This is a preparation for #724 (bash script testing) which would be too complex to review if done there. Reviewed-on: gitea/helm-chart#752 Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

### Description of the change This is a preparation for #724 (bash script testing) which would be too complex to review if done there. I haven't changed the script contents. ### Benefits Better IDE support, possibility for shell checks, tests. ### Possible drawbacks - ### Additional information I only extracted files that are native bash scripts. There are others, being a mix of Helm templating and shell scripts. Those scripts must be cleared first before extracting them as well. Reviewed-on: gitea/helm-chart#751 Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

### Description of the change This addresses 2 bugs regarding configured runner labels: - `Cannot find: node in PATH` due to a default label that matches the runner host, not the docker-in-docker environment - After changing the runner config, users have to manually replace the StatefulSet Pod of the runner ### Benefits - Out-of-the-box functioning node environment - Auto-updated runner config on changes in values ### Applicable issues - fixes gitea/helm-chart#728 - fixes gitea/helm-chart#725 ### Additional information With removing the default labels from `values.yaml`, the act runner defaults will be used for new runners which fixes the "missing node" issue. I had issues replacing the labels once the Chart defaults were used, so users might have to replace their runner manually if this is an issue. ### Checklist - [x] Templating unittests are added Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com> Reviewed-on: gitea/helm-chart#739 Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

gitea/helm-chart#713 ensured that all resources contain a `namespace` field. When adding Gitea actions runner support in gitea/helm-chart#666, this was an oversight. Signed-off-by: justusbunsi <sk.bunsenbrenner@gmail.com> Reviewed-on: gitea/helm-chart#737 Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

### Benefits Can protect metrics endpoint with `Bearer` token authentication provided by gitea. see PR #637 for previous discussion. ### Possible drawbacks No possible drawbacks ### Applicable issues - fixes #635 ### Additional information ``` gitea: metrics: enabled: true token: "somepassword" serviceMonitor: enabled: true ``` Using above configuration is sufficient to secure /metrics endpoint with bearer token and corresponding ServiceMonitor. ### Checklist - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [ ] ~~Breaking changes are documented in the `README.md`~~ Not applicable - [x] Templating unittests are added Signed-off-by: Hitesh Nayak <hiteshnayak305@gmail.com> Reviewed-on: gitea/helm-chart#719 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: Hitesh Nayak <hiteshnayak305@gmail.com> Co-committed-by: Hitesh Nayak <hiteshnayak305@gmail.com>

Follow-up to gitea/helm-chart#666. Reviewed-on: gitea/helm-chart#722 Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

Co-authored-by: dementhorr <dementhorr@proton.me> Co-authored-by: Vince Montalbano <vince.montalbano@gmail.com> Reviewed-on: gitea/helm-chart#666 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: vjm <vjm@noreply.gitea.com> Co-committed-by: vjm <vjm@noreply.gitea.com>

### Description of the change This fixes an issue when trying to apply a custom probe that is not `tcpSocket`. ### Benefits Custom probes 🥳 ### Applicable issues - Fixes #694 ### Checklist - [x] Templating unittests are added Reviewed-on: gitea/helm-chart#717 Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

### Description of the change Adds an 'extraContainers' parameter. ### Benefits Users will be able to run sidecar containers as required by their environment. ### Possible drawbacks N/A ### Applicable issues - Fixes #696 ### Checklist - [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) Reviewed-on: gitea/helm-chart#697 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: rossigee <rossigee@noreply.gitea.com> Co-committed-by: rossigee <rossigee@noreply.gitea.com>

### Description of the change Added namespaces to all the template files to better support alternate templaters in gitops systems ### Benefits Gitops system that have different ways of handling helm templates can actually deploy this chart correct, especially through subcharts ### Possible drawbacks Potential regression when upgrading, though this should be unlikely per @jessesanford 's comments with it defaulting back to the existing behaviour ### Applicable issues - Addresses gitea/helm-chart#630 - Addresses gitea/helm-chart#557 - Addresses gitea/helm-chart#623 ### Checklist - [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [X] Breaking changes are documented in the `README.md` Co-authored-by: SorsOps <80043879+sorsOps@users.noreply.github.com> Reviewed-on: gitea/helm-chart#713 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: SorsOps <sorsops@noreply.gitea.com> Co-committed-by: SorsOps <sorsops@noreply.gitea.com>

This patch extends the serviceMonitor resource to specify a custom TLS configuration used by prometheus to scrape the metrics. Furthermore, the interval and scrapeTimeout can now be adapted without changing the global defaults of the prometheus instance. Reviewed-on: gitea/helm-chart#710 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: Markus Pesch <markus.pesch@cryptic.systems> Co-committed-by: Markus Pesch <markus.pesch@cryptic.systems>

When the _init-directories_ container runs, the shell script _init_directory_structure.sh_ logs to _stderr_ because debugging is enabled with _set -x_. The output from the script, should be logged to _stdout_ instead. The issue is discussed here: gitea/helm-chart#701 ### Description of the change This PR uses the _verbose_ flag with all commands in the script to log what the script is doing. ### Benefits Log entries with incorrect severity _ERROR_ will no longer be logged in _Kubernetes_. ### Possible drawbacks Log output will change. If someone had a check for certain log entries from the _init container_, that check would break. ### Checklist Updated unit tests. Co-authored-by: tobias.petersen <tobias.petersen@unity3d.com> Reviewed-on: gitea/helm-chart#708 Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com> Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: tobiasbp <tobiasbp@noreply.gitea.com> Co-committed-by: tobiasbp <tobiasbp@noreply.gitea.com>

### Description of the change Introduce `service.{http,ssh}.loadBalancerClass` ### Benefits Feature was not supported before. This is required if your cluster has multiple loadBalancer options and you want to select one ### Possible drawbacks More yaml. ### Checklist - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [x] Templating unittests are added Reviewed-on: gitea/helm-chart#640 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: Karitham <kar@karitham.dev> Co-committed-by: Karitham <kar@karitham.dev>

### Description of the change This enables sane modes for forcing reset, as well as providing more options to users of the chart by giving them the flexibility to set the mode for password creation/modification as part of init whether the user exists or not. ### Benefits The new default should revert to the behavior before #673 became an issue, while also providing more flexibility for users who want to be able to manage their initial admin user password out-of-band after creating it the first time. ### Possible drawbacks None that I can think of. ### Applicable issues - fixes #673 ### Additional information See the discussion in #675 as well ### Checklist - [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) Reviewed-on: gitea/helm-chart#677 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: James Harmison <jharmison@gmail.com> Co-committed-by: James Harmison <jharmison@gmail.com>

Co-authored-by: Julien <julienym@gmail.com> Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Reviewed-on: gitea/helm-chart#672 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>

### Description of the change Adding support for DRY principle (via use of the TPL function) to the PVC storage class and the ingress class ### Benefits It allows to reference a variable into another one to avoid duplicating them (or using YAML anchors). It is useful and valuable when including Gitea into an umbrella chart with multiple components and to have a single variable while the components variable only refer to that single one. Example 1 ``` global: persistence: storageClass: "storage-class" persistence: storageClass: "{{ .Values.global.persistence.storageClass }}" ``` This results in having `spec.storageClassName` equal to `storage-class` in the PVC object Example 2 ``` global: ingress: className: "ingress-class" ingress: className: "{{ .Values.global.ingress.className}}" ``` This results in having `spec.ingressClassName` equal to `ingress-class` in the Ingress object ### Possible drawbacks N/A ### Checklist - [X] Templating unittests are added Co-authored-by: 212597596 <cedric.henry@ge.com> Co-authored-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com> Reviewed-on: gitea/helm-chart#664 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com> Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>

fix #631 Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Reviewed-on: gitea/helm-chart#641 Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>

### Description of the change Applies `deployment.labels` to the deployment itself. ### Benefits Allows the user to add labels to the deployment. ### Possible drawbacks None ### Checklist - [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [X] Templating unittests are added Reviewed-on: gitea/helm-chart#649 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: Dalton Russell <dalton.russell@tangramflex.com> Co-committed-by: Dalton Russell <dalton.russell@tangramflex.com>

fix #604 - Assertions in `_helpers.tpl` were not effective, removed them - Updated and indented assertions in `config.yaml` - Added tests to check the assertions Reviewed-on: gitea/helm-chart#611 Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>

Hi, In reference to #580 I noticed that one cannot apply labels to the created PVC with persistance.labels. The label statement is missing in the template. best regards, Oliver. **helm-chart/templates/gitea/pvc.yaml:** ``` {{- if and .Values.persistence.enabled .Values.persistence.create }} kind: PersistentVolumeClaim apiVersion: v1 metadata: name: {{ .Values.persistence.claimName }} namespace: {{ $.Release.Namespace }} annotations: {{ .Values.persistence.annotations | toYaml | indent 4}} spec: ... ``` **values.yaml:** ``` persistence: ## @param primary.persistence.enabled Enable PostgreSQL Primary data persistence using PVC ## enabled: true ## @param primary.persistence.existingClaim Name of an existing PVC to use ## existingClaim: "" ## @param primary.persistence.mountPath The path the volume will be mounted at ## Note: useful when using custom PostgreSQL images ## mountPath: /bitnami/postgresql ## @param primary.persistence.subPath The subdirectory of the volume to mount to ## Useful in dev environments and one PV for multiple services ## subPath: "" ## @param primary.persistence.storageClass PVC Storage Class for PostgreSQL Primary data volume ## If defined, storageClassName: <storageClass> ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## storageClass: "" ## @param primary.persistence.accessModes PVC Access Mode for PostgreSQL volume ## accessModes: - ReadWriteOnce ## @param primary.persistence.size PVC Storage Request for PostgreSQL volume ## size: 8Gi ## @param primary.persistence.annotations Annotations for the PVC ## annotations: {} ## @param primary.persistence.labels Labels for the PVC ## labels: {} ``` ### Checklist <!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] --> - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) Co-authored-by: pat-s <pat-s@noreply.gitea.com> Reviewed-on: gitea/helm-chart#581 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: Oliver Fueckert <oliver@cubinet.de> Co-committed-by: Oliver Fueckert <oliver@cubinet.de>

### Description of the change The code change ensures proper usage of gitea.persistence.storageClass, improving configuration accuracy and code readability. ### Applicable issues - fixes #601 Reviewed-on: gitea/helm-chart#602 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: florianspk <florianspk@gmail.com> Co-committed-by: florianspk <florianspk@gmail.com>

### Description of the change The change allows users of this chart to specify custom labels for the HTTP & SSH Services that get deployed. They are optional and if given are added to the standard list of labels. ### Benefits Certain use cases require labelling services to be able to select them in other places. Specifiying them directly in the helm chart avoids having to label by hand everytime. Concrete Use Case Example: Cilium Layer 2 Announcements require selecting services to announce via labels (see [docs](https://docs.cilium.io/en/stable/network/l2-announcements/#service-selector)). I would like to add a label to the SSH service, but not the HTTP Service (which is handled via an ingress). ### Possible drawbacks I don't see any, using this feature is optional :) ### Checklist - [X] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [X] Breaking changes are documented in the `README.md` - [X] Templating unittests are added Co-authored-by: Remo Geissbühler <git@remogeissbuehler.ch> Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com> Reviewed-on: gitea/helm-chart#597 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: remogeissbuehler <remogeissbuehler@noreply.gitea.com> Co-committed-by: remogeissbuehler <remogeissbuehler@noreply.gitea.com>

### Description of the change With https://github.com/go-gitea/gitea/pull/28390, Gitea 1.21.2 introduced warning log output within the result of `gitea admin <subcommand>` and therefore affects the current provisioning script. That script previously assumed a clean result set and was therefore doomed to fail at _some_ point. This introduces output sanitizing to trim such logs above the actual result table. ### Applicable issues - fixes #589 ### Additional information The non-sanitized output were only an issue for admin account provisioning, and only when the username matched one of these words (in case of #589 it was `gitea`): ```text .../setting/security.go:168:loadSecurityFrom() [W] Enabling Query API Auth tokens is not recommended. DISABLE_QUERY_AUTH_TOKEN will default to true in gitea 1.23 and will be removed in gitea 1.24. ``` LDAP and OAuth sources were not affected by this particular log line, but also processed non-sanitized result sets. Changing their code is a precaution. Reviewed-on: gitea/helm-chart#590 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

### Description of the change gitea/helm-chart#464 (comment) was never taken into account. Somehow I missed that the PR was already merged when I replied. ### Benefits Without this fix: ```text Reloading preset envs... + 'GITEA_POSTGRESQL_HA_PGPOOL_SERVICE_PORT' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP_PROTO' + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP_PROTO' + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP_PORT' + 'GITEA_APP_INI' + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP_ADDR' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_SERVICE_HOST' + 'GITEA_WORK_DIR' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP_ADDR' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_SERVICE_PORT_POSTGRESQL' + 'GITEA_TEMP' + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP_PORT' + 'GITEA_POSTGRESQL_HA_PGPOOL_SERVICE_PORT_POSTGRESQL' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_SERVICE_PORT' + 'GITEA_POSTGRESQL_HA_POSTGRESQL_PORT_5432_TCP' + 'GITEA_POSTGRESQL_HA_PGPOOL_PORT_5432_TCP' + 'GITEA_CUSTOM' + 'GITEA_POSTGRESQL_HA_PGPOOL_SERVICE_HOST' + 'GITEA__metrics__ENABLED' === All configuration sources loaded === ``` With this fix: ```text Reloading preset envs... + 'GITEA__metrics__ENABLED' === All configuration sources loaded === ``` Reviewed-on: gitea/helm-chart#586 Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com> Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

### Description of the change Add config fallbacks for `session`, `cache` and `queue` including tests. ### Benefits If users disable the default `redis-cluster` sub-chart dependency, this will configure the respective sections to use the Gitea defaults as listed in https://docs.gitea.com/next/administration/config-cheat-sheet. ### Possible drawbacks Users will run on non-optimal settings for production without knowing their config. ### Applicable issues - fixes #584 #573 #489 #476 #468 #453 ### Checklist <!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] --> - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [x] Breaking changes are documented in the `README.md` - [x] Templating unittests are added Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com> Reviewed-on: gitea/helm-chart#585 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com>

### Description of the change This supersedes #359 by fixing the fallback domain value when no ingress host is defined. Memcached is not used anymore. PostgreSQL macro has already been fixed otherwise. ### Checklist - [x] Templating unittests are added Co-authored-by: pat-s <pat-s@noreply.gitea.com> Reviewed-on: gitea/helm-chart#560 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

### Description of the change This PR is a continuation of the work done by @dgershman in [534](gitea/helm-chart#534), to allow users to override the image from the default rootless behavior of appending `-rootless` to the end of the image tag. ### Benefits Allows more flexibility to use externally maintained images that are rootless but don't follow the `-rootless` tag convention. ### Applicable issues - fixes #532 ### Additional information No breaking changes. This does not affect the `image.rootless` conditional checks or the current behavior if someone still wants to rely on the chart to append `-rootless`. ### Checklist - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [x] Breaking changes are documented in the `README.md` - [x] Templating unittests are added Co-authored-by: TristanHoladay <40547442+TristanHoladay@users.noreply.github.com> Co-authored-by: pat-s <pat-s@noreply.gitea.com> Reviewed-on: gitea/helm-chart#550 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: TristanHoladay <tristanholaday@noreply.gitea.com> Co-committed-by: TristanHoladay <tristanholaday@noreply.gitea.com>

### Description of the change - Adding TPL use into './templates/_helpers.tpl' in "gitea.inline_configuration.defaults.server" since '.Values.ingress.hosts' referred ### Benefits - Avoid error in deployment using Gitea CHart 9.5.0 such as "Invalid ROOT_URL 'https://{{ .Values.global.giteaHostName }}': parse "https://{{ .Values.global.giteaHostName }}": invalid character "{" in host name" ### Possible drawbacks N/A ### Applicable issues - fixes #530 ### Checklist - [x] Fixing './templates/_helpers.tpl' "gitea.inline_configuration.defaults.server - [x] Templating unittests are added Co-authored-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: 212597596 <cedric.henry@ge.com> Reviewed-on: gitea/helm-chart#529 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com> Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>

### Description of the change The `postgresql-ha` provides a dedicated deployment and service called `pgpool`. This application is a proxy that routes the db queries to the active database replica. There's a note about that in their README[^1]. Issue #502 is a side-effect of not using that proxy. ### Possible drawbacks Using the Charts' default configuration, the `pgpool` deployment has 1 replica, making this a single-point of failure. But users can change the related `postgresql-ha.pgpool.replicaCount` to their needs. ### Applicable issues - fixes #502 ### Checklist - [x] Templating unittests are added [^1]: https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/templates/postgresql/statefulset.yaml#introduction Reviewed-on: gitea/helm-chart#542 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

### Description of the change Introducing `tpl` function on variables related to hostname in `./templates/gitea/ingress.yaml` ### Benefits The change is intending to support the following syntax in a values.yaml such as: ``` global: giteaHostName: "gitea.my-org.com" ingress: enabled: true hosts: - host: "{{ .Values.global.giteaHostName }}" paths: - path: / pathType: Prefix tls: - secretName: gitea-tls hosts: - "{{ .Values.global.giteaHostName }}" ``` ### Possible drawbacks N/A ### Applicable issues N/A ### Additional information N/A Reviewed-on: gitea/helm-chart#498 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: Ceddaerrix <ceddaerrix@noreply.gitea.com> Co-committed-by: Ceddaerrix <ceddaerrix@noreply.gitea.com>

fix #398 Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Reviewed-on: gitea/helm-chart#444 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>

Quote all values for Ingress annotations as discussed in gitea/helm-chart#483 Annotations are currently not quoted, and can not be set to non-string values using the _--set_ with _helm_ (see examples in issue). Annotations for ingress-nginx MUST be quoted: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md#annotations ``` !!! tip Annotation keys and values can only be strings. Other types, such as boolean or numeric values must be quoted, i.e. "true", "false", "100". ``` Reviewed-on: gitea/helm-chart#497 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: tobiasbp <tobiasbp@noreply.gitea.com> Co-committed-by: tobiasbp <tobiasbp@noreply.gitea.com>

### Benefits Asserting the value existence failed previously. ### Applicable issues fixes #488 ### Additional information No unit tests possible as value is parsed as a secret and then into `app.ini`. Reviewed-on: gitea/helm-chart#490 Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.com> Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>

### Description of the change Before only `postgresql-ha` was auto-configured WRT to DNS. ### Benefits Add DNS auto-config for `postgresql` dependency and assert that either `postgresql` or `postgresql-ha` is enabled. Reviewed-on: gitea/helm-chart#478 Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>

### Benefits possibly fix #470 Reviewed-on: gitea/helm-chart#471 Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>

<!-- Before you open the request please review the following guidelines and tips to help it be more easily integrated: - Describe the scope of your change - i.e. what the change does. - Describe any known limitations with your change. - Please run any tests or examples that can exercise your modified code. Thank you for contributing! We will try to review, test and integrate the change as soon as we can. --> ### Description of the change <!-- Describe the scope of your change - i.e. what the change does. --> remove deployment, `serviceName` ### Benefits <!-- What benefits will be realized by the code change? --> ### Possible drawbacks <!-- Describe any known limitations with your change --> ### Applicable issues <!-- Enter any applicable Issues here (You can reference an issue using #). Please remove this section if there is no referenced issue. --> - fixes #466 ### Additional information <!-- If there's anything else that's important and relevant to your pull request, mention that information here. Please remove this section if it remains empty. --> ### ⚠ BREAKING <!-- If there's a breaking change, please shortly describe in which way users are affected and how they can mitigate it. If there are no breakings, please remove this section. --> ### Checklist <!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] --> - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) - [x] Breaking changes are documented in the `README.md` - [x] Templating unittests are added Reviewed-on: gitea/helm-chart#467 Co-authored-by: yinheli <me@yinheli.com> Co-committed-by: yinheli <me@yinheli.com>

# Changes A big shoutout to @luhahn for all his work in #205 which served as the base for this PR. ## Documentation - [x] After thinking for some time about it, I still prefer the distinct option (as started in #350), i.e. having a standalone "HA" doc under `docs/ha-setup.md` to not have a very long README (which is already quite long). Most of the information below should go into it with more details and explanations behind all of the individual components. ## Chart deps ~~- Adds `meilisearch` as a chart dependency for a HA-ready issue indexer. Only works with >= Gitea 1.20~~ ~~- Adds `redis` as a chart dependency for a HA-ready session and queue store.~~ - Adds `redis-cluster` as a chart dependency for a HA-ready session and queue store (alternative to `redis`). Only works with >= Gitea 1.19.2. - Removes `memcached` instead of `redis-cluster` - Add `postgresql-ha` as default DB dep in favor of `postgres` ## Adds smart HA chart logic The goal is to set smart config values that result in a HA-ready Gitea deployment if `replicaCount` > 1. - If `replicaCount` > 1, - `gitea.config.session.PROVIDER` is automatically set to `redis-cluster` - `gitea.config.indexer.REPO_INDEXER_ENABLED` is automatically set to `false` unless the value is `elasticsearch` or `meilisearch` - `redis-cluster` is used for `[queue]` and `[cache]` and `[session]`mode or not Configuration of external instances of `meilisearch` and `minio` are documented in a new markdown doc. ## Deployment vs Statefulset Given all the discussions about this lately (#428), I think we could use both. In the end, we do not have the requirement for a sequential pod scale up/scale down as it would happen in statefulsets. On the other side, we do not have actual stateless pods as we are attaching a RWX to the deployment. Yet I think because we do not have a leader-election requirement, spawning the pods as a deployment makes "Rolling Updates" easier and also signals users that there is no "leader election" logic and each pod can just be "destroyed" at anytime without causing interruption. Hence I think we should be able to switch from a statefulset to a deployment, even in the single-replica case. This change also brought up a templating/linting issue: the definition of `.Values.gitea.config.server.SSH_LISTEN_PORT` in `ssh-svc.yaml` just "luckily" worked so far due to naming-related lint processing. Due to the change from "statefulset" to "deployment", the processing queue changed and caused a failure complaining about `config.server.SSH_LISTEN_PORT` not being defined yet. The only way I could see to fix this was to "properly" define the value in `values.yaml` instead of conditionally definining it in `helpers.tpl`. Maybe there's a better way? ## Chart PVC Creation I've adapted the automated PVC creation from another chart to be able to provide the `storageClassName` as I couldn't get dynamic provisioning for EFS going with the current implementation. In addition the naming and approach within the Gitea chart for PV creation is a bit unusual and aligning it might be beneficial. A semi-unrelated change which will result in a breaking change for existing users but this PR includes a lot of breaking changes already, so including another one might not make it much worse... - New `persistence.mount`: whether to mount an existing PVC (via `persistence.existingClaim` - New `persistence.create`: whether to create a new PVC ## Testing As this PR does a lot of things, we need proper testing. The helm chart can be installed from the Git branch via `helm-git` as follows: ``` helm repo add gitea-charts git+https://gitea.com/gitea/helm-chart@/?ref=deployment helm install gitea --version 0.0.0 ``` It is **highly recommended** to test the chart in a dedicated namespace. I've tested this myself with both `redis` and `redis-cluster` and it seemed to work fine. I just did some basic operations though and we should do more niche testing before merging. Examplary `values.yml` for testing (only needs a valid RWX storage class): <details> <summary>values.yaml</summary> ```yml image: tag: "dev" PullPolicy: "Always" rootless: true replicaCount: 2 persistence: enabled: true accessModes: - ReadWriteMany storageClass: FIXME redis-cluster: enabled: false global: redis: password: gitea gitea: config: indexer: ISSUE_INDEXER_ENABLED: true REPO_INDEXER_ENABLED: false ``` </details> ## Preferred setup The preferred HA setup with respect to performance and stability might currently be as follows: - Repos: RWX (e.g. EFS or Azurefiles NFS) - Issue indexer: Meilisearch (HA) - Session and cache: Redis Cluster (HA) - Attachments/Avatars: Minio (HA) This will result in a ~ 10-pod HA setup overall. All pods have very low resource requests. fix #98 Co-authored-by: pat-s <pat-s@noreply.gitea.io> Reviewed-on: gitea/helm-chart#437 Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>

### Description of the change Change env-to-ini prefix and remove custom prefix. `GITEA` is the default prefix. ### Benefits Compatibility wit v1.20 (`-p` got removed) ### Possible drawbacks None ### Additional information See https://github.com/go-gitea/gitea/pull/25799 Tested with Gitea < 1.20 and >= 1.20 Reviewed-on: gitea/helm-chart#464 Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>

### Description of the change This adds a new values object `serviceAccount`, that allows creating a dedicated ServiceAccount with the Helm Release into the cluster. It supports all common options like labels, annotations, name override (or referring to an externally created ServiceAccount), auto-mount token, image pull secrets. It supersedes the stale PR #357. ### Benefits Users can deploy Gitea with more fine-tuned security settings. ### Applicable issues - related to #448 ### Additional information I've bumped the helm-unittest plugin in the CI build, to be able to use the `exists` and `notExists` feature in the new tests. ### Checklist - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) Reviewed-on: gitea/helm-chart#451 Reviewed-by: pat-s <pat-s@noreply.gitea.com> Co-authored-by: justusbunsi <sk.bunsenbrenner@gmail.com> Co-committed-by: justusbunsi <sk.bunsenbrenner@gmail.com>

fix #396 Set the default of `$HOME` to `/data/gitea/git` for rootless images to make chart openshift compliant. Reviewed-on: gitea/helm-chart#447 Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: pat-s <patrick.schratz@gmail.com> Co-committed-by: pat-s <patrick.schratz@gmail.com>

Signed-off-by: Cyril Jouve <jv.cyril@gmail.com> <!-- Before you open the request please review the following guidelines and tips to help it be more easily integrated: - Describe the scope of your change - i.e. what the change does. - Describe any known limitations with your change. - Please run any tests or examples that can exercise your modified code. Thank you for contributing! We will try to review, test and integrate the change as soon as we can. --> ### Description of the change <!-- Describe the scope of your change - i.e. what the change does. --> add a new value `extraDeploy` to add arbitrary resources inspired by bitnami charts ([example](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/values.yaml#L58) ### Benefits <!-- What benefits will be realized by the code change? --> with the change, I can deploy additional resources and keep them consistent with the chart (reuse macro, same labels, etc)., same workflow (helm upgrade), etc ### Possible drawbacks <!-- Describe any known limitations with your change --> ### Additional information <!-- If there's anything else that's important and relevant to your pull request, mention that information here. Please remove this section if it remains empty. --> ### Checklist <!-- [Place an '[X]' (no spaces) in all applicable fields. Please remove unrelated fields.] --> - [x] Parameters are documented in the `values.yaml` and added to the `README.md` using [readme-generator-for-helm](https://github.com/bitnami-labs/readme-generator-for-helm) Co-authored-by: pat-s <pat-s@noreply.gitea.io> Reviewed-on: gitea/helm-chart#441 Reviewed-by: pat-s <pat-s@noreply.gitea.io> Reviewed-by: luhahn <luhahn@noreply.gitea.io> Reviewed-by: justusbunsi <justusbunsi@noreply.gitea.io> Co-authored-by: Cyril Jouve <jv.cyril@gmail.com> Co-committed-by: Cyril Jouve <jv.cyril@gmail.com>