fix

apps/gitea/apps_v1_Deployment_gitea-memcached.yaml

@@ -6,7 +6,7 @@ metadata:
   namespace: vynil-ci
   labels:
     app.kubernetes.io/name: memcached
-    helm.sh/chart: memcached-6.3.14
+    helm.sh/chart: memcached-6.3.13
     app.kubernetes.io/instance: gitea
     app.kubernetes.io/managed-by: Helm
 spec:
@@ -22,7 +22,7 @@ spec:
     metadata:
       labels:
         app.kubernetes.io/name: memcached
-        helm.sh/chart: memcached-6.3.14
+        helm.sh/chart: memcached-6.3.13
         app.kubernetes.io/instance: gitea
         app.kubernetes.io/managed-by: Helm
       annotations:
@@ -47,7 +47,7 @@ spec:
       serviceAccountName: default
       containers:
         - name: memcached
-          image: docker.io/bitnami/memcached:1.6.19-debian-11-r7
+          image: docker.io/bitnami/memcached:1.6.19-debian-11-r3
           imagePullPolicy: "IfNotPresent"
           securityContext:
             runAsNonRoot: true

apps/gitea/apps_v1_StatefulSet_gitea.yaml

@@ -5,12 +5,12 @@ metadata:
   name: gitea
   annotations:
   labels:
-    helm.sh/chart: gitea-8.3.0
+    helm.sh/chart: gitea-8.0.3
     app: gitea
     app.kubernetes.io/name: gitea
     app.kubernetes.io/instance: gitea
-    app.kubernetes.io/version: "1.19.3"
+    app.kubernetes.io/version: "1.19.1"
-    version: "1.19.3"
+    version: "1.19.1"
     app.kubernetes.io/managed-by: Helm
 spec:
   replicas: 1
@@ -22,15 +22,15 @@ spec:
   template:
     metadata:
       annotations:
-        checksum/config: 27af0e4460a4b6fa0279e60d04c3d82609060dda7af59dd2051139acc1cdb203
+        checksum/config: 92a115496ca24d008eee552477c9d92637e4c5dafa30a3f43dbffed1ea616881
         checksum/ldap_0: 9356e28431e375c7fc7d624460a9f41c243f14c3f9765c40aa2b13cf46203eaf
       labels:
-        helm.sh/chart: gitea-8.3.0
+        helm.sh/chart: gitea-8.0.3
         app: gitea
         app.kubernetes.io/name: gitea
         app.kubernetes.io/instance: gitea
-        app.kubernetes.io/version: "1.19.3"
+        app.kubernetes.io/version: "1.19.1"
-        version: "1.19.3"
+        version: "1.19.1"
         app.kubernetes.io/managed-by: Helm
     spec:
       
@@ -38,7 +38,7 @@ spec:
         fsGroup: 1000
       initContainers:
         - name: init-directories
-          image: "gitea/gitea:1.19.3"
+          image: "gitea/gitea:1.19.1"
           imagePullPolicy: Always
           command: ["/usr/sbin/init_directory_structure.sh"]
           env:
@@ -70,7 +70,7 @@ spec:
               cpu: 100m
               memory: 128Mi
         - name: init-app-ini
-          image: "gitea/gitea:1.19.3"
+          image: "gitea/gitea:1.19.1"
           imagePullPolicy: Always
           command: ["/usr/sbin/config_environment.sh"]
           env:
@@ -108,7 +108,7 @@ spec:
               cpu: 100m
               memory: 128Mi
         - name: configure-gitea
-          image: "gitea/gitea:1.19.3"
+          image: "gitea/gitea:1.19.1"
           command: ["/usr/sbin/configure_gitea.sh"]
           imagePullPolicy: Always
           securityContext:
@@ -163,7 +163,7 @@ spec:
       terminationGracePeriodSeconds: 60
       containers:
         - name: gitea
-          image: "gitea/gitea:1.19.3"
+          image: "gitea/gitea:1.19.1"
           imagePullPolicy: Always
           env:
             # SSH Port values have to be set here as well for openssh configuration

apps/gitea/index.rhai

@@ -4,7 +4,7 @@ const SRC=src;
 const DEST=dest;
 fn pre_pack() {
     shell("helm repo add gitea-charts https://dl.gitea.io/charts/");
-    shell(`helm template gitea gitea-charts/gitea --namespace=vynil-ci --values values.yml >${global::SRC}/chart.yaml`);
+    shell(`helm template gitea gitea-charts/gitea --version 8.0.3 --namespace=vynil-ci --values values.yml >${global::SRC}/chart.yaml`);
 }
 fn post_pack() {
     shell(`rm -f ${global::DEST}/v1_Pod_gitea-test-connection.yaml`);

apps/gitea/index.yaml

@@ -9,98 +9,30 @@ metadata:
     A painless self-hosted Git service.
     Gitea is a community managed lightweight code hosting solution written in Go. It is published under the MIT license.
 options:
-  images:
+  postgres:
     default:
-      gitea:
+      replicas: 1
-        pullPolicy: IfNotPresent
+      storage: 10Gi
-        registry: docker.io
+      version: '14'
-        repository: gitea/gitea
-        tag: 1.19.3
-      memcached:
-        registry: docker.io
-        repository: bitnami/memcached
-        tag: 1.6.19-debian-11-r7
     examples:
-    - gitea:
+    - replicas: 1
-        pullPolicy: IfNotPresent
+      storage: 10Gi
-        registry: docker.io
+      version: '14'
-        repository: gitea/gitea
-        tag: 1.19.3
-      memcached:
-        registry: docker.io
-        repository: bitnami/memcached
-        tag: 1.6.19-debian-11-r7
     properties:
-      gitea:
+      replicas:
-        default:
+        default: 1
-          pullPolicy: IfNotPresent
+        type: integer
-          registry: docker.io
+      storage:
-          repository: gitea/gitea
+        default: 10Gi
-          tag: 1.19.3
+        type: string
-        properties:
+      version:
-          pullPolicy:
+        default: '14'
-            default: IfNotPresent
-            enum:
-            - Always
-            - Never
-            - IfNotPresent
-            type: string
-          registry:
-            default: docker.io
-            type: string
-          repository:
-            default: gitea/gitea
-            type: string
-          tag:
-            default: 1.19.3
-            type: string
-        type: object
-      memcached:
-        default:
-          registry: docker.io
-          repository: bitnami/memcached
-          tag: 1.6.19-debian-11-r7
-        properties:
-          registry:
-            default: docker.io
-            type: string
-          repository:
-            default: bitnami/memcached
-            type: string
-          tag:
-            default: 1.6.19-debian-11-r7
-            type: string
-        type: object
-    type: object
-  load-balancer:
-    default:
-      ip: ''
-    examples:
-    - ip: ''
-    properties:
-      ip:
-        default: ''
         type: string
     type: object
-  webhook:
+  domain-name:
-    default:
+    default: your_company.com
-      allowed-hosts: private
-      skip-tls-verify: false
     examples:
-    - allowed-hosts: private
+    - your_company.com
-      skip-tls-verify: false
-    properties:
-      allowed-hosts:
-        default: private
-        type: string
-      skip-tls-verify:
-        default: false
-        type: boolean
-    type: object
-  release:
-    default: 8.3.0
-    examples:
-    - 8.3.0
     type: string
   push-create:
     default:
@@ -122,6 +54,41 @@ options:
         default: 'true'
         type: string
     type: object
+  theme:
+    default: gitea-modern
+    examples:
+    - gitea-modern
+    type: string
+  release:
+    default: 8.3.0
+    examples:
+    - 8.3.0
+    type: string
+  default-branch:
+    default: main
+    examples:
+    - main
+    type: string
+  webhook:
+    default:
+      allowed-hosts: private
+      skip-tls-verify: false
+    examples:
+    - allowed-hosts: private
+      skip-tls-verify: false
+    properties:
+      allowed-hosts:
+        default: private
+        type: string
+      skip-tls-verify:
+        default: false
+        type: boolean
+    type: object
+  replicas:
+    default: 1
+    examples:
+    - 1
+    type: integer
   volume:
     default:
       size: 10Gi
@@ -132,71 +99,6 @@ options:
         default: 10Gi
         type: string
     type: object
-  default-branch:
-    default: main
-    examples:
-    - main
-    type: string
-  postgres:
-    default:
-      replicas: 1
-      storage: 10Gi
-      version: '14'
-    examples:
-    - replicas: 1
-      storage: 10Gi
-      version: '14'
-    properties:
-      replicas:
-        default: 1
-        type: integer
-      storage:
-        default: 10Gi
-        type: string
-      version:
-        default: '14'
-        type: string
-    type: object
-  ingress-class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
-  ssh-port:
-    default: 2222
-    examples:
-    - 2222
-    type: integer
-  domain-name:
-    default: your_company.com
-    examples:
-    - your_company.com
-    type: string
-  domain:
-    default: your-company
-    examples:
-    - your-company
-    type: string
-  issuer:
-    default: letsencrypt-prod
-    examples:
-    - letsencrypt-prod
-    type: string
-  disable-registration:
-    default: true
-    examples:
-    - true
-    type: boolean
-  replicas:
-    default: 1
-    examples:
-    - 1
-    type: integer
-  sub-domain:
-    default: git
-    examples:
-    - git
-    type: string
   admin:
     default:
       email: git-admin@git.your_company.com
@@ -212,15 +114,113 @@ options:
         default: gitea_admin
         type: string
     type: object
+  images:
+    default:
+      gitea:
+        pullPolicy: IfNotPresent
+        registry: docker.io
+        repository: gitea/gitea
+        tag: 1.20.1
+      memcached:
+        registry: docker.io
+        repository: bitnami/memcached
+        tag: 1.6.19-debian-11-r7
+    examples:
+    - gitea:
+        pullPolicy: IfNotPresent
+        registry: docker.io
+        repository: gitea/gitea
+        tag: 1.20.1
+      memcached:
+        registry: docker.io
+        repository: bitnami/memcached
+        tag: 1.6.19-debian-11-r7
+    properties:
+      gitea:
+        default:
+          pullPolicy: IfNotPresent
+          registry: docker.io
+          repository: gitea/gitea
+          tag: 1.20.1
+        properties:
+          pullPolicy:
+            default: IfNotPresent
+            enum:
+            - Always
+            - Never
+            - IfNotPresent
+            type: string
+          registry:
+            default: docker.io
+            type: string
+          repository:
+            default: gitea/gitea
+            type: string
+          tag:
+            default: 1.20.1
+            type: string
+        type: object
+      memcached:
+        default:
+          registry: docker.io
+          repository: bitnami/memcached
+          tag: 1.6.19-debian-11-r7
+        properties:
+          registry:
+            default: docker.io
+            type: string
+          repository:
+            default: bitnami/memcached
+            type: string
+          tag:
+            default: 1.6.19-debian-11-r7
+            type: string
+        type: object
+    type: object
   timezone:
     default: Europe/Paris
     examples:
     - Europe/Paris
     type: string
-  theme:
+  domain:
-    default: gitea-modern
+    default: your-company
     examples:
-    - gitea-modern
+    - your-company
+    type: string
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  ingress-class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  ssh-port:
+    default: 2222
+    examples:
+    - 2222
+    type: integer
+  load-balancer:
+    default:
+      ip: ''
+    examples:
+    - ip: ''
+    properties:
+      ip:
+        default: ''
+        type: string
+    type: object
+  disable-registration:
+    default: true
+    examples:
+    - true
+    type: boolean
+  sub-domain:
+    default: git
+    examples:
+    - git
     type: string
 dependencies:
 - dist: null

apps/gitea/ingress.tf

@@ -1,22 +1,27 @@
-
 locals {
     dns-names = ["${var.sub-domain}.${var.domain-name}"]
     middlewares = [{"name" = "${var.instance}-https"}]
-    services = [{
+    service = {
-      "kind" = "Service"
+      "name"  = "gitea-http"
-      "name" = "gitea-http"
+      "port" = {
-      "namespace"  = var.namespace
+        "number" = 3000
-      "port"       = 3000
+      }
-    }]
+    }
-    routes = [ for v in local.dns-names : {
+    rules = [ for v in local.dns-names : {
-      "kind"         = "Rule"
+      "host" = "${v}"
-      "match"        = "Host(`${v}`)"
+      "http" = {
-      "middlewares"  = local.middlewares
+        "paths" = [{
-      "services"     = local.services
+          "backend"  = {
+            "service" = local.service
+          }
+          "path"     = "/"
+          "pathType" = "Prefix"
+        }]
+      }
     }]
 }
 
-resource "kubectl_manifest" "gitea_certificate" {
+resource "kubectl_manifest" "prj_certificate" {
   yaml_body  = <<-EOF
     apiVersion: "cert-manager.io/v1"
     kind: "Certificate"
@@ -34,7 +39,7 @@ resource "kubectl_manifest" "gitea_certificate" {
   EOF
 }
 
-resource "kubectl_manifest" "gitea_https_redirect" {
+resource "kubectl_manifest" "prj_https_redirect" {
   yaml_body  = <<-EOF
     apiVersion: "traefik.containo.us/v1alpha1"
     kind: "Middleware"
@@ -49,21 +54,22 @@ resource "kubectl_manifest" "gitea_https_redirect" {
   EOF
 }
 
-resource "kubectl_manifest" "gitea_ingress" {
+resource "kubectl_manifest" "prj_ingress" {
   force_conflicts = true
   yaml_body  = <<-EOF
-    apiVersion: "traefik.containo.us/v1alpha1"
+    apiVersion: "networking.k8s.io/v1"
-    kind: "IngressRoute"
+    kind: "Ingress"
     metadata:
       name: "${var.instance}"
       namespace: "${var.namespace}"
       labels: ${jsonencode(local.common-labels)}
-      # annotations:
+      annotations:
-      #   "kubernetes.io/ingress.class": "${var.ingress-class}"
+        "traefik.ingress.kubernetes.io/router.middlewares": "${join(",", [for m in local.middlewares : format("%s-%s@kubernetescrd", var.namespace, m)])}"
     spec:
-      entryPoints: ["web","websecure"]
+      ingressClassName: "${var.ingress-class}"
-      routes: ${jsonencode(local.routes)}
+      rules: ${jsonencode(local.rules)}
       tls:
+      - hosts: ${jsonencode(local.dns-names)}
         secretName: "${var.instance}-cert"
   EOF
 }

apps/gitea/v1_Secret_gitea-init.yaml

@@ -4,12 +4,12 @@ kind: Secret
 metadata:
   name: gitea-init
   labels:
-    helm.sh/chart: gitea-8.3.0
+    helm.sh/chart: gitea-8.0.3
     app: gitea
     app.kubernetes.io/name: gitea
     app.kubernetes.io/instance: gitea
-    app.kubernetes.io/version: "1.19.3"
+    app.kubernetes.io/version: "1.19.1"
-    version: "1.19.3"
+    version: "1.19.1"
     app.kubernetes.io/managed-by: Helm
 type: Opaque
 stringData:

apps/gitea/v1_Secret_gitea.yaml

@@ -4,12 +4,12 @@ kind: Secret
 metadata:
   name: gitea
   labels:
-    helm.sh/chart: gitea-8.3.0
+    helm.sh/chart: gitea-8.0.3
     app: gitea
     app.kubernetes.io/name: gitea
     app.kubernetes.io/instance: gitea
-    app.kubernetes.io/version: "1.19.3"
+    app.kubernetes.io/version: "1.19.1"
-    version: "1.19.3"
+    version: "1.19.1"
     app.kubernetes.io/managed-by: Helm
 type: Opaque
 stringData:

apps/gitea/v1_Service_gitea-http.yaml

@@ -4,12 +4,12 @@ kind: Service
 metadata:
   name: gitea-http
   labels:
-    helm.sh/chart: gitea-8.3.0
+    helm.sh/chart: gitea-8.0.3
     app: gitea
     app.kubernetes.io/name: gitea
     app.kubernetes.io/instance: gitea
-    app.kubernetes.io/version: "1.19.3"
+    app.kubernetes.io/version: "1.19.1"
-    version: "1.19.3"
+    version: "1.19.1"
     app.kubernetes.io/managed-by: Helm
   annotations:
     {}

apps/gitea/v1_Service_gitea-memcached.yaml

@@ -6,7 +6,7 @@ metadata:
   namespace: vynil-ci
   labels:
     app.kubernetes.io/name: memcached
-    helm.sh/chart: memcached-6.3.14
+    helm.sh/chart: memcached-6.3.13
     app.kubernetes.io/instance: gitea
     app.kubernetes.io/managed-by: Helm
   annotations:

apps/gitea/v1_Service_gitea-ssh.yaml

@@ -4,12 +4,12 @@ kind: Service
 metadata:
   name: gitea-ssh
   labels:
-    helm.sh/chart: gitea-8.3.0
+    helm.sh/chart: gitea-8.0.3
     app: gitea
     app.kubernetes.io/name: gitea
     app.kubernetes.io/instance: gitea
-    app.kubernetes.io/version: "1.19.3"
+    app.kubernetes.io/version: "1.19.1"
-    version: "1.19.3"
+    version: "1.19.1"
     app.kubernetes.io/managed-by: Helm
   annotations:
     metallb.universe.tf/address-pool: mlb-pool-public

apps/nextcloud/datas.tf

@@ -33,6 +33,10 @@ data "kustomization_overlay" "data" {
       spec:
         template:
           spec:
+            volumes:
+            - name: certs
+              secret:
+                secretName: "${var.instance}-cert"
             containers:
             - name: nextcloud
               image: "${var.images.nextcloud.registry}/${var.images.nextcloud.repository}:${var.images.nextcloud.tag}"
@@ -58,6 +62,10 @@ data "kustomization_overlay" "data" {
                 value: "6379"
               resources:
                 {}
+              volumeMounts:
+              - name: certs
+                mountPath: /etc/local-ca
+                readOnly: true
             - name: nextcloud-nginx
               image: "${var.images.nginx.registry}/${var.images.nginx.repository}:${var.images.nginx.tag}"
               imagePullPolicy: "${var.images.nginx.pullPolicy}"

apps/nextcloud/index.yaml

@@ -6,6 +6,35 @@ metadata:
   name: nextcloud
   description: null
 options:
+  sub-domain:
+    default: cloud
+    examples:
+    - cloud
+    type: string
+  domain-name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
+  storage:
+    default:
+      accessMode: ReadWriteOnce
+      size: 10Gi
+    examples:
+    - accessMode: ReadWriteOnce
+      size: 10Gi
+    properties:
+      accessMode:
+        default: ReadWriteOnce
+        enum:
+        - ReadWriteOnce
+        - ReadOnlyMany
+        - ReadWriteMany
+        type: string
+      size:
+        default: 10Gi
+        type: string
+    type: object
   images:
     default:
       exporter:
@@ -109,31 +138,6 @@ options:
             type: string
         type: object
     type: object
-  sub-domain:
-    default: cloud
-    examples:
-    - cloud
-    type: string
-  postgres:
-    default:
-      replicas: 1
-      storage: 5Gi
-      version: '14'
-    examples:
-    - replicas: 1
-      storage: 5Gi
-      version: '14'
-    properties:
-      replicas:
-        default: 1
-        type: integer
-      storage:
-        default: 5Gi
-        type: string
-      version:
-        default: '14'
-        type: string
-    type: object
   hpa:
     default:
       avg-cpu: 50
@@ -154,21 +158,46 @@ options:
         default: 1
         type: integer
     type: object
-  domain-name:
+  postgres:
-    default: your_company.com
+    default:
+      replicas: 1
+      storage: 5Gi
+      version: '14'
     examples:
-    - your_company.com
+    - replicas: 1
+      storage: 5Gi
+      version: '14'
+    properties:
+      replicas:
+        default: 1
+        type: integer
+      storage:
+        default: 5Gi
+        type: string
+      version:
+        default: '14'
+        type: string
+    type: object
+  admin:
+    default:
+      name: nextcloud_admin
+    examples:
+    - name: nextcloud_admin
+    properties:
+      name:
+        default: nextcloud_admin
+        type: string
+    type: object
+  domain:
+    default: your-company
+    examples:
+    - your-company
     type: string
   ingress-class:
     default: traefik
     examples:
     - traefik
     type: string
-  domain:
-    default: your-company
-    examples:
-    - your-company
-    type: string
   issuer:
     default: letsencrypt-prod
     examples:
@@ -207,35 +236,6 @@ options:
         default: 2Gi
         type: string
     type: object
-  storage:
-    default:
-      accessMode: ReadWriteOnce
-      size: 10Gi
-    examples:
-    - accessMode: ReadWriteOnce
-      size: 10Gi
-    properties:
-      accessMode:
-        default: ReadWriteOnce
-        enum:
-        - ReadWriteOnce
-        - ReadOnlyMany
-        - ReadWriteMany
-        type: string
-      size:
-        default: 10Gi
-        type: string
-    type: object
-  admin:
-    default:
-      name: nextcloud_admin
-    examples:
-    - name: nextcloud_admin
-    properties:
-      name:
-        default: nextcloud_admin
-        type: string
-    type: object
 dependencies: []
 providers:
   kubernetes: true

apps/nextcloud/v1_ServiceAccount_nextcloud-serviceaccount.yaml

@@ -1,3 +1,4 @@
+---
 # Source: nextcloud/templates/serviceaccount.yaml
 apiVersion: v1
 kind: ServiceAccount