From 7de326d931a9f64e280c48ad6ba7d26d437bd632 Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Tue, 6 Jul 2021 13:28:13 +0800 Subject: [PATCH] Drop kebab-case configuration notation (#196) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently there are two different styles for defining both ldap and oauth configuration in _values.yaml_ file: `camelCase` and `kebab-case`. Supporting both styles created multiple regressions in the past. ⚠️ BREAKING ⚠️ --------------- These changes completely remove any support for `kebab-case` notation in _values.yaml_ in favor of `camelCase`. Configuration keys must use `camelCase`. Only exception are Kubernetes resource keys for annotations or labels. Fixes: #188 Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/196 Reviewed-by: luhahn Reviewed-by: Lunny Xiao Co-authored-by: justusbunsi Co-committed-by: justusbunsi --- README.md | 53 +++----------------------------- templates/_helpers.tpl | 14 ++++----- templates/gitea/statefulset.yaml | 6 ++-- 3 files changed, 16 insertions(+), 57 deletions(-) diff --git a/README.md b/README.md index 3682381..50024d2 100644 --- a/README.md +++ b/README.md @@ -314,9 +314,6 @@ gitea: Like the admin user the LDAP settings can be updated, but also disabled or deleted. All LDAP values from are available. -You can either use them in camel case or kebab case. - -camelCase: ```yaml gitea: @@ -336,25 +333,6 @@ camelCase: sshPublicKeyAttribute: sshPublicKey ``` -kebab-case: - -```yaml - gitea: - ldap: - enabled: true - name: 'MyAwesomeGiteaLdap' - security-protocol: unencrypted - host: "127.0.0.1" - port: "389" - user-search-base: ou=Users,dc=example,dc=com - user-filter: sAMAccountName=%s - admin-filter: CN=Admin,CN=Group,DC=example,DC=com - email-attribute: mail - bind-dn: CN=ldap read,OU=Spezial,DC=example,DC=com - bind-password: JustAnotherBindPw - username-attribute: CN -``` - You can also use an existing secret to set the bindDn and bindPassword: ```yaml @@ -376,19 +354,16 @@ gitea: :warning: Some options are just flags and therefore don't any values. If they are defined in `gitea.ldap` configuration, they will be passed to the gitea cli without any value. Affected options: -- notActive | not-active -- skipTlsVerify | skip-tls-verify -- allowDeactivateAll | allow-deactivate-all -- synchronizeUsers | synchronize-users -- attributesInBind | attributes-in-bind +- notActive +- skipTlsVerify +- allowDeactivateAll +- synchronizeUsers +- attributesInBind ### OAuth2 Settings Like the admin user, OAuth2 settings can be updated and disabled but not deleted. Deleting OAuth2 settings has to be done in the ui. All OAuth2 values from are available. -You can either use them in camel case or kebab case. - -camelCase: ```yaml gitea: @@ -406,24 +381,6 @@ camelCase: #customEmailUrl: ``` -kebab-case: - -```yaml - gitea: - oauth: - enabled: true - name: 'MyAwesomeGiteaOAuth' - provider: 'openidConnect' - key: 'hello' - secret: 'world' - auto-discover-url: 'https://gitea.example.com/.well-known/openid-configuration' - #use-custom-urls: - #custom-auth-url: - #custom-token-url: - #custom-profile-url: - #custom-email-url: -``` - ### Metrics and profiling A Prometheus `/metrics` endpoint on the `HTTP_PORT` and `pprof` profiling endpoints on port 6060 can be enabled under `gitea`. Beware that the metrics endpoint is exposed via the ingress, manage access using ingress annotations for example. diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index bd4339d..510f538 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -108,24 +108,24 @@ app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} {{- define "gitea.ldap_settings" -}} -{{- if and (not (hasKey .Values.gitea.ldap "bindDn")) (not (hasKey .Values.gitea.ldap "bind-dn")) -}} +{{- if not (hasKey .Values.gitea.ldap "bindDn") -}} {{- $_ := set .Values.gitea.ldap "bindDn" "" -}} {{- end -}} -{{- if and (not (hasKey .Values.gitea.ldap "bindPassword")) (not (hasKey .Values.gitea.ldap "bind-password")) -}} +{{- if not (hasKey .Values.gitea.ldap "bindPassword") -}} {{- $_ := set .Values.gitea.ldap "bindPassword" "" -}} {{- end -}} -{{- $flags := list "not-active" "skip-tls-verify" "allow-deactivate-all" "synchronize-users" "attributes-in-bind" -}} +{{- $flags := list "notActive" "skipTlsVerify" "allowDeactivateAll" "synchronizeUsers" "attributesInBind" -}} {{- range $key, $val := .Values.gitea.ldap -}} {{- if and (ne $key "enabled") (ne $key "existingSecret") -}} -{{- if eq ($key | kebabcase) "bind-dn" -}} +{{- if eq $key "bindDn" -}} {{- printf "--%s %s " ($key | kebabcase) ("${GITEA_LDAP_BIND_DN}" | quote ) -}} -{{- else if eq ($key | kebabcase) "bind-password" -}} +{{- else if eq $key "bindPassword" -}} {{- printf "--%s %s " ($key | kebabcase) ("${GITEA_LDAP_PASSWORD}" | quote ) -}} {{- else if eq $key "port" -}} -{{- printf "--%s %d " ($key | kebabcase) ($val | int) -}} -{{- else if (has ($key | kebabcase) $flags) -}} +{{- printf "--%s %d " $key ($val | int) -}} +{{- else if has $key $flags -}} {{- printf "--%s " ($key | kebabcase) -}} {{- else -}} {{- printf "--%s %s " ($key | kebabcase) ($val | squote) -}} diff --git a/templates/gitea/statefulset.yaml b/templates/gitea/statefulset.yaml index bf43597..bb13eea 100644 --- a/templates/gitea/statefulset.yaml +++ b/templates/gitea/statefulset.yaml @@ -79,6 +79,7 @@ spec: value: /data - name: GITEA_TEMP value: /tmp/gitea + {{- if .Values.gitea.ldap.enabled }} {{- if .Values.gitea.ldap.existingSecret }} - name: GITEA_LDAP_BIND_DN valueFrom: @@ -92,9 +93,10 @@ spec: name: {{ .Values.gitea.ldap.existingSecret }} {{- else }} - name: GITEA_LDAP_BIND_DN - value: {{ default (index .Values.gitea.ldap "bind-dn") .Values.gitea.ldap.bindDn | quote }} + value: {{ .Values.gitea.ldap.bindDn | quote }} - name: GITEA_LDAP_PASSWORD - value: {{ default (index .Values.gitea.ldap "bind-password") .Values.gitea.ldap.bindPassword | quote }} + value: {{ .Values.gitea.ldap.bindPassword | quote }} + {{- end }} {{- end }} {{- if .Values.gitea.admin.existingSecret }} - name: GITEA_ADMIN_USERNAME