From bc872acdd3d64498a32403b9d57c7f4ccd700983 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 13 Nov 2023 17:19:31 +0000 Subject: [PATCH 01/55] chore(deps): update alpine/helm docker tag to v3.13.2 (#562) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | alpine/helm | | minor | `3.12.3` -> `3.13.2` | | alpine/helm | container | minor | `3.12.3` -> `3.13.2` | --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/562 Reviewed-by: justusbunsi Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .gitea/workflows/release-version.yml | 2 +- .gitea/workflows/test-pr.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/release-version.yml b/.gitea/workflows/release-version.yml index 9e0d02f..644e52f 100644 --- a/.gitea/workflows/release-version.yml +++ b/.gitea/workflows/release-version.yml @@ -7,7 +7,7 @@ on: env: # renovate: datasource=docker depName=alpine/helm - HELM_VERSION: "3.12.3" + HELM_VERSION: "3.13.2" jobs: generate-chart-publish: diff --git a/.gitea/workflows/test-pr.yml b/.gitea/workflows/test-pr.yml index 0ec13da..9d61655 100644 --- a/.gitea/workflows/test-pr.yml +++ b/.gitea/workflows/test-pr.yml @@ -10,7 +10,7 @@ env: jobs: check-and-test: runs-on: ubuntu-latest - container: alpine/helm:3.12.3 + container: alpine/helm:3.13.2 steps: - name: install tools run: | From 23847eba1c99e4cc3bab14391dff7ebd5200633e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 14 Nov 2023 00:15:26 +0000 Subject: [PATCH 02/55] chore(deps): update redis-cluster docker tag to v9.1.3 (#561) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 6 +++--- Chart.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Chart.lock b/Chart.lock index 908e3d5..a40418a 100644 --- a/Chart.lock +++ b/Chart.lock @@ -7,6 +7,6 @@ dependencies: version: 11.9.4 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.1.1 -digest: sha256:35358da69169541a009540a2d6a840584390e5b53dad5b647b19bd5c14c88f93 -generated: "2023-11-06T00:07:24.742145709Z" + version: 9.1.3 +digest: sha256:6bda620320a05a5ea4efb4189a86d30092aeb0a6f3e0009538f4bea312af0863 +generated: "2023-11-14T00:08:15.790217865Z" diff --git a/Chart.yaml b/Chart.yaml index 5ce023a..2fde9b9 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -46,5 +46,5 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.1.1 + version: 9.1.3 condition: redis-cluster.enabled From 3cf91bf6e7e02e3761a3435cae5c85ede92da15f Mon Sep 17 00:00:00 2001 From: TristanHoladay Date: Tue, 14 Nov 2023 21:42:26 +0000 Subject: [PATCH 03/55] Add `image.fullOverride` (#550) ### Description of the change This PR is a continuation of the work done by @dgershman in [534](https://gitea.com/gitea/helm-chart/pulls/534), to allow users to override the image from the default rootless behavior of appending `-rootless` to the end of the image tag. ### Benefits Allows more flexibility to use externally maintained images that are rootless but don't follow the `-rootless` tag convention. ### Applicable issues - fixes #532 ### Additional information No breaking changes. This does not affect the `image.rootless` conditional checks or the current behavior if someone still wants to rely on the chart to append `-rootless`. ### Checklist - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [x] Breaking changes are documented in the `README.md` - [x] Templating unittests are added Co-authored-by: TristanHoladay <40547442+TristanHoladay@users.noreply.github.com> Co-authored-by: pat-s Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/550 Reviewed-by: justusbunsi Reviewed-by: pat-s Co-authored-by: TristanHoladay Co-committed-by: TristanHoladay --- README.md | 48 ++++++++++++++----- templates/_helpers.tpl | 5 +- unittests/deployment/image-configuration.yaml | 15 ++++++ unittests/deployment/ssh-configuration.yaml | 24 ++++++++++ .../init_directory_structure.sh-rootless.yaml | 20 ++++++++ values.yaml | 2 + 6 files changed, 100 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index fa91de0..ad4799e 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,7 @@ - [Database defaults](#database-defaults) - [Server defaults](#server-defaults) - [Metrics defaults](#metrics-defaults) + - [Rootless defaults](#rootless-defaults) - [Single-Pod Configurations](#single-pod-configurations) - [Additional _app.ini_ settings](#additional-appini-settings) - [User defined environment variables in app.ini](#user-defined-environment-variables-in-appini) @@ -172,6 +173,26 @@ The Prometheus `/metrics` endpoint is disabled by default. ENABLED = false ``` +#### Rootless Defaults + +If `.Values.image.rootless: true`, then the following will occur. In case you use `.Values.image.fullOverride`, check that this works in your image: + +- `$HOME` becomes `/data/gitea/git` + + [see deployment.yaml](./templates/gitea/deployment.yaml) template inside (init-)container "env" declarations + +- `START_SSH_SERVER: true` (Unless explicity overwritten by `gitea.config.server.START_SSH_SERVER`) + + [see \_helpers.tpl](./templates/_helpers.tpl) in `gitea.inline_configuration.defaults.server` definition + +- `SSH_LISTEN_PORT: 2222` (Unless explicity overwritten by `gitea.config.server.SSH_LISTEN_PORT`) + + [see \_helpers.tpl](./templates/_helpers.tpl) in `gitea.inline_configuration.defaults.server` definition + +- `SSH_LOG_LEVEL` environment variable is not injected into the container + + [see deployment.yaml](./templates/gitea/deployment.yaml) template inside container "env" declarations + ### Single-Pod Configurations If HA is not needed/desired, the following configurations can be used to deploy a single-pod Gitea instance. @@ -216,9 +237,9 @@ If HA is not needed/desired, the following configurations can be used to deploy **Do not use this configuration for production use**.
- + values.yml - + ```yaml redis-cluster: enabled: false @@ -226,10 +247,10 @@ If HA is not needed/desired, the following configurations can be used to deploy enabled: false postgresql-ha: enabled: false - + persistence: enabled: false - + gitea: config: database: @@ -785,15 +806,16 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo ### Image -| Name | Description | Value | -| ------------------ | --------------------------------------------------------------------------------------------------------------------------------------- | ------------- | -| `image.registry` | image registry, e.g. gcr.io,docker.io | `""` | -| `image.repository` | Image to start for this pod | `gitea/gitea` | -| `image.tag` | Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml. | `""` | -| `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | -| `image.pullPolicy` | Image pull policy | `Always` | -| `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `true` | -| `imagePullSecrets` | Secret to use for pulling the image | `[]` | +| Name | Description | Value | +| -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------- | +| `image.registry` | image registry, e.g. gcr.io,docker.io | `""` | +| `image.repository` | Image to start for this pod | `gitea/gitea` | +| `image.tag` | Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml. | `""` | +| `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | +| `image.pullPolicy` | Image pull policy | `Always` | +| `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `true` | +| `image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** | `""` | +| `imagePullSecrets` | Secret to use for pulling the image | `[]` | ### Security diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 003d39f..c2980ee 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -56,6 +56,7 @@ Create chart name and version as used by the chart label. Create image name and tag used by the deployment. */}} {{- define "gitea.image" -}} +{{- $fullOverride := .Values.image.fullOverride | default "" -}} {{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}} {{- $repository := .Values.image.repository -}} {{- $separator := ":" -}} @@ -65,7 +66,9 @@ Create image name and tag used by the deployment. {{- if .Values.image.digest }} {{- $digest = (printf "@%s" (.Values.image.digest | toString)) -}} {{- end -}} -{{- if $registry }} +{{- if $fullOverride }} + {{- printf "%s" $fullOverride -}} +{{- else if $registry }} {{- printf "%s/%s%s%s%s%s" $registry $repository $separator $tag $rootless $digest -}} {{- else -}} {{- printf "%s%s%s%s%s" $repository $separator $tag $rootless $digest -}} diff --git a/unittests/deployment/image-configuration.yaml b/unittests/deployment/image-configuration.yaml index cdfd73a..35f8981 100644 --- a/unittests/deployment/image-configuration.yaml +++ b/unittests/deployment/image-configuration.yaml @@ -57,6 +57,21 @@ tests: - equal: path: spec.template.spec.containers[0].image value: "gitea/gitea:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a" + - it: image fullOverride (does not append rootless) + template: templates/gitea/deployment.yaml + set: + image: + fullOverride: gitea/gitea:1.19.3 + # setting rootless, registry, repository, tag, and digest to prove that override works + rootless: true + registry: example.com + repository: example/image + tag: "1.0.0" + digest: sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a + asserts: + - equal: + path: spec.template.spec.containers[0].image + value: "gitea/gitea:1.19.3" - it: digest for root-based image template: templates/gitea/deployment.yaml set: diff --git a/unittests/deployment/ssh-configuration.yaml b/unittests/deployment/ssh-configuration.yaml index efd0525..543fd5f 100644 --- a/unittests/deployment/ssh-configuration.yaml +++ b/unittests/deployment/ssh-configuration.yaml @@ -27,6 +27,18 @@ tests: content: name: SSH_LOG_LEVEL value: "DEBUG" + - it: supports overriding SSH log level (even when image.fullOverride set) + template: templates/gitea/deployment.yaml + set: + image.fullOverride: gitea/gitea:1.19.3 + image.rootless: false + gitea.ssh.logLevel: "DEBUG" + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: SSH_LOG_LEVEL + value: "DEBUG" - it: skips SSH_LOG_LEVEL for rootless image template: templates/gitea/deployment.yaml set: @@ -38,3 +50,15 @@ tests: any: true content: name: SSH_LOG_LEVEL + - it: skips SSH_LOG_LEVEL for rootless image (even when image.fullOverride set) + template: templates/gitea/deployment.yaml + set: + image.fullOverride: gitea/gitea:1.19.3 + image.rootless: true + gitea.ssh.logLevel: "DEBUG" # explicitly defining a non-standard level here + asserts: + - notContains: + path: spec.template.spec.containers[0].env + any: true + content: + name: SSH_LOG_LEVEL diff --git a/unittests/init/init_directory_structure.sh-rootless.yaml b/unittests/init/init_directory_structure.sh-rootless.yaml index 854bcce..29dac81 100644 --- a/unittests/init/init_directory_structure.sh-rootless.yaml +++ b/unittests/init/init_directory_structure.sh-rootless.yaml @@ -66,3 +66,23 @@ tests: chmod 700 "${GNUPGHOME}" chown 1000:1000 "${GNUPGHOME}" fi + - it: it does not chown /data even when image.fullOverride is set + template: templates/gitea/init.yaml + set: + image.fullOverride: gitea/gitea:1.20.5 + asserts: + - equal: + path: stringData["init_directory_structure.sh"] + value: |- + #!/usr/bin/env bash + + set -euo pipefail + + set -x + mkdir -p /data/git/.ssh + chmod -R 700 /data/git/.ssh + [ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf + + # prepare temp directory structure + mkdir -p "${GITEA_TEMP}" + chmod ug+rwx "${GITEA_TEMP}" diff --git a/values.yaml b/values.yaml index 34c859d..15ecd06 100644 --- a/values.yaml +++ b/values.yaml @@ -43,6 +43,7 @@ clusterDomain: cluster.local ## @param image.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` ## @param image.pullPolicy Image pull policy ## @param image.rootless Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher +## @param image.fullOverride Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** image: registry: "" repository: gitea/gitea @@ -51,6 +52,7 @@ image: digest: "" pullPolicy: Always rootless: true + fullOverride: "" ## @param imagePullSecrets Secret to use for pulling the image imagePullSecrets: [] From 7499fecc1ac74ac54e2e240ec1caa75f2fa46bb7 Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Tue, 14 Nov 2023 22:23:01 +0000 Subject: [PATCH 04/55] Fix domain macro (#560) ### Description of the change This supersedes #359 by fixing the fallback domain value when no ingress host is defined. Memcached is not used anymore. PostgreSQL macro has already been fixed otherwise. ### Checklist - [x] Templating unittests are added Co-authored-by: pat-s Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/560 Reviewed-by: pat-s Co-authored-by: justusbunsi Co-committed-by: justusbunsi --- templates/_helpers.tpl | 2 +- unittests/config/server-section_domain.yaml | 67 +++++++++++++++++++++ 2 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 unittests/config/server-section_domain.yaml diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index c2980ee..0843da5 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -151,7 +151,7 @@ app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} {{- define "gitea.default_domain" -}} -{{- printf "%s-gitea.%s.svc.%s" (include "gitea.fullname" .) .Release.Namespace .Values.clusterDomain | trunc 63 | trimSuffix "-" -}} +{{- printf "%s-http.%s.svc.%s" (include "gitea.fullname" .) .Release.Namespace .Values.clusterDomain -}} {{- end -}} {{- define "gitea.ldap_settings" -}} diff --git a/unittests/config/server-section_domain.yaml b/unittests/config/server-section_domain.yaml new file mode 100644 index 0000000..27a59c7 --- /dev/null +++ b/unittests/config/server-section_domain.yaml @@ -0,0 +1,67 @@ +suite: config template | server section (domain related) +release: + name: gitea-unittests + namespace: testing +tests: + - it: "[default values] uses ingress host for DOMAIN|SSH_DOMAIN|ROOT_URL" + template: templates/gitea/config.yaml + asserts: + - documentIndex: 0 + matchRegex: + path: stringData.server + pattern: \nDOMAIN=git.example.com + - documentIndex: 0 + matchRegex: + path: stringData.server + pattern: \nSSH_DOMAIN=git.example.com + - documentIndex: 0 + matchRegex: + path: stringData.server + pattern: \nROOT_URL=http://git.example.com + +################################################ + + - it: "[no ingress hosts] uses gitea http service for DOMAIN|SSH_DOMAIN|ROOT_URL" + template: templates/gitea/config.yaml + set: + ingress: + hosts: [] + asserts: + - documentIndex: 0 + matchRegex: + path: stringData.server + pattern: \nDOMAIN=gitea-unittests-http.testing.svc.cluster.local + - documentIndex: 0 + matchRegex: + path: stringData.server + pattern: \nSSH_DOMAIN=gitea-unittests-http.testing.svc.cluster.local + - documentIndex: 0 + matchRegex: + path: stringData.server + pattern: \nROOT_URL=http://gitea-unittests-http.testing.svc.cluster.local + +################################################ + + - it: "[provided via values] uses that for DOMAIN|SSH_DOMAIN|ROOT_URL" + template: templates/gitea/config.yaml + set: + gitea.config.server.DOMAIN: provided.example.com + ingress: + hosts: + - host: non-used.example.com + paths: + - path: / + pathType: Prefix + asserts: + - documentIndex: 0 + matchRegex: + path: stringData.server + pattern: \nDOMAIN=provided.example.com + - documentIndex: 0 + matchRegex: + path: stringData.server + pattern: \nSSH_DOMAIN=provided.example.com + - documentIndex: 0 + matchRegex: + path: stringData.server + pattern: \nROOT_URL=http://provided.example.com From dcf1891eddd858d0ad56e1a2fa5ea1501d287d75 Mon Sep 17 00:00:00 2001 From: pat-s Date: Tue, 14 Nov 2023 23:27:27 +0000 Subject: [PATCH 05/55] Publish chart on Dockerhub (#525) As title. Co-authored-by: techknowlogick Co-authored-by: justusbunsi Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/525 Reviewed-by: justusbunsi --- .gitea/workflows/release-version.yml | 6 +++++- README.md | 14 ++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/release-version.yml b/.gitea/workflows/release-version.yml index 644e52f..829bb38 100644 --- a/.gitea/workflows/release-version.yml +++ b/.gitea/workflows/release-version.yml @@ -41,7 +41,7 @@ jobs: # Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843 - name: package chart run: | - echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin + echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin # FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved helm plugin install https://github.com/pat-s/helm-gpg helm dependency update @@ -51,6 +51,10 @@ jobs: mv gitea*.tgz gitea/ curl -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml helm repo index gitea/ --url https://dl.gitea.com/charts --merge gitea/index.yaml + # push to dockerhub + echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin + helm push gitea-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts + helm registry logout registry-1.docker.io - name: aws credential configure uses: https://github.com/aws-actions/configure-aws-credentials@v2 diff --git a/README.md b/README.md index ad4799e..0f5b2ce 100644 --- a/README.md +++ b/README.md @@ -95,6 +95,12 @@ helm repo update helm install gitea gitea-charts/gitea ``` +Alternatively, the chart can also be installed from Dockerhub (since v9.6.0) + +```sh +helm install gitea oci://registry-1.docker.io/giteacharts/gitea +``` + When upgrading, please refer to the [Upgrading](#upgrading) section at the bottom of this document for major and breaking changes. ## High Availability @@ -1105,14 +1111,18 @@ gitea: CONN_STR: redis+cluster://:gitea@gitea-redis-cluster-headless..svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& ``` + **Switch to rootless image by default** + If you are facing errors like `WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED` due to this automatic transition: Have a look at [this discussion](https://gitea.com/gitea/helm-chart/issues/487#issue-220660) and either set `image.rootless: false` or manually update your `~/.ssh/known_hosts` file(s). + **Transitioning from a RWO to RWX Persistent Volume** + If you want to switch to a RWX volume and go for HA, you need to @@ -1120,8 +1130,10 @@ If you want to switch to a RWX volume and go for HA, you need to 2. Let the chart create a new RWX PV (or do it statically yourself) 3. Restore the backup to the same location in the new PV + **Transitioning from Postgres to Postgres HA** + If you are running with a non-HA PG DB from a previous chart release, you need to set @@ -1130,8 +1142,10 @@ If you are running with a non-HA PG DB from a previous chart release, you need t This is needed to stay with your existing single-instance DB (as the HA-variant is the new default). + **Change of env-to-ini prefix** + Before this release, the env-to-ini prefix was `ENV_TO_INI__`. This allowed a clear distinction between user-provided and chart-provided env-to-ini variables. From 7eea1acf057b9c5ae957d4e0565fae8ef57ccf30 Mon Sep 17 00:00:00 2001 From: pat-s Date: Thu, 16 Nov 2023 10:14:34 +0000 Subject: [PATCH 06/55] chore: reduce redis-cluster pods and move HA out of "experimental" state (#565) The pod reduction for `redis-cluster` should help users seeking for a Gitea deployment with less pods. Users seeking for a minimal deployment are further advised to follow https://gitea.com/gitea/helm-chart#user-content-single-pod-configurations. HA is working fine in the provided configuration and should be moved out of the "experimental" state given that there were no reports of Gitea malfunctioning reported to HA usage in recent months/since v9 release. Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/565 Reviewed-by: techknowlogick Co-authored-by: pat-s Co-committed-by: pat-s --- README.md | 18 +++++++++--------- docs/ha-setup.md | 7 +++++-- values.yaml | 5 +++++ 3 files changed, 19 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 0f5b2ce..6dfc5bd 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ - [Database defaults](#database-defaults) - [Server defaults](#server-defaults) - [Metrics defaults](#metrics-defaults) - - [Rootless defaults](#rootless-defaults) + - [Rootless Defaults](#rootless-defaults) - [Single-Pod Configurations](#single-pod-configurations) - [Additional _app.ini_ settings](#additional-appini-settings) - [User defined environment variables in app.ini](#user-defined-environment-variables-in-appini) @@ -105,10 +105,8 @@ When upgrading, please refer to the [Upgrading](#upgrading) section at the botto ## High Availability -⚠️ **EXPERIMENTAL** ⚠️ - -Since version 9.0.0 this chart has experimental support for running Gitea and it's dependencies in a HA setup. -The setup is still experimental and care must be taken for production use as Gitea core is not yet officially HA-ready. +Since version 9.0.0 this chart supports running Gitea and it's dependencies in HA mode. +Care must be taken for production use as not all implementation details of Gitea core are officially HA-ready yet. Deploying a HA-ready Gitea instance requires some effort including using HA-ready dependencies. See the [HA Setup](docs/ha-setup.md) document for more details. @@ -996,10 +994,12 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo ### redis-cluster -| Name | Description | Value | -| --------------------------- | -------------------------------------- | ------- | -| `redis-cluster.enabled` | Enable redis | `true` | -| `redis-cluster.usePassword` | Whether to use password authentication | `false` | +| Name | Description | Value | +| -------------------------------- | -------------------------------------------- | ------- | +| `redis-cluster.enabled` | Enable redis | `true` | +| `redis-cluster.usePassword` | Whether to use password authentication | `false` | +| `redis-cluster.cluster.nodes` | Number of redis cluster master nodes | `3` | +| `redis-cluster.cluster.replicas` | Number of redis cluster master node replicas | `0` | ### PostgreSQL-ha diff --git a/docs/ha-setup.md b/docs/ha-setup.md index 4620317..b3ed491 100644 --- a/docs/ha-setup.md +++ b/docs/ha-setup.md @@ -1,7 +1,5 @@ # High Availability -⚠️ **EXPERIMENTAL** ⚠️ - All components (in-memory DB, volume/asset storage, code indexer) used by Gitea must be deployed in a HA-ready fashion to achieve a full HA-ready Gitea deployment. The following document explains how to achieve this for all individual components. @@ -97,6 +95,11 @@ To do so, you need to set the following configuration values yourself: - `gitea.config.cache.ADAPTER`: `redis` - `gitea.config.cache.HOST`: `` +By default, the `redis-cluster` chart provisions three standalone master nodes of which each has a single replica. +To reduce the number of pods for a default Gitea deployment, we opted to omit the replicas (`replicas: 0`) by default. +Only the minimum required number of master pods for a functional `redis-cluster` deployment are provisioned. +For a "proper" `redis-cluster` setup however, we recommend to set `replicas: 1` and `nodes: 6`. + ## Object and asset storage Object/asset storage refers to the storage of attachments, avatars, LFS files, etc. diff --git a/values.yaml b/values.yaml index 15ecd06..b6712e7 100644 --- a/values.yaml +++ b/values.yaml @@ -479,9 +479,14 @@ gitea: ## @section redis-cluster ## @param redis-cluster.enabled Enable redis ## @param redis-cluster.usePassword Whether to use password authentication +## @param redis-cluster.cluster.nodes Number of redis cluster master nodes +## @param redis-cluster.cluster.replicas Number of redis cluster master node replicas redis-cluster: enabled: true usePassword: false + cluster: + nodes: 3 # default: 6 + replicas: 0 # default: 1 ## @section postgresql-ha # From ead62a0dbcdaa6d347a622f9c2037dc25df37543 Mon Sep 17 00:00:00 2001 From: pat-s Date: Thu, 16 Nov 2023 20:42:17 +0000 Subject: [PATCH 07/55] Bump to 1.21.0 (#566) Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/566 Reviewed-by: justusbunsi Co-authored-by: pat-s Co-committed-by: pat-s --- Chart.yaml | 2 +- README.md | 11 ++++++++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/Chart.yaml b/Chart.yaml index 2fde9b9..624a8b7 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -3,7 +3,7 @@ name: gitea description: Gitea Helm chart for Kubernetes type: application version: 0.0.0 -appVersion: 1.20.5 +appVersion: 1.21.0 icon: https://gitea.com/assets/img/logo.svg keywords: diff --git a/README.md b/README.md index 6dfc5bd..9f70734 100644 --- a/README.md +++ b/README.md @@ -706,7 +706,7 @@ extraVolumes: extraVolumeMounts: - name: gitea-themes readOnly: true - mountPath: "/data/gitea/public/css" + mountPath: "/data/gitea/public/assets/css" ``` The secret can be created via `terraform`: @@ -1051,6 +1051,15 @@ If you miss this, blindly upgrading may delete your Postgres instance and you ma
+To 9.6.0 + +Chart 9.6.0 ships with Gitea 1.21.0. +While there are no breaking changes in the chart, please check the changes of the [1.21 release blog post](https://blog.gitea.com/release-of-1.21.0/). + +
+ +
+ To 9.0.0 This chart release comes with many breaking changes while aiming for a HA-ready setup. From d52ead0be740beae4c4dc5b2670034e33630cd1b Mon Sep 17 00:00:00 2001 From: pat-s Date: Thu, 16 Nov 2023 20:45:10 +0000 Subject: [PATCH 08/55] Renovate: run tests on branches, group deps and adjust schedule to weekends (#556) Co-authored-by: justusbunsi Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/556 Co-authored-by: pat-s Co-committed-by: pat-s --- .gitea/workflows/test-pr.yml | 8 ++++++- renovate.json5 | 44 +++++++++++++++++++++--------------- 2 files changed, 33 insertions(+), 19 deletions(-) diff --git a/.gitea/workflows/test-pr.yml b/.gitea/workflows/test-pr.yml index 9d61655..6cef8e3 100644 --- a/.gitea/workflows/test-pr.yml +++ b/.gitea/workflows/test-pr.yml @@ -1,7 +1,13 @@ name: check-and-test on: - - pull_request + pull_request: + branches: + - "*" + push: + branches: + - main + - "renovate/**" env: # renovate: datasource=github-releases depName=helm-unittest/helm-unittest diff --git a/renovate.json5 b/renovate.json5 index f4b9100..b4fd56d 100644 --- a/renovate.json5 +++ b/renovate.json5 @@ -1,25 +1,33 @@ { - $schema: "https://docs.renovatebot.com/renovate-schema.json", - extends: ["gitea>gitea/renovate-config"], - labels: ["kind/dependency"], + $schema: 'https://docs.renovatebot.com/renovate-schema.json', + extends: [ + 'gitea>gitea/renovate-config', + ':automergeMinor', + 'schedule:automergeDaily', + 'schedule:weekends', + ], + labels: ['kind/dependency'], + automergeStrategy: 'squash', customManagers: [ - { - description: 'Gitea-version of https://docs.renovatebot.com/presets-regexManagers/#regexmanagersgithubactionsversions', - customType: 'regex', - fileMatch: ['.gitea/workflows/.+\\.ya?ml$'], - matchStrings: [ - '# renovate: datasource=(?[a-z-.]+?) depName=(?[^\\s]+?)(?: (?:lookupName|packageName)=(?[^\\s]+?))?(?: versioning=(?[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?.+?)["\']?\\s', - ], - }, - ], + { + description: 'Gitea-version of https://docs.renovatebot.com/presets-regexManagers/#regexmanagersgithubactionsversions', + customType: 'regex', + fileMatch: ['.gitea/workflows/.+\\.ya?ml$'], + matchStrings: [ + '# renovate: datasource=(?[a-z-.]+?) depName=(?[^\\s]+?)(?: (?:lookupName|packageName)=(?[^\\s]+?))?(?: versioning=(?[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?.+?)["\']?\\s', + ], + }, + ], packageRules: [ { - description: "Automerge minor + patch dependency updates weekly", - matchManagers: ["helmv3"], - matchUpdateTypes: ["minor", "patch", "digest"], - automerge: true, - automergeStrategy: "squash", - extends: ["schedule:weekly"], + groupName: 'subcharts (minor & patch)', + matchManagers: ['helmv3'], + matchUpdateTypes: ['minor', 'patch', 'digest'], + }, + { + groupName: 'workflow dependencies (minor & patch)', + matchManagers: ['github-actions', 'npm', 'regex'], + matchUpdateTypes: ['minor', 'patch', 'digest'], }, ], } From 6c0699e86e245885c8630c8b52ee76f13209c9a8 Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Thu, 16 Nov 2023 21:00:39 +0000 Subject: [PATCH 09/55] Switch imagePullPolicy to "IfNotPresent" (#568) ### Benefits Less image pulls. ### Additional information committed via GUI - so no signature on first commit. Co-authored-by: pat-s Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/568 Reviewed-by: pat-s Co-authored-by: justusbunsi Co-committed-by: justusbunsi --- README.md | 20 ++++++++++---------- unittests/config/server-section_domain.yaml | 4 ++-- values.yaml | 2 +- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 9f70734..f47df85 100644 --- a/README.md +++ b/README.md @@ -810,16 +810,16 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo ### Image -| Name | Description | Value | -| -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------- | -| `image.registry` | image registry, e.g. gcr.io,docker.io | `""` | -| `image.repository` | Image to start for this pod | `gitea/gitea` | -| `image.tag` | Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml. | `""` | -| `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | -| `image.pullPolicy` | Image pull policy | `Always` | -| `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `true` | -| `image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** | `""` | -| `imagePullSecrets` | Secret to use for pulling the image | `[]` | +| Name | Description | Value | +| -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | +| `image.registry` | image registry, e.g. gcr.io,docker.io | `""` | +| `image.repository` | Image to start for this pod | `gitea/gitea` | +| `image.tag` | Visit: [Image tag](https://hub.docker.com/r/gitea/gitea/tags?page=1&ordering=last_updated). Defaults to `appVersion` within Chart.yaml. | `""` | +| `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.rootless` | Wether or not to pull the rootless version of Gitea, only works on Gitea 1.14.x or higher | `true` | +| `image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** | `""` | +| `imagePullSecrets` | Secret to use for pulling the image | `[]` | ### Security diff --git a/unittests/config/server-section_domain.yaml b/unittests/config/server-section_domain.yaml index 27a59c7..cf5a3b8 100644 --- a/unittests/config/server-section_domain.yaml +++ b/unittests/config/server-section_domain.yaml @@ -19,7 +19,7 @@ tests: path: stringData.server pattern: \nROOT_URL=http://git.example.com -################################################ + ################################################ - it: "[no ingress hosts] uses gitea http service for DOMAIN|SSH_DOMAIN|ROOT_URL" template: templates/gitea/config.yaml @@ -40,7 +40,7 @@ tests: path: stringData.server pattern: \nROOT_URL=http://gitea-unittests-http.testing.svc.cluster.local -################################################ + ################################################ - it: "[provided via values] uses that for DOMAIN|SSH_DOMAIN|ROOT_URL" template: templates/gitea/config.yaml diff --git a/values.yaml b/values.yaml index b6712e7..2736a2f 100644 --- a/values.yaml +++ b/values.yaml @@ -50,7 +50,7 @@ image: # Overrides the image tag whose default is the chart appVersion. tag: "" digest: "" - pullPolicy: Always + pullPolicy: IfNotPresent rootless: true fullOverride: "" From f7d661ee3a3b1b750d0a7db8fbbf8a96c3199fda Mon Sep 17 00:00:00 2001 From: pat-s Date: Thu, 16 Nov 2023 22:07:25 +0100 Subject: [PATCH 10/55] fix release workflow --- .gitea/workflows/release-version.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/release-version.yml b/.gitea/workflows/release-version.yml index 829bb38..6458a88 100644 --- a/.gitea/workflows/release-version.yml +++ b/.gitea/workflows/release-version.yml @@ -49,11 +49,11 @@ jobs: helm gpg sign "gitea-${GITHUB_REF#refs/tags/v}.tgz" mkdir gitea mv gitea*.tgz gitea/ - curl -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml + curl -s -L -o gitea/index.yaml https://dl.gitea.com/charts/index.yaml helm repo index gitea/ --url https://dl.gitea.com/charts --merge gitea/index.yaml # push to dockerhub echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin - helm push gitea-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts + helm push gitea/gitea-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts helm registry logout registry-1.docker.io - name: aws credential configure From 5c4bcaa1e308f89070658abce5e7d6a9be04914e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 25 Nov 2023 04:10:18 +0000 Subject: [PATCH 11/55] chore(config): migrate renovate config (#575) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- renovate.json5 | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/renovate.json5 b/renovate.json5 index b4fd56d..74278dd 100644 --- a/renovate.json5 +++ b/renovate.json5 @@ -6,13 +6,17 @@ 'schedule:automergeDaily', 'schedule:weekends', ], - labels: ['kind/dependency'], + labels: [ + 'kind/dependency', + ], automergeStrategy: 'squash', customManagers: [ { description: 'Gitea-version of https://docs.renovatebot.com/presets-regexManagers/#regexmanagersgithubactionsversions', customType: 'regex', - fileMatch: ['.gitea/workflows/.+\\.ya?ml$'], + fileMatch: [ + '.gitea/workflows/.+\\.ya?ml$', + ], matchStrings: [ '# renovate: datasource=(?[a-z-.]+?) depName=(?[^\\s]+?)(?: (?:lookupName|packageName)=(?[^\\s]+?))?(?: versioning=(?[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?.+?)["\']?\\s', ], @@ -21,13 +25,27 @@ packageRules: [ { groupName: 'subcharts (minor & patch)', - matchManagers: ['helmv3'], - matchUpdateTypes: ['minor', 'patch', 'digest'], + matchManagers: [ + 'helmv3', + ], + matchUpdateTypes: [ + 'minor', + 'patch', + 'digest', + ], }, { groupName: 'workflow dependencies (minor & patch)', - matchManagers: ['github-actions', 'npm', 'regex'], - matchUpdateTypes: ['minor', 'patch', 'digest'], + matchManagers: [ + 'github-actions', + 'npm', + 'custom.regex', + ], + matchUpdateTypes: [ + 'minor', + 'patch', + 'digest', + ], }, ], } From 34c1212939e1c4184ca3bd83171dc90ecbf3f9ca Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Mon, 27 Nov 2023 18:35:42 +0000 Subject: [PATCH 12/55] Use `helm dependency build` in release build (#563) Using `helm dependency update` may result in unwillingly updating the dependencies while cutting a release. I wasn't able to do so. Most likely due to the dependency pinning in Chart.yaml and Chart.lock. Based on Helm documentation, `update` uses Chart.yaml[^1] while `build` uses Chart.lock[^2]. All in all it is safer to use `helm dependency build`. :D [^1]: https://helm.sh/docs/helm/helm_dependency_update/ [^2]: https://helm.sh/docs/helm/helm_dependency_build/ Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/563 Reviewed-by: pat-s --- .gitea/workflows/release-version.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/release-version.yml b/.gitea/workflows/release-version.yml index 6458a88..0b516ab 100644 --- a/.gitea/workflows/release-version.yml +++ b/.gitea/workflows/release-version.yml @@ -44,7 +44,7 @@ jobs: echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin # FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved helm plugin install https://github.com/pat-s/helm-gpg - helm dependency update + helm dependency build helm package --version "${GITHUB_REF#refs/tags/v}" ./ helm gpg sign "gitea-${GITHUB_REF#refs/tags/v}.tgz" mkdir gitea From 8bcd2dc63b00af2cd19d1c08113eaf7be19bca34 Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Mon, 27 Nov 2023 18:36:47 +0000 Subject: [PATCH 13/55] Detect major dependency version bumps (#571) As seen in #507 and #569, there is no guarantee for us that minor dependency updates are actually minor updates for the dependent application itself. The Chart version might be minor - and therefore automatically merged when build is green - but the used Docker image inside the Chart could still be a major version change. To effectively prevent such automerge when the application major version changes, there is now a test file that has the currently used major versions hard-coded. In case of an actual major bump, this file has to be adjusted. Looking at `redis-cluster`, there might be several major Chart versions with the same major application version. This PR is related to #409 but does not fully resolve it. Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/571 Reviewed-by: pat-s --- Makefile | 2 +- unittests/dependency-major-image-check.yaml | 42 +++++++++++++++++++++ 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 unittests/dependency-major-image-check.yaml diff --git a/Makefile b/Makefile index e3e4f03..4e4b5bd 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,7 @@ readme: prepare-environment .PHONY: unittests unittests: - helm unittest --strict -f 'unittests/**/*.yaml' ./ + helm unittest --strict -f 'unittests/**/*.yaml' -f 'unittests/dependency-major-image-check.yaml' ./ .PHONY: helm update-helm-dependencies: diff --git a/unittests/dependency-major-image-check.yaml b/unittests/dependency-major-image-check.yaml new file mode 100644 index 0000000..f50d58c --- /dev/null +++ b/unittests/dependency-major-image-check.yaml @@ -0,0 +1,42 @@ +suite: Dependency update consistency +release: + name: gitea-unittests + namespace: testing +tests: + - it: "[postgresql-ha] ensures we detect major image version upgrades" + template: charts/postgresql-ha/templates/postgresql/statefulset.yaml + set: + postgresql: + enabled: false + postgresql-ha: + enabled: true + asserts: + - documentIndex: 0 + matchRegex: + path: spec.template.spec.containers[0].image + # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST + pattern: ^docker.io/bitnami/postgresql-repmgr:15.+$ + - it: "[postgresql] ensures we detect major image version upgrades" + template: charts/postgresql/templates/primary/statefulset.yaml + set: + postgresql: + enabled: true + postgresql-ha: + enabled: false + asserts: + - documentIndex: 0 + matchRegex: + path: spec.template.spec.containers[0].image + # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST + pattern: ^docker.io/bitnami/postgresql:15.+$ + - it: "[redis-cluster] ensures we detect major image version upgrades" + template: charts/redis-cluster/templates/redis-statefulset.yaml + set: + redis-cluster: + enabled: true + asserts: + - documentIndex: 0 + matchRegex: + path: spec.template.spec.containers[0].image + # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST + pattern: ^docker.io/bitnami/redis-cluster:7.+$ From b265d87f55e9549a408e8e6c6a63e872303a10dd Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Mon, 27 Nov 2023 18:38:14 +0000 Subject: [PATCH 14/55] Improve experience on writing unittests (#570) While working on #409, I noticed that some unittests contains either invalid assertion methods (`isNotEmpty`) or invalid properties (`any`) for a specific assertion method (`notContains`). As our tests pass - and I have ensured that they can fail - this seems related to the YAML schema validation in the IDE. I've noticed that `isNotEmpty` was replaced by `isNotNullOrEmpty`[^1] in version v0.3.2[^2]. At least from a schema validation point of view. It is still working. Maybe deprecated? I don't know. Regarding the `any` property, the documentation seems incorrect. I've filed a PR for it[^3]. As soon as that PR is merged and released, we could probably validate the test YAML files in our PR workflow. Last, since we renovate the used helm-unittest version, we should also renovate the used YAML schema file. [^1]: https://github.com/helm-unittest/helm-unittest/pull/139 [^2]: https://github.com/helm-unittest/helm-unittest/releases/tag/v0.3.2 [^3]: https://github.com/helm-unittest/helm-unittest/pull/243 Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/570 Reviewed-by: pat-s --- .vscode/settings.json | 2 +- renovate.json5 | 9 +++++++++ unittests/gpg-secret/signing-enabled.yaml | 2 +- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index d709909..812b1f8 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,6 +1,6 @@ { "yaml.schemas": { - "https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json": [ + "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.3.6/schema/helm-testsuite.json": [ "/unittests/**/*.yaml" ] }, diff --git a/renovate.json5 b/renovate.json5 index 74278dd..1831179 100644 --- a/renovate.json5 +++ b/renovate.json5 @@ -21,6 +21,15 @@ '# renovate: datasource=(?[a-z-.]+?) depName=(?[^\\s]+?)(?: (?:lookupName|packageName)=(?[^\\s]+?))?(?: versioning=(?[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?.+?)["\']?\\s', ], }, + { + description: 'Detect helm-unittest yaml schema file', + customType: 'regex', + fileMatch: ['.vscode/settings\\.json$'], + matchStrings: [ + 'https:\\/\\/raw\\.githubusercontent\\.com\\/(?[^\\s]+?)\\/(?v[0-9.]+?)\\/schema\\/helm-testsuite\\.json', + ], + datasourceTemplate: 'github-releases', + }, ], packageRules: [ { diff --git a/unittests/gpg-secret/signing-enabled.yaml b/unittests/gpg-secret/signing-enabled.yaml index 4040793..8fcab68 100644 --- a/unittests/gpg-secret/signing-enabled.yaml +++ b/unittests/gpg-secret/signing-enabled.yaml @@ -33,7 +33,7 @@ tests: kind: Secret apiVersion: v1 name: gitea-unittests-gpg-key - - isNotEmpty: + - isNotNullOrEmpty: path: metadata.labels - equal: path: data.privateKey From 0081cabe0b2c6e758354630963055298e997b1de Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 27 Nov 2023 21:00:37 +0000 Subject: [PATCH 15/55] Bump to 1.21.1 (#576) Changelog: https://github.com/go-gitea/gitea/releases/tag/v1.21.1 Co-authored-by: justusbunsi Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/576 Reviewed-by: justusbunsi Co-authored-by: pat-s Co-committed-by: pat-s --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 624a8b7..da438be 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -3,7 +3,7 @@ name: gitea description: Gitea Helm chart for Kubernetes type: application version: 0.0.0 -appVersion: 1.21.0 +appVersion: 1.21.1 icon: https://gitea.com/assets/img/logo.svg keywords: From 7e403d5ef67006b7c0ec0f7a319ee2992b60b523 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 4 Dec 2023 19:49:43 +0000 Subject: [PATCH 16/55] chore(deps): update postgresql-ha docker tag to v12 (#528) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `11.9.4` -> `12.3.1` | --- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Co-authored-by: pat-s Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/528 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 6 +++--- Chart.yaml | 2 +- unittests/dependency-major-image-check.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Chart.lock b/Chart.lock index a40418a..5d48181 100644 --- a/Chart.lock +++ b/Chart.lock @@ -4,9 +4,9 @@ dependencies: version: 12.12.10 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 11.9.4 + version: 12.3.1 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts version: 9.1.3 -digest: sha256:6bda620320a05a5ea4efb4189a86d30092aeb0a6f3e0009538f4bea312af0863 -generated: "2023-11-14T00:08:15.790217865Z" +digest: sha256:f0dc6b0142ec7bb8e7f89a48e04aca1912017f408e845db0f8b686f1217b9c7e +generated: "2023-12-01T00:12:50.856889705Z" diff --git a/Chart.yaml b/Chart.yaml index da438be..196d5c9 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -41,7 +41,7 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 11.9.4 + version: 12.3.1 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster diff --git a/unittests/dependency-major-image-check.yaml b/unittests/dependency-major-image-check.yaml index f50d58c..db33ed7 100644 --- a/unittests/dependency-major-image-check.yaml +++ b/unittests/dependency-major-image-check.yaml @@ -15,7 +15,7 @@ tests: matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^docker.io/bitnami/postgresql-repmgr:15.+$ + pattern: ^docker.io/bitnami/postgresql-repmgr:16.+$ - it: "[postgresql] ensures we detect major image version upgrades" template: charts/postgresql/templates/primary/statefulset.yaml set: From a1d9059e53df441ea7227da7bf138258ac7acd65 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 10 Dec 2023 00:20:59 +0000 Subject: [PATCH 17/55] chore(deps): update postgresql-ha docker tag to v12.3.2 (#582) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 6 +++--- Chart.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Chart.lock b/Chart.lock index 5d48181..3313ab6 100644 --- a/Chart.lock +++ b/Chart.lock @@ -4,9 +4,9 @@ dependencies: version: 12.12.10 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.3.1 + version: 12.3.2 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts version: 9.1.3 -digest: sha256:f0dc6b0142ec7bb8e7f89a48e04aca1912017f408e845db0f8b686f1217b9c7e -generated: "2023-12-01T00:12:50.856889705Z" +digest: sha256:2a4acb1c862b9871ae07f245b1bc82e743885ebf03479d1ae985f91f3cb0c021 +generated: "2023-12-10T00:11:43.988506072Z" diff --git a/Chart.yaml b/Chart.yaml index 196d5c9..d4392b6 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -41,7 +41,7 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.3.1 + version: 12.3.2 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster From d8758092993c1730e28d956e846debaf50b2282d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 11 Dec 2023 00:13:00 +0000 Subject: [PATCH 18/55] chore(deps): update dependency markdownlint-cli to ^0.38.0 (#583) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- package-lock.json | 65 +++++++++++++++++++++++++---------------------- package.json | 2 +- 2 files changed, 35 insertions(+), 32 deletions(-) diff --git a/package-lock.json b/package-lock.json index 0faac29..90cad8b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8,7 +8,7 @@ "license": "MIT", "devDependencies": { "@bitnami/readme-generator-for-helm": "^2.5.0", - "markdownlint-cli": "^0.37.0" + "markdownlint-cli": "^0.38.0" }, "engines": { "node": ">=16.0.0", @@ -261,9 +261,9 @@ } }, "node_modules/ignore": { - "version": "5.2.4", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.2.4.tgz", - "integrity": "sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ==", + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.0.tgz", + "integrity": "sha512-g7dmpshy+gD7mh88OC9NwSGTKoc3kyLAZQRU1mt53Aw/vnvfXnbC+F/7F7QoYVKbV+KNvJx8wArewKy1vXMtlg==", "dev": true, "engines": { "node": ">= 4" @@ -310,9 +310,9 @@ "dev": true }, "node_modules/jackspeak": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.2.0.tgz", - "integrity": "sha512-r5XBrqIJfwRIjRt/Xr5fv9Wh09qyhHfKnYddDlpM+ibRR20qrYActpCAgU6U+d53EOEjzkvxPMVHSlgR7leXrQ==", + "version": "2.3.6", + "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz", + "integrity": "sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==", "dev": true, "dependencies": { "@isaacs/cliui": "^8.0.2" @@ -370,9 +370,9 @@ } }, "node_modules/markdown-it": { - "version": "13.0.1", - "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-13.0.1.tgz", - "integrity": "sha512-lTlxriVoy2criHP0JKRhO2VDG9c2ypWCsT237eDiLqi09rmbKoUetyGHq2uOIRoRS//kfoJckS0eUzzkDR+k2Q==", + "version": "13.0.2", + "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-13.0.2.tgz", + "integrity": "sha512-FtwnEuuK+2yVU7goGn/MJ0WBZMM9ZPgU9spqlFs7/A/pDIUNSOQZhUgOqYCficIuR2QaFnrt8LHqBWsbTAoI5w==", "dev": true, "dependencies": { "argparse": "^2.0.1", @@ -399,31 +399,34 @@ } }, "node_modules/markdownlint": { - "version": "0.31.1", - "resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.31.1.tgz", - "integrity": "sha512-CKMR2hgcIBrYlIUccDCOvi966PZ0kJExDrUi1R+oF9PvqQmCrTqjOsgIvf2403OmJ+CWomuzDoylr6KbuMyvHA==", + "version": "0.32.1", + "resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.32.1.tgz", + "integrity": "sha512-3sx9xpi4xlHlokGyHO9k0g3gJbNY4DI6oNEeEYq5gQ4W7UkiJ90VDAnuDl2U+yyXOUa6BX+0gf69ZlTUGIBp6A==", "dev": true, "dependencies": { - "markdown-it": "13.0.1", + "markdown-it": "13.0.2", "markdownlint-micromark": "0.1.7" }, "engines": { - "node": ">=16" + "node": ">=18" + }, + "funding": { + "url": "https://github.com/sponsors/DavidAnson" } }, "node_modules/markdownlint-cli": { - "version": "0.37.0", - "resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.37.0.tgz", - "integrity": "sha512-hNKAc0bWBBuVhJbSWbUhRzavstiB4o1jh3JeSpwC4/dt6eJ54lRfYHRxVdzVp4qGWBKbeE6Pg490PFEfrKjqSg==", + "version": "0.38.0", + "resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.38.0.tgz", + "integrity": "sha512-qkZRKJ4LVq6CJIkRIuJsEHvhWhm+FP0E7yhHvOMrrgdykgFWNYD4wuhZTjvigbJLTKPooP79yPiUDDZBCBI5JA==", "dev": true, "dependencies": { - "commander": "~11.0.0", + "commander": "~11.1.0", "get-stdin": "~9.0.0", - "glob": "~10.3.4", - "ignore": "~5.2.4", + "glob": "~10.3.10", + "ignore": "~5.3.0", "js-yaml": "^4.1.0", "jsonc-parser": "~3.2.0", - "markdownlint": "~0.31.1", + "markdownlint": "~0.32.1", "minimatch": "~9.0.3", "run-con": "~1.3.2" }, @@ -431,7 +434,7 @@ "markdownlint": "markdownlint.js" }, "engines": { - "node": ">=16" + "node": ">=18" } }, "node_modules/markdownlint-cli/node_modules/brace-expansion": { @@ -444,28 +447,28 @@ } }, "node_modules/markdownlint-cli/node_modules/commander": { - "version": "11.0.0", - "resolved": "https://registry.npmjs.org/commander/-/commander-11.0.0.tgz", - "integrity": "sha512-9HMlXtt/BNoYr8ooyjjNRdIilOTkVJXB+GhxMTtOKwk0R4j4lS4NpjuqmRxroBfnfTSHQIHQB7wryHhXarNjmQ==", + "version": "11.1.0", + "resolved": "https://registry.npmjs.org/commander/-/commander-11.1.0.tgz", + "integrity": "sha512-yPVavfyCcRhmorC7rWlkHn15b4wDVgVmBA7kV4QVBsF7kv/9TKJAbAXVTxvTnwP8HHKjRCJDClKbciiYS7p0DQ==", "dev": true, "engines": { "node": ">=16" } }, "node_modules/markdownlint-cli/node_modules/glob": { - "version": "10.3.5", - "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.5.tgz", - "integrity": "sha512-bYUpUD7XDEHI4Q2O5a7PXGvyw4deKR70kHiDxzQbe925wbZknhOzUt2xBgTkYL6RBcVeXYuD9iNYeqoWbBZQnA==", + "version": "10.3.10", + "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.10.tgz", + "integrity": "sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g==", "dev": true, "dependencies": { "foreground-child": "^3.1.0", - "jackspeak": "^2.0.3", + "jackspeak": "^2.3.5", "minimatch": "^9.0.1", "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0", "path-scurry": "^1.10.1" }, "bin": { - "glob": "dist/cjs/src/bin.js" + "glob": "dist/esm/bin.mjs" }, "engines": { "node": ">=16 || 14 >=14.17" diff --git a/package.json b/package.json index 44ef232..138146a 100644 --- a/package.json +++ b/package.json @@ -14,6 +14,6 @@ }, "devDependencies": { "@bitnami/readme-generator-for-helm": "^2.5.0", - "markdownlint-cli": "^0.37.0" + "markdownlint-cli": "^0.38.0" } } From 88a1650ce4ab191045501ad3a75f48cd3bb3447f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 11 Dec 2023 13:18:16 +0000 Subject: [PATCH 19/55] chore(deps): update postgresql docker tag to v13 (#579) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | major | `12.12.10` -> `13.2.24` | --- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Co-authored-by: pat-s Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/579 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 6 +++--- Chart.yaml | 2 +- unittests/dependency-major-image-check.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Chart.lock b/Chart.lock index 3313ab6..0acd9cf 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 12.12.10 + version: 13.2.24 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts version: 12.3.2 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts version: 9.1.3 -digest: sha256:2a4acb1c862b9871ae07f245b1bc82e743885ebf03479d1ae985f91f3cb0c021 -generated: "2023-12-10T00:11:43.988506072Z" +digest: sha256:a23ae06fa54de80f57931b1f87dd5562e30d6dd20d84104114751da92a83d7a1 +generated: "2023-12-10T00:22:32.894342032Z" diff --git a/Chart.yaml b/Chart.yaml index d4392b6..e994dcf 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -36,7 +36,7 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 12.12.10 + version: 13.2.24 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha diff --git a/unittests/dependency-major-image-check.yaml b/unittests/dependency-major-image-check.yaml index db33ed7..27fd39b 100644 --- a/unittests/dependency-major-image-check.yaml +++ b/unittests/dependency-major-image-check.yaml @@ -28,7 +28,7 @@ tests: matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^docker.io/bitnami/postgresql:15.+$ + pattern: ^docker.io/bitnami/postgresql:16.+$ - it: "[redis-cluster] ensures we detect major image version upgrades" template: charts/redis-cluster/templates/redis-statefulset.yaml set: From ff932a0bf96d39c55af87da08f9ed81e8dce5a97 Mon Sep 17 00:00:00 2001 From: pat-s Date: Wed, 13 Dec 2023 16:56:02 +0000 Subject: [PATCH 20/55] Update README with new dependency versioning approach (#578) As discussed in https://gitea.com/gitea/helm-chart/issues/572. Also added a bit more context and updates to the overall "Dependencies" sections. Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/578 Reviewed-by: justusbunsi Co-authored-by: pat-s Co-committed-by: pat-s --- README.md | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 53 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index f47df85..8a3a28d 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,9 @@ - [Introduction](#introduction) - [Update and versioning policy](#update-and-versioning-policy) - [Dependencies](#dependencies) + - [HA Dependencies](#ha-dependencies) + - [Non-HA Dependencies](#non-ha-dependencies) + - [Dependency Versioning](#dependency-versioning) - [Installing](#installing) - [High Availability](#high-availability) - [Configuration](#configuration) @@ -79,13 +82,42 @@ Yet most often no issues will be encountered and the chart maintainers aim to co ## Dependencies -Gitea can be run with an external database and cache. -This chart provides those dependencies, which can be enabled, or disabled via configuration. +Gitea is most performant when run with an external database and cache. +This chart provides those dependencies via sub-charts. +Users can also configure their own external providers via the configuration. -Dependencies: +### HA Dependencies -- PostgreSQL HA ([configuration](#postgresql)) -- Redis Cluster ([configuration](#cache)) +These dependencies are enabled by default: + +- PostgreSQL HA ([Bitnami PostgreSQL-HA](https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml)) +- Redis-Cluster ([Bitnami Redis-Cluster](https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml)) + +### Non-HA Dependencies + +Alternatively, the following non-HA replacements are available: + +- PostgreSQL ([Bitnami PostgreSQL](postgresql](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml))) + +### Dependency Versioning + +Updates of sub-charts will be incorporated into the Gitea chart as they are released. +The reasoning behind this is that new users of the chart will start with the most recent sub-chart dependency versions. + +**Note** If you want to stay on an older appVersion of a sub-chart dependency (e.g. PostgreSQL), you need to override the image tag in your `values.yaml` file. +In fact, we recommend to do so right from the start to be independent of major sub-chart dependency changes as they are released. +There is no need to update to every new PostgreSQL major version - you can happily skip some and do larger updates when you are ready for them. + +We recommend to use a rolling tag like `:-debian-` to incorporate minor and patch updates for the respective major version as they are released. +Alternatively you can also use a versioning helper tool like [renovate](https://github.com/renovatebot/renovate). + +Please double-check the image repository and available tags in the sub-chart: + +- [PostgreSQL-HA](https://hub.docker.com/r/bitnami/postgresql-repmgr/tags) +- [PostgreSQL](https://hub.docker.com/r/bitnami/postgresql/tags) +- [Redis Cluster](https://hub.docker.com/r/bitnami/redis-cluster/tags) + +and look up the image tag which fits your needs on Dockerhub. ## Installing @@ -1051,6 +1083,22 @@ If you miss this, blindly upgrading may delete your Postgres instance and you ma
+To 10.0.0 + + + +**Breaking changes** + + +- Update PostgreSQL sub-chart dependencies to appVersion 16.x +- Update to sub-charts versioning approach: Users are encouraged to pin the version tag of the sub-chart dependencies to a major appVersion. + This avoids issues during chart upgrades and allows to incorporate new sub-chart versions as they are released. + Please see the new [README section describing the versioning approach for sub-chart versions](#dependency-versioning). + +
+ +
+ To 9.6.0 Chart 9.6.0 ships with Gitea 1.21.0. From 060945a486e3ed444284e06c77a3af7bc61f9939 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 17 Dec 2023 00:21:50 +0000 Subject: [PATCH 21/55] chore(deps): update postgresql-ha docker tag to v12.3.3 (#587) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 6 +++--- Chart.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Chart.lock b/Chart.lock index 0acd9cf..aefe5eb 100644 --- a/Chart.lock +++ b/Chart.lock @@ -4,9 +4,9 @@ dependencies: version: 13.2.24 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.3.2 + version: 12.3.3 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts version: 9.1.3 -digest: sha256:a23ae06fa54de80f57931b1f87dd5562e30d6dd20d84104114751da92a83d7a1 -generated: "2023-12-10T00:22:32.894342032Z" +digest: sha256:c4ae8a7ddfb6670acc7f39d5728a0929f6c7666d32459229b5e4e66b19749677 +generated: "2023-12-17T00:11:27.841588235Z" diff --git a/Chart.yaml b/Chart.yaml index e994dcf..c69c2a0 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -41,7 +41,7 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.3.2 + version: 12.3.3 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster From 223069d042bfbeb34d5739d9155d67979ec75bb8 Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 18 Dec 2023 08:43:18 +0000 Subject: [PATCH 22/55] Add config fallbacks for `session`, `cache` and `queue` when disabling redis-cluster (#585) ### Description of the change Add config fallbacks for `session`, `cache` and `queue` including tests. ### Benefits If users disable the default `redis-cluster` sub-chart dependency, this will configure the respective sections to use the Gitea defaults as listed in https://docs.gitea.com/next/administration/config-cheat-sheet. ### Possible drawbacks Users will run on non-optimal settings for production without knowing their config. ### Applicable issues - fixes #584 #573 #489 #476 #468 #453 ### Checklist - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [x] Breaking changes are documented in the `README.md` - [x] Templating unittests are added Co-authored-by: justusbunsi Co-authored-by: justusbunsi Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/585 Reviewed-by: justusbunsi --- README.md | 11 +++++++ templates/NOTES.txt | 16 ++++++++++ templates/_helpers.tpl | 32 +++++++++++++------- unittests/config/cache-config.yaml | 45 ++++++++++++++++++++++++++++ unittests/config/queue-config.yaml | 45 ++++++++++++++++++++++++++++ unittests/config/session-config.yaml | 45 ++++++++++++++++++++++++++++ 6 files changed, 183 insertions(+), 11 deletions(-) create mode 100644 unittests/config/cache-config.yaml create mode 100644 unittests/config/queue-config.yaml create mode 100644 unittests/config/session-config.yaml diff --git a/README.md b/README.md index 8a3a28d..2c0de9e 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,7 @@ - [Server defaults](#server-defaults) - [Metrics defaults](#metrics-defaults) - [Rootless Defaults](#rootless-defaults) + - [Session, Cache and Queue](#session-cache-and-queue) - [Single-Pod Configurations](#single-pod-configurations) - [Additional _app.ini_ settings](#additional-appini-settings) - [User defined environment variables in app.ini](#user-defined-environment-variables-in-appini) @@ -229,6 +230,16 @@ If `.Values.image.rootless: true`, then the following will occur. In case you us [see deployment.yaml](./templates/gitea/deployment.yaml) template inside container "env" declarations +#### Session, Cache and Queue + +The session, cache and queue settings are set to use the built-in Redis Cluster sub-chart dependency. +If Redis Cluster is disabled, the chart will fall back to the Gitea defaults which use "memory" for `session` and `cache` and "level" for `queue`. + +While these will work and even not cause immediate issues after startup, **they are not recommended for production use**. +Reasons being that a single pod will take on all the work for `session` and `cache` tasks in its available memory. +It is likely that the pod will run out of memory or will face substantial memory spikes, depending on the workload. +External tools such as `redis-cluster` or `memcached` handle these workloads much better. + ### Single-Pod Configurations If HA is not needed/desired, the following configurations can be used to deploy a single-pod Gitea instance. diff --git a/templates/NOTES.txt b/templates/NOTES.txt index 25b35e7..ad5a8fa 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -18,3 +18,19 @@ echo "Visit http://127.0.0.1:{{ .Values.service.http.port }} to use your application" kubectl --namespace {{ .Release.Namespace }} port-forward svc/{{ .Release.Name }}-http {{ .Values.service.http.port }}:{{ .Values.service.http.port }} {{- end }} +{{- $warnings := list -}} +{{- if eq (get .Values.gitea.config.cache "ADAPTER") "memory" -}} + {{- $warnings = append $warnings "Gitea uses 'memory' for caching which is not recommended for production use. See https://docs.gitea.com/next/administration/config-cheat-sheet#cache-cache for available options." -}} +{{- end }} +{{- if eq (get .Values.gitea.config.queue "TYPE") "level" -}} + {{- $warnings = append $warnings "Gitea uses 'leveldb' for queue actions which is not recommended for production use. See https://docs.gitea.com/next/administration/config-cheat-sheet#queue-queue-and-queue for available options." -}} +{{- end }} +{{- if eq (get .Values.gitea.config.session "PROVIDER") "memory" -}} + {{- $warnings = append $warnings "Gitea uses 'memory' for sessions which is not recommended for production use. See https://docs.gitea.com/next/administration/config-cheat-sheet#session-session for available options." -}} +{{- end }} +{{- if gt (len $warnings) 0 }} +2. Review these warnings: +{{- range $warnings }} + - {{ . }} +{{- end }} +{{- end }} diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 0843da5..727401c 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -290,23 +290,33 @@ https {{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}} {{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}} {{- end -}} - {{- if (index .Values "redis-cluster").enabled -}} - {{- $_ := set .Values.gitea.config.cache "ENABLED" "true" -}} - {{- $_ := set .Values.gitea.config.cache "ADAPTER" "redis" -}} - {{- if not (.Values.gitea.config.cache.HOST) -}} - {{- $_ := set .Values.gitea.config.cache "HOST" (include "redis.dns" .) -}} - {{- end -}} - {{- end -}} {{- /* redis queue */ -}} {{- if (index .Values "redis-cluster").enabled -}} {{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}} {{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "redis.dns" .) -}} - {{- end -}} - {{- if not (get .Values.gitea.config.session "PROVIDER") -}} {{- $_ := set .Values.gitea.config.session "PROVIDER" "redis" -}} - {{- end -}} - {{- if not (get .Values.gitea.config.session "PROVIDER_CONFIG") -}} {{- $_ := set .Values.gitea.config.session "PROVIDER_CONFIG" (include "redis.dns" .) -}} + {{- $_ := set .Values.gitea.config.cache "ADAPTER" "redis" -}} + {{- $_ := set .Values.gitea.config.cache "HOST" (include "redis.dns" .) -}} + {{- else -}} + {{- if not (get .Values.gitea.config.session "PROVIDER") -}} + {{- $_ := set .Values.gitea.config.session "PROVIDER" "memory" -}} + {{- end -}} + {{- if not (get .Values.gitea.config.session "PROVIDER_CONFIG") -}} + {{- $_ := set .Values.gitea.config.session "PROVIDER_CONFIG" "" -}} + {{- end -}} + {{- if not (get .Values.gitea.config.queue "TYPE") -}} + {{- $_ := set .Values.gitea.config.queue "TYPE" "level" -}} + {{- end -}} + {{- if not (get .Values.gitea.config.queue "CONN_STR") -}} + {{- $_ := set .Values.gitea.config.queue "CONN_STR" "" -}} + {{- end -}} + {{- if not (get .Values.gitea.config.cache "ADAPTER") -}} + {{- $_ := set .Values.gitea.config.cache "ADAPTER" "memory" -}} + {{- end -}} + {{- if not (get .Values.gitea.config.cache "HOST") -}} + {{- $_ := set .Values.gitea.config.cache "HOST" "" -}} + {{- end -}} {{- end -}} {{- if not .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE -}} {{- $_ := set .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE" "db" -}} diff --git a/unittests/config/cache-config.yaml b/unittests/config/cache-config.yaml new file mode 100644 index 0000000..cd55d90 --- /dev/null +++ b/unittests/config/cache-config.yaml @@ -0,0 +1,45 @@ +suite: config template | cache config +release: + name: gitea-unittests + namespace: testing +tests: + - it: "cache is configured correctly for redis-cluster" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: true + asserts: + - documentIndex: 0 + equal: + path: stringData.cache + value: |- + ADAPTER=redis + HOST=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + + - it: "cache is configured correctly for 'memory' when redis-cluster is disabled" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + asserts: + - documentIndex: 0 + equal: + path: stringData.cache + value: |- + ADAPTER=memory + HOST= + + - it: "cache can be customized when redis-cluster is disabled" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + gitea.config.cache.ADAPTER: custom-adapter + gitea.config.cache.HOST: custom-host + asserts: + - documentIndex: 0 + equal: + path: stringData.cache + value: |- + ADAPTER=custom-adapter + HOST=custom-host diff --git a/unittests/config/queue-config.yaml b/unittests/config/queue-config.yaml new file mode 100644 index 0000000..f83543a --- /dev/null +++ b/unittests/config/queue-config.yaml @@ -0,0 +1,45 @@ +suite: config template | queue config +release: + name: gitea-unittests + namespace: testing +tests: + - it: "queue is configured correctly for redis-cluster" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: true + asserts: + - documentIndex: 0 + equal: + path: stringData.queue + value: |- + CONN_STR=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + TYPE=redis + + - it: "queue is configured correctly for 'levelDB' when redis-cluster is disabled" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + asserts: + - documentIndex: 0 + equal: + path: stringData.queue + value: |- + CONN_STR= + TYPE=level + + - it: "queue can be customized when redis-cluster is disabled" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + gitea.config.queue.TYPE: custom-type + gitea.config.queue.CONN_STR: custom-connection-string + asserts: + - documentIndex: 0 + equal: + path: stringData.queue + value: |- + CONN_STR=custom-connection-string + TYPE=custom-type diff --git a/unittests/config/session-config.yaml b/unittests/config/session-config.yaml new file mode 100644 index 0000000..2b6e771 --- /dev/null +++ b/unittests/config/session-config.yaml @@ -0,0 +1,45 @@ +suite: config template | session config +release: + name: gitea-unittests + namespace: testing +tests: + - it: "session is configured correctly for redis-cluster" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: true + asserts: + - documentIndex: 0 + equal: + path: stringData.session + value: |- + PROVIDER=redis + PROVIDER_CONFIG=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + + - it: "session is configured correctly for 'memory' when redis-cluster is disabled" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + asserts: + - documentIndex: 0 + equal: + path: stringData.session + value: |- + PROVIDER=memory + PROVIDER_CONFIG= + + - it: "session can be customized when redis-cluster is disabled" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + gitea.config.session.PROVIDER: custom-provider + gitea.config.session.PROVIDER_CONFIG: custom-provider-config + asserts: + - documentIndex: 0 + equal: + path: stringData.session + value: |- + PROVIDER=custom-provider + PROVIDER_CONFIG=custom-provider-config From 59b246302bf7ee58812716ff2e80278a77311007 Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Mon, 18 Dec 2023 08:44:51 +0000 Subject: [PATCH 23/55] Properly distinguish predefined and custom env vars in environment-to-ini (#586) ### Description of the change https://gitea.com/gitea/helm-chart/pulls/464#issuecomment-744656 was never taken into account. Somehow I missed that the PR was already merged when I replied. ### Benefits Without this fix: ```text Reloading preset envs... + 'GITEA_POSTGRESQL_HA_PGPOOL_SERVICE_PORT' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP_PROTO' + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP_PROTO' + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP_PORT' + 'GITEA_APP_INI' + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP_ADDR' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_SERVICE_HOST' + 'GITEA_WORK_DIR' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP_ADDR' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_SERVICE_PORT_POSTGRESQL' + 'GITEA_TEMP' + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP_PORT' + 'GITEA_POSTGRESQL_HA_PGPOOL_SERVICE_PORT_POSTGRESQL' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_SERVICE_PORT' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP' + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP' + 'GITEA_CUSTOM' + 'GITEA_POSTGRESQL_HA_PGPOOL_SERVICE_HOST' + 'GITEA__metrics__ENABLED' === All configuration sources loaded === ``` With this fix: ```text Reloading preset envs... + 'GITEA__metrics__ENABLED' === All configuration sources loaded === ``` Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/586 Reviewed-by: techknowlogick Reviewed-by: pat-s Co-authored-by: justusbunsi Co-committed-by: justusbunsi --- templates/gitea/config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/gitea/config.yaml b/templates/gitea/config.yaml index 1c7ab1d..e0eb6de 100644 --- a/templates/gitea/config.yaml +++ b/templates/gitea/config.yaml @@ -174,7 +174,7 @@ stringData: } # save existing envs prior to script execution. Necessary to keep order of preexisting and custom envs - env | (grep GITEA || [[ $? == 1 ]]) > /tmp/existing-envs + env | (grep -e '^GITEA__' || [[ $? == 1 ]]) > /tmp/existing-envs # MUST BE CALLED BEFORE OTHER CONFIGURATION env2ini::generate_initial_secrets From 323bcd7526b4a0988733a94a34b9e8872309df45 Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 18 Dec 2023 08:51:39 +0000 Subject: [PATCH 24/55] Bump Gitea to 1.21.2 (#588) Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/588 Co-authored-by: pat-s Co-committed-by: pat-s --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index c69c2a0..98db9dc 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -3,7 +3,7 @@ name: gitea description: Gitea Helm chart for Kubernetes type: application version: 0.0.0 -appVersion: 1.21.1 +appVersion: 1.21.2 icon: https://gitea.com/assets/img/logo.svg keywords: From f0d0c00ed62feb3aceff5b6d13e5a64fe5c1b493 Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Thu, 21 Dec 2023 07:59:18 +0000 Subject: [PATCH 25/55] Properly sanitize `gitea admin` output (#590) ### Description of the change With https://github.com/go-gitea/gitea/pull/28390, Gitea 1.21.2 introduced warning log output within the result of `gitea admin ` and therefore affects the current provisioning script. That script previously assumed a clean result set and was therefore doomed to fail at _some_ point. This introduces output sanitizing to trim such logs above the actual result table. ### Applicable issues - fixes #589 ### Additional information The non-sanitized output were only an issue for admin account provisioning, and only when the username matched one of these words (in case of #589 it was `gitea`): ```text .../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24. ``` LDAP and OAuth sources were not affected by this particular log line, but also processed non-sanitized result sets. Changing their code is a precaution. Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/590 Reviewed-by: pat-s Co-authored-by: justusbunsi Co-committed-by: justusbunsi --- templates/gitea/init.yaml | 69 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 66 insertions(+), 3 deletions(-) diff --git a/templates/gitea/init.yaml b/templates/gitea/init.yaml index f07f1a5..a67166b 100644 --- a/templates/gitea/init.yaml +++ b/templates/gitea/init.yaml @@ -86,7 +86,28 @@ stringData: {{- if or .Values.gitea.admin.existingSecret (and .Values.gitea.admin.username .Values.gitea.admin.password) }} function configure_admin_user() { - local ACCOUNT_ID=$(gitea admin user list --admin | grep -e "\s\+${GITEA_ADMIN_USERNAME}\s\+" | awk -F " " "{printf \$1}") + local full_admin_list=$(gitea admin user list --admin) + local actual_user_table='' + + # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line + local regex="(.*)(ID\s+Username\s+Email\s+IsActive.*)" + if [[ "${full_admin_list}" =~ $regex ]]; then + actual_user_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline + else + # This code block should never be reached, as long as the output table header remains the same. + # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script. + + echo "ERROR: 'configure_admin_user' was not able to determine the current list of admin users." + echo " Please review the output of 'gitea admin user list --admin' shown below." + echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues." + echo "DEBUG: Output of 'gitea admin user list --admin'" + echo "--" + echo "${full_admin_list}" + echo "--" + exit 1 + fi + + local ACCOUNT_ID=$(echo "${actual_user_table}" | grep -E "\s+${GITEA_ADMIN_USERNAME}\s+" | awk -F " " "{printf \$1}") if [[ -z "${ACCOUNT_ID}" ]]; then echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..." gitea admin user create --admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }} --must-change-password=false @@ -105,7 +126,28 @@ stringData: {{- if .Values.gitea.ldap }} {{- range $idx, $value := .Values.gitea.ldap }} local LDAP_NAME={{ (printf "%s" $value.name) | squote }} - local GITEA_AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " " "{print \$1}") + local full_auth_list=$(gitea admin auth list --vertical-bars) + local actual_auth_table='' + + # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line + local regex="(.*)(ID\s+\|Name\s+\|Type\s+\|Enabled.*)" + if [[ "${full_auth_list}" =~ $regex ]]; then + actual_auth_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline + else + # This code block should never be reached, as long as the output table header remains the same. + # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script. + + echo "ERROR: 'configure_ldap' was not able to determine the current list of authentication sources." + echo " Please review the output of 'gitea admin auth list --vertical-bars' shown below." + echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues." + echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'" + echo "--" + echo "${full_auth_list}" + echo "--" + exit 1 + fi + + local GITEA_AUTH_ID=$(echo "${actual_auth_table}" | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " " "{print \$1}") if [[ -z "${GITEA_AUTH_ID}" ]]; then echo "No ldap configuration found with name '${LDAP_NAME}'. Installing it now..." @@ -128,7 +170,28 @@ stringData: {{- if .Values.gitea.oauth }} {{- range $idx, $value := .Values.gitea.oauth }} local OAUTH_NAME={{ (printf "%s" $value.name) | squote }} - local AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " " "{print \$1}") + local full_auth_list=$(gitea admin auth list --vertical-bars) + local actual_auth_table='' + + # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line + local regex="(.*)(ID\s+\|Name\s+\|Type\s+\|Enabled.*)" + if [[ "${full_auth_list}" =~ $regex ]]; then + actual_auth_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline + else + # This code block should never be reached, as long as the output table header remains the same. + # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script. + + echo "ERROR: 'configure_oauth' was not able to determine the current list of authentication sources." + echo " Please review the output of 'gitea admin auth list --vertical-bars' shown below." + echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues." + echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'" + echo "--" + echo "${full_auth_list}" + echo "--" + exit 1 + fi + + local AUTH_ID=$(echo "${actual_auth_table}" | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " " "{print \$1}") if [[ -z "${AUTH_ID}" ]]; then echo "No oauth configuration found with name '${OAUTH_NAME}'. Installing it now..." From 469eacaf1c960747177af4b3cad4e70ca03d27ed Mon Sep 17 00:00:00 2001 From: pat-s Date: Sat, 23 Dec 2023 16:12:59 +0100 Subject: [PATCH 26/55] bump to gitea 1.21.3 --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 98db9dc..8d11ecf 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -3,7 +3,7 @@ name: gitea description: Gitea Helm chart for Kubernetes type: application version: 0.0.0 -appVersion: 1.21.2 +appVersion: 1.21.3 icon: https://gitea.com/assets/img/logo.svg keywords: From 8a191f0eca0c25d504be1801cc72b3c04b2dd97d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 28 Dec 2023 00:33:07 +0000 Subject: [PATCH 27/55] chore(deps): update subcharts (minor & patch) (#593) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 10 +++++----- Chart.yaml | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Chart.lock b/Chart.lock index aefe5eb..286441f 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.2.24 + version: 13.2.26 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.3.3 + version: 12.3.5 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.1.3 -digest: sha256:c4ae8a7ddfb6670acc7f39d5728a0929f6c7666d32459229b5e4e66b19749677 -generated: "2023-12-17T00:11:27.841588235Z" + version: 9.1.4 +digest: sha256:1f76d28f5fda7d10fe814416c6d1d1a02fd626d8b9e895d28acf3ebf3fa71780 +generated: "2023-12-28T00:15:48.963793716Z" diff --git a/Chart.yaml b/Chart.yaml index 8d11ecf..fc997fc 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -36,15 +36,15 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.2.24 + version: 13.2.26 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.3.3 + version: 12.3.5 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.1.3 + version: 9.1.4 condition: redis-cluster.enabled From 7b7789e65d07876c90729b61aec7b9690c58f90f Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Fri, 29 Dec 2023 02:33:50 +0000 Subject: [PATCH 28/55] chore(deps): update alpine/helm docker tag to v3.13.3 (#592) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .gitea/workflows/release-version.yml | 2 +- .gitea/workflows/test-pr.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/release-version.yml b/.gitea/workflows/release-version.yml index 0b516ab..724a77e 100644 --- a/.gitea/workflows/release-version.yml +++ b/.gitea/workflows/release-version.yml @@ -7,7 +7,7 @@ on: env: # renovate: datasource=docker depName=alpine/helm - HELM_VERSION: "3.13.2" + HELM_VERSION: "3.13.3" jobs: generate-chart-publish: diff --git a/.gitea/workflows/test-pr.yml b/.gitea/workflows/test-pr.yml index 6cef8e3..3d7c11f 100644 --- a/.gitea/workflows/test-pr.yml +++ b/.gitea/workflows/test-pr.yml @@ -16,7 +16,7 @@ env: jobs: check-and-test: runs-on: ubuntu-latest - container: alpine/helm:3.13.2 + container: alpine/helm:3.13.3 steps: - name: install tools run: | From e9d401a9ee47f7aa72fa4e75c88c989c2a76150a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 7 Jan 2024 01:35:43 +0000 Subject: [PATCH 29/55] chore(deps): update dependency helm-unittest/helm-unittest to v0.4.0 (#595) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .gitea/workflows/test-pr.yml | 2 +- .vscode/settings.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/test-pr.yml b/.gitea/workflows/test-pr.yml index 3d7c11f..4d09086 100644 --- a/.gitea/workflows/test-pr.yml +++ b/.gitea/workflows/test-pr.yml @@ -11,7 +11,7 @@ on: env: # renovate: datasource=github-releases depName=helm-unittest/helm-unittest - HELM_UNITTEST_VERSION: "v0.3.6" + HELM_UNITTEST_VERSION: "v0.4.0" jobs: check-and-test: diff --git a/.vscode/settings.json b/.vscode/settings.json index 812b1f8..d1423c9 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,6 +1,6 @@ { "yaml.schemas": { - "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.3.6/schema/helm-testsuite.json": [ + "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.4.0/schema/helm-testsuite.json": [ "/unittests/**/*.yaml" ] }, From d7cba5443f25520d906bcb026c9bf2c07a68f91c Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 7 Jan 2024 01:56:33 +0000 Subject: [PATCH 30/55] chore(deps): update subcharts (minor & patch) (#594) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 8 ++++---- Chart.yaml | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/Chart.lock b/Chart.lock index 286441f..c217ac4 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.2.26 + version: 13.2.27 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.3.5 + version: 12.3.7 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts version: 9.1.4 -digest: sha256:1f76d28f5fda7d10fe814416c6d1d1a02fd626d8b9e895d28acf3ebf3fa71780 -generated: "2023-12-28T00:15:48.963793716Z" +digest: sha256:7d42d2959fedaa06981e2626136a4db301b9ddaf2b045e1eb70b29718db8510a +generated: "2024-01-07T01:40:02.087718645Z" diff --git a/Chart.yaml b/Chart.yaml index fc997fc..2f197f1 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -36,12 +36,12 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.2.26 + version: 13.2.27 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.3.5 + version: 12.3.7 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster From 70e5da077a212ccb6c13b5b0155dd39af4ca034b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 13 Jan 2024 00:35:47 +0000 Subject: [PATCH 31/55] chore(deps): update dependency helm-unittest/helm-unittest to v0.4.1 (#599) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .gitea/workflows/test-pr.yml | 2 +- .vscode/settings.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/test-pr.yml b/.gitea/workflows/test-pr.yml index 4d09086..961f612 100644 --- a/.gitea/workflows/test-pr.yml +++ b/.gitea/workflows/test-pr.yml @@ -11,7 +11,7 @@ on: env: # renovate: datasource=github-releases depName=helm-unittest/helm-unittest - HELM_UNITTEST_VERSION: "v0.4.0" + HELM_UNITTEST_VERSION: "v0.4.1" jobs: check-and-test: diff --git a/.vscode/settings.json b/.vscode/settings.json index d1423c9..aa6b188 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,6 +1,6 @@ { "yaml.schemas": { - "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.4.0/schema/helm-testsuite.json": [ + "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.4.1/schema/helm-testsuite.json": [ "/unittests/**/*.yaml" ] }, From 5dfaca13f2f215f7d15cfed191473df20123ac6e Mon Sep 17 00:00:00 2001 From: remogeissbuehler Date: Sat, 13 Jan 2024 09:58:30 +0000 Subject: [PATCH 32/55] Allowing Custom Labels in SVC Templates (#597) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### Description of the change The change allows users of this chart to specify custom labels for the HTTP & SSH Services that get deployed. They are optional and if given are added to the standard list of labels. ### Benefits Certain use cases require labelling services to be able to select them in other places. Specifiying them directly in the helm chart avoids having to label by hand everytime. Concrete Use Case Example: Cilium Layer 2 Announcements require selecting services to announce via labels (see [docs](https://docs.cilium.io/en/stable/network/l2-announcements/#service-selector)). I would like to add a label to the SSH service, but not the HTTP Service (which is handled via an ingress). ### Possible drawbacks I don't see any, using this feature is optional :) ### Checklist - [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [X] Breaking changes are documented in the `README.md` - [X] Templating unittests are added Co-authored-by: Remo Geissbühler Co-authored-by: justusbunsi Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/597 Reviewed-by: pat-s Reviewed-by: justusbunsi Co-authored-by: remogeissbuehler Co-committed-by: remogeissbuehler --- README.md | 2 + templates/gitea/http-svc.yaml | 3 ++ templates/gitea/ssh-svc.yaml | 3 ++ unittests/deployment/svc-configuration.yaml | 51 +++++++++++++++++++++ values.yaml | 4 ++ 5 files changed, 63 insertions(+) create mode 100644 unittests/deployment/svc-configuration.yaml diff --git a/README.md b/README.md index 2c0de9e..a58b18f 100644 --- a/README.md +++ b/README.md @@ -888,6 +888,7 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo | `service.http.ipFamilies` | HTTP service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/). | `nil` | | `service.http.loadBalancerSourceRanges` | Source range filter for http loadbalancer | `[]` | | `service.http.annotations` | HTTP service annotations | `{}` | +| `service.http.labels` | HTTP service additional labels | `{}` | | `service.ssh.type` | Kubernetes service type for ssh traffic | `ClusterIP` | | `service.ssh.port` | Port number for ssh traffic | `22` | | `service.ssh.clusterIP` | ClusterIP setting for ssh autosetup for deployment is None | `None` | @@ -900,6 +901,7 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo | `service.ssh.hostPort` | HostPort for ssh service | `nil` | | `service.ssh.loadBalancerSourceRanges` | Source range filter for ssh loadbalancer | `[]` | | `service.ssh.annotations` | SSH service annotations | `{}` | +| `service.ssh.labels` | SSH service additional labels | `{}` | ### Ingress diff --git a/templates/gitea/http-svc.yaml b/templates/gitea/http-svc.yaml index 659724c..0ec7370 100644 --- a/templates/gitea/http-svc.yaml +++ b/templates/gitea/http-svc.yaml @@ -4,6 +4,9 @@ metadata: name: {{ include "gitea.fullname" . }}-http labels: {{- include "gitea.labels" . | nindent 4 }} + {{- if .Values.service.http.labels }} + {{- toYaml .Values.service.http.labels | nindent 4 }} + {{- end }} annotations: {{- toYaml .Values.service.http.annotations | nindent 4 }} spec: diff --git a/templates/gitea/ssh-svc.yaml b/templates/gitea/ssh-svc.yaml index 3e8b3c2..3ee756c 100644 --- a/templates/gitea/ssh-svc.yaml +++ b/templates/gitea/ssh-svc.yaml @@ -4,6 +4,9 @@ metadata: name: {{ include "gitea.fullname" . }}-ssh labels: {{- include "gitea.labels" . | nindent 4 }} + {{- if .Values.service.ssh.labels }} + {{- toYaml .Values.service.ssh.labels | nindent 4 }} + {{- end }} annotations: {{- toYaml .Values.service.ssh.annotations | nindent 4 }} spec: diff --git a/unittests/deployment/svc-configuration.yaml b/unittests/deployment/svc-configuration.yaml new file mode 100644 index 0000000..a032470 --- /dev/null +++ b/unittests/deployment/svc-configuration.yaml @@ -0,0 +1,51 @@ +suite: ssh-svc / http-svc template (Services configuration) +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/ssh-svc.yaml + - templates/gitea/http-svc.yaml +tests: + - it: supports adding custom labels to ssh-svc + template: templates/gitea/ssh-svc.yaml + set: + service: + ssh: + labels: + gitea/testkey: testvalue + asserts: + - equal: + path: metadata.labels["gitea/testkey"] + value: "testvalue" + + - it: keeps existing labels (ssh) + template: templates/gitea/ssh-svc.yaml + set: + service: + ssh: + labels: {} + asserts: + - exists: + path: metadata.labels["app"] + + - it: supports adding custom labels to http-svc + template: templates/gitea/http-svc.yaml + set: + service: + http: + labels: + gitea/testkey: testvalue + asserts: + - equal: + path: metadata.labels["gitea/testkey"] + value: "testvalue" + + - it: keeps existing labels (http) + template: templates/gitea/http-svc.yaml + set: + service: + http: + labels: {} + asserts: + - exists: + path: metadata.labels["app"] diff --git a/values.yaml b/values.yaml index 2736a2f..175c27f 100644 --- a/values.yaml +++ b/values.yaml @@ -106,6 +106,7 @@ service: ## @param service.http.ipFamilies HTTP service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/). ## @param service.http.loadBalancerSourceRanges Source range filter for http loadbalancer ## @param service.http.annotations HTTP service annotations + ## @param service.http.labels HTTP service additional labels http: type: ClusterIP port: 3000 @@ -118,6 +119,7 @@ service: ipFamilies: loadBalancerSourceRanges: [] annotations: {} + labels: {} ## @param service.ssh.type Kubernetes service type for ssh traffic ## @param service.ssh.port Port number for ssh traffic ## @param service.ssh.clusterIP ClusterIP setting for ssh autosetup for deployment is None @@ -130,6 +132,7 @@ service: ## @param service.ssh.hostPort HostPort for ssh service ## @param service.ssh.loadBalancerSourceRanges Source range filter for ssh loadbalancer ## @param service.ssh.annotations SSH service annotations + ## @param service.ssh.labels SSH service additional labels ssh: type: ClusterIP port: 22 @@ -143,6 +146,7 @@ service: hostPort: loadBalancerSourceRanges: [] annotations: {} + labels: {} ## @section Ingress ## @param ingress.enabled Enable ingress From f5ad4eb33d3dd1e61ea92bca4b05e029ea550b0b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 15 Jan 2024 00:20:49 +0000 Subject: [PATCH 33/55] chore(deps): update subcharts (minor & patch) (#600) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 10 +++++----- Chart.yaml | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Chart.lock b/Chart.lock index c217ac4..04b05c0 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.2.27 + version: 13.2.29 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.3.7 + version: 12.5.0 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.1.4 -digest: sha256:7d42d2959fedaa06981e2626136a4db301b9ddaf2b045e1eb70b29718db8510a -generated: "2024-01-07T01:40:02.087718645Z" + version: 9.1.5 +digest: sha256:7b064a77b50336c55e4a1e8c8c673aaea54c571a575ea2ccd43504db927bc576 +generated: "2024-01-14T00:21:33.821525206Z" diff --git a/Chart.yaml b/Chart.yaml index 2f197f1..756d4e1 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -36,15 +36,15 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.2.27 + version: 13.2.29 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.3.7 + version: 12.5.0 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.1.4 + version: 9.1.5 condition: redis-cluster.enabled From a1af5eab4ed4a6a136992e57db5c17790f0d041d Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 20 Jan 2024 00:51:24 +0000 Subject: [PATCH 34/55] chore(deps): update subcharts (minor & patch) (#603) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 10 +++++----- Chart.yaml | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Chart.lock b/Chart.lock index 04b05c0..03c6c17 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.2.29 + version: 13.3.1 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.5.0 + version: 12.7.0 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.1.5 -digest: sha256:7b064a77b50336c55e4a1e8c8c673aaea54c571a575ea2ccd43504db927bc576 -generated: "2024-01-14T00:21:33.821525206Z" + version: 9.2.1 +digest: sha256:cff9fdd51856d8f0526863d5e050427e2ef2acc44b9ea4cabb88d77a5c65ca40 +generated: "2024-01-20T00:35:15.09075348Z" diff --git a/Chart.yaml b/Chart.yaml index 756d4e1..9d5a9f3 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -36,15 +36,15 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.2.29 + version: 13.3.1 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.5.0 + version: 12.7.0 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.1.5 + version: 9.2.1 condition: redis-cluster.enabled From b84a431854f666ebbd7be511829c10d087d7d0c7 Mon Sep 17 00:00:00 2001 From: florianspk Date: Mon, 22 Jan 2024 09:33:07 +0000 Subject: [PATCH 35/55] =?UTF-8?q?Storage=20Class=20don=C2=B4t=20use=20glob?= =?UTF-8?q?al.storageClass=20(#601)=20(#602)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### Description of the change The code change ensures proper usage of gitea.persistence.storageClass, improving configuration accuracy and code readability. ### Applicable issues - fixes #601 Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/602 Reviewed-by: pat-s Co-authored-by: florianspk Co-committed-by: florianspk --- templates/_helpers.tpl | 2 +- templates/gitea/pvc.yaml | 4 +- .../storage-class-configuration.yaml | 39 +++++++++++++++++++ 3 files changed, 41 insertions(+), 4 deletions(-) create mode 100644 unittests/deployment/storage-class-configuration.yaml diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 727401c..dc76158 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -94,7 +94,7 @@ imagePullSecrets: Storage Class */}} {{- define "gitea.persistence.storageClass" -}} -{{- $storageClass := .Values.global.storageClass | default .Values.persistence.storageClass }} +{{- $storageClass := .Values.persistence.storageClass | default .Values.global.storageClass }} {{- if $storageClass }} storageClassName: {{ $storageClass | quote }} {{- end }} diff --git a/templates/gitea/pvc.yaml b/templates/gitea/pvc.yaml index 995bd10..d1b2669 100644 --- a/templates/gitea/pvc.yaml +++ b/templates/gitea/pvc.yaml @@ -14,9 +14,7 @@ spec: {{- .Values.persistence.accessModes | toYaml | nindent 4 }} {{- end }} volumeMode: Filesystem - {{- if .Values.persistence.storageClass }} - storageClassName: {{ .Values.persistence.storageClass }} - {{- end }} + {{- include "gitea.persistence.storageClass" . | nindent 2 }} {{- with .Values.persistence.volumeName }} volumeName: {{ . }} {{- end }} diff --git a/unittests/deployment/storage-class-configuration.yaml b/unittests/deployment/storage-class-configuration.yaml new file mode 100644 index 0000000..abad587 --- /dev/null +++ b/unittests/deployment/storage-class-configuration.yaml @@ -0,0 +1,39 @@ +# File: tests/gitea-storageclass-tests.yaml + +suite: storage class configuration tests + +release: + name: gitea-storageclass-tests + namespace: testing + +templates: + - templates/gitea/pvc.yaml + +tests: + - it: should set storageClassName when persistence.storageClass is defined + template: templates/gitea/pvc.yaml + set: + persistence.storageClass: "my-storage-class" + asserts: + - equal: + path: "spec.storageClassName" + value: "my-storage-class" + + - it: should set global.storageClass when persistence.storageClass is not defined + template: templates/gitea/pvc.yaml + set: + global.storageClass: "default-storage-class" + asserts: + - equal: + path: spec.storageClassName + value: "default-storage-class" + + - it: should set storageClassName when persistence.storageClass is defined and global.storageClass is defined + template: templates/gitea/pvc.yaml + set: + global.storageClass: "default-storage-class" + persistence.storageClass: "my-storage-class" + asserts: + - equal: + path: spec.storageClassName + value: "my-storage-class" From 4ed7818ec28d07f55e0c230fc44e182ff76ea385 Mon Sep 17 00:00:00 2001 From: Oliver Fueckert Date: Mon, 22 Jan 2024 09:35:58 +0000 Subject: [PATCH 36/55] Add labels to PVC manifest (#581) Hi, In reference to #580 I noticed that one cannot apply labels to the created PVC with persistance.labels. The label statement is missing in the template. best regards, Oliver. **helm-chart/templates/gitea/pvc.yaml:** ``` {{- if and .Values.persistence.enabled .Values.persistence.create }} kind: PersistentVolumeClaim apiVersion: v1 metadata: name: {{ .Values.persistence.claimName }} namespace: {{ $.Release.Namespace }} annotations: {{ .Values.persistence.annotations | toYaml | indent 4}} spec: ... ``` **values.yaml:** ``` persistence: ## @param primary.persistence.enabled Enable PostgreSQL Primary data persistence using PVC ## enabled: true ## @param primary.persistence.existingClaim Name of an existing PVC to use ## existingClaim: "" ## @param primary.persistence.mountPath The path the volume will be mounted at ## Note: useful when using custom PostgreSQL images ## mountPath: /bitnami/postgresql ## @param primary.persistence.subPath The subdirectory of the volume to mount to ## Useful in dev environments and one PV for multiple services ## subPath: "" ## @param primary.persistence.storageClass PVC Storage Class for PostgreSQL Primary data volume ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## storageClass: "" ## @param primary.persistence.accessModes PVC Access Mode for PostgreSQL volume ## accessModes: - ReadWriteOnce ## @param primary.persistence.size PVC Storage Request for PostgreSQL volume ## size: 8Gi ## @param primary.persistence.annotations Annotations for the PVC ## annotations: {} ## @param primary.persistence.labels Labels for the PVC ## labels: {} ``` ### Checklist - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) Co-authored-by: pat-s Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/581 Reviewed-by: pat-s Co-authored-by: Oliver Fueckert Co-committed-by: Oliver Fueckert --- templates/gitea/pvc.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/templates/gitea/pvc.yaml b/templates/gitea/pvc.yaml index d1b2669..601483e 100644 --- a/templates/gitea/pvc.yaml +++ b/templates/gitea/pvc.yaml @@ -6,6 +6,8 @@ metadata: namespace: {{ $.Release.Namespace }} annotations: {{ .Values.persistence.annotations | toYaml | indent 4}} + labels: +{{ .Values.persistence.labels | toYaml | indent 4}} spec: accessModes: {{- if gt .Values.replicaCount 1.0 }} From aeea86b26a6679769a62cc5cd53114e2c395c035 Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 22 Jan 2024 10:45:18 +0100 Subject: [PATCH 37/55] bump to gitea 1.21.4 --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 9d5a9f3..b529025 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -3,7 +3,7 @@ name: gitea description: Gitea Helm chart for Kubernetes type: application version: 0.0.0 -appVersion: 1.21.3 +appVersion: 1.21.4 icon: https://gitea.com/assets/img/logo.svg keywords: From 6be4f8bb973bf538527935d376f93d958456367d Mon Sep 17 00:00:00 2001 From: yardenshoham Date: Fri, 26 Jan 2024 16:27:49 +0000 Subject: [PATCH 38/55] Remove outdated comment regarding Bitnami's charts (#608) We use OCI charts from Bitnami, so this comment is no longer relevant Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/608 Reviewed-by: justusbunsi Co-authored-by: yardenshoham Co-committed-by: yardenshoham --- Chart.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index b529025..b9c7b84 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -31,7 +31,6 @@ maintainers: - name: Patrick Schratz email: patrick.schratz@gmail.com -# Bitnami charts are served from GitHub CDN - See https://github.com/bitnami/charts/issues/10539 for details dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql - name: postgresql From 829bca241d4a829db411124741f53ffbb83431bc Mon Sep 17 00:00:00 2001 From: pat-s Date: Thu, 1 Feb 2024 14:11:32 +0100 Subject: [PATCH 39/55] bump gitea to 1.21.5 --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index b9c7b84..5d0c12c 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -3,7 +3,7 @@ name: gitea description: Gitea Helm chart for Kubernetes type: application version: 0.0.0 -appVersion: 1.21.4 +appVersion: 1.21.5 icon: https://gitea.com/assets/img/logo.svg keywords: From 4d339bb05b99ff74dd4d3bed8f61b2f0c4c1c0d6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 17 Feb 2024 21:24:38 +0000 Subject: [PATCH 40/55] chore(deps): update workflow dependencies (minor & patch) (#614) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | alpine/helm | | minor | `3.13.3` -> `3.14.0` | | alpine/helm | container | minor | `3.13.3` -> `3.14.0` | | [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | devDependencies | minor | [`^0.38.0` -> `^0.39.0`](https://renovatebot.com/diffs/npm/markdownlint-cli/0.38.0/0.39.0) | --- ### Release Notes
igorshubovych/markdownlint-cli (markdownlint-cli) ### [`v0.39.0`](https://github.com/igorshubovych/markdownlint-cli/releases/tag/v0.39.0): 0.39.0 [Compare Source](https://github.com/igorshubovych/markdownlint-cli/compare/v0.38.0...v0.39.0) - Update `markdownlint` dependency to `0.33.0` - Add `MD055`/`table-pipe-style`, `MD056`/`table-column-count` - Improve `MD005`/`MD007`/`MD024`/`MD026`/`MD038` - Incorporate `micromark-extension-directive` - Improve JSON schema, document validation - Handle trailing commas in JSONC configuration - Update all dependencies via `Dependabot`
--- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Co-authored-by: pat-s Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/614 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .gitea/workflows/release-version.yml | 2 +- .gitea/workflows/test-pr.yml | 2 +- .markdownlint.yaml | 2 +- package-lock.json | 89 ++++++++++++++++------------ package.json | 2 +- 5 files changed, 55 insertions(+), 42 deletions(-) diff --git a/.gitea/workflows/release-version.yml b/.gitea/workflows/release-version.yml index 724a77e..b376d0b 100644 --- a/.gitea/workflows/release-version.yml +++ b/.gitea/workflows/release-version.yml @@ -7,7 +7,7 @@ on: env: # renovate: datasource=docker depName=alpine/helm - HELM_VERSION: "3.13.3" + HELM_VERSION: "3.14.0" jobs: generate-chart-publish: diff --git a/.gitea/workflows/test-pr.yml b/.gitea/workflows/test-pr.yml index 961f612..0df1612 100644 --- a/.gitea/workflows/test-pr.yml +++ b/.gitea/workflows/test-pr.yml @@ -16,7 +16,7 @@ env: jobs: check-and-test: runs-on: ubuntu-latest - container: alpine/helm:3.13.3 + container: alpine/helm:3.14.0 steps: - name: install tools run: | diff --git a/.markdownlint.yaml b/.markdownlint.yaml index 7b0c356..30cdea2 100644 --- a/.markdownlint.yaml +++ b/.markdownlint.yaml @@ -73,7 +73,7 @@ MD022: # MD024/no-duplicate-heading/no-duplicate-header - Multiple headings with the same content MD024: # Only check sibling headings - allow_different_nesting: true + siblings_only: true # MD025/single-title/single-h1 - Multiple top-level headings in the same document MD025: diff --git a/package-lock.json b/package-lock.json index 90cad8b..961bccf 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8,7 +8,7 @@ "license": "MIT", "devDependencies": { "@bitnami/readme-generator-for-helm": "^2.5.0", - "markdownlint-cli": "^0.38.0" + "markdownlint-cli": "^0.39.0" }, "engines": { "node": ">=16.0.0", @@ -195,9 +195,9 @@ "dev": true }, "node_modules/entities": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/entities/-/entities-3.0.1.tgz", - "integrity": "sha512-WiyBqoomrwMdFG1e0kqvASYfnlb0lp8M5o5Fw2OFq1hNZxxcNk8Ik0Xm7LxzBhuidnZB/UtBqVCgUz3kBOP51Q==", + "version": "4.5.0", + "resolved": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz", + "integrity": "sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==", "dev": true, "engines": { "node": ">=0.12" @@ -340,18 +340,18 @@ } }, "node_modules/jsonc-parser": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/jsonc-parser/-/jsonc-parser-3.2.0.tgz", - "integrity": "sha512-gfFQZrcTc8CnKXp6Y4/CBT3fTc0OVuDofpre4aEeEpSBPV5X5v4+Vmx+8snU7RLPrNHPKSgLxGo9YuQzz20o+w==", + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/jsonc-parser/-/jsonc-parser-3.2.1.tgz", + "integrity": "sha512-AilxAyFOAcK5wA1+LeaySVBrHsGQvUFCDWXKpZjzaL0PqW+xfBOttn8GNtWKFWqneyMZj41MWF9Kl6iPWLwgOA==", "dev": true }, "node_modules/linkify-it": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-4.0.1.tgz", - "integrity": "sha512-C7bfi1UZmoj8+PQx22XyeXCuBlokoyWQL5pWSP+EI6nzRylyThouddufc2c1NDIcP9k5agmN9fLpA7VNJfIiqw==", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-5.0.0.tgz", + "integrity": "sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==", "dev": true, "dependencies": { - "uc.micro": "^1.0.1" + "uc.micro": "^2.0.0" } }, "node_modules/lodash": { @@ -370,19 +370,20 @@ } }, "node_modules/markdown-it": { - "version": "13.0.2", - "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-13.0.2.tgz", - "integrity": "sha512-FtwnEuuK+2yVU7goGn/MJ0WBZMM9ZPgU9spqlFs7/A/pDIUNSOQZhUgOqYCficIuR2QaFnrt8LHqBWsbTAoI5w==", + "version": "14.0.0", + "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-14.0.0.tgz", + "integrity": "sha512-seFjF0FIcPt4P9U39Bq1JYblX0KZCjDLFFQPHpL5AzHpqPEKtosxmdq/LTVZnjfH7tjt9BxStm+wXcDBNuYmzw==", "dev": true, "dependencies": { "argparse": "^2.0.1", - "entities": "~3.0.1", - "linkify-it": "^4.0.1", - "mdurl": "^1.0.1", - "uc.micro": "^1.0.5" + "entities": "^4.4.0", + "linkify-it": "^5.0.0", + "mdurl": "^2.0.0", + "punycode.js": "^2.3.1", + "uc.micro": "^2.0.0" }, "bin": { - "markdown-it": "bin/markdown-it.js" + "markdown-it": "bin/markdown-it.mjs" } }, "node_modules/markdown-table": { @@ -399,13 +400,13 @@ } }, "node_modules/markdownlint": { - "version": "0.32.1", - "resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.32.1.tgz", - "integrity": "sha512-3sx9xpi4xlHlokGyHO9k0g3gJbNY4DI6oNEeEYq5gQ4W7UkiJ90VDAnuDl2U+yyXOUa6BX+0gf69ZlTUGIBp6A==", + "version": "0.33.0", + "resolved": "https://registry.npmjs.org/markdownlint/-/markdownlint-0.33.0.tgz", + "integrity": "sha512-4lbtT14A3m0LPX1WS/3d1m7Blg+ZwiLq36WvjQqFGsX3Gik99NV+VXp/PW3n+Q62xyPdbvGOCfjPqjW+/SKMig==", "dev": true, "dependencies": { - "markdown-it": "13.0.2", - "markdownlint-micromark": "0.1.7" + "markdown-it": "14.0.0", + "markdownlint-micromark": "0.1.8" }, "engines": { "node": ">=18" @@ -415,9 +416,9 @@ } }, "node_modules/markdownlint-cli": { - "version": "0.38.0", - "resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.38.0.tgz", - "integrity": "sha512-qkZRKJ4LVq6CJIkRIuJsEHvhWhm+FP0E7yhHvOMrrgdykgFWNYD4wuhZTjvigbJLTKPooP79yPiUDDZBCBI5JA==", + "version": "0.39.0", + "resolved": "https://registry.npmjs.org/markdownlint-cli/-/markdownlint-cli-0.39.0.tgz", + "integrity": "sha512-ZuFN7Xpsbn1Nbp0YYkeLOfXOMOfLQBik2lKRy8pVI/llmKQ2uW7x+8k5OMgF6o7XCsTDSYC/OOmeJ+3qplvnJQ==", "dev": true, "dependencies": { "commander": "~11.1.0", @@ -425,8 +426,8 @@ "glob": "~10.3.10", "ignore": "~5.3.0", "js-yaml": "^4.1.0", - "jsonc-parser": "~3.2.0", - "markdownlint": "~0.32.1", + "jsonc-parser": "~3.2.1", + "markdownlint": "~0.33.0", "minimatch": "~9.0.3", "run-con": "~1.3.2" }, @@ -493,18 +494,21 @@ } }, "node_modules/markdownlint-micromark": { - "version": "0.1.7", - "resolved": "https://registry.npmjs.org/markdownlint-micromark/-/markdownlint-micromark-0.1.7.tgz", - "integrity": "sha512-BbRPTC72fl5vlSKv37v/xIENSRDYL/7X/XoFzZ740FGEbs9vZerLrIkFRY0rv7slQKxDczToYuMmqQFN61fi4Q==", + "version": "0.1.8", + "resolved": "https://registry.npmjs.org/markdownlint-micromark/-/markdownlint-micromark-0.1.8.tgz", + "integrity": "sha512-1ouYkMRo9/6gou9gObuMDnvZM8jC/ly3QCFQyoSPCS2XV1ZClU0xpKbL1Ar3bWWRT1RnBZkWUEiNKrI2CwiBQA==", "dev": true, "engines": { "node": ">=16" + }, + "funding": { + "url": "https://github.com/sponsors/DavidAnson" } }, "node_modules/mdurl": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/mdurl/-/mdurl-1.0.1.tgz", - "integrity": "sha512-/sKlQJCBYVY9Ers9hqzKou4H6V5UWc/M59TH2dvkt+84itfnq7uFOMLpOiOS4ujvHP4etln18fmIxA5R5fll0g==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/mdurl/-/mdurl-2.0.0.tgz", + "integrity": "sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==", "dev": true }, "node_modules/minimatch": { @@ -580,6 +584,15 @@ "url": "https://github.com/sponsors/isaacs" } }, + "node_modules/punycode.js": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/punycode.js/-/punycode.js-2.3.1.tgz", + "integrity": "sha512-uxFIHU0YlHYhDQtV4R9J6a52SLx28BCjT+4ieh7IGbgwVJWO+km431c4yRlREUAsAmt/uMjQUyQHNEPf0M39CA==", + "dev": true, + "engines": { + "node": ">=6" + } + }, "node_modules/repeat-string": { "version": "1.6.1", "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz", @@ -746,9 +759,9 @@ } }, "node_modules/uc.micro": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.6.tgz", - "integrity": "sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-2.0.0.tgz", + "integrity": "sha512-DffL94LsNOccVn4hyfRe5rdKa273swqeA5DJpMOeFmEn1wCDc7nAbbB0gXlgBCL7TNzeTv6G7XVWzan7iJtfig==", "dev": true }, "node_modules/which": { diff --git a/package.json b/package.json index 138146a..32f1599 100644 --- a/package.json +++ b/package.json @@ -14,6 +14,6 @@ }, "devDependencies": { "@bitnami/readme-generator-for-helm": "^2.5.0", - "markdownlint-cli": "^0.38.0" + "markdownlint-cli": "^0.39.0" } } From 00fbf45f033a5a806730f18fba123dea6123486a Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 17 Feb 2024 21:30:54 +0000 Subject: [PATCH 41/55] chore(deps): update subcharts (minor & patch) (#613) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | minor | `13.3.1` -> `13.4.6` | | [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | minor | `12.7.0` -> `12.8.2` | | [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | minor | `9.2.1` -> `9.5.20` | --- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Co-authored-by: pat-s Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/613 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 10 +++++----- Chart.yaml | 6 +++--- unittests/dependency-major-image-check.yaml | 4 ++-- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Chart.lock b/Chart.lock index 03c6c17..5c8aa99 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.3.1 + version: 13.4.6 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.7.0 + version: 12.8.2 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.2.1 -digest: sha256:cff9fdd51856d8f0526863d5e050427e2ef2acc44b9ea4cabb88d77a5c65ca40 -generated: "2024-01-20T00:35:15.09075348Z" + version: 9.5.20 +digest: sha256:10ca7303e61effbe02163c0df6ed1a87f25d71edd44d1aadae971f56679ae985 +generated: "2024-02-17T00:21:51.363456958Z" diff --git a/Chart.yaml b/Chart.yaml index 5d0c12c..43f9930 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -35,15 +35,15 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.3.1 + version: 13.4.6 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.7.0 + version: 12.8.2 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.2.1 + version: 9.5.20 condition: redis-cluster.enabled diff --git a/unittests/dependency-major-image-check.yaml b/unittests/dependency-major-image-check.yaml index 27fd39b..d90803e 100644 --- a/unittests/dependency-major-image-check.yaml +++ b/unittests/dependency-major-image-check.yaml @@ -28,7 +28,7 @@ tests: matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^docker.io/bitnami/postgresql:16.+$ + pattern: ^registry-1.docker.io/bitnami/postgresql:16.+$ - it: "[redis-cluster] ensures we detect major image version upgrades" template: charts/redis-cluster/templates/redis-statefulset.yaml set: @@ -39,4 +39,4 @@ tests: matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^docker.io/bitnami/redis-cluster:7.+$ + pattern: ^registry-1.docker.io/bitnami/redis-cluster:7.+$ From 3ac530f66da3b7179c749a62ab96339771bba23b Mon Sep 17 00:00:00 2001 From: pat-s Date: Fri, 23 Feb 2024 07:27:46 +0000 Subject: [PATCH 42/55] Add tests for HA assertion and clean up (#611) fix #604 - Assertions in `_helpers.tpl` were not effective, removed them - Updated and indented assertions in `config.yaml` - Added tests to check the assertions Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/611 Co-authored-by: pat-s Co-committed-by: pat-s --- templates/_helpers.tpl | 20 ------------ templates/gitea/config.yaml | 57 ++++++++++++++++++---------------- unittests/deployment/HA.yaml | 59 ++++++++++++++++++++++++++++++++++++ 3 files changed, 90 insertions(+), 46 deletions(-) create mode 100644 unittests/deployment/HA.yaml diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index dc76158..45e7a28 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -3,26 +3,6 @@ Expand the name of the chart. */}} -{{- /* multiple replicas assertions */ -}} -{{- if gt .Values.replicaCount 1.0 -}} - {{- fail "When using multiple replicas, a RWX file system is required" -}} - {{- if eq (get (.Values.persistence.accessModes 0) "ReadWriteOnce") -}} - {{- fail "When using multiple replicas, a RWX file system is required" -}} - {{- end }} - - {{- if eq (get .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE") "bleve" -}} - {{- fail "When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'" -}} - {{- end }} - - {{- if and (eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve") (eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED "true") -}} - {{- fail "When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'" -}} - {{- end }} - - {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}} - {{- (printf "DEBUG: When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'") | fail -}} - {{- end }} -{{- end }} - {{- define "gitea.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} diff --git a/templates/gitea/config.yaml b/templates/gitea/config.yaml index e0eb6de..68df5f8 100644 --- a/templates/gitea/config.yaml +++ b/templates/gitea/config.yaml @@ -18,35 +18,40 @@ type: Opaque stringData: assertions: | -{{- /*assert that only one PG dep is enabled */ -}} -{{- if and (.Values.postgresql.enabled) (index .Values "postgresql-ha" "enabled") -}} - {{- fail "Only one of postgresql or postgresql-ha can be enabled at the same time." -}} -{{- end }} - -{{- /* multiple replicas assertions */ -}} -{{- if gt .Values.replicaCount 1.0 -}} - {{- if (get (get .Values.gitea.config "cron.GIT_GC_REPOS") "ENABLED") -}} - {{- fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." -}} - {{- end }} - - {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}} - {{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}} - {{- end }} - - {{- if eq (get .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE") "bleve" -}} - {{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}} - {{- end }} - {{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}} - {{- if eq (get .Values.gitea.config.indexer "REPO_INDEXER_TYPE") "bleve" -}} - {{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}} - {{- if eq (get .Values.gitea.config.indexer "REPO_INDEXER_ENABLED") "true" -}} - {{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}} + {{- /*assert that only one PG dep is enabled */ -}} + {{- if and (.Values.postgresql.enabled) (index .Values "postgresql-ha" "enabled") -}} + {{- fail "Only one of postgresql or postgresql-ha can be enabled at the same time." -}} + {{- end }} + + {{- /* multiple replicas assertions */ -}} + {{- if gt .Values.replicaCount 1.0 -}} + {{- if .Values.gitea.config.cron -}} + {{- if .Values.gitea.config.cron.GIT_GC_REPOS -}} + {{- if eq .Values.gitea.config.cron.GIT_GC_REPOS.ENABLED true -}} + {{ fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." }} + {{- end }} {{- end }} {{- end }} + + {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}} + {{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}} + {{- end }} + {{- if .Values.gitea.config.indexer -}} + {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}} + {{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}} + {{- end }} + {{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}} + {{- if eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve" -}} + {{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}} + {{- if eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED true -}} + {{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} - {{- end }} - -{{- end }} config_environment.sh: |- #!/usr/bin/env bash set -euo pipefail diff --git a/unittests/deployment/HA.yaml b/unittests/deployment/HA.yaml new file mode 100644 index 0000000..8cc4dd1 --- /dev/null +++ b/unittests/deployment/HA.yaml @@ -0,0 +1,59 @@ +suite: deployment template (HA) +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/deployment.yaml + - templates/gitea/config.yaml +tests: + - it: fails with multiple replicas and "GIT_GC_REPOS" enabled + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + persistence: + accessModes: + - ReadWriteMany + gitea: + config: + cron: + GIT_GC_REPOS: + ENABLED: true + asserts: + - failedTemplate: + errorMessage: "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." + - it: fails with multiple replicas and RWX file system not set + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + asserts: + - failedTemplate: + errorMessage: "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." + - it: fails with multiple replicas and bleve issue indexer + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + persistence: + accessModes: + - ReadWriteMany + gitea: + config: + indexer: + ISSUE_INDEXER_TYPE: bleve + asserts: + - failedTemplate: + errorMessage: "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." + - it: fails with multiple replicas and bleve repo indexer + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + persistence: + accessModes: + - ReadWriteMany + gitea: + config: + indexer: + REPO_INDEXER_TYPE: bleve + REPO_INDEXER_ENABLED: true + asserts: + - failedTemplate: + errorMessage: "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." From 0794fe5b8b589d7be7230b3f250a165fb307cd7f Mon Sep 17 00:00:00 2001 From: pat-s Date: Fri, 23 Feb 2024 08:36:10 +0100 Subject: [PATCH 43/55] bump to gitea 1.21.6 --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 43f9930..2f826f2 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -3,7 +3,7 @@ name: gitea description: Gitea Helm chart for Kubernetes type: application version: 0.0.0 -appVersion: 1.21.5 +appVersion: 1.21.6 icon: https://gitea.com/assets/img/logo.svg keywords: From a82540e7ebdedf73eb61b469dea3384b4b35cc94 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 26 Feb 2024 09:41:41 +0000 Subject: [PATCH 44/55] chore(deps): update aws-actions/configure-aws-credentials action to v4 (#619) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | action | major | `v2` -> `v4` | --- ### Release Notes
aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials) ### [`v4`](https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4) [Compare Source](https://github.com/aws-actions/configure-aws-credentials/compare/v3...v4) This tag tracks the latest v4.x.x release ### [`v3`](https://github.com/aws-actions/configure-aws-credentials/releases/tag/v3) [Compare Source](https://github.com/aws-actions/configure-aws-credentials/compare/v2...v3) This tag tracks the latest v3.x.x release
--- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/619 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .gitea/workflows/release-version.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/release-version.yml b/.gitea/workflows/release-version.yml index b376d0b..d1392b8 100644 --- a/.gitea/workflows/release-version.yml +++ b/.gitea/workflows/release-version.yml @@ -57,7 +57,7 @@ jobs: helm registry logout registry-1.docker.io - name: aws credential configure - uses: https://github.com/aws-actions/configure-aws-credentials@v2 + uses: https://github.com/aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.AWS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} From 8ee589a56fc02ddde919e0dd9ce83919688a16e9 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 26 Feb 2024 09:42:27 +0000 Subject: [PATCH 45/55] chore(deps): update crazy-max/ghaction-import-gpg action to v6 (#620) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) | action | major | `v5` -> `v6` | --- ### Release Notes
crazy-max/ghaction-import-gpg (crazy-max/ghaction-import-gpg) ### [`v6`](https://github.com/crazy-max/ghaction-import-gpg/compare/v5...v6) [Compare Source](https://github.com/crazy-max/ghaction-import-gpg/compare/v5...v6)
--- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/620 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .gitea/workflows/release-version.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/release-version.yml b/.gitea/workflows/release-version.yml index d1392b8..255221d 100644 --- a/.gitea/workflows/release-version.yml +++ b/.gitea/workflows/release-version.yml @@ -32,7 +32,7 @@ jobs: - name: Import GPG key id: import_gpg - uses: https://github.com/crazy-max/ghaction-import-gpg@v5 + uses: https://github.com/crazy-max/ghaction-import-gpg@v6 with: gpg_private_key: ${{ secrets.GPGSIGN_KEY }} passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }} From d65737681a4daa92a6dd56a97967fb98144f553e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 26 Feb 2024 09:50:40 +0000 Subject: [PATCH 46/55] chore(deps): update redis-cluster docker tag to v9.6.2 (#617) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [redis-cluster](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/redis-cluster)) | minor | `9.5.20` -> `9.6.2` | --- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Co-authored-by: pat-s Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/617 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 6 +++--- Chart.yaml | 2 +- unittests/dependency-major-image-check.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Chart.lock b/Chart.lock index 5c8aa99..0d041e7 100644 --- a/Chart.lock +++ b/Chart.lock @@ -7,6 +7,6 @@ dependencies: version: 12.8.2 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.5.20 -digest: sha256:10ca7303e61effbe02163c0df6ed1a87f25d71edd44d1aadae971f56679ae985 -generated: "2024-02-17T00:21:51.363456958Z" + version: 9.6.2 +digest: sha256:38ff6de3d4d86295d0ede2338941b91b5d6c6030b0a11248b8c295c579762280 +generated: "2024-02-24T00:22:59.731915633Z" diff --git a/Chart.yaml b/Chart.yaml index 2f826f2..abfbb84 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -45,5 +45,5 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.5.20 + version: 9.6.2 condition: redis-cluster.enabled diff --git a/unittests/dependency-major-image-check.yaml b/unittests/dependency-major-image-check.yaml index d90803e..3333510 100644 --- a/unittests/dependency-major-image-check.yaml +++ b/unittests/dependency-major-image-check.yaml @@ -39,4 +39,4 @@ tests: matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^registry-1.docker.io/bitnami/redis-cluster:7.+$ + pattern: ^docker.io/bitnami/redis-cluster:7.+$ From ab5ec8ddb9c09f6cd528514c06621d5f51c978b6 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 26 Feb 2024 09:51:06 +0000 Subject: [PATCH 47/55] chore(deps): update workflow dependencies (minor & patch) (#616) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | alpine/helm | | patch | `3.14.0` -> `3.14.2` | | alpine/helm | container | patch | `3.14.0` -> `3.14.2` | | [helm-unittest/helm-unittest](https://github.com/helm-unittest/helm-unittest) | | patch | `v0.4.1` -> `v0.4.2` | --- ### Release Notes
helm-unittest/helm-unittest (helm-unittest/helm-unittest) ### [`v0.4.2`](https://github.com/helm-unittest/helm-unittest/releases/tag/v0.4.2) [Compare Source](https://github.com/helm-unittest/helm-unittest/compare/v0.4.1...v0.4.2) **Improvements** - Improve storing generated template when debug flag enabled (credits [@​thepeak99](https://github.com/thepeak99)) - Improve development (credits [@​ivankatliarchuk](https://github.com/ivankatliarchuk)) **Fixes** - Fix global set and set override (resolves [#​210](https://github.com/helm-unittest/helm-unittest/issues/210), resolves [#​276](https://github.com/helm-unittest/helm-unittest/issues/276)) - Fix debug flag by changing name to debugPlugin flag (resolves [#​241](https://github.com/helm-unittest/helm-unittest/issues/241)) - Fix empty documentSelector (credits [@​michaelruigrok](https://github.com/michaelruigrok)) **Updates** - Update packages to latest patch versions (credits [@​ivankatliarchuk](https://github.com/ivankatliarchuk), credits [@​stavros-k](https://github.com/stavros-k), resolves [#​295](https://github.com/helm-unittest/helm-unittest/issues/295)) - Update documentation (credits [@​tochev](https://github.com/tochev))
--- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/616 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .gitea/workflows/release-version.yml | 2 +- .gitea/workflows/test-pr.yml | 4 ++-- .vscode/settings.json | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.gitea/workflows/release-version.yml b/.gitea/workflows/release-version.yml index 255221d..cab0424 100644 --- a/.gitea/workflows/release-version.yml +++ b/.gitea/workflows/release-version.yml @@ -7,7 +7,7 @@ on: env: # renovate: datasource=docker depName=alpine/helm - HELM_VERSION: "3.14.0" + HELM_VERSION: "3.14.2" jobs: generate-chart-publish: diff --git a/.gitea/workflows/test-pr.yml b/.gitea/workflows/test-pr.yml index 0df1612..80de36a 100644 --- a/.gitea/workflows/test-pr.yml +++ b/.gitea/workflows/test-pr.yml @@ -11,12 +11,12 @@ on: env: # renovate: datasource=github-releases depName=helm-unittest/helm-unittest - HELM_UNITTEST_VERSION: "v0.4.1" + HELM_UNITTEST_VERSION: "v0.4.2" jobs: check-and-test: runs-on: ubuntu-latest - container: alpine/helm:3.14.0 + container: alpine/helm:3.14.2 steps: - name: install tools run: | diff --git a/.vscode/settings.json b/.vscode/settings.json index aa6b188..43a5689 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,6 +1,6 @@ { "yaml.schemas": { - "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.4.1/schema/helm-testsuite.json": [ + "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.4.2/schema/helm-testsuite.json": [ "/unittests/**/*.yaml" ] }, From ceb6de12a83f8829a84b721c63617983b04e0d32 Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 26 Feb 2024 11:16:57 +0100 Subject: [PATCH 48/55] bump to gitea 1.21.7 --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index abfbb84..71234d7 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -3,7 +3,7 @@ name: gitea description: Gitea Helm chart for Kubernetes type: application version: 0.0.0 -appVersion: 1.21.6 +appVersion: 1.21.7 icon: https://gitea.com/assets/img/logo.svg keywords: From a3fafc90a8499ee1f4780228212f2d38fad75e9e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 3 Mar 2024 00:23:32 +0000 Subject: [PATCH 49/55] chore(deps): update redis-cluster docker tag to v9.7.0 (#621) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 6 +++--- Chart.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Chart.lock b/Chart.lock index 0d041e7..8c5fe53 100644 --- a/Chart.lock +++ b/Chart.lock @@ -7,6 +7,6 @@ dependencies: version: 12.8.2 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.6.2 -digest: sha256:38ff6de3d4d86295d0ede2338941b91b5d6c6030b0a11248b8c295c579762280 -generated: "2024-02-24T00:22:59.731915633Z" + version: 9.7.0 +digest: sha256:c11360760ebc21f1f7a509231008c3d5e888cf1f2b201d6fceeb2fcf6e89ad09 +generated: "2024-03-02T00:40:52.530453841Z" diff --git a/Chart.yaml b/Chart.yaml index 71234d7..ff6d9d3 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -45,5 +45,5 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.6.2 + version: 9.7.0 condition: redis-cluster.enabled From 6644c1701b742b70cf6d2101ef5cc48ff1c69701 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sun, 3 Mar 2024 09:37:52 +0000 Subject: [PATCH 50/55] chore(deps): update postgresql docker tag to v14 (#622) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [postgresql](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql)) | major | `13.4.6` -> `14.2.3` | --- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Co-authored-by: pat-s Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/622 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 6 +++--- Chart.yaml | 2 +- unittests/dependency-major-image-check.yaml | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Chart.lock b/Chart.lock index 8c5fe53..cd0d611 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.4.6 + version: 14.2.3 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts version: 12.8.2 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts version: 9.7.0 -digest: sha256:c11360760ebc21f1f7a509231008c3d5e888cf1f2b201d6fceeb2fcf6e89ad09 -generated: "2024-03-02T00:40:52.530453841Z" +digest: sha256:b14da4c6ff7f5017595ead81cdb957663afc99b2c72d3414c952df5f8857dd6f +generated: "2024-03-03T00:27:57.357979839Z" diff --git a/Chart.yaml b/Chart.yaml index ff6d9d3..98d1014 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -35,7 +35,7 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 13.4.6 + version: 14.2.3 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha diff --git a/unittests/dependency-major-image-check.yaml b/unittests/dependency-major-image-check.yaml index 3333510..cd25274 100644 --- a/unittests/dependency-major-image-check.yaml +++ b/unittests/dependency-major-image-check.yaml @@ -15,7 +15,7 @@ tests: matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^docker.io/bitnami/postgresql-repmgr:16.+$ + pattern: bitnami/postgresql-repmgr:16.+$ - it: "[postgresql] ensures we detect major image version upgrades" template: charts/postgresql/templates/primary/statefulset.yaml set: @@ -28,7 +28,7 @@ tests: matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^registry-1.docker.io/bitnami/postgresql:16.+$ + pattern: bitnami/postgresql:16.+$ - it: "[redis-cluster] ensures we detect major image version upgrades" template: charts/redis-cluster/templates/redis-statefulset.yaml set: @@ -39,4 +39,4 @@ tests: matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^docker.io/bitnami/redis-cluster:7.+$ + pattern: bitnami/redis-cluster:7.+$ From 2d77b626acead41a6a3af2a7611474995fe24154 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 4 Mar 2024 14:55:47 +0000 Subject: [PATCH 51/55] chore(deps): update postgresql-ha docker tag to v13 (#624) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `12.8.2` -> `13.4.5` | --- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/624 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 6 +++--- Chart.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Chart.lock b/Chart.lock index cd0d611..2852c5a 100644 --- a/Chart.lock +++ b/Chart.lock @@ -4,9 +4,9 @@ dependencies: version: 14.2.3 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.8.2 + version: 13.4.5 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts version: 9.7.0 -digest: sha256:b14da4c6ff7f5017595ead81cdb957663afc99b2c72d3414c952df5f8857dd6f -generated: "2024-03-03T00:27:57.357979839Z" +digest: sha256:d45b7e7809f0dff3b0cfb67f0e5fc6212adc8d3063d7ef4f8214333221124ced +generated: "2024-03-04T00:21:06.961651495Z" diff --git a/Chart.yaml b/Chart.yaml index 98d1014..b2ee279 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -40,7 +40,7 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 12.8.2 + version: 13.4.5 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster From d2bfa0250dea97b24fd79e798314878a68cdefcc Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Wed, 13 Mar 2024 00:35:30 +0000 Subject: [PATCH 52/55] chore(deps): update subcharts (minor & patch) (#626) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 10 +++++----- Chart.yaml | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Chart.lock b/Chart.lock index 2852c5a..0edcb97 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 14.2.3 + version: 14.3.3 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 13.4.5 + version: 13.6.1 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.7.0 -digest: sha256:d45b7e7809f0dff3b0cfb67f0e5fc6212adc8d3063d7ef4f8214333221124ced -generated: "2024-03-04T00:21:06.961651495Z" + version: 9.8.1 +digest: sha256:f703f9ca341f0d73ebb520ef7ae9e33787e24dc36a694b9132b6765e73b44e6b +generated: "2024-03-12T00:44:41.072524172Z" diff --git a/Chart.yaml b/Chart.yaml index b2ee279..85e3342 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -35,15 +35,15 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 14.2.3 + version: 14.3.3 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 13.4.5 + version: 13.6.1 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 9.7.0 + version: 9.8.1 condition: redis-cluster.enabled From 7fa896a0cee98ae1459ac263c5196b14402fede5 Mon Sep 17 00:00:00 2001 From: justusbunsi Date: Fri, 15 Mar 2024 16:02:06 +0000 Subject: [PATCH 53/55] Resolve conflicting behavior during `make readme` (#627) The current README content is a result of running markdownlint with simple fixes enabled. It shouldn't fix _any_ issues, even after generating the parameter section. Unfortunately, this is not the case right now. This resolves the long-running dispute of both tools. :wink: --- Since I already modified the `values.yaml`, I decided to include a change regarding code signing. Otherwise, it may confuse users after merging #596. Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/627 Reviewed-by: pat-s Co-authored-by: justusbunsi Co-committed-by: justusbunsi --- README.md | 10 +++++----- values.yaml | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index a58b18f..defd747 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,7 @@ - [ReadinessProbe](#readinessprobe) - [StartupProbe](#startupprobe) - [redis-cluster](#redis-cluster) - - [PostgreSQL-ha](#postgresql-ha) + - [PostgreSQL HA](#postgresql-ha) - [PostgreSQL](#postgresql) - [Advanced](#advanced) - [Contributing](#contributing) @@ -979,7 +979,7 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo | ------------------------ | ----------------------------------------------------------------- | ------------------ | | `signing.enabled` | Enable commit/action signing | `false` | | `signing.gpgHome` | GPG home directory | `/data/git/.gnupg` | -| `signing.privateKey` | Inline private gpg key for signed Gitea actions | `""` | +| `signing.privateKey` | Inline private gpg key for signed internal Git activity | `""` | | `signing.existingSecret` | Use an existing secret to store the value of `signing.privateKey` | `""` | ### Gitea @@ -1046,11 +1046,11 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo | `redis-cluster.cluster.nodes` | Number of redis cluster master nodes | `3` | | `redis-cluster.cluster.replicas` | Number of redis cluster master node replicas | `0` | -### PostgreSQL-ha +### PostgreSQL HA | Name | Description | Value | | ------------------------------------------- | ---------------------------------------------------------------- | ----------- | -| `postgresql-ha.enabled` | Enable PostgreSQL-ha | `true` | +| `postgresql-ha.enabled` | Enable PostgreSQL HA | `true` | | `postgresql-ha.postgresql.password` | Password for the `gitea` user (overrides `auth.password`) | `changeme4` | | `postgresql-ha.global.postgresql.database` | Name for a custom database to create (overrides `auth.database`) | `gitea` | | `postgresql-ha.global.postgresql.username` | Name for a custom user to create (overrides `auth.username`) | `gitea` | @@ -1059,7 +1059,7 @@ To comply with the Gitea helm chart definition of the digest parameter, a "custo | `postgresql-ha.postgresql.postgresPassword` | postgres Password | `changeme1` | | `postgresql-ha.pgpool.adminPassword` | pgpool adminPassword | `changeme3` | | `postgresql-ha.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `5432` | -| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL-ha volume | `10Gi` | +| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL HA volume | `10Gi` | ### PostgreSQL diff --git a/values.yaml b/values.yaml index 175c27f..4b6f017 100644 --- a/values.yaml +++ b/values.yaml @@ -323,7 +323,7 @@ initContainers: # ## @param signing.enabled Enable commit/action signing ## @param signing.gpgHome GPG home directory -## @param signing.privateKey Inline private gpg key for signed Gitea actions +## @param signing.privateKey Inline private gpg key for signed internal Git activity ## @param signing.existingSecret Use an existing secret to store the value of `signing.privateKey` signing: enabled: false @@ -492,9 +492,9 @@ redis-cluster: nodes: 3 # default: 6 replicas: 0 # default: 1 -## @section postgresql-ha +## @section PostgreSQL HA # -## @param postgresql-ha.enabled Enable postgresql-ha +## @param postgresql-ha.enabled Enable PostgreSQL HA ## @param postgresql-ha.postgresql.password Password for the `gitea` user (overrides `auth.password`) ## @param postgresql-ha.global.postgresql.database Name for a custom database to create (overrides `auth.database`) ## @param postgresql-ha.global.postgresql.username Name for a custom user to create (overrides `auth.username`) @@ -502,8 +502,8 @@ redis-cluster: ## @param postgresql-ha.postgresql.repmgrPassword Repmgr Password ## @param postgresql-ha.postgresql.postgresPassword postgres Password ## @param postgresql-ha.pgpool.adminPassword pgpool adminPassword -## @param postgresql-ha.service.ports.postgresql postgresql service port (overrides `service.ports.postgresql`) -## @param postgresql-ha.primary.persistence.size PVC Storage Request for postgresql-ha volume +## @param postgresql-ha.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`) +## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL HA volume postgresql-ha: global: postgresql: From 3b2b700441e91a19a535e05de3a9eab2fef0b117 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Sat, 16 Mar 2024 12:52:11 +0000 Subject: [PATCH 54/55] chore(deps): update postgresql-ha docker tag to v14 (#628) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [postgresql-ha](https://github.com/bitnami/charts) ([source](https://github.com/bitnami/charts/tree/HEAD/bitnami/postgresql-ha)) | major | `13.6.1` -> `14.0.0` | --- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://gitea.com/gitea/helm-chart/pulls/628 Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- Chart.lock | 6 +++--- Chart.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Chart.lock b/Chart.lock index 0edcb97..c3f3006 100644 --- a/Chart.lock +++ b/Chart.lock @@ -4,9 +4,9 @@ dependencies: version: 14.3.3 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 13.6.1 + version: 14.0.0 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts version: 9.8.1 -digest: sha256:f703f9ca341f0d73ebb520ef7ae9e33787e24dc36a694b9132b6765e73b44e6b -generated: "2024-03-12T00:44:41.072524172Z" +digest: sha256:7198cbc213ba08053d4896b72b59f1c8d1153542a894a82fcddfa74cf2fa4519 +generated: "2024-03-16T00:21:37.945732911Z" diff --git a/Chart.yaml b/Chart.yaml index 85e3342..5e6dce6 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -40,7 +40,7 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 13.6.1 + version: 14.0.0 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster From 2a9273d32f0c9ae89903f303dcd7c565ad5e413b Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Mon, 25 Mar 2024 00:38:32 +0000 Subject: [PATCH 55/55] chore(deps): update workflow dependencies (minor & patch) (#633) Co-authored-by: Renovate Bot Co-committed-by: Renovate Bot --- .gitea/workflows/release-version.yml | 2 +- .gitea/workflows/test-pr.yml | 4 ++-- .vscode/settings.json | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.gitea/workflows/release-version.yml b/.gitea/workflows/release-version.yml index cab0424..c4cb9a0 100644 --- a/.gitea/workflows/release-version.yml +++ b/.gitea/workflows/release-version.yml @@ -7,7 +7,7 @@ on: env: # renovate: datasource=docker depName=alpine/helm - HELM_VERSION: "3.14.2" + HELM_VERSION: "3.14.3" jobs: generate-chart-publish: diff --git a/.gitea/workflows/test-pr.yml b/.gitea/workflows/test-pr.yml index 80de36a..9139106 100644 --- a/.gitea/workflows/test-pr.yml +++ b/.gitea/workflows/test-pr.yml @@ -11,12 +11,12 @@ on: env: # renovate: datasource=github-releases depName=helm-unittest/helm-unittest - HELM_UNITTEST_VERSION: "v0.4.2" + HELM_UNITTEST_VERSION: "v0.4.4" jobs: check-and-test: runs-on: ubuntu-latest - container: alpine/helm:3.14.2 + container: alpine/helm:3.14.3 steps: - name: install tools run: | diff --git a/.vscode/settings.json b/.vscode/settings.json index 43a5689..5fb5f66 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,6 +1,6 @@ { "yaml.schemas": { - "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.4.2/schema/helm-testsuite.json": [ + "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.4.4/schema/helm-testsuite.json": [ "/unittests/**/*.yaml" ] },