diff --git a/licenses.d2iq.yaml b/licenses.d2iq.yaml index ee6f829f9..71baf8966 100644 --- a/licenses.d2iq.yaml +++ b/licenses.d2iq.yaml @@ -3,9 +3,9 @@ ignore: - docker.io/mesosphere/kommander2-kubetools - docker.io/nginxinc/nginx-unprivileged:1.22.0-alpine - docker.io/bitnami/external-dns:0.13.5-debian-11-r55 - - docker.io/bitnami/memcached:1.6.15-debian-11-r8 - docker.io/bitnami/postgresql:11.16.0-debian-11-r9 - docker.io/bitnami/postgresql:15.2.0-debian-11-r21 + - docker.io/bitnami/redis-cluster:7.0.12-debian-11-r2 - docker.io/library/busybox:1 - gcr.io/kubecost1/cost-model:prod-1.104.0 - gcr.io/kubecost1/frontend:prod-1.104.0 @@ -89,7 +89,7 @@ resources: - license_path: LICENSE ref: v${image_tag} url: https://github.com/fluent/fluent-bit - - container_image: docker.io/gitea/gitea:1.19.2-rootless + - container_image: docker.io/gitea/gitea:1.20.3-rootless sources: - license_path: LICENSE ref: v${image_tag%-rootless} diff --git a/services/gitea/8.2.0/defaults/cm.yaml b/services/gitea/9.3.0/defaults/cm.yaml similarity index 59% rename from services/gitea/8.2.0/defaults/cm.yaml rename to services/gitea/9.3.0/defaults/cm.yaml index 130260b08..e64871777 100644 --- a/services/gitea/8.2.0/defaults/cm.yaml +++ b/services/gitea/9.3.0/defaults/cm.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: gitea-8.2.0-d2iq-defaults + name: gitea-9.3.0-d2iq-defaults namespace: ${releaseNamespace} data: values.yaml: |- @@ -21,9 +21,9 @@ data: pathType: ImplementationSpecific gitea: additionalConfigFromEnvs: - - name: ENV_TO_INI__SERVER__SSL_MIN_VERSION + - name: GITEA__SERVER__SSL_MIN_VERSION value: tlsv1.3 - - name: ENV_TO_INI__SERVER__SSL_MAX_VERSION + - name: GITEA__SERVER__SSL_MAX_VERSION value: tlsv1.3 admin: existingSecret: ${adminCredentialsSecret} @@ -37,6 +37,17 @@ data: service: REQUIRE_SIGNIN_VIEW: false DISABLE_REGISTRATION: true + session: + PROVIDER: redis + PROVIDER_CONFIG: redis+cluster://:gitea@gitea-redis-cluster-headless.${releaseNamespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + cache: + ENABLED: true + ADAPTER: redis + HOST: redis+cluster://:gitea@gitea-redis-cluster-headless.${releaseNamespace}.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + queue: + TYPE: redis + CONN_STR: redis+cluster://:gitea@gitea-redis-cluster-headless.${releaseNamespace}v.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + startupProbe: enabled: true tcpSocket: @@ -46,7 +57,7 @@ data: periodSeconds: 10 successThreshold: 1 failureThreshold: 10 - statefulset: + deployment: annotations: secret.reloader.stakater.com/reload: ${tlsCertificateSecret} service: @@ -54,20 +65,28 @@ data: port: 443 clusterIP: extraVolumes: - - name: git-tls - secret: - secretName: ${tlsCertificateSecret} + - name: git-tls + secret: + secretName: ${tlsCertificateSecret} extraVolumeMounts: - - name: git-tls - readOnly: true - mountPath: "/git-tls" + - name: git-tls + readOnly: true + mountPath: "/git-tls" clusterDomain: cluster.local. - memcached: + redis-cluster: priorityClassName: "dkp-critical-priority" - image: - tag: 1.6.15-debian-11-r8 + cluster: + nodes: 6 + postgresql-ha: + enabled: false postgresql: + enabled: true primary: priorityClassName: "dkp-critical-priority" image: tag: 11.16.0-debian-11-r9 + persistence: + enabled: true + create: false + mount: true + claimName: "data-gitea-0" diff --git a/services/gitea/8.2.0/defaults/kustomization.yaml b/services/gitea/9.3.0/defaults/kustomization.yaml similarity index 100% rename from services/gitea/8.2.0/defaults/kustomization.yaml rename to services/gitea/9.3.0/defaults/kustomization.yaml diff --git a/services/gitea/8.2.0/gitea.yaml b/services/gitea/9.3.0/gitea.yaml similarity index 90% rename from services/gitea/8.2.0/gitea.yaml rename to services/gitea/9.3.0/gitea.yaml index ba184f7fb..d84b59ca7 100644 --- a/services/gitea/8.2.0/gitea.yaml +++ b/services/gitea/9.3.0/gitea.yaml @@ -11,7 +11,7 @@ spec: kind: HelmRepository name: dl.gitea.io-charts namespace: kommander-flux - version: 8.2.0 + version: 9.3.0 interval: 15s install: crds: CreateReplace @@ -25,5 +25,5 @@ spec: releaseName: gitea valuesFrom: - kind: ConfigMap - name: gitea-8.2.0-d2iq-defaults + name: gitea-9.3.0-d2iq-defaults targetNamespace: ${releaseNamespace} diff --git a/services/gitea/8.2.0/kustomization.yaml b/services/gitea/9.3.0/kustomization.yaml similarity index 87% rename from services/gitea/8.2.0/kustomization.yaml rename to services/gitea/9.3.0/kustomization.yaml index 4ab5c742c..05ade2756 100644 --- a/services/gitea/8.2.0/kustomization.yaml +++ b/services/gitea/9.3.0/kustomization.yaml @@ -1,4 +1,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: + - pvc.yaml - gitea.yaml diff --git a/services/gitea/9.3.0/pvc.yaml b/services/gitea/9.3.0/pvc.yaml new file mode 100644 index 000000000..82f8d9466 --- /dev/null +++ b/services/gitea/9.3.0/pvc.yaml @@ -0,0 +1,23 @@ +--- +# In the previous versions (v8.x and prior), PVC was automatically managed by the Statefulset, while in the +# new versions (v9.x and later), it is automatically handled by the Helm chart. +# +# To avoid breaking the compatibility with previous installations, we do not let Helm chart create PVC (see `persistence.create` in cm.yaml file) +# and for new installations we create a PVC object using the name `data-gitea-0` that is the same name used in +# gitea v8.x and older versions. This way, we can keep the existing PVC for upgrade process. +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: data-gitea-0 + namespace: ${releaseNamespace} + annotations: + helm.sh/resource-policy: keep + kustomize.toolkit.fluxcd.io/prune: disabled +spec: + accessModes: + - ReadWriteOnce + volumeMode: Filesystem + resources: + requests: + storage: 10Gi +---