yaml
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: false
|
||||
gitea.config.cache.ADAPTER: custom-adapter
|
||||
gitea.config.cache.HOST: custom-host
|
||||
asserts:
|
||||
|
||||
@@ -8,6 +8,8 @@ tests:
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: true
|
||||
redis:
|
||||
enabled: false
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
@@ -16,11 +18,28 @@ tests:
|
||||
CONN_STR=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
|
||||
TYPE=redis
|
||||
|
||||
- it: "queue is configured correctly for 'levelDB' when redis-cluster is disabled"
|
||||
- it: "queue is configured correctly for redis"
|
||||
template: templates/gitea/config.yaml
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: true
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
path: stringData.queue
|
||||
value: |-
|
||||
CONN_STR=redis://:changeme@gitea-unittests-redis-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
|
||||
TYPE=redis
|
||||
|
||||
- it: "queue is configured correctly for 'levelDB' when redis (and redis-cluster) is disabled"
|
||||
template: templates/gitea/config.yaml
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: false
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
@@ -29,11 +48,13 @@ tests:
|
||||
CONN_STR=
|
||||
TYPE=level
|
||||
|
||||
- it: "queue can be customized when redis-cluster is disabled"
|
||||
- it: "queue can be customized when redis (and redis-cluster) are disabled"
|
||||
template: templates/gitea/config.yaml
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: false
|
||||
gitea.config.queue.TYPE: custom-type
|
||||
gitea.config.queue.CONN_STR: custom-connection-string
|
||||
asserts:
|
||||
|
||||
@@ -8,6 +8,8 @@ tests:
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: true
|
||||
redis:
|
||||
enabled: false
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
@@ -16,11 +18,28 @@ tests:
|
||||
PROVIDER=redis
|
||||
PROVIDER_CONFIG=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
|
||||
|
||||
- it: "session is configured correctly for 'memory' when redis-cluster is disabled"
|
||||
- it: "session is configured correctly for redis"
|
||||
template: templates/gitea/config.yaml
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: true
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
path: stringData.session
|
||||
value: |-
|
||||
PROVIDER=redis
|
||||
PROVIDER_CONFIG=redis://:changeme@gitea-unittests-redis-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
|
||||
|
||||
- it: "session is configured correctly for 'memory' when redis (and redis-cluster) is disabled"
|
||||
template: templates/gitea/config.yaml
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: false
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
equal:
|
||||
@@ -29,11 +48,13 @@ tests:
|
||||
PROVIDER=memory
|
||||
PROVIDER_CONFIG=
|
||||
|
||||
- it: "session can be customized when redis-cluster is disabled"
|
||||
- it: "session can be customized when redis (and redis-cluster) is disabled"
|
||||
template: templates/gitea/config.yaml
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: false
|
||||
gitea.config.session.PROVIDER: custom-provider
|
||||
gitea.config.session.PROVIDER_CONFIG: custom-provider-config
|
||||
asserts:
|
||||
|
||||
@@ -34,9 +34,24 @@ tests:
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: true
|
||||
redis:
|
||||
enabled: false
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
matchRegex:
|
||||
path: spec.template.spec.containers[0].image
|
||||
# IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST
|
||||
pattern: bitnami/redis-cluster:7.+$
|
||||
- it: "[redis] ensures we detect major image version upgrades"
|
||||
template: charts/redis/templates/master/application.yaml
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: false
|
||||
redis:
|
||||
enabled: true
|
||||
asserts:
|
||||
- documentIndex: 0
|
||||
matchRegex:
|
||||
path: spec.template.spec.containers[0].image
|
||||
# IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST
|
||||
pattern: bitnami/redis:7.+$
|
||||
|
||||
@@ -49,3 +49,70 @@ tests:
|
||||
asserts:
|
||||
- exists:
|
||||
path: metadata.labels["app"]
|
||||
|
||||
- it: render service.ssh.loadBalancerClass if set and type is LoadBalancer
|
||||
template: templates/gitea/ssh-svc.yaml
|
||||
set:
|
||||
service:
|
||||
ssh:
|
||||
loadBalancerClass: "example.com/class"
|
||||
type: LoadBalancer
|
||||
loadBalancerIP: "1.2.3.4"
|
||||
loadBalancerSourceRanges:
|
||||
- "1.2.3.4/32"
|
||||
- "5.6.7.8/32"
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.loadBalancerClass
|
||||
value: "example.com/class"
|
||||
- equal:
|
||||
path: spec.loadBalancerIP
|
||||
value: "1.2.3.4"
|
||||
- equal:
|
||||
path: spec.loadBalancerSourceRanges
|
||||
value: ["1.2.3.4/32", "5.6.7.8/32"]
|
||||
|
||||
- it: does not render when loadbalancer properties are set but type is not loadBalancerClass
|
||||
template: templates/gitea/http-svc.yaml
|
||||
set:
|
||||
service:
|
||||
http:
|
||||
type: ClusterIP
|
||||
loadBalancerClass: "example.com/class"
|
||||
loadBalancerIP: "1.2.3.4"
|
||||
loadBalancerSourceRanges:
|
||||
- "1.2.3.4/32"
|
||||
- "5.6.7.8/32"
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.loadBalancerClass
|
||||
- notExists:
|
||||
path: spec.loadBalancerIP
|
||||
- notExists:
|
||||
path: spec.loadBalancerSourceRanges
|
||||
|
||||
- it: does not render loadBalancerClass by default even when type is LoadBalancer
|
||||
template: templates/gitea/http-svc.yaml
|
||||
set:
|
||||
service:
|
||||
http:
|
||||
type: LoadBalancer
|
||||
loadBalancerIP: "1.2.3.4"
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.loadBalancerClass
|
||||
- equal:
|
||||
path: spec.loadBalancerIP
|
||||
value: "1.2.3.4"
|
||||
|
||||
- it: both ssh and http services exist
|
||||
templates:
|
||||
- templates/gitea/ssh-svc.yaml
|
||||
- templates/gitea/http-svc.yaml
|
||||
asserts:
|
||||
- matchRegex:
|
||||
path: metadata.name
|
||||
pattern: "^gitea-unittests-(?:ssh|http)$"
|
||||
- matchRegex:
|
||||
path: spec.ports[0].name
|
||||
pattern: "^(?:ssh|http)$"
|
||||
|
||||
@@ -0,0 +1,93 @@
|
||||
suite: Test ingress.yaml
|
||||
templates:
|
||||
- templates/gitea/ingress.yaml
|
||||
tests:
|
||||
- it: should enable ingress when ingress.enabled is true
|
||||
set:
|
||||
ingress.enabled: true
|
||||
ingress.apiVersion: networking.k8s.io/v1
|
||||
ingress.annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
ingress.className: nginx
|
||||
ingress.tls:
|
||||
- hosts:
|
||||
- example.com
|
||||
secretName: tls-secret
|
||||
ingress.hosts:
|
||||
- host: example.com
|
||||
paths: ["/"]
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-gitea
|
||||
- matchRegex:
|
||||
path: apiVersion
|
||||
pattern: networking.k8s.io/v1
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: nginx
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "example.com"
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "example.com"
|
||||
- equal:
|
||||
path: spec.tls[0].secretName
|
||||
value: tls-secret
|
||||
- equal:
|
||||
path: metadata.annotations["kubernetes.io/ingress.class"]
|
||||
value: nginx
|
||||
|
||||
- it: should not create ingress when ingress.enabled is false
|
||||
set:
|
||||
ingress.enabled: false
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: Ingress Class using TPL
|
||||
set:
|
||||
global.ingress.className: "ingress-class"
|
||||
ingress.ingressClassName: "{{ .Values.global.ingress.className }}"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "some-host"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "some-host"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "some-host"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "some-host"
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: "ingress-class"
|
||||
|
||||
- it: hostname using TPL
|
||||
set:
|
||||
global.giteaHostName: "gitea.example.com"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "{{ .Values.global.giteaHostName }}"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "gitea.example.com"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "gitea.example.com"
|
||||
@@ -0,0 +1,34 @@
|
||||
suite: Test ingress.yaml
|
||||
templates:
|
||||
- templates/gitea/ingress.yaml
|
||||
tests:
|
||||
- it: should fail when both ingress.className and ingress.ingressClassName are defined
|
||||
template: templates/gitea/ingress.yaml
|
||||
set:
|
||||
ingress:
|
||||
enabled: true
|
||||
className: ingress-class
|
||||
ingressClassName: ingress-class
|
||||
asserts:
|
||||
- failedTemplate:
|
||||
errorMessage: "ingress.ingressClassName and ingress.className cannot be defined at the same time. Please only choose one."
|
||||
|
||||
- it: should succeed when only ingress.className is defined
|
||||
template: templates/gitea/ingress.yaml
|
||||
set:
|
||||
ingress.enabled: true
|
||||
ingress.className: "ingress-class"
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: ingress-class
|
||||
|
||||
- it: should succeed when only ingress.ingressClassName is defined
|
||||
template: templates/gitea/ingress.yaml
|
||||
set:
|
||||
ingress.enabled: true
|
||||
ingress.ingressClassName: "ingress-class"
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: ingress-class
|
||||
+20
-22
@@ -1,28 +1,7 @@
|
||||
suite: ingress template
|
||||
release:
|
||||
name: gitea-unittests
|
||||
namespace: testing
|
||||
suite: Test ingress tpl use
|
||||
templates:
|
||||
- templates/gitea/ingress.yaml
|
||||
tests:
|
||||
- it: hostname using TPL
|
||||
set:
|
||||
global.giteaHostName: "gitea.example.com"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "{{ .Values.global.giteaHostName }}"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "gitea.example.com"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "gitea.example.com"
|
||||
- it: Ingress Class using TPL
|
||||
set:
|
||||
global.ingress.className: "ingress-class"
|
||||
@@ -45,3 +24,22 @@ tests:
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: "ingress-class"
|
||||
|
||||
- it: hostname using TPL
|
||||
set:
|
||||
global.giteaHostName: "gitea.example.com"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "{{ .Values.global.giteaHostName }}"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "gitea.example.com"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "gitea.example.com"
|
||||
@@ -0,0 +1,14 @@
|
||||
suite: Values conflicting checks
|
||||
release:
|
||||
name: gitea-unittests
|
||||
namespace: testing
|
||||
tests:
|
||||
- it: fails when trying to configure redis and redis-cluster the same time
|
||||
set:
|
||||
redis-cluster:
|
||||
enabled: true
|
||||
redis:
|
||||
enabled: true
|
||||
asserts:
|
||||
- failedTemplate:
|
||||
errorMessage: redis and redis-cluster cannot be enabled at the same time. Please only choose one.
|
||||
+38
-17
@@ -107,6 +107,7 @@ service:
|
||||
## @param service.http.loadBalancerSourceRanges Source range filter for http loadbalancer
|
||||
## @param service.http.annotations HTTP service annotations
|
||||
## @param service.http.labels HTTP service additional labels
|
||||
## @param service.http.loadBalancerClass Loadbalancer class
|
||||
http:
|
||||
type: ClusterIP
|
||||
port: 3000
|
||||
@@ -120,6 +121,7 @@ service:
|
||||
loadBalancerSourceRanges: []
|
||||
annotations: {}
|
||||
labels: {}
|
||||
loadBalancerClass:
|
||||
## @param service.ssh.type Kubernetes service type for ssh traffic
|
||||
## @param service.ssh.port Port number for ssh traffic
|
||||
## @param service.ssh.clusterIP ClusterIP setting for ssh autosetup for deployment is None
|
||||
@@ -133,6 +135,7 @@ service:
|
||||
## @param service.ssh.loadBalancerSourceRanges Source range filter for ssh loadbalancer
|
||||
## @param service.ssh.annotations SSH service annotations
|
||||
## @param service.ssh.labels SSH service additional labels
|
||||
## @param service.ssh.loadBalancerClass Loadbalancer class
|
||||
ssh:
|
||||
type: ClusterIP
|
||||
port: 22
|
||||
@@ -147,36 +150,32 @@ service:
|
||||
loadBalancerSourceRanges: []
|
||||
annotations: {}
|
||||
labels: {}
|
||||
loadBalancerClass:
|
||||
|
||||
## @section Ingress
|
||||
## @param ingress.enabled Enable ingress
|
||||
## @param ingress.className Ingress class name
|
||||
## @param ingress.className DEPRECATED: Use `ingress.ingressClassName` instead.
|
||||
## @param ingress.ingressClassName Ingress class name
|
||||
## @param ingress.pathType Ingress Path Type
|
||||
## @param ingress.annotations Ingress annotations
|
||||
## @param ingress.hosts[0].host Default Ingress host
|
||||
## @param ingress.hosts[0].paths[0].path Default Ingress path
|
||||
## @param ingress.hosts[0].paths[0].pathType Ingress path type
|
||||
## @param ingress.hosts[0].paths Default Ingress path
|
||||
## @param ingress.tls Ingress tls settings
|
||||
## @extra ingress.apiVersion Specify APIVersion of ingress object. Mostly would only be used for argocd.
|
||||
ingress:
|
||||
enabled: false
|
||||
# className: nginx
|
||||
className:
|
||||
annotations:
|
||||
{}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
# DEPRECATED: Use `ingress.ingressClassName` instead.
|
||||
className: ""
|
||||
ingressClassName: ""
|
||||
pathType: Prefix
|
||||
annotations: {}
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: git.example.com
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
paths: []
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - git.example.com
|
||||
# Mostly for argocd or any other CI that uses `helm template | kubectl apply` or similar
|
||||
# If helm doesn't correctly detect your ingress API version you can set it here.
|
||||
# apiVersion: networking.k8s.io/v1
|
||||
|
||||
## @section deployment
|
||||
#
|
||||
@@ -342,12 +341,14 @@ gitea:
|
||||
## @param gitea.admin.existingSecret Use an existing secret to store admin user credentials
|
||||
## @param gitea.admin.password Password for the Gitea admin user
|
||||
## @param gitea.admin.email Email for the Gitea admin user
|
||||
## @param gitea.admin.passwordMode Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated
|
||||
admin:
|
||||
# existingSecret: gitea-admin-secret
|
||||
existingSecret:
|
||||
username: gitea_admin
|
||||
password: r8sA8CPHD9!bt6d
|
||||
email: "gitea@local.domain"
|
||||
passwordMode: keepUpdated
|
||||
|
||||
## @param gitea.metrics.enabled Enable Gitea metrics
|
||||
## @param gitea.metrics.serviceMonitor.enabled Enable Gitea metrics service monitor
|
||||
@@ -481,10 +482,13 @@ gitea:
|
||||
failureThreshold: 10
|
||||
|
||||
## @section redis-cluster
|
||||
## @param redis-cluster.enabled Enable redis
|
||||
## @param redis-cluster.enabled Enable redis cluster
|
||||
## @param redis-cluster.usePassword Whether to use password authentication
|
||||
## @param redis-cluster.cluster.nodes Number of redis cluster master nodes
|
||||
## @param redis-cluster.cluster.replicas Number of redis cluster master node replicas
|
||||
## @descriptionStart
|
||||
## Redis cluster and [Redis](#redis) cannot be enabled at the same time.
|
||||
## @descriptionEnd
|
||||
redis-cluster:
|
||||
enabled: true
|
||||
usePassword: false
|
||||
@@ -492,6 +496,23 @@ redis-cluster:
|
||||
nodes: 3 # default: 6
|
||||
replicas: 0 # default: 1
|
||||
|
||||
## @section redis
|
||||
## @param redis.enabled Enable redis standalone or replicated
|
||||
## @param redis.architecture Whether to use standalone or replication
|
||||
## @param redis.global.redis.password Required password
|
||||
## @param redis.master.count Number of Redis master instances to deploy
|
||||
## @descriptionStart
|
||||
## Redis and [Redis cluster](#redis-cluster) cannot be enabled at the same time.
|
||||
## @descriptionEnd
|
||||
redis:
|
||||
enabled: false
|
||||
architecture: standalone
|
||||
global:
|
||||
redis:
|
||||
password: changeme
|
||||
master:
|
||||
count: 1
|
||||
|
||||
## @section PostgreSQL HA
|
||||
#
|
||||
## @param postgresql-ha.enabled Enable PostgreSQL HA
|
||||
|
||||
Reference in New Issue
Block a user