matthew/helm-chart
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

generate readme Parameters from values.yaml (#323)

Browse Source 
Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/323
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: cnfatal <cnfatal@noreply.gitea.io>
Co-committed-by: cnfatal <cnfatal@noreply.gitea.io>
This commit is contained in:
cnfatal 2022-06-09 19:21:25 +08:00 committed by luhahn
parent 9cb822f41c
commit b3b91e2044
4 changed files with 378 additions and 195 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
Makefile Normal file
View File

@ -0,0 +1,15 @@
readme: helm-doc
readme-generator -v values.yaml -r README.md
markdownlint *.md -f
.PHONY: helm-doc
helm-doc:
ifeq (, $(shell which readme-generator))
@{ \
set -e ;\
echo 'installing readme-generator-for-helm' ;\
npm install -g readme-generator-for-helm ;\
}
else
echo 'readme-generator-for-helm is already installed'
endif

308
README.md
View File

@ -712,210 +712,220 @@ gitea:
podAnnotations: {} podAnnotations: {}
``` ```
## Configuration ## Parameters
### Others ### Global
| Parameter | Description | Default | | Name | Description | Value |
| ------------------------------------------- | -------------------------------------------------------------------- | ------- | | ------------------------- | ------------------------------------------------------------------------- | --------------- |
| `statefulset.annotations` | Annotations for the Gitea StatefulSet to be created | `{}` | | `global.imageRegistry` | global image registry override | `""` |
| `statefulset.terminationGracePeriodSeconds` | How long to wait until forcefully kill the pod | `60` | | `global.imagePullSecrets` | global image pull secrets override; can be extended by `imagePullSecrets` | `[]` |
| `statefulset.env` | Additional environment variables to pass to containers | `[]` | | `global.storageClass` | global storage class override | `""` |
| `extraVolumes` | Additional volumes to mount to the Gitea statefulset | `{}` | | `replicaCount` | number of replicas for the statefulset | `1` |
| `extraVolumeMounts` | Additional volume mounts for the Gitea containers | `{}` | | `clusterDomain` | cluster domain | `cluster.local` |
| `initPreScript` | Bash script copied verbatim to start of init container | |
| `podSecurityContext.fsGroup` | Set the shared file system group for all containers | 1000 |
| `containerSecurityContext` | Run init and Gitea containers as a specific securityContext | `{}` |
| `schedulerName` | Use an alternate scheduler, e.g. "stork" | |
### Image ### Image
| Parameter | Description | Default | | Name | Description | Value |
| ------------------ | ----------------------------------------------------------------------------------------- | ---------------------------------- | | ------------------ | ------------------------------------------------------------------------------------------ | ------------- |
| `image.registry` | image registry, e.g. gcr.io,docker.io | `""` |
| `image.repository` | Image to start for this pod | `gitea/gitea` | | `image.repository` | Image to start for this pod | `gitea/gitea` |
| `image.tag` | [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated) | see [Chart.AppVersion](Chart.yaml) | | `image.tag` | Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated) | `""` |
| `image.pullPolicy` | Image pull policy | `Always` | | `image.pullPolicy` | Image pull policy | `Always` |
| `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `false` | | `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `false` |
| `imagePullSecrets` | Secret to use for pulling the image | `[]` |
### Persistence ### Security
| Parameter | Description | Default | | Name | Description | Value |
| --------------------------- | ---------------------------------------------------------- | ------- | | ---------------------------- | --------------------------------------------------------------- | ------ |
| `persistence.enabled` | Enable persistence for Gitea | `true` | | `podSecurityContext.fsGroup` | Set the shared file system group for all containers in the pod. | `1000` |
| `persistence.existingClaim` | Use an existing claim to store repository information | | | `containerSecurityContext` | Security context | `{}` |
| `persistence.size` | Size for persistence to store repo information | `10Gi` | | `securityContext` | Run init and Gitea containers as a specific securityContext | `{}` |
| `persistence.accessModes` | AccessMode for persistence | |
| `persistence.storageClass` | Storage class for repository persistence | |
| `persistence.subPath` | Subdirectory of the volume to mount at | |
| `persistence.labels` | Labels for the persistence volume claim to be created | `{}` |
| `persistence.annotations` | Annotations for the persistence volume claim to be created | `{}` |
### Ingress
| Parameter | Description | Default |
| ------------------------------------ | ---------------------------------------------------------------------------- | -------------------------------------------------- |
| `ingress.enabled` | enable ingress | `false` |
| `ingress.annotations` | add ingress annotations | |
| `ingress.hosts[0].host` | add hosts for ingress | `git.example.com` |
| `ingress.hosts[0].paths[0].path` | add path for each ingress host | `/` |
| `ingress.hosts[0].paths[0].pathType` | add ingress path type | `Prefix` |
| `ingress.tls` | add ingress tls settings | `[]` |
| `ingress.className` | add ingress class name. Only used in k8s 1.19+ | |
| `ingress.apiVersion` | specify APIVersion of ingress object. Mostly would only be used for argocd. | version indicated by helm's `Capabilities` object. |
### Service ### Service
#### Web | Name | Description | Value |
| --------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |
| Parameter | Description | Default |
| --------------------------------------- | ------------------------------------------------------------------------------------------------------------ | ----------- |
| `service.http.type` | Kubernetes service type for web traffic | `ClusterIP` | | `service.http.type` | Kubernetes service type for web traffic | `ClusterIP` |
| `service.http.port` | Port for web traffic | `3000` | | `service.http.port` | Port number for web traffic | `3000` |
| `service.http.clusterIP` | ClusterIP setting for http autosetup for statefulset is None | `None` | | `service.http.clusterIP` | ClusterIP setting for http autosetup for statefulset is None | `None` |
| `service.http.loadBalancerIP` | LoadBalancer Ip setting | | | `service.http.loadBalancerIP` | LoadBalancer IP setting | `nil` |
| `service.http.nodePort` | NodePort for http service | | | `service.http.nodePort` | NodePort for http service | `nil` |
| `service.http.externalTrafficPolicy` | If `service.http.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation | | | `service.http.externalTrafficPolicy` | If `service.http.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation | `nil` |
| `service.http.externalIPs` | http service external IP addresses | | | `service.http.externalIPs` | External IPs for service | `nil` |
| `service.http.ipFamilyPolicy` | http service dual-stack policy | | | `service.http.ipFamilyPolicy` | HTTP service dual-stack policy | `nil` |
| `service.http.ipFamilies` | http service dual-stack familiy selection | | | `service.http.ipFamilies` | HTTP service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/). | `nil` |
| `service.http.loadBalancerSourceRanges` | Source range filter for http loadbalancer | `[]` | | `service.http.loadBalancerSourceRanges` | Source range filter for http loadbalancer | `[]` |
| `service.http.annotations` | http service annotations | | | `service.http.annotations` | HTTP service annotations | `{}` |
For dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/).
#### SSH
| Parameter | Description | Default |
| -------------------------------------- | ----------------------------------------------------------------------------------------------------------- | ----------- |
| `service.ssh.type` | Kubernetes service type for ssh traffic | `ClusterIP` | | `service.ssh.type` | Kubernetes service type for ssh traffic | `ClusterIP` |
| `service.ssh.port` | Port for ssh traffic | `22` | | `service.ssh.port` | Port number for ssh traffic | `22` |
| `service.ssh.loadBalancerIP` | LoadBalancer Ip setting | | | `service.ssh.clusterIP` | ClusterIP setting for ssh autosetup for statefulset is None | `None` |
| `service.ssh.nodePort` | NodePort for ssh service | | | `service.ssh.loadBalancerIP` | LoadBalancer IP setting | `nil` |
| `service.ssh.hostPort` | HostPort for ssh service | | | `service.ssh.nodePort` | NodePort for ssh service | `nil` |
| `service.ssh.externalTrafficPolicy` | If `service.ssh.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation | | | `service.ssh.externalTrafficPolicy` | If `service.ssh.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation | `nil` |
| `service.ssh.externalIPs` | ssh service external IP addresses | | | `service.ssh.externalIPs` | External IPs for service | `nil` |
| `service.ssh.ipFamilyPolicy` | ssh service dual-stack policy | | | `service.ssh.ipFamilyPolicy` | SSH service dual-stack policy | `nil` |
| `service.ssh.ipFamilies` | ssh service dual-stack familiy selection | | | `service.ssh.ipFamilies` | SSH service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/). | `nil` |
| `service.ssh.hostPort` | HostPort for ssh service | `nil` |
| `service.ssh.loadBalancerSourceRanges` | Source range filter for ssh loadbalancer | `[]` | | `service.ssh.loadBalancerSourceRanges` | Source range filter for ssh loadbalancer | `[]` |
| `service.ssh.annotations` | ssh service annotations | | | `service.ssh.annotations` | SSH service annotations | `{}` |
For dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/). ### Ingress
### Gitea Configuration | Name | Description | Value |
| ------------------------------------ | --------------------------------------------------------------------------- | ----------------- |
| `ingress.enabled` | Enable ingress | `false` |
| `ingress.className` | Ingress class name | `nil` |
| `ingress.annotations` | Ingress annotations | `{}` |
| `ingress.hosts[0].host` | Default Ingress host | `git.example.com` |
| `ingress.hosts[0].paths[0].path` | Default Ingress path | `/` |
| `ingress.hosts[0].paths[0].pathType` | Ingress path type | `Prefix` |
| `ingress.tls` | Ingress tls settings | `[]` |
| `ingress.apiVersion` | Specify APIVersion of ingress object. Mostly would only be used for argocd. | |
| Parameter | Description | Default | ### StatefulSet
| -------------- | ---------------------------------------------------------------------------------------------------- | ------- |
| `gitea.config` | Everything in `app.ini` can be configured with this dict. See [Examples](#examples) for more details | `{}` |
### Gitea Probes | Name | Description | Value |
| ------------------------------------------- | ------------------------------------------------------ | ----- |
| `resources` | Kubernetes resources | `{}` |
| `schedulerName` | Use an alternate scheduler, e.g. "stork" | `""` |
| `nodeSelector` | NodeSelector for the statefulset | `{}` |
| `tolerations` | Tolerations for the statefulset | `[]` |
| `affinity` | Affinity for the statefulset | `{}` |
| `statefulset.env` | Additional environment variables to pass to containers | `[]` |
| `statefulset.terminationGracePeriodSeconds` | How long to wait until forcefully kill the pod | `60` |
| `statefulset.labels` | Labels for the statefulset | `{}` |
| `statefulset.annotations` | Annotations for the Gitea StatefulSet to be created | `{}` |
Configure Liveness, Readiness and Startup ### Persistence
[Probes](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/).
#### Liveness probe | Name | Description | Value |
| --------------------------- | ---------------------------------------------------------- | ------------------- |
| `persistence.enabled` | Enable persistent storage | `true` |
| `persistence.existingClaim` | Use an existing claim to store repository information | `nil` |
| `persistence.size` | Size for persistence to store repo information | `10Gi` |
| `persistence.accessModes` | AccessMode for persistence | `["ReadWriteOnce"]` |
| `persistence.labels` | Labels for the persistence volume claim to be created | `{}` |
| `persistence.annotations` | Annotations for the persistence volume claim to be created | `{}` |
| `persistence.storageClass` | Name of the storage class to use | `nil` |
| `persistence.subPath` | Subdirectory of the volume to mount at | `nil` |
| `extraVolumes` | Additional volumes to mount to the Gitea statefulset | `nil` |
| `extraVolumeMounts` | Additional volume mounts for the Gitea containers | `nil` |
- Default status: Enabled ### Init
- Default action: tcp socket connect
| Parameter | Description | Default | | Name | Description | Value |
| ------------------------------------------ | -------------------------------------------------------------------- | ------- | | --------------- | --------------------------------------------------------------------- | ----- |
| `gitea.livenessProbe.initialDelaySeconds` | Delay before probe start | `200` | | `initPreScript` | Bash shell script copied verbatim to the start of the init-container. | `""` |
| `gitea.livenessProbe.timeoutSeconds` | probe timeout | `1` |
| `gitea.livenessProbe.periodSeconds` | period between probes | `10` |
| `gitea.livenessProbe.successThreshold` | Minimum consecutive success probes | `1` |
| `gitea.livenessProbe.failureThreshold` | Minimum consecutive error probes | `10` |
#### Readiness probe ### Signing
- Default status: Enabled | Name | Description | Value |
- Default action: tcp socket connect | ----------------- | ---------------------------- | ------------------ |
| `signing.enabled` | Enable commit/action signing | `false` |
| `signing.gpgHome` | GPG home directory | `/data/git/.gnupg` |
| Parameter | Description | Default | ### Gitea
| ------------------------------------------ | -------------------------------------------------------------------- | ------- |
| `gitea.readinessProbe.initialDelaySeconds` | Delay before probe start | `5` |
| `gitea.readinessProbe.timeoutSeconds` | probe timeout | `1` |
| `gitea.readinessProbe.periodSeconds` | period between probes | `10` |
| `gitea.readinessProbe.successThreshold` | Minimum consecutive success probes | `1` |
| `gitea.readinessProbe.failureThreshold` | Minimum consecutive error probes | `3` |
#### Startup probe | Name | Description | Value |
| -------------------------------------- | ------------------------------------------------------------------------------------------------------------- | -------------------- |
| `gitea.admin.username` | Username for the Gitea admin user | `gitea_admin` |
| `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` |
| `gitea.admin.password` | Password for the Gitea admin user | `r8sA8CPHD9!bt6d` |
| `gitea.admin.email` | Email for the Gitea admin user | `gitea@local.domain` |
| `gitea.metrics.enabled` | Enable Gitea metrics | `false` |
| `gitea.metrics.serviceMonitor.enabled` | Enable Gitea metrics service monitor | `false` |
| `gitea.ldap` | LDAP configuration | `[]` |
| `gitea.oauth` | OAuth configuration | `[]` |
| `gitea.config` | Configuration for the Gitea server,ref: [config-cheat-sheet](https://docs.gitea.io/en-us/config-cheat-sheet/) | `{}` |
| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` |
| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` |
| `gitea.podAnnotations` | Annotations for the Gitea pod | `{}` |
- Default status: Disabled ### LivenessProbe
- Default action: tcp socket connect
| Parameter | Description | Default | | Name | Description | Value |
| ------------------------------------------ | -------------------------------------------------------------------- | ------- | | ----------------------------------------- | ------------------------------------------------ | ------ |
| `gitea.startupProbe.initialDelaySeconds` | Delay before probe start | `60` | | `gitea.livenessProbe.enabled` | Enable liveness probe | `true` |
| `gitea.startupProbe.timeoutSeconds` | probe timeout | `1` | | `gitea.livenessProbe.tcpSocket.port` | Port to probe for liveness | `http` |
| `gitea.startupProbe.periodSeconds` | period between probes | `10` | | `gitea.livenessProbe.initialDelaySeconds` | Initial delay before liveness probe is initiated | `200` |
| `gitea.startupProbe.successThreshold` | Minimum consecutive success probes | `1` | | `gitea.livenessProbe.timeoutSeconds` | Timeout for liveness probe | `1` |
| `gitea.startupProbe.failureThreshold` | Minimum consecutive error probes | `10` | | `gitea.livenessProbe.periodSeconds` | Period for liveness probe | `10` |
| `gitea.livenessProbe.successThreshold` | Success threshold for liveness probe | `1` |
| `gitea.livenessProbe.failureThreshold` | Failure threshold for liveness probe | `10` |
### Memcached BuiltIn ### ReadinessProbe
Memcached is loaded as a dependency from | Name | Description | Value |
[Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/memcached) if | ------------------------------------------ | ------------------------------------------------- | ------ |
enabled in the values. Complete Configuration can be taken from their website. | `gitea.readinessProbe.enabled` | Enable readiness probe | `true` |
| `gitea.readinessProbe.tcpSocket.port` | Port to probe for readiness | `http` |
| `gitea.readinessProbe.initialDelaySeconds` | Initial delay before readiness probe is initiated | `5` |
| `gitea.readinessProbe.timeoutSeconds` | Timeout for readiness probe | `1` |
| `gitea.readinessProbe.periodSeconds` | Period for readiness probe | `10` |
| `gitea.readinessProbe.successThreshold` | Success threshold for readiness probe | `1` |
| `gitea.readinessProbe.failureThreshold` | Failure threshold for readiness probe | `3` |
The following parameters are the defaults set by this chart ### StartupProbe
| Parameter | Description | Default | | Name | Description | Value |
| ------------------------ | --------------------------- | ------- | | ---------------------------------------- | ----------------------------------------------- | ------- |
| `memcached.service.port` | Memcached Port | 11211 | | `gitea.startupProbe.enabled` | Enable startup probe | `false` |
| `memcached.enabled` | Enable Memcached dependency | `true` | | `gitea.startupProbe.tcpSocket.port` | Port to probe for startup | `http` |
| `gitea.startupProbe.initialDelaySeconds` | Initial delay before startup probe is initiated | `60` |
| `gitea.startupProbe.timeoutSeconds` | Timeout for startup probe | `1` |
| `gitea.startupProbe.periodSeconds` | Period for startup probe | `10` |
| `gitea.startupProbe.successThreshold` | Success threshold for startup probe | `1` |
| `gitea.startupProbe.failureThreshold` | Failure threshold for startup probe | `10` |
### MySQL BuiltIn ### Memcached
MySQL is loaded as a dependency from stable. Configuration can be found on this | Name | Description | Value |
[website](https://github.com/helm/charts/tree/master/stable/mysql). | ------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `memcached.enabled` | Memcached is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/memcached) if enabled in the values. Complete Configuration can be taken from their website. | `true` |
| `memcached.service.port` | Port for Memcached | `11211` |
The following parameters are the defaults set by this chart ### PostgreSQL
| Parameter | Description | Default | | Name | Description | Value |
| ------------------------ | ------------------------------------------------------------------ | ------- |
| `mysql.root.password` | Password for the root user. Ignored if existing secret is provided | `gitea` |
| `mysql.db.user` | Username of new user to create. | `gitea` |
| `mysql.db.password` | Password for the new user. Ignored if existing secret is provided | `gitea` |
| `mysql.db.name` | Name for new database to create. | `gitea` |
| `mysql.service.port` | Port to connect to MySQL service | `3306` |
| `mysql.persistence.size` | Persistence size for MySQL | `10Gi` |
| `mysql.enabled` | Enable MySQL dependency | `false` |
### PostgreSQL BuiltIn
PostgreSQL is loaded as a dependency from Bitnami. The chart configuration can
be found in this
[Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql)
repository.
The following parameters are the defaults set by this chart
| Parameter | Description | Default |
| ------------------------------------------------- | -------------------------------------------------------- | ------- | | ------------------------------------------------- | -------------------------------------------------------- | ------- |
| `postgresql.enabled` | Enable PostgreSQL | `true` |
| `postgresql.global.postgresql.postgresqlDatabase` | PostgreSQL database (overrides postgresqlDatabase) | `gitea` | | `postgresql.global.postgresql.postgresqlDatabase` | PostgreSQL database (overrides postgresqlDatabase) | `gitea` |
| `postgresql.global.postgresql.postgresqlUsername` | PostgreSQL username (overrides postgresqlUsername) | `gitea` | | `postgresql.global.postgresql.postgresqlUsername` | PostgreSQL username (overrides postgresqlUsername) | `gitea` |
| `postgresql.global.postgresql.postgresqlPassword` | PostgreSQL admin password (overrides postgresqlPassword) | `gitea` | | `postgresql.global.postgresql.postgresqlPassword` | PostgreSQL admin password (overrides postgresqlPassword) | `gitea` |
| `postgresql.global.postgresql.servicePort` | PostgreSQL port (overrides service.port) | `5432` | | `postgresql.global.postgresql.servicePort` | PostgreSQL port (overrides service.port) | `5432` |
| `postgresql.persistence.size` | PVC Storage Request for PostgreSQL volume | `10Gi` | | `postgresql.persistence.size` | PVC Storage Request for PostgreSQL volume | `10Gi` |
| `postgresql.enabled` | Enable PostgreSQL dependency | `true` |
### MariaDB BuiltIn ### MySQL
MariaDB is loaded as a dependency from bitnami. Configuration can be found in | Name | Description | Value |
this [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/mariadb) | ------------------------ | ------------------------------------------------------------------ | ------- |
repository. | `mysql.enabled` | Enable MySQL | `false` |
| `mysql.root.password` | Password for the root user. Ignored if existing secret is provided | `gitea` |
| `mysql.db.user` | Username of new user to create. | `gitea` |
| `mysql.db.password` | Password for the new user.Ignored if existing secret is provided | `gitea` |
| `mysql.db.name` | Name for new database to create. | `gitea` |
| `mysql.service.port` | Port to connect to MySQL service | `3306` |
| `mysql.persistence.size` | PVC Storage Request for MySQL volume | `10Gi` |
The following parameters are the defaults set by this chart ### MariaDB
| Parameter | Description | Default | | Name | Description | Value |
| ---------------------------------- | ----------------------------------------------------------------- | ------- | | ---------------------------------- | ----------------------------------------------------------------- | ------- |
| `mariadb.auth.username` | Username of new user to create. | `gitea` | | `mariadb.enabled` | Enable MariaDB | `false` |
| `mariadb.auth.database` | Name of the database to create. | `gitea` |
| `mariadb.auth.username` | Username of the new user to create. | `gitea` |
| `mariadb.auth.password` | Password for the new user. Ignored if existing secret is provided | `gitea` | | `mariadb.auth.password` | Password for the new user. Ignored if existing secret is provided | `gitea` |
| `mariadb.auth.database` | Name for new database to create. | `gitea` |
| `mariadb.auth.rootPassword` | Password for the root user. | `gitea` | | `mariadb.auth.rootPassword` | Password for the root user. | `gitea` |
| `mariadb.primary.service.port` | Port to connect to MariaDB service | `3306` | | `mariadb.primary.service.port` | Port to connect to MariaDB service | `3306` |
| `mariadb.primary.persistence.size` | Persistence size for MariaDB | `10Gi` | | `mariadb.primary.persistence.size` | Persistence size for MariaDB | `10Gi` |
| `mariadb.enabled` | Enable MariaDB dependency | `false` |
### Advanced
| Name | Description | Value |
| ------------------ | ---------------------------------------------------- | ------ |
| `checkDeprecation` | Set it to false to skip this basic validation check. | `true` |
## Local development & testing ## Local development & testing

12
templates/gitea/statefulset.yaml
View File

@ -244,17 +244,17 @@ spec:
- name: profiler - name: profiler
containerPort: 6060 containerPort: 6060
{{- end }} {{- end }}
{{- if .Values.gitea.livenessProbe }} {{- if .Values.gitea.livenessProbe.enabled }}
livenessProbe: livenessProbe:
{{- toYaml .Values.gitea.livenessProbe | nindent 12 }} {{- toYaml (omit .Values.gitea.livenessProbe "enabled") | nindent 12 }}
{{- end }} {{- end }}
{{- if .Values.gitea.readinessProbe }} {{- if .Values.gitea.readinessProbe.enabled }}
readinessProbe: readinessProbe:
{{- toYaml .Values.gitea.readinessProbe | nindent 12 }} {{- toYaml (omit .Values.gitea.readinessProbe "enabled") | nindent 12 }}
{{- end }} {{- end }}
{{- if .Values.gitea.startupProbe }} {{- if .Values.gitea.startupProbe.enabled }}
startupProbe: startupProbe:
{{- toYaml .Values.gitea.startupProbe | nindent 12 }} {{- toYaml (omit .Values.gitea.startupProbe "enabled") | nindent 12 }}
{{- end }} {{- end }}
resources: resources:
{{- toYaml .Values.resources | nindent 12 }} {{- toYaml .Values.resources | nindent 12 }}

222
values.yaml
View File

@ -1,6 +1,11 @@
# Default values for gitea. # Default values for gitea.
# This is a YAML-formatted file. # This is a YAML-formatted file.
# Declare variables to be passed into your templates. # Declare variables to be passed into your templates.
## @section Global
#
## @param global.imageRegistry global image registry override
## @param global.imagePullSecrets global image pull secrets override; can be extended by `imagePullSecrets`
## @param global.storageClass global storage class override
global: global:
imageRegistry: "" imageRegistry: ""
## E.g. ## E.g.
@ -10,23 +15,36 @@ global:
imagePullSecrets: [] imagePullSecrets: []
storageClass: "" storageClass: ""
## @param replicaCount number of replicas for the statefulset
replicaCount: 1 replicaCount: 1
## @param clusterDomain cluster domain
clusterDomain: cluster.local clusterDomain: cluster.local
## @section Image
## @param image.registry image registry, e.g. gcr.io,docker.io
## @param image.repository Image to start for this pod
## @param image.tag Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated)
## @param image.pullPolicy Image pull policy
## @param image.rootless Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher
image: image:
registry: ""
repository: gitea/gitea repository: gitea/gitea
# Overrides the image tag whose default is the chart appVersion. # Overrides the image tag whose default is the chart appVersion.
tag: "" tag: ""
pullPolicy: Always pullPolicy: Always
rootless: false # only possible when running 1.14 or later rootless: false # only possible when running 1.14 or later
## @param imagePullSecrets Secret to use for pulling the image
imagePullSecrets: [] imagePullSecrets: []
## @section Security
# Security context is only usable with rootless image due to image design # Security context is only usable with rootless image due to image design
## @param podSecurityContext.fsGroup Set the shared file system group for all containers in the pod.
podSecurityContext: podSecurityContext:
fsGroup: 1000 fsGroup: 1000
## @param containerSecurityContext Security context
containerSecurityContext: {} containerSecurityContext: {}
# allowPrivilegeEscalation: false # allowPrivilegeEscalation: false
# capabilities: # capabilities:
@ -45,41 +63,77 @@ containerSecurityContext: {}
# runAsNonRoot: true # runAsNonRoot: true
# runAsUser: 1000 # runAsUser: 1000
# DEPRECATED. The securityContext variable has been split two: ## @depracated The securityContext variable has been split two:
# - containerSecurityContext ## - containerSecurityContext
# - podSecurityContext. ## - podSecurityContext.
## @param securityContext Run init and Gitea containers as a specific securityContext
securityContext: {} securityContext: {}
## @section Service
service: service:
## @param service.http.type Kubernetes service type for web traffic
## @param service.http.port Port number for web traffic
## @param service.http.clusterIP ClusterIP setting for http autosetup for statefulset is None
## @param service.http.loadBalancerIP LoadBalancer IP setting
## @param service.http.nodePort NodePort for http service
## @param service.http.externalTrafficPolicy If `service.http.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation
## @param service.http.externalIPs External IPs for service
## @param service.http.ipFamilyPolicy HTTP service dual-stack policy
## @param service.http.ipFamilies HTTP service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/).
## @param service.http.loadBalancerSourceRanges Source range filter for http loadbalancer
## @param service.http.annotations HTTP service annotations
http: http:
type: ClusterIP type: ClusterIP
port: 3000 port: 3000
clusterIP: None clusterIP: None
#loadBalancerIP: loadBalancerIP:
#nodePort: nodePort:
#externalTrafficPolicy: externalTrafficPolicy:
#externalIPs: externalIPs:
#ipFamilyPolicy: ipFamilyPolicy:
#ipFamilies: ipFamilies:
loadBalancerSourceRanges: [] loadBalancerSourceRanges: []
annotations: annotations: {}
## @param service.ssh.type Kubernetes service type for ssh traffic
## @param service.ssh.port Port number for ssh traffic
## @param service.ssh.clusterIP ClusterIP setting for ssh autosetup for statefulset is None
## @param service.ssh.loadBalancerIP LoadBalancer IP setting
## @param service.ssh.nodePort NodePort for ssh service
## @param service.ssh.externalTrafficPolicy If `service.ssh.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation
## @param service.ssh.externalIPs External IPs for service
## @param service.ssh.ipFamilyPolicy SSH service dual-stack policy
## @param service.ssh.ipFamilies SSH service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/).
## @param service.ssh.hostPort HostPort for ssh service
## @param service.ssh.loadBalancerSourceRanges Source range filter for ssh loadbalancer
## @param service.ssh.annotations SSH service annotations
ssh: ssh:
type: ClusterIP type: ClusterIP
port: 22 port: 22
clusterIP: None clusterIP: None
#loadBalancerIP: loadBalancerIP:
#nodePort: nodePort:
#externalTrafficPolicy: externalTrafficPolicy:
#externalIPs: externalIPs:
#ipFamilyPolicy: ipFamilyPolicy:
#ipFamilies: ipFamilies:
#hostPort: hostPort:
loadBalancerSourceRanges: [] loadBalancerSourceRanges: []
annotations: annotations: {}
## @section Ingress
## @param ingress.enabled Enable ingress
## @param ingress.className Ingress class name
## @param ingress.annotations Ingress annotations
## @param ingress.hosts[0].host Default Ingress host
## @param ingress.hosts[0].paths[0].path Default Ingress path
## @param ingress.hosts[0].paths[0].pathType Ingress path type
## @param ingress.tls Ingress tls settings
## @extra ingress.apiVersion Specify APIVersion of ingress object. Mostly would only be used for argocd.
ingress: ingress:
enabled: false enabled: false
# className: nginx # className: nginx
className:
annotations: {} annotations: {}
# kubernetes.io/ingress.class: nginx # kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true" # kubernetes.io/tls-acme: "true"
@ -96,6 +150,9 @@ ingress:
# If helm doesn't correctly detect your ingress API version you can set it here. # If helm doesn't correctly detect your ingress API version you can set it here.
# apiVersion: networking.k8s.io/v1 # apiVersion: networking.k8s.io/v1
## @section StatefulSet
#
## @param resources Kubernetes resources
resources: {} resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious # We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little # choice for the user. This also increases chances charts run on environments with little
@ -111,14 +168,22 @@ resources: {}
## Use an alternate scheduler, e.g. "stork". ## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
## ##
# schedulerName: ## @param schedulerName Use an alternate scheduler, e.g. "stork"
schedulerName: ""
## @param nodeSelector NodeSelector for the statefulset
nodeSelector: {} nodeSelector: {}
## @param tolerations Tolerations for the statefulset
tolerations: [] tolerations: []
## @param affinity Affinity for the statefulset
affinity: {} affinity: {}
## @param statefulset.env Additional environment variables to pass to containers
## @param statefulset.terminationGracePeriodSeconds How long to wait until forcefully kill the pod
## @param statefulset.labels Labels for the statefulset
## @param statefulset.annotations Annotations for the Gitea StatefulSet to be created
statefulset: statefulset:
env: [] env: []
# - name: VARIABLE # - name: VARIABLE
@ -127,18 +192,28 @@ statefulset:
labels: {} labels: {}
annotations: {} annotations: {}
## @section Persistence
#
## @param persistence.enabled Enable persistent storage
## @param persistence.existingClaim Use an existing claim to store repository information
## @param persistence.size Size for persistence to store repo information
## @param persistence.accessModes AccessMode for persistence
## @param persistence.labels Labels for the persistence volume claim to be created
## @param persistence.annotations Annotations for the persistence volume claim to be created
## @param persistence.storageClass Name of the storage class to use
## @param persistence.subPath Subdirectory of the volume to mount at
persistence: persistence:
enabled: true enabled: true
# existingClaim: existingClaim:
size: 10Gi size: 10Gi
accessModes: accessModes:
- ReadWriteOnce - ReadWriteOnce
labels: {} labels: {}
annotations: {} annotations: {}
# storageClass: storageClass:
# subPath: subPath:
# additional volumes to add to the Gitea statefulset. ## @param extraVolumes Additional volumes to mount to the Gitea statefulset
extraVolumes: extraVolumes:
# - name: postgres-ssl-vol # - name: postgres-ssl-vol
# secret: # secret:
@ -148,12 +223,14 @@ extraVolumes:
# additional volumes to mount, both to the init container and to the main # additional volumes to mount, both to the init container and to the main
# container. As an example, can be used to mount a client cert when connecting # container. As an example, can be used to mount a client cert when connecting
# to an external Postgres server. # to an external Postgres server.
## @param extraVolumeMounts Additional volume mounts for the Gitea containers
extraVolumeMounts: extraVolumeMounts:
# - name: postgres-ssl-vol # - name: postgres-ssl-vol
# readOnly: true # readOnly: true
# mountPath: "/pg-ssl" # mountPath: "/pg-ssl"
# bash shell script copied verbatim to the start of the init-container. ## @section Init
## @param initPreScript Bash shell script copied verbatim to the start of the init-container.
initPreScript: "" initPreScript: ""
# #
# initPreScript: | # initPreScript: |
@ -163,17 +240,30 @@ initPreScript: ""
# chmod 400 /data/git/.postgresql/postgresql.key # chmod 400 /data/git/.postgresql/postgresql.key
# Configure commit/action signing prerequisites # Configure commit/action signing prerequisites
## @section Signing
#
## @param signing.enabled Enable commit/action signing
## @param signing.gpgHome GPG home directory
signing: signing:
enabled: false enabled: false
gpgHome: /data/git/.gnupg gpgHome: /data/git/.gnupg
## @section Gitea
#
gitea: gitea:
## @param gitea.admin.username Username for the Gitea admin user
## @param gitea.admin.existingSecret Use an existing secret to store admin user credentials
## @param gitea.admin.password Password for the Gitea admin user
## @param gitea.admin.email Email for the Gitea admin user
admin: admin:
#existingSecret: gitea-admin-secret #existingSecret: gitea-admin-secret
existingSecret:
username: gitea_admin username: gitea_admin
password: r8sA8CPHD9!bt6d password: r8sA8CPHD9!bt6d
email: "gitea@local.domain" email: "gitea@local.domain"
## @param gitea.metrics.enabled Enable Gitea metrics
## @param gitea.metrics.serviceMonitor.enabled Enable Gitea metrics service monitor
metrics: metrics:
enabled: false enabled: false
serviceMonitor: serviceMonitor:
@ -181,6 +271,7 @@ gitea:
# additionalLabels: # additionalLabels:
# prometheus-release: prom1 # prometheus-release: prom1
## @param gitea.ldap LDAP configuration
ldap: [] ldap: []
# - name: "LDAP 1" # - name: "LDAP 1"
# existingSecret: # existingSecret:
@ -197,6 +288,7 @@ gitea:
# publicSSHKeyAttribute: # publicSSHKeyAttribute:
# Either specify inline `key` and `secret` or refer to them via `existingSecret` # Either specify inline `key` and `secret` or refer to them via `existingSecret`
## @param gitea.oauth OAuth configuration
oauth: [] oauth: []
# - name: 'OAuth 1' # - name: 'OAuth 1'
# provider: # provider:
@ -210,6 +302,7 @@ gitea:
# customProfileUrl: # customProfileUrl:
# customEmailUrl: # customEmailUrl:
## @param gitea.config Configuration for the Gitea server,ref: [config-cheat-sheet](https://docs.gitea.io/en-us/config-cheat-sheet/)
config: {} config: {}
# APP_NAME: "Gitea: Git with a cup of tea" # APP_NAME: "Gitea: Git with a cup of tea"
# RUN_MODE: dev # RUN_MODE: dev
@ -220,18 +313,31 @@ gitea:
# security: # security:
# PASSWORD_COMPLEXITY: spec # PASSWORD_COMPLEXITY: spec
## @param gitea.additionalConfigSources Additional configuration from secret or configmap
additionalConfigSources: [] additionalConfigSources: []
# - secret: # - secret:
# secretName: gitea-app-ini-oauth # secretName: gitea-app-ini-oauth
# - configMap: # - configMap:
# name: gitea-app-ini-plaintext # name: gitea-app-ini-plaintext
## @param gitea.additionalConfigFromEnvs Additional configuration sources from environment variables
additionalConfigFromEnvs: [] additionalConfigFromEnvs: []
## @param gitea.podAnnotations Annotations for the Gitea pod
podAnnotations: {} podAnnotations: {}
## @section LivenessProbe
#
## @param gitea.livenessProbe.enabled Enable liveness probe
## @param gitea.livenessProbe.tcpSocket.port Port to probe for liveness
## @param gitea.livenessProbe.initialDelaySeconds Initial delay before liveness probe is initiated
## @param gitea.livenessProbe.timeoutSeconds Timeout for liveness probe
## @param gitea.livenessProbe.periodSeconds Period for liveness probe
## @param gitea.livenessProbe.successThreshold Success threshold for liveness probe
## @param gitea.livenessProbe.failureThreshold Failure threshold for liveness probe
# Modify the liveness probe for your needs or completely disable it by commenting out. # Modify the liveness probe for your needs or completely disable it by commenting out.
livenessProbe: livenessProbe:
enabled: true
tcpSocket: tcpSocket:
port: http port: http
initialDelaySeconds: 200 initialDelaySeconds: 200
@ -240,8 +346,18 @@ gitea:
successThreshold: 1 successThreshold: 1
failureThreshold: 10 failureThreshold: 10
## @section ReadinessProbe
#
## @param gitea.readinessProbe.enabled Enable readiness probe
## @param gitea.readinessProbe.tcpSocket.port Port to probe for readiness
## @param gitea.readinessProbe.initialDelaySeconds Initial delay before readiness probe is initiated
## @param gitea.readinessProbe.timeoutSeconds Timeout for readiness probe
## @param gitea.readinessProbe.periodSeconds Period for readiness probe
## @param gitea.readinessProbe.successThreshold Success threshold for readiness probe
## @param gitea.readinessProbe.failureThreshold Failure threshold for readiness probe
# Modify the readiness probe for your needs or completely disable it by commenting out. # Modify the readiness probe for your needs or completely disable it by commenting out.
readinessProbe: readinessProbe:
enabled: true
tcpSocket: tcpSocket:
port: http port: http
initialDelaySeconds: 5 initialDelaySeconds: 5
@ -251,20 +367,42 @@ gitea:
failureThreshold: 3 failureThreshold: 3
# # Uncomment the startup probe to enable and modify it for your needs. # # Uncomment the startup probe to enable and modify it for your needs.
# startupProbe: ## @section StartupProbe
# tcpSocket: #
# port: http ## @param gitea.startupProbe.enabled Enable startup probe
# initialDelaySeconds: 60 ## @param gitea.startupProbe.tcpSocket.port Port to probe for startup
# timeoutSeconds: 1 ## @param gitea.startupProbe.initialDelaySeconds Initial delay before startup probe is initiated
# periodSeconds: 10 ## @param gitea.startupProbe.timeoutSeconds Timeout for startup probe
# successThreshold: 1 ## @param gitea.startupProbe.periodSeconds Period for startup probe
# failureThreshold: 10 ## @param gitea.startupProbe.successThreshold Success threshold for startup probe
## @param gitea.startupProbe.failureThreshold Failure threshold for startup probe
startupProbe:
enabled: false
tcpSocket:
port: http
initialDelaySeconds: 60
timeoutSeconds: 1
periodSeconds: 10
successThreshold: 1
failureThreshold: 10
## @section Memcached
#
## @param memcached.enabled Memcached is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/memcached) if enabled in the values. Complete Configuration can be taken from their website.
## @param memcached.service.port Port for memcached
memcached: memcached:
enabled: true enabled: true
service: service:
port: 11211 port: 11211
## @section PostgreSQL
#
## @param postgresql.enabled Enable PostgreSQL
## @param postgresql.global.postgresql.postgresqlDatabase PostgreSQL database (overrides postgresqlDatabase)
## @param postgresql.global.postgresql.postgresqlUsername PostgreSQL username (overrides postgresqlUsername)
## @param postgresql.global.postgresql.postgresqlPassword PostgreSQL admin password (overrides postgresqlPassword)
## @param postgresql.global.postgresql.servicePort PostgreSQL port (overrides service.port)
## @param postgresql.persistence.size PVC Storage Request for PostgreSQL volume
postgresql: postgresql:
enabled: true enabled: true
global: global:
@ -276,6 +414,15 @@ postgresql:
persistence: persistence:
size: 10Gi size: 10Gi
## @section MySQL
#
## @param mysql.enabled Enable MySQL
## @param mysql.root.password Password for the root user. Ignored if existing secret is provided
## @param mysql.db.user Username of new user to create.
## @param mysql.db.password Password for the new user.Ignored if existing secret is provided
## @param mysql.db.name Name for new database to create.
## @param mysql.service.port Port to connect to MySQL service
## @param mysql.persistence.size PVC Storage Request for MySQL volume
mysql: mysql:
enabled: false enabled: false
root: root:
@ -289,6 +436,15 @@ mysql:
persistence: persistence:
size: 10Gi size: 10Gi
## @section MariaDB
#
## @param mariadb.enabled Enable MariaDB
## @param mariadb.auth.database Name of the database to create.
## @param mariadb.auth.username Username of the new user to create.
## @param mariadb.auth.password Password for the new user. Ignored if existing secret is provided
## @param mariadb.auth.rootPassword Password for the root user.
## @param mariadb.primary.service.port Port to connect to MariaDB service
## @param mariadb.primary.persistence.size Persistence size for MariaDB
mariadb: mariadb:
enabled: false enabled: false
auth: auth:
@ -304,4 +460,6 @@ mariadb:
# By default, removed or moved settings that still remain in a user defined values.yaml will cause Helm to fail running the install/update. # By default, removed or moved settings that still remain in a user defined values.yaml will cause Helm to fail running the install/update.
# Set it to false to skip this basic validation check. # Set it to false to skip this basic validation check.
## @section Advanced
## @param checkDeprecation Set it to false to skip this basic validation check.
checkDeprecation: true checkDeprecation: true