Compare commits
10 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 justusbunsi
|
20fca813bc | ||
|
justusbunsi
|
5ec52eaef8 | ||
 justusbunsi
|
2b14bc7e4b | ||
|
pat-s
|
4c0b7f83cd | ||
|
pat-s
|
d99b24fd2e | ||
|
pat-s
|
52a779f26c | ||
|
pat-s
|
f34fe9efb9 | ||
|
pat-s
|
e5ed116dc0 | ||
|
pat-s
|
82f82a45c5 | ||
|
pat-s
|
37b92f265f |
@@ -11,7 +11,7 @@ on:
|
||||
|
||||
env:
|
||||
# renovate: datasource=github-releases depName=helm-unittest/helm-unittest
|
||||
HELM_UNITTEST_VERSION: "v0.5.2"
|
||||
HELM_UNITTEST_VERSION: "v0.5.1"
|
||||
|
||||
jobs:
|
||||
check-and-test:
|
||||
|
||||
Vendored
+1
-1
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"yaml.schemas": {
|
||||
"https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.5.2/schema/helm-testsuite.json": [
|
||||
"https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.5.1/schema/helm-testsuite.json": [
|
||||
"/unittests/**/*.yaml"
|
||||
]
|
||||
},
|
||||
|
||||
+6
-6
@@ -1,15 +1,15 @@
|
||||
dependencies:
|
||||
- name: postgresql
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 15.5.20
|
||||
version: 15.5.17
|
||||
- name: postgresql-ha
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 14.2.16
|
||||
version: 14.2.12
|
||||
- name: redis-cluster
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 10.3.0
|
||||
version: 10.2.7
|
||||
- name: redis
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 19.6.4
|
||||
digest: sha256:a28c809273f313c482e3f803a0a002c3bb3a0d2090bf6b732d68ecc4710b4732
|
||||
generated: "2024-08-03T00:21:16.080925346Z"
|
||||
version: 19.6.2
|
||||
digest: sha256:842e8878e2da9cd62c2233f5ebfcdaa05598633a8bc2fa84803006929cf0c3cc
|
||||
generated: "2024-07-20T00:44:58.227558466Z"
|
||||
|
||||
+5
-6
@@ -3,8 +3,7 @@ name: gitea
|
||||
description: Gitea Helm chart for Kubernetes
|
||||
type: application
|
||||
version: 0.0.0
|
||||
# renovate datasource=github-releases depName=go-gitea/gitea extractVersion=^v(?<version>.*)$
|
||||
appVersion: 1.22.3
|
||||
appVersion: 1.22.0
|
||||
icon: https://gitea.com/assets/img/logo.svg
|
||||
|
||||
keywords:
|
||||
@@ -36,20 +35,20 @@ dependencies:
|
||||
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql
|
||||
- name: postgresql
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 15.5.20
|
||||
version: 15.5.17
|
||||
condition: postgresql.enabled
|
||||
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml
|
||||
- name: postgresql-ha
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 14.2.16
|
||||
version: 14.2.12
|
||||
condition: postgresql-ha.enabled
|
||||
# https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml
|
||||
- name: redis-cluster
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 10.3.0
|
||||
version: 10.2.7
|
||||
condition: redis-cluster.enabled
|
||||
# https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml
|
||||
- name: redis
|
||||
repository: oci://registry-1.docker.io/bitnamicharts
|
||||
version: 19.6.4
|
||||
version: 19.6.2
|
||||
condition: redis.enabled
|
||||
|
||||
@@ -99,7 +99,7 @@ These dependencies are enabled by default:
|
||||
|
||||
Alternatively, the following non-HA replacements are available:
|
||||
|
||||
- PostgreSQL ([Bitnami PostgreSQL](<Postgresql](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml)>))
|
||||
- PostgreSQL ([Bitnami PostgreSQL](<postgresql](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml)>))
|
||||
- Redis ([Bitnami Redis](<Redis](https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml)>))
|
||||
|
||||
### Dependency Versioning
|
||||
@@ -420,9 +420,6 @@ gitea:
|
||||
|
||||
postgresql:
|
||||
enabled: false
|
||||
|
||||
postgresql-ha:
|
||||
enabled: false
|
||||
```
|
||||
|
||||
### Ports and external url
|
||||
@@ -501,9 +498,6 @@ redis-cluster:
|
||||
enabled: true
|
||||
```
|
||||
|
||||
⚠️ The redis charts [do not work well with special characters in the password](https://gitea.com/gitea/helm-chart/issues/690).
|
||||
Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed.
|
||||
|
||||
### Persistence
|
||||
|
||||
Gitea will be deployed as a deployment.
|
||||
@@ -855,14 +849,13 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
|
||||
|
||||
### Global
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------------- | ---------------------------------------------------------------------------------------------- | ----- |
|
||||
| `global.imageRegistry` | global image registry override | `""` |
|
||||
| `global.imagePullSecrets` | global image pull secrets override; can be extended by `imagePullSecrets` | `[]` |
|
||||
| `global.storageClass` | global storage class override | `""` |
|
||||
| `global.hostAliases` | global hostAliases which will be added to the pod's hosts files | `[]` |
|
||||
| `namespace` | An explicit namespace to deploy Gitea into. Defaults to the release namespace if not specified | `""` |
|
||||
| `replicaCount` | number of replicas for the deployment | `1` |
|
||||
| Name | Description | Value |
|
||||
| ------------------------- | ------------------------------------------------------------------------- | ----- |
|
||||
| `global.imageRegistry` | global image registry override | `""` |
|
||||
| `global.imagePullSecrets` | global image pull secrets override; can be extended by `imagePullSecrets` | `[]` |
|
||||
| `global.storageClass` | global storage class override | `""` |
|
||||
| `global.hostAliases` | global hostAliases which will be added to the pod's hosts files | `[]` |
|
||||
| `replicaCount` | number of replicas for the deployment | `1` |
|
||||
|
||||
### strategy
|
||||
|
||||
@@ -929,16 +922,16 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
|
||||
|
||||
### Ingress
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------------------------ | --------------------------------------------------------------------------- | ----------------- |
|
||||
| `ingress.enabled` | Enable ingress | `false` |
|
||||
| `ingress.className` | Ingress class name | `nil` |
|
||||
| `ingress.annotations` | Ingress annotations | `{}` |
|
||||
| `ingress.hosts[0].host` | Default Ingress host | `git.example.com` |
|
||||
| `ingress.hosts[0].paths[0].path` | Default Ingress path | `/` |
|
||||
| `ingress.hosts[0].paths[0].pathType` | Ingress path type | `Prefix` |
|
||||
| `ingress.tls` | Ingress tls settings | `[]` |
|
||||
| `ingress.apiVersion` | Specify APIVersion of ingress object. Mostly would only be used for argocd. | |
|
||||
| Name | Description | Value |
|
||||
| -------------------------- | --------------------------------------------------- | ----------------- |
|
||||
| `ingress.enabled` | Enable ingress | `false` |
|
||||
| `ingress.className` | DEPRECATED: Use `ingress.ingressClassName` instead. | `""` |
|
||||
| `ingress.ingressClassName` | Ingress class name | `""` |
|
||||
| `ingress.pathType` | Ingress Path Type | `Prefix` |
|
||||
| `ingress.annotations` | Ingress annotations | `{}` |
|
||||
| `ingress.hosts[0].host` | Default Ingress host | `git.example.com` |
|
||||
| `ingress.hosts[0].paths` | Default Ingress path | `[]` |
|
||||
| `ingress.tls` | Ingress tls settings | `[]` |
|
||||
|
||||
### deployment
|
||||
|
||||
@@ -983,7 +976,6 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
|
||||
| `persistence.storageClass` | Name of the storage class to use | `nil` |
|
||||
| `persistence.subPath` | Subdirectory of the volume to mount at | `nil` |
|
||||
| `persistence.volumeName` | Name of persistent volume in PVC | `""` |
|
||||
| `extraContainers` | Additional sidecar containers to run in the pod | `[]` |
|
||||
| `extraVolumes` | Additional volumes to mount to the Gitea deployment | `[]` |
|
||||
| `extraContainerVolumeMounts` | Mounts that are only mapped into the Gitea runtime/main container, to e.g. override custom templates. | `[]` |
|
||||
| `extraInitVolumeMounts` | Mounts that are only mapped into the init-containers. Can be used for additional preconfiguration. | `[]` |
|
||||
@@ -1009,28 +1001,23 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo
|
||||
|
||||
### Gitea
|
||||
|
||||
| Name | Description | Value |
|
||||
| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | -------------------- |
|
||||
| `gitea.admin.username` | Username for the Gitea admin user | `gitea_admin` |
|
||||
| `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` |
|
||||
| `gitea.admin.password` | Password for the Gitea admin user | `r8sA8CPHD9!bt6d` |
|
||||
| `gitea.admin.email` | Email for the Gitea admin user | `gitea@local.domain` |
|
||||
| `gitea.admin.passwordMode` | Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated | `keepUpdated` |
|
||||
| `gitea.metrics.enabled` | Enable Gitea metrics | `false` |
|
||||
| `gitea.metrics.serviceMonitor.enabled` | Enable Gitea metrics service monitor. Requires, that `gitea.metrics.enabled` is also set to true, to enable metrics generally. | `false` |
|
||||
| `gitea.metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | `""` |
|
||||
| `gitea.metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping. | `[]` |
|
||||
| `gitea.metrics.serviceMonitor.scheme` | HTTP scheme to use for scraping. For example `http` or `https`. Default is http. | `""` |
|
||||
| `gitea.metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | `""` |
|
||||
| `gitea.metrics.serviceMonitor.tlsConfig` | TLS configuration to use when scraping the metric endpoint by Prometheus. | `{}` |
|
||||
| `gitea.ldap` | LDAP configuration | `[]` |
|
||||
| `gitea.oauth` | OAuth configuration | `[]` |
|
||||
| `gitea.config.server.SSH_PORT` | SSH port for rootlful Gitea image | `22` |
|
||||
| `gitea.config.server.SSH_LISTEN_PORT` | SSH port for rootless Gitea image | `2222` |
|
||||
| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` |
|
||||
| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` |
|
||||
| `gitea.podAnnotations` | Annotations for the Gitea pod | `{}` |
|
||||
| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Gitea image. | `INFO` |
|
||||
| Name | Description | Value |
|
||||
| -------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -------------------- |
|
||||
| `gitea.admin.username` | Username for the Gitea admin user | `gitea_admin` |
|
||||
| `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` |
|
||||
| `gitea.admin.password` | Password for the Gitea admin user | `r8sA8CPHD9!bt6d` |
|
||||
| `gitea.admin.email` | Email for the Gitea admin user | `gitea@local.domain` |
|
||||
| `gitea.admin.passwordMode` | Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated | `keepUpdated` |
|
||||
| `gitea.metrics.enabled` | Enable Gitea metrics | `false` |
|
||||
| `gitea.metrics.serviceMonitor.enabled` | Enable Gitea metrics service monitor | `false` |
|
||||
| `gitea.ldap` | LDAP configuration | `[]` |
|
||||
| `gitea.oauth` | OAuth configuration | `[]` |
|
||||
| `gitea.config.server.SSH_PORT` | SSH port for rootlful Gitea image | `22` |
|
||||
| `gitea.config.server.SSH_LISTEN_PORT` | SSH port for rootless Gitea image | `2222` |
|
||||
| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` |
|
||||
| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` |
|
||||
| `gitea.podAnnotations` | Annotations for the Gitea pod | `{}` |
|
||||
| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Gitea image. | `INFO` |
|
||||
|
||||
### LivenessProbe
|
||||
|
||||
@@ -1103,7 +1090,7 @@ Redis and [Redis cluster](#redis-cluster) cannot be enabled at the same time.
|
||||
| `postgresql-ha.postgresql.postgresPassword` | postgres Password | `changeme1` |
|
||||
| `postgresql-ha.pgpool.adminPassword` | pgpool adminPassword | `changeme3` |
|
||||
| `postgresql-ha.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `5432` |
|
||||
| `postgresql-ha.persistence.size` | PVC Storage Request for PostgreSQL HA volume | `10Gi` |
|
||||
| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL HA volume | `10Gi` |
|
||||
|
||||
### PostgreSQL
|
||||
|
||||
|
||||
@@ -30,14 +30,6 @@
|
||||
],
|
||||
datasourceTemplate: 'github-releases',
|
||||
},
|
||||
{
|
||||
'description': 'Automatically detect new Gitea releases',
|
||||
'customType': 'regex',
|
||||
'fileMatch': ['(^|/)Chart\\.yaml$'],
|
||||
'matchStrings': [
|
||||
'# renovate datasource=(?<datasource>\\S+) depName=(?<depName>\\S+) extractVersion=(?<extractVersion>\\S+)\\nappVersion:\\s?(?<currentValue>\\S+)\\n',
|
||||
],
|
||||
},
|
||||
],
|
||||
packageRules: [
|
||||
{
|
||||
@@ -64,12 +56,5 @@
|
||||
'digest',
|
||||
],
|
||||
},
|
||||
{
|
||||
description: 'Override changelog url for Helm image, to have release notes in our PRs',
|
||||
matchDepNames: [
|
||||
'alpine/helm',
|
||||
],
|
||||
changelogUrl: 'https://github.com/helm/helm',
|
||||
},
|
||||
],
|
||||
}
|
||||
|
||||
+26
-18
@@ -401,6 +401,32 @@ https
|
||||
{{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "ingress.annotations" -}}
|
||||
{{- if .Values.ingress.annotations }}
|
||||
annotations:
|
||||
{{- $tp := typeOf .Values.ingress.annotations }}
|
||||
{{- if eq $tp "string" }}
|
||||
{{- tpl .Values.ingress.annotations . | nindent 4 }}
|
||||
{{- else }}
|
||||
{{- toYaml .Values.ingress.annotations | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "ingress.ingressClassName" -}}
|
||||
{{- if ne .Values.ingress.className "" -}}
|
||||
# WARNING: 'ingress.className' is deprecated and will be removed in a future release. Use 'ingress.ingressClassName' instead."
|
||||
{{ end -}}
|
||||
{{- if and (ne .Values.ingress.className "" ) (ne .Values.ingress.ingressClassName "") -}}
|
||||
{{- fail "ingress.ingressClassName and ingress.className cannot be defined at the same time. Please only choose one." -}}
|
||||
{{- end -}}
|
||||
{{- if ne .Values.ingress.className "" -}}
|
||||
ingressClassName: {{ tpl .Values.ingress.className . }}
|
||||
{{- else if ne .Values.ingress.ingressClassName "" -}}
|
||||
ingressClassName: {{ tpl .Values.ingress.ingressClassName . }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- define "gitea.admin.passwordMode" -}}
|
||||
{{- if has .Values.gitea.admin.passwordMode (tuple "keepUpdated" "initialOnlyNoReset" "initialOnlyRequireReset") -}}
|
||||
{{ .Values.gitea.admin.passwordMode }}
|
||||
@@ -408,21 +434,3 @@ https
|
||||
{{ printf "gitea.admin.passwordMode must be set to one of 'keepUpdated', 'initialOnlyNoReset', or 'initialOnlyRequireReset'. Received: '%s'" .Values.gitea.admin.passwordMode | fail }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/* Create a functioning probe object for rendering. Given argument must be either a livenessProbe, readinessProbe, or startupProbe */}}
|
||||
{{- define "gitea.deployment.probe" -}}
|
||||
{{- $probe := unset . "enabled" -}}
|
||||
{{- $probeKeys := keys $probe -}}
|
||||
{{- $containsCustomMethod := false -}}
|
||||
{{- $chartDefaultMethod := "tcpSocket" -}}
|
||||
{{- $nonChartDefaultMethods := list "exec" "httpGet" "grpc" -}}
|
||||
{{- range $probeKeys -}}
|
||||
{{- if has . $nonChartDefaultMethods -}}
|
||||
{{- $containsCustomMethod = true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- if $containsCustomMethod -}}
|
||||
{{- $probe = unset . $chartDefaultMethod -}}
|
||||
{{- end -}}
|
||||
{{- toYaml $probe -}}
|
||||
{{- end -}}
|
||||
|
||||
@@ -2,7 +2,6 @@ apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}-inline-config
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
type: Opaque
|
||||
@@ -13,7 +12,6 @@ apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
type: Opaque
|
||||
|
||||
@@ -2,7 +2,6 @@ apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
annotations:
|
||||
{{- if .Values.deployment.annotations }}
|
||||
{{- toYaml .Values.deployment.annotations | nindent 4 }}
|
||||
@@ -312,15 +311,15 @@ spec:
|
||||
{{- end }}
|
||||
{{- if .Values.gitea.livenessProbe.enabled }}
|
||||
livenessProbe:
|
||||
{{- include "gitea.deployment.probe" .Values.gitea.livenessProbe | nindent 12 }}
|
||||
{{- toYaml (omit .Values.gitea.livenessProbe "enabled") | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.gitea.readinessProbe.enabled }}
|
||||
readinessProbe:
|
||||
{{- include "gitea.deployment.probe" .Values.gitea.readinessProbe | nindent 12 }}
|
||||
{{- toYaml (omit .Values.gitea.readinessProbe "enabled") | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- if .Values.gitea.startupProbe.enabled }}
|
||||
startupProbe:
|
||||
{{- include "gitea.deployment.probe" .Values.gitea.startupProbe | nindent 12 }}
|
||||
{{- toYaml (omit .Values.gitea.startupProbe "enabled") | nindent 12 }}
|
||||
{{- end }}
|
||||
resources:
|
||||
{{- toYaml .Values.resources | nindent 12 }}
|
||||
@@ -340,9 +339,6 @@ spec:
|
||||
subPath: {{ .Values.persistence.subPath }}
|
||||
{{- end }}
|
||||
{{- include "gitea.container-additional-mounts" . | nindent 12 }}
|
||||
{{- if .Values.extraContainers }}
|
||||
{{- toYaml .Values.extraContainers | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.global.hostAliases }}
|
||||
hostAliases:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
@@ -406,4 +402,4 @@ spec:
|
||||
{{- else if not .Values.persistence.enabled }}
|
||||
- name: data
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -7,7 +7,6 @@ apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "gitea.gpg-key-secret-name" . }}
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
type: Opaque
|
||||
|
||||
@@ -2,7 +2,6 @@ apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}-http
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
{{- if .Values.service.http.labels }}
|
||||
|
||||
@@ -1,29 +1,16 @@
|
||||
{{- if .Values.ingress.enabled -}}
|
||||
{{- $fullName := include "gitea.fullname" . -}}
|
||||
{{- $httpPort := .Values.service.http.port -}}
|
||||
{{- $apiVersion := "extensions/v1beta1" -}}
|
||||
{{- if .Values.ingress.apiVersion -}}
|
||||
{{- $apiVersion = .Values.ingress.apiVersion -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}}
|
||||
{{- $apiVersion = "networking.k8s.io/v1" }}
|
||||
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress" -}}
|
||||
{{- $apiVersion = "networking.k8s.io/v1beta1" }}
|
||||
{{- end }}
|
||||
apiVersion: {{ $apiVersion }}
|
||||
{{- $pathType := .Values.ingress.pathType -}}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $fullName }}
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.ingress.annotations }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- template "ingress.annotations" . }}
|
||||
spec:
|
||||
{{- if .Values.ingress.className }}
|
||||
ingressClassName: {{ tpl .Values.ingress.className . }}
|
||||
{{- end }}
|
||||
{{- include "ingress.ingressClassName" . | nindent 2 }}
|
||||
{{- if .Values.ingress.tls }}
|
||||
tls:
|
||||
{{- range .Values.ingress.tls }}
|
||||
@@ -39,21 +26,14 @@ spec:
|
||||
- host: {{ tpl .host $ | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- range .paths }}
|
||||
- path: {{ .path }}
|
||||
{{- if and .pathType (eq $apiVersion "networking.k8s.io/v1") }}
|
||||
pathType: {{ .pathType }}
|
||||
{{- end }}
|
||||
{{- range (.paths | default (list "/")) }}
|
||||
- path: {{ . }}
|
||||
pathType: {{ $pathType }}
|
||||
backend:
|
||||
{{- if eq $apiVersion "networking.k8s.io/v1" }}
|
||||
service:
|
||||
name: {{ $fullName }}-http
|
||||
port:
|
||||
number: {{ $httpPort }}
|
||||
{{- else }}
|
||||
serviceName: {{ $fullName }}-http
|
||||
servicePort: {{ $httpPort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
+12
-11
@@ -2,7 +2,6 @@ apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}-init
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
type: Opaque
|
||||
@@ -25,25 +24,27 @@ stringData:
|
||||
# END: initPreScript
|
||||
{{- end }}
|
||||
|
||||
set -x
|
||||
|
||||
{{- if not .Values.image.rootless }}
|
||||
chown -v 1000:1000 /data
|
||||
chown 1000:1000 /data
|
||||
{{- end }}
|
||||
mkdir -pv /data/git/.ssh
|
||||
chmod -Rv 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
|
||||
mkdir -p /data/git/.ssh
|
||||
chmod -R 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
|
||||
|
||||
# prepare temp directory structure
|
||||
mkdir -pv "${GITEA_TEMP}"
|
||||
mkdir -p "${GITEA_TEMP}"
|
||||
{{- if not .Values.image.rootless }}
|
||||
chown -v 1000:1000 "${GITEA_TEMP}"
|
||||
chown 1000:1000 "${GITEA_TEMP}"
|
||||
{{- end }}
|
||||
chmod -v ug+rwx "${GITEA_TEMP}"
|
||||
chmod ug+rwx "${GITEA_TEMP}"
|
||||
|
||||
{{ if .Values.signing.enabled -}}
|
||||
if [ ! -d "${GNUPGHOME}" ]; then
|
||||
mkdir -pv "${GNUPGHOME}"
|
||||
chmod -v 700 "${GNUPGHOME}"
|
||||
chown -v 1000:1000 "${GNUPGHOME}"
|
||||
mkdir -p "${GNUPGHOME}"
|
||||
chmod 700 "${GNUPGHOME}"
|
||||
chown 1000:1000 "${GNUPGHOME}"
|
||||
fi
|
||||
{{- end }}
|
||||
|
||||
|
||||
@@ -7,7 +7,6 @@ apiVersion: policy/v1beta1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
spec:
|
||||
|
||||
@@ -3,7 +3,7 @@ kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: {{ .Values.persistence.claimName }}
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
namespace: {{ $.Release.Namespace }}
|
||||
annotations:
|
||||
{{ .Values.persistence.annotations | toYaml | indent 4}}
|
||||
labels:
|
||||
|
||||
@@ -3,7 +3,7 @@ apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "gitea.serviceAccountName" . }}
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
namespace: {{ .Release.Namespace | quote }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
{{- with .Values.serviceAccount.labels }}
|
||||
|
||||
@@ -1,9 +1,8 @@
|
||||
{{- if and .Values.gitea.metrics.enabled .Values.gitea.metrics.serviceMonitor.enabled -}}
|
||||
{{- if .Values.gitea.metrics.serviceMonitor.enabled -}}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
{{- if .Values.gitea.metrics.serviceMonitor.additionalLabels }}
|
||||
@@ -15,21 +14,4 @@ spec:
|
||||
{{- include "gitea.selectorLabels" . | nindent 6 }}
|
||||
endpoints:
|
||||
- port: http
|
||||
{{- if .Values.gitea.metrics.serviceMonitor.interval }}
|
||||
interval: {{ .Values.gitea.metrics.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
{{- with .Values.gitea.metrics.serviceMonitor.relabelings }}
|
||||
relabelings:
|
||||
{{- . | toYaml | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if .Values.gitea.metrics.serviceMonitor.scheme }}
|
||||
scheme: {{ .Values.gitea.metrics.serviceMonitor.scheme }}
|
||||
{{- end }}
|
||||
{{- if .Values.gitea.metrics.serviceMonitor.scrapeTimeout }}
|
||||
scrapeTimeout: {{ .Values.gitea.metrics.serviceMonitor.scrapeTimeout }}
|
||||
{{- end }}
|
||||
{{- with .Values.gitea.metrics.serviceMonitor.tlsConfig }}
|
||||
tlsConfig:
|
||||
{{- . | toYaml | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
@@ -2,7 +2,6 @@ apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "gitea.fullname" . }}-ssh
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{- include "gitea.labels" . | nindent 4 }}
|
||||
{{- if .Values.service.ssh.labels }}
|
||||
|
||||
@@ -3,7 +3,6 @@ apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: "{{ include "gitea.fullname" . }}-test-connection"
|
||||
namespace: {{ .Values.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
{{ include "gitea.labels" . | nindent 4 }}
|
||||
annotations:
|
||||
|
||||
@@ -1,188 +0,0 @@
|
||||
suite: deployment template (probes)
|
||||
release:
|
||||
name: gitea-unittests
|
||||
namespace: testing
|
||||
templates:
|
||||
- templates/gitea/deployment.yaml
|
||||
- templates/gitea/config.yaml
|
||||
tests:
|
||||
- it: renders default liveness probe
|
||||
template: templates/gitea/deployment.yaml
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.template.spec.containers[0].livenessProbe.enabled
|
||||
- isSubset:
|
||||
path: spec.template.spec.containers[0].livenessProbe
|
||||
content:
|
||||
failureThreshold: 10
|
||||
initialDelaySeconds: 200
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
tcpSocket:
|
||||
port: http
|
||||
timeoutSeconds: 1
|
||||
- it: renders default readiness probe
|
||||
template: templates/gitea/deployment.yaml
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.template.spec.containers[0].readinessProbe.enabled
|
||||
- isSubset:
|
||||
path: spec.template.spec.containers[0].readinessProbe
|
||||
content:
|
||||
failureThreshold: 3
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
tcpSocket:
|
||||
port: http
|
||||
timeoutSeconds: 1
|
||||
- it: does not render a default startup probe
|
||||
template: templates/gitea/deployment.yaml
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.template.spec.containers[0].startupProbe
|
||||
- it: allows enabling a startup probe
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
gitea.startupProbe.enabled: true
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.template.spec.containers[0].startupProbe.enabled
|
||||
- isSubset:
|
||||
path: spec.template.spec.containers[0].startupProbe
|
||||
content:
|
||||
failureThreshold: 10
|
||||
initialDelaySeconds: 60
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
tcpSocket:
|
||||
port: http
|
||||
timeoutSeconds: 1
|
||||
|
||||
- it: allows overwriting the default port of the liveness probe
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
gitea:
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: my-port
|
||||
asserts:
|
||||
- isSubset:
|
||||
path: spec.template.spec.containers[0].livenessProbe
|
||||
content:
|
||||
tcpSocket:
|
||||
port: my-port
|
||||
|
||||
- it: allows overwriting the default port of the readiness probe
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
gitea:
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: my-port
|
||||
asserts:
|
||||
- isSubset:
|
||||
path: spec.template.spec.containers[0].readinessProbe
|
||||
content:
|
||||
tcpSocket:
|
||||
port: my-port
|
||||
|
||||
- it: allows overwriting the default port of the startup probe
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
gitea:
|
||||
startupProbe:
|
||||
enabled: true
|
||||
tcpSocket:
|
||||
port: my-port
|
||||
asserts:
|
||||
- isSubset:
|
||||
path: spec.template.spec.containers[0].startupProbe
|
||||
content:
|
||||
tcpSocket:
|
||||
port: my-port
|
||||
|
||||
- it: allows using a non-default method as liveness probe
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
gitea:
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /api/healthz
|
||||
port: http
|
||||
initialDelaySeconds: 13371
|
||||
timeoutSeconds: 13372
|
||||
periodSeconds: 13373
|
||||
successThreshold: 13374
|
||||
failureThreshold: 13375
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.template.spec.containers[0].livenessProbe.tcpSocket
|
||||
- isSubset:
|
||||
path: spec.template.spec.containers[0].livenessProbe
|
||||
content:
|
||||
failureThreshold: 13375
|
||||
initialDelaySeconds: 13371
|
||||
periodSeconds: 13373
|
||||
successThreshold: 13374
|
||||
httpGet:
|
||||
path: /api/healthz
|
||||
port: http
|
||||
timeoutSeconds: 13372
|
||||
|
||||
- it: allows using a non-default method as readiness probe
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
gitea:
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /api/healthz
|
||||
port: http
|
||||
initialDelaySeconds: 13371
|
||||
timeoutSeconds: 13372
|
||||
periodSeconds: 13373
|
||||
successThreshold: 13374
|
||||
failureThreshold: 13375
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.template.spec.containers[0].readinessProbe.tcpSocket
|
||||
- isSubset:
|
||||
path: spec.template.spec.containers[0].readinessProbe
|
||||
content:
|
||||
failureThreshold: 13375
|
||||
initialDelaySeconds: 13371
|
||||
periodSeconds: 13373
|
||||
successThreshold: 13374
|
||||
httpGet:
|
||||
path: /api/healthz
|
||||
port: http
|
||||
timeoutSeconds: 13372
|
||||
|
||||
- it: allows using a non-default method as startup probe
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
gitea:
|
||||
startupProbe:
|
||||
enabled: true
|
||||
httpGet:
|
||||
path: /api/healthz
|
||||
port: http
|
||||
initialDelaySeconds: 13371
|
||||
timeoutSeconds: 13372
|
||||
periodSeconds: 13373
|
||||
successThreshold: 13374
|
||||
failureThreshold: 13375
|
||||
asserts:
|
||||
- notExists:
|
||||
path: spec.template.spec.containers[0].startupProbe.tcpSocket
|
||||
- isSubset:
|
||||
path: spec.template.spec.containers[0].startupProbe
|
||||
content:
|
||||
failureThreshold: 13375
|
||||
initialDelaySeconds: 13371
|
||||
periodSeconds: 13373
|
||||
successThreshold: 13374
|
||||
httpGet:
|
||||
path: /api/healthz
|
||||
port: http
|
||||
timeoutSeconds: 13372
|
||||
@@ -1,21 +0,0 @@
|
||||
suite: sidecar container
|
||||
release:
|
||||
name: gitea-unittests
|
||||
namespace: testing
|
||||
templates:
|
||||
- templates/gitea/deployment.yaml
|
||||
- templates/gitea/config.yaml
|
||||
tests:
|
||||
- it: supports adding a sidecar container
|
||||
template: templates/gitea/deployment.yaml
|
||||
set:
|
||||
extraContainers:
|
||||
- name: sidecar-bob
|
||||
image: busybox
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[1].name
|
||||
value: "sidecar-bob"
|
||||
- equal:
|
||||
path: spec.template.spec.containers[1].image
|
||||
value: "busybox"
|
||||
@@ -0,0 +1,93 @@
|
||||
suite: Test ingress.yaml
|
||||
templates:
|
||||
- templates/gitea/ingress.yaml
|
||||
tests:
|
||||
- it: should enable ingress when ingress.enabled is true
|
||||
set:
|
||||
ingress.enabled: true
|
||||
ingress.apiVersion: networking.k8s.io/v1
|
||||
ingress.annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
ingress.className: nginx
|
||||
ingress.tls:
|
||||
- hosts:
|
||||
- example.com
|
||||
secretName: tls-secret
|
||||
ingress.hosts:
|
||||
- host: example.com
|
||||
paths: ["/"]
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-gitea
|
||||
- matchRegex:
|
||||
path: apiVersion
|
||||
pattern: networking.k8s.io/v1
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: nginx
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "example.com"
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "example.com"
|
||||
- equal:
|
||||
path: spec.tls[0].secretName
|
||||
value: tls-secret
|
||||
- equal:
|
||||
path: metadata.annotations["kubernetes.io/ingress.class"]
|
||||
value: nginx
|
||||
|
||||
- it: should not create ingress when ingress.enabled is false
|
||||
set:
|
||||
ingress.enabled: false
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: Ingress Class using TPL
|
||||
set:
|
||||
global.ingress.className: "ingress-class"
|
||||
ingress.ingressClassName: "{{ .Values.global.ingress.className }}"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "some-host"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "some-host"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "some-host"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "some-host"
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: "ingress-class"
|
||||
|
||||
- it: hostname using TPL
|
||||
set:
|
||||
global.giteaHostName: "gitea.example.com"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "{{ .Values.global.giteaHostName }}"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "gitea.example.com"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "gitea.example.com"
|
||||
@@ -0,0 +1,34 @@
|
||||
suite: Test ingress.yaml
|
||||
templates:
|
||||
- templates/gitea/ingress.yaml
|
||||
tests:
|
||||
- it: should fail when both ingress.className and ingress.ingressClassName are defined
|
||||
template: templates/gitea/ingress.yaml
|
||||
set:
|
||||
ingress:
|
||||
enabled: true
|
||||
className: ingress-class
|
||||
ingressClassName: ingress-class
|
||||
asserts:
|
||||
- failedTemplate:
|
||||
errorMessage: "ingress.ingressClassName and ingress.className cannot be defined at the same time. Please only choose one."
|
||||
|
||||
- it: should succeed when only ingress.className is defined
|
||||
template: templates/gitea/ingress.yaml
|
||||
set:
|
||||
ingress.enabled: true
|
||||
ingress.className: "ingress-class"
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: ingress-class
|
||||
|
||||
- it: should succeed when only ingress.ingressClassName is defined
|
||||
template: templates/gitea/ingress.yaml
|
||||
set:
|
||||
ingress.enabled: true
|
||||
ingress.ingressClassName: "ingress-class"
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: ingress-class
|
||||
+20
-22
@@ -1,28 +1,7 @@
|
||||
suite: ingress template
|
||||
release:
|
||||
name: gitea-unittests
|
||||
namespace: testing
|
||||
suite: Test ingress tpl use
|
||||
templates:
|
||||
- templates/gitea/ingress.yaml
|
||||
tests:
|
||||
- it: hostname using TPL
|
||||
set:
|
||||
global.giteaHostName: "gitea.example.com"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "{{ .Values.global.giteaHostName }}"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "gitea.example.com"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "gitea.example.com"
|
||||
- it: Ingress Class using TPL
|
||||
set:
|
||||
global.ingress.className: "ingress-class"
|
||||
@@ -45,3 +24,22 @@ tests:
|
||||
- equal:
|
||||
path: spec.ingressClassName
|
||||
value: "ingress-class"
|
||||
|
||||
- it: hostname using TPL
|
||||
set:
|
||||
global.giteaHostName: "gitea.example.com"
|
||||
ingress.enabled: true
|
||||
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
|
||||
ingress.tls:
|
||||
- secretName: gitea-tls
|
||||
hosts:
|
||||
- "{{ .Values.global.giteaHostName }}"
|
||||
asserts:
|
||||
- isKind:
|
||||
of: Ingress
|
||||
- equal:
|
||||
path: spec.tls[0].hosts[0]
|
||||
value: "gitea.example.com"
|
||||
- equal:
|
||||
path: spec.rules[0].host
|
||||
value: "gitea.example.com"
|
||||
@@ -28,13 +28,15 @@ tests:
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
mkdir -pv /data/git/.ssh
|
||||
chmod -Rv 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
|
||||
|
||||
set -x
|
||||
mkdir -p /data/git/.ssh
|
||||
chmod -R 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
|
||||
|
||||
# prepare temp directory structure
|
||||
mkdir -pv "${GITEA_TEMP}"
|
||||
chmod -v ug+rwx "${GITEA_TEMP}"
|
||||
mkdir -p "${GITEA_TEMP}"
|
||||
chmod ug+rwx "${GITEA_TEMP}"
|
||||
- it: adds gpg script block for enabled signing
|
||||
set:
|
||||
signing.enabled: true
|
||||
@@ -49,18 +51,20 @@ tests:
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
mkdir -pv /data/git/.ssh
|
||||
chmod -Rv 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
|
||||
|
||||
set -x
|
||||
mkdir -p /data/git/.ssh
|
||||
chmod -R 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
|
||||
|
||||
# prepare temp directory structure
|
||||
mkdir -pv "${GITEA_TEMP}"
|
||||
chmod -v ug+rwx "${GITEA_TEMP}"
|
||||
mkdir -p "${GITEA_TEMP}"
|
||||
chmod ug+rwx "${GITEA_TEMP}"
|
||||
|
||||
if [ ! -d "${GNUPGHOME}" ]; then
|
||||
mkdir -pv "${GNUPGHOME}"
|
||||
chmod -v 700 "${GNUPGHOME}"
|
||||
chown -v 1000:1000 "${GNUPGHOME}"
|
||||
mkdir -p "${GNUPGHOME}"
|
||||
chmod 700 "${GNUPGHOME}"
|
||||
chown 1000:1000 "${GNUPGHOME}"
|
||||
fi
|
||||
- it: it does not chown /data even when image.fullOverride is set
|
||||
template: templates/gitea/init.yaml
|
||||
@@ -73,10 +77,12 @@ tests:
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
mkdir -pv /data/git/.ssh
|
||||
chmod -Rv 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
|
||||
|
||||
set -x
|
||||
mkdir -p /data/git/.ssh
|
||||
chmod -R 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
|
||||
|
||||
# prepare temp directory structure
|
||||
mkdir -pv "${GITEA_TEMP}"
|
||||
chmod -v ug+rwx "${GITEA_TEMP}"
|
||||
mkdir -p "${GITEA_TEMP}"
|
||||
chmod ug+rwx "${GITEA_TEMP}"
|
||||
|
||||
@@ -31,15 +31,17 @@ tests:
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
chown -v 1000:1000 /data
|
||||
mkdir -pv /data/git/.ssh
|
||||
chmod -Rv 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
|
||||
|
||||
set -x
|
||||
chown 1000:1000 /data
|
||||
mkdir -p /data/git/.ssh
|
||||
chmod -R 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
|
||||
|
||||
# prepare temp directory structure
|
||||
mkdir -pv "${GITEA_TEMP}"
|
||||
chown -v 1000:1000 "${GITEA_TEMP}"
|
||||
chmod -v ug+rwx "${GITEA_TEMP}"
|
||||
mkdir -p "${GITEA_TEMP}"
|
||||
chown 1000:1000 "${GITEA_TEMP}"
|
||||
chmod ug+rwx "${GITEA_TEMP}"
|
||||
- it: adds gpg script block for enabled signing
|
||||
set:
|
||||
image.rootless: false
|
||||
@@ -55,18 +57,20 @@ tests:
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -euo pipefail
|
||||
chown -v 1000:1000 /data
|
||||
mkdir -pv /data/git/.ssh
|
||||
chmod -Rv 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf
|
||||
|
||||
set -x
|
||||
chown 1000:1000 /data
|
||||
mkdir -p /data/git/.ssh
|
||||
chmod -R 700 /data/git/.ssh
|
||||
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
|
||||
|
||||
# prepare temp directory structure
|
||||
mkdir -pv "${GITEA_TEMP}"
|
||||
chown -v 1000:1000 "${GITEA_TEMP}"
|
||||
chmod -v ug+rwx "${GITEA_TEMP}"
|
||||
mkdir -p "${GITEA_TEMP}"
|
||||
chown 1000:1000 "${GITEA_TEMP}"
|
||||
chmod ug+rwx "${GITEA_TEMP}"
|
||||
|
||||
if [ ! -d "${GNUPGHOME}" ]; then
|
||||
mkdir -pv "${GNUPGHOME}"
|
||||
chmod -v 700 "${GNUPGHOME}"
|
||||
chown -v 1000:1000 "${GNUPGHOME}"
|
||||
mkdir -p "${GNUPGHOME}"
|
||||
chmod 700 "${GNUPGHOME}"
|
||||
chown 1000:1000 "${GNUPGHOME}"
|
||||
fi
|
||||
|
||||
@@ -1,89 +0,0 @@
|
||||
suite: ServiceMonitor template (basic)
|
||||
release:
|
||||
name: gitea-unittests
|
||||
namespace: testing
|
||||
templates:
|
||||
- templates/gitea/servicemonitor.yaml
|
||||
tests:
|
||||
- it: skips rendering by default
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
- it: renders default ServiceMonitor object with gitea.metrics.enabled=true
|
||||
set:
|
||||
gitea.metrics.enabled: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
- it: renders default ServiceMonitor object with gitea.metrics.serviceMonitor.enabled=true
|
||||
set:
|
||||
gitea.metrics.serviceMonitor.enabled: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
- it: renders defaults
|
||||
set:
|
||||
gitea.metrics.enabled: true
|
||||
gitea.metrics.serviceMonitor.enabled: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- containsDocument:
|
||||
kind: ServiceMonitor
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
name: gitea-unittests
|
||||
- notExists:
|
||||
path: metadata.annotations
|
||||
- notExists:
|
||||
path: spec.endpoints[0].interval
|
||||
- equal:
|
||||
path: spec.endpoints[0].port
|
||||
value: http
|
||||
- notExists:
|
||||
path: spec.endpoints[0].scheme
|
||||
- notExists:
|
||||
path: spec.endpoints[0].scrapeTimeout
|
||||
- notExists:
|
||||
path: spec.endpoints[0].tlsConfig
|
||||
- it: renders custom scrape interval
|
||||
set:
|
||||
gitea.metrics.enabled: true
|
||||
gitea.metrics.serviceMonitor.enabled: true
|
||||
gitea.metrics.serviceMonitor.interval: 30s
|
||||
gitea.metrics.serviceMonitor.scrapeTimeout: 5s
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.endpoints[0].interval
|
||||
value: 30s
|
||||
- equal:
|
||||
path: spec.endpoints[0].scrapeTimeout
|
||||
value: 5s
|
||||
- it: renders custom tls config
|
||||
set:
|
||||
gitea.metrics.enabled: true
|
||||
gitea.metrics.serviceMonitor.enabled: true
|
||||
gitea.metrics.serviceMonitor.scheme: https
|
||||
gitea.metrics.serviceMonitor.tlsConfig.caFile: /etc/prometheus/tls/ca.crt
|
||||
gitea.metrics.serviceMonitor.tlsConfig.certFile: /etc/prometheus/tls/tls.crt
|
||||
gitea.metrics.serviceMonitor.tlsConfig.keyFile: /etc/prometheus/tls/tls.key
|
||||
gitea.metrics.serviceMonitor.tlsConfig.insecureSkipVerify: false
|
||||
gitea.metrics.serviceMonitor.tlsConfig.serverName: gitea-unittest
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.endpoints[0].scheme
|
||||
value: https
|
||||
- equal:
|
||||
path: spec.endpoints[0].tlsConfig.caFile
|
||||
value: /etc/prometheus/tls/ca.crt
|
||||
- equal:
|
||||
path: spec.endpoints[0].tlsConfig.certFile
|
||||
value: /etc/prometheus/tls/tls.crt
|
||||
- equal:
|
||||
path: spec.endpoints[0].tlsConfig.keyFile
|
||||
value: /etc/prometheus/tls/tls.key
|
||||
- equal:
|
||||
path: spec.endpoints[0].tlsConfig.insecureSkipVerify
|
||||
value: false
|
||||
- equal:
|
||||
path: spec.endpoints[0].tlsConfig.serverName
|
||||
value: gitea-unittest
|
||||
+16
-43
@@ -20,9 +20,6 @@ global:
|
||||
# hostnames:
|
||||
# - example.com
|
||||
|
||||
## @param namespace An explicit namespace to deploy gitea into. Defaults to the release namespace if not specified
|
||||
namespace: ""
|
||||
|
||||
## @param replicaCount number of replicas for the deployment
|
||||
replicaCount: 1
|
||||
|
||||
@@ -157,33 +154,28 @@ service:
|
||||
|
||||
## @section Ingress
|
||||
## @param ingress.enabled Enable ingress
|
||||
## @param ingress.className Ingress class name
|
||||
## @param ingress.className DEPRECATED: Use `ingress.ingressClassName` instead.
|
||||
## @param ingress.ingressClassName Ingress class name
|
||||
## @param ingress.pathType Ingress Path Type
|
||||
## @param ingress.annotations Ingress annotations
|
||||
## @param ingress.hosts[0].host Default Ingress host
|
||||
## @param ingress.hosts[0].paths[0].path Default Ingress path
|
||||
## @param ingress.hosts[0].paths[0].pathType Ingress path type
|
||||
## @param ingress.hosts[0].paths Default Ingress path
|
||||
## @param ingress.tls Ingress tls settings
|
||||
## @extra ingress.apiVersion Specify APIVersion of ingress object. Mostly would only be used for argocd.
|
||||
ingress:
|
||||
enabled: false
|
||||
# className: nginx
|
||||
className:
|
||||
annotations:
|
||||
{}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
# DEPRECATED: Use `ingress.ingressClassName` instead.
|
||||
className: ""
|
||||
ingressClassName: ""
|
||||
pathType: Prefix
|
||||
annotations: {}
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: git.example.com
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
paths: []
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - git.example.com
|
||||
# Mostly for argocd or any other CI that uses `helm template | kubectl apply` or similar
|
||||
# If helm doesn't correctly detect your ingress API version you can set it here.
|
||||
# apiVersion: networking.k8s.io/v1
|
||||
|
||||
## @section deployment
|
||||
#
|
||||
@@ -283,12 +275,6 @@ persistence:
|
||||
annotations:
|
||||
helm.sh/resource-policy: keep
|
||||
|
||||
## @param extraContainers Additional sidecar containers to run in the pod
|
||||
extraContainers: []
|
||||
# - name: sidecar-bob
|
||||
# image: busybox
|
||||
# command: [/bin/sh, -c, 'echo "Hello world"; sleep 86400']
|
||||
|
||||
## @param extraVolumes Additional volumes to mount to the Gitea deployment
|
||||
extraVolumes: []
|
||||
# - name: postgres-ssl-vol
|
||||
@@ -365,23 +351,13 @@ gitea:
|
||||
passwordMode: keepUpdated
|
||||
|
||||
## @param gitea.metrics.enabled Enable Gitea metrics
|
||||
## @param gitea.metrics.serviceMonitor.enabled Enable Gitea metrics service monitor. Requires, that `gitea.metrics.enabled` is also set to true, to enable metrics generally.
|
||||
## @param gitea.metrics.serviceMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.
|
||||
## @param gitea.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping.
|
||||
## @param gitea.metrics.serviceMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`. Default is http.
|
||||
## @param gitea.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.
|
||||
## @param gitea.metrics.serviceMonitor.tlsConfig TLS configuration to use when scraping the metric endpoint by Prometheus.
|
||||
## @param gitea.metrics.serviceMonitor.enabled Enable Gitea metrics service monitor
|
||||
metrics:
|
||||
enabled: false
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
# additionalLabels:
|
||||
# prometheus-release: prom1
|
||||
interval: ""
|
||||
relabelings: []
|
||||
scheme: ""
|
||||
scrapeTimeout: ""
|
||||
tlsConfig: {}
|
||||
|
||||
## @param gitea.ldap LDAP configuration
|
||||
ldap:
|
||||
@@ -507,8 +483,6 @@ gitea:
|
||||
|
||||
## @section redis-cluster
|
||||
## @param redis-cluster.enabled Enable redis cluster
|
||||
# ⚠️ The redis charts do not work well with special characters in the password (<https://gitea.com/gitea/helm-chart/issues/690>).
|
||||
# Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed.
|
||||
## @param redis-cluster.usePassword Whether to use password authentication
|
||||
## @param redis-cluster.cluster.nodes Number of redis cluster master nodes
|
||||
## @param redis-cluster.cluster.replicas Number of redis cluster master node replicas
|
||||
@@ -525,8 +499,6 @@ redis-cluster:
|
||||
## @section redis
|
||||
## @param redis.enabled Enable redis standalone or replicated
|
||||
## @param redis.architecture Whether to use standalone or replication
|
||||
# ⚠️ The redis charts do not work well with special characters in the password (<https://gitea.com/gitea/helm-chart/issues/690>).
|
||||
# Consider omitting such or open an issue in the Bitnami repo and let us know once this got fixed.
|
||||
## @param redis.global.redis.password Required password
|
||||
## @param redis.master.count Number of Redis master instances to deploy
|
||||
## @descriptionStart
|
||||
@@ -552,7 +524,7 @@ redis:
|
||||
## @param postgresql-ha.postgresql.postgresPassword postgres Password
|
||||
## @param postgresql-ha.pgpool.adminPassword pgpool adminPassword
|
||||
## @param postgresql-ha.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`)
|
||||
## @param postgresql-ha.persistence.size PVC Storage Request for PostgreSQL HA volume
|
||||
## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL HA volume
|
||||
postgresql-ha:
|
||||
global:
|
||||
postgresql:
|
||||
@@ -569,8 +541,9 @@ postgresql-ha:
|
||||
service:
|
||||
ports:
|
||||
postgresql: 5432
|
||||
persistence:
|
||||
size: 10Gi
|
||||
primary:
|
||||
persistence:
|
||||
size: 10Gi
|
||||
|
||||
## @section PostgreSQL
|
||||
#
|
||||
|
||||
Reference in New Issue
Block a user