apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "gitea.fullname" . }} labels: {{- include "gitea.labels" . | nindent 4 }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "gitea.selectorLabels" . | nindent 6 }} serviceName: {{ include "gitea.fullname" . }} template: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/gitea/config.yaml") . | sha256sum }} checksum/ldap: {{ include "gitea.ldap_settings" . | sha256sum }} {{- with .Values.gitea.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "gitea.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} securityContext: fsGroup: 1000 initContainers: - name: init image: "{{ .Values.image.repository }}:{{ ternary .Values.image.version .Values.image.tag (hasKey .Values.image "version") }}" command: ["/usr/sbin/init_gitea.sh"] env: {{- range .Values.statefulset.env }} - name: {{ .name | quote | nospace }} value: {{ .value | quote }} {{- end }} volumeMounts: - name: init mountPath: /usr/sbin - name: config mountPath: /etc/gitea/conf - name: data mountPath: /data {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 12 }} {{- end }} terminationGracePeriodSeconds: {{ .Values.statefulset.terminationGracePeriodSeconds }} containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ ternary .Values.image.version .Values.image.tag (hasKey .Values.image "version") }}" imagePullPolicy: {{ .Values.image.pullPolicy }} env: # SSH Port values have to be set here as well for openssh configuration - name: SSH_LISTEN_PORT value: {{ .Values.gitea.config.server.SSH_LISTEN_PORT | quote }} - name: SSH_PORT value: {{ .Values.gitea.config.server.SSH_PORT | quote }} {{- range .Values.statefulset.env }} - name: {{ .name | quote | nospace }} value: {{ .value | quote }} {{- end }} ports: - name: ssh containerPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }} - name: http containerPort: {{ .Values.gitea.config.server.HTTP_PORT }} {{- if .Values.gitea.config.server.ENABLE_PPROF }} - name: profiler containerPort: 6060 {{- end }} livenessProbe: tcpSocket: port: http initialDelaySeconds: 200 timeoutSeconds: 1 periodSeconds: 10 successThreshold: 1 failureThreshold: 10 readinessProbe: tcpSocket: port: http initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 resources: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: - name: data mountPath: /data {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 12 }} {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} volumes: - name: init secret: secretName: {{ include "gitea.fullname" . }}-init defaultMode: 0777 - name: config secret: secretName: {{ include "gitea.fullname" . }} {{- if .Values.extraVolumes }} {{- toYaml .Values.extraVolumes | nindent 8 }} {{- end }} {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }} - name: data persistentVolumeClaim: claimName: {{ .Values.persistence.existingClaim }} {{- else if not .Values.persistence.enabled }} - name: data emptyDir: {} {{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} volumeClaimTemplates: - metadata: name: data {{- with .Values.persistence.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value }} {{- end }} {{- end }} {{- with .Values.persistence.labels }} labels: {{- range $key, $value := . }} {{ $key }}: {{ $value }} {{- end }} {{- end }} spec: accessModes: {{- range .Values.persistence.accessModes }} - {{ . | quote }} {{- end }} {{- if .Values.persistence.storageClass }} storageClassName: {{ .Values.persistence.storageClass | quote }} {{- end }} resources: requests: storage: {{ .Values.persistence.size | quote }} {{- end }}