lunny/helm-chart
1
0
Fork 0
Code Issues 36 Pull Requests 14 Actions Packages Projects Releases 93 Wiki Activity

helm - 1.21.2 init error - gitea/gitea:1.21.2-rootless no working #589

New Issue
Closed
opened 2023-12-20 13:37:00 +00:00 by clemenko · 8 comments
clemenko commented 2023-12-20 13:37:00 +00:00 (Migrated from gitea.com)
Copy Link

It appears that the init pod configure-gitea is not working correctly in 1.21.

Using

helm upgrade -i gitea gitea-charts/gitea --namespace gitea --create-namespace --set gitea.admin.password=Pa22word --set gitea.admin.username=gitea --set persistence.size=500Mi --set gitea.config.server.ROOT_URL=http://git.44.204.189.252.sslip.io --set gitea.config.server.DOMAIN=git.44.204.189.252.sslip.io --set ingress.enabled=true --set ingress.hosts[0].host=git.44.204.189.252.sslip.io --set ingress.hosts[0].paths[0].path=/ --set ingress.hosts[0].paths[0].pathType=Prefix --set postgresql.enabled=false  --set postgresql-ha.enabled=false --set redis-cluster.enabled=false --set gitea.config.database.DB_TYPE=sqlite3 --set gitea.config.session.PROVIDER=memory  --set gitea.config.cache.ADAPTER=memory --set gitea.config.queue.TYPE=level

I am getting a crashloopbackoff

[root@ip-172-31-88-159 ~]# kubectl get pod -n gitea
NAME                    READY   STATUS                  RESTARTS        AGE
gitea-5cdc5c466-vg2ng   0/1     Init:CrashLoopBackOff   6 (2m41s ago)   8m57s

Here is the error

[root@ip-172-31-88-159 ~]# kubectl logs -n gitea gitea-5cdc5c466-vg2ng configure-gitea
==== BEGIN GITEA CONFIGURATION ====
2023/12/20 13:23:41 .../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.
2023/12/20 13:23:41 cmd/migrate.go:33:runMigrate() [I] AppPath: /usr/local/bin/gitea
2023/12/20 13:23:41 cmd/migrate.go:34:runMigrate() [I] AppWorkPath: /data
2023/12/20 13:23:41 cmd/migrate.go:35:runMigrate() [I] Custom path: /data/gitea
2023/12/20 13:23:41 cmd/migrate.go:36:runMigrate() [I] Log path: /data/log
2023/12/20 13:23:41 cmd/migrate.go:37:runMigrate() [I] Configuration file: /data/gitea/conf/app.ini
2023/12/20 13:23:41 ...2@v2.25.7/command.go:267:Run() [I] PING DATABASE sqlite3
2023/12/20 13:23:41 ...2@v2.25.7/command.go:267:Run() [W] Table system_setting Column version db default is , struct default is 1
Admin account 'gitea' already exist. Running update to sync password...
2023/12/20 13:23:41 .../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.
Command error: user does not exist [uid: 0, name: gitea, keyid: 0]

testing it with --set image.tag=1.21.1 everything works as expected.

It appears that 1.21.2-rootless is having an issue

 configure-gitea:
    Container ID:  containerd://c8fd134195e202be5fa83500a4bcda26811dcbc4cc44a2a54b6466326de9ad8f
    Image:         gitea/gitea:1.21.2-rootless
    Image ID:      docker.io/gitea/gitea@sha256:1fd1c7656160ff629f9d8271badb25a450f20f8a6254f45c03147bb08d22c99c
It appears that the init pod `configure-gitea` is not working correctly in `1.21`. Using ``` helm upgrade -i gitea gitea-charts/gitea --namespace gitea --create-namespace --set gitea.admin.password=Pa22word --set gitea.admin.username=gitea --set persistence.size=500Mi --set gitea.config.server.ROOT_URL=http://git.44.204.189.252.sslip.io --set gitea.config.server.DOMAIN=git.44.204.189.252.sslip.io --set ingress.enabled=true --set ingress.hosts[0].host=git.44.204.189.252.sslip.io --set ingress.hosts[0].paths[0].path=/ --set ingress.hosts[0].paths[0].pathType=Prefix --set postgresql.enabled=false --set postgresql-ha.enabled=false --set redis-cluster.enabled=false --set gitea.config.database.DB_TYPE=sqlite3 --set gitea.config.session.PROVIDER=memory --set gitea.config.cache.ADAPTER=memory --set gitea.config.queue.TYPE=level ``` I am getting a crashloopbackoff ``` [root@ip-172-31-88-159 ~]# kubectl get pod -n gitea NAME READY STATUS RESTARTS AGE gitea-5cdc5c466-vg2ng 0/1 Init:CrashLoopBackOff 6 (2m41s ago) 8m57s ``` Here is the error ``` [root@ip-172-31-88-159 ~]# kubectl logs -n gitea gitea-5cdc5c466-vg2ng configure-gitea ==== BEGIN GITEA CONFIGURATION ==== 2023/12/20 13:23:41 .../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24. 2023/12/20 13:23:41 cmd/migrate.go:33:runMigrate() [I] AppPath: /usr/local/bin/gitea 2023/12/20 13:23:41 cmd/migrate.go:34:runMigrate() [I] AppWorkPath: /data 2023/12/20 13:23:41 cmd/migrate.go:35:runMigrate() [I] Custom path: /data/gitea 2023/12/20 13:23:41 cmd/migrate.go:36:runMigrate() [I] Log path: /data/log 2023/12/20 13:23:41 cmd/migrate.go:37:runMigrate() [I] Configuration file: /data/gitea/conf/app.ini 2023/12/20 13:23:41 ...2@v2.25.7/command.go:267:Run() [I] PING DATABASE sqlite3 2023/12/20 13:23:41 ...2@v2.25.7/command.go:267:Run() [W] Table system_setting Column version db default is , struct default is 1 Admin account 'gitea' already exist. Running update to sync password... 2023/12/20 13:23:41 .../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24. Command error: user does not exist [uid: 0, name: gitea, keyid: 0] ``` testing it with `--set image.tag=1.21.1` everything works as expected. It appears that `1.21.2-rootless` is having an issue ``` configure-gitea: Container ID: containerd://c8fd134195e202be5fa83500a4bcda26811dcbc4cc44a2a54b6466326de9ad8f Image: gitea/gitea:1.21.2-rootless Image ID: docker.io/gitea/gitea@sha256:1fd1c7656160ff629f9d8271badb25a450f20f8a6254f45c03147bb08d22c99c ```
justusbunsi commented 2023-12-20 18:48:23 +00:00 (Migrated from gitea.com)
Copy Link

Can reproduce it. Investigating right now.

Can reproduce it. Investigating right now.
justusbunsi commented 2023-12-20 19:20:11 +00:00 (Migrated from gitea.com)
Copy Link

🫣 Ouch. This is a side-effect of https://github.com/go-gitea/gitea/pull/28390. It introduces warning logs that distort the output of gitea admin user list --admin. That command reads all admin users to check if the given admin username already exists. Unfortunately, with 1.21.2 the output of this command changes as follows:

+ 2023/12/20 19:08:57 .../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24.
  ID   Username Email IsActive

You are using the admin account gitea. The init script assumes the output of above command is clean. Yet another "unfortunately": This is not the case anymore. The init script detects the "gitea" and thinks the user already exists.

I'm trying to fix this right now.

🫣 Ouch. This is a side-effect of https://github.com/go-gitea/gitea/pull/28390. It introduces warning logs that distort the output of `gitea admin user list --admin`. That command reads all admin users to check if the given admin username already exists. Unfortunately, with 1.21.2 the output of this command changes as follows: ```diff + 2023/12/20 19:08:57 .../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24. ID Username Email IsActive ``` You are using the admin account `gitea`. The init script assumes the output of above command is clean. Yet another "unfortunately": This is not the case anymore. The init script detects the "gitea" and thinks the user already exists. I'm trying to fix this right now.
justusbunsi commented 2023-12-20 19:21:36 +00:00 (Migrated from gitea.com)
Copy Link

By the way, changing the admin username to something different than gitea would work. But that only works for first installs.

By the way, changing the admin username to something different than `gitea` would work. But that only works for first installs.
clemenko commented 2023-12-20 19:36:50 +00:00 (Migrated from gitea.com)
Copy Link

with helm, how can I set the username to "admin"?

with helm, how can I set the username to "admin"?
justusbunsi commented 2023-12-20 19:38:58 +00:00 (Migrated from gitea.com)
Copy Link

admin is a reserved name within Gitea and cannot be used. But any other value for --set gitea.admin.username=<your-admin-username> would work.

The Chart default is gitea_admin.

`admin` is a reserved name within Gitea and cannot be used. But any other value for `--set gitea.admin.username=<your-admin-username>` would work. The Chart default is `gitea_admin`.
clemenko commented 2023-12-20 20:42:20 +00:00 (Migrated from gitea.com)
Copy Link

can I still use gitea. We use it for workshops and want to set a generic id.

can I still use gitea. We use it for workshops and want to set a generic id.
justusbunsi commented 2023-12-20 21:08:08 +00:00 (Migrated from gitea.com)
Copy Link

can I still use gitea. We use it for workshops and want to set a generic id.

As soon as this bug is fixed, the username gitea will work with Gitea 1.21.2 again.
Right now, this is not possible due to https://gitea.com/gitea/helm-chart/issues/589#issuecomment-760585. I am working on a fix. 😉

> can I still use gitea. We use it for workshops and want to set a generic id. As soon as this bug is fixed, the username `gitea` will work with Gitea 1.21.2 again. Right now, this is not possible due to https://gitea.com/gitea/helm-chart/issues/589#issuecomment-760585. I am working on a fix. 😉
justusbunsi commented 2023-12-20 22:35:14 +00:00 (Migrated from gitea.com)
Copy Link

@clemenko Feel free to test the PR #590.

@clemenko Feel free to test the PR #590.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
has/backport
in progress
invalid
kind/breaking
kind/bug
kind/build
kind/dependency
kind/deployment
kind/docs
kind/enhancement
kind/feature
kind/lint
kind/proposal
kind/question
kind/refactor
kind/security
kind/testing
kind/translation
kind/ui
need/backport
priority/critical
priority/low
priority/maybe
priority/medium
reviewed/duplicate
reviewed/invalid
reviewed/wontfix
skip-changelog
status/blocked
status/needs-feedback
status/needs-reviews
status/wip
upstream/gitea
upstream/other
No Label
kind/bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: lunny/helm-chart#589
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?