lunny/helm-chart
1
0
Fork 0
Code Issues 36 Pull Requests 14 Actions Packages Projects Releases 93 Wiki Activity

Rework OAuth sources #244

Merged
justusbunsi merged 1 commits from refs/pull/244/head into master 2021-12-20 14:43:56 +00:00
Conversation 10 Commits 1 Files Changed 4 +49 -2
justusbunsi commented 2021-11-13 12:20:44 +00:00 (Migrated from gitea.com)
Copy Link

This change request includes two different things to improve OAuth source handling:

  • Allow multiple OAuth source configuration (Fixes: #191)
  • Support reading sensitive OAuth configuration data from Kubernetes secrets (Closes: #242)

⚠️ BREAKING ⚠️

Users need to migrate their gitea.oauth configuration.

This change request includes two different things to improve OAuth source handling: - Allow multiple OAuth source configuration (Fixes: #191) - Support reading sensitive OAuth configuration data from Kubernetes secrets (Closes: #242) ⚠️ BREAKING ⚠️ --- Users need to migrate their `gitea.oauth` configuration.
luhahn (Migrated from gitea.com) reviewed 2021-11-18 10:46:05 +00:00
luhahn commented 2021-12-13 08:51:44 +00:00 (Migrated from gitea.com)
Copy Link

#248 was merged, we can continue here :)

#248 was merged, we can continue here :)
justusbunsi commented 2021-12-13 11:42:05 +00:00 (Migrated from gitea.com)
Copy Link

Yay ?

Yay ?
justusbunsi commented 2021-12-18 10:09:28 +00:00 (Migrated from gitea.com)
Copy Link

Updated and ready for review

Updated and ready for review
luhahn (Migrated from gitea.com) approved these changes 2021-12-20 09:51:58 +00:00
luhahn (Migrated from gitea.com) left a comment
Copy Link

LGTM

LGTM
zeripath (Migrated from gitea.com) approved these changes 2021-12-20 13:55:22 +00:00
zeripath (Migrated from gitea.com) left a comment
Copy Link

this conversion of yaml to cli options seems quite fragile and hacky.

We may want to consider having commands that would ingest the yaml directly.

However, if you're certain that this is the correct approach then LGTM.

this conversion of yaml to cli options seems quite fragile and hacky. We may want to consider having commands that would ingest the yaml directly. However, if you're certain that this is the correct approach then LGTM.
justusbunsi commented 2021-12-20 14:21:27 +00:00 (Migrated from gitea.com)
Copy Link

@zeripath It is fragile and hacky.? I would consider it the right approach at the moment.

Literally a few hours ago I had a chat with luhahn about a quite generic way of having a configuration-as-code for Gitea natively. There are other tools like Jenkins with a plugin providing such stuff and it is awesome. I'll try to implement something similar in Gitea and create a PR for it to discuss a bit more but am not sure when I have enough time for it as I'm not so deep into the Gitea code.

@zeripath It **is** fragile and hacky.? I would consider it the right approach at the moment. Literally a few hours ago I had a chat with luhahn about a quite generic way of having a configuration-as-code for Gitea natively. There are other tools like Jenkins with a plugin providing such stuff and it is awesome. I'll try to implement something similar in Gitea and create a PR for it to discuss a bit more but am not sure when I have enough time for it as I'm not so deep into the Gitea code.
samip537 commented 2021-12-21 01:42:03 +00:00 (Migrated from gitea.com)
Copy Link

I would like to point out that this fails currently (Using flux so that variable subtition is fine):

gitea:
      oauth:
        - name: 'Authentik'
          provider: openidConnect
          existingSecret: gitea-oauth-secret
          autoDiscoverUrl: https://id.{SECRET_DOMAIN}/application/o/gitea/.well-known/openid-configuration

Normal  error  <invalid> (x6 over <invalid>)  helm-controller  reconciliation failed: Helm install failed: template: gitea/templates/gitea/statefulset.yaml:21:27: executing "gitea/templates/gitea/statefulset.yaml" at <include "gitea.oauth_settings" .>: error calling include: template: gitea/templates/_helpers.tpl:139:7: executing "gitea.oauth_settings" at <ne $key "enabled">: error calling ne: incompatible types for compariso
I would like to point out that this fails currently (Using flux so that variable subtition is fine): ```yaml gitea: oauth: - name: 'Authentik' provider: openidConnect existingSecret: gitea-oauth-secret autoDiscoverUrl: https://id.{SECRET_DOMAIN}/application/o/gitea/.well-known/openid-configuration ``` ``` Normal error <invalid> (x6 over <invalid>) helm-controller reconciliation failed: Helm install failed: template: gitea/templates/gitea/statefulset.yaml:21:27: executing "gitea/templates/gitea/statefulset.yaml" at <include "gitea.oauth_settings" .>: error calling include: template: gitea/templates/_helpers.tpl:139:7: executing "gitea.oauth_settings" at <ne $key "enabled">: error calling ne: incompatible types for compariso ```
justusbunsi commented 2021-12-21 07:13:16 +00:00 (Migrated from gitea.com)
Copy Link

The log seems to be trimmed. Do you have the full log?

The log seems to be trimmed. Do you have the full log?
justusbunsi commented 2021-12-21 07:15:24 +00:00 (Migrated from gitea.com)
Copy Link

And: Have you tried this with the latest released 1.4.1? I've never encountered such a problem before.
In addition: Did Flux actually fetch new source for the Helm Chart yet?

And: Have you tried this with the latest released 1.4.1? I've never encountered such a problem before. In addition: Did Flux actually fetch new source for the Helm Chart yet?
luhahn commented 2021-12-21 08:59:32 +00:00 (Migrated from gitea.com)
Copy Link

@samip537 It looks like you're using an old version, "gitea.oauth_settings" at <ne $key "enabled">: the enabled key was removed with this PR.

Please notice, that the current master branch has not been released

@samip537 It looks like you're using an old version, "gitea.oauth_settings" at <ne $key "enabled">: the enabled key was removed with this PR. Please notice, that the current master branch has not been released
justusbunsi commented 2021-12-21 10:49:56 +00:00 (Migrated from gitea.com)
Copy Link

Hi @samip537. I've tested FluxCD with the latest master source code for the Helm Chart and it works as expected. You can find my used Flux resources in my test repository:

We also opened PR #267 to make sure the obsolete and now invalid option enabled won't cause problems in the future.

Hi @samip537. I've tested FluxCD with the latest master source code for the Helm Chart and it works as expected. You can find my used Flux resources in my test repository: - [Gitea Helm Repository](https://gitea.com/justusbunsi/flux-gitea-helm-chart-test/src/branch/main/clusters/wsl/helm/repositories/gitea.yaml) - [Gitea Helm Release](https://gitea.com/justusbunsi/flux-gitea-helm-chart-test/src/branch/main/clusters/wsl/helm/releases/gitea.yaml) including customized values.yaml We also opened PR #267 to make sure the obsolete and now invalid option `enabled` won't cause problems in the future.
samip537 commented 2021-12-21 21:29:39 +00:00 (Migrated from gitea.com)
Copy Link

Ahh, okey. Somehow I thought that it was already released, my bad but then that makes perfect sense. :)

Ahh, okey. Somehow I thought that it was already released, my bad but then that makes perfect sense. :)
Sign in to join this conversation.
Reviewers
No Reviewers
luhahn
zeripath
Labels
Clear labels
has/backport
in progress
invalid
kind/breaking
kind/bug
kind/build
kind/dependency
kind/deployment
kind/docs
kind/enhancement
kind/feature
kind/lint
kind/proposal
kind/question
kind/refactor
kind/security
kind/testing
kind/translation
kind/ui
need/backport
priority/critical
priority/low
priority/maybe
priority/medium
reviewed/duplicate
reviewed/invalid
reviewed/wontfix
skip-changelog
status/blocked
status/needs-feedback
status/needs-reviews
status/wip
upstream/gitea
upstream/other
No Label
kind/breaking
kind/feature
Milestone
No items
No Milestone 5.0.0
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: lunny/helm-chart#244
No description provided.
Delete Branch "refs/pull/244/head"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?