fix

apps/gitea/index.yaml

@@ -9,76 +9,61 @@ metadata:
     A painless self-hosted Git service.
     Gitea is a community managed lightweight code hosting solution written in Go. It is published under the MIT license.
 options:
-  domain-name:
+  admin:
-    default: your_company.com
-    examples:
-    - your_company.com
-    type: string
-  ingress-class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
-  ssh-port:
-    default: 2222
-    examples:
-    - 2222
-    type: integer
-  webhook:
     default:
-      allowed-hosts: private
+      email: git-admin@git.your_company.com
-      skip-tls-verify: false
+      name: gitea_admin
     examples:
-    - allowed-hosts: private
+    - email: git-admin@git.your_company.com
-      skip-tls-verify: false
+      name: gitea_admin
     properties:
-      allowed-hosts:
+      email:
-        default: private
+        default: git-admin@git.your_company.com
         type: string
-      skip-tls-verify:
+      name:
-        default: false
+        default: gitea_admin
-        type: boolean
-    type: object
-  postgres:
-    default:
-      replicas: 1
-      storage: 10Gi
-      version: '14'
-    examples:
-    - replicas: 1
-      storage: 10Gi
-      version: '14'
-    properties:
-      replicas:
-        default: 1
-        type: integer
-      storage:
-        default: 10Gi
-        type: string
-      version:
-        default: '14'
         type: string
     type: object
-  issuer:
+  default-branch:
-    default: letsencrypt-prod
+    default: main
     examples:
-    - letsencrypt-prod
+    - main
-    type: string
-  timezone:
-    default: Europe/Paris
-    examples:
-    - Europe/Paris
-    type: string
-  domain:
-    default: your-company
-    examples:
-    - your-company
     type: string
   sub-domain:
     default: git
     examples:
     - git
     type: string
+  release:
+    default: 8.3.0
+    examples:
+    - 8.3.0
+    type: string
+  domain:
+    default: your-company
+    examples:
+    - your-company
+    type: string
+  replicas:
+    default: 1
+    examples:
+    - 1
+    type: integer
+  ssh-port:
+    default: 2222
+    examples:
+    - 2222
+    type: integer
+  ingress-class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  disable-registration:
+    default: true
+    examples:
+    - true
+    type: boolean
   push-create:
     default:
       org: 'true'
@@ -99,21 +84,6 @@ options:
         default: 'true'
         type: string
     type: object
-  admin:
-    default:
-      email: git-admin@git.your_company.com
-      name: gitea_admin
-    examples:
-    - email: git-admin@git.your_company.com
-      name: gitea_admin
-    properties:
-      email:
-        default: git-admin@git.your_company.com
-        type: string
-      name:
-        default: gitea_admin
-        type: string
-    type: object
   images:
     default:
       gitea:
@@ -177,31 +147,31 @@ options:
             type: string
         type: object
     type: object
+  webhook:
+    default:
+      allowed-hosts: private
+      skip-tls-verify: false
+    examples:
+    - allowed-hosts: private
+      skip-tls-verify: false
+    properties:
+      allowed-hosts:
+        default: private
+        type: string
+      skip-tls-verify:
+        default: false
+        type: boolean
+    type: object
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
   app-group:
     default: dev
     examples:
     - dev
     type: string
-  theme:
-    default: gitea-modern
-    examples:
-    - gitea-modern
-    type: string
-  volume:
-    default:
-      size: 10Gi
-    examples:
-    - size: 10Gi
-    properties:
-      size:
-        default: 10Gi
-        type: string
-    type: object
-  release:
-    default: 8.3.0
-    examples:
-    - 8.3.0
-    type: string
   load-balancer:
     default:
       ip: ''
@@ -212,16 +182,6 @@ options:
         default: ''
         type: string
     type: object
-  disable-registration:
-    default: true
-    examples:
-    - true
-    type: boolean
-  default-branch:
-    default: main
-    examples:
-    - main
-    type: string
   backups:
     default:
       enable: false
@@ -328,11 +288,51 @@ options:
         default: false
         type: boolean
     type: object
-  replicas:
+  postgres:
-    default: 1
+    default:
+      replicas: 1
+      storage: 10Gi
+      version: '14'
     examples:
-    - 1
+    - replicas: 1
-    type: integer
+      storage: 10Gi
+      version: '14'
+    properties:
+      replicas:
+        default: 1
+        type: integer
+      storage:
+        default: 10Gi
+        type: string
+      version:
+        default: '14'
+        type: string
+    type: object
+  timezone:
+    default: Europe/Paris
+    examples:
+    - Europe/Paris
+    type: string
+  domain-name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
+  theme:
+    default: gitea-modern
+    examples:
+    - gitea-modern
+    type: string
+  volume:
+    default:
+      size: 10Gi
+    examples:
+    - size: 10Gi
+    properties:
+      size:
+        default: 10Gi
+        type: string
+    type: object
 dependencies:
 - dist: null
   category: share

apps/gitea/ldap.tf

@@ -27,8 +27,8 @@ resource "kubectl_manifest" "gitea_ldap" {
       data:
         bindDn: "cn=${var.component}-ldapsearch,${local.base-user-dn}"
         user-search-base: "${local.base-user-dn}"
-        user-filter: "(&(|(memberof=cn=gitea_admin,${local.base-group-dn})(memberof=cn=gitea_users,${local.base-group-dn}))(|(cn=%[1]s)(mail=%[1]s)))"
+        user-filter: "(&(|(memberof=cn=${format("admin-%s", local.app-name)},${local.base-group-dn})(memberof=cn=${local.main-group},${local.base-group-dn}))(|(cn=%[1]s)(mail=%[1]s)))"
-        admin-filter: "(memberof=cn=gitea_admin,${local.base-group-dn})"
+        admin-filter: "(memberof=cn=${format("admin-%s", local.app-name)},${local.base-group-dn})"
         endpoint: "ak-outpost-ldap.${var.domain}-auth.svc"
       fields:
       - fieldName: "bindPassword"