feat!: port updates from Gitea 10.1.1 chart (#356)

Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-authored-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-authored-by: remogeissbuehler <remogeissbuehler@noreply.gitea.com> Co-authored-by: florianspk <florianspk@gmail.com> Co-authored-by: Oliver Fueckert <oliver@cubinet.de> Co-authored-by: Michael Kriese <michael.kriese@gmx.de> Reviewed-on: https://codeberg.org/forgejo-contrib/forgejo-helm/pulls/356 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: alexandra catalina <git@garbage.world> Co-committed-by: alexandra catalina <git@garbage.world>
2024-02-21 21:52:42 +00:00 · 2024-02-21 21:52:42 +00:00 · 4cc8fb9f35
commit 4cc8fb9f35
parent 02d4ec569d
14 changed files with 398 additions and 26 deletions
--- a/templates/gitea/config.yaml
+++ b/templates/gitea/config.yaml
@ -45,7 +45,7 @@ stringData:
      {{- end }}
    {{- end }}
  {{- end }}
-  
+
 {{- end }}
  config_environment.sh: |-
    #!/usr/bin/env bash
@ -63,7 +63,7 @@ stringData:
        # skip empty line
        return
      fi
-      
+
      # 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line
      local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)"

@ -173,8 +173,10 @@ stringData:
      env2ini::log "...Initial secrets generated\n"
    }

-    env | (grep FORGEJO || [[ $? == 1 ]]) > /tmp/existing-envs
-    
+    # save existing envs prior to script execution. Necessary to keep order of
+    # preexisting and custom envs
+    env | (grep -e '^FORGEJO__' || [[ $? == 1 ]]) > /tmp/existing-envs
+
    # MUST BE CALLED BEFORE OTHER CONFIGURATION
    env2ini::generate_initial_secrets

--- a/templates/gitea/http-svc.yaml
+++ b/templates/gitea/http-svc.yaml
@ -4,6 +4,9 @@ metadata:
  name: {{ include "gitea.fullname" . }}-http
  labels:
    {{- include "gitea.labels" . | nindent 4 }}
+    {{- if .Values.service.http.labels }}
+    {{- toYaml .Values.service.http.labels  | nindent 4 }}
+    {{- end }}
  annotations:
    {{- toYaml .Values.service.http.annotations | nindent 4 }}
 spec:
--- a/templates/gitea/init.yaml
+++ b/templates/gitea/init.yaml
@ -86,7 +86,28 @@ stringData:

    {{- if or .Values.gitea.admin.existingSecret (and .Values.gitea.admin.username .Values.gitea.admin.password) }}
    function configure_admin_user() {
-      local ACCOUNT_ID=$(gitea admin user list --admin | grep -e "\s\+${GITEA_ADMIN_USERNAME}\s\+" | awk -F " " "{printf \$1}")
+      local full_admin_list=$(gitea admin user list --admin)
+      local actual_user_table=''
+
+      # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line
+      local regex="(.*)(ID\s+Username\s+Email\s+IsActive.*)"
+      if [[ "${full_admin_list}" =~ $regex ]]; then
+        actual_user_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline
+      else
+        # This code block should never be reached, as long as the output table header remains the same.
+        # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.
+
+        echo "ERROR: 'configure_admin_user' was not able to determine the current list of admin users."
+        echo "       Please review the output of 'gitea admin user list --admin' shown below."
+        echo "       If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues."
+        echo "DEBUG: Output of 'gitea admin user list --admin'"
+        echo "--"
+        echo "${full_admin_list}"
+        echo "--"
+        exit 1
+      fi
+
+      local ACCOUNT_ID=$(echo "${actual_user_table}" | grep -E "\s+${GITEA_ADMIN_USERNAME}\s+" | awk -F " " "{printf \$1}")
      if [[ -z "${ACCOUNT_ID}" ]]; then
        echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..."
        gitea admin user create --admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }} --must-change-password=false
@ -105,7 +126,28 @@ stringData:
      {{- if .Values.gitea.ldap }}
      {{- range $idx, $value := .Values.gitea.ldap }}
      local LDAP_NAME={{ (printf "%s" $value.name) | squote }}
-      local GITEA_AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " "  "{print \$1}")
+      local full_auth_list=$(gitea admin auth list --vertical-bars)
+      local actual_auth_table=''
+
+      # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line
+      local regex="(.*)(ID\s+\|Name\s+\|Type\s+\|Enabled.*)"
+      if [[ "${full_auth_list}" =~ $regex ]]; then
+        actual_auth_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline
+      else
+        # This code block should never be reached, as long as the output table header remains the same.
+        # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.
+
+        echo "ERROR: 'configure_ldap' was not able to determine the current list of authentication sources."
+        echo "       Please review the output of 'gitea admin auth list --vertical-bars' shown below."
+        echo "       If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues."
+        echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'"
+        echo "--"
+        echo "${full_auth_list}"
+        echo "--"
+        exit 1
+      fi
+
+      local GITEA_AUTH_ID=$(echo "${actual_auth_table}" | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " "  "{print \$1}")

      if [[ -z "${GITEA_AUTH_ID}" ]]; then
        echo "No ldap configuration found with name '${LDAP_NAME}'. Installing it now..."
@ -128,7 +170,28 @@ stringData:
      {{- if .Values.gitea.oauth }}
      {{- range $idx, $value := .Values.gitea.oauth }}
      local OAUTH_NAME={{ (printf "%s" $value.name) | squote }}
-      local AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " "  "{print \$1}")
+      local full_auth_list=$(gitea admin auth list --vertical-bars)
+      local actual_auth_table=''
+
+      # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line
+      local regex="(.*)(ID\s+\|Name\s+\|Type\s+\|Enabled.*)"
+      if [[ "${full_auth_list}" =~ $regex ]]; then
+        actual_auth_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline
+      else
+        # This code block should never be reached, as long as the output table header remains the same.
+        # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.
+
+        echo "ERROR: 'configure_oauth' was not able to determine the current list of authentication sources."
+        echo "       Please review the output of 'gitea admin auth list --vertical-bars' shown below."
+        echo "       If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues."
+        echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'"
+        echo "--"
+        echo "${full_auth_list}"
+        echo "--"
+        exit 1
+      fi
+
+      local AUTH_ID=$(echo "${actual_auth_table}" | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " "  "{print \$1}")

      if [[ -z "${AUTH_ID}" ]]; then
        echo "No oauth configuration found with name '${OAUTH_NAME}'. Installing it now..."
--- a/templates/gitea/pvc.yaml
+++ b/templates/gitea/pvc.yaml
@ -6,6 +6,10 @@ metadata:
  namespace: {{ $.Release.Namespace }}
  annotations:
 {{ .Values.persistence.annotations | toYaml | indent 4}}
+{{- if .Values.persistence.labels }}
+  labels:
+{{ .Values.persistence.labels | toYaml | indent 4}}
+{{- end }}
 spec:
  accessModes:
  {{- if gt .Values.replicaCount 1.0 }}
@ -14,13 +18,11 @@ spec:
    {{- .Values.persistence.accessModes | toYaml | nindent 4 }}
  {{- end }}
  volumeMode: Filesystem
-  {{- if .Values.persistence.storageClass }}
-  storageClassName: {{ .Values.persistence.storageClass }}
-  {{- end }}
+  {{- include "gitea.persistence.storageClass" . | nindent 2 }}
  {{- with .Values.persistence.volumeName }}
  volumeName: {{ . }}
  {{- end }}
  resources:
    requests:
      storage: {{ .Values.persistence.size }}
-{{- end }}
+{{- end }}
--- a/templates/gitea/ssh-svc.yaml
+++ b/templates/gitea/ssh-svc.yaml
@ -4,6 +4,9 @@ metadata:
  name: {{ include "gitea.fullname" . }}-ssh
  labels:
    {{- include "gitea.labels" . | nindent 4 }}
+    {{- if .Values.service.ssh.labels }}
+    {{- toYaml .Values.service.ssh.labels  | nindent 4 }}
+    {{- end }}
  annotations:
    {{- toYaml .Values.service.ssh.annotations | nindent 4 }}
 spec: