DevFW-CICD/forgejo-helm
16
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat!: add gitea chart v8 changes

Browse source 
BREAKING CHANGE: MySQL and MariaDB subcharts are removed.
This commit is contained in:
Michael Kriese 2023-04-04 15:47:07 +02:00
commit 00c8377d5b
No known key found for this signature in database
GPG key ID: B83F553A0724D44E
19 changed files with 211 additions and 218 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
.editorconfig Normal file
View file

@ -0,0 +1,12 @@
# EditorConfig is awesome: https://EditorConfig.org
# top-most EditorConfig file
root = true
[*]
indent_style = space
indent_size = 2
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = false
insert_final_newline = false

14
.markdownlint.yaml
View file

@ -129,14 +129,12 @@ MD041:
MD044: MD044:
# List of proper names # List of proper names
names: names:
- Gitea - Gitea
- PostgreSQL - PostgreSQL
- MariaDB - Memcached
- MySQL - Prometheus
- Memcached - Git
- Prometheus - GitOps
- Git
- GitOps
# Include code blocks # Include code blocks
code_blocks: false code_blocks: false

7
.woodpecker/lint.yml
View file

@ -15,7 +15,6 @@ pipeline:
pull: true pull: true
commands: commands:
- apk add --no-cache helm - apk add --no-cache helm
- helm repo add bitnami https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami
- helm dependency build - helm dependency build
helm-lint: helm-lint:
@ -48,3 +47,9 @@ pipeline:
- apk add --no-cache make nodejs npm git - apk add --no-cache make nodejs npm git
- make readme - make readme
- git diff --exit-code --name-only README.md - git diff --exit-code --name-only README.md
yaml-lint:
image: cytopia/yamllint:alpine-1
pull: true
commands:
- yamllint -f colored .

1
.woodpecker/release-version.yml
View file

@ -14,7 +14,6 @@ pipeline:
pull: true pull: true
commands: commands:
- apk add --no-cache git nodejs npm helm - apk add --no-cache git nodejs npm helm
- helm repo add bitnami https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami
- helm dependency build - helm dependency build
- rm -rf tmp/ - rm -rf tmp/
- helm package --version "${CI_COMMIT_TAG##v}" -d tmp/ ./ - helm package --version "${CI_COMMIT_TAG##v}" -d tmp/ ./

20
.yamllint Normal file
View file

@ -0,0 +1,20 @@
---
extends: default
ignore: |
.yamllint
node_modules
templates
rules:
truthy:
allowed-values: ['true', 'false']
check-keys: False
level: error
line-length: disable
document-start: disable
comments:
min-spaces-from-content: 1
braces:
max-spaces-inside: 2

3
CONTRIBUTING.md
View file

@ -14,6 +14,7 @@ When using Visual Studio Code as IDE, following plugins might be useful:
- [Markdown All in One](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one) - [Markdown All in One](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)
- [markdownlint](https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint) - [markdownlint](https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint)
- [Helm Intellisense](https://marketplace.visualstudio.com/items?itemName=Tim-Koehler.helm-intellisense) - [Helm Intellisense](https://marketplace.visualstudio.com/items?itemName=Tim-Koehler.helm-intellisense)
- [Prettier - Code formatter](https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode)
## Documentation Requirements ## Documentation Requirements
@ -55,7 +56,7 @@ be used:
```bash ```bash
# install the unittest plugin # install the unittest plugin
$ helm plugin install https://github.com/heyhabito/helm-unittest $ helm plugin install https://github.com/helm-unittest/helm-unittest
# run the unittests # run the unittests
make unittests make unittests

10
Chart.lock
View file

@ -2,14 +2,8 @@ dependencies:
- name: memcached - name: memcached
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 6.3.14 version: 6.3.14
- name: mysql
repository: oci://registry-1.docker.io/bitnamicharts
version: 9.7.1
- name: postgresql - name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 12.2.7 version: 12.2.7
- name: mariadb digest: sha256:8d216c4da56f12dea7e83c302b157574815a51bc475bfc4d379cf1f837e67152
repository: oci://registry-1.docker.io/bitnamicharts generated: "2023-04-04T15:49:13.6824226+02:00"
version: 11.5.6
digest: sha256:077ea499386a62933d01ef9574c79c2f2e56de2d44a53261289476f194ef6746
generated: "2023-04-04T00:07:00.457853047Z"

25
Chart.yaml
View file

@ -25,21 +25,12 @@ maintainers:
# Bitnami charts are served from Docker Hub # Bitnami charts are served from Docker Hub
# https://hub.docker.com/u/bitnamicharts # https://hub.docker.com/u/bitnamicharts
# https://blog.bitnami.com/2023/01/bitnami-helm-charts-available-as-oci.html # https://blog.bitnami.com/2023/01/bitnami-helm-charts-available-as-oci.html
dependencies: dependencies:
- name: memcached - name: memcached
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 6.3.14 version: 6.3.14
condition: memcached.enabled condition: memcached.enabled
- name: mysql - name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 9.7.1 version: 12.2.7
condition: mysql.enabled condition: postgresql.enabled
- name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts
version: 12.2.7
condition: postgresql.enabled
- name: mariadb
repository: oci://registry-1.docker.io/bitnamicharts
version: 11.5.6
condition: mariadb.enabled

125
README.md
View file

@ -11,6 +11,22 @@ This helm chart is based on official [Gitea helm chart](https://gitea.com/gitea/
Additionally, this chart provides LDAP and admin user configuration with values, Additionally, this chart provides LDAP and admin user configuration with values,
as well as being deployed as a statefulset to retain stored repositories. as well as being deployed as a statefulset to retain stored repositories.
## Update and versioning policy
The Gitea helm chart versioning does not follow Gitea's versioning.
The latest chart version can be looked up in [https://dl.gitea.com/charts](https://dl.gitea.com/charts) or in the [repository releases](https://gitea.com/gitea/helm-chart/releases).
The chart aims to follow Gitea's releases closely.
There might be times when the chart is behind the latest Gitea release.
This might be caused by different reasons, most often due to time constraints of the maintainers (remember, all work here is done voluntarily in the spare time of people).
If you're eager to use the latest Gitea version earlier than this chart catches up, then change the tag in `values.yaml` to the latest Gitea version.
Note that besides the exact Gitea version one can also use the `:1` tag to automatically follow the latest Gitea version.
This should be combined with `image.pullPolicy: "Always"`.
Important: Using the `:1` will also automatically jump to new minor release (e.g. from 1.13 to 1.14) which may eventually cause incompatibilities if major/breaking changes happened between these versions.
This is due to Gitea not strictly following [semantic versioning](https://semver.org/#summary) as breaking changes do not increase the major version.
I.e., "minor" version bumps are considered "major".
Yet most often no issues will be encountered and the chart maintainers aim to communicate early/upfront if this would be the case.
## Dependencies ## Dependencies
Forgejo can be run with an external database and cache. This chart provides those Forgejo can be run with an external database and cache. This chart provides those
@ -21,8 +37,6 @@ Dependencies:
- PostgreSQL ([configuration](#postgresql)) - PostgreSQL ([configuration](#postgresql))
- Memcached ([configuration](#memcached)) - Memcached ([configuration](#memcached))
- MySQL ([configuration](#mysql))
- MariaDB ([configuration](#mariadb))
## Installing ## Installing
@ -223,14 +237,17 @@ Priority (highest to lowest) for defining app.ini variables:
### External Database ### External Database
An external Database can be used instead of builtIn PostgreSQL or MySQL. Any external Database listed in [https://docs.gitea.io/en-us/database-prep/](https://docs.gitea.io/en-us/database-prep/) can be used instead of the built-in PostgreSQL.
In fact, it is **highly recommended** to use an external database to ensure a stable Gitea installation longterm.
If an external database is used, no matter which type, make sure to set `postgresql.enabled` to `false` to disable the use of the built-in PostgreSQL.
```yaml ```yaml
gitea: gitea:
config: config:
database: database:
DB_TYPE: mysql DB_TYPE: mysql
HOST: 127.0.0.1:3306 HOST: <mysql HOST>
NAME: gitea NAME: gitea
USER: root USER: root
PASSWD: gitea PASSWD: gitea
@ -356,28 +373,16 @@ persistence:
existingClaim: MyAwesomeGiteaClaim existingClaim: MyAwesomeGiteaClaim
``` ```
In case that peristence has been disabled it will simply use an empty dir volume. In case that persistence has been disabled it will simply use an empty dir volume.
PostgreSQL handles the persistence in the exact same way. PostgreSQL handles the persistence in the exact same way.
You can interact with the postgres settings as displayed in the following example: You can interact with the postgres settings as displayed in the following example:
```yaml ```yaml
postgresql: postgresql:
primary: persistence:
persistence: enabled: true
enabled: true existingClaim: MyAwesomeGiteaPostgresClaim
existingClaim: MyAwesomeGiteaPostgresClaim
```
MySQL also handles persistence the same, even though it is not deployed as a statefulset.
You can interact with the postgres settings as displayed in the following example:
```yaml
mysql:
primary:
persistence:
enabled: true
existingClaim: MyAwesomeGiteaMysqlClaim
``` ```
### Admin User ### Admin User
@ -479,11 +484,11 @@ Multiple OAuth2 sources can be configured with additional OAuth list items.
```yaml ```yaml
gitea: gitea:
oauth: oauth:
- name: 'MyAwesomeGiteaOAuth' - name: "MyAwesomeGiteaOAuth"
provider: 'openidConnect' provider: "openidConnect"
key: 'hello' key: "hello"
secret: 'world' secret: "world"
autoDiscoverUrl: 'https://gitea.example.com/.well-known/openid-configuration' autoDiscoverUrl: "https://gitea.example.com/.well-known/openid-configuration"
#useCustomUrls: #useCustomUrls:
#customAuthUrl: #customAuthUrl:
#customTokenUrl: #customTokenUrl:
@ -507,7 +512,7 @@ stringData:
```yaml ```yaml
gitea: gitea:
oauth: oauth:
- name: 'MyAwesomeGiteaOAuth' - name: "MyAwesomeGiteaOAuth"
existingSecret: gitea-oauth-secret existingSecret: gitea-oauth-secret
``` ```
@ -531,7 +536,8 @@ signing:
Regardless of the used container image the `signing` object allows to specify a Regardless of the used container image the `signing` object allows to specify a
private gpg key. Either using the `signing.privateKey` to define the key inline, private gpg key. Either using the `signing.privateKey` to define the key inline,
or refer to an existing secret containing the key data by using `signing.existingKey`.
or refer to an existing secret containing the key data by using `signing.existingSecret`.
```yaml ```yaml
apiVersion: v1 apiVersion: v1
@ -722,6 +728,7 @@ gitea:
| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` | | `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` |
| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` | | `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` |
| `gitea.podAnnotations` | Annotations for the Forgejo pod | `{}` | | `gitea.podAnnotations` | Annotations for the Forgejo pod | `{}` |
| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Gitea image. | `INFO` |
### LivenessProbe ### LivenessProbe
@ -763,58 +770,32 @@ gitea:
Memcached is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/memcached) if enabled in the values. Complete Configuration can be taken from their website. Memcached is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/memcached) if enabled in the values. Complete Configuration can be taken from their website.
| Name | Description | Value | | Name | Description | Value |
| ----------------------------------- | ------------------ | ------- | | ----------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `memcached.enabled` | Enable Memcached | `true` | | `memcached.enabled` | Memcached is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/memcached) if enabled in the values. Complete Configuration can be taken from their website. | `true` |
| `memcached.service.ports.memcached` | Port for Memcached | `11211` | | `memcached.service.ports.memcached` | Port for Memcached | `11211` |
### PostgreSQL ### PostgreSQL
PostgreSQL is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) if enabled in the values. Complete Configuration can be taken from their website. PostgreSQL is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) if enabled in the values. Complete Configuration can be taken from their website.
| Name | Description | Value | | Name | Description | Value |
| --------------------------------------------- | ----------------------------------------- | ------- | | ------------------------------------------------------- | ---------------------------------------------------------------- | ------- |
| `postgresql.enabled` | Enable PostgreSQL | `true` | | `postgresql.enabled` | Enable PostgreSQL | `true` |
| `postgresql.auth.database` | PostgreSQL database | `gitea` | | `postgresql.global.postgresql.auth.password` | Password for the `gitea` user (overrides `auth.password`) | `gitea` |
| `postgresql.auth.username` | PostgreSQL username | `gitea` | | `postgresql.global.postgresql.auth.database` | Name for a custom database to create (overrides `auth.database`) | `gitea` |
| `postgresql.auth.password` | PostgreSQL username | `gitea` | | `postgresql.global.postgresql.auth.username` | Name for a custom user to create (overrides `auth.username`) | `gitea` |
| `postgresql.auth.postgresPassword` | PostgreSQL admin password | `gitea` | | `postgresql.global.postgresql.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `5432` |
| `postgresql.primary.service.ports.postgresql` | Port to connect to PostgreSQL service | `5432` | | `postgresql.primary.persistence.size` | PVC Storage Request for PostgreSQL volume | `10Gi` |
| `postgresql.primary.persistence.size` | PVC Storage Request for PostgreSQL volume | `10Gi` |
### MySQL
MySQL is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/mysql) if enabled in the values. Complete Configuration can be taken from their website.
| Name | Description | Value |
| ----------------------------------- | ------------------------------------------------------------------ | ------- |
| `mysql.enabled` | Enable MySQL | `false` |
| `mysql.auth.database` | Name for new database to create. | `gitea` |
| `mysql.auth.username` | Username of new user to create. | `gitea` |
| `mysql.auth.password` | Password for the new user.Ignored if existing secret is provided | `gitea` |
| `mysql.auth.rootPassword` | Password for the root user. Ignored if existing secret is provided | `gitea` |
| `mysql.primary.service.ports.mysql` | Port to connect to MySQL service | `3306` |
| `mysql.primary.persistence.size` | PVC Storage Request for MySQL volume | `10Gi` |
### MariaDB
MariaDB is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/mariadb) if enabled in the values. Complete Configuration can be taken from their website.
| Name | Description | Value |
| ------------------------------------- | ----------------------------------------------------------------- | ------- |
| `mariadb.enabled` | Enable MariaDB | `false` |
| `mariadb.auth.database` | Name of the database to create. | `gitea` |
| `mariadb.auth.username` | Username of the new user to create. | `gitea` |
| `mariadb.auth.password` | Password for the new user. Ignored if existing secret is provided | `gitea` |
| `mariadb.auth.rootPassword` | Password for the root user. | `gitea` |
| `mariadb.primary.service.ports.mysql` | Port to connect to MariaDB service | `3306` |
| `mariadb.primary.persistence.size` | Persistence size for MariaDB | `10Gi` |
### Advanced ### Advanced
| Name | Description | Value | | Name | Description | Value |
| ------------------ | ---------------------------------------------------- | ------ | | ------------------ | ------------------------------------------------------------------ | --------- |
| `checkDeprecation` | Set it to false to skip this basic validation check. | `true` | | `checkDeprecation` | Set it to false to skip this basic validation check. | `true` |
| `test.enabled` | Set it to false to disable test-connection Pod. | `true` |
| `test.image.name` | Image name for the wget container used in the test-connection Pod. | `busybox` |
| `test.image.tag` | Image tag for the wget container used in the test-connection Pod. | `latest` |
## Contributing ## Contributing
@ -824,5 +805,5 @@ See [CONTRIBUTORS GUIDE](CONTRIBUTING.md) for details.
## Upgrading ## Upgrading
This section lists major and breaking changes of each Helm Chart version. This section lists major and breaking changes of each Helm Chart version
Please read them carefully to upgrade successfully. Please read them carefully to upgrade successfully.

4
artifacthub-repo.yml
View file

@ -3,7 +3,7 @@
# https://artifacthub.io/docs/topics/repositories/helm-charts/#oci-support # https://artifacthub.io/docs/topics/repositories/helm-charts/#oci-support
# publish via: # publish via:
# oras push codeberg.org/forgejo-contrib/forgejo:artifacthub.io --config artifacthub.config.json:application/vnd.cncf.artifacthub.config.v1+yaml artifacthub-repo.yml:application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml # oras push codeberg.org/forgejo-contrib/forgejo:artifacthub.io --config artifacthub.config.json:application/vnd.cncf.artifacthub.config.v1+yaml artifacthub-repo.yml:application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml
repositoryID: 'ec84c95a-a288-4aaa-a690-a656b57e3136' repositoryID: "ec84c95a-a288-4aaa-a690-a656b57e3136"
owners: # (optional, used to claim repository ownership) owners: # (optional, used to claim repository ownership)
- name: viceice - name: viceice
email: michael.kriese@visualon.de email: michael.kriese@visualon.de

32
templates/_helpers.tpl
View file

@ -92,15 +92,7 @@ app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}} {{- end -}}
{{- define "postgresql.dns" -}} {{- define "postgresql.dns" -}}
{{- printf "%s-postgresql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.postgresql.primary.service.ports.postgresql -}} {{- printf "%s-postgresql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.postgresql.global.postgresql.service.ports.postgresql -}}
{{- end -}}
{{- define "mysql.dns" -}}
{{- printf "%s-mysql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.mysql.primary.service.ports.mysql | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "mariadb.dns" -}}
{{- printf "%s-mariadb.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain .Values.mariadb.primary.service.ports.mysql | trunc 63 | trimSuffix "-" -}}
{{- end -}} {{- end -}}
{{- define "memcached.dns" -}} {{- define "memcached.dns" -}}
@ -292,25 +284,9 @@ https
{{- if not (.Values.gitea.config.database.HOST) -}} {{- if not (.Values.gitea.config.database.HOST) -}}
{{- $_ := set .Values.gitea.config.database "HOST" (include "postgresql.dns" .) -}} {{- $_ := set .Values.gitea.config.database "HOST" (include "postgresql.dns" .) -}}
{{- end -}} {{- end -}}
{{- $_ := set .Values.gitea.config.database "NAME" .Values.postgresql.auth.database -}} {{- $_ := set .Values.gitea.config.database "NAME" .Values.postgresql.global.postgresql.auth.database -}}
{{- $_ := set .Values.gitea.config.database "USER" .Values.postgresql.auth.username -}} {{- $_ := set .Values.gitea.config.database "USER" .Values.postgresql.global.postgresql.auth.username -}}
{{- $_ := set .Values.gitea.config.database "PASSWD" .Values.postgresql.auth.password -}} {{- $_ := set .Values.gitea.config.database "PASSWD" .Values.postgresql.global.postgresql.auth.password -}}
{{- else if .Values.mysql.enabled -}}
{{- $_ := set .Values.gitea.config.database "DB_TYPE" "mysql" -}}
{{- if not (.Values.gitea.config.database.HOST) -}}
{{- $_ := set .Values.gitea.config.database "HOST" (include "mysql.dns" .) -}}
{{- end -}}
{{- $_ := set .Values.gitea.config.database "NAME" .Values.mysql.auth.database -}}
{{- $_ := set .Values.gitea.config.database "USER" .Values.mysql.auth.username -}}
{{- $_ := set .Values.gitea.config.database "PASSWD" .Values.mysql.auth.password -}}
{{- else if .Values.mariadb.enabled -}}
{{- $_ := set .Values.gitea.config.database "DB_TYPE" "mysql" -}}
{{- if not (.Values.gitea.config.database.HOST) -}}
{{- $_ := set .Values.gitea.config.database "HOST" (include "mariadb.dns" .) -}}
{{- end -}}
{{- $_ := set .Values.gitea.config.database "NAME" .Values.mariadb.auth.database -}}
{{- $_ := set .Values.gitea.config.database "USER" .Values.mariadb.auth.username -}}
{{- $_ := set .Values.gitea.config.database "PASSWD" .Values.mariadb.auth.password -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}

2
templates/gitea/gpg-secret.yaml
View file

@ -1,6 +1,6 @@
{{- if .Values.signing.enabled -}} {{- if .Values.signing.enabled -}}
{{- if and (empty .Values.signing.privateKey) (empty .Values.signing.existingSecret) -}} {{- if and (empty .Values.signing.privateKey) (empty .Values.signing.existingSecret) -}}
{{- fail "Either specify `signing.privateKey` or `signing.existingKey`" -}} {{- fail "Either specify `signing.privateKey` or `signing.existingSecret`" -}}
{{- end }} {{- end }}
{{- if and (not (empty .Values.signing.privateKey)) (empty .Values.signing.existingSecret) -}} {{- if and (not (empty .Values.signing.privateKey)) (empty .Values.signing.existingSecret) -}}
apiVersion: v1 apiVersion: v1

4
templates/gitea/statefulset.yaml
View file

@ -243,6 +243,10 @@ spec:
value: {{ .Values.gitea.config.server.SSH_LISTEN_PORT | quote }} value: {{ .Values.gitea.config.server.SSH_LISTEN_PORT | quote }}
- name: SSH_PORT - name: SSH_PORT
value: {{ .Values.gitea.config.server.SSH_PORT | quote }} value: {{ .Values.gitea.config.server.SSH_PORT | quote }}
{{- if not .Values.image.rootless }}
- name: SSH_LOG_LEVEL
value: {{ .Values.gitea.ssh.logLevel | quote }}
{{- end }}
- name: GITEA_APP_INI - name: GITEA_APP_INI
value: /data/gitea/conf/app.ini value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM - name: GITEA_CUSTOM

4
templates/tests/test-http-connection.yaml
View file

@ -1,3 +1,4 @@
{{- if .Values.test.enabled }}
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
@ -9,7 +10,8 @@ metadata:
spec: spec:
containers: containers:
- name: wget - name: wget
image: busybox image: "{{ .Values.test.image.name }}:{{ .Values.test.image.tag }}"
command: ['wget'] command: ['wget']
args: ['{{ include "gitea.fullname" . }}-http:{{ .Values.service.http.port }}'] args: ['{{ include "gitea.fullname" . }}-http:{{ .Values.service.http.port }}']
restartPolicy: Never restartPolicy: Never
{{- end }}

2
unittests/gpg-secret/signing-enabled.yaml
View file

@ -11,7 +11,7 @@ tests:
enabled: true enabled: true
asserts: asserts:
- failedTemplate: - failedTemplate:
errorMessage: Either specify `signing.privateKey` or `signing.existingKey` errorMessage: Either specify `signing.privateKey` or `signing.existingSecret`
- it: skips rendering using external secret reference - it: skips rendering using external secret reference
set: set:
signing: signing:

2
unittests/init/basic.yaml
View file

@ -10,6 +10,6 @@ tests:
- hasDocuments: - hasDocuments:
count: 1 count: 1
- containsDocument: - containsDocument:
kind: Secret kind: Secret
apiVersion: v1 apiVersion: v1
name: forgejo-unittests-init name: forgejo-unittests-init

2
unittests/statefulset/basic.yaml
View file

@ -12,6 +12,6 @@ tests:
- hasDocuments: - hasDocuments:
count: 1 count: 1
- containsDocument: - containsDocument:
kind: StatefulSet kind: StatefulSet
apiVersion: apps/v1 apiVersion: apps/v1
name: forgejo-unittests name: forgejo-unittests

40
unittests/statefulset/ssh-configuration.yaml Normal file
View file

@ -0,0 +1,40 @@
suite: Statefulset template (SSH configuration)
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/statefulset.yaml
- templates/gitea/config.yaml
tests:
- it: supports defining SSH log level for root based image
template: templates/gitea/statefulset.yaml
set:
image.rootless: false
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: SSH_LOG_LEVEL
value: "INFO"
- it: supports overriding SSH log level
template: templates/gitea/statefulset.yaml
set:
image.rootless: false
gitea.ssh.logLevel: "DEBUG"
asserts:
- contains:
path: spec.template.spec.containers[0].env
content:
name: SSH_LOG_LEVEL
value: "DEBUG"
- it: skips SSH_LOG_LEVEL for rootless image
template: templates/gitea/statefulset.yaml
set:
image.rootless: true
gitea.ssh.logLevel: "DEBUG" # explicitly defining a non-standard level here
asserts:
- notContains:
path: spec.template.spec.containers[0].env
any: true
content:
name: SSH_LOG_LEVEL

120
values.yaml
View file

@ -125,7 +125,6 @@ service:
loadBalancerSourceRanges: [] loadBalancerSourceRanges: []
annotations: {} annotations: {}
## @section Ingress ## @section Ingress
## @param ingress.enabled Enable ingress ## @param ingress.enabled Enable ingress
## @param ingress.className Ingress class name ## @param ingress.className Ingress class name
@ -139,7 +138,8 @@ ingress:
enabled: false enabled: false
# className: nginx # className: nginx
className: className:
annotations: {} annotations:
{}
# kubernetes.io/ingress.class: nginx # kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true" # kubernetes.io/tls-acme: "true"
hosts: hosts:
@ -158,7 +158,8 @@ ingress:
## @section StatefulSet ## @section StatefulSet
# #
## @param resources Kubernetes resources ## @param resources Kubernetes resources
resources: {} resources:
{}
# We usually recommend not to specify default resources and to leave this as a conscious # We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little # choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following # resources, such as Minikube. If you do want to specify resources, uncomment the following
@ -193,7 +194,8 @@ dnsConfig: {}
## @param statefulset.labels Labels for the statefulset ## @param statefulset.labels Labels for the statefulset
## @param statefulset.annotations Annotations for the Forgejo StatefulSet to be created ## @param statefulset.annotations Annotations for the Forgejo StatefulSet to be created
statefulset: statefulset:
env: [] env:
[]
# - name: VARIABLE # - name: VARIABLE
# value: my-value # value: my-value
terminationGracePeriodSeconds: 60 terminationGracePeriodSeconds: 60
@ -278,7 +280,7 @@ gitea:
## @param gitea.admin.password Password for the Forgejo admin user ## @param gitea.admin.password Password for the Forgejo admin user
## @param gitea.admin.email Email for the Forgejo admin user ## @param gitea.admin.email Email for the Forgejo admin user
admin: admin:
#existingSecret: gitea-admin-secret # existingSecret: gitea-admin-secret
existingSecret: existingSecret:
username: gitea_admin username: gitea_admin
password: r8sA8CPHD9!bt6d password: r8sA8CPHD9!bt6d
@ -294,7 +296,8 @@ gitea:
# prometheus-release: prom1 # prometheus-release: prom1
## @param gitea.ldap LDAP configuration ## @param gitea.ldap LDAP configuration
ldap: [] ldap:
[]
# - name: "LDAP 1" # - name: "LDAP 1"
# existingSecret: # existingSecret:
# securityProtocol: # securityProtocol:
@ -311,7 +314,8 @@ gitea:
# Either specify inline `key` and `secret` or refer to them via `existingSecret` # Either specify inline `key` and `secret` or refer to them via `existingSecret`
## @param gitea.oauth OAuth configuration ## @param gitea.oauth OAuth configuration
oauth: [] oauth:
[]
# - name: 'OAuth 1' # - name: 'OAuth 1'
# provider: # provider:
# key: # key:
@ -348,6 +352,10 @@ gitea:
## @param gitea.podAnnotations Annotations for the Forgejo pod ## @param gitea.podAnnotations Annotations for the Forgejo pod
podAnnotations: {} podAnnotations: {}
## @param gitea.ssh.logLevel Configure OpenSSH's log level. Only available for root-based Gitea image.
ssh:
logLevel: "INFO"
## @section LivenessProbe ## @section LivenessProbe
# #
## @param gitea.livenessProbe.enabled Enable liveness probe ## @param gitea.livenessProbe.enabled Enable liveness probe
@ -413,10 +421,18 @@ gitea:
## Memcached is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/memcached) if enabled in the values. Complete Configuration can be taken from their website. ## Memcached is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/memcached) if enabled in the values. Complete Configuration can be taken from their website.
## @descriptionEnd ## @descriptionEnd
# #
## @param memcached.enabled Enable Memcached ## @param memcached.enabled Memcached is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/memcached) if enabled in the values. Complete Configuration can be taken from their website.
## ref: https://hub.docker.com/r/bitnami/memcached/tags/
## @param memcached.service.ports.memcached Port for Memcached ## @param memcached.service.ports.memcached Port for Memcached
memcached: memcached:
enabled: true enabled: true
# image:
# registry: docker.io
# repository: bitnami/memcached
# tag: ""
# digest: ""
# pullPolicy: IfNotPresent
# pullSecrets: []
service: service:
ports: ports:
memcached: 11211 memcached: 11211
@ -427,77 +443,23 @@ memcached:
## @descriptionEnd ## @descriptionEnd
# #
## @param postgresql.enabled Enable PostgreSQL ## @param postgresql.enabled Enable PostgreSQL
## @param postgresql.auth.database PostgreSQL database ## @param postgresql.global.postgresql.auth.password Password for the `gitea` user (overrides `auth.password`)
## @param postgresql.auth.username PostgreSQL username ## @param postgresql.global.postgresql.auth.database Name for a custom database to create (overrides `auth.database`)
## @param postgresql.auth.password PostgreSQL username ## @param postgresql.global.postgresql.auth.username Name for a custom user to create (overrides `auth.username`)
## @param postgresql.auth.postgresPassword PostgreSQL admin password ## @param postgresql.global.postgresql.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`)
## @param postgresql.primary.service.ports.postgresql Port to connect to PostgreSQL service
## @param postgresql.primary.persistence.size PVC Storage Request for PostgreSQL volume ## @param postgresql.primary.persistence.size PVC Storage Request for PostgreSQL volume
postgresql: postgresql:
enabled: true enabled: true
auth: global:
database: gitea postgresql:
username: gitea auth:
password: gitea password: gitea
postgresPassword: gitea database: gitea
username: gitea
service:
ports:
postgresql: 5432
primary: primary:
service:
ports:
postgresql: 5432
persistence:
size: 10Gi
## @section MySQL
## @descriptionStart
## MySQL is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/mysql) if enabled in the values. Complete Configuration can be taken from their website.
## @descriptionEnd
#
#
## @param mysql.enabled Enable MySQL
## @param mysql.auth.database Name for new database to create.
## @param mysql.auth.username Username of new user to create.
## @param mysql.auth.password Password for the new user.Ignored if existing secret is provided
## @param mysql.auth.rootPassword Password for the root user. Ignored if existing secret is provided
## @param mysql.primary.service.ports.mysql Port to connect to MySQL service
## @param mysql.primary.persistence.size PVC Storage Request for MySQL volume
mysql:
enabled: false
auth:
database: gitea
username: gitea
password: gitea
rootPassword: gitea
primary:
service:
ports:
mysql: 3306
persistence:
size: 10Gi
## @section MariaDB
## @descriptionStart
## MariaDB is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/mariadb) if enabled in the values. Complete Configuration can be taken from their website.
## @descriptionEnd
#
#
## @param mariadb.enabled Enable MariaDB
## @param mariadb.auth.database Name of the database to create.
## @param mariadb.auth.username Username of the new user to create.
## @param mariadb.auth.password Password for the new user. Ignored if existing secret is provided
## @param mariadb.auth.rootPassword Password for the root user.
## @param mariadb.primary.service.ports.mysql Port to connect to MariaDB service
## @param mariadb.primary.persistence.size Persistence size for MariaDB
mariadb:
enabled: false
auth:
database: gitea
username: gitea
password: gitea
rootPassword: gitea
primary:
service:
ports:
mysql: 3306
persistence: persistence:
size: 10Gi size: 10Gi
@ -505,4 +467,12 @@ mariadb:
# Set it to false to skip this basic validation check. # Set it to false to skip this basic validation check.
## @section Advanced ## @section Advanced
## @param checkDeprecation Set it to false to skip this basic validation check. ## @param checkDeprecation Set it to false to skip this basic validation check.
## @param test.enabled Set it to false to disable test-connection Pod.
## @param test.image.name Image name for the wget container used in the test-connection Pod.
## @param test.image.tag Image tag for the wget container used in the test-connection Pod.
checkDeprecation: true checkDeprecation: true
test:
enabled: true
image:
name: busybox
tag: latest