Migrate to generic config

Chart.yaml

@@ -3,7 +3,7 @@ name: gitea
 description: Gitea Helm chart for Kubernetes
 type: application
 version: 0.0.0
-appVersion: 1.15.8
+appVersion: 1.15.4
 icon: https://docs.gitea.io/images/gitea.png
 
 keywords:
@@ -34,6 +34,14 @@ dependencies:
   repository: https://charts.bitnami.com/bitnami
   version: 5.9.0
   condition: memcached.enabled
+- name: redis-cluster
+  repository: https://charts.bitnami.com/bitnami
+  version: 6.2.3
+  condition: redis-cluster.enabled
+- name: redis
+  repository: https://charts.bitnami.com/bitnami
+  version: 14.6.6
+  condition: redis.enabled
 - name: mysql
   repository: https://charts.bitnami.com/bitnami
   version: 6.14.10
@@ -42,6 +50,10 @@ dependencies:
   repository: https://charts.bitnami.com/bitnami
   version: 10.3.17
   condition: postgresql.enabled
+- name: postgresql-ha
+  repository: https://charts.bitnami.com/bitnami
+  version: 7.7.3
+  condition: postgresql-ha.enabled
 - name: mariadb
   repository: https://charts.bitnami.com/bitnami
   version: 9.3.6

README.md

@@ -109,13 +109,12 @@ gitea:
   podAnnotations: {}
 ```
 
-### Multiple OAuth and LDAP authentication sources
+### Multiple OAuth authentication sources
 
 With `5.0.0` of this Chart it is now possible to configure Gitea with multiple
-OAuth and LDAP sources. As a result, you need to update an existing OAuth/LDAP configuration
+OAuth sources. As a result, you need to update an existing OAuth configuration
 in your customized `values.yaml` by replacing the object with settings to a list
-of settings objects. See [OAuth2 Settings](#oauth-settings) and
-[LDAP Settings](#ldap-settings) section for details.
+of settings objects. See [OAuth2 Settings](#oauth-settings) section for details.
 
 ## Chart upgrade from 3.x.x to 4.0.0
 
@@ -214,6 +213,73 @@ signing:
   gpgHome: /data/git/.gnupg
 ```
 
+## Gitea - HA
+
+With Version 4.1.x the helm chart supports Gitea running in HA(High Availability)
+mode. To run Gitea in HA you'll need to set a few values in order to run successfully.
+
+### Redis
+
+HA requires a Queue to run, we're going to use redis as default for this.
+
+```yaml
+redis:
+  enabled: true
+```
+
+You can also run Redis in HA mode:
+
+```yaml
+redis-cluster:
+  enabled: true
+```
+
+Both variants can be found at [Bitnami](https://github.com/bitnami/charts).
+
+Once redis is enabled, the chart will automatically configure Gitea to run with
+redis queue, indexer and session. Running with Redis already provides a sticky
+session, which saves you the trouble from configuring your ingress running with
+a sticky session.
+The following values are autogenerated.
+However you can overwrite any setting in the config section of the chart.
+
+```bash
+[session]
+PROVIDER        = redis
+PROVIDER_CONFIG = redis://:gitea@gitea-redis-master.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s
+
+[queue]
+CONN_STR = redis://:gitea@gitea-redis-master.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s
+TYPE     = redis
+
+[queue.issue_indexer]
+TYPE = redis
+```
+
+### Persistence
+
+When running in HA you cannot use the default persistence for the chart.
+You'll need to setup an extra PVC running with access mode "RWX" - "ReadWriteMany".
+Otherwise the chart will create a PVC for every replica.
+
+```yaml
+persistence:
+  enabled: true
+  existingClaim: rwx-pvc-gitea
+```
+
+### PostgreSQL
+
+You can also run PostgreSQL in HA mode also provided by
+[Bitnami](https://github.com/bitnami/charts).
+:warning: Please disable the default PostgreSQL version,
+when you enabled the HA PostgreSQL.
+
+```yaml
+postgresql-ha:
+  enabled: true
+```
+
 ## Examples
 
 ### Gitea Configuration
@@ -683,7 +749,7 @@ gitea:
 | Parameter          | Description                                                                               | Default       |
 | ------------------ | ----------------------------------------------------------------------------------------- | ------------- |
 | `image.repository` | Image to start for this pod                                                               | `gitea/gitea` |
-| `image.tag`        | [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated)       | `1.15.8`      |
+| `image.tag`        | [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated)       | `1.14.6`      |
 | `image.pullPolicy` | Image pull policy                                                                         | `Always`      |
 | `image.rootless`   | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `false`       |
 
@@ -792,6 +858,40 @@ Configure Liveness, Readiness and Startup
 | `gitea.startupProbe.successThreshold`      | Minimum consecutive success probes                                   | `1`     |
 | `gitea.startupProbe.failureThreshold`      | Minimum consecutive error probes                                     | `10`    |
 
+### Redis BuiltIn
+
+Redis is loaded as a dependency from
+[Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/redis)
+if enabled in the values. Complete Configuration can be taken from their website.
+
+The following parameters are the defaults set by this chart
+
+| Parameter                  | Description                                      | Default                      |
+|----------------------------|--------------------------------------------------|------------------------------|
+|redis.enabled               | Enable or disable redis                          | `false`                      |
+|redis.global.redis.password | Redis default password                           | `gitea`                      |
+|redis.auth.password         | Redis default password needed for chart upgrades | `gitea`                      |
+| redis.master.service.port  | Redis default port                               | `6379`                       |
+| redis.replica.replicaCount | Redis replicaCount                               | `2`                          |
+
+### Redis-Cluster BuiltIn
+
+Redis-Cluster is loaded as a dependency from
+[Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/redis-cluster)
+if enabled in the values. Complete Configuration can be taken from their website.
+
+The following parameters are the defaults set by this chart
+
+| Parameter                          | Description                                      | Default   |
+|------------------------------------|--------------------------------------------------|-----------|
+|redis-cluster.enabled               | Enable or disable redis-cluster                  | `false`   |
+|redis-cluster.global.redis.password | Redis default password                           | `gitea`   |
+|redis-cluster.password              | Redis default password                           | `gitea`   |
+|redis.auth.password                 | Redis default password needed for chart upgrades | `gitea`   |
+| redis-cluster.service.port         | Redis default port                               | `6379`    |
+| redis-cluster.cluster.nodes        | Redis nodes                                      | `6`       |
+| redis-cluster.cluster.replicas     | Redis replicas                                   | `1`       |
+
 ### Memcached BuiltIn
 
 Memcached is loaded as a dependency from
@@ -840,6 +940,29 @@ The following parameters are the defaults set by this chart
 | `postgresql.persistence.size`                     | PVC Storage Request for PostgreSQL volume                | `10Gi`  |
 | `postgresql.enabled`                              | Enable PostgreSQL dependency                             | `true`  |
 
+### PostgreSQL-HA BuiltIn
+
+PostgreSQL-HA is loaded as a dependency from Bitnami. The chart configuration
+can be found in this
+[Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) repository.
+
+The following parameters are the defaults set by this chart
+
+| Parameter                                       | Description                               | Default   |
+|-------------------------------------------------|-------------------------------------------|-----------|
+|`postgresql-ha.enabled`                          | Enable or disable PostgreSQL-HA           | `false`   |
+|`postgresql-ha.postgresql.password`              | PostgreSQL password                       | `gitea`   |
+|`postgresql-ha.postgresql.repmgrPassword`        | PostgreSQL repmgr password                | `gitea`   |
+|`postgresql-ha.pgpool.adminPassword`             | PostgreSQL pgpool password                | `gitea`   |
+|`postgresql-ha.global.postgresql.username`       | PostgreSQL username                       | `gitea`   |
+|`postgresql-ha.global.postgresql.password`       | PostgreSQL admin password                 | `gitea`   |
+|`postgresql-ha.global.postgresql.database`       | PostgreSQL default database               | `gitea`   |
+|`postgresql-ha.global.postgresql.repmgrPassword` | PostgreSQL repmgr password                | `gitea`   |
+|`postgresql-ha.global.postgresql.repmgrUsername` | PostgreSQL repmgr username                | `gitea`   |
+|`postgresql-ha.global.postgresql.repmgrDatabase` | PostgreSQL repmgr default database        | `gitea`   |
+|`postgresql-ha.service.port`                     | PostgreSQL port                           | `5432`    |
+|`postgresql-ha.persistence.size`                 | PVC Storage Request for PostgreSQL volume | `10Gi`    |
+
 ### MariaDB BuiltIn
 
 MariaDB is loaded as a dependency from bitnami. Configuration can be found in

templates/_helpers.tpl

@@ -66,6 +66,8 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- define "db.servicename" -}}
 {{- if .Values.postgresql.enabled -}}
 {{- printf "%s-postgresql" .Release.Name -}}
+{{- else if (index .Values "postgresql-ha").enabled -}}
+{{- printf "%s-postgresql-ha-pgpool" .Release.Name -}}
 {{- else if .Values.mysql.enabled -}}
 {{- printf "%s-mysql" .Release.Name -}}
 {{- else if .Values.mariadb.enabled -}}
@@ -79,6 +81,8 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- define "db.port" -}}
 {{- if .Values.postgresql.enabled -}}
 {{ .Values.postgresql.global.postgresql.servicePort }}
+{{- else if (index .Values "postgresql-ha").enabled -}}
+{{ (index .Values "postgresql-ha").service.port }}
 {{- else if .Values.mysql.enabled -}}
 {{ .Values.mysql.service.port }}
 {{- else if .Values.mariadb.enabled -}}
@@ -88,7 +92,11 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end -}}
 
 {{- define "postgresql.dns" -}}
+{{- if .Values.postgresql.enabled -}}
 {{- printf "%s-postgresql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.postgresql.global.postgresql.servicePort -}}
+{{- else if (index .Values "postgresql-ha").enabled -}}
+{{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha").service.port -}}
+{{- end -}}
 {{- end -}}
 
 {{- define "mysql.dns" -}}
@@ -103,6 +111,30 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- printf "%s-memcached.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.memcached.service.port | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
+{{- define "redis.dns" -}}
+{{- if (index .Values "redis-cluster").enabled -}}
+{{- printf "redis+cluster://:%s@%s-redis-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis-cluster").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis-cluster").service.port -}}
+{{- else if .Values.redis.enabled -}}
+{{- printf "redis://:%s@%s-redis-master.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s" .Values.redis.global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain .Values.redis.master.service.port -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "redis.port" -}}
+{{- if (index .Values "redis-cluster").enabled -}}
+{{ (index .Values "redis-cluster").service.port }}
+{{- else if .Values.redis.enabled -}}
+{{ .Values.redis.master.service.port }}
+{{- end -}}
+{{- end -}}
+
+{{- define "redis.servicename" -}}
+{{- if (index .Values "redis-cluster").enabled -}}
+{{- printf "%s-redis-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
+{{- else if .Values.redis.enabled -}}
+{{- printf "%s-redis-master.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
+{{- end -}}
+{{- end -}}
+
 {{- define "gitea.default_domain" -}}
 {{- printf "%s-gitea.%s.svc.%s" (include "gitea.fullname" .) .Release.Namespace .Values.clusterDomain | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
@@ -207,6 +239,18 @@ app.kubernetes.io/instance: {{ .Release.Name }}
   {{- if not (hasKey .Values.gitea.config "oauth2") -}}
     {{- $_ := set .Values.gitea.config "oauth2" dict -}}
   {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "session") -}}
+    {{- $_ := set .Values.gitea.config "session" dict -}}
+  {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "queue") -}}
+    {{- $_ := set .Values.gitea.config "queue" dict -}}
+  {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "queue.issue_indexer") -}}
+    {{- $_ := set .Values.gitea.config "queue.issue_indexer" dict -}}
+  {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "indexer") -}}
+    {{- $_ := set .Values.gitea.config "indexer" dict -}}
+  {{- end -}}
 {{- end -}}
 
 {{- define "gitea.inline_configuration.defaults" -}}
@@ -222,13 +266,24 @@ app.kubernetes.io/instance: {{ .Release.Name }}
   {{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}}
     {{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}}
   {{- end -}}
-  {{- if .Values.memcached.enabled -}}
+  {{- if or .Values.memcached.enabled (index .Values "redis-cluster").enabled .Values.redis.enabled -}}
     {{- $_ := set .Values.gitea.config.cache "ENABLED" "true" -}}
-    {{- $_ := set .Values.gitea.config.cache "ADAPTER" "memcache" -}}
+    {{- $_ := set .Values.gitea.config.cache "ADAPTER" (ternary "memcache" "redis" .Values.memcached.enabled) -}}
     {{- if not (.Values.gitea.config.cache.HOST) -}}
-      {{- $_ := set .Values.gitea.config.cache "HOST" (include "memcached.dns" .) -}}
+      {{- $_ := set .Values.gitea.config.cache "HOST" (ternary (include "memcached.dns" .) (include "redis.dns" .) .Values.memcached.enabled) -}}
     {{- end -}}
   {{- end -}}
+  {{- /* redis queue */ -}}
+  {{- if or (index .Values "redis-cluster").enabled  .Values.redis.enabled -}}
+    {{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}}
+    {{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "redis.dns" .) -}}
+    {{- $_ := set (index .Values.gitea.config "queue.issue_indexer") "TYPE" "redis" -}}
+  {{- end -}}
+  {{- /* multiple replicas */ -}}
+  {{- if gt .Values.replicaCount 1.0 -}}
+    {{- $_ := set .Values.gitea.config.session  "PROVIDER" "redis" -}}
+    {{- $_ := set .Values.gitea.config.session  "PROVIDER_CONFIG" (include "redis.dns" .) -}}
+  {{- end -}}
 {{- end -}}
 
 {{- define "gitea.inline_configuration.defaults.server" -}}
@@ -291,6 +346,14 @@ app.kubernetes.io/instance: {{ .Release.Name }}
     {{- $_ := set .Values.gitea.config.database "NAME"      .Values.postgresql.global.postgresql.postgresqlDatabase -}}
     {{- $_ := set .Values.gitea.config.database "USER"      .Values.postgresql.global.postgresql.postgresqlUsername -}}
     {{- $_ := set .Values.gitea.config.database "PASSWD"    .Values.postgresql.global.postgresql.postgresqlPassword -}}
+  {{- else if (index .Values "postgresql-ha").enabled -}}
+    {{- $_ := set .Values.gitea.config.database "DB_TYPE"   "postgres" -}}
+    {{- if not (.Values.gitea.config.database.HOST) -}}
+      {{- $_ := set .Values.gitea.config.database "HOST"      (include "postgresql.dns" .) -}}
+    {{- end -}}
+    {{- $_ := set .Values.gitea.config.database "NAME"      (index .Values "postgresql-ha").global.postgresql.database -}}
+    {{- $_ := set .Values.gitea.config.database "USER"      (index .Values "postgresql-ha").global.postgresql.username -}}
+    {{- $_ := set .Values.gitea.config.database "PASSWD"    (index .Values "postgresql-ha").global.postgresql.password -}}
   {{- else if .Values.mysql.enabled -}}
     {{- $_ := set .Values.gitea.config.database "DB_TYPE"   "mysql" -}}
     {{- if not (.Values.gitea.config.database.HOST) -}}

templates/gitea/config.yaml

@@ -125,3 +125,4 @@ stringData:
     fi
 
     environment-to-ini -o $GITEA_APP_INI -p ENV_TO_INI
+    

templates/gitea/init.yaml

@@ -30,9 +30,7 @@ stringData:
 
     # prepare temp directory structure
     mkdir -p "${GITEA_TEMP}"
-    {{- if not .Values.image.rootless }}
     chown 1000:1000 "${GITEA_TEMP}"
-    {{- end }}
     chmod ug+rwx "${GITEA_TEMP}"
 
   configure_gitea.sh: |-
@@ -62,6 +60,27 @@ stringData:
     test_db_connection
     {{- end }}
 
+    {{- if include "redis.servicename" . }}
+    function test_redis_connection() {
+      local RETRY=0
+      local MAX=30
+      
+      echo 'Wait for redis to become avialable...'
+      until [ "${RETRY}" -ge "${MAX}" ]; do
+        nc -vz -w2 {{ include "redis.servicename" . }} {{ include "redis.port" . }} && break
+        RETRY=$[${RETRY}+1]
+        echo "...not ready yet (${RETRY}/${MAX})"
+      done
+
+      if [ "${RETRY}" -ge "${MAX}" ]; then
+        echo "Redis not reachable after '${MAX}' attempts!"
+        exit 1
+      fi
+    }
+
+    test_redis_connection
+    {{- end }}
+
     echo '==== BEGIN GITEA CONFIGURATION ===='
 
     gitea migrate

values.yaml

@@ -8,7 +8,7 @@ clusterDomain: cluster.local
 
 image:
   repository: gitea/gitea
-  tag: 1.15.8
+  tag: 1.15.4
   pullPolicy: Always
   rootless: false # only possible when running 1.14 or later
 
@@ -123,6 +123,7 @@ persistence:
   # storageClass:
   # subPath:
 
+
 # additional volumes to add to the Gitea statefulset.
 extraVolumes:
 # - name: postgres-ssl-vol
@@ -248,6 +249,31 @@ memcached:
   service:
     port: 11211
 
+redis:
+  enabled: false
+  global:
+    redis:
+      password: gitea
+  auth:
+    password: gitea
+  master:
+    service:
+      port: 6379
+  replica:
+    replicaCount: 2
+
+redis-cluster:
+  enabled: false
+  password: gitea
+  global:
+    redis:
+      password: gitea
+  cluster:
+    nodes: 6
+    replicas: 1
+  service:
+    port: 6379
+
 postgresql:
   enabled: true
   global:
@@ -259,6 +285,26 @@ postgresql:
   persistence:
     size: 10Gi
 
+postgresql-ha:
+  enabled: false
+  postgresql:
+    password: gitea
+    repmgrPassword: gitea
+  pgpool:
+    adminPassword: gitea
+  global:
+    postgresql:
+      database: gitea
+      username: gitea
+      password: gitea
+      repmgrPassword: postgresql
+      repmgrUsername: postgresql
+      repmgrDatabase: repr
+  service:
+    port: 5432
+  persistence:
+    size: 10Gi
+
 mysql:
   enabled: false
   root: