Add gpg configuration settings #343
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: lunny/helm-chart#343
Reference in New Issue
Block a user
No description provided.
Delete Branch "refs/pull/343/head"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description of the change
This PR adds support for gpg key setup. It allows to pass the gpg private key content inline inside
values.yamlor refer to an existing secret containing the key content data.Benefits
Administrators don't need to manually setup the gpg environment from inside a running container. It also eliminates the breaking change of Gitea 1.17 regarding
[git].HOMEas theGNUPGHOMEenvironment variable is used consistently to relocate the.gnupgdirectory to its former location.Applicable issues
Additional information
This PR add the first unit tests to this Helm Chart, ensuring templating integrity for signing related configuration.
Checklist
values.yamland added to theREADME.mdusing readme-generator-for-helm@ -695,3 +512,1 @@When using the rootless image the gpg key folder is not persistent by default.If you consider using signed commits for internal Gitea activities (e.g. initial commit), you'd need to provide a signing key.Prior to [PR186](https://gitea.com/gitea/helm-chart/pulls/186), imported keys had to be re-imported once the container got replaced by another.When using the rootless image the gpg key folder is not persistent by@lafriks Suggested changes applied and conflicts resolved.
LGTM!
@ -46,1 +45,3 @@chown -v 1000:1000 "${GNUPGHOME}"mkdir -p "${GNUPGHOME}"chmod 700 "${GNUPGHOME}"chown 1000:1000 "${GNUPGHOME}"Shouldn't we get this from runAsUser from ctonainerSecurityContext, if set?
That's true. Unfortunately, the whole init directory script is currently locked to 1000:1000. I suggest handling it with #338 in another PR, if that's OK for you.
sure :)
LGTM
@justusbunsi I've briefly skimmed over this PR. It's large and I assume you've tested it locally besides the new unit tests?
Is there anything left preventing this from getting merged? I guess you got a bit under pressure with the 1.17 release and all the discussions about it around the helm chart. Maybe right now is a good moment to merge this one then?
@pat-s
Yep, failing unit tests after the last PR merge into main. ?
Need to fix them first.
@pat-s I've fixed the unit tests and this should be ready getting merged. As I am the pull request initiator I don't want to merge myself. Or is this not important to us?
Yes.
Good Q, I guess one could argue in both ways. Given that there were already two approvals and you didn't do any major refactoring afterwards, it should be ok to self-merge?
This broke me while update from v6.0.1 to v6.0.2 ?
This should have been a major bump or at least a minor.
Yes, you are right, we already discussed this in Discord. Sorry for the troubles!
You should be able to just roll back and only bump the gitea image tag.