helm-chart/templates/gitea/statefulset.yaml

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: {{ include "gitea.fullname" . }}
  labels:
    {{- include "gitea.labels" . | nindent 4 }}
spec:
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
      {{- include "gitea.selectorLabels" . | nindent 6 }}
      {{- if .Values.statefulset.labels }}
      {{- toYaml .Values.statefulset.labels | nindent 6 }}
      {{- end }}
  serviceName: {{ include "gitea.fullname" . }}
  template:
    metadata:
      annotations:
        checksum/config: {{ include (print $.Template.BasePath "/gitea/config.yaml") . | sha256sum }}
        checksum/ldap: {{ include "gitea.ldap_settings" . | sha256sum }}
        checksum/oauth: {{ include "gitea.oauth_settings" . | sha256sum }}
        {{- with .Values.gitea.podAnnotations }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
      labels:
        {{- include "gitea.labels" . | nindent 8 }}
        {{- if .Values.statefulset.labels }}
        {{- toYaml .Values.statefulset.labels | nindent 8 }}
        {{- end }}
    spec:
      {{- if .Values.schedulerName }}
      schedulerName: "{{ .Values.schedulerName }}"
      {{- end }}
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      securityContext:
        fsGroup: 1000
      initContainers:
        - name: init
          image: "{{ include "gitea.image" . }}"
          command: ["/usr/sbin/init_gitea.sh"]
          env:
            - name: GITEA_APP_INI
              value: /data/gitea/conf/app.ini
            - name: GITEA_CUSTOM
              value: /data/gitea
            - name: GITEA_WORK_DIR
              value: /data
            {{- if .Values.statefulset.env }}
            {{- toYaml .Values.statefulset.env | nindent 12 }}
            {{- end }}
          volumeMounts:
            - name: init
              mountPath: /usr/sbin
            - name: config
              mountPath: /etc/gitea/conf
            - name: data
              mountPath: /data
            {{- if .Values.extraVolumeMounts }}
            {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
            {{- end }}
      terminationGracePeriodSeconds: {{ .Values.statefulset.terminationGracePeriodSeconds }}
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ include "gitea.image" . }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          env:
            # SSH Port values have to be set here as well for openssh configuration
            - name: SSH_LISTEN_PORT
              value: {{ .Values.gitea.config.server.SSH_LISTEN_PORT | quote }}
            - name: SSH_PORT
              value: {{ .Values.gitea.config.server.SSH_PORT | quote }}
            - name: GITEA_APP_INI
              value: /data/gitea/conf/app.ini
            - name: GITEA_CUSTOM
              value: /data/gitea
            - name: GITEA_WORK_DIR
              value: /data
            - name: GITEA_TEMP
              value: /tmp/gitea
            - name: TMPDIR
              value: /tmp/gitea
            {{- if .Values.statefulset.env }}
            {{- toYaml .Values.statefulset.env | nindent 12 }}
            {{- end }}
          ports:
            - name: ssh
              containerPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }}
            - name: http
              containerPort: {{ .Values.gitea.config.server.HTTP_PORT }}
            {{- if .Values.gitea.config.server.ENABLE_PPROF }}
            - name: profiler
              containerPort: 6060
            {{- end }}
          {{- if .Values.gitea.livenessProbe.enabled }}
          livenessProbe:
            tcpSocket:
              port: http
            initialDelaySeconds: {{ .Values.gitea.livenessProbe.initialDelaySeconds }}
            periodSeconds: {{ .Values.gitea.livenessProbe.periodSeconds }}
            timeoutSeconds: {{ .Values.gitea.livenessProbe.timeoutSeconds }}
            successThreshold: {{ .Values.gitea.livenessProbe.successThreshold }}
            failureThreshold: {{ .Values.gitea.livenessProbe.failureThreshold }}
          {{- else if .Values.gitea.customLivenessProbe }}
          livenessProbe:
            {{- toYaml .Values.gitea.customLivenessProbe | nindent 12 }}
          {{- end }}
          {{- if .Values.gitea.readinessProbe.enabled }}
          readinessProbe:
            tcpSocket:
              port: http
            initialDelaySeconds: {{ .Values.gitea.readinessProbe.initialDelaySeconds }}
            periodSeconds: {{ .Values.gitea.readinessProbe.periodSeconds }}
            timeoutSeconds: {{ .Values.gitea.readinessProbe.timeoutSeconds }}
            successThreshold: {{ .Values.gitea.readinessProbe.successThreshold }}
            failureThreshold: {{ .Values.gitea.readinessProbe.failureThreshold }}
          {{- else if .Values.gitea.customReadinessProbe }}
          readinessProbe:
            {{- toYaml .Values.gitea.customReadinessProbe | nindent 12 }}
          {{- end }}
          {{- if .Values.gitea.startupProbe.enabled }}
          startupProbe:
            tcpSocket:
              port: http
            initialDelaySeconds: {{ .Values.gitea.startupProbe.initialDelaySeconds }}
            periodSeconds: {{ .Values.gitea.startupProbe.periodSeconds }}
            timeoutSeconds: {{ .Values.gitea.startupProbe.timeoutSeconds }}
            successThreshold: {{ .Values.gitea.startupProbe.successThreshold }}
            failureThreshold: {{ .Values.gitea.startupProbe.failureThreshold }}
          {{- else if .Values.gitea.customStartupProbe }}
          startupProbe:
            {{- toYaml .Values.gitea.customStartupProbe | nindent 12 }}
          {{- end }}
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          volumeMounts:
            - name: temp
              mountPath: /tmp
            - name: data
              mountPath: /data
            {{- if .Values.extraVolumeMounts }}
            {{- toYaml .Values.extraVolumeMounts | nindent 12 }}
            {{- end }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
    {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
    {{- end }}
      volumes:
        - name: init
          secret:
            secretName: {{ include "gitea.fullname" . }}-init
            defaultMode: 0777
        - name: config
          secret:
            secretName: {{ include "gitea.fullname" . }}
        {{- if .Values.extraVolumes }}
        {{- toYaml .Values.extraVolumes | nindent 8 }}
        {{- end }}
        - name: temp
          emptyDir: {}
  {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
        - name: data
          persistentVolumeClaim:
            claimName: {{ .Values.persistence.existingClaim }}
  {{- else if not .Values.persistence.enabled }}
        - name: data
          emptyDir: {}
  {{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
  volumeClaimTemplates:
    - metadata:
        name: data
      {{- with .Values.persistence.annotations }}
        annotations:
        {{- range $key, $value := . }}
          {{ $key }}: {{ $value }}
        {{- end }}
      {{- end }}
      {{- with .Values.persistence.labels }}
        labels:
        {{- range $key, $value := . }}
          {{ $key }}: {{ $value }}
        {{- end }}
      {{- end }}
      spec:
        accessModes:
          {{- range .Values.persistence.accessModes }}
            - {{ . | quote }}
          {{- end }}
        {{- if .Values.persistence.storageClass }}
        storageClassName: {{ .Values.persistence.storageClass | quote }}
        {{- end }}
        resources:
          requests:
            storage: {{ .Values.persistence.size | quote }}
  {{- end }}