diff --git a/.forgejo/workflows/build.yml b/.forgejo/workflows/build.yml index e221ec5..abdfa4c 100644 --- a/.forgejo/workflows/build.yml +++ b/.forgejo/workflows/build.yml @@ -5,7 +5,7 @@ on: push: branches: - main - - maint/** + - release/** tags: - v* @@ -13,7 +13,7 @@ permissions: contents: read env: - HELM_VERSION: v3.15.1 # renovate: datasource=github-releases depName=helm packageName=helm/helm + HELM_VERSION: v3.15.0 # renovate: datasource=github-releases depName=helm packageName=helm/helm HELM_UNITTEST_VERSION: v0.5.1 # renovate: datasource=github-releases depName=helm-unittest packageName=helm-unittest/helm-unittest HELM_CHART_TESTING_VERSION: v3.11.0 # renovate: datasource=github-releases depName=chart-testing packageName=helm/chart-testing KIND_VERSION: v0.23.0 # renovate: datasource=github-releases depName=kind packageName=kubernetes-sigs/kind @@ -83,7 +83,6 @@ jobs: - v1.27.13 # renovate: kindest - v1.28.9 # renovate: kindest - v1.29.4 # renovate: kindest - - v1.30.0 # renovate: kindest steps: - run: cat /etc/os-release diff --git a/.node-version b/.node-version index 48b14e6..f203ab8 100644 --- a/.node-version +++ b/.node-version @@ -1 +1 @@ -20.14.0 +20.13.1 diff --git a/Chart.lock b/Chart.lock index 4c96f8b..4c738d0 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.5.0 + version: 15.4.0 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 14.1.3 + version: 14.1.0 - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 10.2.0 -digest: sha256:f7feb678e253951354014684cca973ce7656aa8fd812e627534257dad7765069 -generated: "2024-05-29T18:01:33.490509906Z" + version: 10.0.6 +digest: sha256:f5fa526c8388d241f9ed32007993893dd67a6eb9374644e7a7787824e2430349 +generated: "2024-05-23T13:45:46.804717004Z" diff --git a/Chart.yaml b/Chart.yaml index 8ffd13a..8eac68c 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: forgejo description: Forgejo Helm chart for Kubernetes type: application -version: 0.1.0 +version: 0.0.0 appVersion: 7.0.3 icon: https://code.forgejo.org/forgejo/forgejo/raw/branch/forgejo/assets/logo.svg home: https://forgejo.org/ @@ -29,15 +29,15 @@ dependencies: # https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 15.5.0 + version: 15.4.0 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 14.1.3 + version: 14.1.0 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 10.2.0 + version: 10.0.6 condition: redis-cluster.enabled diff --git a/README.md b/README.md index ced63dc..86d7987 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,7 @@ - [ReadinessProbe](#readinessprobe) - [StartupProbe](#startupprobe) - [redis-cluster](#redis-cluster) - - [PostgreSQL HA](#postgresql-ha) + - [PostgreSQL-ha](#postgresql-ha) - [PostgreSQL](#postgresql) - [Advanced](#advanced) - [Contributing](#contributing) @@ -68,7 +68,7 @@ Additionally, this chart allows to provide LDAP and admin user configuration wit ## Update and versioning policy The Forgejo helm chart versioning does not follow Forgejo's versioning. -The latest chart version can be looked up in or in the [repository releases](https://codeberg.org/forgejo-contrib/forgejo-helm/releases). +The latest chart version can be looked up in or in the [repository releases](https://codeberg.org/forgejo-contrib/forgejo-helm/releases). The chart aims to follow Forgejo's releases closely. There might be times when the chart is behind the latest Forgejo release. @@ -982,7 +982,7 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus | ------------------------ | ----------------------------------------------------------------- | ------------------ | | `signing.enabled` | Enable commit/action signing | `false` | | `signing.gpgHome` | GPG home directory | `/data/git/.gnupg` | -| `signing.privateKey` | Inline private gpg key for signed internal Git activity | `""` | +| `signing.privateKey` | Inline private gpg key for signed Forgejo actions | `""` | | `signing.existingSecret` | Use an existing secret to store the value of `signing.privateKey` | `""` | ### Gitea @@ -1122,7 +1122,7 @@ Complete Configuration can be taken from their website. | `postgresql-ha.postgresql.postgresPassword` | postgres Password | `changeme1` | | `postgresql-ha.pgpool.adminPassword` | pgpool adminPassword | `changeme3` | | `postgresql-ha.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `5432` | -| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL HA volume | `10Gi` | +| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL-ha volume | `10Gi` | ### PostgreSQL @@ -1161,8 +1161,3 @@ Hop into [our Matrix room](https://matrix.to/#/#forgejo-helm-chart:matrix.org) i This section lists major and breaking changes of each Helm Chart version. Please read them carefully to upgrade successfully, especially the change of the **default database backend**! If you miss this, blindly upgrading may delete your Postgres instance and you may lose your data! - -### To v6.0.0 - -You need Forgejo v7+ to use this Helm Chart version. -Use the v5 Helm Chart for Forgejo v1.21. diff --git a/forgejo-0.1.0.tgz b/forgejo-0.1.0.tgz deleted file mode 100644 index ee32efa..0000000 Binary files a/forgejo-0.1.0.tgz and /dev/null differ diff --git a/package.json b/package.json index a2fbceb..17a874a 100644 --- a/package.json +++ b/package.json @@ -18,11 +18,11 @@ "conventional-changelog-conventionalcommits": "8.0.0", "conventional-changelog-core": "8.0.0", "husky": "9.0.11", - "lint-staged": "15.2.5", - "markdownlint-cli": "0.41.0", + "lint-staged": "15.2.4", + "markdownlint-cli": "0.40.0", "prettier": "3.2.5" }, - "packageManager": "pnpm@9.1.3", + "packageManager": "pnpm@9.1.2", "engines": { "node": "^18.12.0 || >=20.9.0", "pnpm": "^9.0.0" diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 304868f..9a2dd2d 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -24,11 +24,11 @@ importers: specifier: 9.0.11 version: 9.0.11 lint-staged: - specifier: 15.2.5 - version: 15.2.5 + specifier: 15.2.4 + version: 15.2.4 markdownlint-cli: - specifier: 0.41.0 - version: 0.41.0 + specifier: 0.40.0 + version: 0.40.0 prettier: specifier: 3.2.5 version: 3.2.5 @@ -164,6 +164,10 @@ packages: colorette@2.0.20: resolution: {integrity: sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==} + commander@12.0.0: + resolution: {integrity: sha512-MwVNWlYjDTtOjX5PiD7o5pK0UrFU/OYgcJfjjK4RaHZETNtjJqrZa9Y9ds88+A+f+d5lv+561eZ+yCKoS3gbAA==} + engines: {node: '>=18'} + commander@12.1.0: resolution: {integrity: sha512-Vw8qHK3bZM9y/P10u3Vib8o/DdkvA2OtPtZvD871QKjy74Wj1WSKFILMPRPSdUSx5RFK1arlJzEtA4PkFgnbuA==} engines: {node: '>=18'} @@ -300,14 +304,13 @@ packages: engines: {node: '>=18'} hasBin: true - glob@10.4.1: - resolution: {integrity: sha512-2jelhlq3E4ho74ZyVLN03oKdAZVUa6UDZzFLVH1H7dnoax+y9qyaq8zBkfDIggjniU19z0wU18y16jMB2eyVIw==} - engines: {node: '>=16 || 14 >=14.18'} + glob@10.3.12: + resolution: {integrity: sha512-TCNv8vJ+xz4QiqTpfOJA7HvYv+tNIRHKfUWw/q+v2jdgN4ebz+KY9tGx5J4rHP0o84mNP+ApH66HRX8us3Khqg==} + engines: {node: '>=16 || 14 >=14.17'} hasBin: true glob@7.2.3: resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} - deprecated: Glob versions prior to v9 are no longer supported handlebars@4.7.8: resolution: {integrity: sha512-vafaFqs8MZkRrSX7sFVUdo3ap/eNiLnb4IakshzvP56X5Nr1iGKAIqdX6tMlm6HcNRIkr6AxO5jFEoJzzpT8aQ==} @@ -345,7 +348,6 @@ packages: inflight@1.0.6: resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} - deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. inherits@2.0.4: resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} @@ -384,8 +386,8 @@ packages: isexe@2.0.0: resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==} - jackspeak@3.1.2: - resolution: {integrity: sha512-kWmLKn2tRtfYMF/BakihVVRzBKOxz4gJMiL2Rj91WnAB5TPZumSH99R/Yf1qE1u4uRimvCSJfm6hnxohXeEXjQ==} + jackspeak@2.3.6: + resolution: {integrity: sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==} engines: {node: '>=14'} js-tokens@4.0.0: @@ -409,8 +411,8 @@ packages: linkify-it@5.0.0: resolution: {integrity: sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==} - lint-staged@15.2.5: - resolution: {integrity: sha512-j+DfX7W9YUvdzEZl3Rk47FhDF6xwDBV5wwsCPw6BwWZVPYJemusQmvb9bRsW23Sqsaa+vRloAWogbK4BUuU2zA==} + lint-staged@15.2.4: + resolution: {integrity: sha512-3F9KRQIS2fVDGtCkBp4Bx0jswjX7zUcKx6OF0ZeY1prksUyKPRIIUqZhIUYAstJfvj6i48VFs4dwVIbCYwvTYQ==} engines: {node: '>=18.12.0'} hasBin: true @@ -440,8 +442,8 @@ packages: markdown-table@2.0.0: resolution: {integrity: sha512-Ezda85ToJUBhM6WGaG6veasyym+Tbs3cMAw/ZhOPqXiYsr0jgocBV3j3nx+4lk47plLlIqjwuTm/ywVI+zjJ/A==} - markdownlint-cli@0.41.0: - resolution: {integrity: sha512-kp29tKrMKdn+xonfefjp3a/MsNzAd9c5ke0ydMEI9PR98bOjzglYN4nfMSaIs69msUf1DNkgevAIAPtK2SeX0Q==} + markdownlint-cli@0.40.0: + resolution: {integrity: sha512-JXhI3dRQcaqwiFYpPz6VJ7aKYheD53GmTz9y4D/d0F1MbZDGOp9pqKlbOfUX/pHP/iAoeiE4wYRmk8/kjLakxA==} engines: {node: '>=18'} hasBin: true @@ -463,8 +465,8 @@ packages: merge-stream@2.0.0: resolution: {integrity: sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==} - micromatch@4.0.7: - resolution: {integrity: sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==} + micromatch@4.0.6: + resolution: {integrity: sha512-Y4Ypn3oujJYxJcMacVgcs92wofTHxp9FzfDpQON4msDefoC0lb3ETvQLOdLcbhSwU1bz8HrL/1sygfBIHudrkQ==} engines: {node: '>=8.6'} mimic-fn@2.1.0: @@ -485,8 +487,8 @@ packages: minimist@1.2.8: resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==} - minipass@7.1.2: - resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} + minipass@7.0.4: + resolution: {integrity: sha512-jYofLM5Dam9279rdkWzqHozUo4ybjdZmCsDHePy5V/PbBcVMiSZR97gmAy45aqi8CK1lG2ECd356FU86avfwUQ==} engines: {node: '>=16 || 14 >=14.17'} ms@2.1.2: @@ -530,13 +532,13 @@ packages: resolution: {integrity: sha512-haREypq7xkM7ErfgIyA0z+Bj4AGKlMSdlQE2jvJo6huWD1EdkKYV+G/T4nq0YEF2vgTT8kqMFKo1uHn950r4SQ==} engines: {node: '>=12'} - path-scurry@1.11.1: - resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==} - engines: {node: '>=16 || 14 >=14.18'} + path-scurry@1.10.2: + resolution: {integrity: sha512-7xTavNy5RQXnsjANvVvMkEjvloOinkAjv/Z6Ildz9v2RinZ4SBKTWFOVRbaF8p0vpHnyjV/UwNDdKuUv6M5qcA==} + engines: {node: '>=16 || 14 >=14.17'} - picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} - engines: {node: '>=8.6'} + picomatch@4.0.2: + resolution: {integrity: sha512-M7BAV6Rlcy5u+m6oPhAPFgJTzAioX/6B0DxyvDlo9l8+T3nLKbrczg2WLUyzd45L8RqfUMyGPzekbMvX2Ldkwg==} + engines: {node: '>=12'} pidtree@0.6.0: resolution: {integrity: sha512-eG2dWTVw5bzqGRztnHExczNxt5VGsE6OwTeCG3fdUf9KBsZzO3R5OIIIzWR+iZA0NtZ+RDVdaoE2dK1cn6jH4g==} @@ -603,10 +605,6 @@ packages: resolution: {integrity: sha512-bSiSngZ/jWeX93BqeIAbImyTbEihizcwNjFoRUIY/T1wWQsfsm2Vw1agPKylXvQTU7iASGdHhyqRlqQzfz+Htg==} engines: {node: '>=18'} - smol-toml@1.2.0: - resolution: {integrity: sha512-KObxdQANC/xje3OoatMbSwQf2XAvJ0RbK+4nmQRszFNZptbNRnMWqbLF/zb4sMi9xJ6HNyhWXeuZ9zC/I/XY7w==} - engines: {node: '>= 18', pnpm: '>= 9'} - source-map@0.6.1: resolution: {integrity: sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==} engines: {node: '>=0.10.0'} @@ -663,6 +661,9 @@ packages: resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} engines: {node: '>=8.0'} + toml@3.0.0: + resolution: {integrity: sha512-y/mWCZinnvxjTKYhJ+pYxwD0mRLVvOtdS2Awbgxln6iEnt4rk0yBxeSBHkGJcPucRiG0e55mwWp+g/05rsrd6w==} + typanion@3.14.0: resolution: {integrity: sha512-ZW/lVMRabETuYCd9O9ZvMhAh8GslSqaUjxmK/JLPCh6l73CvLBiuXswj/+7LdnWOgYsQ130FqLzFz5aGT4I3Ug==} @@ -848,6 +849,8 @@ snapshots: colorette@2.0.20: {} + commander@12.0.0: {} + commander@12.1.0: {} commander@6.2.1: {} @@ -981,13 +984,13 @@ snapshots: - conventional-commits-filter - conventional-commits-parser - glob@10.4.1: + glob@10.3.12: dependencies: foreground-child: 3.1.1 - jackspeak: 3.1.2 + jackspeak: 2.3.6 minimatch: 9.0.4 - minipass: 7.1.2 - path-scurry: 1.11.1 + minipass: 7.0.4 + path-scurry: 1.10.2 glob@7.2.3: dependencies: @@ -1054,7 +1057,7 @@ snapshots: isexe@2.0.0: {} - jackspeak@3.1.2: + jackspeak@2.3.6: dependencies: '@isaacs/cliui': 8.0.2 optionalDependencies: @@ -1076,7 +1079,7 @@ snapshots: dependencies: uc.micro: 2.1.0 - lint-staged@15.2.5: + lint-staged@15.2.4: dependencies: chalk: 5.3.0 commander: 12.1.0 @@ -1084,7 +1087,7 @@ snapshots: execa: 8.0.1 lilconfig: 3.1.1 listr2: 8.2.1 - micromatch: 4.0.7 + micromatch: 4.0.6 pidtree: 0.6.0 string-argv: 0.3.2 yaml: 2.4.2 @@ -1129,11 +1132,11 @@ snapshots: dependencies: repeat-string: 1.6.1 - markdownlint-cli@0.41.0: + markdownlint-cli@0.40.0: dependencies: - commander: 12.1.0 + commander: 12.0.0 get-stdin: 9.0.0 - glob: 10.4.1 + glob: 10.3.12 ignore: 5.3.1 js-yaml: 4.1.0 jsonc-parser: 3.2.1 @@ -1141,7 +1144,7 @@ snapshots: markdownlint: 0.34.0 minimatch: 9.0.4 run-con: 1.3.2 - smol-toml: 1.2.0 + toml: 3.0.0 markdownlint-micromark@0.1.9: {} @@ -1156,10 +1159,10 @@ snapshots: merge-stream@2.0.0: {} - micromatch@4.0.7: + micromatch@4.0.6: dependencies: braces: 3.0.3 - picomatch: 2.3.1 + picomatch: 4.0.2 mimic-fn@2.1.0: {} @@ -1175,7 +1178,7 @@ snapshots: minimist@1.2.8: {} - minipass@7.1.2: {} + minipass@7.0.4: {} ms@2.1.2: {} @@ -1216,12 +1219,12 @@ snapshots: path-key@4.0.0: {} - path-scurry@1.11.1: + path-scurry@1.10.2: dependencies: lru-cache: 10.2.0 - minipass: 7.1.2 + minipass: 7.0.4 - picomatch@2.3.1: {} + picomatch@4.0.2: {} pidtree@0.6.0: {} @@ -1283,8 +1286,6 @@ snapshots: ansi-styles: 6.2.1 is-fullwidth-code-point: 5.0.0 - smol-toml@1.2.0: {} - source-map@0.6.1: {} spdx-correct@3.2.0: @@ -1341,6 +1342,8 @@ snapshots: dependencies: is-number: 7.0.0 + toml@3.0.0: {} + typanion@3.14.0: {} type-fest@3.13.1: {} diff --git a/renovate.json b/renovate.json index 8ff496d..eb111ac 100644 --- a/renovate.json +++ b/renovate.json @@ -9,15 +9,7 @@ "custom.regex", "github-actions" ], - "baseBranches": ["main", "/^maint\\/.+/"], "packageRules": [ - { - "description": "Disable major chart updates for maintenance branches", - "matchBaseBranches": ["/^maint\\/.+/"], - "matchUpdateTypes": ["major"], - "matchFileNames": ["Chart.yaml"], - "enabled": false - }, { "matchManagers": ["helmv3"], "matchUpdateTypes": ["minor", "patch"], @@ -94,11 +86,6 @@ "description": "Update only daily for forgejo ci tests", "matchFileNames": ["ci/*.yml"], "extends": ["schedule:daily"] - }, - { - "description": "branch automerge not possible", - "matchPackagePatterns": [".+"], - "automergeType": "pr" } ], "customManagers": [ diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 30ee3b9..dc76158 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -3,6 +3,26 @@ Expand the name of the chart. */}} +{{- /* multiple replicas assertions */ -}} +{{- if gt .Values.replicaCount 1.0 -}} + {{- fail "When using multiple replicas, a RWX file system is required" -}} + {{- if eq (get (.Values.persistence.accessModes 0) "ReadWriteOnce") -}} + {{- fail "When using multiple replicas, a RWX file system is required" -}} + {{- end }} + + {{- if eq (get .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE") "bleve" -}} + {{- fail "When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'" -}} + {{- end }} + + {{- if and (eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve") (eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED "true") -}} + {{- fail "When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'" -}} + {{- end }} + + {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}} + {{- (printf "DEBUG: When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'") | fail -}} + {{- end }} +{{- end }} + {{- define "gitea.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -40,7 +60,7 @@ Create image name and tag used by the deployment. {{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}} {{- $repository := .Values.image.repository -}} {{- $separator := ":" -}} -{{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}} +{{- $tag := .Values.image.tag | default .Chart.AppVersion -}} {{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}} {{- $digest := "" -}} {{- if .Values.image.digest }} diff --git a/templates/gitea/config.yaml b/templates/gitea/config.yaml index 80e39dd..42645eb 100644 --- a/templates/gitea/config.yaml +++ b/templates/gitea/config.yaml @@ -18,40 +18,35 @@ type: Opaque stringData: assertions: | - {{- /*assert that only one PG dep is enabled */ -}} - {{- if and (.Values.postgresql.enabled) (index .Values "postgresql-ha" "enabled") -}} - {{- fail "Only one of postgresql or postgresql-ha can be enabled at the same time." -}} - {{- end }} - - {{- /* multiple replicas assertions */ -}} - {{- if gt .Values.replicaCount 1.0 -}} - {{- if .Values.gitea.config.cron -}} - {{- if .Values.gitea.config.cron.GIT_GC_REPOS -}} - {{- if eq .Values.gitea.config.cron.GIT_GC_REPOS.ENABLED true -}} - {{ fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." }} - {{- end }} - {{- end }} - {{- end }} - - {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}} - {{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}} - {{- end }} - {{- if .Values.gitea.config.indexer -}} - {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}} - {{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}} - {{- end }} - {{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}} - {{- if eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve" -}} - {{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}} - {{- if eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED true -}} - {{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} +{{- /*assert that only one PG dep is enabled */ -}} +{{- if and (.Values.postgresql.enabled) (index .Values "postgresql-ha" "enabled") -}} + {{- fail "Only one of postgresql or postgresql-ha can be enabled at the same time." -}} +{{- end }} +{{- /* multiple replicas assertions */ -}} +{{- if gt .Values.replicaCount 1.0 -}} + {{- if (get (get .Values.gitea.config "cron.GIT_GC_REPOS") "ENABLED") -}} + {{- fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." -}} + {{- end }} + + {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}} + {{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}} + {{- end }} + + {{- if eq (get .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE") "bleve" -}} + {{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}} + {{- end }} + {{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}} + {{- if eq (get .Values.gitea.config.indexer "REPO_INDEXER_TYPE") "bleve" -}} + {{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}} + {{- if eq (get .Values.gitea.config.indexer "REPO_INDEXER_ENABLED") "true" -}} + {{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}} + {{- end }} + {{- end }} {{- end }} + {{- end }} + +{{- end }} config_environment.sh: |- #!/usr/bin/env bash set -euo pipefail diff --git a/templates/gitea/deployment.yaml b/templates/gitea/deployment.yaml index ca1bdd9..247a560 100644 --- a/templates/gitea/deployment.yaml +++ b/templates/gitea/deployment.yaml @@ -8,9 +8,6 @@ metadata: {{- end }} labels: {{- include "gitea.labels" . | nindent 4 }} - {{- if .Values.deployment.labels }} - {{- toYaml .Values.deployment.labels | nindent 4 }} - {{- end }} spec: replicas: {{ .Values.replicaCount }} strategy: @@ -400,4 +397,4 @@ spec: {{- else if not .Values.persistence.enabled }} - name: data emptyDir: {} - {{- end }} \ No newline at end of file + {{- end }} diff --git a/unittests/deployment/HA.yaml b/unittests/deployment/HA.yaml deleted file mode 100644 index aeecad6..0000000 --- a/unittests/deployment/HA.yaml +++ /dev/null @@ -1,59 +0,0 @@ -suite: deployment template (HA) -release: - name: gitea-unittests - namespace: testing -templates: - - templates/gitea/deployment.yaml - - templates/gitea/config.yaml -tests: - - it: fails with multiple replicas and "GIT_GC_REPOS" enabled - template: templates/gitea/deployment.yaml - set: - replicaCount: 2 - persistence: - accessModes: - - ReadWriteMany - gitea: - config: - cron: - GIT_GC_REPOS: - ENABLED: true - asserts: - - failedTemplate: - errorMessage: "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." - - it: fails with multiple replicas and RWX file system not set - template: templates/gitea/deployment.yaml - set: - replicaCount: 2 - asserts: - - failedTemplate: - errorMessage: 'When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany.' - - it: fails with multiple replicas and bleve issue indexer - template: templates/gitea/deployment.yaml - set: - replicaCount: 2 - persistence: - accessModes: - - ReadWriteMany - gitea: - config: - indexer: - ISSUE_INDEXER_TYPE: bleve - asserts: - - failedTemplate: - errorMessage: "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." - - it: fails with multiple replicas and bleve repo indexer - template: templates/gitea/deployment.yaml - set: - replicaCount: 2 - persistence: - accessModes: - - ReadWriteMany - gitea: - config: - indexer: - REPO_INDEXER_TYPE: bleve - REPO_INDEXER_ENABLED: true - asserts: - - failedTemplate: - errorMessage: "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." diff --git a/unittests/deployment/basic.yaml b/unittests/deployment/basic.yaml index 133a7c2..bfcb9f2 100644 --- a/unittests/deployment/basic.yaml +++ b/unittests/deployment/basic.yaml @@ -15,17 +15,3 @@ tests: kind: Deployment apiVersion: apps/v1 name: forgejo-unittests - - it: deployment labels are set - template: templates/gitea/deployment.yaml - set: - deployment.labels: - hello: world - asserts: - - isSubset: - path: metadata.labels - content: - hello: world - - isSubset: - path: spec.template.metadata.labels - content: - hello: world diff --git a/unittests/deployment/image-configuration.yaml b/unittests/deployment/image-configuration.yaml index 9d15f54..ab63f3d 100644 --- a/unittests/deployment/image-configuration.yaml +++ b/unittests/deployment/image-configuration.yaml @@ -91,20 +91,3 @@ tests: - equal: path: spec.template.spec.containers[0].image value: 'global.example.com/forgejo/forgejo:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a' - - it: correctly renders floating tag references - template: templates/gitea/deployment.yaml - set: - image.tag: 1.21 # use non-quoted value on purpose. See: https://gitea.com/gitea/helm-chart/issues/631 - asserts: - - equal: - path: spec.template.spec.initContainers[0].image - value: 'codeberg.org/forgejo/forgejo:1.21-rootless' - - equal: - path: spec.template.spec.initContainers[1].image - value: 'codeberg.org/forgejo/forgejo:1.21-rootless' - - equal: - path: spec.template.spec.initContainers[2].image - value: 'codeberg.org/forgejo/forgejo:1.21-rootless' - - equal: - path: spec.template.spec.containers[0].image - value: 'codeberg.org/forgejo/forgejo:1.21-rootless' diff --git a/unittests/init/init_directory_structure.sh-rootless.yaml b/unittests/init/init_directory_structure.sh-rootless.yaml index ea5f3cf..29dac81 100644 --- a/unittests/init/init_directory_structure.sh-rootless.yaml +++ b/unittests/init/init_directory_structure.sh-rootless.yaml @@ -1,6 +1,6 @@ -suite: Init template (rootless) +suite: Init template release: - name: forgejo-unittests + name: gitea-unittests namespace: testing templates: - templates/gitea/init.yaml @@ -67,6 +67,7 @@ tests: chown 1000:1000 "${GNUPGHOME}" fi - it: it does not chown /data even when image.fullOverride is set + template: templates/gitea/init.yaml set: image.fullOverride: gitea/gitea:1.20.5 asserts: diff --git a/values.yaml b/values.yaml index f268869..b93216e 100644 --- a/values.yaml +++ b/values.yaml @@ -323,7 +323,7 @@ initContainers: # ## @param signing.enabled Enable commit/action signing ## @param signing.gpgHome GPG home directory -## @param signing.privateKey Inline private gpg key for signed internal Git activity +## @param signing.privateKey Inline private gpg key for signed Forgejo actions ## @param signing.existingSecret Use an existing secret to store the value of `signing.privateKey` signing: enabled: false @@ -654,7 +654,7 @@ redis-cluster: ## @param postgresql-ha.postgresql.postgresPassword postgres Password ## @param postgresql-ha.pgpool.adminPassword pgpool adminPassword ## @param postgresql-ha.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`) -## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL HA volume +## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL-ha volume postgresql-ha: global: postgresql: