diff --git a/README.md b/README.md index 3682381..50024d2 100644 --- a/README.md +++ b/README.md @@ -314,9 +314,6 @@ gitea: Like the admin user the LDAP settings can be updated, but also disabled or deleted. All LDAP values from are available. -You can either use them in camel case or kebab case. - -camelCase: ```yaml gitea: @@ -336,25 +333,6 @@ camelCase: sshPublicKeyAttribute: sshPublicKey ``` -kebab-case: - -```yaml - gitea: - ldap: - enabled: true - name: 'MyAwesomeGiteaLdap' - security-protocol: unencrypted - host: "127.0.0.1" - port: "389" - user-search-base: ou=Users,dc=example,dc=com - user-filter: sAMAccountName=%s - admin-filter: CN=Admin,CN=Group,DC=example,DC=com - email-attribute: mail - bind-dn: CN=ldap read,OU=Spezial,DC=example,DC=com - bind-password: JustAnotherBindPw - username-attribute: CN -``` - You can also use an existing secret to set the bindDn and bindPassword: ```yaml @@ -376,19 +354,16 @@ gitea: :warning: Some options are just flags and therefore don't any values. If they are defined in `gitea.ldap` configuration, they will be passed to the gitea cli without any value. Affected options: -- notActive | not-active -- skipTlsVerify | skip-tls-verify -- allowDeactivateAll | allow-deactivate-all -- synchronizeUsers | synchronize-users -- attributesInBind | attributes-in-bind +- notActive +- skipTlsVerify +- allowDeactivateAll +- synchronizeUsers +- attributesInBind ### OAuth2 Settings Like the admin user, OAuth2 settings can be updated and disabled but not deleted. Deleting OAuth2 settings has to be done in the ui. All OAuth2 values from are available. -You can either use them in camel case or kebab case. - -camelCase: ```yaml gitea: @@ -406,24 +381,6 @@ camelCase: #customEmailUrl: ``` -kebab-case: - -```yaml - gitea: - oauth: - enabled: true - name: 'MyAwesomeGiteaOAuth' - provider: 'openidConnect' - key: 'hello' - secret: 'world' - auto-discover-url: 'https://gitea.example.com/.well-known/openid-configuration' - #use-custom-urls: - #custom-auth-url: - #custom-token-url: - #custom-profile-url: - #custom-email-url: -``` - ### Metrics and profiling A Prometheus `/metrics` endpoint on the `HTTP_PORT` and `pprof` profiling endpoints on port 6060 can be enabled under `gitea`. Beware that the metrics endpoint is exposed via the ingress, manage access using ingress annotations for example. diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index bd4339d..510f538 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -108,24 +108,24 @@ app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} {{- define "gitea.ldap_settings" -}} -{{- if and (not (hasKey .Values.gitea.ldap "bindDn")) (not (hasKey .Values.gitea.ldap "bind-dn")) -}} +{{- if not (hasKey .Values.gitea.ldap "bindDn") -}} {{- $_ := set .Values.gitea.ldap "bindDn" "" -}} {{- end -}} -{{- if and (not (hasKey .Values.gitea.ldap "bindPassword")) (not (hasKey .Values.gitea.ldap "bind-password")) -}} +{{- if not (hasKey .Values.gitea.ldap "bindPassword") -}} {{- $_ := set .Values.gitea.ldap "bindPassword" "" -}} {{- end -}} -{{- $flags := list "not-active" "skip-tls-verify" "allow-deactivate-all" "synchronize-users" "attributes-in-bind" -}} +{{- $flags := list "notActive" "skipTlsVerify" "allowDeactivateAll" "synchronizeUsers" "attributesInBind" -}} {{- range $key, $val := .Values.gitea.ldap -}} {{- if and (ne $key "enabled") (ne $key "existingSecret") -}} -{{- if eq ($key | kebabcase) "bind-dn" -}} +{{- if eq $key "bindDn" -}} {{- printf "--%s %s " ($key | kebabcase) ("${GITEA_LDAP_BIND_DN}" | quote ) -}} -{{- else if eq ($key | kebabcase) "bind-password" -}} +{{- else if eq $key "bindPassword" -}} {{- printf "--%s %s " ($key | kebabcase) ("${GITEA_LDAP_PASSWORD}" | quote ) -}} {{- else if eq $key "port" -}} -{{- printf "--%s %d " ($key | kebabcase) ($val | int) -}} -{{- else if (has ($key | kebabcase) $flags) -}} +{{- printf "--%s %d " $key ($val | int) -}} +{{- else if has $key $flags -}} {{- printf "--%s " ($key | kebabcase) -}} {{- else -}} {{- printf "--%s %s " ($key | kebabcase) ($val | squote) -}} diff --git a/templates/gitea/statefulset.yaml b/templates/gitea/statefulset.yaml index bf43597..bb13eea 100644 --- a/templates/gitea/statefulset.yaml +++ b/templates/gitea/statefulset.yaml @@ -79,6 +79,7 @@ spec: value: /data - name: GITEA_TEMP value: /tmp/gitea + {{- if .Values.gitea.ldap.enabled }} {{- if .Values.gitea.ldap.existingSecret }} - name: GITEA_LDAP_BIND_DN valueFrom: @@ -92,9 +93,10 @@ spec: name: {{ .Values.gitea.ldap.existingSecret }} {{- else }} - name: GITEA_LDAP_BIND_DN - value: {{ default (index .Values.gitea.ldap "bind-dn") .Values.gitea.ldap.bindDn | quote }} + value: {{ .Values.gitea.ldap.bindDn | quote }} - name: GITEA_LDAP_PASSWORD - value: {{ default (index .Values.gitea.ldap "bind-password") .Values.gitea.ldap.bindPassword | quote }} + value: {{ .Values.gitea.ldap.bindPassword | quote }} + {{- end }} {{- end }} {{- if .Values.gitea.admin.existingSecret }} - name: GITEA_ADMIN_USERNAME