diff --git a/.forgejo/workflows/build.yml b/.forgejo/workflows/build.yml index b04b08d..94e75f1 100644 --- a/.forgejo/workflows/build.yml +++ b/.forgejo/workflows/build.yml @@ -5,7 +5,7 @@ on: push: branches: - main - - release/** + - maint/** tags: - v* @@ -17,7 +17,7 @@ env: HELM_UNITTEST_VERSION: v0.4.4 # renovate: datasource=github-releases depName=helm-unittest packageName=helm-unittest/helm-unittest HELM_CHART_TESTING_VERSION: v3.10.1 # renovate: datasource=github-releases depName=chart-testing packageName=helm/chart-testing KIND_VERSION: v0.22.0 # renovate: datasource=github-releases depName=kind packageName=kubernetes-sigs/kind - KUBECTL_VERSION: v1.30.0 # renovate: datasource=github-releases depName=kubectl packageName=kubernetes/kubernetes + KUBECTL_VERSION: v1.30.1 # renovate: datasource=github-releases depName=kubectl packageName=kubernetes/kubernetes jobs: lint-node: @@ -25,7 +25,7 @@ jobs: steps: - run: cat /etc/os-release - - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: show-progress: false @@ -44,7 +44,7 @@ jobs: - run: ps axf - - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: show-progress: false fetch-depth: 0 @@ -80,14 +80,14 @@ jobs: matrix: k8s: # from https://hub.docker.com/r/kindest/node/tags - - v1.27.11 # renovate: kindest - - v1.28.7 # renovate: kindest + - v1.27.13 # renovate: kindest + - v1.28.9 # renovate: kindest - v1.29.2 # renovate: kindest steps: - run: cat /etc/os-release - - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: show-progress: false fetch-depth: 0 @@ -161,7 +161,7 @@ jobs: if: ${{ github.ref_type == 'tag' }} steps: - - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: show-progress: false fetch-depth: 0 # Important for changelog diff --git a/Chart.lock b/Chart.lock index c607ad4..e18db5d 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.2.5 + version: 15.4.2 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 14.0.5 + version: 14.1.2 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 10.0.2 -digest: sha256:9d09fe6921721c807217899dea60fb8f4ba2f3571475bb27c70efef1d7906e21 -generated: "2024-04-22T12:01:42.540957611Z" + version: 10.2.0 +digest: sha256:254031e8b9cca243d78561010203d7f88abdc72ff43a8898f58f4953dd55c8bf +generated: "2024-05-29T08:50:00.457266664Z" diff --git a/Chart.yaml b/Chart.yaml index 6434f21..6d824c5 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -4,7 +4,7 @@ description: Forgejo Helm chart for Kubernetes type: application version: 0.0.0 appVersion: 1.21.11-1 -icon: https://design.codeberg.org/logo-kit/icon.svg +icon: https://code.forgejo.org/forgejo/forgejo/raw/branch/forgejo/assets/logo.svg home: https://forgejo.org/ keywords: @@ -29,15 +29,15 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.2.5 + version: 15.4.2 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 14.0.5 + version: 14.1.2 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 10.0.2 + version: 10.2.0 condition: redis-cluster.enabled diff --git a/README.md b/README.md index 62e8c1e..fdbfb50 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ # Forgejo Helm Chart -[![status-badge](https://ci.dachary.org/api/badges/forgejo-contrib/forgejo-helm/status.svg)](https://ci.dachary.org/forgejo-contrib/forgejo-helm) - - [Introduction](#introduction) - [Update and versioning policy](#update-and-versioning-policy) - [Dependencies](#dependencies) @@ -52,7 +50,7 @@ - [ReadinessProbe](#readinessprobe) - [StartupProbe](#startupprobe) - [redis-cluster](#redis-cluster) - - [PostgreSQL-ha](#postgresql-ha) + - [PostgreSQL HA](#postgresql-ha) - [PostgreSQL](#postgresql) - [Advanced](#advanced) - [Contributing](#contributing) @@ -70,7 +68,7 @@ Additionally, this chart allows to provide LDAP and admin user configuration wit ## Update and versioning policy The Forgejo helm chart versioning does not follow Forgejo's versioning. -The latest chart version can be looked up in or in the [repository releases](https://codeberg.org/forgejo-contrib/forgejo-helm/releases). +The latest chart version can be looked up in or in the [repository releases](https://codeberg.org/forgejo-contrib/forgejo-helm/releases). The chart aims to follow Forgejo's releases closely. There might be times when the chart is behind the latest Forgejo release. @@ -974,7 +972,7 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus | ------------------------ | ----------------------------------------------------------------- | ------------------ | | `signing.enabled` | Enable commit/action signing | `false` | | `signing.gpgHome` | GPG home directory | `/data/git/.gnupg` | -| `signing.privateKey` | Inline private gpg key for signed Forgejo actions | `""` | +| `signing.privateKey` | Inline private gpg key for signed internal Git activity | `""` | | `signing.existingSecret` | Use an existing secret to store the value of `signing.privateKey` | `""` | ### Gitea @@ -1060,7 +1058,7 @@ Complete Configuration can be taken from their website. | `postgresql-ha.postgresql.postgresPassword` | postgres Password | `changeme1` | | `postgresql-ha.pgpool.adminPassword` | pgpool adminPassword | `changeme3` | | `postgresql-ha.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `5432` | -| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL-ha volume | `10Gi` | +| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL HA volume | `10Gi` | ### PostgreSQL @@ -1092,6 +1090,8 @@ Expected workflow is: Fork -> Patch -> Push -> Pull Request See [CONTRIBUTORS GUIDE](CONTRIBUTING.md) for details. +Hop into [our Matrix room](https://matrix.to/#/#forgejo-helm-chart:matrix.org) if you have any questions or want to get involved. + ## Upgrading This section lists major and breaking changes of each Helm Chart version. diff --git a/package.json b/package.json index b8b09c2..687d185 100644 --- a/package.json +++ b/package.json @@ -13,14 +13,14 @@ "readme:parameters": "readme-generator -v values.yaml -r README.md" }, "devDependencies": { - "@bitnami/readme-generator-for-helm": "^2.4.2", - "clipanion": "^3.2.1", - "conventional-changelog-conventionalcommits": "^7.0.0", - "conventional-changelog-core": "^7.0.0", - "husky": "^9.0.0", - "lint-staged": "^15.2.0", - "markdownlint-cli": "^0.39.0", - "prettier": "^3.1.0" + "@bitnami/readme-generator-for-helm": "2.6.1", + "clipanion": "3.2.1", + "conventional-changelog-conventionalcommits": "7.0.2", + "conventional-changelog-core": "7.0.0", + "husky": "9.0.11", + "lint-staged": "15.2.5", + "markdownlint-cli": "0.39.0", + "prettier": "3.2.5" }, "packageManager": "pnpm@9.0.5", "engines": { diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index a8def15..2e3f3fe 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -9,28 +9,28 @@ importers: .: devDependencies: '@bitnami/readme-generator-for-helm': - specifier: ^2.4.2 + specifier: 2.6.1 version: 2.6.1 clipanion: - specifier: ^3.2.1 + specifier: 3.2.1 version: 3.2.1(typanion@3.14.0) conventional-changelog-conventionalcommits: - specifier: ^7.0.0 + specifier: 7.0.2 version: 7.0.2 conventional-changelog-core: - specifier: ^7.0.0 + specifier: 7.0.0 version: 7.0.0 husky: - specifier: ^9.0.0 + specifier: 9.0.11 version: 9.0.11 lint-staged: - specifier: ^15.2.0 - version: 15.2.2 + specifier: 15.2.5 + version: 15.2.5 markdownlint-cli: - specifier: ^0.39.0 + specifier: 0.39.0 version: 0.39.0 prettier: - specifier: ^3.1.0 + specifier: 3.2.5 version: 3.2.5 packages: @@ -112,8 +112,8 @@ packages: brace-expansion@2.0.1: resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} - braces@3.0.2: - resolution: {integrity: sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==} + braces@3.0.3: + resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} engines: {node: '>=8'} chalk@2.4.2: @@ -157,6 +157,10 @@ packages: resolution: {integrity: sha512-yPVavfyCcRhmorC7rWlkHn15b4wDVgVmBA7kV4QVBsF7kv/9TKJAbAXVTxvTnwP8HHKjRCJDClKbciiYS7p0DQ==} engines: {node: '>=16'} + commander@12.1.0: + resolution: {integrity: sha512-Vw8qHK3bZM9y/P10u3Vib8o/DdkvA2OtPtZvD871QKjy74Wj1WSKFILMPRPSdUSx5RFK1arlJzEtA4PkFgnbuA==} + engines: {node: '>=18'} + commander@6.2.1: resolution: {integrity: sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA==} engines: {node: '>= 6'} @@ -252,8 +256,8 @@ packages: resolution: {integrity: sha512-VyhnebXciFV2DESc+p6B+y0LjSm0krU4OgJN44qFAhBY0TJ+1V61tYD2+wHusZ6F9n5K+vl8k0sTy7PEfV4qpg==} engines: {node: '>=16.17'} - fill-range@7.0.1: - resolution: {integrity: sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==} + fill-range@7.1.1: + resolution: {integrity: sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==} engines: {node: '>=8'} find-up@6.3.0: @@ -299,6 +303,7 @@ packages: glob@7.2.3: resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} + deprecated: Glob versions prior to v9 are no longer supported handlebars@4.7.8: resolution: {integrity: sha512-vafaFqs8MZkRrSX7sFVUdo3ap/eNiLnb4IakshzvP56X5Nr1iGKAIqdX6tMlm6HcNRIkr6AxO5jFEoJzzpT8aQ==} @@ -332,6 +337,7 @@ packages: inflight@1.0.6: resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} + deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. inherits@2.0.4: resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} @@ -402,8 +408,8 @@ packages: resolution: {integrity: sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg==} engines: {'0': node >= 0.2.0} - lilconfig@3.0.0: - resolution: {integrity: sha512-K2U4W2Ff5ibV7j7ydLr+zLAkIg5JJ4lPn1Ltsdt+Tz/IjQ8buJ55pZAxoP34lqIiwtF9iAvtLv3JGv7CAyAg+g==} + lilconfig@3.1.1: + resolution: {integrity: sha512-O18pf7nyvHTckunPWCV1XUNXU1piu01y2b7ATJ0ppkUkk8ocqVWBrYjJBCwHDjD/ZWcfyrA0P4gKhzWGi5EINQ==} engines: {node: '>=14'} lines-and-columns@2.0.4: @@ -413,13 +419,13 @@ packages: linkify-it@5.0.0: resolution: {integrity: sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==} - lint-staged@15.2.2: - resolution: {integrity: sha512-TiTt93OPh1OZOsb5B7k96A/ATl2AjIZo+vnzFZ6oHK5FuTk63ByDtxGQpHm+kFETjEWqgkF95M8FRXKR/LEBcw==} + lint-staged@15.2.5: + resolution: {integrity: sha512-j+DfX7W9YUvdzEZl3Rk47FhDF6xwDBV5wwsCPw6BwWZVPYJemusQmvb9bRsW23Sqsaa+vRloAWogbK4BUuU2zA==} engines: {node: '>=18.12.0'} hasBin: true - listr2@8.0.1: - resolution: {integrity: sha512-ovJXBXkKGfq+CwmKTjluEqFi3p4h8xvkxGQQAQan22YCgef4KZ1mKGjzfGh6PL6AW5Csw0QiQPNuQyH+6Xk3hA==} + listr2@8.2.1: + resolution: {integrity: sha512-irTfvpib/rNiD637xeevjO2l3Z5loZmuaRi0L0YE5LfijwVY96oyVn0DFD3o/teAok7nfobMG1THvvcHh/BP6g==} engines: {node: '>=18.0.0'} locate-path@7.2.0: @@ -471,8 +477,8 @@ packages: merge-stream@2.0.0: resolution: {integrity: sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==} - micromatch@4.0.5: - resolution: {integrity: sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==} + micromatch@4.0.7: + resolution: {integrity: sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==} engines: {node: '>=8.6'} mimic-fn@2.1.0: @@ -738,15 +744,16 @@ packages: yallist@4.0.0: resolution: {integrity: sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==} - yaml@2.3.4: - resolution: {integrity: sha512-8aAvwVUSHpfEqTQ4w/KMlf3HcRdt50E5ODIQJBw1fQ5RL34xabzxtUlzTXVqc4rkZsPbvrXKWnABCD7kWSmocA==} - engines: {node: '>= 14'} - yaml@2.4.1: resolution: {integrity: sha512-pIXzoImaqmfOrL7teGUBt/T7ZDnyeGBWyXQBvOVhLkWLN37GXv8NMLK406UY6dS51JfcQHsmcW5cJ441bHg6Lg==} engines: {node: '>= 14'} hasBin: true + yaml@2.4.2: + resolution: {integrity: sha512-B3VqDZ+JAg1nZpaEmWtTXUlBneoGx6CPM9b0TENK6aoSu5t73dItudwdgmi6tHlIZZId4dZ9skcAQ2UbcyAeVA==} + engines: {node: '>= 14'} + hasBin: true + yocto-queue@1.0.0: resolution: {integrity: sha512-9bnSc/HEW2uRy67wc+T8UwauLuPJVn28jb+GtJY16iiKWyvmYJRXVT4UamsAEGQfPohgr2q4Tq0sQbQlxTfi1g==} engines: {node: '>=12.20'} @@ -830,9 +837,9 @@ snapshots: dependencies: balanced-match: 1.0.2 - braces@3.0.2: + braces@3.0.3: dependencies: - fill-range: 7.0.1 + fill-range: 7.1.1 chalk@2.4.2: dependencies: @@ -871,6 +878,8 @@ snapshots: commander@11.1.0: {} + commander@12.1.0: {} + commander@6.2.1: {} commander@7.2.0: {} @@ -970,7 +979,7 @@ snapshots: signal-exit: 4.1.0 strip-final-newline: 3.0.0 - fill-range@7.0.1: + fill-range@7.1.1: dependencies: to-regex-range: 5.0.1 @@ -1102,7 +1111,7 @@ snapshots: jsonparse@1.3.1: {} - lilconfig@3.0.0: {} + lilconfig@3.1.1: {} lines-and-columns@2.0.4: {} @@ -1110,22 +1119,22 @@ snapshots: dependencies: uc.micro: 2.0.0 - lint-staged@15.2.2: + lint-staged@15.2.5: dependencies: chalk: 5.3.0 - commander: 11.1.0 + commander: 12.1.0 debug: 4.3.4 execa: 8.0.1 - lilconfig: 3.0.0 - listr2: 8.0.1 - micromatch: 4.0.5 + lilconfig: 3.1.1 + listr2: 8.2.1 + micromatch: 4.0.7 pidtree: 0.6.0 string-argv: 0.3.2 - yaml: 2.3.4 + yaml: 2.4.2 transitivePeerDependencies: - supports-color - listr2@8.0.1: + listr2@8.2.1: dependencies: cli-truncate: 4.0.0 colorette: 2.0.20 @@ -1192,9 +1201,9 @@ snapshots: merge-stream@2.0.0: {} - micromatch@4.0.5: + micromatch@4.0.7: dependencies: - braces: 3.0.2 + braces: 3.0.3 picomatch: 2.3.1 mimic-fn@2.1.0: {} @@ -1436,8 +1445,8 @@ snapshots: yallist@4.0.0: {} - yaml@2.3.4: {} - yaml@2.4.1: {} + yaml@2.4.2: {} + yocto-queue@1.0.0: {} diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index dc76158..30ee3b9 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -3,26 +3,6 @@ Expand the name of the chart. */}} -{{- /* multiple replicas assertions */ -}} -{{- if gt .Values.replicaCount 1.0 -}} - {{- fail "When using multiple replicas, a RWX file system is required" -}} - {{- if eq (get (.Values.persistence.accessModes 0) "ReadWriteOnce") -}} - {{- fail "When using multiple replicas, a RWX file system is required" -}} - {{- end }} - - {{- if eq (get .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE") "bleve" -}} - {{- fail "When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'" -}} - {{- end }} - - {{- if and (eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve") (eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED "true") -}} - {{- fail "When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'" -}} - {{- end }} - - {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}} - {{- (printf "DEBUG: When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'") | fail -}} - {{- end }} -{{- end }} - {{- define "gitea.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -60,7 +40,7 @@ Create image name and tag used by the deployment. {{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}} {{- $repository := .Values.image.repository -}} {{- $separator := ":" -}} -{{- $tag := .Values.image.tag | default .Chart.AppVersion -}} +{{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}} {{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}} {{- $digest := "" -}} {{- if .Values.image.digest }} diff --git a/templates/gitea/config.yaml b/templates/gitea/config.yaml index 42645eb..80e39dd 100644 --- a/templates/gitea/config.yaml +++ b/templates/gitea/config.yaml @@ -18,35 +18,40 @@ type: Opaque stringData: assertions: | -{{- /*assert that only one PG dep is enabled */ -}} -{{- if and (.Values.postgresql.enabled) (index .Values "postgresql-ha" "enabled") -}} - {{- fail "Only one of postgresql or postgresql-ha can be enabled at the same time." -}} -{{- end }} - -{{- /* multiple replicas assertions */ -}} -{{- if gt .Values.replicaCount 1.0 -}} - {{- if (get (get .Values.gitea.config "cron.GIT_GC_REPOS") "ENABLED") -}} - {{- fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." -}} - {{- end }} - - {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}} - {{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}} - {{- end }} - - {{- if eq (get .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE") "bleve" -}} - {{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}} - {{- end }} - {{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}} - {{- if eq (get .Values.gitea.config.indexer "REPO_INDEXER_TYPE") "bleve" -}} - {{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}} - {{- if eq (get .Values.gitea.config.indexer "REPO_INDEXER_ENABLED") "true" -}} - {{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}} + {{- /*assert that only one PG dep is enabled */ -}} + {{- if and (.Values.postgresql.enabled) (index .Values "postgresql-ha" "enabled") -}} + {{- fail "Only one of postgresql or postgresql-ha can be enabled at the same time." -}} + {{- end }} + + {{- /* multiple replicas assertions */ -}} + {{- if gt .Values.replicaCount 1.0 -}} + {{- if .Values.gitea.config.cron -}} + {{- if .Values.gitea.config.cron.GIT_GC_REPOS -}} + {{- if eq .Values.gitea.config.cron.GIT_GC_REPOS.ENABLED true -}} + {{ fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." }} + {{- end }} + {{- end }} + {{- end }} + + {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}} + {{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}} + {{- end }} + {{- if .Values.gitea.config.indexer -}} + {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}} + {{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}} + {{- end }} + {{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}} + {{- if eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve" -}} + {{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}} + {{- if eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED true -}} + {{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}} + {{- end }} + {{- end }} + {{- end }} {{- end }} {{- end }} - {{- end }} - {{- end }} -{{- end }} + {{- end }} config_environment.sh: |- #!/usr/bin/env bash set -euo pipefail diff --git a/templates/gitea/deployment.yaml b/templates/gitea/deployment.yaml index 247a560..ca1bdd9 100644 --- a/templates/gitea/deployment.yaml +++ b/templates/gitea/deployment.yaml @@ -8,6 +8,9 @@ metadata: {{- end }} labels: {{- include "gitea.labels" . | nindent 4 }} + {{- if .Values.deployment.labels }} + {{- toYaml .Values.deployment.labels | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.replicaCount }} strategy: @@ -397,4 +400,4 @@ spec: {{- else if not .Values.persistence.enabled }} - name: data emptyDir: {} - {{- end }} + {{- end }} \ No newline at end of file diff --git a/unittests/deployment/HA.yaml b/unittests/deployment/HA.yaml new file mode 100644 index 0000000..aeecad6 --- /dev/null +++ b/unittests/deployment/HA.yaml @@ -0,0 +1,59 @@ +suite: deployment template (HA) +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/deployment.yaml + - templates/gitea/config.yaml +tests: + - it: fails with multiple replicas and "GIT_GC_REPOS" enabled + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + persistence: + accessModes: + - ReadWriteMany + gitea: + config: + cron: + GIT_GC_REPOS: + ENABLED: true + asserts: + - failedTemplate: + errorMessage: "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." + - it: fails with multiple replicas and RWX file system not set + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + asserts: + - failedTemplate: + errorMessage: 'When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany.' + - it: fails with multiple replicas and bleve issue indexer + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + persistence: + accessModes: + - ReadWriteMany + gitea: + config: + indexer: + ISSUE_INDEXER_TYPE: bleve + asserts: + - failedTemplate: + errorMessage: "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." + - it: fails with multiple replicas and bleve repo indexer + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + persistence: + accessModes: + - ReadWriteMany + gitea: + config: + indexer: + REPO_INDEXER_TYPE: bleve + REPO_INDEXER_ENABLED: true + asserts: + - failedTemplate: + errorMessage: "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." diff --git a/unittests/deployment/basic.yaml b/unittests/deployment/basic.yaml index bfcb9f2..133a7c2 100644 --- a/unittests/deployment/basic.yaml +++ b/unittests/deployment/basic.yaml @@ -15,3 +15,17 @@ tests: kind: Deployment apiVersion: apps/v1 name: forgejo-unittests + - it: deployment labels are set + template: templates/gitea/deployment.yaml + set: + deployment.labels: + hello: world + asserts: + - isSubset: + path: metadata.labels + content: + hello: world + - isSubset: + path: spec.template.metadata.labels + content: + hello: world diff --git a/unittests/deployment/image-configuration.yaml b/unittests/deployment/image-configuration.yaml index ab63f3d..9d15f54 100644 --- a/unittests/deployment/image-configuration.yaml +++ b/unittests/deployment/image-configuration.yaml @@ -91,3 +91,20 @@ tests: - equal: path: spec.template.spec.containers[0].image value: 'global.example.com/forgejo/forgejo:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a' + - it: correctly renders floating tag references + template: templates/gitea/deployment.yaml + set: + image.tag: 1.21 # use non-quoted value on purpose. See: https://gitea.com/gitea/helm-chart/issues/631 + asserts: + - equal: + path: spec.template.spec.initContainers[0].image + value: 'codeberg.org/forgejo/forgejo:1.21-rootless' + - equal: + path: spec.template.spec.initContainers[1].image + value: 'codeberg.org/forgejo/forgejo:1.21-rootless' + - equal: + path: spec.template.spec.initContainers[2].image + value: 'codeberg.org/forgejo/forgejo:1.21-rootless' + - equal: + path: spec.template.spec.containers[0].image + value: 'codeberg.org/forgejo/forgejo:1.21-rootless' diff --git a/unittests/init/init_directory_structure.sh-rootless.yaml b/unittests/init/init_directory_structure.sh-rootless.yaml index 29dac81..ea5f3cf 100644 --- a/unittests/init/init_directory_structure.sh-rootless.yaml +++ b/unittests/init/init_directory_structure.sh-rootless.yaml @@ -1,6 +1,6 @@ -suite: Init template +suite: Init template (rootless) release: - name: gitea-unittests + name: forgejo-unittests namespace: testing templates: - templates/gitea/init.yaml @@ -67,7 +67,6 @@ tests: chown 1000:1000 "${GNUPGHOME}" fi - it: it does not chown /data even when image.fullOverride is set - template: templates/gitea/init.yaml set: image.fullOverride: gitea/gitea:1.20.5 asserts: diff --git a/values.yaml b/values.yaml index 9c29b77..ceff9c0 100644 --- a/values.yaml +++ b/values.yaml @@ -323,7 +323,7 @@ initContainers: # ## @param signing.enabled Enable commit/action signing ## @param signing.gpgHome GPG home directory -## @param signing.privateKey Inline private gpg key for signed Forgejo actions +## @param signing.privateKey Inline private gpg key for signed internal Git activity ## @param signing.existingSecret Use an existing secret to store the value of `signing.privateKey` signing: enabled: false @@ -512,7 +512,7 @@ redis-cluster: ## @param postgresql-ha.postgresql.postgresPassword postgres Password ## @param postgresql-ha.pgpool.adminPassword pgpool adminPassword ## @param postgresql-ha.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`) -## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL-ha volume +## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL HA volume postgresql-ha: global: postgresql: