From 64d93ace30b9700c81920c091ff24926066106c0 Mon Sep 17 00:00:00 2001 From: Pankaj Walke <126026317+punkwalker@users.noreply.github.com> Date: Wed, 12 Feb 2025 10:06:19 -0700 Subject: [PATCH] upgrade gitea helm chart version (#488) Signed-off-by: Pankaj Walke --- hack/gitea/generate-manifests.sh | 2 +- hack/gitea/values.yaml | 2 - .../resources/gitea/k8s/install.yaml | 101 +++++++++++------- tests/e2e/e2e.go | 2 +- 4 files changed, 66 insertions(+), 41 deletions(-) diff --git a/hack/gitea/generate-manifests.sh b/hack/gitea/generate-manifests.sh index edf8921e..bd77909b 100755 --- a/hack/gitea/generate-manifests.sh +++ b/hack/gitea/generate-manifests.sh @@ -3,7 +3,7 @@ set -e INSTALL_YAML="pkg/controllers/localbuild/resources/gitea/k8s/install.yaml" GITEA_DIR="./hack/gitea" -CHART_VERSION="10.1.4" +CHART_VERSION="10.6.0" echo "# GITEA INSTALL RESOURCES" >${INSTALL_YAML} echo "# This file is auto-generated with 'hack/gitea/generate-manifests.sh'" >>${INSTALL_YAML} diff --git a/hack/gitea/values.yaml b/hack/gitea/values.yaml index 398835fd..b7936353 100644 --- a/hack/gitea/values.yaml +++ b/hack/gitea/values.yaml @@ -46,7 +46,5 @@ ingress: image: pullPolicy: "IfNotPresent" - # Overrides the image tag whose default is the chart appVersion. - tag: "1.22.0" # Adds -rootless suffix to image name rootless: true diff --git a/pkg/controllers/localbuild/resources/gitea/k8s/install.yaml b/pkg/controllers/localbuild/resources/gitea/k8s/install.yaml index 716e767b..649d1eea 100644 --- a/pkg/controllers/localbuild/resources/gitea/k8s/install.yaml +++ b/pkg/controllers/localbuild/resources/gitea/k8s/install.yaml @@ -5,17 +5,19 @@ apiVersion: v1 kind: Secret metadata: name: my-gitea-inline-config + namespace: gitea labels: - helm.sh/chart: gitea-10.1.4 + helm.sh/chart: gitea-10.6.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: my-gitea - app.kubernetes.io/version: "1.22.0" - version: "1.22.0" + app.kubernetes.io/version: "1.22.3" + version: "1.22.3" app.kubernetes.io/managed-by: Helm type: Opaque stringData: _generals_: "" + actions: ENABLED=false cache: |- ADAPTER=memory HOST= @@ -50,13 +52,14 @@ apiVersion: v1 kind: Secret metadata: name: my-gitea + namespace: gitea labels: - helm.sh/chart: gitea-10.1.4 + helm.sh/chart: gitea-10.6.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: my-gitea - app.kubernetes.io/version: "1.22.0" - version: "1.22.0" + app.kubernetes.io/version: "1.22.3" + version: "1.22.3" app.kubernetes.io/managed-by: Helm type: Opaque stringData: @@ -222,13 +225,14 @@ apiVersion: v1 kind: Secret metadata: name: my-gitea-init + namespace: gitea labels: - helm.sh/chart: gitea-10.1.4 + helm.sh/chart: gitea-10.6.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: my-gitea - app.kubernetes.io/version: "1.22.0" - version: "1.22.0" + app.kubernetes.io/version: "1.22.3" + version: "1.22.3" app.kubernetes.io/managed-by: Helm type: Opaque stringData: @@ -241,15 +245,13 @@ stringData: #!/usr/bin/env bash set -euo pipefail - - set -x - mkdir -p /data/git/.ssh - chmod -R 700 /data/git/.ssh - [ ! -d /data/gitea/conf ] && mkdir -p /data/gitea/conf + mkdir -pv /data/git/.ssh + chmod -Rv 700 /data/git/.ssh + [ ! -d /data/gitea/conf ] && mkdir -pv /data/gitea/conf # prepare temp directory structure - mkdir -p "${GITEA_TEMP}" - chmod ug+rwx "${GITEA_TEMP}" + mkdir -pv "${GITEA_TEMP}" + chmod -v ug+rwx "${GITEA_TEMP}" @@ -290,13 +292,33 @@ stringData: local ACCOUNT_ID=$(echo "${actual_user_table}" | grep -E "\s+${GITEA_ADMIN_USERNAME}\s+" | awk -F " " "{printf \$1}") if [[ -z "${ACCOUNT_ID}" ]]; then + local -a create_args + create_args=(--admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email "gitea@local.domain") + if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = initialOnlyRequireReset ]]; then + create_args+=(--must-change-password=true) + else + create_args+=(--must-change-password=false) + fi echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..." - gitea admin user create --admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email "gitea@local.domain" --must-change-password=false + gitea admin user create "${create_args[@]}" echo '...created.' else - echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..." - gitea admin user change-password --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" - echo '...password sync done.' + if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = keepUpdated ]]; then + echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..." + # See https://gitea.com/gitea/helm-chart/issues/673 + # --must-change-password argument was added to change-password, defaulting to true, counter to the previous behavior + # which acted as if it were provided with =false. If the argument is present in this version of gitea, then we + # should add it to prevent requiring frequent admin password resets. + local -a change_args + change_args=(--username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}") + if gitea admin user change-password --help | grep -qF -- '--must-change-password'; then + change_args+=(--must-change-password=false) + fi + gitea admin user change-password "${change_args[@]}" + echo '...password sync done.' + else + echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist, but update mode is set to '${GITEA_ADMIN_PASSWORD_MODE}'. Skipping." + fi fi } @@ -340,13 +362,14 @@ apiVersion: v1 kind: Service metadata: name: my-gitea-http + namespace: gitea labels: - helm.sh/chart: gitea-10.1.4 + helm.sh/chart: gitea-10.6.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: my-gitea - app.kubernetes.io/version: "1.22.0" - version: "1.22.0" + app.kubernetes.io/version: "1.22.3" + version: "1.22.3" app.kubernetes.io/managed-by: Helm annotations: {} @@ -366,13 +389,14 @@ apiVersion: v1 kind: Service metadata: name: my-gitea-ssh + namespace: gitea labels: - helm.sh/chart: gitea-10.1.4 + helm.sh/chart: gitea-10.6.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: my-gitea - app.kubernetes.io/version: "1.22.0" - version: "1.22.0" + app.kubernetes.io/version: "1.22.3" + version: "1.22.3" app.kubernetes.io/managed-by: Helm annotations: {} @@ -394,14 +418,15 @@ apiVersion: apps/v1 kind: Deployment metadata: name: my-gitea + namespace: gitea annotations: labels: - helm.sh/chart: gitea-10.1.4 + helm.sh/chart: gitea-10.6.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: my-gitea - app.kubernetes.io/version: "1.22.0" - version: "1.22.0" + app.kubernetes.io/version: "1.22.3" + version: "1.22.3" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -417,14 +442,14 @@ spec: template: metadata: annotations: - checksum/config: 9472556301411a93ff19830db2ba46ea781c96364243b2f06ab8e33fb785c25d + checksum/config: 84d963775a319c5adebc83ffa879c7b7fa826991fd52351dc371e4f706025be4 labels: - helm.sh/chart: gitea-10.1.4 + helm.sh/chart: gitea-10.6.0 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: my-gitea - app.kubernetes.io/version: "1.22.0" - version: "1.22.0" + app.kubernetes.io/version: "1.22.3" + version: "1.22.3" app.kubernetes.io/managed-by: Helm spec: @@ -432,7 +457,7 @@ spec: fsGroup: 1000 initContainers: - name: init-directories - image: "gitea/gitea:1.22.0-rootless" + image: "gitea/gitea:1.22.3-rootless" imagePullPolicy: IfNotPresent command: ["/usr/sbin/init_directory_structure.sh"] env: @@ -460,7 +485,7 @@ spec: cpu: 100m memory: 128Mi - name: init-app-ini - image: "gitea/gitea:1.22.0-rootless" + image: "gitea/gitea:1.22.3-rootless" imagePullPolicy: IfNotPresent command: ["/usr/sbin/config_environment.sh"] env: @@ -490,7 +515,7 @@ spec: cpu: 100m memory: 128Mi - name: configure-gitea - image: "gitea/gitea:1.22.0-rootless" + image: "gitea/gitea:1.22.3-rootless" command: ["/usr/sbin/configure_gitea.sh"] imagePullPolicy: IfNotPresent securityContext: @@ -516,6 +541,8 @@ spec: secretKeyRef: key: password name: gitea-credential + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated volumeMounts: - name: init mountPath: /usr/sbin @@ -532,7 +559,7 @@ spec: terminationGracePeriodSeconds: 60 containers: - name: gitea - image: "gitea/gitea:1.22.0-rootless" + image: "gitea/gitea:1.22.3-rootless" imagePullPolicy: IfNotPresent env: # SSH Port values have to be set here as well for openssh configuration diff --git a/tests/e2e/e2e.go b/tests/e2e/e2e.go index 33700b2d..4d03eff0 100644 --- a/tests/e2e/e2e.go +++ b/tests/e2e/e2e.go @@ -211,7 +211,7 @@ func GetGiteaSessionToken(ctx context.Context, auth BasicAuth, baseUrl string) ( httpClient := GetHttpClient() sessionEP := fmt.Sprintf("%s%s", baseUrl, fmt.Sprintf(GiteaSessionEndpoint, auth.Username)) - sb := []byte(fmt.Sprintf(`{"name":"%d"}`, time.Now().Unix())) + sb := []byte(fmt.Sprintf(`{"name":"%d", "scopes":["%s"]}`, time.Now().Unix(), gitea.AccessTokenScopeAll)) sessionReq, err := http.NewRequestWithContext(ctx, http.MethodPost, sessionEP, bytes.NewBuffer(sb)) if err != nil { return "", fmt.Errorf("reating new request for session: %w", err)