1 Commits

Author SHA1 Message Date
3e7e1287d1 chore(deps): update lockfiles 2026-05-21 00:04:22 +00:00
16 changed files with 153 additions and 164 deletions

View File

@ -8,12 +8,12 @@ on:
jobs: jobs:
changelog: changelog:
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: docker.io/thegeeklab/git-sv:2.1.3 container: docker.io/thegeeklab/git-sv:2.1.1
steps: steps:
- name: install tools - name: install tools
run: | run: |
apk add -q --update --no-cache nodejs curl jq sed apk add -q --update --no-cache nodejs curl jq sed
- uses: actions/checkout@v7 - uses: actions/checkout@v6
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Generate upcoming changelog - name: Generate upcoming changelog

View File

@ -11,9 +11,9 @@ on:
jobs: jobs:
check-and-test: check-and-test:
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: commitlint/commitlint:21.2.0 container: commitlint/commitlint:21.0.1
steps: steps:
- uses: actions/checkout@v7 - uses: actions/checkout@v6
- name: check PR title - name: check PR title
run: | run: |
echo "${{ gitea.event.pull_request.title }}" | commitlint --config .commitlintrc.json echo "${{ gitea.event.pull_request.title }}" | commitlint --config .commitlintrc.json

View File

@ -7,13 +7,13 @@ on:
env: env:
# renovate: datasource=docker depName=alpine/helm # renovate: datasource=docker depName=alpine/helm
HELM_VERSION: "4.2.2" HELM_VERSION: "4.2.0"
jobs: jobs:
generate-chart-publish: generate-chart-publish:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v7 - uses: actions/checkout@v6
- name: install Docker CLI - name: install Docker CLI
uses: https://github.com/docker/setup-buildx-action@v4 # Gitea uses: https://github.com/docker/setup-buildx-action@v4 # Gitea
@ -52,11 +52,12 @@ jobs:
run: | run: |
# Install Helm GPG plugin # Install Helm GPG plugin
helm plugin install https://github.com/technosophos/helm-gpg.git --verify=false helm plugin install https://github.com/technosophos/helm-gpg.git --verify=false
helm dependency build
helm package --version "${GITHUB_REF#refs/tags/v}" ./
# Package the chart # Package the chart
mkdir ./actions mkdir actions
helm dependency build mv actions*.tgz actions/
helm package --version "${GITHUB_REF#refs/tags/v}" --destination ./actions ./
curl -s -L -o actions/index.yaml https://dl.gitea.com/charts/index.yaml curl -s -L -o actions/index.yaml https://dl.gitea.com/charts/index.yaml
helm repo index actions/ --url https://dl.gitea.com/charts --merge actions/index.yaml helm repo index actions/ --url https://dl.gitea.com/charts --merge actions/index.yaml

View File

@ -9,6 +9,6 @@ jobs:
shellcheck: shellcheck:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v7 - uses: actions/checkout@v6
- run: apt update --yes && apt install --yes shellcheck - run: apt update --yes && apt install --yes shellcheck
- run: find . -type f -name "*.sh" -exec shellcheck -a {} \; - run: find . -type f -name "*.sh" -exec shellcheck -a {} \;

View File

@ -11,12 +11,12 @@ name: check-and-test
env: env:
# renovate: datasource=github-releases depName=helm-unittest/helm-unittest # renovate: datasource=github-releases depName=helm-unittest/helm-unittest
HELM_UNITTEST_VERSION: "v1.1.1" HELM_UNITTEST_VERSION: "v1.1.0"
jobs: jobs:
check-and-test: check-and-test:
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: alpine/helm:4.2.2 container: alpine/helm:4.2.0
steps: steps:
- name: install tools - name: install tools
run: | run: |
@ -26,7 +26,7 @@ jobs:
uses: pnpm/action-setup@v6 uses: pnpm/action-setup@v6
with: with:
version: 11 version: 11
- uses: actions/checkout@v7 - uses: actions/checkout@v6
- name: install chart dependencies - name: install chart dependencies
run: helm dependency build run: helm dependency build
- name: lint - name: lint

View File

@ -1,6 +1,6 @@
apiVersion: v2 apiVersion: v2
name: actions name: gitea-actions
description: Gitea Actions Helm chart for Kubernetes description: Gitea Actions chart for Kubernetes
type: application type: application
version: 0.1.1 version: 0.1.1
# renovate datasource=gitea-releases depName=gitea/runner extractVersion=^v(?<version>.*)$ # renovate datasource=gitea-releases depName=gitea/runner extractVersion=^v(?<version>.*)$

View File

@ -29,16 +29,6 @@ Deploy with your values, make sure the path is correct:
helm upgrade --install gitea-actions gitea-charts/actions -f values.yaml helm upgrade --install gitea-actions gitea-charts/actions -f values.yaml
``` ```
Alternatively:
```sh
helm upgrade --install gitea-actions gitea-charts/actions \
--set enabled=true \
--set giteaRootURL=https://gitea.com \
--set existingSecret=foo \
--set existingSecretKey=bar
```
You should be good to go! You should be good to go!
### Runner Token Secret Template ### Runner Token Secret Template
@ -85,7 +75,7 @@ If `.Values.statefulset.dind.rootless: true` is set, then the following will be
| `statefulset.persistence.size` | Size for persistence to store Gitea Runner data | `1Gi` | | `statefulset.persistence.size` | Size for persistence to store Gitea Runner data | `1Gi` |
| `statefulset.runner.registry` | image registry, e.g. gcr.io,docker.io | `docker.gitea.com` | | `statefulset.runner.registry` | image registry, e.g. gcr.io,docker.io | `docker.gitea.com` |
| `statefulset.runner.repository` | The Gitea Runner image | `runner` | | `statefulset.runner.repository` | The Gitea Runner image | `runner` |
| `statefulset.runner.tag` | The Gitea Runner tag | `2.0.1` | | `statefulset.runner.tag` | The Gitea Runner tag | `1.0.4` |
| `statefulset.runner.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | | `statefulset.runner.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` |
| `statefulset.runner.pullPolicy` | The Gitea Runner pullPolicy | `IfNotPresent` | | `statefulset.runner.pullPolicy` | The Gitea Runner pullPolicy | `IfNotPresent` |
| `statefulset.runner.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` | | `statefulset.runner.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` |
@ -97,7 +87,7 @@ If `.Values.statefulset.dind.rootless: true` is set, then the following will be
| `statefulset.dind.uid` | a field to set the running user id for the rootless dind container, so it knows where to look for the socket | `""` | | `statefulset.dind.uid` | a field to set the running user id for the rootless dind container, so it knows where to look for the socket | `""` |
| `statefulset.dind.registry` | image registry, e.g. gcr.io,docker.io | `docker.io` | | `statefulset.dind.registry` | image registry, e.g. gcr.io,docker.io | `docker.io` |
| `statefulset.dind.repository` | The Docker-in-Docker image | `docker` | | `statefulset.dind.repository` | The Docker-in-Docker image | `docker` |
| `statefulset.dind.tag` | The Docker-in-Docker image tag | `29.5.2-dind` | | `statefulset.dind.tag` | The Docker-in-Docker image tag | `29.5.1-dind` |
| `statefulset.dind.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | | `statefulset.dind.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` |
| `statefulset.dind.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` | | `statefulset.dind.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` |
| `statefulset.dind.pullPolicy` | The Docker-in-Docker pullPolicy | `IfNotPresent` | | `statefulset.dind.pullPolicy` | The Docker-in-Docker pullPolicy | `IfNotPresent` |
@ -108,15 +98,13 @@ If `.Values.statefulset.dind.rootless: true` is set, then the following will be
### Gitea Actions Init ### Gitea Actions Init
| Name | Description | Value | | Name | Description | Value |
| ----------------------------------- | ---------------------------------------------------------------------------------------------------------- | -------------- | | ------------------------- | ---------------------------------------------------------------------------------------------------------- | -------------- |
| `init.image.registry` | Image registry, e.g. gcr.io,docker.io | `""` | | `init.image.registry` | image registry, e.g. gcr.io,docker.io | `""` |
| `init.image.repository` | The init image (default: busyboxy but can be changed to alpine e.g.) | `busybox` | | `init.image.repository` | The init image | `busybox` |
| `init.image.tag` | The init image tag | `1.38.0` | | `init.image.tag` | the init image tag | `1.37.0` |
| `init.image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | | `init.image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` |
| `init.image.pullPolicy` | The init image pullPolicy | `IfNotPresent` | | `init.image.pullPolicy` | The init image pullPolicy | `IfNotPresent` |
| `init.image.fullOverride` | Completely overrides the image registry, path/image, tag and digest | `""` | | `init.image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` |
| `init.connectionCommandOverride` | Possiblity to change the command with which the container tests its connection to the Gitea server | `""` |
| `init.preConnectionCommandOverride` | Possibility to add commands that happen before the connection test loop | `""` |
### Runner Token Secret Configuration ### Runner Token Secret Configuration

View File

@ -1,3 +1,3 @@
# Gitea Actions Helm Chart Docs # Gitea Actions Helm Chart Docs
- [connectionCommandOverride explanation](./connectionCommandOverride.md) - [Share dind with job container](share-dind-with-job-container.md)

31
docs/actions-dev.md Normal file
View File

@ -0,0 +1,31 @@
# Gitea Actions
In order to use the Gitea Actions act-runner you must either:
- enable persistence (used for automatic deployment to be able to store the token in a place accessible for the Job)
- create a secret containing the act runner token and reference it as a `existingSecret`
In order to use Gitea Actions, you must log on the server that's running Gitea and run the command:
`gitea actions generate-runner-token`
This command will out a token that is needed by the act-runner to register with the Gitea backend.
Because this is a manual operation, we automated this using a Kubernetes Job using the following containers:
1) `actions-token-create`: it uses the current `gitea-rootless` image, mounts the persistent directory to `/data/` then it saves the output from `gitea actions generate-runner-token` to `/data/actions/token`
2) `actions-token-upload`: it uses a `bitnami/kubectl` image, mounts the scripts directory (`/scripts`) and
the persistent directory (`/data/`), and using the script from `/scripts/token.sh` stores the token in a Kubernetes secret
After the token is stored in a Kubernetes secret we can create the statefulset that contains the following containers:
1) `act-runner`: authenticates with Gitea using the token that was stored in the secret
2) `dind`: DockerInDocker image that is used to run the actions
If you are not using persistent volumes, you cannot use the Job to automatically generate the token.
In this case, you can use either the Web UI to generate the token or run a shell into a Gitea pod and invoke
the command `gitea actions generate-runner-token`. After generating the token, you must create a secret and use it via:
```yaml
existingSecret: "secret-name"
existingSecretKey: "secret-key"
```

View File

@ -1,48 +0,0 @@
# Using a custom connectionCommand
By default, before the container starts it tries to reach the given giteaRootURL.
Normally this is done by the busybox image using the wget binary.
However, due to [Issue #162](https://gitea.com/gitea/helm-actions/issues/162) there has been a change made where we can customize that command.
Using the `values.yaml` file by default it calls `wget --spider --no-check-certificate <your giteaRootURL>` with a timeout of 10 seconds.
But with a custom init section like detailed below we can make our check compliant with whatever certificate you have.
Assuming:
```yaml
enabled: true
giteaRootURL: https://gitea.com
existingSecret: foo
existingSecretKey: bar
init:
image:
registry: ""
repository: alpine
# Overrides the image tag whose default is the chart appVersion.
tag: "3.24"
digest: ""
pullPolicy: IfNotPresent
fullOverride: ""
connectionCommandOverride: "curl -I"
preConnectionCommandOverride: "apk add curl"
```
This now creates the following template section:
```yaml
- name: init-gitea
image: "alpine:latest"
command:
- sh
- -c
- |
apk add curl
echo 'Trying to reach Gitea on https://gitea.com'
until timeout 10 curl -I https://gitea.com; do
sleep 3
echo "Trying again in 3 seconds..."
done
echo "Gitea has been reached!"
```

View File

@ -0,0 +1,30 @@
# Share dind with job container
You can weaken isolation and allow jobs to call docker commands.
## Limitations
-
## Example Values
```yaml
config: |
log:
level: debug
cache:
enabled: false
container:
require_docker: true
docker_timeout: 300s
## Specify an existing token secret
##
existingSecret: "runner-token2"
existingSecretKey: "token"
## Specify the root URL of the Gitea instance
giteaRootURL: "http://192.168.1.2:3000"
```
Now you can run docker commands inside your jobs.

View File

@ -14,6 +14,6 @@
}, },
"devDependencies": { "devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.7.0", "@bitnami/readme-generator-for-helm": "^2.7.0",
"markdownlint-cli": "^0.49.0" "markdownlint-cli": "^0.48.0"
} }
} }

110
pnpm-lock.yaml generated
View File

@ -12,8 +12,8 @@ importers:
specifier: ^2.7.0 specifier: ^2.7.0
version: 2.7.2 version: 2.7.2
markdownlint-cli: markdownlint-cli:
specifier: ^0.49.0 specifier: ^0.48.0
version: 0.49.0 version: 0.48.0
packages: packages:
@ -47,11 +47,11 @@ packages:
resolution: {integrity: sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==} resolution: {integrity: sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==}
engines: {node: 18 || 20 || >=22} engines: {node: 18 || 20 || >=22}
brace-expansion@1.1.16: brace-expansion@1.1.14:
resolution: {integrity: sha512-IDw48K2/2kRkg9LdJxurvq3lV3aBgq0REY89duEqFRthjlPdXHKMj7EnQOXVckxzgisinf3nHfrcE2FufFLXMw==} resolution: {integrity: sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==}
brace-expansion@5.0.7: brace-expansion@5.0.6:
resolution: {integrity: sha512-7oFy703dxfY3/NLxC1fh2SUCQ0H9rmAY+5EpDVfXjUTTs+HEwR2nYaqLv+GWcTsumwxPfiz6CzCNkwXwBUwqCA==} resolution: {integrity: sha512-kLpxurY4Z4r9sgMsyG0Z9uzsBlgiU/EFKhj/h91/8yHu0edo7XuixOIH3VcJ8kkxs6/jPzoI6U9Vj3WqbMQ94g==}
engines: {node: 18 || 20 || >=22} engines: {node: 18 || 20 || >=22}
character-entities-legacy@3.0.0: character-entities-legacy@3.0.0:
@ -67,9 +67,9 @@ packages:
resolution: {integrity: sha512-/rFeCpNJQbhSZjGVwO9RFV3xPqbnERS8MmIQzCtD/zl6gpJuV/bMLuN92oG3F7d8oDEHHRrujSXNUr8fpjntKw==} resolution: {integrity: sha512-/rFeCpNJQbhSZjGVwO9RFV3xPqbnERS8MmIQzCtD/zl6gpJuV/bMLuN92oG3F7d8oDEHHRrujSXNUr8fpjntKw==}
engines: {node: '>=18'} engines: {node: '>=18'}
commander@15.0.0: commander@14.0.3:
resolution: {integrity: sha512-z67u4ZhzCL/Tydu1lJARtEZYWbWaN7oYLHbsuzocr6y4N6WZAagG3RQ4FW61V1/0+jImpj293XfrcYnd1qxtPg==} resolution: {integrity: sha512-H+y0Jo/T1RZ9qPP4Eh1pkcQcLRglraJaSLoyOtHxu6AapkjWVCy2Sit1QQ4x3Dng8qDlSsZEet7g5Pq06MvTgw==}
engines: {node: '>=22.12.0'} engines: {node: '>=20'}
commander@6.2.1: commander@6.2.1:
resolution: {integrity: sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA==} resolution: {integrity: sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA==}
@ -133,8 +133,8 @@ packages:
resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==}
deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
ignore@7.0.6: ignore@7.0.5:
resolution: {integrity: sha512-BAg6QkE8W+TuQLrrw0Ugr7HegXduRuuj8/ti2kSOc+jz1dmx8/WNcjr6XGnq5YpDWxFwwaavqD0+jIUOKelTsw==} resolution: {integrity: sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==}
engines: {node: '>= 4'} engines: {node: '>= 4'}
inflight@1.0.6: inflight@1.0.6:
@ -160,8 +160,8 @@ packages:
is-hexadecimal@2.0.1: is-hexadecimal@2.0.1:
resolution: {integrity: sha512-DgZQp241c8oO6cA1SbTEWiXeoxV42vlcJxgH+B3hi1AiqqKruZR3ZGF8In3fj4+/y/7rHvlOZLZtgJ/4ttYGZg==} resolution: {integrity: sha512-DgZQp241c8oO6cA1SbTEWiXeoxV42vlcJxgH+B3hi1AiqqKruZR3ZGF8In3fj4+/y/7rHvlOZLZtgJ/4ttYGZg==}
js-yaml@4.2.0: js-yaml@4.1.1:
resolution: {integrity: sha512-ePWsvanv0DWuDRsW8dnt+R4jQ31SCRCQ7hhNcPXZPsoBZiemuZNYGf7adZdqX2D86j6rvKp3RpCxVTSb8WQlOw==} resolution: {integrity: sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==}
hasBin: true hasBin: true
jsonc-parser@3.3.1: jsonc-parser@3.3.1:
@ -175,27 +175,27 @@ packages:
resolution: {integrity: sha512-Eeo8Ys1doU1z+x8AZsPpQu+p/QcZBI5PeOo7QGQdy2x2m0MU/hYagBbGOmXwr5KVbEfVuWv9LpnQWeehogurjg==} resolution: {integrity: sha512-Eeo8Ys1doU1z+x8AZsPpQu+p/QcZBI5PeOo7QGQdy2x2m0MU/hYagBbGOmXwr5KVbEfVuWv9LpnQWeehogurjg==}
hasBin: true hasBin: true
linkify-it@5.0.2: linkify-it@5.0.0:
resolution: {integrity: sha512-ONTm2jCMAVZjgQa/Fy1kScXsuOoF5NPTsoFBdE1KVIZ2vAh/r9+Bqo+0jINCBYnavTPQZz38QzFTme79ENoN3Q==} resolution: {integrity: sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==}
lodash@4.18.1: lodash@4.18.1:
resolution: {integrity: sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==} resolution: {integrity: sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q==}
markdown-it@14.2.0: markdown-it@14.1.1:
resolution: {integrity: sha512-1TGiQiJVRQ3NPmZH6sx5Cfnmg6GQm9jvC1ch4TK511NjSJvjzKLzn5pPfZRNZkRPZP0HqCioSndqH8v2nRaWVQ==} resolution: {integrity: sha512-BuU2qnTti9YKgK5N+IeMubp14ZUKUUw7yeJbkjtosvHiP0AZ5c8IAgEMk79D0eC8F23r4Ac/q8cAIFdm2FtyoA==}
hasBin: true hasBin: true
markdown-table@2.0.0: markdown-table@2.0.0:
resolution: {integrity: sha512-Ezda85ToJUBhM6WGaG6veasyym+Tbs3cMAw/ZhOPqXiYsr0jgocBV3j3nx+4lk47plLlIqjwuTm/ywVI+zjJ/A==} resolution: {integrity: sha512-Ezda85ToJUBhM6WGaG6veasyym+Tbs3cMAw/ZhOPqXiYsr0jgocBV3j3nx+4lk47plLlIqjwuTm/ywVI+zjJ/A==}
markdownlint-cli@0.49.0: markdownlint-cli@0.48.0:
resolution: {integrity: sha512-vS5tWq5W91Gg33LD4pyAaXPclnz/sRvo6/RGOyDQjQ3eds2DkK6H4szUuE0M9TiRB/u/VBx1gtd9Ktrtx5WlSA==} resolution: {integrity: sha512-NkZQNu2E0Q5qLEEHwWj674eYISTLD4jMHkBzDobujXd1kv+yCxi8jOaD/rZoQNW1FBBMMGQpuW5So8B51N/e0A==}
engines: {node: '>=22'} engines: {node: '>=20'}
hasBin: true hasBin: true
markdownlint@0.41.0: markdownlint@0.40.0:
resolution: {integrity: sha512-xMUI3ChBuRuxuLF4ENvCZyS8z/+Jly1coUcZwErKLIB3sDj7ojpaTBa1e9YVPhSN4jGEIjYGQCldbTJS/hqS+A==} resolution: {integrity: sha512-UKybllYNheWac61Ia7T6fzuQNDZimFIpCg2w6hHjgV1Qu0w1TV0LlSgryUGzM0bkKQCBhy2FDhEELB73Kb0kAg==}
engines: {node: '>=22'} engines: {node: '>=20'}
mdurl@2.0.0: mdurl@2.0.0:
resolution: {integrity: sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==} resolution: {integrity: sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==}
@ -298,8 +298,8 @@ packages:
resolution: {integrity: sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==} resolution: {integrity: sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==}
engines: {node: '>=0.10.0'} engines: {node: '>=0.10.0'}
picomatch@4.0.5: picomatch@4.0.4:
resolution: {integrity: sha512-RvwwcruNjI1ncT5xRakeyS9Lf8lcItv34KD+aif+VH9kduAyfYBipGh12274xtenIPZ119/R9BdTBa8gAwSh0A==} resolution: {integrity: sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==}
engines: {node: '>=12'} engines: {node: '>=12'}
punycode.js@2.3.1: punycode.js@2.3.1:
@ -318,8 +318,8 @@ packages:
resolution: {integrity: sha512-dWUG8F5sIIARXih1DTaQAX4SsiTXhInKf1buxdY9DIg4ZYPZK5nGM1VRIYmEbDbsHt7USo99xSLFu5Q1IqTmsg==} resolution: {integrity: sha512-dWUG8F5sIIARXih1DTaQAX4SsiTXhInKf1buxdY9DIg4ZYPZK5nGM1VRIYmEbDbsHt7USo99xSLFu5Q1IqTmsg==}
engines: {node: '>= 18'} engines: {node: '>= 18'}
string-width@8.2.1: string-width@8.1.0:
resolution: {integrity: sha512-IIaP0g3iy9Cyy18w3M9YcaDudujEAVHKt3a3QJg1+sr/oX96TbaGUubG0hJyCjCBThFH+tFpcIyoUHUn1ogaLA==} resolution: {integrity: sha512-Kxl3KJGb/gxkaUMOjRsQ8IrXiGW75O4E3RPjFIINOVH8AMl2SQ/yWdTzWwF3FevIX9LcMAjJW+GRwAlAbTSXdg==}
engines: {node: '>=20'} engines: {node: '>=20'}
strip-ansi@7.2.0: strip-ansi@7.2.0:
@ -330,8 +330,8 @@ packages:
resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==}
engines: {node: '>=8'} engines: {node: '>=8'}
tinyglobby@0.2.17: tinyglobby@0.2.16:
resolution: {integrity: sha512-wXR/dYpcqKmfWpEdZjiKJOwCNFndD0DMnrW/cYjVGttEkBfVgcLFHoNrlj47mjOVic9yyNu65alsgF4NQyTa2g==} resolution: {integrity: sha512-pn99VhoACYR8nFHhxqix+uvsbXineAasWm5ojXoN8xEwK5Kd3/TrhNn1wByuD52UxWRLy8pu+kRMniEi6Eq9Zg==}
engines: {node: '>=12.0.0'} engines: {node: '>=12.0.0'}
uc.micro@2.1.0: uc.micro@2.1.0:
@ -373,12 +373,12 @@ snapshots:
balanced-match@4.0.4: {} balanced-match@4.0.4: {}
brace-expansion@1.1.16: brace-expansion@1.1.14:
dependencies: dependencies:
balanced-match: 1.0.2 balanced-match: 1.0.2
concat-map: 0.0.1 concat-map: 0.0.1
brace-expansion@5.0.7: brace-expansion@5.0.6:
dependencies: dependencies:
balanced-match: 4.0.4 balanced-match: 4.0.4
@ -390,7 +390,7 @@ snapshots:
commander@13.1.0: {} commander@13.1.0: {}
commander@15.0.0: {} commander@14.0.3: {}
commander@6.2.1: {} commander@6.2.1: {}
@ -421,9 +421,9 @@ snapshots:
entities@4.5.0: {} entities@4.5.0: {}
fdir@6.5.0(picomatch@4.0.5): fdir@6.5.0(picomatch@4.0.4):
optionalDependencies: optionalDependencies:
picomatch: 4.0.5 picomatch: 4.0.4
fs.realpath@1.0.0: {} fs.realpath@1.0.0: {}
@ -438,7 +438,7 @@ snapshots:
once: 1.4.0 once: 1.4.0
path-is-absolute: 1.0.1 path-is-absolute: 1.0.1
ignore@7.0.6: {} ignore@7.0.5: {}
inflight@1.0.6: inflight@1.0.6:
dependencies: dependencies:
@ -460,7 +460,7 @@ snapshots:
is-hexadecimal@2.0.1: {} is-hexadecimal@2.0.1: {}
js-yaml@4.2.0: js-yaml@4.1.1:
dependencies: dependencies:
argparse: 2.0.1 argparse: 2.0.1
@ -472,17 +472,17 @@ snapshots:
dependencies: dependencies:
commander: 8.3.0 commander: 8.3.0
linkify-it@5.0.2: linkify-it@5.0.0:
dependencies: dependencies:
uc.micro: 2.1.0 uc.micro: 2.1.0
lodash@4.18.1: {} lodash@4.18.1: {}
markdown-it@14.2.0: markdown-it@14.1.1:
dependencies: dependencies:
argparse: 2.0.1 argparse: 2.0.1
entities: 4.5.0 entities: 4.5.0
linkify-it: 5.0.2 linkify-it: 5.0.0
mdurl: 2.0.0 mdurl: 2.0.0
punycode.js: 2.3.1 punycode.js: 2.3.1
uc.micro: 2.1.0 uc.micro: 2.1.0
@ -491,24 +491,24 @@ snapshots:
dependencies: dependencies:
repeat-string: 1.6.1 repeat-string: 1.6.1
markdownlint-cli@0.49.0: markdownlint-cli@0.48.0:
dependencies: dependencies:
commander: 15.0.0 commander: 14.0.3
deep-extend: 0.6.0 deep-extend: 0.6.0
ignore: 7.0.6 ignore: 7.0.5
js-yaml: 4.2.0 js-yaml: 4.1.1
jsonc-parser: 3.3.1 jsonc-parser: 3.3.1
jsonpointer: 5.0.1 jsonpointer: 5.0.1
markdown-it: 14.2.0 markdown-it: 14.1.1
markdownlint: 0.41.0 markdownlint: 0.40.0
minimatch: 10.2.5 minimatch: 10.2.5
run-con: 1.3.2 run-con: 1.3.2
smol-toml: 1.6.1 smol-toml: 1.6.1
tinyglobby: 0.2.17 tinyglobby: 0.2.16
transitivePeerDependencies: transitivePeerDependencies:
- supports-color - supports-color
markdownlint@0.41.0: markdownlint@0.40.0:
dependencies: dependencies:
micromark: 4.0.2 micromark: 4.0.2
micromark-core-commonmark: 2.0.3 micromark-core-commonmark: 2.0.3
@ -518,7 +518,7 @@ snapshots:
micromark-extension-gfm-table: 2.1.1 micromark-extension-gfm-table: 2.1.1
micromark-extension-math: 3.1.0 micromark-extension-math: 3.1.0
micromark-util-types: 2.0.2 micromark-util-types: 2.0.2
string-width: 8.2.1 string-width: 8.1.0
transitivePeerDependencies: transitivePeerDependencies:
- supports-color - supports-color
@ -698,11 +698,11 @@ snapshots:
minimatch@10.2.5: minimatch@10.2.5:
dependencies: dependencies:
brace-expansion: 5.0.7 brace-expansion: 5.0.6
minimatch@3.1.5: minimatch@3.1.5:
dependencies: dependencies:
brace-expansion: 1.1.16 brace-expansion: 1.1.14
minimist@1.2.8: {} minimist@1.2.8: {}
@ -724,7 +724,7 @@ snapshots:
path-is-absolute@1.0.1: {} path-is-absolute@1.0.1: {}
picomatch@4.0.5: {} picomatch@4.0.4: {}
punycode.js@2.3.1: {} punycode.js@2.3.1: {}
@ -739,7 +739,7 @@ snapshots:
smol-toml@1.6.1: {} smol-toml@1.6.1: {}
string-width@8.2.1: string-width@8.1.0:
dependencies: dependencies:
get-east-asian-width: 1.6.0 get-east-asian-width: 1.6.0
strip-ansi: 7.2.0 strip-ansi: 7.2.0
@ -750,10 +750,10 @@ snapshots:
strip-json-comments@3.1.1: {} strip-json-comments@3.1.1: {}
tinyglobby@0.2.17: tinyglobby@0.2.16:
dependencies: dependencies:
fdir: 6.5.0(picomatch@4.0.5) fdir: 6.5.0(picomatch@4.0.4)
picomatch: 4.0.5 picomatch: 4.0.4
uc.micro@2.1.0: {} uc.micro@2.1.0: {}

View File

@ -66,21 +66,14 @@ spec:
- mountPath: /data - mountPath: /data
name: data-runner name: data-runner
{{- end }} {{- end }}
- name: reach-gitea - name: init-gitea
image: "{{ include "gitea.actions.init.image" . }}" image: "{{ include "gitea.actions.init.image" . }}"
command: command:
- sh - sh
- -c - -c
- | - |
{{- if .Values.init.preConnectionCommandOverride }}
{{ .Values.init.preConnectionCommandOverride }}
{{- end }}
echo 'Trying to reach Gitea on {{ include "gitea.actions.local_root_url" . }}' echo 'Trying to reach Gitea on {{ include "gitea.actions.local_root_url" . }}'
{{- if .Values.init.connectionCommandOverride }}
until timeout 10 {{ .Values.init.connectionCommandOverride }} {{ include "gitea.actions.local_root_url" . }}; do
{{- else }}
until timeout 10 wget --no-check-certificate --spider {{ include "gitea.actions.local_root_url" . }}; do until timeout 10 wget --no-check-certificate --spider {{ include "gitea.actions.local_root_url" . }}; do
{{- end }}
sleep 3 sleep 3
echo "Trying again in 3 seconds..." echo "Trying again in 3 seconds..."
done done

View File

@ -30,7 +30,7 @@ tests:
name: gitea-actions-unittests-runner name: gitea-actions-unittests-runner
- equal: - equal:
path: spec.template.metadata.annotations["checksum/config"] path: spec.template.metadata.annotations["checksum/config"]
value: "83e4d1bb70cc2a861cd18fdb42537e700d4055d431713e64e28c3874c5660097" value: "b1dcfbe4aaba3dff467bdff776855cea97ded4106ab8030a38a719c47583f4b1"
- it: Has fsGroup in securityContext - it: Has fsGroup in securityContext
template: templates/statefulset.yaml template: templates/statefulset.yaml

View File

@ -71,7 +71,7 @@ statefulset:
runner: runner:
registry: "docker.gitea.com" registry: "docker.gitea.com"
repository: runner repository: runner
tag: 2.0.1 tag: 1.0.4
digest: "" digest: ""
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
fullOverride: "" fullOverride: ""
@ -100,7 +100,7 @@ statefulset:
uid: "" uid: ""
registry: "docker.io" registry: "docker.io"
repository: docker repository: docker
tag: 29.5.2-dind tag: 29.5.1-dind
digest: "" digest: ""
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
fullOverride: "" fullOverride: ""
@ -121,28 +121,22 @@ statefulset:
## @section Gitea Actions Init ## @section Gitea Actions Init
# #
## @param init.image.registry Image registry, e.g. gcr.io,docker.io ## @param init.image.registry image registry, e.g. gcr.io,docker.io
## @param init.image.repository The init image (default: busyboxy but can be changed to alpine e.g.) ## @param init.image.repository The init image
## @param init.image.tag The init image tag ## @param init.image.tag the init image tag
## @param init.image.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` ## @param init.image.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest`
## @param init.image.pullPolicy The init image pullPolicy ## @param init.image.pullPolicy The init image pullPolicy
## @param init.image.fullOverride Completely overrides the image registry, path/image, tag and digest ## @param init.image.fullOverride Completely overrides the image registry, path/image, tag and digest.
#
## @param init.connectionCommandOverride Possiblity to change the command with which the container tests its connection to the Gitea server
## @param init.preConnectionCommandOverride Possibility to add commands that happen before the connection test loop
init: init:
image: image:
registry: "" registry: ""
repository: busybox repository: busybox
# Overrides the image tag whose default is the chart appVersion. # Overrides the image tag whose default is the chart appVersion.
tag: "1.38.0" tag: "1.37.0"
digest: "" digest: ""
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
fullOverride: "" fullOverride: ""
connectionCommandOverride: ""
preConnectionCommandOverride: ""
## @section Runner Token Secret Configuration ## @section Runner Token Secret Configuration
# #
## @param existingSecret Secret that contains the token ## @param existingSecret Secret that contains the token