debug

2023-07-19 23:26:49 +02:00
44 changed files with 295 additions and 1717 deletions
@@ -5,37 +5,24 @@ on:
    tags:
      - "*"

-env:
-  # renovate: datasource=docker depName=alpine/helm
-  HELM_VERSION: "3.15.2"
-
 jobs:
  generate-chart-publish:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
      - name: install tools
        run: |
          apt update -y
-          apt install -y curl ca-certificates curl gnupg
-          # helm
-          curl -O https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
-          tar -xzf helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
-          mv linux-amd64/helm /usr/local/bin/
-          rm -rf linux-amd64 helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
-          helm version
-          # docker
-          install -m 0755 -d /etc/apt/keyrings
-          curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
-          chmod a+r /etc/apt/keyrings/docker.gpg
-          echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
+          apt install -y curl
+          curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | tee /usr/share/keyrings/helm.gpg > /dev/null
+          echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | tee /etc/apt/sources.list.d/helm-stable-debian.list
          apt update -y
-          apt install -y python3 python3-pip apt-transport-https docker-ce-cli
+          apt install -y python helm python3-pip apt-transport-https
          pip install awscli

      - name: Import GPG key
        id: import_gpg
-        uses: https://github.com/crazy-max/ghaction-import-gpg@v6
+        uses: https://github.com/crazy-max/ghaction-import-gpg@v5
        with:
          gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
          passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
@@ -44,22 +31,18 @@ jobs:
      # Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
      - name: package chart
        run: |
-          echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin
          # FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
          helm plugin install https://github.com/pat-s/helm-gpg
-          helm dependency build
+          helm dependency update
          helm package --version "${GITHUB_REF#refs/tags/v}" ./
+          helm gpg sign "gitea-${GITHUB_REF#refs/tags/v}.tgz"
          mkdir gitea
          mv gitea*.tgz gitea/
-          curl -s -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml
-          helm repo index gitea/ --url https://dl.gitea.com/charts --merge gitea/index.yaml
-          # push to dockerhub
-          echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin
-          helm push gitea/gitea-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts
-          helm registry logout registry-1.docker.io
+          curl -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml
+          helm repo index gitea/ --url https://dl.gitea.io/charts --merge gitea/index.yaml

      - name: aws credential configure
-        uses: https://github.com/aws-actions/configure-aws-credentials@v4
+        uses: https://github.com/aws-actions/configure-aws-credentials@v2
        with:
          aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -1,37 +1,32 @@
 name: check-and-test

 on:
-  pull_request:
-    branches:
-      - "*"
-  push:
-    branches:
-      - main
-      - "renovate/**"
-
-env:
-  # renovate: datasource=github-releases depName=helm-unittest/helm-unittest
-  HELM_UNITTEST_VERSION: "v0.5.1"
+  - pull_request

 jobs:
  check-and-test:
    runs-on: ubuntu-latest
-    container: alpine/helm:3.15.2
    steps:
+      - uses: actions/checkout@v3
      - name: install tools
        run: |
-          apk update
-          apk add --update make nodejs npm yamllint
-      - uses: actions/checkout@v4
-      - name: install chart dependencies
-        run: helm dependency build
+          apt update -y
+          apt install -y curl make
+          curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | tee /usr/share/keyrings/helm.gpg > /dev/null
+          echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | tee /etc/apt/sources.list.d/helm-stable-debian.list
+          apt update -y
+          apt install -y helm python3-pip
+          pip install yamllint
+      - name: dependency update
+        run: helm dependency update
      - name: lint
        run: helm lint
      - name: template
-        run: helm template --debug gitea-helm .
+        run: |
+          helm template --debug gitea-helm .
      - name: unit tests
        run: |
-          helm plugin install --version ${{ env.HELM_UNITTEST_VERSION }} https://github.com/helm-unittest/helm-unittest
+          helm plugin install --version 0.3.3 https://github.com/helm-unittest/helm-unittest
          make unittests
      - name: verify readme
        run: |
@@ -73,7 +73,7 @@ MD022:
 # MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content
 MD024:
  # Only check sibling headings
-  siblings_only: true
+  allow_different_nesting: true

 # MD025/single-title/single-h1 - Multiple top-level headings in the same document
 MD025:
@@ -1,8 +0,0 @@
-{
-    "recommendations": [
-        "yzhang.markdown-all-in-one",
-        "DavidAnson.vscode-markdownlint",
-        "Tim-Koehler.helm-intellisense",
-        "esbenp.prettier-vscode"
-    ]
-  }
@@ -1,8 +0,0 @@
-{
-    "yaml.schemas": {
-        "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.5.1/schema/helm-testsuite.json": [
-            "/unittests/**/*.yaml"
-        ]
-    },
-    "yaml.schemaStore.enable": true
-}
@@ -1 +0,0 @@
-* @justusbunsi @pat-s
@@ -9,7 +9,12 @@ refactorings for easier maintainability or documentation improvements.
 - [`helm`](https://helm.sh/docs/intro/install/)
 - `make` is optional; you may call the commands directly

-When using Visual Studio Code as IDE, a [ready-to-use profile](.vscode/) is available.
+When using Visual Studio Code as IDE, following plugins might be useful:
+
+- [Markdown All in One](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)
+- [markdownlint](https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint)
+- [Helm Intellisense](https://marketplace.visualstudio.com/items?itemName=Tim-Koehler.helm-intellisense)
+- [Prettier - Code formatter](https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode)

 ## Documentation Requirements

@@ -56,7 +61,7 @@ $ helm plugin install https://github.com/helm-unittest/helm-unittest
 make unittests
 ```

-See [plugin documentation](https://github.com/helm-unittest/helm-unittest/blob/main/DOCUMENT.md) for usage instructions.
+See [plugin documentation](https://github.com/helm-unittest/helm-unittest/blob/v0.3.3/DOCUMENT.md) for usage instructions.

 ## Release process

@@ -1,15 +1,12 @@
 dependencies:
 - name: postgresql
  repository: oci://registry-1.docker.io/bitnamicharts
-  version: 15.5.14
+  version: 12.6.6
 - name: postgresql-ha
  repository: oci://registry-1.docker.io/bitnamicharts
-  version: 14.2.11
+  version: 11.7.9
 - name: redis-cluster
  repository: oci://registry-1.docker.io/bitnamicharts
-  version: 10.2.6
- name: redis
-  repository: oci://registry-1.docker.io/bitnamicharts
-  version: 19.6.1
-digest: sha256:b67d5866d0e5c17ae77d617f11d0c598c93b90dd4703684799f6a77282d8d96d
-generated: "2024-07-07T11:54:30.9528697+02:00"
+  version: 8.6.9
+digest: sha256:52296a48610712a8eb69a32b1b5818b014bfb8dac79d883e11ebdaf97d41e85d
+generated: "2023-07-17T21:24:06.888357+02:00"
@@ -3,8 +3,8 @@ name: gitea
 description: Gitea Helm chart for Kubernetes
 type: application
 version: 0.0.0
-appVersion: 1.22.0
-icon: https://gitea.com/assets/img/logo.svg
+appVersion: 1.20.0
+icon: https://docs.gitea.io/images/gitea.png

 keywords:
  - git
@@ -31,24 +31,20 @@ maintainers:
  - name: Patrick Schratz
    email: patrick.schratz@gmail.com

+# Bitnami charts are served from GitHub CDN - See https://github.com/bitnami/charts/issues/10539 for details
 dependencies:
-  # https://github.com/bitnami/charts/blob/main/bitnami/postgresql
+  # Chart release date: 2023-07 (https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml)
  - name: postgresql
    repository: oci://registry-1.docker.io/bitnamicharts
-    version: 15.5.14
+    version: 12.6.6
    condition: postgresql.enabled
-  # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml
+  # Chart release date: 2023-07 (https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml)
  - name: postgresql-ha
    repository: oci://registry-1.docker.io/bitnamicharts
-    version: 14.2.11
+    version: 11.7.9
    condition: postgresql-ha.enabled
-  # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml
+  # Chart release date: 2023-07 (https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml)
  - name: redis-cluster
    repository: oci://registry-1.docker.io/bitnamicharts
-    version: 10.2.6
+    version: 8.6.9
    condition: redis-cluster.enabled
-  # https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml
-  - name: redis
-    repository: oci://registry-1.docker.io/bitnamicharts
-    version: 19.6.1
-    condition: redis.enabled
@@ -9,7 +9,7 @@ readme: prepare-environment

 .PHONY: unittests
 unittests:
-	helm unittest --strict -f 'unittests/**/*.yaml' -f 'unittests/dependency-major-image-check.yaml' -f 'unittests/values-conflicting-checks.yaml' ./
+	helm unittest --strict -f 'unittests/**/*.yaml' ./

 .PHONY: helm
 update-helm-dependencies:
@@ -1,5 +1,7 @@
 # High Availability

+⚠️ **EXPERIMENTAL** ⚠️
+
 All components (in-memory DB, volume/asset storage, code indexer) used by Gitea must be deployed in a HA-ready fashion to achieve a full HA-ready Gitea deployment.
 The following document explains how to achieve this for all individual components.

@@ -95,11 +97,6 @@ To do so, you need to set the following configuration values yourself:
 - `gitea.config.cache.ADAPTER`: `redis`
 - `gitea.config.cache.HOST`: `<your redis connection string>`

-By default, the `redis-cluster` chart provisions three standalone master nodes of which each has a single replica.
-To reduce the number of pods for a default Gitea deployment, we opted to omit the replicas (`replicas: 0`) by default.
-Only the minimum required number of master pods for a functional `redis-cluster` deployment are provisioned.
-For a "proper" `redis-cluster` setup however, we recommend to set `replicas: 1` and `nodes: 6`.
-
 ## Object and asset storage

 Object/asset storage refers to the storage of attachments, avatars, LFS files, etc.
@@ -14,6 +14,6 @@
  },
  "devDependencies": {
    "@bitnami/readme-generator-for-helm": "^2.5.0",
-    "markdownlint-cli": "^0.41.0"
+    "markdownlint-cli": "^0.34.0"
  }
 }
@@ -1,60 +0,0 @@
-{
-  $schema: 'https://docs.renovatebot.com/renovate-schema.json',
-  extends: [
-    'gitea>gitea/renovate-config',
-    ':automergeMinor',
-    'schedule:automergeDaily',
-    'schedule:weekends',
-  ],
-  labels: [
-    'kind/dependency',
-  ],
-  automergeStrategy: 'squash',
-  customManagers: [
-    {
-      description: 'Gitea-version of https://docs.renovatebot.com/presets-regexManagers/#regexmanagersgithubactionsversions',
-      customType: 'regex',
-      fileMatch: [
-        '.gitea/workflows/.+\\.ya?ml$',
-      ],
-      matchStrings: [
-        '# renovate: datasource=(?<datasource>[a-z-.]+?) depName=(?<depName>[^\\s]+?)(?: (?:lookupName|packageName)=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?<currentValue>.+?)["\']?\\s',
-      ],
-    },
-    {
-      description: 'Detect helm-unittest yaml schema file',
-      customType: 'regex',
-      fileMatch: ['.vscode/settings\\.json$'],
-      matchStrings: [
-        'https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json',
-      ],
-      datasourceTemplate: 'github-releases',
-    },
-  ],
-  packageRules: [
-    {
-      groupName: 'subcharts (minor & patch)',
-      matchManagers: [
-        'helmv3',
-      ],
-      matchUpdateTypes: [
-        'minor',
-        'patch',
-        'digest',
-      ],
-    },
-    {
-      groupName: 'workflow dependencies (minor & patch)',
-      matchManagers: [
-        'github-actions',
-        'npm',
-        'custom.regex',
-      ],
-      matchUpdateTypes: [
-        'minor',
-        'patch',
-        'digest',
-      ],
-    },
-  ],
-}
@@ -18,19 +18,3 @@
  echo "Visit http://127.0.0.1:{{ .Values.service.http.port }} to use your application"
  kubectl --namespace {{ .Release.Namespace }} port-forward svc/{{ .Release.Name }}-http {{ .Values.service.http.port }}:{{ .Values.service.http.port }}
 {{- end }}
-{{- $warnings := list -}}
-{{- if eq (get .Values.gitea.config.cache "ADAPTER") "memory" -}}
-  {{- $warnings = append $warnings "Gitea uses 'memory' for caching which is not recommended for production use. See https://docs.gitea.com/next/administration/config-cheat-sheet#cache-cache for available options." -}}
-{{- end }}
-{{- if eq (get .Values.gitea.config.queue "TYPE") "level" -}}
-  {{- $warnings = append $warnings "Gitea uses 'leveldb' for queue actions which is not recommended for production use. See https://docs.gitea.com/next/administration/config-cheat-sheet#queue-queue-and-queue for available options." -}}
-{{- end }}
-{{- if eq (get .Values.gitea.config.session "PROVIDER") "memory" -}}
-  {{- $warnings = append $warnings "Gitea uses 'memory' for sessions which is not recommended for production use. See https://docs.gitea.com/next/administration/config-cheat-sheet#session-session for available options." -}}
-{{- end }}
-{{- if gt (len $warnings) 0 }}
-2. Review these warnings:
-{{- range $warnings }}
-  - {{ . }}
-{{- end }}
-{{- end }}
@@ -3,6 +3,26 @@
 Expand the name of the chart.
 */}}

+{{- /* multiple replicas assertions */ -}}
+{{- if gt .Values.replicaCount 1.0 -}}
+  {{- fail "When using multiple replicas, a RWX file system is required" -}}
+  {{- if eq (get (.Values.persistence.accessModes 0) "ReadWriteOnce") -}}
+    {{- fail "When using multiple replicas, a RWX file system is required" -}}
+  {{- end }}
+  
+  {{- if eq (get .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE") "bleve" -}}
+    {{- fail "When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'" -}}
+  {{- end }}
+  
+  {{- if and (eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve") (eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED "true") -}}
+    {{- fail "When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'" -}}
+  {{- end }}
+  
+  {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}}
+    {{- (printf "DEBUG: When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'") | fail -}}
+  {{- end }}
+{{- end }}
+
 {{- define "gitea.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
@@ -36,22 +56,14 @@ Create chart name and version as used by the chart label.
 Create image name and tag used by the deployment.
 */}}
 {{- define "gitea.image" -}}
-{{- $fullOverride := .Values.image.fullOverride | default "" -}}
 {{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}}
-{{- $repository := .Values.image.repository -}}
-{{- $separator := ":" -}}
-{{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}}
+{{- $name := .Values.image.repository -}}
+{{- $tag := .Values.image.tag | default .Chart.AppVersion -}}
 {{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}}
-{{- $digest := "" -}}
-{{- if .Values.image.digest }}
-    {{- $digest = (printf "@%s" (.Values.image.digest | toString)) -}}
-{{- end -}}
-{{- if $fullOverride }}
-    {{- printf "%s" $fullOverride -}}
-{{- else if $registry }}
-    {{- printf "%s/%s%s%s%s%s" $registry $repository $separator $tag $rootless $digest -}}
+{{- if $registry -}}
+  {{- printf "%s/%s:%s%s" $registry $name $tag $rootless -}}
 {{- else -}}
-    {{- printf "%s%s%s%s%s" $repository $separator $tag $rootless $digest -}}
+  {{- printf "%s:%s%s" $name $tag $rootless -}}
 {{- end -}}
 {{- end -}}

@@ -74,7 +86,7 @@ imagePullSecrets:
 Storage Class
 */}}
 {{- define "gitea.persistence.storageClass" -}}
-{{- $storageClass :=  (tpl ( default "" .Values.persistence.storageClass) .) | default (tpl ( default "" .Values.global.storageClass) .) }}
+{{- $storageClass := .Values.global.storageClass | default .Values.persistence.storageClass }}
 {{- if $storageClass }}
 storageClassName: {{ $storageClass | quote }}
 {{- end }}
@@ -100,46 +112,30 @@ app.kubernetes.io/name: {{ include "gitea.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end -}}

-{{- define "postgresql-ha.dns" -}}
-{{- if (index .Values "postgresql-ha").enabled -}}
-{{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}}
-{{- end -}}
-{{- end -}}
-
 {{- define "postgresql.dns" -}}
-{{- if (index .Values "postgresql").enabled -}}
-{{- printf "%s-postgresql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.postgresql.global.postgresql.service.ports.postgresql -}}
-{{- end -}}
+{{- printf "%s-postgresql-ha-postgresql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}}
 {{- end -}}

 {{- define "redis.dns" -}}
-{{- if and ((index .Values "redis-cluster").enabled) ((index .Values "redis").enabled) -}}
-{{- fail "redis and redis-cluster cannot be enabled at the same time. Please only choose one." -}}
-{{- else if (index .Values "redis-cluster").enabled -}}
+{{- if (index .Values "redis-cluster").enabled -}}
 {{- printf "redis+cluster://:%s@%s-redis-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis-cluster").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis-cluster").service.ports.redis -}}
-{{- else if (index .Values "redis").enabled -}}
-{{- printf "redis://:%s@%s-redis-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis").master.service.ports.redis -}}
 {{- end -}}
 {{- end -}}

 {{- define "redis.port" -}}
 {{- if (index .Values "redis-cluster").enabled -}}
 {{ (index .Values "redis-cluster").service.ports.redis }}
-{{- else if (index .Values "redis").enabled -}}
-{{ (index .Values "redis").master.service.ports.redis }}
 {{- end -}}
 {{- end -}}

 {{- define "redis.servicename" -}}
 {{- if (index .Values "redis-cluster").enabled -}}
 {{- printf "%s-redis-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
-{{- else if (index .Values "redis").enabled -}}
-{{- printf "%s-redis-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
 {{- end -}}
 {{- end -}}

 {{- define "gitea.default_domain" -}}
-{{- printf "%s-http.%s.svc.%s" (include "gitea.fullname" .) .Release.Namespace .Values.clusterDomain -}}
+{{- printf "%s-gitea.%s.svc.%s" (include "gitea.fullname" .) .Release.Namespace .Values.clusterDomain | trunc 63 | trimSuffix "-" -}}
 {{- end -}}

 {{- define "gitea.ldap_settings" -}}
@@ -278,33 +274,23 @@ https
  {{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}}
    {{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}}
  {{- end -}}
+  {{- if (index .Values "redis-cluster").enabled -}}
+    {{- $_ := set .Values.gitea.config.cache "ENABLED" "true" -}}
+    {{- $_ := set .Values.gitea.config.cache "ADAPTER" "redis" -}}
+    {{- if not (.Values.gitea.config.cache.HOST) -}}
+      {{- $_ := set .Values.gitea.config.cache "HOST" (include "redis.dns" .) -}}
+    {{- end -}}
+  {{- end -}}
  {{- /* redis queue */ -}}
-  {{- if or ((index .Values "redis-cluster").enabled) ((index .Values "redis").enabled) -}}
+  {{- if (index .Values "redis-cluster").enabled -}}
    {{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}}
    {{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "redis.dns" .) -}}
+  {{- end -}}
+  {{- if not (get .Values.gitea.config.session "PROVIDER") -}}
    {{- $_ := set .Values.gitea.config.session "PROVIDER" "redis" -}}
+  {{- end -}}
+  {{- if not (get .Values.gitea.config.session "PROVIDER_CONFIG") -}}
    {{- $_ := set .Values.gitea.config.session "PROVIDER_CONFIG" (include "redis.dns" .) -}}
-    {{- $_ := set .Values.gitea.config.cache "ADAPTER" "redis" -}}
-    {{- $_ := set .Values.gitea.config.cache "HOST" (include "redis.dns" .) -}}
-  {{- else -}}
-    {{- if not (get .Values.gitea.config.session "PROVIDER") -}}
-      {{- $_ := set .Values.gitea.config.session "PROVIDER" "memory" -}}
-    {{- end -}}
-    {{- if not (get .Values.gitea.config.session "PROVIDER_CONFIG") -}}
-      {{- $_ := set .Values.gitea.config.session "PROVIDER_CONFIG" "" -}}
-    {{- end -}}
-    {{- if not (get .Values.gitea.config.queue "TYPE") -}}
-      {{- $_ := set .Values.gitea.config.queue "TYPE" "level" -}}
-    {{- end -}}
-    {{- if not (get .Values.gitea.config.queue "CONN_STR") -}}
-      {{- $_ := set .Values.gitea.config.queue "CONN_STR" "" -}}
-    {{- end -}}
-    {{- if not (get .Values.gitea.config.cache "ADAPTER") -}}
-      {{- $_ := set .Values.gitea.config.cache "ADAPTER" "memory" -}}
-    {{- end -}}
-    {{- if not (get .Values.gitea.config.cache "HOST") -}}
-      {{- $_ := set .Values.gitea.config.cache "HOST" "" -}}
-    {{- end -}}
  {{- end -}}
  {{- if not .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE -}}
     {{- $_ := set .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE" "db" -}}
@@ -320,7 +306,7 @@ https
  {{- end -}}
  {{- if not (.Values.gitea.config.server.DOMAIN) -}}
    {{- if gt (len .Values.ingress.hosts) 0 -}}
-      {{- $_ := set .Values.gitea.config.server "DOMAIN" ( tpl (index .Values.ingress.hosts 0).host $) -}}
+      {{- $_ := set .Values.gitea.config.server "DOMAIN" (index .Values.ingress.hosts 0).host -}}
    {{- else -}}
      {{- $_ := set .Values.gitea.config.server "DOMAIN" (include "gitea.default_domain" .) -}}
    {{- end -}}
@@ -358,21 +344,12 @@ https
  {{- if (index .Values "postgresql-ha" "enabled") -}}
    {{- $_ := set .Values.gitea.config.database "DB_TYPE"   "postgres" -}}
    {{- if not (.Values.gitea.config.database.HOST) -}}
-      {{- $_ := set .Values.gitea.config.database "HOST"      (include "postgresql-ha.dns" .) -}}
+      {{- $_ := set .Values.gitea.config.database "HOST"      (include "postgresql.dns" .) -}}
    {{- end -}}
    {{- $_ := set .Values.gitea.config.database "NAME"      (index .Values "postgresql-ha" "global" "postgresql" "database") -}}
    {{- $_ := set .Values.gitea.config.database "USER"      (index .Values "postgresql-ha" "global" "postgresql" "username") -}}
    {{- $_ := set .Values.gitea.config.database "PASSWD"    (index .Values "postgresql-ha" "global" "postgresql" "password") -}}
  {{- end -}}
-  {{- if (index .Values "postgresql" "enabled") -}}
-    {{- $_ := set .Values.gitea.config.database "DB_TYPE"   "postgres" -}}
-    {{- if not (.Values.gitea.config.database.HOST) -}}
-      {{- $_ := set .Values.gitea.config.database "HOST"      (include "postgresql.dns" .) -}}
-    {{- end -}}
-    {{- $_ := set .Values.gitea.config.database "NAME"      .Values.postgresql.global.postgresql.auth.database -}}
-    {{- $_ := set .Values.gitea.config.database "USER"      .Values.postgresql.global.postgresql.auth.username -}}
-    {{- $_ := set .Values.gitea.config.database "PASSWD"    .Values.postgresql.global.postgresql.auth.password -}}
-  {{- end -}}
 {{- end -}}

 {{- define "gitea.init-additional-mounts" -}}
@@ -400,11 +377,3 @@ https
 {{- define "gitea.serviceAccountName" -}}
 {{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }}
 {{- end -}}
-
-{{- define "gitea.admin.passwordMode" -}}
-{{- if has .Values.gitea.admin.passwordMode (tuple "keepUpdated" "initialOnlyNoReset" "initialOnlyRequireReset") -}}
-{{ .Values.gitea.admin.passwordMode }}
-{{- else -}}
-{{ printf "gitea.admin.passwordMode must be set to one of 'keepUpdated', 'initialOnlyNoReset', or 'initialOnlyRequireReset'. Received: '%s'" .Values.gitea.admin.passwordMode | fail }}
-{{- end -}}
-{{- end -}}
@@ -17,41 +17,31 @@ metadata:
 type: Opaque
 stringData:
  assertions: |
-
-    {{- /*assert that only one PG dep is enabled */ -}}
-    {{- if and (.Values.postgresql.enabled) (index .Values "postgresql-ha" "enabled") -}}
-      {{- fail "Only one of postgresql or postgresql-ha can be enabled at the same time." -}}
+{{- /* multiple replicas assertions */ -}}
+{{- if gt .Values.replicaCount 1.0 -}}
+  {{- if .Values.gitea.config.cron.GIT_GC_REPOS -}}
+    {{- if .Values.gitea.config.cron.GIT_GC_REPOS.enabled -}}
+      {{- fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'GIT_GC_REPOS.enabled = false'." -}}
    {{- end }}
-    
-    {{- /* multiple replicas assertions */ -}}
-    {{- if gt .Values.replicaCount 1.0 -}}
-      {{- if .Values.gitea.config.cron -}}
-        {{- if .Values.gitea.config.cron.GIT_GC_REPOS -}}
-          {{- if eq .Values.gitea.config.cron.GIT_GC_REPOS.ENABLED true -}}
-            {{ fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." }}
-          {{- end }}
+  {{- end }}
+  {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}}
+    {{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}}
+  {{- end }}
+  
+  {{- if eq (get .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE") "bleve" -}}
+    {{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}}
+  {{- end }}
+  {{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}}
+    {{- if eq (get .Values.gitea.config.indexer "REPO_INDEXER_TYPE") "bleve" -}}
+      {{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}}
+        {{- if eq (get .Values.gitea.config.indexer "REPO_INDEXER_ENABLED") "true" -}}
+          {{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}}
        {{- end }}
      {{- end }}
-    
-      {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}}
-        {{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}}
-      {{- end }}
-      {{- if .Values.gitea.config.indexer -}}
-        {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}}
-          {{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}}
-        {{- end }}
-        {{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}}
-          {{- if eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve" -}}
-            {{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}}
-              {{- if eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED true -}}
-                {{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}}
-              {{- end }}
-            {{- end }}
-          {{- end }}
-        {{- end }}
-      {{- end }}
-      
    {{- end }}
+  {{- end }}
+  
+{{- end }}
  config_environment.sh: |-
    #!/usr/bin/env bash
    set -euo pipefail
@@ -140,7 +130,7 @@ stringData:

      if [[ $section == '_generals_' ]]; then
        env2ini::log "  [ini root]"
-        section=''
+        section='DEFAULT'
      else
        env2ini::log "  ${section}"
      fi
@@ -179,7 +169,7 @@ stringData:
    }
    
    # save existing envs prior to script execution. Necessary to keep order of preexisting and custom envs
-    env | (grep -e '^GITEA__' || [[ $? == 1 ]]) > /tmp/existing-envs
+    env | (grep GITEA || [[ $? == 1 ]]) > /tmp/existing-envs
    
    # MUST BE CALLED BEFORE OTHER CONFIGURATION
    env2ini::generate_initial_secrets
@@ -207,3 +197,7 @@ stringData:
    fi

    environment-to-ini -o $GITEA_APP_INI
+
+    env
+
+    cat /data/gitea/conf/app.ini
@@ -8,9 +8,6 @@ metadata:
    {{- end }}
  labels:
    {{- include "gitea.labels" . | nindent 4 }}
-    {{- if .Values.deployment.labels }}
-    {{- toYaml .Values.deployment.labels | nindent 4 }}
-    {{- end }}
 spec:
  replicas: {{ .Values.replicaCount }}
  strategy:
@@ -243,8 +240,6 @@ spec:
            - name: GITEA_ADMIN_PASSWORD
              value: {{ .Values.gitea.admin.password | quote }}
            {{- end }}
-            - name: GITEA_ADMIN_PASSWORD_MODE
-              value: {{ include "gitea.admin.passwordMode" $ }}
            {{- if .Values.deployment.env }}
            {{- toYaml .Values.deployment.env | nindent 12 }}
            {{- end }}
@@ -402,4 +397,4 @@ spec:
  {{- else if not .Values.persistence.enabled }}
        - name: data
          emptyDir: {}
-  {{- end }}
+  {{- end }}
@@ -4,9 +4,6 @@ metadata:
  name: {{ include "gitea.fullname" . }}-http
  labels:
    {{- include "gitea.labels" . | nindent 4 }}
-    {{- if .Values.service.http.labels }}
-    {{- toYaml .Values.service.http.labels  | nindent 4 }}
-    {{- end }}
  annotations:
    {{- toYaml .Values.service.http.annotations | nindent 4 }}
 spec:
@@ -15,27 +15,27 @@ metadata:
  name: {{ $fullName }}
  labels:
    {{- include "gitea.labels" . | nindent 4 }}
+  {{- with .Values.ingress.annotations }}
  annotations:
-    {{- range $key, $value := .Values.ingress.annotations }}
-      {{ $key }}: {{ $value | quote }}
-    {{- end }}
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
 spec:
 {{- if .Values.ingress.className }}
-  ingressClassName: {{ tpl .Values.ingress.className . }}
+  ingressClassName: {{ .Values.ingress.className }}
 {{- end }}
 {{- if .Values.ingress.tls }}
  tls:
  {{- range .Values.ingress.tls }}
    - hosts:
      {{- range .hosts }}
-        - {{ tpl . $ | quote }}
+        - {{ . | quote }}
      {{- end }}
      secretName: {{ .secretName }}
  {{- end }}
 {{- end }}
  rules:
    {{- range .Values.ingress.hosts }}
-    - host: {{ tpl .host $ | quote }}
+    - host: {{ .host | quote }}
      http:
        paths:
          {{- range .paths }}
@@ -86,56 +86,15 @@ stringData:

    {{- if or .Values.gitea.admin.existingSecret (and .Values.gitea.admin.username .Values.gitea.admin.password) }}
    function configure_admin_user() {
-      local full_admin_list=$(gitea admin user list --admin)
-      local actual_user_table=''
-
-      # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line
-      local regex="(.*)(ID\s+Username\s+Email\s+IsActive.*)"
-      if [[ "${full_admin_list}" =~ $regex ]]; then
-        actual_user_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline
-      else
-        # This code block should never be reached, as long as the output table header remains the same.
-        # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.
-
-        echo "ERROR: 'configure_admin_user' was not able to determine the current list of admin users."
-        echo "       Please review the output of 'gitea admin user list --admin' shown below."
-        echo "       If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues."
-        echo "DEBUG: Output of 'gitea admin user list --admin'"
-        echo "--"
-        echo "${full_admin_list}"
-        echo "--"
-        exit 1
-      fi
-
-      local ACCOUNT_ID=$(echo "${actual_user_table}" | grep -E "\s+${GITEA_ADMIN_USERNAME}\s+" | awk -F " " "{printf \$1}")
+      local ACCOUNT_ID=$(gitea admin user list --admin | grep -e "\s\+${GITEA_ADMIN_USERNAME}\s\+" | awk -F " " "{printf \$1}")
      if [[ -z "${ACCOUNT_ID}" ]]; then
-        local -a create_args
-        create_args=(--admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }})
-        if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = initialOnlyRequireReset ]]; then
-          create_args+=(--must-change-password=true)
-        else
-          create_args+=(--must-change-password=false)
-        fi
        echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..."
-        gitea admin user create "${create_args[@]}"
+        gitea admin user create --admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }} --must-change-password=false
        echo '...created.'
      else
-        if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = keepUpdated ]]; then
-          echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..."
-          # See https://gitea.com/gitea/helm-chart/issues/673
-          # --must-change-password argument was added to change-password, defaulting to true, counter to the previous behavior
-          #   which acted as if it were provided with =false. If the argument is present in this version of gitea, then we
-          #   should add it to prevent requiring frequent admin password resets.
-          local -a change_args
-          change_args=(--username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}")
-          if gitea admin user change-password --help | grep -qF -- '--must-change-password'; then
-            change_args+=(--must-change-password=false)
-          fi
-          gitea admin user change-password "${change_args[@]}"
-          echo '...password sync done.'
-        else
-          echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist, but update mode is set to '${GITEA_ADMIN_PASSWORD_MODE}'. Skipping."
-        fi
+        echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..."
+        gitea admin user change-password --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}"
+        echo '...password sync done.'
      fi
    }

@@ -146,28 +105,7 @@ stringData:
      {{- if .Values.gitea.ldap }}
      {{- range $idx, $value := .Values.gitea.ldap }}
      local LDAP_NAME={{ (printf "%s" $value.name) | squote }}
-      local full_auth_list=$(gitea admin auth list --vertical-bars)
-      local actual_auth_table=''
-
-      # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line
-      local regex="(.*)(ID\s+\|Name\s+\|Type\s+\|Enabled.*)"
-      if [[ "${full_auth_list}" =~ $regex ]]; then
-        actual_auth_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline
-      else
-        # This code block should never be reached, as long as the output table header remains the same.
-        # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.
-
-        echo "ERROR: 'configure_ldap' was not able to determine the current list of authentication sources."
-        echo "       Please review the output of 'gitea admin auth list --vertical-bars' shown below."
-        echo "       If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues."
-        echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'"
-        echo "--"
-        echo "${full_auth_list}"
-        echo "--"
-        exit 1
-      fi
-
-      local GITEA_AUTH_ID=$(echo "${actual_auth_table}" | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " "  "{print \$1}")
+      local GITEA_AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " "  "{print \$1}")

      if [[ -z "${GITEA_AUTH_ID}" ]]; then
        echo "No ldap configuration found with name '${LDAP_NAME}'. Installing it now..."
@@ -190,28 +128,7 @@ stringData:
      {{- if .Values.gitea.oauth }}
      {{- range $idx, $value := .Values.gitea.oauth }}
      local OAUTH_NAME={{ (printf "%s" $value.name) | squote }}
-      local full_auth_list=$(gitea admin auth list --vertical-bars)
-      local actual_auth_table=''
-
-      # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line
-      local regex="(.*)(ID\s+\|Name\s+\|Type\s+\|Enabled.*)"
-      if [[ "${full_auth_list}" =~ $regex ]]; then
-        actual_auth_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline
-      else
-        # This code block should never be reached, as long as the output table header remains the same.
-        # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.
-
-        echo "ERROR: 'configure_oauth' was not able to determine the current list of authentication sources."
-        echo "       Please review the output of 'gitea admin auth list --vertical-bars' shown below."
-        echo "       If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues."
-        echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'"
-        echo "--"
-        echo "${full_auth_list}"
-        echo "--"
-        exit 1
-      fi
-
-      local AUTH_ID=$(echo "${actual_auth_table}" | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " "  "{print \$1}")
+      local AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " "  "{print \$1}")

      if [[ -z "${AUTH_ID}" ]]; then
        echo "No oauth configuration found with name '${OAUTH_NAME}'. Installing it now..."
@@ -6,8 +6,6 @@ metadata:
  namespace: {{ $.Release.Namespace }}
  annotations:
 {{ .Values.persistence.annotations | toYaml | indent 4}}
-  labels:
-{{ .Values.persistence.labels | toYaml | indent 4}}
 spec:
  accessModes:
  {{- if gt .Values.replicaCount 1.0 }}
@@ -16,7 +14,9 @@ spec:
    {{- .Values.persistence.accessModes | toYaml | nindent 4 }}
  {{- end }}
  volumeMode: Filesystem
-  {{- include "gitea.persistence.storageClass" . | nindent 2 }}
+  {{- if .Values.persistence.storageClass }}
+  storageClassName: {{ .Values.persistence.storageClass }}
+  {{- end }}
  {{- with .Values.persistence.volumeName }}
  volumeName: {{ . }}
  {{- end }}
@@ -4,9 +4,6 @@ metadata:
  name: {{ include "gitea.fullname" . }}-ssh
  labels:
    {{- include "gitea.labels" . | nindent 4 }}
-    {{- if .Values.service.ssh.labels }}
-    {{- toYaml .Values.service.ssh.labels  | nindent 4 }}
-    {{- end }}
  annotations:
    {{- toYaml .Values.service.ssh.annotations | nindent 4 }}
 spec:
@@ -1,66 +0,0 @@
-suite: config template | cache config
-release:
-  name: gitea-unittests
-  namespace: testing
-tests:
-  - it: "cache is configured correctly for redis-cluster"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: true
-      redis:
-        enabled: false
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.cache
-          value: |-
-            ADAPTER=redis
-            HOST=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
-
-  - it: "cache is configured correctly for redis"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: false
-      redis:
-        enabled: true
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.cache
-          value: |-
-            ADAPTER=redis
-            HOST=redis://:changeme@gitea-unittests-redis-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
-
-  - it: "cache is configured correctly for 'memory' when redis (or redis-cluster) is disabled"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: false
-      redis:
-        enabled: false
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.cache
-          value: |-
-            ADAPTER=memory
-            HOST=
-
-  - it: "cache can be customized when redis (or redis-cluster) is disabled"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: false
-      redis:
-        enabled: false
-      gitea.config.cache.ADAPTER: custom-adapter
-      gitea.config.cache.HOST: custom-host
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.cache
-          value: |-
-            ADAPTER=custom-adapter
-            HOST=custom-host
@@ -1,30 +0,0 @@
-suite: config template | database section (postgresql-ha)
-release:
-  name: gitea-unittests
-  namespace: testing
-tests:
-  - it: connects to pgpool service
-    template: templates/gitea/config.yaml
-    set:
-      postgresql:
-        enabled: false
-      postgresql-ha:
-        enabled: true
-    asserts:
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.database
-          pattern: HOST=gitea-unittests-postgresql-ha-pgpool.testing.svc.cluster.local:5432
-  - it: renders the referenced service
-    template: charts/postgresql-ha/templates/pgpool/service.yaml
-    set:
-      postgresql:
-        enabled: false
-      postgresql-ha:
-        enabled: true
-    asserts:
-      - containsDocument:
-          kind: Service
-          apiVersion: v1
-          name: gitea-unittests-postgresql-ha-pgpool
-          namespace: testing
@@ -1,30 +0,0 @@
-suite: config template | database section (postgresql)
-release:
-  name: gitea-unittests
-  namespace: testing
-tests:
-  - it: "connects to postgresql service"
-    template: templates/gitea/config.yaml
-    set:
-      postgresql:
-        enabled: true
-      postgresql-ha:
-        enabled: false
-    asserts:
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.database
-          pattern: HOST=gitea-unittests-postgresql.testing.svc.cluster.local:5432
-  - it: "renders the referenced service"
-    template: charts/postgresql/templates/primary/svc.yaml
-    set:
-      postgresql:
-        enabled: true
-      postgresql-ha:
-        enabled: false
-    asserts:
-      - containsDocument:
-          kind: Service
-          apiVersion: v1
-          name: gitea-unittests-postgresql
-          namespace: testing
@@ -1,66 +0,0 @@
-suite: config template | queue config
-release:
-  name: gitea-unittests
-  namespace: testing
-tests:
-  - it: "queue is configured correctly for redis-cluster"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: true
-      redis:
-        enabled: false
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.queue
-          value: |-
-            CONN_STR=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
-            TYPE=redis
-
-  - it: "queue is configured correctly for redis"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: false
-      redis:
-        enabled: true
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.queue
-          value: |-
-            CONN_STR=redis://:changeme@gitea-unittests-redis-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
-            TYPE=redis
-
-  - it: "queue is configured correctly for 'levelDB' when redis (and redis-cluster) is disabled"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: false
-      redis:
-        enabled: false
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.queue
-          value: |-
-            CONN_STR=
-            TYPE=level
-
-  - it: "queue can be customized when redis (and redis-cluster) are disabled"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: false
-      redis:
-        enabled: false
-      gitea.config.queue.TYPE: custom-type
-      gitea.config.queue.CONN_STR: custom-connection-string
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.queue
-          value: |-
-            CONN_STR=custom-connection-string
-            TYPE=custom-type
@@ -1,67 +0,0 @@
-suite: config template | server section (domain related)
-release:
-  name: gitea-unittests
-  namespace: testing
-tests:
-  - it: "[default values] uses ingress host for DOMAIN|SSH_DOMAIN|ROOT_URL"
-    template: templates/gitea/config.yaml
-    asserts:
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.server
-          pattern: \nDOMAIN=git.example.com
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.server
-          pattern: \nSSH_DOMAIN=git.example.com
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.server
-          pattern: \nROOT_URL=http://git.example.com
-
-  ################################################
-
-  - it: "[no ingress hosts] uses gitea http service for DOMAIN|SSH_DOMAIN|ROOT_URL"
-    template: templates/gitea/config.yaml
-    set:
-      ingress:
-        hosts: []
-    asserts:
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.server
-          pattern: \nDOMAIN=gitea-unittests-http.testing.svc.cluster.local
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.server
-          pattern: \nSSH_DOMAIN=gitea-unittests-http.testing.svc.cluster.local
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.server
-          pattern: \nROOT_URL=http://gitea-unittests-http.testing.svc.cluster.local
-
-  ################################################
-
-  - it: "[provided via values] uses that for DOMAIN|SSH_DOMAIN|ROOT_URL"
-    template: templates/gitea/config.yaml
-    set:
-      gitea.config.server.DOMAIN: provided.example.com
-      ingress:
-        hosts:
-          - host: non-used.example.com
-            paths:
-              - path: /
-                pathType: Prefix
-    asserts:
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.server
-          pattern: \nDOMAIN=provided.example.com
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.server
-          pattern: \nSSH_DOMAIN=provided.example.com
-      - documentIndex: 0
-        matchRegex:
-          path: stringData.server
-          pattern: \nROOT_URL=http://provided.example.com
@@ -1,66 +0,0 @@
-suite: config template | session config
-release:
-  name: gitea-unittests
-  namespace: testing
-tests:
-  - it: "session is configured correctly for redis-cluster"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: true
-      redis:
-        enabled: false
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.session
-          value: |-
-            PROVIDER=redis
-            PROVIDER_CONFIG=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
-
-  - it: "session is configured correctly for redis"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: false
-      redis:
-        enabled: true
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.session
-          value: |-
-            PROVIDER=redis
-            PROVIDER_CONFIG=redis://:changeme@gitea-unittests-redis-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
-
-  - it: "session is configured correctly for 'memory' when redis (and redis-cluster) is disabled"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: false
-      redis:
-        enabled: false
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.session
-          value: |-
-            PROVIDER=memory
-            PROVIDER_CONFIG=
-
-  - it: "session can be customized when redis (and redis-cluster) is disabled"
-    template: templates/gitea/config.yaml
-    set:
-      redis-cluster:
-        enabled: false
-      redis:
-        enabled: false
-      gitea.config.session.PROVIDER: custom-provider
-      gitea.config.session.PROVIDER_CONFIG: custom-provider-config
-    asserts:
-      - documentIndex: 0
-        equal:
-          path: stringData.session
-          value: |-
-            PROVIDER=custom-provider
-            PROVIDER_CONFIG=custom-provider-config
--- a/Show More
+++ b/Show More