feat!: upstream changes (#47)

GPG feature has breaking changes

Co-authored-by: robv89r <robv8r@noreply.gitea.io>
Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.io>
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Reviewed-on: https://codeberg.org/forgejo-contrib/forgejo-helm/pulls/47

unittests/statefulset/basic.yaml

@@ -0,0 +1,17 @@
+suite: Statefulset template (basic)
+release:
+  name: forgejo-unittests
+  namespace: testing
+templates:
+  - templates/gitea/statefulset.yaml
+  - templates/gitea/config.yaml
+tests:
+  - it: renders a statefulset
+    template: templates/gitea/statefulset.yaml
+    asserts:
+      - hasDocuments:
+          count: 1
+      - containsDocument:
+          kind: StatefulSet  
+          apiVersion: apps/v1
+          name: forgejo-unittests

unittests/statefulset/signing-disabled.yaml

@@ -0,0 +1,40 @@
+suite: Statefulset template (signing disabled)
+release:
+  name: forgejo-unittests
+  namespace: testing
+templates:
+  - templates/gitea/statefulset.yaml
+  - templates/gitea/config.yaml
+tests:
+  - it: skips gpg init container
+    template: templates/gitea/statefulset.yaml
+    asserts:
+      - notContains:
+          path: spec.template.spec.initContainers
+          any: true
+          content:
+            name: configure-gpg
+  - it: skips gpg env in `init-directories` init container
+    template: templates/gitea/statefulset.yaml
+    set:
+      signing.enabled: true
+    asserts:
+      - contains:
+          path: spec.template.spec.initContainers[0].env
+          content:
+            name: GNUPGHOME
+            value: /data/git/.gnupg
+  - it: skips gpg env in runtime container
+    template: templates/gitea/statefulset.yaml
+    asserts:
+      - notContains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: GNUPGHOME
+  - it: skips gpg volume spec
+    template: templates/gitea/statefulset.yaml
+    asserts:
+      - notContains:
+          path: spec.template.spec.volumes
+          content:
+            name: gpg-private-key

unittests/statefulset/signing-enabled.yaml

@@ -0,0 +1,93 @@
+suite: Statefulset template (signing enabled)
+release:
+  name: forgejo-unittests
+  namespace: testing
+templates:
+  - templates/gitea/statefulset.yaml
+  - templates/gitea/config.yaml
+tests:
+  - it: adds gpg init container
+    template: templates/gitea/statefulset.yaml
+    set:
+      signing:
+        enabled: true
+        existingSecret: "custom-gpg-secret"
+    asserts:
+      - equal:
+          path: spec.template.spec.initContainers[2].name
+          value: configure-gpg
+      - equal:
+          path: spec.template.spec.initContainers[2].command
+          value: ["/usr/sbin/configure_gpg_environment.sh"]
+      - equal:
+          path: spec.template.spec.initContainers[2].securityContext
+          value:
+            runAsUser: 1000
+      - equal:
+          path: spec.template.spec.initContainers[2].env
+          value:
+            - name: GNUPGHOME
+              value: /data/git/.gnupg
+      - equal:
+          path: spec.template.spec.initContainers[2].volumeMounts
+          value:
+            - name: init
+              mountPath: /usr/sbin
+            - name: data
+              mountPath: /data
+            - name: gpg-private-key
+              mountPath: /raw
+              readOnly: true
+  - it: adds gpg env in `init-directories` init container
+    template: templates/gitea/statefulset.yaml
+    set:
+      signing.enabled: true
+    asserts:
+      - contains:
+          path: spec.template.spec.initContainers[0].env
+          content:
+            name: GNUPGHOME
+            value: /data/git/.gnupg
+  - it: adds gpg env in runtime container
+    template: templates/gitea/statefulset.yaml
+    set:
+      signing.enabled: true
+    asserts:
+      - contains:
+          path: spec.template.spec.containers[0].env
+          content:
+            name: GNUPGHOME
+            value: /data/git/.gnupg
+  - it: adds gpg volume spec
+    template: templates/gitea/statefulset.yaml
+    set:
+      signing:
+        enabled: true
+    asserts:
+      - contains:
+          path: spec.template.spec.volumes
+          content:
+            name: gpg-private-key
+            secret:
+              secretName: forgejo-unittests-gpg-key
+              items:
+                - key: privateKey
+                  path: private.asc
+              defaultMode: 0100
+  - it: supports gpg volume spec with external reference
+    template: templates/gitea/statefulset.yaml
+    set:
+      signing:
+        enabled: true
+        existingSecret: custom-gpg-secret
+    asserts:
+      - contains:
+          path: spec.template.spec.volumes
+          content:
+            name: gpg-private-key
+            secret:
+              secretName: custom-gpg-secret
+              items:
+                - key: privateKey
+                  path: private.asc
+              defaultMode: 0100