matthew/helm-chart
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of https://gitea.com/Ceddaerrix/gitea-helm-chart

Browse Source
This commit is contained in:
212597596 2024-06-05 18:28:50 +03:00
commit b552acaf1c
19 changed files with 429 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
.gitea/workflows/release-version.yml
View File

@ -5,19 +5,29 @@ on:
tags:
- "*"
env:
# renovate: datasource=docker depName=alpine/helm
HELM_VERSION: "3.12.3"
jobs:
generate-chart-publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: install tools
run: |
apt update -y
apt install -y curl
apt install -y curl ca-certificates curl gnupg
# helm
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | tee /usr/share/keyrings/helm.gpg > /dev/null
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | tee /etc/apt/sources.list.d/helm-stable-debian.list
# docker
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update -y
apt install -y python helm python3-pip apt-transport-https
apt install -y python helm=${{ env.HELM_VERSION }}-1 python3-pip apt-transport-https docker-ce-cli
pip install awscli
- name: Import GPG key
@ -31,6 +41,7 @@ jobs:
# Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
- name: package chart
run: |
echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
# FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
helm plugin install https://github.com/pat-s/helm-gpg
helm dependency update

25
.gitea/workflows/test-pr.yml
View File

@ -3,30 +3,29 @@ name: check-and-test
on:
- pull_request
env:
# renovate: datasource=github-releases depName=helm-unittest/helm-unittest
HELM_UNITTEST_VERSION: "v0.3.6"
jobs:
check-and-test:
runs-on: ubuntu-latest
container: alpine/helm:3.12.3
steps:
- uses: actions/checkout@v3
- name: install tools
run: |
apt update -y
apt install -y curl make
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | tee /usr/share/keyrings/helm.gpg > /dev/null
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | tee /etc/apt/sources.list.d/helm-stable-debian.list
apt update -y
apt install -y helm python3-pip
pip install yamllint
- name: dependency update
run: helm dependency update
apk update
apk add --update make nodejs npm yamllint
- uses: actions/checkout@v4
- name: install chart dependencies
run: helm dependency build
- name: lint
run: helm lint
- name: template
run: |
helm template --debug gitea-helm .
run: helm template --debug gitea-helm .
- name: unit tests
run: |
helm plugin install --version 0.3.3 https://github.com/helm-unittest/helm-unittest
helm plugin install --version ${{ env.HELM_UNITTEST_VERSION }} https://github.com/helm-unittest/helm-unittest
make unittests
- name: verify readme
run: |

8
.vscode/extensions.json vendored Normal file
View File

@ -0,0 +1,8 @@
{
"recommendations": [
"yzhang.markdown-all-in-one",
"DavidAnson.vscode-markdownlint",
"Tim-Koehler.helm-intellisense",
"esbenp.prettier-vscode"
]
}

8
.vscode/settings.json vendored Normal file
View File

@ -0,0 +1,8 @@
{
"yaml.schemas": {
"https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json": [
"/unittests/**/*.yaml"
]
},
"yaml.schemaStore.enable": true
}

9
CONTRIBUTING.md
View File

@ -9,12 +9,7 @@ refactorings for easier maintainability or documentation improvements.
- [`helm`](https://helm.sh/docs/intro/install/)
- `make` is optional; you may call the commands directly
When using Visual Studio Code as IDE, following plugins might be useful:
- [Markdown All in One](https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one)
- [markdownlint](https://marketplace.visualstudio.com/items?itemName=DavidAnson.vscode-markdownlint)
- [Helm Intellisense](https://marketplace.visualstudio.com/items?itemName=Tim-Koehler.helm-intellisense)
- [Prettier - Code formatter](https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode)
When using Visual Studio Code as IDE, a [ready-to-use profile](.vscode/) is available.
## Documentation Requirements
@ -61,7 +56,7 @@ $ helm plugin install https://github.com/helm-unittest/helm-unittest
make unittests
```
See [plugin documentation](https://github.com/helm-unittest/helm-unittest/blob/v0.3.3/DOCUMENT.md) for usage instructions.
See [plugin documentation](https://github.com/helm-unittest/helm-unittest/blob/main/DOCUMENT.md) for usage instructions.
## Release process

10
Chart.lock
View File

@ -1,12 +1,12 @@
dependencies:
- name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts
version: 12.10.0
version: 12.12.10
- name: postgresql-ha
repository: oci://registry-1.docker.io/bitnamicharts
version: 11.9.0
version: 11.9.4
- name: redis-cluster
repository: oci://registry-1.docker.io/bitnamicharts
version: 8.6.9
digest: sha256:57053e05cac377167dea0f1beb6d98458f2d3789d2f57eeb8f2c54af4bb8ba60
generated: "2023-08-31T19:12:23.741539+02:00"
version: 9.1.1
digest: sha256:35358da69169541a009540a2d6a840584390e5b53dad5b647b19bd5c14c88f93
generated: "2023-11-06T00:07:24.742145709Z"

14
Chart.yaml
View File

@ -3,7 +3,7 @@ name: gitea
description: Gitea Helm chart for Kubernetes
type: application
version: 0.0.0
appVersion: 1.20.3
appVersion: 1.20.5
icon: https://gitea.com/assets/img/logo.svg
keywords:
@ -33,18 +33,18 @@ maintainers:
# Bitnami charts are served from GitHub CDN - See https://github.com/bitnami/charts/issues/10539 for details
dependencies:
# Chart release date: 2023-07 (https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml)
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql
- name: postgresql
repository: oci://registry-1.docker.io/bitnamicharts
version: 12.10.0
version: 12.12.10
condition: postgresql.enabled
# Chart release date: 2023-07 (https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml)
# https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml
- name: postgresql-ha
repository: oci://registry-1.docker.io/bitnamicharts
version: 11.9.0
version: 11.9.4
condition: postgresql-ha.enabled
# Chart release date: 2023-07 (https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml)
# https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml
- name: redis-cluster
repository: oci://registry-1.docker.io/bitnamicharts
version: 8.6.9
version: 9.1.1
condition: redis-cluster.enabled

129
README.md
View File

@ -10,7 +10,7 @@
- [Database defaults](#database-defaults)
- [Server defaults](#server-defaults)
- [Metrics defaults](#metrics-defaults)
- [Minimal Configuration](#minimal-configuration)
- [Single-Pod Configurations](#single-pod-configurations)
- [Additional _app.ini_ settings](#additional-appini-settings)
- [User defined environment variables in app.ini](#user-defined-environment-variables-in-appini)
- [External Database](#external-database)
@ -27,6 +27,7 @@
- [Metrics and profiling](#metrics-and-profiling)
- [Pod annotations](#pod-annotations)
- [Themes](#themes)
- [Renovate](#renovate)
- [Parameters](#parameters)
- [Global](#global)
- [strategy](#strategy)
@ -171,35 +172,77 @@ The Prometheus `/metrics` endpoint is disabled by default.
ENABLED = false
```
### Minimal Configuration
### Single-Pod Configurations
For a minimal installation, i.e. without HA dependencies and using the built-in SQLITE DB instead of Postgres, the following configuration can be used:
If HA is not needed/desired, the following configurations can be used to deploy a single-pod Gitea instance.
```yaml
redis-cluster:
enabled: false
postgresql:
enabled: false
postgresql-ha:
enabled: false
1. For a production-ready single-pod Gitea instance without external dependencies (using the chart dependency `postgresql`):
persistence:
enabled: false
<details>
gitea:
config:
database:
DB_TYPE: sqlite3
session:
PROVIDER: memory
cache:
ADAPTER: memory
queue:
TYPE: level
```
<summary>values.yml</summary>
This will result in a single-pod Gitea instance without any dependencies and persistence.
Do not use this configuration for production use.
```yaml
redis-cluster:
enabled: false
postgresql:
enabled: true
postgresql-ha:
enabled: false
persistence:
enabled: true
gitea:
config:
database:
DB_TYPE: postgres
session:
PROVIDER: db
cache:
ADAPTER: memory
queue:
TYPE: level
indexer:
ISSUE_INDEXER_TYPE: bleve
REPO_INDEXER_ENABLED: true
```
</details>
2. For a minimal DEV installation (using the built-in sqlite DB instead of Postgres):
This will result in a single-pod Gitea instance _without any dependencies and persistence_.
**Do not use this configuration for production use**.
<details>
<summary>values.yml</summary>
```yaml
redis-cluster:
enabled: false
postgresql:
enabled: false
postgresql-ha:
enabled: false
persistence:
enabled: false
gitea:
config:
database:
DB_TYPE: sqlite3
session:
PROVIDER: memory
cache:
ADAPTER: memory
queue:
TYPE: level
```
</details>
### Additional _app.ini_ settings
@ -691,6 +734,34 @@ or natively via `kubectl`:
kubectl create secret generic gitea-themes --from-file={{FULL-PATH-TO-CSS}} --namespace gitea
```
## Renovate
To be able to use a digest value which is automatically updated by `Renovate` a [customManager](https://docs.renovatebot.com/modules/manager/regex/) is required.
Here's an examplary `values.yml` definition which makes use of a digest:
```yaml
image:
repository: gitea/gitea
tag: 1.20.2
digest: sha256:6e3b85a36653894d6741d0aefb41dfaac39044e028a42e0a520cc05ebd7bfc3f
```
By default Renovate adds digest after the `tag`.
To comply with the Gitea helm chart definition of the digest parameter, a "customManagers" definition is required:
```json
"customManagers": [
{
"customType": "regex",
"description": "Apply an explicit gitea digest field match",
"fileMatch": ["values\\.ya?ml"],
"matchStrings": ["(?<depName>gitea\\/gitea)\\n(?<indentation>\\s+)tag: (?<currentValue>[^@].*?)\\n\\s+digest: (?<currentDigest>sha256:[a-f0-9]+)"],
"datasourceTemplate": "docker",
"autoReplaceStringTemplate": "{{depName}}\n{{indentation}}tag: {{newValue}}\n{{indentation}}digest: {{#if newDigest}}{{{newDigest}}}{{else}}{{{currentDigest}}}{{/if}}"
}
]
```
## Parameters
### Global
@ -719,6 +790,7 @@ kubectl create secret generic gitea-themes --from-file={{FULL-PATH-TO-CSS}} --na
| `image.registry` | image registry, e.g. gcr.io,docker.io | `""` |
| `image.repository` | Image to start for this pod | `gitea/gitea` |
| `image.tag` | Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml. | `""` |
| `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` |
| `image.pullPolicy` | Image pull policy | `Always` |
| `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `true` |
| `imagePullSecrets` | Secret to use for pulling the image | `[]` |
@ -995,15 +1067,17 @@ The previous `memcache` default was not HA-ready, hence we decided to switch to
If you are coming from an existing deployment and [#356](https://gitea.com/gitea/helm-chart/issues/356) is still open, you need to set the config sections for `cache`, `session` and `queue` explicitly:
```yaml
gitea:
config:
session:
PROVIDER: redis-cluster
PROVIDER_CONFIG: redis+cluster://:gitea@gitea-redis-cluster-headless.<namespace>.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
cache:
ENABLED: true
ADAPTER: redis-cluster
HOST: redis+cluster://:gitea@gitea-redis-cluster-headless.<namespace>.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
queue:
TYPE: redis
CONN_STR: redis+cluster://:gitea@gitea-redis-cluster-headless.<namespace>.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s&
@ -1011,6 +1085,7 @@ If you are coming from an existing deployment and [#356](https://gitea.com/gitea
<!-- markdownlint-disable-next-line -->
**Switch to rootless image by default**
If you are facing errors like `WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED` due to this automatic transition:
Have a look at [this discussion](https://gitea.com/gitea/helm-chart/issues/487#issue-220660) and either set `image.rootless: false` or manually update your `~/.ssh/known_hosts` file(s).

76
package-lock.json generated
View File

@ -7,8 +7,8 @@
"name": "gitea-helm-chart",
"license": "MIT",
"devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.5.1",
"markdownlint-cli": "^0.35.0"
"@bitnami/readme-generator-for-helm": "^2.5.0",
"markdownlint-cli": "^0.37.0"
},
"engines": {
"node": ">=16.0.0",
@ -16,9 +16,9 @@
}
},
"node_modules/@bitnami/readme-generator-for-helm": {
"version": "2.5.1",
"resolved": "https://registry.npmjs.org/@bitnami/readme-generator-for-helm/-/readme-generator-for-helm-2.5.1.tgz",
"integrity": "sha512-LRSq43HwfgmTJZ4rwpXHf6d7DGnY+j2BtgVlc2hPqfRtqj36NRYl83Zv9WjRGvwF8Zr6Iwa1AgvewiAxdWlMzg==",
"version": "2.6.0",
"resolved": "https://registry.npmjs.org/@bitnami/readme-generator-for-helm/-/readme-generator-for-helm-2.6.0.tgz",
"integrity": "sha512-LcByNCryaC2OJExL9rnhyFJ18+vrZu1gVoN2Z7j/HI42EjV4kLgT4G1KEPNnrKbls9HvozBqMG+sKZIDh0McFg==",
"dev": true,
"dependencies": {
"commander": "^7.1.0",
@ -286,12 +286,12 @@
"dev": true
},
"node_modules/ini": {
"version": "3.0.1",
"resolved": "https://registry.npmjs.org/ini/-/ini-3.0.1.tgz",
"integrity": "sha512-it4HyVAUTKBc6m8e1iXWvXSTdndF7HbdN713+kvLrymxTaU4AUBWrJ4vEooP+V7fexnVD3LKcBshjGGPefSMUQ==",
"version": "4.1.1",
"resolved": "https://registry.npmjs.org/ini/-/ini-4.1.1.tgz",
"integrity": "sha512-QQnnxNyfvmHFIsj7gkPcYymR8Jdw/o7mp5ZFihxn6h8Ci6fh3Dx4E1gPjpQEpIuPo9XVNY/ZUwh4BPMjGyL01g==",
"dev": true,
"engines": {
"node": "^12.13.0 || ^14.15.0 || >=16.0.0"
"node": "^14.17.0 || ^16.13.0 || >=18.0.0"
}
},
"node_modules/is-fullwidth-code-point": {
@ -399,33 +399,33 @@
}
},
"node_modules/markdownlint": {
"version": "0.29.0",
"resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.29.0.tgz",
"integrity": "sha512-ASAzqpODstu/Qsk0xW5BPgWnK/qjpBQ4e7IpsSvvFXcfYIjanLTdwFRJK1SIEEh0fGSMKXcJf/qhaZYHyME0wA==",
"version": "0.31.1",
"resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.31.1.tgz",
"integrity": "sha512-CKMR2hgcIBrYlIUccDCOvi966PZ0kJExDrUi1R+oF9PvqQmCrTqjOsgIvf2403OmJ+CWomuzDoylr6KbuMyvHA==",
"dev": true,
"dependencies": {
"markdown-it": "13.0.1",
"markdownlint-micromark": "0.1.5"
"markdownlint-micromark": "0.1.7"
},
"engines": {
"node": ">=16"
}
},
"node_modules/markdownlint-cli": {
"version": "0.35.0",
"resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.35.0.tgz",
"integrity": "sha512-lVIIIV1MrUtjoocgDqXLxUCxlRbn7Ve8rsWppfwciUNwLlNS28AhNiyQ3PU7jjj4Qvj+rWTTvwkqg7AcdG988g==",
"version": "0.37.0",
"resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.37.0.tgz",
"integrity": "sha512-hNKAc0bWBBuVhJbSWbUhRzavstiB4o1jh3JeSpwC4/dt6eJ54lRfYHRxVdzVp4qGWBKbeE6Pg490PFEfrKjqSg==",
"dev": true,
"dependencies": {
"commander": "~11.0.0",
"get-stdin": "~9.0.0",
"glob": "~10.2.7",
"glob": "~10.3.4",
"ignore": "~5.2.4",
"js-yaml": "^4.1.0",
"jsonc-parser": "~3.2.0",
"markdownlint": "~0.29.0",
"minimatch": "~9.0.1",
"run-con": "~1.2.11"
"markdownlint": "~0.31.1",
"minimatch": "~9.0.3",
"run-con": "~1.3.2"
},
"bin": {
"markdownlint": "markdownlint.js"
@ -453,16 +453,16 @@
}
},
"node_modules/markdownlint-cli/node_modules/glob": {
"version": "10.2.7",
"resolved": "https://registry.npmjs.org/glob/-/glob-10.2.7.tgz",
"integrity": "sha512-jTKehsravOJo8IJxUGfZILnkvVJM/MOfHRs8QcXolVef2zNI9Tqyy5+SeuOAZd3upViEZQLyFpQhYiHLrMUNmA==",
"version": "10.3.5",
"resolved": "https://registry.npmjs.org/glob/-/glob-10.3.5.tgz",
"integrity": "sha512-bYUpUD7XDEHI4Q2O5a7PXGvyw4deKR70kHiDxzQbe925wbZknhOzUt2xBgTkYL6RBcVeXYuD9iNYeqoWbBZQnA==",
"dev": true,
"dependencies": {
"foreground-child": "^3.1.0",
"jackspeak": "^2.0.3",
"minimatch": "^9.0.1",
"minipass": "^5.0.0 || ^6.0.2",
"path-scurry": "^1.7.0"
"minipass": "^5.0.0 || ^6.0.2 || ^7.0.0",
"path-scurry": "^1.10.1"
},
"bin": {
"glob": "dist/cjs/src/bin.js"
@ -490,9 +490,9 @@
}
},
"node_modules/markdownlint-micromark": {
"version": "0.1.5",
"resolved": "https://registry.npmjs.org/markdownlint-micromark/-/markdownlint-micromark-0.1.5.tgz",
"integrity": "sha512-HvofNU4QCvfUCWnocQP1IAWaqop5wpWrB0mKB6SSh0fcpV0PdmQNS6tdUuFew1utpYlUvYYzz84oDkrD76GB9A==",
"version": "0.1.7",
"resolved": "https://registry.npmjs.org/markdownlint-micromark/-/markdownlint-micromark-0.1.7.tgz",
"integrity": "sha512-BbRPTC72fl5vlSKv37v/xIENSRDYL/7X/XoFzZ740FGEbs9vZerLrIkFRY0rv7slQKxDczToYuMmqQFN61fi4Q==",
"dev": true,
"engines": {
"node": ">=16"
@ -562,13 +562,13 @@
}
},
"node_modules/path-scurry": {
"version": "1.7.0",
"resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.7.0.tgz",
"integrity": "sha512-UkZUeDjczjYRE495+9thsgcVgsaCPkaw80slmfVFgllxY+IO8ubTsOpFVjDPROBqJdHfVPUFRHPBV/WciOVfWg==",
"version": "1.10.1",
"resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.1.tgz",
"integrity": "sha512-MkhCqzzBEpPvxxQ71Md0b1Kk51W01lrYvlMzSUaIzNsODdd7mqhiimSZlr+VegAz5Z6Vzt9Xg2ttE//XBhH3EQ==",
"dev": true,
"dependencies": {
"lru-cache": "^9.0.0",
"minipass": "^5.0.0"
"lru-cache": "^9.1.1 || ^10.0.0",
"minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
},
"engines": {
"node": ">=16 || 14 >=14.17"
@ -587,14 +587,14 @@
}
},
"node_modules/run-con": {
"version": "1.2.11",
"resolved": "https://registry.npmjs.org/run-con/-/run-con-1.2.11.tgz",
"integrity": "sha512-NEMGsUT+cglWkzEr4IFK21P4Jca45HqiAbIIZIBdX5+UZTB24Mb/21iNGgz9xZa8tL6vbW7CXmq7MFN42+VjNQ==",
"version": "1.3.2",
"resolved": "https://registry.npmjs.org/run-con/-/run-con-1.3.2.tgz",
"integrity": "sha512-CcfE+mYiTcKEzg0IqS08+efdnH0oJ3zV0wSUFBNrMHMuxCtXvBCLzCJHatwuXDcu/RlhjTziTo/a1ruQik6/Yg==",
"dev": true,
"dependencies": {
"deep-extend": "^0.6.0",
"ini": "~3.0.0",
"minimist": "^1.2.6",
"ini": "~4.1.0",
"minimist": "^1.2.8",
"strip-json-comments": "~3.1.1"
},
"bin": {

2
package.json
View File

@ -14,6 +14,6 @@
},
"devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.5.0",
"markdownlint-cli": "^0.35.0"
"markdownlint-cli": "^0.37.0"
}
}

3
renovate.json
View File

@ -1,3 +0,0 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json"
}

25
renovate.json5 Normal file
View File

@ -0,0 +1,25 @@
{
$schema: "https://docs.renovatebot.com/renovate-schema.json",
extends: ["gitea>gitea/renovate-config"],
labels: ["kind/dependency"],
customManagers: [
{
description: 'Gitea-version of https://docs.renovatebot.com/presets-regexManagers/#regexmanagersgithubactionsversions',
customType: 'regex',
fileMatch: ['.gitea/workflows/.+\\.ya?ml$'],
matchStrings: [
'# renovate: datasource=(?<datasource>[a-z-.]+?) depName=(?<depName>[^\\s]+?)(?: (?:lookupName|packageName)=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?<currentValue>.+?)["\']?\\s',
],
},
],
packageRules: [
{
description: "Automerge minor + patch dependency updates weekly",
matchManagers: ["helmv3"],
matchUpdateTypes: ["minor", "patch", "digest"],
automerge: true,
automergeStrategy: "squash",
extends: ["schedule:weekly"],
},
],
}

17
templates/_helpers.tpl
View File

@ -57,13 +57,18 @@ Create image name and tag used by the deployment.
*/}}
{{- define "gitea.image" -}}
{{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}}
{{- $name := .Values.image.repository -}}
{{- $repository := .Values.image.repository -}}
{{- $separator := ":" -}}
{{- $tag := .Values.image.tag | default .Chart.AppVersion -}}
{{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}}
{{- if $registry -}}
{{- printf "%s/%s:%s%s" $registry $name $tag $rootless -}}
{{- $digest := "" -}}
{{- if .Values.image.digest }}
{{- $digest = (printf "@%s" (.Values.image.digest | toString)) -}}
{{- end -}}
{{- if $registry }}
{{- printf "%s/%s%s%s%s%s" $registry $repository $separator $tag $rootless $digest -}}
{{- else -}}
{{- printf "%s:%s%s" $name $tag $rootless -}}
{{- printf "%s%s%s%s%s" $repository $separator $tag $rootless $digest -}}
{{- end -}}
{{- end -}}
@ -114,7 +119,7 @@ app.kubernetes.io/instance: {{ .Release.Name }}
{{- define "postgresql-ha.dns" -}}
{{- if (index .Values "postgresql-ha").enabled -}}
{{- printf "%s-postgresql-ha-postgresql.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}}
{{- printf "%s-postgresql-ha-pgpool.%s.svc.%s:%g" .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "postgresql-ha" "service" "ports" "postgresql") -}}
{{- end -}}
{{- end -}}
@ -314,7 +319,7 @@ https
{{- end -}}
{{- if not (.Values.gitea.config.server.DOMAIN) -}}
{{- if gt (len .Values.ingress.hosts) 0 -}}
{{- $_ := set .Values.gitea.config.server "DOMAIN" (index .Values.ingress.hosts 0).host -}}
{{- $_ := set .Values.gitea.config.server "DOMAIN" ( tpl (index .Values.ingress.hosts 0).host $) -}}
{{- else -}}
{{- $_ := set .Values.gitea.config.server "DOMAIN" (include "gitea.default_domain" .) -}}
{{- end -}}

30
unittests/config/database-section_postgresql-ha.yaml Normal file
View File

@ -0,0 +1,30 @@
suite: config template | database section (postgresql-ha)
release:
name: gitea-unittests
namespace: testing
tests:
- it: connects to pgpool service
template: templates/gitea/config.yaml
set:
postgresql:
enabled: false
postgresql-ha:
enabled: true
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: HOST=gitea-unittests-postgresql-ha-pgpool.testing.svc.cluster.local:5432
- it: renders the referenced service
template: charts/postgresql-ha/templates/pgpool/service.yaml
set:
postgresql:
enabled: false
postgresql-ha:
enabled: true
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-postgresql-ha-pgpool
namespace: testing

30
unittests/config/database-section_postgresql.yaml Normal file
View File

@ -0,0 +1,30 @@
suite: config template | database section (postgresql)
release:
name: gitea-unittests
namespace: testing
tests:
- it: "connects to postgresql service"
template: templates/gitea/config.yaml
set:
postgresql:
enabled: true
postgresql-ha:
enabled: false
asserts:
- documentIndex: 0
matchRegex:
path: stringData.database
pattern: HOST=gitea-unittests-postgresql.testing.svc.cluster.local:5432
- it: "renders the referenced service"
template: charts/postgresql/templates/primary/svc.yaml
set:
postgresql:
enabled: true
postgresql-ha:
enabled: false
asserts:
- containsDocument:
kind: Service
apiVersion: v1
name: gitea-unittests-postgresql
namespace: testing

78
unittests/deployment/image-configuration.yaml Normal file
View File

@ -0,0 +1,78 @@
suite: deployment template (image configuration)
release:
name: gitea-unittests
namespace: testing
chart:
# Override appVersion to be consistent with used digest :)
appVersion: 1.19.3
templates:
- templates/gitea/deployment.yaml
- templates/gitea/config.yaml
tests:
- it: default values
template: templates/gitea/deployment.yaml
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.3-rootless"
- it: tag override
template: templates/gitea/deployment.yaml
set:
image.tag: "1.19.4"
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.4-rootless"
- it: root-based image
template: templates/gitea/deployment.yaml
set:
image.rootless: false
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.3"
- it: scoped registry
template: templates/gitea/deployment.yaml
set:
image.registry: "example.com"
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "example.com/gitea/gitea:1.19.3-rootless"
- it: global registry
template: templates/gitea/deployment.yaml
set:
global.imageRegistry: "global.example.com"
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "global.example.com/gitea/gitea:1.19.3-rootless"
- it: digest for rootless image
template: templates/gitea/deployment.yaml
set:
image:
rootless: true
digest: sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: digest for root-based image
template: templates/gitea/deployment.yaml
set:
image:
rootless: false
digest: sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "gitea/gitea:1.19.3@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
- it: digest and global registry
template: templates/gitea/deployment.yaml
set:
global.imageRegistry: "global.example.com"
image.digest: "sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"
asserts:
- equal:
path: spec.template.spec.containers[0].image
value: "global.example.com/gitea/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a"

23
unittests/deployment/ingress-configuration.yaml Normal file
View File

@ -0,0 +1,23 @@
suite: ingress template
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/ingress.yaml
tests:
- it: hostname using TPL
set:
global.giteaHostName: "gitea.example.com"
ingress.enabled: true
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
ingress.tls:
- secretName: gitea-tls
hosts:
- "{{ .Values.global.giteaHostName }}"
asserts:
- equal:
path: spec.tls[0].hosts[0]
value: "gitea.example.com"
- equal:
path: spec.rules[0].host
value: "gitea.example.com"

33
unittests/deployment/inline-config.yaml Normal file
View File

@ -0,0 +1,33 @@
suite: config template
release:
name: gitea-unittests
namespace: testing
templates:
- templates/gitea/config.yaml
tests:
- it: inline config stringData.server using TPL
set:
global.giteaHostName: "gitea.example.com"
ingress.enabled: true
ingress.hosts[0].host: "{{ .Values.global.giteaHostName }}"
ingress.tls:
- secretName: gitea-tls
hosts:
- "{{ .Values.global.giteaHostName }}"
asserts:
- documentIndex: 0
matchRegex:
path: metadata.name
pattern: .*-inline-config$
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: DOMAIN=gitea\.example\.com
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: ROOT_URL=https://gitea\.example\.com
- documentIndex: 0
matchRegex:
path: stringData.server
pattern: SSH_DOMAIN=gitea\.example\.com

2
values.yaml
View File

@ -40,6 +40,7 @@ clusterDomain: cluster.local
## @param image.registry image registry, e.g. gcr.io,docker.io
## @param image.repository Image to start for this pod
## @param image.tag Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml.
## @param image.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest`
## @param image.pullPolicy Image pull policy
## @param image.rootless Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher
image:
@ -47,6 +48,7 @@ image:
repository: gitea/gitea
# Overrides the image tag whose default is the chart appVersion.
tag: ""
digest: ""
pullPolicy: Always
rootless: true