vynil/domain-incoming
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2023-10-23 22:01:19 +02:00
parent affe248af2
commit 5dbe88109c
10 changed files with 358 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
apps/gitea/apps_v1_Deployment_gitea-memcached.yaml Normal file
View File

@@ -0,0 +1,89 @@
# Source: gitea/charts/memcached/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: gitea-memcached
namespace: vynil-ci
labels:
app.kubernetes.io/name: memcached
helm.sh/chart: memcached-6.3.14
app.kubernetes.io/instance: gitea
app.kubernetes.io/managed-by: Helm
spec:
selector:
matchLabels:
app.kubernetes.io/name: memcached
app.kubernetes.io/instance: gitea
replicas: 1
strategy:
rollingUpdate: {}
type: RollingUpdate
template:
metadata:
labels:
app.kubernetes.io/name: memcached
helm.sh/chart: memcached-6.3.14
app.kubernetes.io/instance: gitea
app.kubernetes.io/managed-by: Helm
annotations:
spec:
affinity:
podAffinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: memcached
app.kubernetes.io/instance: gitea
topologyKey: kubernetes.io/hostname
weight: 1
nodeAffinity:
securityContext:
fsGroup: 1001
serviceAccountName: default
containers:
- name: memcached
image: docker.io/bitnami/memcached:1.6.19-debian-11-r7
imagePullPolicy: "IfNotPresent"
securityContext:
runAsNonRoot: true
runAsUser: 1001
env:
- name: BITNAMI_DEBUG
value: "false"
- name: MEMCACHED_PORT_NUMBER
value: "11211"
ports:
- name: memcache
containerPort: 11211
livenessProbe:
failureThreshold: 6
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
tcpSocket:
port: memcache
readinessProbe:
failureThreshold: 6
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 3
tcpSocket:
port: memcache
resources:
limits: {}
requests:
cpu: 250m
memory: 256Mi
volumeMounts:
- name: tmp
mountPath: /tmp
volumes:
- name: tmp
emptyDir: {}

58
apps/gitea/apps_v1_Deployment_gitea.yaml → apps/gitea/apps_v1_StatefulSet_gitea.yaml
View File

@@ -1,40 +1,36 @@
# Source: gitea/templates/gitea/deployment.yaml
# Source: gitea/templates/gitea/statefulset.yaml
apiVersion: apps/v1
kind: Deployment
kind: StatefulSet
metadata:
name: gitea
annotations:
labels:
helm.sh/chart: gitea-9.5.1
helm.sh/chart: gitea-8.3.0
app: gitea
app.kubernetes.io/name: gitea
app.kubernetes.io/instance: gitea
app.kubernetes.io/version: "1.20.5"
version: "1.20.5"
app.kubernetes.io/version: "1.19.3"
version: "1.19.3"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 100%
selector:
matchLabels:
app.kubernetes.io/name: gitea
app.kubernetes.io/instance: gitea
serviceName: gitea
template:
metadata:
annotations:
checksum/config: 3750661fde9544c4bcf051be08d34cffcf6e0a25cbaa798dcc9cbfced9a9c50b
checksum/config: 234d12dce3bffb5b46e857b1e3afc54c872531615a53a40b15776bb4e1e23fa0
checksum/ldap_0: 9356e28431e375c7fc7d624460a9f41c243f14c3f9765c40aa2b13cf46203eaf
labels:
helm.sh/chart: gitea-9.5.1
helm.sh/chart: gitea-8.3.0
app: gitea
app.kubernetes.io/name: gitea
app.kubernetes.io/instance: gitea
app.kubernetes.io/version: "1.20.5"
version: "1.20.5"
app.kubernetes.io/version: "1.19.3"
version: "1.19.3"
app.kubernetes.io/managed-by: Helm
spec:
@@ -42,7 +38,7 @@ spec:
fsGroup: 1000
initContainers:
- name: init-directories
image: "gitea/gitea:1.20.5-rootless"
image: "gitea/gitea:1.19.3"
imagePullPolicy: Always
command: ["/usr/sbin/init_directory_structure.sh"]
env:
@@ -54,6 +50,8 @@ spec:
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TZ
value: Europe/Paris
volumeMounts:
- name: init
mountPath: /usr/sbin
@@ -72,7 +70,7 @@ spec:
cpu: 100m
memory: 128Mi
- name: init-app-ini
image: "gitea/gitea:1.20.5-rootless"
image: "gitea/gitea:1.19.3"
imagePullPolicy: Always
command: ["/usr/sbin/config_environment.sh"]
env:
@@ -84,6 +82,8 @@ spec:
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: TZ
value: Europe/Paris
- name: ENV_TO_INI__DATABASE__LOG_SQL
value: "false"
- name: ENV_TO_INI__LOG__LEVEL
@@ -108,7 +108,7 @@ spec:
cpu: 100m
memory: 128Mi
- name: configure-gitea
image: "gitea/gitea:1.20.5-rootless"
image: "gitea/gitea:1.19.3"
command: ["/usr/sbin/configure_gitea.sh"]
imagePullPolicy: Always
securityContext:
@@ -125,8 +125,6 @@ spec:
value: /data
- name: GITEA_TEMP
value: /tmp/gitea
- name: HOME
value: /data/gitea/git
- name: GITEA_LDAP_BIND_DN_0
valueFrom:
secretKeyRef:
@@ -147,6 +145,8 @@ spec:
secretKeyRef:
key: password
name: gitea-admin-user
- name: TZ
value: Europe/Paris
volumeMounts:
- name: init
mountPath: /usr/sbin
@@ -163,7 +163,7 @@ spec:
terminationGracePeriodSeconds: 60
containers:
- name: gitea
image: "gitea/gitea:1.20.5-rootless"
image: "gitea/gitea:1.19.3"
imagePullPolicy: Always
env:
# SSH Port values have to be set here as well for openssh configuration
@@ -171,6 +171,8 @@ spec:
value: "2222"
- name: SSH_PORT
value: "2222"
- name: SSH_LOG_LEVEL
value: "INFO"
- name: GITEA_APP_INI
value: /data/gitea/conf/app.ini
- name: GITEA_CUSTOM
@@ -181,8 +183,8 @@ spec:
value: /tmp/gitea
- name: TMPDIR
value: /tmp/gitea
- name: HOME
value: /data/gitea/git
- name: TZ
value: Europe/Paris
ports:
- name: ssh
containerPort: 2222
@@ -234,6 +236,12 @@ spec:
secretName: gitea-inline-config
- name: temp
emptyDir: {}
- name: data
persistentVolumeClaim:
claimName: gitea-shared-storage
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "10Gi"

3
apps/gitea/index.rhai
View File

@@ -4,10 +4,9 @@ const SRC=src;
const DEST=dest;
fn pre_pack() {
shell("helm repo add gitea-charts https://dl.gitea.io/charts/");
shell(`helm template gitea --version 9.5.1 gitea-charts/gitea --namespace=vynil-ci --values values.yml >${global::SRC}/chart.yaml`);
shell(`helm template gitea --version 8.3.0 gitea-charts/gitea --namespace=vynil-ci --values values.yml >${global::SRC}/chart.yaml`);
}
fn post_pack() {
shell(`rm -f ${global::DEST}/v1_Pod_gitea-test-connection.yaml`);
shell(`rm -f ${global::DEST}/v1_Pod_gitea-test-connection.yaml`);
shell(`rm -f ${global::DEST}/v1_Secret_gitea-inline-config.yaml`);
let regex = "'\\\\\\${\\(LDAP_[A-Z_]*\\)}'";

368
apps/gitea/index.yaml
View File

@@ -9,16 +9,76 @@ metadata:
A painless self-hosted Git service.
Gitea is a community managed lightweight code hosting solution written in Go. It is published under the MIT license.
options:
volume:
push-create:
default:
size: 10Gi
org: 'true'
private: 'false'
user: 'true'
examples:
- size: 10Gi
- org: 'true'
private: 'false'
user: 'true'
properties:
size:
default: 10Gi
org:
default: 'true'
type: string
private:
default: 'false'
type: string
user:
default: 'true'
type: string
type: object
disable-registration:
default: true
examples:
- true
type: boolean
domain:
default: your-company
examples:
- your-company
type: string
timezone:
default: Europe/Paris
examples:
- Europe/Paris
type: string
replicas:
default: 1
examples:
- 1
type: integer
ssh-port:
default: 2222
examples:
- 2222
type: integer
admin:
default:
email: git-admin@git.your_company.com
name: gitea_admin
examples:
- email: git-admin@git.your_company.com
name: gitea_admin
properties:
email:
default: git-admin@git.your_company.com
type: string
name:
default: gitea_admin
type: string
type: object
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
app-group:
default: dev
examples:
- dev
type: string
postgres:
default:
replicas: 1
@@ -39,10 +99,123 @@ options:
default: '14'
type: string
type: object
issuer:
default: letsencrypt-prod
release:
default: 8.3.0
examples:
- letsencrypt-prod
- 8.3.0
type: string
volume:
default:
size: 10Gi
examples:
- size: 10Gi
properties:
size:
default: 10Gi
type: string
type: object
images:
default:
gitea:
pullPolicy: IfNotPresent
registry: docker.io
repository: gitea/gitea
tag: 1.19.3
memcached:
registry: docker.io
repository: bitnami/memcached
tag: 1.6.22
examples:
- gitea:
pullPolicy: IfNotPresent
registry: docker.io
repository: gitea/gitea
tag: 1.19.3
memcached:
registry: docker.io
repository: bitnami/memcached
tag: 1.6.22
properties:
gitea:
default:
pullPolicy: IfNotPresent
registry: docker.io
repository: gitea/gitea
tag: 1.19.3
properties:
pullPolicy:
default: IfNotPresent
enum:
- Always
- Never
- IfNotPresent
type: string
registry:
default: docker.io
type: string
repository:
default: gitea/gitea
type: string
tag:
default: 1.19.3
type: string
type: object
memcached:
default:
registry: docker.io
repository: bitnami/memcached
tag: 1.6.22
properties:
registry:
default: docker.io
type: string
repository:
default: bitnami/memcached
type: string
tag:
default: 1.6.22
type: string
type: object
type: object
theme:
default: gitea-modern
examples:
- gitea-modern
type: string
load-balancer:
default:
ip: ''
examples:
- ip: ''
properties:
ip:
default: ''
type: string
type: object
sub-domain:
default: git
examples:
- git
type: string
webhook:
default:
allowed-hosts: private
skip-tls-verify: false
examples:
- allowed-hosts: private
skip-tls-verify: false
properties:
allowed-hosts:
default: private
type: string
skip-tls-verify:
default: false
type: boolean
type: object
domain-name:
default: your_company.com
examples:
- your_company.com
type: string
backups:
default:
@@ -150,189 +323,16 @@ options:
default: false
type: boolean
type: object
domain-name:
default: your_company.com
ingress-class:
default: traefik
examples:
- your_company.com
- traefik
type: string
default-branch:
default: main
examples:
- main
type: string
ingress-class:
default: traefik
examples:
- traefik
type: string
timezone:
default: Europe/Paris
examples:
- Europe/Paris
type: string
images:
default:
gitea:
pullPolicy: IfNotPresent
registry: docker.io
repository: gitea/gitea
tag: 1.20.5-rootless
memcached:
registry: docker.io
repository: bitnami/memcached
tag: 1.6.22
examples:
- gitea:
pullPolicy: IfNotPresent
registry: docker.io
repository: gitea/gitea
tag: 1.20.5-rootless
memcached:
registry: docker.io
repository: bitnami/memcached
tag: 1.6.22
properties:
gitea:
default:
pullPolicy: IfNotPresent
registry: docker.io
repository: gitea/gitea
tag: 1.20.5-rootless
properties:
pullPolicy:
default: IfNotPresent
enum:
- Always
- Never
- IfNotPresent
type: string
registry:
default: docker.io
type: string
repository:
default: gitea/gitea
type: string
tag:
default: 1.20.5-rootless
type: string
type: object
memcached:
default:
registry: docker.io
repository: bitnami/memcached
tag: 1.6.22
properties:
registry:
default: docker.io
type: string
repository:
default: bitnami/memcached
type: string
tag:
default: 1.6.22
type: string
type: object
type: object
release:
default: 8.3.0
examples:
- 8.3.0
type: string
replicas:
default: 1
examples:
- 1
type: integer
load-balancer:
default:
ip: ''
examples:
- ip: ''
properties:
ip:
default: ''
type: string
type: object
theme:
default: gitea-modern
examples:
- gitea-modern
type: string
push-create:
default:
org: 'true'
private: 'false'
user: 'true'
examples:
- org: 'true'
private: 'false'
user: 'true'
properties:
org:
default: 'true'
type: string
private:
default: 'false'
type: string
user:
default: 'true'
type: string
type: object
webhook:
default:
allowed-hosts: private
skip-tls-verify: false
examples:
- allowed-hosts: private
skip-tls-verify: false
properties:
allowed-hosts:
default: private
type: string
skip-tls-verify:
default: false
type: boolean
type: object
domain:
default: your-company
examples:
- your-company
type: string
sub-domain:
default: git
examples:
- git
type: string
disable-registration:
default: true
examples:
- true
type: boolean
app-group:
default: dev
examples:
- dev
type: string
ssh-port:
default: 2222
examples:
- 2222
type: integer
admin:
default:
email: git-admin@git.your_company.com
name: gitea_admin
examples:
- email: git-admin@git.your_company.com
name: gitea_admin
properties:
email:
default: git-admin@git.your_company.com
type: string
name:
default: gitea_admin
type: string
type: object
dependencies:
- dist: null
category: share

15
apps/gitea/v1_PersistentVolumeClaim_gitea-shared-storage.yaml
View File

@@ -1,15 +0,0 @@
# Source: gitea/templates/gitea/pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: gitea-shared-storage
namespace: vynil-ci
annotations:
helm.sh/resource-policy: keep
spec:
accessModes:
- ReadWriteOnce
volumeMode: Filesystem
resources:
requests:
storage: 10Gi

8
apps/gitea/v1_Secret_gitea-init.yaml
View File

@@ -4,12 +4,12 @@ kind: Secret
metadata:
name: gitea-init
labels:
helm.sh/chart: gitea-9.5.1
helm.sh/chart: gitea-8.3.0
app: gitea
app.kubernetes.io/name: gitea
app.kubernetes.io/instance: gitea
app.kubernetes.io/version: "1.20.5"
version: "1.20.5"
app.kubernetes.io/version: "1.19.3"
version: "1.19.3"
app.kubernetes.io/managed-by: Helm
type: Opaque
stringData:
@@ -24,12 +24,14 @@ stringData:
set -euo pipefail
set -x
chown 1000:1000 /data
mkdir -p /data/git/.ssh
chmod -R 700 /data/git/.ssh
[ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf
# prepare temp directory structure
mkdir -p "${GITEA_TEMP}"
chown 1000:1000 "${GITEA_TEMP}"
chmod ug+rwx "${GITEA_TEMP}"

34
apps/gitea/v1_Secret_gitea.yaml
View File

@@ -4,16 +4,15 @@ kind: Secret
metadata:
name: gitea
labels:
helm.sh/chart: gitea-9.5.1
helm.sh/chart: gitea-8.3.0
app: gitea
app.kubernetes.io/name: gitea
app.kubernetes.io/instance: gitea
app.kubernetes.io/version: "1.20.5"
version: "1.20.5"
app.kubernetes.io/version: "1.19.3"
version: "1.19.3"
app.kubernetes.io/managed-by: Helm
type: Opaque
stringData:
assertions: |
config_environment.sh: |-
#!/usr/bin/env bash
set -euo pipefail
@@ -51,14 +50,14 @@ stringData:
env2ini::log " + '${setting}'"
if [[ -z "${section}" ]]; then
export "GITEA____${setting^^}=${value}" # '^^' makes the variable content uppercase
export "ENV_TO_INI____${setting^^}=${value}" # '^^' makes the variable content uppercase
return
fi
local masked_section="${section//./_0X2E_}" # '//' instructs to replace all matches
masked_section="${masked_section//-/_0X2D_}"
export "GITEA__${masked_section^^}__${setting^^}=${value}" # '^^' makes the variable content uppercase
export "ENV_TO_INI__${masked_section^^}__${setting^^}=${value}" # '^^' makes the variable content uppercase
}
function env2ini::reload_preset_envs() {
@@ -132,16 +131,15 @@ stringData:
# - initially used to set up Gitea
# Anyway, they won't harm existing app.ini files
export GITEA__SECURITY__INTERNAL_TOKEN=$(gitea generate secret INTERNAL_TOKEN)
export GITEA__SECURITY__SECRET_KEY=$(gitea generate secret SECRET_KEY)
export GITEA__OAUTH2__JWT_SECRET=$(gitea generate secret JWT_SECRET)
export GITEA__SERVER__LFS_JWT_SECRET=$(gitea generate secret LFS_JWT_SECRET)
export ENV_TO_INI__SECURITY__INTERNAL_TOKEN=$(gitea generate secret INTERNAL_TOKEN)
export ENV_TO_INI__SECURITY__SECRET_KEY=$(gitea generate secret SECRET_KEY)
export ENV_TO_INI__OAUTH2__JWT_SECRET=$(gitea generate secret JWT_SECRET)
export ENV_TO_INI__SERVER__LFS_JWT_SECRET=$(gitea generate secret LFS_JWT_SECRET)
env2ini::log "...Initial secrets generated\n"
}
# save existing envs prior to script execution. Necessary to keep order of preexisting and custom envs
env | (grep GITEA || [[ $? == 1 ]]) > /tmp/existing-envs
env | (grep ENV_TO_INI || [[ $? == 1 ]]) > /tmp/existing-envs
# MUST BE CALLED BEFORE OTHER CONFIGURATION
env2ini::generate_initial_secrets
@@ -162,10 +160,10 @@ stringData:
env2ini::log ' - oauth2.JWT_SECRET'
env2ini::log ' - server.LFS_JWT_SECRET'
unset GITEA__SECURITY__INTERNAL_TOKEN
unset GITEA__SECURITY__SECRET_KEY
unset GITEA__OAUTH2__JWT_SECRET
unset GITEA__SERVER__LFS_JWT_SECRET
unset ENV_TO_INI__SECURITY__INTERNAL_TOKEN
unset ENV_TO_INI__SECURITY__SECRET_KEY
unset ENV_TO_INI__OAUTH2__JWT_SECRET
unset ENV_TO_INI__SERVER__LFS_JWT_SECRET
fi
environment-to-ini -o $GITEA_APP_INI
environment-to-ini -o $GITEA_APP_INI -p ENV_TO_INI

8
apps/gitea/v1_Service_gitea-http.yaml
View File

@@ -4,12 +4,12 @@ kind: Service
metadata:
name: gitea-http
labels:
helm.sh/chart: gitea-9.5.1
helm.sh/chart: gitea-8.3.0
app: gitea
app.kubernetes.io/name: gitea
app.kubernetes.io/instance: gitea
app.kubernetes.io/version: "1.20.5"
version: "1.20.5"
app.kubernetes.io/version: "1.19.3"
version: "1.19.3"
app.kubernetes.io/managed-by: Helm
annotations:
{}
@@ -19,7 +19,7 @@ spec:
ports:
- name: http
port: 3000
targetPort:
targetPort: 3000
selector:
app.kubernetes.io/name: gitea
app.kubernetes.io/instance: gitea

23
apps/gitea/v1_Service_gitea-memcached.yaml Normal file
View File

@@ -0,0 +1,23 @@
# Source: gitea/charts/memcached/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: gitea-memcached
namespace: vynil-ci
labels:
app.kubernetes.io/name: memcached
helm.sh/chart: memcached-6.3.14
app.kubernetes.io/instance: gitea
app.kubernetes.io/managed-by: Helm
annotations:
spec:
type: ClusterIP
sessionAffinity: None
ports:
- name: memcache
port: 11211
targetPort: memcache
nodePort: null
selector:
app.kubernetes.io/name: memcached
app.kubernetes.io/instance: gitea

6
apps/gitea/v1_Service_gitea-ssh.yaml
View File

@@ -4,12 +4,12 @@ kind: Service
metadata:
name: gitea-ssh
labels:
helm.sh/chart: gitea-9.5.1
helm.sh/chart: gitea-8.3.0
app: gitea
app.kubernetes.io/name: gitea
app.kubernetes.io/instance: gitea
app.kubernetes.io/version: "1.20.5"
version: "1.20.5"
app.kubernetes.io/version: "1.19.3"
version: "1.19.3"
app.kubernetes.io/managed-by: Helm
annotations:
metallb.universe.tf/address-pool: mlb-pool-public