diff --git a/apps/gitea/apps_v1_Deployment_gitea-memcached.yaml b/apps/gitea/apps_v1_Deployment_gitea-memcached.yaml deleted file mode 100644 index b69e2c8..0000000 --- a/apps/gitea/apps_v1_Deployment_gitea-memcached.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Source: gitea/charts/memcached/templates/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: gitea-memcached - namespace: vynil-ci - labels: - app.kubernetes.io/name: memcached - helm.sh/chart: memcached-6.3.14 - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm -spec: - selector: - matchLabels: - app.kubernetes.io/name: memcached - app.kubernetes.io/instance: gitea - replicas: 1 - strategy: - rollingUpdate: {} - type: RollingUpdate - template: - metadata: - labels: - app.kubernetes.io/name: memcached - helm.sh/chart: memcached-6.3.14 - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - annotations: - spec: - - affinity: - podAffinity: - - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/name: memcached - app.kubernetes.io/instance: gitea - topologyKey: kubernetes.io/hostname - weight: 1 - nodeAffinity: - - securityContext: - fsGroup: 1001 - serviceAccountName: default - containers: - - name: memcached - image: docker.io/bitnami/memcached:1.6.19-debian-11-r7 - imagePullPolicy: "IfNotPresent" - securityContext: - runAsNonRoot: true - runAsUser: 1001 - env: - - name: BITNAMI_DEBUG - value: "false" - - name: MEMCACHED_PORT_NUMBER - value: "11211" - ports: - - name: memcache - containerPort: 11211 - livenessProbe: - failureThreshold: 6 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - tcpSocket: - port: memcache - readinessProbe: - failureThreshold: 6 - initialDelaySeconds: 5 - periodSeconds: 5 - successThreshold: 1 - timeoutSeconds: 3 - tcpSocket: - port: memcache - resources: - limits: {} - requests: - cpu: 250m - memory: 256Mi - volumeMounts: - - name: tmp - mountPath: /tmp - volumes: - - name: tmp - emptyDir: {} \ No newline at end of file diff --git a/apps/gitea/apps_v1_StatefulSet_gitea.yaml b/apps/gitea/apps_v1_Deployment_gitea.yaml similarity index 84% rename from apps/gitea/apps_v1_StatefulSet_gitea.yaml rename to apps/gitea/apps_v1_Deployment_gitea.yaml index d4a5c5f..ac4cc3f 100644 --- a/apps/gitea/apps_v1_StatefulSet_gitea.yaml +++ b/apps/gitea/apps_v1_Deployment_gitea.yaml @@ -1,36 +1,40 @@ -# Source: gitea/templates/gitea/statefulset.yaml +# Source: gitea/templates/gitea/deployment.yaml apiVersion: apps/v1 -kind: StatefulSet +kind: Deployment metadata: name: gitea annotations: labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-9.5.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.20.5" + version: "1.20.5" app.kubernetes.io/managed-by: Helm spec: replicas: 1 + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 0 + maxSurge: 100% selector: matchLabels: app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - serviceName: gitea template: metadata: annotations: - checksum/config: 234d12dce3bffb5b46e857b1e3afc54c872531615a53a40b15776bb4e1e23fa0 - checksum/ldap_0: 9356e28431e375c7fc7d624460a9f41c243f14c3f9765c40aa2b13cf46203eaf + checksum/config: ad2ce0a245d17a13676e98bfc6d1833351e36e913af45f98b89299cc83f3fc11 + checksum/ldap_0: d9e7446d3ea8b10f29ff9cb1e1a885db73ccb22f3d1a9e054611607e1c168226 labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-9.5.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.20.5" + version: "1.20.5" app.kubernetes.io/managed-by: Helm spec: @@ -38,7 +42,7 @@ spec: fsGroup: 1000 initContainers: - name: init-directories - image: "gitea/gitea:1.19.3" + image: "gitea/gitea:1.20.5-rootless" imagePullPolicy: Always command: ["/usr/sbin/init_directory_structure.sh"] env: @@ -50,8 +54,6 @@ spec: value: /data - name: GITEA_TEMP value: /tmp/gitea - - name: TZ - value: Europe/Paris volumeMounts: - name: init mountPath: /usr/sbin @@ -70,7 +72,7 @@ spec: cpu: 100m memory: 128Mi - name: init-app-ini - image: "gitea/gitea:1.19.3" + image: "gitea/gitea:1.20.5-rootless" imagePullPolicy: Always command: ["/usr/sbin/config_environment.sh"] env: @@ -82,8 +84,6 @@ spec: value: /data - name: GITEA_TEMP value: /tmp/gitea - - name: TZ - value: Europe/Paris - name: ENV_TO_INI__DATABASE__LOG_SQL value: "false" - name: ENV_TO_INI__LOG__LEVEL @@ -108,7 +108,7 @@ spec: cpu: 100m memory: 128Mi - name: configure-gitea - image: "gitea/gitea:1.19.3" + image: "gitea/gitea:1.20.5-rootless" command: ["/usr/sbin/configure_gitea.sh"] imagePullPolicy: Always securityContext: @@ -125,6 +125,8 @@ spec: value: /data - name: GITEA_TEMP value: /tmp/gitea + - name: HOME + value: /data/gitea/git - name: GITEA_LDAP_BIND_DN_0 valueFrom: secretKeyRef: @@ -145,8 +147,6 @@ spec: secretKeyRef: key: password name: gitea-admin-user - - name: TZ - value: Europe/Paris volumeMounts: - name: init mountPath: /usr/sbin @@ -163,7 +163,7 @@ spec: terminationGracePeriodSeconds: 60 containers: - name: gitea - image: "gitea/gitea:1.19.3" + image: "gitea/gitea:1.20.5-rootless" imagePullPolicy: Always env: # SSH Port values have to be set here as well for openssh configuration @@ -171,8 +171,6 @@ spec: value: "2222" - name: SSH_PORT value: "2222" - - name: SSH_LOG_LEVEL - value: "INFO" - name: GITEA_APP_INI value: /data/gitea/conf/app.ini - name: GITEA_CUSTOM @@ -183,8 +181,8 @@ spec: value: /tmp/gitea - name: TMPDIR value: /tmp/gitea - - name: TZ - value: Europe/Paris + - name: HOME + value: /data/gitea/git ports: - name: ssh containerPort: 2222 @@ -236,12 +234,6 @@ spec: secretName: gitea-inline-config - name: temp emptyDir: {} - volumeClaimTemplates: - - metadata: - name: data - spec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "10Gi" \ No newline at end of file + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage \ No newline at end of file diff --git a/apps/gitea/datas.tf b/apps/gitea/datas.tf index 4b9fa4c..19641f8 100644 --- a/apps/gitea/datas.tf +++ b/apps/gitea/datas.tf @@ -37,11 +37,6 @@ data "kustomization_overlay" "data" { common_labels = local.common-labels namespace = var.namespace resources = [for file in fileset(path.module, "*.yaml"): file if ! contains(["index.yaml", "v1_ConfigMap_gitea-themes.yaml"], file)] - images { - name = "docker.io/bitnami/memcached" - new_name = "${var.images.memcached.registry}/${var.images.memcached.repository}" - new_tag = "${var.images.memcached.tag}" - } patches { target { kind = "Deployment" @@ -102,17 +97,28 @@ data "kustomization_overlay" "data" { value: "INFO" - name: TZ value: ${var.timezone} - volumeClaimTemplates: - - metadata: - name: data - annotations: - k8up.io/backup: "true" - spec: - accessModes: - - "ReadWriteOnce" - resources: - requests: - storage: "${var.volume.size}" + EOF + } + + patches { + target { + kind = "PersistentVolumeClaim" + name = "gitea-shared-storage" + } + patch = <<-EOF + kind: PersistentVolumeClaim + apiVersion: v1 + metadata: + name: gitea-shared-storage + annotations: + k8up.io/backup: "true" + spec: + accessModes: + - "${var.volume.accessMode}" + volumeMode: Filesystem + resources: + requests: + storage: "${var.volume.size}" EOF } patches { diff --git a/apps/gitea/index.rhai b/apps/gitea/index.rhai index c02ded2..03e7615 100644 --- a/apps/gitea/index.rhai +++ b/apps/gitea/index.rhai @@ -4,7 +4,7 @@ const SRC=src; const DEST=dest; fn pre_pack() { shell("helm repo add gitea-charts https://dl.gitea.io/charts/"); - shell(`helm template gitea --version 8.3.0 gitea-charts/gitea --namespace=vynil-ci --values values.yml >${global::SRC}/chart.yaml`); + shell(`helm template gitea --version 9.5.0 gitea-charts/gitea --namespace=vynil-ci --values values.yml >${global::SRC}/chart.yaml`); } fn post_pack() { shell(`rm -f ${global::DEST}/v1_Pod_gitea-test-connection.yaml`); diff --git a/apps/gitea/index.yaml b/apps/gitea/index.yaml index 5b6166d..c53bdec 100644 --- a/apps/gitea/index.yaml +++ b/apps/gitea/index.yaml @@ -9,40 +9,55 @@ metadata: A painless self-hosted Git service. Gitea is a community managed lightweight code hosting solution written in Go. It is published under the MIT license. options: - push-create: + load-balancer: default: - org: 'true' - private: 'false' - user: 'true' + ip: '' examples: - - org: 'true' - private: 'false' - user: 'true' + - ip: '' properties: - org: - default: 'true' - type: string - private: - default: 'false' - type: string - user: - default: 'true' + ip: + default: '' type: string type: object + ingress-class: + default: traefik + examples: + - traefik + type: string + sub-domain: + default: git + examples: + - git + type: string disable-registration: default: true examples: - true type: boolean + default-branch: + default: main + examples: + - main + type: string + domain-name: + default: your_company.com + examples: + - your_company.com + type: string domain: default: your-company examples: - your-company type: string - timezone: - default: Europe/Paris + app-group: + default: dev examples: - - Europe/Paris + - dev + type: string + release: + default: 8.3.0 + examples: + - 8.3.0 type: string replicas: default: 1 @@ -69,153 +84,10 @@ options: default: gitea_admin type: string type: object - issuer: - default: letsencrypt-prod + timezone: + default: Europe/Paris examples: - - letsencrypt-prod - type: string - app-group: - default: dev - examples: - - dev - type: string - postgres: - default: - replicas: 1 - storage: 10Gi - version: '14' - examples: - - replicas: 1 - storage: 10Gi - version: '14' - properties: - replicas: - default: 1 - type: integer - storage: - default: 10Gi - type: string - version: - default: '14' - type: string - type: object - release: - default: 8.3.0 - examples: - - 8.3.0 - type: string - volume: - default: - size: 10Gi - examples: - - size: 10Gi - properties: - size: - default: 10Gi - type: string - type: object - images: - default: - gitea: - pullPolicy: IfNotPresent - registry: docker.io - repository: gitea/gitea - tag: 1.19.3 - memcached: - registry: docker.io - repository: bitnami/memcached - tag: 1.6.22 - examples: - - gitea: - pullPolicy: IfNotPresent - registry: docker.io - repository: gitea/gitea - tag: 1.19.3 - memcached: - registry: docker.io - repository: bitnami/memcached - tag: 1.6.22 - properties: - gitea: - default: - pullPolicy: IfNotPresent - registry: docker.io - repository: gitea/gitea - tag: 1.19.3 - properties: - pullPolicy: - default: IfNotPresent - enum: - - Always - - Never - - IfNotPresent - type: string - registry: - default: docker.io - type: string - repository: - default: gitea/gitea - type: string - tag: - default: 1.19.3 - type: string - type: object - memcached: - default: - registry: docker.io - repository: bitnami/memcached - tag: 1.6.22 - properties: - registry: - default: docker.io - type: string - repository: - default: bitnami/memcached - type: string - tag: - default: 1.6.22 - type: string - type: object - type: object - theme: - default: gitea-modern - examples: - - gitea-modern - type: string - load-balancer: - default: - ip: '' - examples: - - ip: '' - properties: - ip: - default: '' - type: string - type: object - sub-domain: - default: git - examples: - - git - type: string - webhook: - default: - allowed-hosts: private - skip-tls-verify: false - examples: - - allowed-hosts: private - skip-tls-verify: false - properties: - allowed-hosts: - default: private - type: string - skip-tls-verify: - default: false - type: boolean - type: object - domain-name: - default: your_company.com - examples: - - your_company.com + - Europe/Paris type: string backups: default: @@ -323,15 +195,161 @@ options: default: false type: boolean type: object - ingress-class: - default: traefik + webhook: + default: + allowed-hosts: private + skip-tls-verify: false examples: - - traefik + - allowed-hosts: private + skip-tls-verify: false + properties: + allowed-hosts: + default: private + type: string + skip-tls-verify: + default: false + type: boolean + type: object + images: + default: + gitea: + pullPolicy: IfNotPresent + registry: docker.io + repository: gitea/gitea + tag: 1.20.5-rootless + examples: + - gitea: + pullPolicy: IfNotPresent + registry: docker.io + repository: gitea/gitea + tag: 1.20.5-rootless + properties: + gitea: + default: + pullPolicy: IfNotPresent + registry: docker.io + repository: gitea/gitea + tag: 1.20.5-rootless + properties: + pullPolicy: + default: IfNotPresent + enum: + - Always + - Never + - IfNotPresent + type: string + registry: + default: docker.io + type: string + repository: + default: gitea/gitea + type: string + tag: + default: 1.20.5-rootless + type: string + type: object + type: object + volume: + default: + accessMode: ReadWriteOnce + size: 10Gi + examples: + - accessMode: ReadWriteOnce + size: 10Gi + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 10Gi + type: string + type: object + theme: + default: gitea-modern + examples: + - gitea-modern type: string - default-branch: - default: main + redis: + default: + exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.12 + storage: 2Gi examples: - - main + - exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.12 + storage: 2Gi + properties: + exporter: + default: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + properties: + enabled: + default: true + type: boolean + image: + default: quay.io/opstree/redis-exporter:v1.44.0 + type: string + type: object + image: + default: quay.io/opstree/redis:v7.0.12 + type: string + storage: + default: 2Gi + type: string + type: object + push-create: + default: + org: 'true' + private: 'false' + user: 'true' + examples: + - org: 'true' + private: 'false' + user: 'true' + properties: + org: + default: 'true' + type: string + private: + default: 'false' + type: string + user: + default: 'true' + type: string + type: object + postgres: + default: + replicas: 1 + storage: 10Gi + version: '14' + examples: + - replicas: 1 + storage: 10Gi + version: '14' + properties: + replicas: + default: 1 + type: integer + storage: + default: 10Gi + type: string + version: + default: '14' + type: string + type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod type: string dependencies: - dist: null diff --git a/apps/gitea/inline-config.tf b/apps/gitea/inline-config.tf index c159f0f..02e9075 100644 --- a/apps/gitea/inline-config.tf +++ b/apps/gitea/inline-config.tf @@ -11,9 +11,21 @@ resource "kubernetes_secret_v1" "gitea_inline_config" { security = "INSTALL_LOCK=true" service = "DISABLE_REGISTRATION=${var.disable-registration}" cache = <<-EOF -ADAPTER=memcache +ADAPTER=redis ENABLED=true -HOST=gitea-memcached.${var.namespace}.svc:11211 +HOST=redis://:@${var.instance}-${var.component}-redis-headless.${var.namespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + EOF + queue = <<-EOF +CONN_STR=redis://:@${var.instance}-${var.component}-redis-headless.${var.namespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& +TYPE=redis + EOF + session = <<-EOF +PROVIDER=db +PROVIDER_CONFIG=redis://:@${var.instance}-${var.component}-redis-headless.${var.namespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + EOF + indexer = <<-EOF +ISSUE_INDEXER_TYPE=bleve +REPO_INDEXER_ENABLED=true EOF database = <<-EOF DB_TYPE=postgres @@ -39,6 +51,7 @@ ROOT_URL=https://${var.sub-domain}.${var.domain-name} SSH_DOMAIN=${var.sub-domain}.${var.domain-name} SSH_LISTEN_PORT=${var.ssh-port} SSH_PORT=${var.ssh-port} +START_SSH_SERVER=true EOF ui = <<-EOF DEFAULT_THEME=${var.theme} diff --git a/apps/gitea/redis.tf b/apps/gitea/redis.tf new file mode 100644 index 0000000..0ac78d6 --- /dev/null +++ b/apps/gitea/redis.tf @@ -0,0 +1,32 @@ +locals { + redis-labels = merge(local.common-labels, { + "app.kubernetes.io/component" = "redis" + }) +} +resource "kubectl_manifest" "prj_redis" { + yaml_body = <<-EOF + apiVersion: "redis.redis.opstreelabs.in/v1beta1" + kind: "Redis" + metadata: + name: "${var.instance}-${var.component}-redis" + namespace: "${var.namespace}" + labels: ${jsonencode(local.redis-labels)} + spec: + kubernetesConfig: + image: "${var.redis.image}" + imagePullPolicy: "IfNotPresent" + storage: + volumeClaimTemplate: + spec: + accessModes: ["ReadWriteOnce"] + resources: + requests: + storage: "${var.redis.storage}" + redisExporter: + enabled: ${var.redis.exporter.enabled} + image: "${var.redis.exporter.image}" + securityContext: + runAsUser: 1000 + fsGroup: 1000 + EOF +} diff --git a/apps/gitea/v1_PersistentVolumeClaim_gitea-shared-storage.yaml b/apps/gitea/v1_PersistentVolumeClaim_gitea-shared-storage.yaml new file mode 100644 index 0000000..bc8d999 --- /dev/null +++ b/apps/gitea/v1_PersistentVolumeClaim_gitea-shared-storage.yaml @@ -0,0 +1,15 @@ +# Source: gitea/templates/gitea/pvc.yaml +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: gitea-shared-storage + namespace: vynil-ci + annotations: + helm.sh/resource-policy: keep +spec: + accessModes: + - ReadWriteOnce + volumeMode: Filesystem + resources: + requests: + storage: 10Gi \ No newline at end of file diff --git a/apps/gitea/v1_Secret_gitea-init.yaml b/apps/gitea/v1_Secret_gitea-init.yaml index dc3c0db..e5201c8 100644 --- a/apps/gitea/v1_Secret_gitea-init.yaml +++ b/apps/gitea/v1_Secret_gitea-init.yaml @@ -4,12 +4,12 @@ kind: Secret metadata: name: gitea-init labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-9.5.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.20.5" + version: "1.20.5" app.kubernetes.io/managed-by: Helm type: Opaque stringData: @@ -24,14 +24,12 @@ stringData: set -euo pipefail set -x - chown 1000:1000 /data mkdir -p /data/git/.ssh chmod -R 700 /data/git/.ssh [ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf # prepare temp directory structure mkdir -p "${GITEA_TEMP}" - chown 1000:1000 "${GITEA_TEMP}" chmod ug+rwx "${GITEA_TEMP}" @@ -65,16 +63,16 @@ stringData: configure_admin_user function configure_ldap() { - local LDAP_NAME='Authentik' + local LDAP_NAME='vynil' local GITEA_AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " " "{print \$1}") if [[ -z "${GITEA_AUTH_ID}" ]]; then echo "No ldap configuration found with name "${LDAP_NAME}". Installing it now..." - gitea admin auth add-ldap --admin-filter "${LDAP_ADMIN_FILTER}" --avatar-attribute 'jpegPhoto' --bind-dn "${GITEA_LDAP_BIND_DN_0}" --bind-password "${GITEA_LDAP_PASSWORD_0}" --email-attribute 'mail' --firstname-attribute 'givenname' --host "${LDAP_HOST}" --name 'Authentik' --port 389 --security-protocol 'unencrypted' --surname-attribute 'name' --user-filter "${LDAP_USER_FILTER}" --user-search-base "${LDAP_USER_SEARCH_BASE}" --username-attribute 'cn' + gitea admin auth add-ldap --admin-filter "${LDAP_ADMIN_FILTER}" --avatar-attribute 'jpegPhoto' --bind-dn "${GITEA_LDAP_BIND_DN_0}" --bind-password "${GITEA_LDAP_PASSWORD_0}" --email-attribute 'mail' --firstname-attribute 'givenname' --host "${LDAP_HOST}" --name 'vynil' --port 389 --security-protocol 'unencrypted' --surname-attribute 'name' --user-filter "${LDAP_USER_FILTER}" --user-search-base "${LDAP_USER_SEARCH_BASE}" --username-attribute 'cn' echo '...installed.' else echo "Existing ldap configuration with name "${LDAP_NAME}": '${GITEA_AUTH_ID}'. Running update to sync settings..." - gitea admin auth update-ldap --id "${GITEA_AUTH_ID}" --admin-filter "${LDAP_ADMIN_FILTER}" --avatar-attribute 'jpegPhoto' --bind-dn "${GITEA_LDAP_BIND_DN_0}" --bind-password "${GITEA_LDAP_PASSWORD_0}" --email-attribute 'mail' --firstname-attribute 'givenname' --host "${LDAP_HOST}" --name 'Authentik' --port 389 --security-protocol 'unencrypted' --surname-attribute 'name' --user-filter "${LDAP_USER_FILTER}" --user-search-base "${LDAP_USER_SEARCH_BASE}" --username-attribute 'cn' + gitea admin auth update-ldap --id "${GITEA_AUTH_ID}" --admin-filter "${LDAP_ADMIN_FILTER}" --avatar-attribute 'jpegPhoto' --bind-dn "${GITEA_LDAP_BIND_DN_0}" --bind-password "${GITEA_LDAP_PASSWORD_0}" --email-attribute 'mail' --firstname-attribute 'givenname' --host "${LDAP_HOST}" --name 'vynil' --port 389 --security-protocol 'unencrypted' --surname-attribute 'name' --user-filter "${LDAP_USER_FILTER}" --user-search-base "${LDAP_USER_SEARCH_BASE}" --username-attribute 'cn' echo '...sync settings done.' fi } diff --git a/apps/gitea/v1_Secret_gitea.yaml b/apps/gitea/v1_Secret_gitea.yaml index c280f38..25f8fb3 100644 --- a/apps/gitea/v1_Secret_gitea.yaml +++ b/apps/gitea/v1_Secret_gitea.yaml @@ -4,15 +4,16 @@ kind: Secret metadata: name: gitea labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-9.5.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.20.5" + version: "1.20.5" app.kubernetes.io/managed-by: Helm type: Opaque stringData: + assertions: | config_environment.sh: |- #!/usr/bin/env bash set -euo pipefail @@ -50,14 +51,14 @@ stringData: env2ini::log " + '${setting}'" if [[ -z "${section}" ]]; then - export "ENV_TO_INI____${setting^^}=${value}" # '^^' makes the variable content uppercase + export "GITEA____${setting^^}=${value}" # '^^' makes the variable content uppercase return fi local masked_section="${section//./_0X2E_}" # '//' instructs to replace all matches masked_section="${masked_section//-/_0X2D_}" - export "ENV_TO_INI__${masked_section^^}__${setting^^}=${value}" # '^^' makes the variable content uppercase + export "GITEA__${masked_section^^}__${setting^^}=${value}" # '^^' makes the variable content uppercase } function env2ini::reload_preset_envs() { @@ -131,15 +132,16 @@ stringData: # - initially used to set up Gitea # Anyway, they won't harm existing app.ini files - export ENV_TO_INI__SECURITY__INTERNAL_TOKEN=$(gitea generate secret INTERNAL_TOKEN) - export ENV_TO_INI__SECURITY__SECRET_KEY=$(gitea generate secret SECRET_KEY) - export ENV_TO_INI__OAUTH2__JWT_SECRET=$(gitea generate secret JWT_SECRET) - export ENV_TO_INI__SERVER__LFS_JWT_SECRET=$(gitea generate secret LFS_JWT_SECRET) + export GITEA__SECURITY__INTERNAL_TOKEN=$(gitea generate secret INTERNAL_TOKEN) + export GITEA__SECURITY__SECRET_KEY=$(gitea generate secret SECRET_KEY) + export GITEA__OAUTH2__JWT_SECRET=$(gitea generate secret JWT_SECRET) + export GITEA__SERVER__LFS_JWT_SECRET=$(gitea generate secret LFS_JWT_SECRET) env2ini::log "...Initial secrets generated\n" } - - env | (grep ENV_TO_INI || [[ $? == 1 ]]) > /tmp/existing-envs + + # save existing envs prior to script execution. Necessary to keep order of preexisting and custom envs + env | (grep GITEA || [[ $? == 1 ]]) > /tmp/existing-envs # MUST BE CALLED BEFORE OTHER CONFIGURATION env2ini::generate_initial_secrets @@ -160,10 +162,10 @@ stringData: env2ini::log ' - oauth2.JWT_SECRET' env2ini::log ' - server.LFS_JWT_SECRET' - unset ENV_TO_INI__SECURITY__INTERNAL_TOKEN - unset ENV_TO_INI__SECURITY__SECRET_KEY - unset ENV_TO_INI__OAUTH2__JWT_SECRET - unset ENV_TO_INI__SERVER__LFS_JWT_SECRET + unset GITEA__SECURITY__INTERNAL_TOKEN + unset GITEA__SECURITY__SECRET_KEY + unset GITEA__OAUTH2__JWT_SECRET + unset GITEA__SERVER__LFS_JWT_SECRET fi - environment-to-ini -o $GITEA_APP_INI -p ENV_TO_INI \ No newline at end of file + environment-to-ini -o $GITEA_APP_INI \ No newline at end of file diff --git a/apps/gitea/v1_Service_gitea-http.yaml b/apps/gitea/v1_Service_gitea-http.yaml index 7992d59..adcb0ff 100644 --- a/apps/gitea/v1_Service_gitea-http.yaml +++ b/apps/gitea/v1_Service_gitea-http.yaml @@ -4,12 +4,12 @@ kind: Service metadata: name: gitea-http labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-9.5.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.20.5" + version: "1.20.5" app.kubernetes.io/managed-by: Helm annotations: {} @@ -19,7 +19,7 @@ spec: ports: - name: http port: 3000 - targetPort: 3000 + targetPort: selector: app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea \ No newline at end of file diff --git a/apps/gitea/v1_Service_gitea-memcached.yaml b/apps/gitea/v1_Service_gitea-memcached.yaml deleted file mode 100644 index 8b7bcd2..0000000 --- a/apps/gitea/v1_Service_gitea-memcached.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Source: gitea/charts/memcached/templates/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: gitea-memcached - namespace: vynil-ci - labels: - app.kubernetes.io/name: memcached - helm.sh/chart: memcached-6.3.14 - app.kubernetes.io/instance: gitea - app.kubernetes.io/managed-by: Helm - annotations: -spec: - type: ClusterIP - sessionAffinity: None - ports: - - name: memcache - port: 11211 - targetPort: memcache - nodePort: null - selector: - app.kubernetes.io/name: memcached - app.kubernetes.io/instance: gitea \ No newline at end of file diff --git a/apps/gitea/v1_Service_gitea-ssh.yaml b/apps/gitea/v1_Service_gitea-ssh.yaml index 30b5f5d..312b0ea 100644 --- a/apps/gitea/v1_Service_gitea-ssh.yaml +++ b/apps/gitea/v1_Service_gitea-ssh.yaml @@ -4,12 +4,12 @@ kind: Service metadata: name: gitea-ssh labels: - helm.sh/chart: gitea-8.3.0 + helm.sh/chart: gitea-9.5.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea - app.kubernetes.io/version: "1.19.3" - version: "1.19.3" + app.kubernetes.io/version: "1.20.5" + version: "1.20.5" app.kubernetes.io/managed-by: Helm annotations: metallb.universe.tf/address-pool: mlb-pool-public