Migrate to generic config

.drone.yml

@@ -10,26 +10,24 @@ platform:
 steps:
 - name: helm lint
   pull: always
-  image: alpine:3.16
+  image: alpine:3.13
   commands:
   - apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing helm
   - helm lint
 
 - name: helm template
   pull: always
-  image: alpine:3.16
+  image: alpine:3.13
   commands:
   - apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing helm
   - helm dependency update
   - helm template --debug gitea-helm .
 
-- name: verify readme
+- name: markdown lint
   pull: always
-  image: alpine:3.16
+  image: docker.io/volkerraschek/markdownlint:latest
   commands:
-  - apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing make npm git
-  - make readme
-  - git diff --exit-code --name-only README.md
+  - markdownlint *.md
 
 - name: discord
   pull: always
@@ -44,7 +42,6 @@ steps:
     - changed
     - failure
 
-
 ---
 kind: pipeline
 type: docker
@@ -61,7 +58,7 @@ trigger:
 steps:
 - name: generate-chart
   pull: always
-  image: alpine:3.16
+  image: alpine:3.13
   commands:
     - apk add --no-cache -X http://dl-cdn.alpinelinux.org/alpine/edge/testing helm
     - apk add --no-cache curl
@@ -77,7 +74,8 @@ steps:
   image: plugins/s3:latest
   settings:
     bucket: gitea-artifacts
-    endpoint: https://ams3.digitaloceanspaces.com
+    endpoint: https://storage.gitea.io
+    path_style: true
     access_key:
       from_secret: aws_access_key_id
     secret_key:

.gitea/PULL_REQUEST_TEMPLATE.md

@@ -1,41 +0,0 @@
-<!--
- Before you open the request please review the following guidelines and tips to help it be more easily integrated:
-
- - Describe the scope of your change - i.e. what the change does.
- - Describe any known limitations with your change.
- - Please run any tests or examples that can exercise your modified code.
-
- Thank you for contributing! We will try to review, test and integrate the change as soon as we can.
- -->
-
-### Description of the change
-
-<!-- Describe the scope of your change - i.e. what the change does. -->
-
-### Benefits
-
-<!-- What benefits will be realized by the code change? -->
-
-### Possible drawbacks
-
-<!-- Describe any known limitations with your change -->
-
-### Applicable issues
-
-<!-- Enter any applicable Issues here (You can reference an issue using #). Please remove this section if there is no referenced issue. -->
-  - fixes #
-
-### Additional information
-
-<!-- If there's anything else that's important and relevant to your pull request, mention that information here. Please remove this section if it remains empty. -->
-
-### ⚠ BREAKING
-
-<!-- If there's a breaking change, please shortly describe in which way users are affected and how they can mitigate it. If there are no breakings, please remove this section. -->
-
-### Checklist
-
-<!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] -->
-
-- [ ] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm)
-- [ ] Breaking changes are documented in the `README.md`

.gitignore

@@ -1,3 +1,3 @@
-charts/
-node_modules/
+charts
+Chart.lock
 .DS_Store

.helmignore

@@ -20,8 +20,5 @@
 .idea/
 *.tmproj
 .vscode/
-node_modules/
-.npmrc
-package.json
-package-lock.json
-.gitea/
+#charts/
+#Chart.lock

.markdownlintignore

@@ -1,3 +0,0 @@
-.gitea/
-node_modules/
-charts/

.npmrc

@@ -1 +0,0 @@
-engine-strict=true

CONTRIBUTING.md

@@ -1,52 +0,0 @@
-# Contribution Guidelines
-
-Any type of contribution is welcome; from new features, bug fixes, tests,
-refactorings for easier maintainability or documentation improvements.
-
-## Development environment
-
-- [`node`](https://nodejs.org/en/) at least current LTS
-- [`helm`](https://helm.sh/docs/intro/install/)
-- `make` is optional; you may call the commands directly
-
-When using Visual Studio Code as IDE, following plugins might be useful:
-
-- [Markdown All in One](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)
-- [markdownlint](https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint)
-- [Helm Intellisense](https://marketplace.visualstudio.com/items?itemName=Tim-Koehler.helm-intellisense)
-
-## Documentation Requirements
-
-The `README.md` must include all configuration options. The parameters section
-is generated by extracting the parameter annotations from the `values.yaml` file,
-by using [this tool](https://github.com/bitnami-labs/readme-generator-for-helm).
-
-If changes were made on configuration options, run `make readme` to update the
-README file.
-
-## Pull Request Requirements
-
-When submitting or updating a PR:
-
-- make sure it passes CI builds.
-- do not make independent changes in one PR.
-- try to avoid rebases. They make code reviews for large PRs and comments much harder.
-- if applicable, use the PR template for a well-defined PR description.
-- clearly mark breaking changes.
-
-## Local development & testing
-
-For local development and testing of pull requests, the following workflow can
-be used:
-
-1. Install `minikube` and `helm`.
-2. Start a `minikube` cluster via `minikube start`.
-3. From the `gitea/helm-chart` directory execute the following command. This
-   will install the dependencies listed in `Chart.yml` and deploy the current
-   state of the helm chart found locally. If you want to test a branch, make
-   sure to switch to the respective branch first.
-  `helm install --dependency-update gitea . -f values.yaml`.
-4. Gitea is now deployed in `minikube`. To access it, it's port needs to be
-   forwarded first from `minikube` to localhost first via `kubectl --namespace
-   default port-forward svc/gitea-http 3000:3000`. Now Gitea is accessible at
-   [http://localhost:3000](http://localhost:3000).

Chart.lock

@@ -1,15 +0,0 @@
-dependencies:
-- name: memcached
-  repository: https://raw.githubusercontent.com/bitnami/charts/pre-2022/bitnami
-  version: 5.9.0
-- name: mysql
-  repository: https://raw.githubusercontent.com/bitnami/charts/pre-2022/bitnami
-  version: 6.14.10
-- name: postgresql
-  repository: https://raw.githubusercontent.com/bitnami/charts/pre-2022/bitnami
-  version: 10.3.17
-- name: mariadb
-  repository: https://raw.githubusercontent.com/bitnami/charts/pre-2022/bitnami
-  version: 9.3.6
-digest: sha256:08f967276fa0c083e9756a974a9791a487a71be0a226dc14351b3e5a2641e8fd
-generated: "2022-06-11T12:18:36.672047+02:00"

Chart.yaml

@@ -3,7 +3,7 @@ name: gitea
 description: Gitea Helm chart for Kubernetes
 type: application
 version: 0.0.0
-appVersion: 1.17.2
+appVersion: 1.15.4
 icon: https://docs.gitea.io/images/gitea.png
 
 keywords:
@@ -29,21 +29,32 @@ maintainers:
   - name: Steven Kriegler
     email: sk.bunsenbrenner@gmail.com
 
-# Bitnami charts are served from GitHub CDN - See https://github.com/bitnami/charts/issues/10539 for details
 dependencies:
 - name: memcached
-  repository: https://raw.githubusercontent.com/bitnami/charts/pre-2022/bitnami
+  repository: https://charts.bitnami.com/bitnami
   version: 5.9.0
   condition: memcached.enabled
+- name: redis-cluster
+  repository: https://charts.bitnami.com/bitnami
+  version: 6.2.3
+  condition: redis-cluster.enabled
+- name: redis
+  repository: https://charts.bitnami.com/bitnami
+  version: 14.6.6
+  condition: redis.enabled
 - name: mysql
-  repository: https://raw.githubusercontent.com/bitnami/charts/pre-2022/bitnami
+  repository: https://charts.bitnami.com/bitnami
   version: 6.14.10
   condition: mysql.enabled
 - name: postgresql
-  repository: https://raw.githubusercontent.com/bitnami/charts/pre-2022/bitnami
+  repository: https://charts.bitnami.com/bitnami
   version: 10.3.17
   condition: postgresql.enabled
+- name: postgresql-ha
+  repository: https://charts.bitnami.com/bitnami
+  version: 7.7.3
+  condition: postgresql-ha.enabled
 - name: mariadb
-  repository: https://raw.githubusercontent.com/bitnami/charts/pre-2022/bitnami
+  repository: https://charts.bitnami.com/bitnami
   version: 9.3.6
   condition: mariadb.enabled

Makefile

@@ -1,8 +0,0 @@
-.PHONY: prepare-environment
-prepare-environment:
-	npm install
-
-.PHONY: readme
-readme: prepare-environment
-	npm run readme:parameters
-	npm run readme:lint

package.json

@@ -1,19 +0,0 @@
-{
-  "name": "gitea-helm-chart",
-  "homepage": "https://gitea.com/gitea/helm-chart.git",
-  "license": "MIT",
-  "private": true,
-  "engineStrict": true,
-  "engines": {
-    "node": ">=16.0.0",
-    "npm": ">=8.0.0"
-  },
-  "scripts": {
-    "readme:lint": "markdownlint *.md -f",
-    "readme:parameters": "readme-generator -v values.yaml -r README.md"
-  },
-  "devDependencies": {
-    "markdownlint-cli": "^0.31.1",
-    "readme-generator-for-helm": "https://github.com/bitnami-labs/readme-generator-for-helm/tarball/main"
-  }
-}

templates/_helpers.tpl

@@ -35,40 +35,10 @@ Create chart name and version as used by the chart label.
 Create image name and tag used by the deployment.
 */}}
 {{- define "gitea.image" -}}
-{{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}}
 {{- $name := .Values.image.repository -}}
-{{- $tag := .Values.image.tag | default .Chart.AppVersion -}}
+{{- $tag := ternary .Values.image.version .Values.image.tag (hasKey .Values.image "version") -}}
 {{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}}
-{{- if $registry -}}
-  {{- printf "%s/%s:%s%s" $registry $name $tag $rootless -}}
-{{- else -}}
-  {{- printf "%s:%s%s" $name $tag $rootless -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Docker Image Registry Secret Names evaluating values as templates
-*/}}
-{{- define "gitea.images.pullSecrets" -}}
-{{- $pullSecrets := .Values.imagePullSecrets -}}
-{{- range .Values.global.imagePullSecrets -}}
-    {{- $pullSecrets = append $pullSecrets (dict "name" .) -}}
-{{- end -}}
-{{- if (not (empty $pullSecrets)) }}
-imagePullSecrets:
-{{ toYaml $pullSecrets }}
-{{- end }}
-{{- end -}}
-
-
-{{/*
-Storage Class
-*/}}
-{{- define "gitea.persistence.storageClass" -}}
-{{- $storageClass := .Values.global.storageClass | default .Values.persistence.storageClass }}
-{{- if $storageClass }}
-storageClassName: {{ $storageClass | quote }}
-{{- end }}
+{{- printf "%s:%s%s" $name $tag $rootless -}}
 {{- end -}}
 
 {{/*
@@ -78,8 +48,10 @@ Common labels
 helm.sh/chart: {{ include "gitea.chart" . }}
 app: {{ include "gitea.name" . }}
 {{ include "gitea.selectorLabels" . }}
-app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
-version: {{ .Values.image.tag | default .Chart.AppVersion | quote }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+version: {{ .Chart.AppVersion | quote }}
+{{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end -}}
 
@@ -91,8 +63,40 @@ app.kubernetes.io/name: {{ include "gitea.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end -}}
 
+{{- define "db.servicename" -}}
+{{- if .Values.postgresql.enabled -}}
+{{- printf "%s-postgresql" .Release.Name -}}
+{{- else if (index .Values "postgresql-ha").enabled -}}
+{{- printf "%s-postgresql-ha-pgpool" .Release.Name -}}
+{{- else if .Values.mysql.enabled -}}
+{{- printf "%s-mysql" .Release.Name -}}
+{{- else if .Values.mariadb.enabled -}}
+{{- printf "%s-mariadb" .Release.Name -}}
+{{- else if ne .Values.gitea.config.database.DB_TYPE "sqlite3" -}}
+{{- $parts := split ":" .Values.gitea.config.database.HOST -}}
+{{- printf "%s %s" $parts._0 $parts._1 -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "db.port" -}}
+{{- if .Values.postgresql.enabled -}}
+{{ .Values.postgresql.global.postgresql.servicePort }}
+{{- else if (index .Values "postgresql-ha").enabled -}}
+{{ (index .Values "postgresql-ha").service.port }}
+{{- else if .Values.mysql.enabled -}}
+{{ .Values.mysql.service.port }}
+{{- else if .Values.mariadb.enabled -}}
+{{ .Values.mariadb.primary.service.port }}
+{{- else -}}
+{{- end -}}
+{{- end -}}
+
 {{- define "postgresql.dns" -}}
+{{- if .Values.postgresql.enabled -}}
 {{- printf "%s-postgresql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.postgresql.global.postgresql.servicePort -}}
+{{- else if (index .Values "postgresql-ha").enabled -}}
+{{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha").service.port -}}
+{{- end -}}
 {{- end -}}
 
 {{- define "mysql.dns" -}}
@@ -107,6 +111,30 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- printf "%s-memcached.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.memcached.service.port | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
+{{- define "redis.dns" -}}
+{{- if (index .Values "redis-cluster").enabled -}}
+{{- printf "redis+cluster://:%s@%s-redis-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis-cluster").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis-cluster").service.port -}}
+{{- else if .Values.redis.enabled -}}
+{{- printf "redis://:%s@%s-redis-master.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s" .Values.redis.global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain .Values.redis.master.service.port -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "redis.port" -}}
+{{- if (index .Values "redis-cluster").enabled -}}
+{{ (index .Values "redis-cluster").service.port }}
+{{- else if .Values.redis.enabled -}}
+{{ .Values.redis.master.service.port }}
+{{- end -}}
+{{- end -}}
+
+{{- define "redis.servicename" -}}
+{{- if (index .Values "redis-cluster").enabled -}}
+{{- printf "%s-redis-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
+{{- else if .Values.redis.enabled -}}
+{{- printf "%s-redis-master.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}}
+{{- end -}}
+{{- end -}}
+
 {{- define "gitea.default_domain" -}}
 {{- printf "%s-gitea.%s.svc.%s" (include "gitea.fullname" .) .Release.Namespace .Values.clusterDomain | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
@@ -160,14 +188,6 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end -}}
 {{- end -}}
 
-{{- define "gitea.public_protocol" -}}
-{{- if and .Values.ingress.enabled (gt (len .Values.ingress.tls) 0) -}}
-https
-{{- else -}}
-{{ .Values.gitea.config.server.PROTOCOL }}
-{{- end -}}
-{{- end -}}
-
 {{- define "gitea.inline_configuration" -}}
   {{- include "gitea.inline_configuration.init" . -}}
   {{- include "gitea.inline_configuration.defaults" . -}}
@@ -219,6 +239,18 @@ https
   {{- if not (hasKey .Values.gitea.config "oauth2") -}}
     {{- $_ := set .Values.gitea.config "oauth2" dict -}}
   {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "session") -}}
+    {{- $_ := set .Values.gitea.config "session" dict -}}
+  {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "queue") -}}
+    {{- $_ := set .Values.gitea.config "queue" dict -}}
+  {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "queue.issue_indexer") -}}
+    {{- $_ := set .Values.gitea.config "queue.issue_indexer" dict -}}
+  {{- end -}}
+  {{- if not (hasKey .Values.gitea.config "indexer") -}}
+    {{- $_ := set .Values.gitea.config "indexer" dict -}}
+  {{- end -}}
 {{- end -}}
 
 {{- define "gitea.inline_configuration.defaults" -}}
@@ -234,13 +266,24 @@ https
   {{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}}
     {{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}}
   {{- end -}}
-  {{- if .Values.memcached.enabled -}}
+  {{- if or .Values.memcached.enabled (index .Values "redis-cluster").enabled .Values.redis.enabled -}}
     {{- $_ := set .Values.gitea.config.cache "ENABLED" "true" -}}
-    {{- $_ := set .Values.gitea.config.cache "ADAPTER" "memcache" -}}
+    {{- $_ := set .Values.gitea.config.cache "ADAPTER" (ternary "memcache" "redis" .Values.memcached.enabled) -}}
     {{- if not (.Values.gitea.config.cache.HOST) -}}
-      {{- $_ := set .Values.gitea.config.cache "HOST" (include "memcached.dns" .) -}}
+      {{- $_ := set .Values.gitea.config.cache "HOST" (ternary (include "memcached.dns" .) (include "redis.dns" .) .Values.memcached.enabled) -}}
     {{- end -}}
   {{- end -}}
+  {{- /* redis queue */ -}}
+  {{- if or (index .Values "redis-cluster").enabled  .Values.redis.enabled -}}
+    {{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}}
+    {{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "redis.dns" .) -}}
+    {{- $_ := set (index .Values.gitea.config "queue.issue_indexer") "TYPE" "redis" -}}
+  {{- end -}}
+  {{- /* multiple replicas */ -}}
+  {{- if gt .Values.replicaCount 1.0 -}}
+    {{- $_ := set .Values.gitea.config.session  "PROVIDER" "redis" -}}
+    {{- $_ := set .Values.gitea.config.session  "PROVIDER_CONFIG" (include "redis.dns" .) -}}
+  {{- end -}}
 {{- end -}}
 
 {{- define "gitea.inline_configuration.defaults.server" -}}
@@ -258,7 +301,15 @@ https
     {{- end -}}
   {{- end -}}
   {{- if not .Values.gitea.config.server.ROOT_URL -}}
-    {{- $_ := set .Values.gitea.config.server "ROOT_URL" (printf "%s://%s" (include "gitea.public_protocol" .) .Values.gitea.config.server.DOMAIN) -}}
+    {{- if .Values.ingress.enabled -}}
+      {{- if gt (len .Values.ingress.tls) 0 -}}
+        {{- $_ := set .Values.gitea.config.server "ROOT_URL" (printf "%s://%s" .Values.gitea.config.server.PROTOCOL (index (index .Values.ingress.tls 0).hosts 0)) -}}
+      {{- else -}}
+        {{- $_ := set .Values.gitea.config.server "ROOT_URL" (printf "%s://%s" .Values.gitea.config.server.PROTOCOL (index .Values.ingress.hosts 0).host) -}}
+      {{- end -}}
+    {{- else -}}
+      {{- $_ := set .Values.gitea.config.server "ROOT_URL" (printf "%s://%s" .Values.gitea.config.server.PROTOCOL .Values.gitea.config.server.DOMAIN) -}}
+    {{- end -}}
   {{- end -}}
   {{- if not .Values.gitea.config.server.SSH_DOMAIN -}}
     {{- $_ := set .Values.gitea.config.server "SSH_DOMAIN" .Values.gitea.config.server.DOMAIN -}}
@@ -295,6 +346,14 @@ https
     {{- $_ := set .Values.gitea.config.database "NAME"      .Values.postgresql.global.postgresql.postgresqlDatabase -}}
     {{- $_ := set .Values.gitea.config.database "USER"      .Values.postgresql.global.postgresql.postgresqlUsername -}}
     {{- $_ := set .Values.gitea.config.database "PASSWD"    .Values.postgresql.global.postgresql.postgresqlPassword -}}
+  {{- else if (index .Values "postgresql-ha").enabled -}}
+    {{- $_ := set .Values.gitea.config.database "DB_TYPE"   "postgres" -}}
+    {{- if not (.Values.gitea.config.database.HOST) -}}
+      {{- $_ := set .Values.gitea.config.database "HOST"      (include "postgresql.dns" .) -}}
+    {{- end -}}
+    {{- $_ := set .Values.gitea.config.database "NAME"      (index .Values "postgresql-ha").global.postgresql.database -}}
+    {{- $_ := set .Values.gitea.config.database "USER"      (index .Values "postgresql-ha").global.postgresql.username -}}
+    {{- $_ := set .Values.gitea.config.database "PASSWD"    (index .Values "postgresql-ha").global.postgresql.password -}}
   {{- else if .Values.mysql.enabled -}}
     {{- $_ := set .Values.gitea.config.database "DB_TYPE"   "mysql" -}}
     {{- if not (.Values.gitea.config.database.HOST) -}}
@@ -313,21 +372,3 @@ https
     {{- $_ := set .Values.gitea.config.database "PASSWD"    .Values.mariadb.auth.password -}}
   {{- end -}}
 {{- end -}}
-
-{{- define "gitea.init-additional-mounts" -}}
-  {{- /* Honor the deprecated extraVolumeMounts variable when defined */ -}}
-  {{- if gt (len .Values.extraInitVolumeMounts) 0 -}}
-    {{- toYaml .Values.extraInitVolumeMounts -}}
-  {{- else if gt (len .Values.extraVolumeMounts) 0 -}}
-    {{- toYaml .Values.extraVolumeMounts -}}
-  {{- end -}}
-{{- end -}}
-
-{{- define "gitea.container-additional-mounts" -}}
-  {{- /* Honor the deprecated extraVolumeMounts variable when defined */ -}}
-  {{- if gt (len .Values.extraContainerVolumeMounts) 0 -}}
-    {{- toYaml .Values.extraContainerVolumeMounts -}}
-  {{- else if gt (len .Values.extraVolumeMounts) 0 -}}
-    {{- toYaml .Values.extraVolumeMounts -}}
-  {{- end -}}
-{{- end -}}

templates/gitea/config.yaml

@@ -63,41 +63,6 @@ stringData:
       export "ENV_TO_INI__${masked_section^^}__${setting^^}=${value}"        # '^^' makes the variable content uppercase
     }
 
-    function env2ini::reload_preset_envs() {
-      env2ini::log "Reloading preset envs..."
-
-      while read -r line; do
-        if [[ -z "${line}" ]]; then
-          # skip empty line
-          return
-        fi
-
-        # 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line
-        local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)"
-
-        if [[ -z "${setting}" ]]; then
-          env2ini::log '  ! invalid setting'
-          exit 1
-        fi
-
-        local value=''
-        local regex="^${setting}(\s*)=(\s*)(.*)"
-        if [[ $line =~ $regex ]]; then
-          value="${BASH_REMATCH[3]}"
-        else
-          env2ini::log '  ! invalid setting'
-          exit 1
-        fi
-
-        env2ini::log "  + '${setting}'"
-
-        export "${setting^^}=${value}"                           # '^^' makes the variable content uppercase
-      done < "/tmp/existing-envs"
-
-      rm /tmp/existing-envs
-    }
-
-
     function env2ini::process_config_file() {
       local config_file="${1}"
       local section="$(basename "${config_file}")"
@@ -117,15 +82,13 @@ stringData:
     function env2ini::load_config_sources() {
       local path="${1}"
 
-      if [[ -d "${path}" ]]; then
-        env2ini::log "Processing $(basename "${path}")..."
+      env2ini::log "Processing $(basename "${path}")..."
 
-        while read -d '' configFile; do
-          env2ini::process_config_file "${configFile}"
-        done < <(find "${path}" -type l -not -name '..data' -print0)
+      while read -d '' configFile; do
+        env2ini::process_config_file "${configFile}"
+      done < <(find "${path}" -type l -not -name '..data' -print0)
 
-        env2ini::log "\n"
-      fi
+      env2ini::log "\n"
     }
 
     function env2ini::generate_initial_secrets() {
@@ -137,22 +100,16 @@ stringData:
       export ENV_TO_INI__SECURITY__INTERNAL_TOKEN=$(gitea generate secret INTERNAL_TOKEN)
       export ENV_TO_INI__SECURITY__SECRET_KEY=$(gitea generate secret SECRET_KEY)
       export ENV_TO_INI__OAUTH2__JWT_SECRET=$(gitea generate secret JWT_SECRET)
-      export ENV_TO_INI__SERVER__LFS_JWT_SECRET=$(gitea generate secret LFS_JWT_SECRET)
 
       env2ini::log "...Initial secrets generated\n"
     }
 
-    env | (grep ENV_TO_INI || [[ $? == 1 ]]) > /tmp/existing-envs
-    
     # MUST BE CALLED BEFORE OTHER CONFIGURATION
     env2ini::generate_initial_secrets
 
     env2ini::load_config_sources '/env-to-ini-mounts/inlines/'
     env2ini::load_config_sources '/env-to-ini-mounts/additionals/'
 
-    # load existing envs to override auto generated envs
-    env2ini::reload_preset_envs
-
     env2ini::log "=== All configuration sources loaded ===\n"
 
     # safety to prevent rewrite of secret keys if an app.ini already exists
@@ -161,12 +118,11 @@ stringData:
       env2ini::log '  - security.INTERNAL_TOKEN'
       env2ini::log '  - security.SECRET_KEY'
       env2ini::log '  - oauth2.JWT_SECRET'
-      env2ini::log '  - server.LFS_JWT_SECRET'
 
       unset ENV_TO_INI__SECURITY__INTERNAL_TOKEN
       unset ENV_TO_INI__SECURITY__SECRET_KEY
       unset ENV_TO_INI__OAUTH2__JWT_SECRET
-      unset ENV_TO_INI__SERVER__LFS_JWT_SECRET
     fi
 
     environment-to-ini -o $GITEA_APP_INI -p ENV_TO_INI
+    

templates/gitea/http-svc.yaml

@@ -21,13 +21,6 @@ spec:
   externalIPs:
     {{- toYaml .Values.service.http.externalIPs | nindent 4 }}
   {{- end }}
-  {{- if .Values.service.http.ipFamilyPolicy }}
-  ipFamilyPolicy: {{ .Values.service.http.ipFamilyPolicy }}
-  {{- end }}
-  {{- with .Values.service.http.ipFamilies }}
-  ipFamilies:
-  {{- toYaml . | nindent 4 }}
-  {{- end -}}
   {{- if .Values.service.http.externalTrafficPolicy }}
   externalTrafficPolicy: {{ .Values.service.http.externalTrafficPolicy }}
   {{- end }}

templates/gitea/init.yaml

@@ -30,9 +30,7 @@ stringData:
 
     # prepare temp directory structure
     mkdir -p "${GITEA_TEMP}"
-    {{- if not .Values.image.rootless }}
     chown 1000:1000 "${GITEA_TEMP}"
-    {{- end }}
     chmod ug+rwx "${GITEA_TEMP}"
 
   configure_gitea.sh: |-
@@ -40,15 +38,52 @@ stringData:
 
     set -euo pipefail
 
+    {{- if include "db.servicename" . }}
+    # Connection retry inspired by https://gist.github.com/dublx/e99ea94858c07d2ca6de
+    function test_db_connection() {
+      local RETRY=0
+      local MAX=30
+
+      echo 'Wait for database to become avialable...'
+      until [ "${RETRY}" -ge "${MAX}" ]; do
+        nc -vz -w2 {{ include "db.servicename" . }} {{ include "db.port" . }} && break
+        RETRY=$[${RETRY}+1]
+        echo "...not ready yet (${RETRY}/${MAX})"
+      done
+
+      if [ "${RETRY}" -ge "${MAX}" ]; then
+        echo "Database not reachable after '${MAX}' attempts!"
+        exit 1
+      fi
+    }
+
+    test_db_connection
+    {{- end }}
+
+    {{- if include "redis.servicename" . }}
+    function test_redis_connection() {
+      local RETRY=0
+      local MAX=30
+      
+      echo 'Wait for redis to become avialable...'
+      until [ "${RETRY}" -ge "${MAX}" ]; do
+        nc -vz -w2 {{ include "redis.servicename" . }} {{ include "redis.port" . }} && break
+        RETRY=$[${RETRY}+1]
+        echo "...not ready yet (${RETRY}/${MAX})"
+      done
+
+      if [ "${RETRY}" -ge "${MAX}" ]; then
+        echo "Redis not reachable after '${MAX}' attempts!"
+        exit 1
+      fi
+    }
+
+    test_redis_connection
+    {{- end }}
+
     echo '==== BEGIN GITEA CONFIGURATION ===='
 
-    { # try
-      gitea migrate
-    } || { # catch
-      echo "Gitea migrate might fail due to database connection...This init-container will try again in a few seconds"
-      exit 1
-    }
-    
+    gitea migrate
 
     {{- if or .Values.gitea.admin.existingSecret (and .Values.gitea.admin.username .Values.gitea.admin.password) }}
     function configure_admin_user() {

templates/gitea/ssh-svc.yaml

@@ -26,13 +26,6 @@ spec:
   externalIPs:
     {{- toYaml .Values.service.ssh.externalIPs | nindent 4 }}
   {{- end }}
-  {{- if .Values.service.ssh.ipFamilyPolicy }}
-  ipFamilyPolicy: {{ .Values.service.ssh.ipFamilyPolicy }}
-  {{- end }}
-  {{- with .Values.service.ssh.ipFamilies }}
-  ipFamilies:
-  {{- toYaml . | nindent 4 }}
-  {{- end -}}
   {{- if .Values.service.ssh.externalTrafficPolicy }}
   externalTrafficPolicy: {{ .Values.service.ssh.externalTrafficPolicy }}
   {{- end }}

templates/gitea/statefulset.yaml

@@ -2,10 +2,6 @@ apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: {{ include "gitea.fullname" . }}
-  annotations:
-    {{- if .Values.statefulset.annotations }}
-    {{- toYaml .Values.statefulset.annotations | nindent 4 }}
-    {{- end }}
   labels:
     {{- include "gitea.labels" . | nindent 4 }}
 spec:
@@ -39,13 +35,15 @@ spec:
       {{- if .Values.schedulerName }}
       schedulerName: "{{ .Values.schedulerName }}"
       {{- end }}
-      {{- include "gitea.images.pullSecrets" . | nindent 6 }}
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
       securityContext:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       initContainers:
         - name: init-directories
           image: "{{ include "gitea.image" . }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
           command: ["/usr/sbin/init_directory_structure.sh"]
           env:
             - name: GITEA_APP_INI
@@ -69,12 +67,13 @@ spec:
               {{- if .Values.persistence.subPath }}
               subPath: {{ .Values.persistence.subPath }}
               {{- end }}
-            {{- include "gitea.init-additional-mounts" . | nindent 12 }}
+            {{- if .Values.extraVolumeMounts }}
+            {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
+            {{- end }}
           securityContext:
             {{- toYaml .Values.containerSecurityContext | nindent 12 }}
         - name: init-app-ini
           image: "{{ include "gitea.image" . }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
           command: ["/usr/sbin/config_environment.sh"]
           env:
             - name: GITEA_APP_INI
@@ -88,9 +87,6 @@ spec:
             {{- if .Values.statefulset.env }}
             {{- toYaml .Values.statefulset.env | nindent 12 }}
             {{- end }}
-            {{- if .Values.gitea.additionalConfigFromEnvs }}
-            {{- toYaml .Values.gitea.additionalConfigFromEnvs | nindent 12 }}
-            {{- end }}
           volumeMounts:
             - name: config
               mountPath: /usr/sbin
@@ -107,13 +103,14 @@ spec:
             - name: additional-config-sources-{{ $idx }}
               mountPath: "/env-to-ini-mounts/additionals/{{ $idx }}/"
             {{- end }}
-            {{- include "gitea.init-additional-mounts" . | nindent 12 }}
+            {{- if .Values.extraVolumeMounts }}
+            {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
+            {{- end }}
           securityContext:
             {{- toYaml .Values.containerSecurityContext | nindent 12 }}
         - name: configure-gitea
           image: "{{ include "gitea.image" . }}"
           command: ["/usr/sbin/configure_gitea.sh"]
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
           securityContext:
             {{- /* By default this container runs as user 1000 unless otherwise stated */ -}}
             {{- $csc := deepCopy .Values.containerSecurityContext -}}
@@ -197,7 +194,9 @@ spec:
               {{- if .Values.persistence.subPath }}
               subPath: {{ .Values.persistence.subPath }}
               {{- end }}
-            {{- include "gitea.init-additional-mounts" . | nindent 12 }}
+            {{- if .Values.extraVolumeMounts }}
+            {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
+            {{- end }}
       terminationGracePeriodSeconds: {{ .Values.statefulset.terminationGracePeriodSeconds }}
       containers:
         - name: {{ .Chart.Name }}
@@ -229,26 +228,23 @@ spec:
           ports:
             - name: ssh
               containerPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }}
-            {{- if .Values.service.ssh.hostPort }}
-              hostPort: {{ .Values.service.ssh.hostPort }}
-            {{- end }}
             - name: http
               containerPort: {{ .Values.gitea.config.server.HTTP_PORT }}
             {{- if .Values.gitea.config.server.ENABLE_PPROF }}
             - name: profiler
               containerPort: 6060
             {{- end }}
-          {{- if .Values.gitea.livenessProbe.enabled }}
+          {{- if .Values.gitea.livenessProbe }}
           livenessProbe:
-            {{- toYaml (omit .Values.gitea.livenessProbe "enabled") | nindent 12 }}
+            {{- toYaml .Values.gitea.livenessProbe | nindent 12 }}
           {{- end }}
-          {{- if .Values.gitea.readinessProbe.enabled }}
+          {{- if .Values.gitea.readinessProbe }}
           readinessProbe:
-            {{- toYaml (omit .Values.gitea.readinessProbe "enabled") | nindent 12 }}
+            {{- toYaml .Values.gitea.readinessProbe | nindent 12 }}
           {{- end }}
-          {{- if .Values.gitea.startupProbe.enabled }}
+          {{- if .Values.gitea.startupProbe }}
           startupProbe:
-            {{- toYaml (omit .Values.gitea.startupProbe "enabled") | nindent 12 }}
+            {{- toYaml .Values.gitea.startupProbe | nindent 12 }}
           {{- end }}
           resources:
             {{- toYaml .Values.resources | nindent 12 }}
@@ -267,7 +263,9 @@ spec:
               {{- if .Values.persistence.subPath }}
               subPath: {{ .Values.persistence.subPath }}
               {{- end }}
-            {{- include "gitea.container-additional-mounts" . | nindent 12 }}
+            {{- if .Values.extraVolumeMounts }}
+            {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
+            {{- end }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
@@ -279,10 +277,6 @@ spec:
     {{- with .Values.tolerations }}
       tolerations:
         {{- toYaml . | nindent 8 }}
-    {{- end }}
-    {{- if .Values.dnsConfig }}
-      dnsConfig:
-        {{- toYaml .Values.dnsConfig | nindent 8 }}
     {{- end }}
       volumes:
         - name: init
@@ -293,7 +287,7 @@ spec:
           secret:
             secretName: {{ include "gitea.fullname" . }}
             defaultMode: 110
-        {{- if gt (len .Values.extraVolumes) 0 }}
+        {{- if .Values.extraVolumes }}
         {{- toYaml .Values.extraVolumes | nindent 8 }}
         {{- end }}
         - name: inline-config-sources
@@ -335,7 +329,9 @@ spec:
           {{- range .Values.persistence.accessModes }}
             - {{ . | quote }}
           {{- end }}
-        {{- include "gitea.persistence.storageClass" . | indent 8 }}
+        {{- if .Values.persistence.storageClass }}
+        storageClassName: {{ .Values.persistence.storageClass | quote }}
+        {{- end }}
         resources:
           requests:
             storage: {{ .Values.persistence.size | quote }}