bp99/helm-actions
1
0
Fork 0
mirror of https://gitea.com/gitea/helm-actions.git synced 2026-04-07 02:00:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: bp99:63ff1b19dabea9c667e726859ded299f76811883
Branches Tags
bp99:main bp99:renovate/lock-file-maintenance bp99:bump-helm bp99:christopherhx/e2e bp99:check-release-secrets
bp99:v0.0.4 bp99:v0.0.3 bp99:v0.0.2 bp99:v0.0.1
..
compare: bp99:check-release-secrets
Branches Tags
bp99:renovate/lock-file-maintenance bp99:main bp99:bump-helm bp99:christopherhx/e2e bp99:check-release-secrets
bp99:v0.0.4 bp99:v0.0.3 bp99:v0.0.2 bp99:v0.0.1

1 Commits
63ff1b19da ... check-rele

Author SHA1 Message Date
ChristopherHX
1600658386 .gitea/workflows/release-version.yml aktualisiert 2025-08-15 20:01:39 +00:00
16 changed files with 201 additions and 264 deletions
Expand all files Collapse all files

4
.gitea/workflows/changelog.yml
View File

@ -8,12 +8,12 @@ on:
jobs:
changelog:
runs-on: ubuntu-latest
container: docker.io/thegeeklab/git-sv:2.0.5
container: docker.io/thegeeklab/git-sv:1.0.12
steps:
- name: install tools
run: |
apk add -q --update --no-cache nodejs curl jq sed
- uses: actions/checkout@v5
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Generate upcoming changelog

4
.gitea/workflows/commitlint.yml
View File

@ -11,9 +11,9 @@ on:
jobs:
check-and-test:
runs-on: ubuntu-latest
container: commitlint/commitlint:19.9.1
container: commitlint/commitlint:19.7.1
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v4
- name: check PR title
run: |
echo "${{ gitea.event.pull_request.title }}" | commitlint --config .commitlintrc.json

122
.gitea/workflows/release-version.yml
View File

@ -1,70 +1,68 @@
name: generate-chart
name: check-secrets
on:
push:
tags:
- "*"
env:
# renovate: datasource=docker depName=alpine/helm
HELM_VERSION: "3.18.6"
jobs:
generate-chart-publish:
check-secrets:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- name: install tools
- uses: actions/checkout@v4
- name: Check all required secrets
run: |
apt update -y
apt install -y curl ca-certificates curl gnupg
# helm
curl -O https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
tar -xzf helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/
rm -rf linux-amd64 helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
helm version
# docker
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update -y
apt install -y python3 python3-pip apt-transport-https docker-ce-cli
pip install awscli --break-system-packages
- name: Import GPG key
id: import_gpg
uses: https://github.com/crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0
# Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
- name: package chart
run: |
echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin
# FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
helm plugin install https://github.com/pat-s/helm-gpg
helm dependency build
helm package --version "${GITHUB_REF#refs/tags/v}" ./
mkdir actions
mv actions*.tgz actions/
curl -s -L -o actions/index.yaml https://dl.gitea.com/charts/index.yaml
helm repo index actions/ --url https://dl.gitea.com/charts --merge actions/index.yaml
# push to dockerhub
echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin
helm push actions/actions-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts
helm registry logout registry-1.docker.io
- name: aws credential configure
uses: https://github.com/aws-actions/configure-aws-credentials@v5
with:
aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Copy files to S3 and clear cache
run: |
aws s3 sync actions/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/
echo "=== Checking availability of required secrets ==="
# List of all secrets used in the original workflow
SECRETS=(
"GPGSIGN_KEY"
"GPGSIGN_PASSPHRASE"
"DOCKER_CHARTS_PASSWORD"
"DOCKER_CHARTS_USERNAME"
"AWS_KEY_ID"
"AWS_SECRET_ACCESS_KEY"
"AWS_REGION"
"AWS_S3_BUCKET"
)
MISSING_SECRETS=()
AVAILABLE_SECRETS=()
for secret in "${SECRETS[@]}"; do
# Check if secret is set (not empty)
if [ -z "${!secret:-}" ]; then
echo "❌ Secret '$secret' is NOT available or empty"
MISSING_SECRETS+=("$secret")
else
echo "✅ Secret '$secret' is available"
AVAILABLE_SECRETS+=("$secret")
fi
done
echo ""
echo "=== Summary ==="
echo "Available secrets: ${#AVAILABLE_SECRETS[@]}"
echo "Missing secrets: ${#MISSING_SECRETS[@]}"
if [ ${#MISSING_SECRETS[@]} -gt 0 ]; then
echo ""
echo "Missing secrets:"
for secret in "${MISSING_SECRETS[@]}"; do
echo " - $secret"
done
echo ""
echo "❌ Some secrets are missing. Please configure them in repository settings."
exit 1
else
echo ""
echo "✅ All required secrets are available!"
fi
env:
GPGSIGN_KEY: ${{ secrets.GPGSIGN_KEY }}
GPGSIGN_PASSPHRASE: ${{ secrets.GPGSIGN_PASSPHRASE }}
DOCKER_CHARTS_PASSWORD: ${{ secrets.DOCKER_CHARTS_PASSWORD }}
DOCKER_CHARTS_USERNAME: ${{ secrets.DOCKER_CHARTS_USERNAME }}
AWS_KEY_ID: ${{ secrets.AWS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.AWS_REGION }}
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}

2
.gitea/workflows/shellcheck.yml
View File

@ -9,6 +9,6 @@ jobs:
shellcheck:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@v4.2.2
- run: apt update --yes && apt install --yes shellcheck
- run: find . -type f -name "*.sh" -exec shellcheck -a {} \;

6
.gitea/workflows/test-pr.yml
View File

@ -10,12 +10,12 @@ on:
env:
# renovate: datasource=github-releases depName=helm-unittest/helm-unittest
HELM_UNITTEST_VERSION: "v0.8.2"
HELM_UNITTEST_VERSION: "v0.7.2"
jobs:
check-and-test:
runs-on: ubuntu-latest
container: alpine/helm:3.18.6
container: alpine/helm:3.17.1
steps:
- name: install tools
run: |
@ -25,7 +25,7 @@ jobs:
uses: pnpm/action-setup@v4
with:
version: 10
- uses: actions/checkout@v5
- uses: actions/checkout@v4
- name: install chart dependencies
run: helm dependency build
- name: lint

1
CODEOWNERS
View File

@ -1 +0,0 @@
* @DaanSelen @volker.raschek @ChristopherHX

15
Chart.yaml
View File

@ -13,18 +13,7 @@ keywords:
sources:
- https://gitea.com/gitea/helm-actions
- https://gitea.com/gitea/act
maintainers:
# https://gitea.com/DaanSelen
- name: Daan Selen
email: dselen@nerthus.nl
# https://gitea.com/volker.raschek
- name: Markus Pesch
email: markus.pesch+apps@cryptic.systems
# https://gitea.com/ChristopherHX
- name: Christopher Homberger
email: christopher.homberger@web.de
# FIXME:
# maintainers:
dependencies: []

8
README.md
View File

@ -6,10 +6,6 @@ The parameters which can be used to customize the deployment are described below
If you want to propose a new feature or mechanism, submit an [issue here](https://gitea.com/gitea/helm-actions/issues).
## Docs
[Docs](./docs/README.md)
## Rootless Defaults
If `.Values.image.rootless: true`, then the following will occur. In case you use `.Values.image.fullOverride`, check that this works in your image:
@ -34,12 +30,12 @@ If `.Values.image.rootless: true`, then the following will occur. In case you us
| `statefulset.affinity` | Affinity for the statefulset | `{}` |
| `statefulset.extraVolumes` | Extra volumes for the statefulset | `[]` |
| `statefulset.actRunner.repository` | The Gitea act runner image | `gitea/act_runner` |
| `statefulset.actRunner.tag` | The Gitea act runner tag | `0.2.13` |
| `statefulset.actRunner.tag` | The Gitea act runner tag | `0.2.11` |
| `statefulset.actRunner.pullPolicy` | The Gitea act runner pullPolicy | `IfNotPresent` |
| `statefulset.actRunner.extraVolumeMounts` | Allows mounting extra volumes in the act runner container | `[]` |
| `statefulset.actRunner.config` | Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details. | `Too complex. See values.yaml` |
| `statefulset.dind.repository` | The Docker-in-Docker image | `docker` |
| `statefulset.dind.tag` | The Docker-in-Docker image tag | `28.3.3-dind` |
| `statefulset.dind.tag` | The Docker-in-Docker image tag | `25.0.2-dind` |
| `statefulset.dind.pullPolicy` | The Docker-in-Docker pullPolicy | `IfNotPresent` |
| `statefulset.dind.extraVolumeMounts` | Allows mounting extra volumes in the Docker-in-Docker container | `[]` |
| `statefulset.dind.extraEnvs` | Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY` | `[]` |

3
docs/README.md
View File

@ -1,3 +0,0 @@
# Gitea Actions Helm Chart Docs
- [Share dind with job container](share-dind-with-job-container.md)

36
docs/share-dind-with-job-container.md
View File

@ -1,36 +0,0 @@
# Share dind with job container
You can weaken isolation and allow jobs to call docker commands.
## Limitations
- Docker bind mounts like `-v /path/on/self/container:/path/to/new/container` do not work, because they are going to mount the path from the dind container
- Docker port expose to local host `-e 80:8080` is not going to work
## Example Values
```yaml
enabled: true
statefulset:
actRunner:
# See full example here: https://gitea.com/gitea/act_runner/src/branch/main/internal/pkg/config/config.example.yaml
config: |
log:
level: debug
cache:
enabled: false
container:
valid_volumes:
- /var/run/docker.sock
options: -v /var/run/docker.sock:/var/run/docker.sock
## Specify an existing token secret
##
existingSecret: "runner-token2"
existingSecretKey: "token"
## Specify the root URL of the Gitea instance
giteaRootURL: "http://192.168.1.2:3000"
```
Now you can run docker commands inside your jobs.

2
package.json
View File

@ -14,6 +14,6 @@
},
"devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.7.0",
"markdownlint-cli": "^0.45.0"
"markdownlint-cli": "^0.44.0"
}
}

231
pnpm-lock.yaml generated
View File

@ -10,29 +10,25 @@ importers:
devDependencies:
'@bitnami/readme-generator-for-helm':
specifier: ^2.7.0
version: 2.7.2
version: 2.7.0
markdownlint-cli:
specifier: ^0.45.0
version: 0.45.0
specifier: ^0.44.0
version: 0.44.0
packages:
'@bitnami/readme-generator-for-helm@2.7.2':
resolution: {integrity: sha512-7eXyJzxQTQj2ajpHlIhadciCCYWOqN8ieaweU25bStHOZowQ2c2CQyjO/bX4gxIf73LoRKxHhEYgLTllJY9SIw==}
'@bitnami/readme-generator-for-helm@2.7.0':
resolution: {integrity: sha512-fVxExmcuJ9NZb9ZE9OW3+lG8pUlXJAJdaO8UukV3A7WzYu4qOTr03MXPH9Gt5e/6mo3x4WYI/cXBksKfS0qn3w==}
hasBin: true
'@isaacs/balanced-match@4.0.1':
resolution: {integrity: sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ==}
engines: {node: 20 || >=22}
'@isaacs/brace-expansion@5.0.0':
resolution: {integrity: sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==}
engines: {node: 20 || >=22}
'@isaacs/cliui@8.0.2':
resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==}
engines: {node: '>=12'}
'@pkgjs/parseargs@0.11.0':
resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==}
engines: {node: '>=14'}
'@types/debug@4.1.12':
resolution: {integrity: sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==}
@ -67,8 +63,11 @@ packages:
balanced-match@1.0.2:
resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==}
brace-expansion@1.1.12:
resolution: {integrity: sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==}
brace-expansion@1.1.11:
resolution: {integrity: sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==}
brace-expansion@2.0.1:
resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==}
character-entities-legacy@3.0.0:
resolution: {integrity: sha512-RpPp0asT/6ufRm//AJVwpViZbGM/MkjQFxJccQRHmISF/22NBtsHqAWmL+/pmkPWoIUJdWyeVleTl1wydHATVQ==}
@ -152,17 +151,16 @@ packages:
fs.realpath@1.0.0:
resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==}
glob@11.0.3:
resolution: {integrity: sha512-2Nim7dha1KVkaiF4q6Dj+ngPPMdfvLJEOpZk/jKiUAkqKebpGAWQXAq9z1xu9HKu5lWfqw/FASuccEjyznjPaA==}
engines: {node: 20 || >=22}
glob@10.4.5:
resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==}
hasBin: true
glob@7.2.3:
resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==}
deprecated: Glob versions prior to v9 are no longer supported
ignore@7.0.5:
resolution: {integrity: sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==}
ignore@7.0.3:
resolution: {integrity: sha512-bAH5jbK/F3T3Jls4I0SO1hmPR0dKU0a7+SY6n1yzRtG54FLO8d6w/nxLFX2Nb7dBu6cCWXPaAME6cYqFUMmuCA==}
engines: {node: '>= 4'}
inflight@1.0.6:
@ -195,9 +193,8 @@ packages:
isexe@2.0.0:
resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==}
jackspeak@4.1.1:
resolution: {integrity: sha512-zptv57P3GpL+O0I7VdMJNBZCu+BPHVQUk55Ft8/QCJjTVxrnJHuVuX/0Bl2A6/+2oyR/ZMEuFKwmzqqZ/U5nPQ==}
engines: {node: 20 || >=22}
jackspeak@3.4.3:
resolution: {integrity: sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==}
js-yaml@4.1.0:
resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==}
@ -220,9 +217,8 @@ packages:
lodash@4.17.21:
resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==}
lru-cache@11.2.1:
resolution: {integrity: sha512-r8LA6i4LP4EeWOhqBaZZjDWwehd1xUJPCJd9Sv300H0ZmcUER4+JPh7bqqZeqs1o5pgtgvXm+d9UGrB5zZGDiQ==}
engines: {node: 20 || >=22}
lru-cache@10.4.3:
resolution: {integrity: sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==}
markdown-it@14.1.0:
resolution: {integrity: sha512-a54IwgWPaeBCAAsv13YgmALOF1elABB08FxO9i+r4VFk5Vl4pKokRPeX8u5TCgSsPi6ec1otfLjdOpVcgbpshg==}
@ -231,23 +227,23 @@ packages:
markdown-table@2.0.0:
resolution: {integrity: sha512-Ezda85ToJUBhM6WGaG6veasyym+Tbs3cMAw/ZhOPqXiYsr0jgocBV3j3nx+4lk47plLlIqjwuTm/ywVI+zjJ/A==}
markdownlint-cli@0.45.0:
resolution: {integrity: sha512-GiWr7GfJLVfcopL3t3pLumXCYs8sgWppjIA1F/Cc3zIMgD3tmkpyZ1xkm1Tej8mw53B93JsDjgA3KOftuYcfOw==}
engines: {node: '>=20'}
markdownlint-cli@0.44.0:
resolution: {integrity: sha512-ZJTAONlvF9NkrIBltCdW15DxN9UTbPiKMEqAh2EU2gwIFlrCMavyCEPPO121cqfYOrLUJWW8/XKWongstmmTeQ==}
engines: {node: '>=18'}
hasBin: true
markdownlint@0.38.0:
resolution: {integrity: sha512-xaSxkaU7wY/0852zGApM8LdlIfGCW8ETZ0Rr62IQtAnUMlMuifsg09vWJcNYeL4f0anvr8Vo4ZQar8jGpV0btQ==}
engines: {node: '>=20'}
markdownlint@0.37.4:
resolution: {integrity: sha512-u00joA/syf3VhWh6/ybVFkib5Zpj2e5KB/cfCei8fkSRuums6nyisTWGqjTWIOFoFwuXoTBQQiqlB4qFKp8ncQ==}
engines: {node: '>=18'}
mdurl@2.0.0:
resolution: {integrity: sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==}
micromark-core-commonmark@2.0.3:
resolution: {integrity: sha512-RDBrHEMSxVFLg6xvnXmb1Ayr2WzLAWjeSATAoxwKYJV94TeNavgoIdA0a9ytzDSVzBy2YKFK+emCPOEibLeCrg==}
micromark-core-commonmark@2.0.2:
resolution: {integrity: sha512-FKjQKbxd1cibWMM1P9N+H8TwlgGgSkWZMmfuVucLCHaYqeSvJ0hFeHsIa65pA2nYbes0f8LDHPMrd9X7Ujxg9w==}
micromark-extension-directive@4.0.0:
resolution: {integrity: sha512-/C2nqVmXXmiseSSuCdItCMho7ybwwop6RrrRPk0KbOHW21JKoCldC+8rFOaundDoRBUWBnJJcxeA/Kvi34WQXg==}
micromark-extension-directive@3.0.2:
resolution: {integrity: sha512-wjcXHgk+PPdmvR58Le9d7zQYWy+vKEU9Se44p2CrCDPiLr2FMyiT4Fyb5UFKFC66wGB3kPlgD7q3TnoqPS7SZA==}
micromark-extension-gfm-autolink-literal@2.1.0:
resolution: {integrity: sha512-oOg7knzhicgQ3t4QCjCWgTmfNhvQbDDnJeVu9v81r7NltNCVmhPy1fJRX27pISafdjL+SVc4d3l48Gb6pbRypw==}
@ -255,8 +251,8 @@ packages:
micromark-extension-gfm-footnote@2.1.0:
resolution: {integrity: sha512-/yPhxI1ntnDNsiHtzLKYnE3vf9JZ6cAisqVDauhp4CEHxlb4uoOTxOCJ+9s51bIB8U1N1FJ1RXOKTIlD5B/gqw==}
micromark-extension-gfm-table@2.1.1:
resolution: {integrity: sha512-t2OU/dXXioARrC6yWfJ4hqB7rct14e8f7m0cbI5hUmDyyIlwv5vEtooptH8INkbLzOatzKuVbQmAYcbWoyz6Dg==}
micromark-extension-gfm-table@2.1.0:
resolution: {integrity: sha512-Ub2ncQv+fwD70/l4ou27b4YzfNaCJOvyX4HxXU15m7mpYY+rjuWzsLIPZHJL253Z643RpbcP1oeIJlQ/SKW67g==}
micromark-extension-math@3.1.0:
resolution: {integrity: sha512-lvEqd+fHjATVs+2v/8kg9i5Q0AP2k85H0WUOwpIVvUML8BapsMvh1XAogmQjOCsLpoKRCVQqEkQBB3NhVBcsOg==}
@ -312,19 +308,19 @@ packages:
micromark-util-symbol@2.0.1:
resolution: {integrity: sha512-vs5t8Apaud9N28kgCrRUdEed4UJ+wWNvicHLPxCa9ENlYuAY31M0ETy5y1vA33YoNPDFTghEbnh6efaE8h4x0Q==}
micromark-util-types@2.0.2:
resolution: {integrity: sha512-Yw0ECSpJoViF1qTU4DC6NwtC4aWGt1EkzaQB8KPPyCRR8z9TWeV0HbEFGTO+ZY1wB22zmxnJqhPyTpOVCpeHTA==}
micromark-util-types@2.0.1:
resolution: {integrity: sha512-534m2WhVTddrcKVepwmVEVnUAmtrx9bfIjNoQHRqfnvdaHQiFytEhJoTgpWJvDEXCO5gLTQh3wYC1PgOJA4NSQ==}
micromark@4.0.2:
resolution: {integrity: sha512-zpe98Q6kvavpCr1NPVSCMebCKfD7CA2NqZ+rykeNhONIJBpc1tFKt9hucLGwha3jNTNI8lHpctWJWoimVF4PfA==}
minimatch@10.0.3:
resolution: {integrity: sha512-IPZ167aShDZZUMdRk66cyQAW3qr0WzbHkPdMYa8bzZhlHhO3jALbKdxcaak7W9FfT2rZNpQuUu4Od7ILEpXSaw==}
engines: {node: 20 || >=22}
micromark@4.0.1:
resolution: {integrity: sha512-eBPdkcoCNvYcxQOAKAlceo5SNdzZWfF+FcSupREAzdAh9rRmE239CEQAiTwIgblwnoM8zzj35sZ5ZwvSEOF6Kw==}
minimatch@3.1.2:
resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==}
minimatch@9.0.5:
resolution: {integrity: sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==}
engines: {node: '>=16 || 14 >=14.17'}
minimist@1.2.8:
resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==}
@ -352,9 +348,9 @@ packages:
resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==}
engines: {node: '>=8'}
path-scurry@2.0.0:
resolution: {integrity: sha512-ypGJsmGtdXUOeM5u93TyeIEfEhM6s+ljAhrk5vAvSx8uyY/02OvrZnA0YNGUrPXfpJMgI1ODd3nwz8Npx4O4cg==}
engines: {node: 20 || >=22}
path-scurry@1.11.1:
resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==}
engines: {node: '>=16 || 14 >=14.18'}
punycode.js@2.3.1:
resolution: {integrity: sha512-uxFIHU0YlHYhDQtV4R9J6a52SLx28BCjT+4ieh7IGbgwVJWO+km431c4yRlREUAsAmt/uMjQUyQHNEPf0M39CA==}
@ -380,8 +376,8 @@ packages:
resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==}
engines: {node: '>=14'}
smol-toml@1.3.4:
resolution: {integrity: sha512-UOPtVuYkzYGee0Bd2Szz8d2G3RfMfJ2t3qVdZUAozZyAk+a0Sxa+QKix0YCwjL/A1RR0ar44nCxaoN9FxdJGwA==}
smol-toml@1.3.1:
resolution: {integrity: sha512-tEYNll18pPKHroYSmLLrksq233j021G0giwW7P3D24jC54pQ5W5BXMsQ/Mvw1OJCmEYDgY+lrzT+3nNUtoNfXQ==}
engines: {node: '>= 18'}
string-width@4.2.3:
@ -423,26 +419,20 @@ packages:
wrappy@1.0.2:
resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==}
yaml@2.8.1:
resolution: {integrity: sha512-lcYcMxX2PO9XMGvAJkJ3OsNMw+/7FKes7/hgerGUYWIoWu5j/+YQqcZr5JnPZWzOsEBgMbSbiSTn/dv/69Mkpw==}
engines: {node: '>= 14.6'}
yaml@2.7.0:
resolution: {integrity: sha512-+hSoy/QHluxmC9kCIJyL/uyFmLmc+e5CFR5Wa+bpIhIj85LVb9ZH2nVnqrHoSvKogwODv0ClqZkmiSSaIH5LTA==}
engines: {node: '>= 14'}
hasBin: true
snapshots:
'@bitnami/readme-generator-for-helm@2.7.2':
'@bitnami/readme-generator-for-helm@2.7.0':
dependencies:
commander: 13.1.0
dot-object: 2.1.5
lodash: 4.17.21
markdown-table: 2.0.0
yaml: 2.8.1
'@isaacs/balanced-match@4.0.1': {}
'@isaacs/brace-expansion@5.0.0':
dependencies:
'@isaacs/balanced-match': 4.0.1
yaml: 2.7.0
'@isaacs/cliui@8.0.2':
dependencies:
@ -453,6 +443,9 @@ snapshots:
wrap-ansi: 8.1.0
wrap-ansi-cjs: wrap-ansi@7.0.0
'@pkgjs/parseargs@0.11.0':
optional: true
'@types/debug@4.1.12':
dependencies:
'@types/ms': 2.1.0
@ -477,11 +470,15 @@ snapshots:
balanced-match@1.0.2: {}
brace-expansion@1.1.12:
brace-expansion@1.1.11:
dependencies:
balanced-match: 1.0.2
concat-map: 0.0.1
brace-expansion@2.0.1:
dependencies:
balanced-match: 1.0.2
character-entities-legacy@3.0.0: {}
character-entities@2.0.2: {}
@ -544,14 +541,14 @@ snapshots:
fs.realpath@1.0.0: {}
glob@11.0.3:
glob@10.4.5:
dependencies:
foreground-child: 3.3.1
jackspeak: 4.1.1
minimatch: 10.0.3
jackspeak: 3.4.3
minimatch: 9.0.5
minipass: 7.1.2
package-json-from-dist: 1.0.1
path-scurry: 2.0.0
path-scurry: 1.11.1
glob@7.2.3:
dependencies:
@ -562,7 +559,7 @@ snapshots:
once: 1.4.0
path-is-absolute: 1.0.1
ignore@7.0.5: {}
ignore@7.0.3: {}
inflight@1.0.6:
dependencies:
@ -588,9 +585,11 @@ snapshots:
isexe@2.0.0: {}
jackspeak@4.1.1:
jackspeak@3.4.3:
dependencies:
'@isaacs/cliui': 8.0.2
optionalDependencies:
'@pkgjs/parseargs': 0.11.0
js-yaml@4.1.0:
dependencies:
@ -610,7 +609,7 @@ snapshots:
lodash@4.17.21: {}
lru-cache@11.2.1: {}
lru-cache@10.4.3: {}
markdown-it@14.1.0:
dependencies:
@ -625,38 +624,38 @@ snapshots:
dependencies:
repeat-string: 1.6.1
markdownlint-cli@0.45.0:
markdownlint-cli@0.44.0:
dependencies:
commander: 13.1.0
glob: 11.0.3
ignore: 7.0.5
glob: 10.4.5
ignore: 7.0.3
js-yaml: 4.1.0
jsonc-parser: 3.3.1
jsonpointer: 5.0.1
markdown-it: 14.1.0
markdownlint: 0.38.0
minimatch: 10.0.3
markdownlint: 0.37.4
minimatch: 9.0.5
run-con: 1.3.2
smol-toml: 1.3.4
smol-toml: 1.3.1
transitivePeerDependencies:
- supports-color
markdownlint@0.38.0:
markdownlint@0.37.4:
dependencies:
micromark: 4.0.2
micromark-core-commonmark: 2.0.3
micromark-extension-directive: 4.0.0
markdown-it: 14.1.0
micromark: 4.0.1
micromark-core-commonmark: 2.0.2
micromark-extension-directive: 3.0.2
micromark-extension-gfm-autolink-literal: 2.1.0
micromark-extension-gfm-footnote: 2.1.0
micromark-extension-gfm-table: 2.1.1
micromark-extension-gfm-table: 2.1.0
micromark-extension-math: 3.1.0
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
transitivePeerDependencies:
- supports-color
mdurl@2.0.0: {}
micromark-core-commonmark@2.0.3:
micromark-core-commonmark@2.0.2:
dependencies:
decode-named-character-reference: 1.1.0
devlop: 1.1.0
@ -673,16 +672,16 @@ snapshots:
micromark-util-resolve-all: 2.0.1
micromark-util-subtokenize: 2.1.0
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-extension-directive@4.0.0:
micromark-extension-directive@3.0.2:
dependencies:
devlop: 1.1.0
micromark-factory-space: 2.0.1
micromark-factory-whitespace: 2.0.1
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
parse-entities: 4.0.2
micromark-extension-gfm-autolink-literal@2.1.0:
@ -690,26 +689,26 @@ snapshots:
micromark-util-character: 2.1.1
micromark-util-sanitize-uri: 2.0.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-extension-gfm-footnote@2.1.0:
dependencies:
devlop: 1.1.0
micromark-core-commonmark: 2.0.3
micromark-core-commonmark: 2.0.2
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-normalize-identifier: 2.0.1
micromark-util-sanitize-uri: 2.0.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-extension-gfm-table@2.1.1:
micromark-extension-gfm-table@2.1.0:
dependencies:
devlop: 1.1.0
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-extension-math@3.1.0:
dependencies:
@ -719,44 +718,44 @@ snapshots:
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-factory-destination@2.0.1:
dependencies:
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-factory-label@2.0.1:
dependencies:
devlop: 1.1.0
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-factory-space@2.0.1:
dependencies:
micromark-util-character: 2.1.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-factory-title@2.0.1:
dependencies:
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-factory-whitespace@2.0.1:
dependencies:
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-character@2.1.1:
dependencies:
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-chunked@2.0.1:
dependencies:
@ -766,12 +765,12 @@ snapshots:
dependencies:
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-combine-extensions@2.0.1:
dependencies:
micromark-util-chunked: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-decode-numeric-character-reference@2.0.2:
dependencies:
@ -787,7 +786,7 @@ snapshots:
micromark-util-resolve-all@2.0.1:
dependencies:
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-sanitize-uri@2.0.1:
dependencies:
@ -800,19 +799,19 @@ snapshots:
devlop: 1.1.0
micromark-util-chunked: 2.0.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-symbol@2.0.1: {}
micromark-util-types@2.0.2: {}
micromark-util-types@2.0.1: {}
micromark@4.0.2:
micromark@4.0.1:
dependencies:
'@types/debug': 4.1.12
debug: 4.4.0
decode-named-character-reference: 1.1.0
devlop: 1.1.0
micromark-core-commonmark: 2.0.3
micromark-core-commonmark: 2.0.2
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-chunked: 2.0.1
@ -824,17 +823,17 @@ snapshots:
micromark-util-sanitize-uri: 2.0.1
micromark-util-subtokenize: 2.1.0
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
transitivePeerDependencies:
- supports-color
minimatch@10.0.3:
dependencies:
'@isaacs/brace-expansion': 5.0.0
minimatch@3.1.2:
dependencies:
brace-expansion: 1.1.12
brace-expansion: 1.1.11
minimatch@9.0.5:
dependencies:
brace-expansion: 2.0.1
minimist@1.2.8: {}
@ -862,9 +861,9 @@ snapshots:
path-key@3.1.1: {}
path-scurry@2.0.0:
path-scurry@1.11.1:
dependencies:
lru-cache: 11.2.1
lru-cache: 10.4.3
minipass: 7.1.2
punycode.js@2.3.1: {}
@ -886,7 +885,7 @@ snapshots:
signal-exit@4.1.0: {}
smol-toml@1.3.4: {}
smol-toml@1.3.1: {}
string-width@4.2.3:
dependencies:
@ -930,4 +929,4 @@ snapshots:
wrappy@1.0.2: {}
yaml@2.8.1: {}
yaml@2.7.0: {}

14
renovate.json5
View File

@ -9,19 +9,19 @@
labels: [
'kind/dependency',
],
digest: {
automerge: true,
"digest": {
"automerge": true
},
automergeStrategy: 'squash',
'git-submodules': {
enabled: true,
'enabled': true
},
customManagers: [
{
description: 'Gitea-version of https://docs.renovatebot.com/presets-regexManagers/#regexmanagersgithubactionsversions',
customType: 'regex',
managerFilePatterns: [
'/.gitea/workflows/.+\\.ya?ml$/',
fileMatch: [
'.gitea/workflows/.+\\.ya?ml$',
],
matchStrings: [
'# renovate: datasource=(?<datasource>[a-z-.]+?) depName=(?<depName>[^\\s]+?)(?: (?:lookupName|packageName)=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?<currentValue>.+?)["\']?\\s',
@ -30,9 +30,7 @@
{
description: 'Detect helm-unittest yaml schema file',
customType: 'regex',
managerFilePatterns: [
'/.vscode/settings\\.json$/',
],
fileMatch: ['.vscode/settings\\.json$'],
matchStrings: [
'https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json',
],

8
templates/statefulset.yaml
View File

@ -54,7 +54,7 @@ spec:
- name: DOCKER_TLS_VERIFY
value: "1"
- name: DOCKER_CERT_PATH
value: /certs/client
value: /certs/server
- name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom:
secretKeyRef:
@ -70,7 +70,7 @@ spec:
- mountPath: /actrunner/config.yaml
name: act-runner-config
subPath: config.yaml
- mountPath: /certs/client
- mountPath: /certs/server
name: docker-certs
- mountPath: /data
name: data-act-runner
@ -86,7 +86,7 @@ spec:
- name: DOCKER_TLS_VERIFY
value: "1"
- name: DOCKER_CERT_PATH
value: /certs/client
value: /certs/server
{{- if .Values.statefulset.dind.extraEnvs }}
{{- toYaml .Values.statefulset.dind.extraEnvs | nindent 12 }}
{{- end }}
@ -95,7 +95,7 @@ spec:
resources:
{{- toYaml .Values.statefulset.resources | nindent 12 }}
volumeMounts:
- mountPath: /certs/client
- mountPath: /certs/server
name: docker-certs
{{- with .Values.statefulset.dind.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}

2
unittests/helm/statefulset.yaml
View File

@ -69,7 +69,7 @@ tests:
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.metadata.annotations["checksum/config"]
value: "2bafbf04b3c4293c8ddf895ae3d908e14176ee54a6c724c8cf5b2a1e43c6ece7"
value: "7566d9c60261bf8cbff6a6936fc7aead96cec540d8c793d142a5ad4664c56ba5"
- it: renders a StatefulSet http (with correct GITEA_INSTANCE_URL env from giteaRootURL)
template: templates/statefulset.yaml
set:

7
values.yaml
View File

@ -39,7 +39,7 @@ statefulset:
actRunner:
repository: gitea/act_runner
tag: 0.2.13
tag: 0.2.11
pullPolicy: IfNotPresent
extraVolumeMounts: []
@ -49,13 +49,10 @@ statefulset:
level: debug
cache:
enabled: false
container:
require_docker: true
docker_timeout: 300s
dind:
repository: docker
tag: 28.3.3-dind
tag: 25.0.2-dind
pullPolicy: IfNotPresent
extraVolumeMounts: []