From d6eb50ca35e7469fdcd59b77dabec62842b9b2de Mon Sep 17 00:00:00 2001
From: justusbunsi <justusbunsi@noreply.gitea.io>
Date: Mon, 21 Jun 2021 21:28:18 +0800
Subject: [PATCH] Fix admin + ldap configuration (#183)

This fixes several flaws introduced by commits for #169 (see c49dc047a498973920e6743fa6c330fd2f81dd47).

 - Respect kebab-case ldap bind inline definition
 - Prevent camelCase ldap bind inline definition from being overridden by empty string
 - Create admin account when `existingSecret` is used

Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/183
Reviewed-by: Andrew Thornton <art27@cantab.net>
Reviewed-by: luhahn <luhahn@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-committed-by: justusbunsi <justusbunsi@noreply.gitea.io>
---
 templates/_helpers.tpl           | 4 ++--
 templates/gitea/init.yaml        | 2 +-
 templates/gitea/statefulset.yaml | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl
index 9a4f940..8cafd79 100644
--- a/templates/_helpers.tpl
+++ b/templates/_helpers.tpl
@@ -108,11 +108,11 @@ app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end -}}
 
 {{- define "gitea.ldap_settings" -}}
-{{- if or (not (hasKey .Values.gitea.ldap "bindDn")) (not (hasKey .Values.gitea.ldap "bind-dn")) -}}
+{{- if and (not (hasKey .Values.gitea.ldap "bindDn")) (not (hasKey .Values.gitea.ldap "bind-dn")) -}}
 {{- $_ := set .Values.gitea.ldap "bindDn" "" -}}
 {{- end -}}
 
-{{- if or (not (hasKey .Values.gitea.ldap "bindPassword")) (not (hasKey .Values.gitea.ldap "bind-password")) -}}
+{{- if and (not (hasKey .Values.gitea.ldap "bindPassword")) (not (hasKey .Values.gitea.ldap "bind-password")) -}}
 {{- $_ := set .Values.gitea.ldap "bindPassword" "" -}}
 {{- end -}}
 
diff --git a/templates/gitea/init.yaml b/templates/gitea/init.yaml
index d23f8df..b44d130 100644
--- a/templates/gitea/init.yaml
+++ b/templates/gitea/init.yaml
@@ -40,7 +40,7 @@ stringData:
     {{- end }}
     set -x; \
     gitea migrate; \
-    {{- if and .Values.gitea.admin.username .Values.gitea.admin.password }}
+    {{- if or .Values.gitea.admin.existingSecret (and .Values.gitea.admin.username .Values.gitea.admin.password) }}
     gitea admin create-user --username  "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email }} --admin --must-change-password=false \
     || \
     gitea admin change-password --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" \
diff --git a/templates/gitea/statefulset.yaml b/templates/gitea/statefulset.yaml
index d4a16c8..b232478 100644
--- a/templates/gitea/statefulset.yaml
+++ b/templates/gitea/statefulset.yaml
@@ -63,9 +63,9 @@ spec:
                   name: {{ .Values.gitea.ldap.existingSecret }}
             {{- else }}
             - name: GITEA_LDAP_BIND_DN
-              value: {{ .Values.gitea.ldap.bindDn | quote }}
+              value: {{ default (index .Values.gitea.ldap "bind-dn") .Values.gitea.ldap.bindDn | quote }}
             - name: GITEA_LDAP_PASSWORD
-              value: {{ .Values.gitea.ldap.bindPassword | quote }}
+              value: {{ default (index .Values.gitea.ldap "bind-password") .Values.gitea.ldap.bindPassword | quote }}
             {{- end }}
             {{- if .Values.gitea.admin.existingSecret }}
             - name: GITEA_ADMIN_USERNAME