bp99/helm-actions
1
0
Fork 0
mirror of https://gitea.com/gitea/helm-actions.git synced 2026-04-05 17:23:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: bp99:v0.0.4
Branches Tags
bp99:main bp99:bump-helm bp99:renovate/lock-file-maintenance bp99:christopherhx/e2e bp99:check-release-secrets
bp99:v0.0.4 bp99:v0.0.3 bp99:v0.0.2 bp99:v0.0.1
..
compare: bp99:check-release-secrets
Branches Tags
bp99:main bp99:bump-helm bp99:renovate/lock-file-maintenance bp99:christopherhx/e2e bp99:check-release-secrets
bp99:v0.0.4 bp99:v0.0.3 bp99:v0.0.2 bp99:v0.0.1

1 Commits
v0.0.4 ... check-rele

Author SHA1 Message Date
ChristopherHX
1600658386 .gitea/workflows/release-version.yml aktualisiert 2025-08-15 20:01:39 +00:00
20 changed files with 497 additions and 921 deletions
Expand all files Collapse all files

4
.gitea/workflows/changelog.yml
View File

@ -8,12 +8,12 @@ on:
jobs:
changelog:
runs-on: ubuntu-latest
container: docker.io/thegeeklab/git-sv:2.0.9
container: docker.io/thegeeklab/git-sv:1.0.12
steps:
- name: install tools
run: |
apk add -q --update --no-cache nodejs curl jq sed
- uses: actions/checkout@v6
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Generate upcoming changelog

4
.gitea/workflows/commitlint.yml
View File

@ -11,9 +11,9 @@ on:
jobs:
check-and-test:
runs-on: ubuntu-latest
container: commitlint/commitlint:20.4.1
container: commitlint/commitlint:19.7.1
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4
- name: check PR title
run: |
echo "${{ gitea.event.pull_request.title }}" | commitlint --config .commitlintrc.json

114
.gitea/workflows/release-version.yml
View File

@ -1,70 +1,68 @@
name: generate-chart
name: check-secrets
on:
push:
tags:
- "*"
env:
# renovate: datasource=docker depName=alpine/helm
HELM_VERSION: "3.20.0"
jobs:
generate-chart-publish:
check-secrets:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: install tools
- uses: actions/checkout@v4
- name: Check all required secrets
run: |
apt update -y
apt install -y curl ca-certificates curl gnupg
# helm
curl -O https://get.helm.sh/helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
tar -xzf helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/
rm -rf linux-amd64 helm-v${{ env.HELM_VERSION }}-linux-amd64.tar.gz
helm version
# docker
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt update -y
apt install -y python3 python3-pip apt-transport-https docker-ce-cli
pip install awscli --break-system-packages
echo "=== Checking availability of required secrets ==="
- name: Import GPG key
id: import_gpg
uses: https://github.com/crazy-max/ghaction-import-gpg@v7
with:
gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
fingerprint: CC64B1DB67ABBEECAB24B6455FC346329753F4B0
# List of all secrets used in the original workflow
SECRETS=(
"GPGSIGN_KEY"
"GPGSIGN_PASSPHRASE"
"DOCKER_CHARTS_PASSWORD"
"DOCKER_CHARTS_USERNAME"
"AWS_KEY_ID"
"AWS_SECRET_ACCESS_KEY"
"AWS_REGION"
"AWS_S3_BUCKET"
)
# Using helm gpg plugin as 'helm package --sign' has issues with gpg2: https://github.com/helm/helm/issues/2843
- name: package chart
run: |
echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | docker login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} --password-stdin
# FIXME: use upstream after https://github.com/technosophos/helm-gpg/issues/1 is solved
helm plugin install https://github.com/pat-s/helm-gpg
helm dependency build
helm package --version "${GITHUB_REF#refs/tags/v}" ./
mkdir actions
mv actions*.tgz actions/
curl -s -L -o actions/index.yaml https://dl.gitea.com/charts/index.yaml
helm repo index actions/ --url https://dl.gitea.com/charts --merge actions/index.yaml
# push to dockerhub
echo ${{ secrets.DOCKER_CHARTS_PASSWORD }} | helm registry login -u ${{ secrets.DOCKER_CHARTS_USERNAME }} registry-1.docker.io --password-stdin
helm push actions/actions-${GITHUB_REF#refs/tags/v}.tgz oci://registry-1.docker.io/giteacharts
helm registry logout registry-1.docker.io
MISSING_SECRETS=()
AVAILABLE_SECRETS=()
- name: aws credential configure
uses: https://github.com/aws-actions/configure-aws-credentials@v6
with:
aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
for secret in "${SECRETS[@]}"; do
# Check if secret is set (not empty)
if [ -z "${!secret:-}" ]; then
echo "❌ Secret '$secret' is NOT available or empty"
MISSING_SECRETS+=("$secret")
else
echo "✅ Secret '$secret' is available"
AVAILABLE_SECRETS+=("$secret")
fi
done
- name: Copy files to S3 and clear cache
run: |
aws s3 sync actions/ s3://${{ secrets.AWS_S3_BUCKET}}/charts/
echo ""
echo "=== Summary ==="
echo "Available secrets: ${#AVAILABLE_SECRETS[@]}"
echo "Missing secrets: ${#MISSING_SECRETS[@]}"
if [ ${#MISSING_SECRETS[@]} -gt 0 ]; then
echo ""
echo "Missing secrets:"
for secret in "${MISSING_SECRETS[@]}"; do
echo " - $secret"
done
echo ""
echo "❌ Some secrets are missing. Please configure them in repository settings."
exit 1
else
echo ""
echo "✅ All required secrets are available!"
fi
env:
GPGSIGN_KEY: ${{ secrets.GPGSIGN_KEY }}
GPGSIGN_PASSPHRASE: ${{ secrets.GPGSIGN_PASSPHRASE }}
DOCKER_CHARTS_PASSWORD: ${{ secrets.DOCKER_CHARTS_PASSWORD }}
DOCKER_CHARTS_USERNAME: ${{ secrets.DOCKER_CHARTS_USERNAME }}
AWS_KEY_ID: ${{ secrets.AWS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.AWS_REGION }}
AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}

2
.gitea/workflows/shellcheck.yml
View File

@ -9,6 +9,6 @@ jobs:
shellcheck:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: actions/checkout@v4.2.2
- run: apt update --yes && apt install --yes shellcheck
- run: find . -type f -name "*.sh" -exec shellcheck -a {} \;

8
.gitea/workflows/test-pr.yml
View File

@ -10,22 +10,22 @@ on:
env:
# renovate: datasource=github-releases depName=helm-unittest/helm-unittest
HELM_UNITTEST_VERSION: "v1.0.3"
HELM_UNITTEST_VERSION: "v0.7.2"
jobs:
check-and-test:
runs-on: ubuntu-latest
container: alpine/helm:3.20.0
container: alpine/helm:3.17.1
steps:
- name: install tools
run: |
apk update
apk add --update bash make nodejs npm yamllint ncurses
- name: Install pnpm
uses: pnpm/action-setup@v5
uses: pnpm/action-setup@v4
with:
version: 10
- uses: actions/checkout@v6
- uses: actions/checkout@v4
- name: install chart dependencies
run: helm dependency build
- name: lint

1
CODEOWNERS
View File

@ -1 +0,0 @@
* @DaanSelen @volker.raschek @ChristopherHX

15
Chart.yaml
View File

@ -13,18 +13,7 @@ keywords:
sources:
- https://gitea.com/gitea/helm-actions
- https://gitea.com/gitea/act
maintainers:
# https://gitea.com/DaanSelen
- name: Daan Selen
email: dselen@nerthus.nl
# https://gitea.com/volker.raschek
- name: Markus Pesch
email: markus.pesch+apps@cryptic.systems
# https://gitea.com/ChristopherHX
- name: Christopher Homberger
email: christopher.homberger@web.de
# FIXME:
# maintainers:
dependencies: []

96
README.md
View File

@ -6,50 +6,11 @@ The parameters which can be used to customize the deployment are described below
If you want to propose a new feature or mechanism, submit an [issue here](https://gitea.com/gitea/helm-actions/issues).
## Quick-start
## Rootless Defaults
[Documentation](./docs/README.md)
If `.Values.image.rootless: true`, then the following will occur. In case you use `.Values.image.fullOverride`, check that this works in your image:
To get started, add the Helm repo, assuming you have not already:
```sh
helm repo add gitea-charts https://dl.gitea.com/charts/
helm repo update
```
Then pull the values.yaml file and fill it accordingly.
```sh
helm show values gitea-charts/actions > values.yaml
```
Deploy with your values, make sure the path is correct:
```sh
helm upgrade --install gitea-actions gitea-charts/actions -f values.yaml
```
You should be good to go!
### Runner Token Secret Template
For reference, a template for the secret is given below:
```yaml
apiVersion: v1
kind: Secret
metadata:
name: runner-secret
namespace: "my-gitea-namespace"
type: Opaque
stringData:
runner-token: "my-cool-runner-token-given-by-gitea"
```
### Rootless Options
If `.Values.statefulset.dind.rootless: true` is set, then the following will be required:
`.Values.statefulset.dind.tag` must be a rootless image such as: `29.3.1-dind-rootless`
- If `.Values.provisioning.enabled: true`, then uses the rootless Gitea image, must match helm-Gitea.
## Parameters
@ -58,8 +19,9 @@ If `.Values.statefulset.dind.rootless: true` is set, then the following will be
| Name | Description | Value |
| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ |
| `enabled` | Create an act runner StatefulSet. | `false` |
| `init.image.repository` | The image used for the init containers | `busybox` |
| `init.image.tag` | The image tag used for the init containers | `1.37.0` |
| `statefulset.replicas` | the amount of (replica) runner pods deployed | `1` |
| `statefulset.timezone` | is the timezone that will be set in the act_runner image | `Etc/UTC` |
| `statefulset.annotations` | Act runner annotations | `{}` |
| `statefulset.labels` | Act runner labels | `{}` |
| `statefulset.resources` | Act runner resources | `{}` |
@ -67,64 +29,24 @@ If `.Values.statefulset.dind.rootless: true` is set, then the following will be
| `statefulset.tolerations` | Tolerations for the statefulset | `[]` |
| `statefulset.affinity` | Affinity for the statefulset | `{}` |
| `statefulset.extraVolumes` | Extra volumes for the statefulset | `[]` |
| `statefulset.actRunner.registry` | image registry, e.g. gcr.io,docker.io | `docker.gitea.com` |
| `statefulset.actRunner.repository` | The Gitea act runner image | `act_runner` |
| `statefulset.actRunner.tag` | The Gitea act runner tag | `0.3.0` |
| `statefulset.actRunner.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` |
| `statefulset.actRunner.repository` | The Gitea act runner image | `gitea/act_runner` |
| `statefulset.actRunner.tag` | The Gitea act runner tag | `0.2.11` |
| `statefulset.actRunner.pullPolicy` | The Gitea act runner pullPolicy | `IfNotPresent` |
| `statefulset.actRunner.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` |
| `statefulset.actRunner.extraVolumeMounts` | Allows mounting extra volumes in the act runner container | `[]` |
| `statefulset.actRunner.config` | Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details. | `Too complex. See values.yaml` |
| `statefulset.dind.rootless` | a simple flag to let helm know we are dealing with a rootless dind container | `false` |
| `statefulset.dind.uid` | a field to set the running user id for the rootless dind container, so it knows where to look for the socket | `""` |
| `statefulset.dind.registry` | image registry, e.g. gcr.io,docker.io | `docker.io` |
| `statefulset.actRunner.extraEnvs` | Allows adding custom environment variables | `[]` |
| `statefulset.dind.repository` | The Docker-in-Docker image | `docker` |
| `statefulset.dind.tag` | The Docker-in-Docker image tag | `29.3.1-dind` |
| `statefulset.dind.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` |
| `statefulset.dind.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` |
| `statefulset.dind.tag` | The Docker-in-Docker image tag | `25.0.2-dind` |
| `statefulset.dind.pullPolicy` | The Docker-in-Docker pullPolicy | `IfNotPresent` |
| `statefulset.dind.extraVolumeMounts` | Allows mounting extra volumes in the Docker-in-Docker container | `[]` |
| `statefulset.dind.extraEnvs` | Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY` | `[]` |
| `statefulset.persistence.size` | Size for persistence to store act runner data | `1Gi` |
| `statefulset.securityContext` | Customize the SecurityContext | `{}` |
| `statefulset.serviceAccountName` | Customize the service account name | `""` |
### Gitea Actions Init
| Name | Description | Value |
| ------------------------- | ---------------------------------------------------------------------------------------------------------- | -------------- |
| `init.image.registry` | image registry, e.g. gcr.io,docker.io | `""` |
| `init.image.repository` | The init image | `busybox` |
| `init.image.tag` | the init image tag | `1.37.0` |
| `init.image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` |
| `init.image.pullPolicy` | The init image pullPolicy | `IfNotPresent` |
| `init.image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` |
### Runner Token Secret Configuration
| Name | Description | Value |
| ------------------- | ------------------------------ | ----- |
| `existingSecret` | Secret that contains the token | `""` |
| `existingSecretKey` | Secret key | `""` |
### Gitea URL Setting
| Name | Description | Value |
| -------------- | --------------------------------------------- | ----- |
| `giteaRootURL` | URL the act_runner registers and connect with | `""` |
### Extra Init Containers
| Name | Description | Value |
| ------------------------- | ----------------------------------------------------------------------------------------------- | ----- |
| `preExtraInitContainers` | Additional init containers to run in the pod before Gitea-actions runs it owns init containers. | `[]` |
| `postExtraInitContainers` | Additional init containers to run in the pod after Gitea-actions runs it owns init containers. | `[]` |
### Global
| Name | Description | Value |
| ------------------------- | ---------------------------------- | ----- |
| ---------------------- | ------------------------------ | ----- |
| `global.imageRegistry` | global image registry override | `""` |
| `global.imagePullSecrets` | global image registry pull secrets | `[]` |
| `global.storageClass` | global storage class override | `""` |

3
docs/README.md
View File

@ -1,3 +0,0 @@
# Gitea Actions Helm Chart Docs
- [Share dind with job container](share-dind-with-job-container.md)

2
docs/actions-dev.md
View File

@ -26,6 +26,8 @@ In this case, you can use either the Web UI to generate the token or run a shell
the command `gitea actions generate-runner-token`. After generating the token, you must create a secret and use it via:
```yaml
provisioning:
enabled: false
existingSecret: "secret-name"
existingSecretKey: "secret-key"
```

30
docs/share-dind-with-job-container.md
View File

@ -1,30 +0,0 @@
# Share dind with job container
You can weaken isolation and allow jobs to call docker commands.
## Limitations
-
## Example Values
```yaml
config: |
log:
level: debug
cache:
enabled: false
container:
require_docker: true
docker_timeout: 300s
## Specify an existing token secret
##
existingSecret: "runner-token2"
existingSecretKey: "token"
## Specify the root URL of the Gitea instance
giteaRootURL: "http://192.168.1.2:3000"
```
Now you can run docker commands inside your jobs.

2
package.json
View File

@ -14,6 +14,6 @@
},
"devDependencies": {
"@bitnami/readme-generator-for-helm": "^2.7.0",
"markdownlint-cli": "^0.47.0"
"markdownlint-cli": "^0.44.0"
}
}

520
pnpm-lock.yaml generated
View File

@ -10,22 +10,30 @@ importers:
devDependencies:
'@bitnami/readme-generator-for-helm':
specifier: ^2.7.0
version: 2.7.2
version: 2.7.0
markdownlint-cli:
specifier: ^0.47.0
version: 0.47.0
specifier: ^0.44.0
version: 0.44.0
packages:
'@bitnami/readme-generator-for-helm@2.7.2':
resolution: {integrity: sha512-7eXyJzxQTQj2ajpHlIhadciCCYWOqN8ieaweU25bStHOZowQ2c2CQyjO/bX4gxIf73LoRKxHhEYgLTllJY9SIw==}
'@bitnami/readme-generator-for-helm@2.7.0':
resolution: {integrity: sha512-fVxExmcuJ9NZb9ZE9OW3+lG8pUlXJAJdaO8UukV3A7WzYu4qOTr03MXPH9Gt5e/6mo3x4WYI/cXBksKfS0qn3w==}
hasBin: true
'@types/debug@4.1.13':
resolution: {integrity: sha512-KSVgmQmzMwPlmtljOomayoR89W4FynCAi3E8PPs7vmDVPe84hT+vGPKkJfThkmXs0x0jAaa9U8uW8bbfyS2fWw==}
'@isaacs/cliui@8.0.2':
resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==}
engines: {node: '>=12'}
'@types/katex@0.16.8':
resolution: {integrity: sha512-trgaNyfU+Xh2Tc+ABIb44a5AYUpicB3uwirOioeOkNPPbmgRNtcWyDeeFRzjPZENO9Vq8gvVqfhaaXWLlevVwg==}
'@pkgjs/parseargs@0.11.0':
resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==}
engines: {node: '>=14'}
'@types/debug@4.1.12':
resolution: {integrity: sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==}
'@types/katex@0.16.7':
resolution: {integrity: sha512-HMwFiRujE5PjrgwHQ25+bsLJgowjGjm5Z8FVSf0N6PwgJrwxH0QxzHYDcKsTfV3wva0vzrpqMTJS2jXPr5BMEQ==}
'@types/ms@2.1.0':
resolution: {integrity: sha512-GsCCIZDE/p3i96vtEqx+7dBUGXrc7zeSK3wwPHIaRThS+9OhWIXRqzs4d6k1SVU8g91DrNRWxWUGhp5KXQb2VA==}
@ -33,8 +41,20 @@ packages:
'@types/unist@2.0.11':
resolution: {integrity: sha512-CmBKiL6NNo/OqgmMn95Fk9Whlp2mtvIv+KNpQKN2F4SjvrEesubTRWGYSg+BnWZOnlCaSTU1sMpsBOzgbYhnsA==}
ansi-regex@6.2.2:
resolution: {integrity: sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==}
ansi-regex@5.0.1:
resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==}
engines: {node: '>=8'}
ansi-regex@6.1.0:
resolution: {integrity: sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==}
engines: {node: '>=12'}
ansi-styles@4.3.0:
resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==}
engines: {node: '>=8'}
ansi-styles@6.2.1:
resolution: {integrity: sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==}
engines: {node: '>=12'}
argparse@2.0.1:
@ -43,16 +63,11 @@ packages:
balanced-match@1.0.2:
resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==}
balanced-match@4.0.4:
resolution: {integrity: sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==}
engines: {node: 18 || 20 || >=22}
brace-expansion@1.1.11:
resolution: {integrity: sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==}
brace-expansion@1.1.13:
resolution: {integrity: sha512-9ZLprWS6EENmhEOpjCYW2c8VkmOvckIJZfkr7rBW6dObmfgJ/L1GpSYW5Hpo9lDz4D1+n0Ckz8rU7FwHDQiG/w==}
brace-expansion@5.0.5:
resolution: {integrity: sha512-VZznLgtwhn+Mact9tfiwx64fA9erHH/MCXEUfB/0bX/6Fz6ny5EGTXYltMocqg4xFAQZtnO3DHWWXi8RiuN7cQ==}
engines: {node: 18 || 20 || >=22}
brace-expansion@2.0.1:
resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==}
character-entities-legacy@3.0.0:
resolution: {integrity: sha512-RpPp0asT/6ufRm//AJVwpViZbGM/MkjQFxJccQRHmISF/22NBtsHqAWmL+/pmkPWoIUJdWyeVleTl1wydHATVQ==}
@ -63,14 +78,17 @@ packages:
character-reference-invalid@2.0.1:
resolution: {integrity: sha512-iBZ4F4wRbyORVsu0jPV7gXkOsGYjGHPmAyv+HiHG8gi5PtC9KI2j1+v8/tlibRvjoWX027ypmG/n0HtO5t7unw==}
color-convert@2.0.1:
resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==}
engines: {node: '>=7.0.0'}
color-name@1.1.4:
resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==}
commander@13.1.0:
resolution: {integrity: sha512-/rFeCpNJQbhSZjGVwO9RFV3xPqbnERS8MmIQzCtD/zl6gpJuV/bMLuN92oG3F7d8oDEHHRrujSXNUr8fpjntKw==}
engines: {node: '>=18'}
commander@14.0.3:
resolution: {integrity: sha512-H+y0Jo/T1RZ9qPP4Eh1pkcQcLRglraJaSLoyOtHxu6AapkjWVCy2Sit1QQ4x3Dng8qDlSsZEet7g5Pq06MvTgw==}
engines: {node: '>=20'}
commander@6.2.1:
resolution: {integrity: sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA==}
engines: {node: '>= 6'}
@ -82,8 +100,12 @@ packages:
concat-map@0.0.1:
resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==}
debug@4.4.3:
resolution: {integrity: sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==}
cross-spawn@7.0.6:
resolution: {integrity: sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==}
engines: {node: '>= 8'}
debug@4.4.0:
resolution: {integrity: sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==}
engines: {node: '>=6.0'}
peerDependencies:
supports-color: '*'
@ -91,8 +113,8 @@ packages:
supports-color:
optional: true
decode-named-character-reference@1.3.0:
resolution: {integrity: sha512-GtpQYB283KrPp6nRw50q3U9/VfOutZOe103qlN7BPP6Ad27xYnOIWv4lPzo8HCAL+mMZofJ9KEy30fq6MfaK6Q==}
decode-named-character-reference@1.1.0:
resolution: {integrity: sha512-Wy+JTSbFThEOXQIR2L6mxJvEs+veIzpmqD7ynWxMXGpnk3smkHQOp6forLdHsKpAMW9iJpaBBIxz285t1n1C3w==}
deep-extend@0.6.0:
resolution: {integrity: sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==}
@ -109,32 +131,36 @@ packages:
resolution: {integrity: sha512-xHF8EP4XH/Ba9fvAF2LDd5O3IITVolerVV6xvkxoM8zlGEiCUrggpAnHyOoKJKCrhvPcGATFAUwIujj7bRG5UA==}
hasBin: true
eastasianwidth@0.2.0:
resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==}
emoji-regex@8.0.0:
resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==}
emoji-regex@9.2.2:
resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==}
entities@4.5.0:
resolution: {integrity: sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==}
engines: {node: '>=0.12'}
fdir@6.5.0:
resolution: {integrity: sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==}
engines: {node: '>=12.0.0'}
peerDependencies:
picomatch: ^3 || ^4
peerDependenciesMeta:
picomatch:
optional: true
foreground-child@3.3.1:
resolution: {integrity: sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==}
engines: {node: '>=14'}
fs.realpath@1.0.0:
resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==}
get-east-asian-width@1.5.0:
resolution: {integrity: sha512-CQ+bEO+Tva/qlmw24dCejulK5pMzVnUOFOijVogd3KQs07HnRIgp8TGipvCCRT06xeYEbpbgwaCxglFyiuIcmA==}
engines: {node: '>=18'}
glob@10.4.5:
resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==}
hasBin: true
glob@7.2.3:
resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==}
deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
deprecated: Glob versions prior to v9 are no longer supported
ignore@7.0.5:
resolution: {integrity: sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==}
ignore@7.0.3:
resolution: {integrity: sha512-bAH5jbK/F3T3Jls4I0SO1hmPR0dKU0a7+SY6n1yzRtG54FLO8d6w/nxLFX2Nb7dBu6cCWXPaAME6cYqFUMmuCA==}
engines: {node: '>= 4'}
inflight@1.0.6:
@ -157,11 +183,21 @@ packages:
is-decimal@2.0.1:
resolution: {integrity: sha512-AAB9hiomQs5DXWcRB1rqsxGUstbRroFOPPVAomNk/3XHR5JyEZChOyTWe2oayKnsSsr/kcGqF+z6yuH6HHpN0A==}
is-fullwidth-code-point@3.0.0:
resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==}
engines: {node: '>=8'}
is-hexadecimal@2.0.1:
resolution: {integrity: sha512-DgZQp241c8oO6cA1SbTEWiXeoxV42vlcJxgH+B3hi1AiqqKruZR3ZGF8In3fj4+/y/7rHvlOZLZtgJ/4ttYGZg==}
js-yaml@4.1.1:
resolution: {integrity: sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==}
isexe@2.0.0:
resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==}
jackspeak@3.4.3:
resolution: {integrity: sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==}
js-yaml@4.1.0:
resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==}
hasBin: true
jsonc-parser@3.3.1:
@ -171,8 +207,8 @@ packages:
resolution: {integrity: sha512-p/nXbhSEcu3pZRdkW1OfJhpsVtW1gd4Wa1fnQc9YLiTfAjn0312eMKimbdIQzuZl9aa9xUGaRlP9T/CJE/ditQ==}
engines: {node: '>=0.10.0'}
katex@0.16.44:
resolution: {integrity: sha512-EkxoDTk8ufHqHlf9QxGwcxeLkWRR3iOuYfRpfORgYfqc8s13bgb+YtRY59NK5ZpRaCwq1kqA6a5lpX8C/eLphQ==}
katex@0.16.21:
resolution: {integrity: sha512-XvqR7FgOHtWupfMiigNzmh+MgUVmDGU2kXZm899ZkPfcuoPuFxyHmXsgATDpFZDAXCI8tvinaVcDo8PIIJSo4A==}
hasBin: true
linkify-it@5.0.0:
@ -181,30 +217,33 @@ packages:
lodash@4.17.21:
resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==}
markdown-it@14.1.1:
resolution: {integrity: sha512-BuU2qnTti9YKgK5N+IeMubp14ZUKUUw7yeJbkjtosvHiP0AZ5c8IAgEMk79D0eC8F23r4Ac/q8cAIFdm2FtyoA==}
lru-cache@10.4.3:
resolution: {integrity: sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==}
markdown-it@14.1.0:
resolution: {integrity: sha512-a54IwgWPaeBCAAsv13YgmALOF1elABB08FxO9i+r4VFk5Vl4pKokRPeX8u5TCgSsPi6ec1otfLjdOpVcgbpshg==}
hasBin: true
markdown-table@2.0.0:
resolution: {integrity: sha512-Ezda85ToJUBhM6WGaG6veasyym+Tbs3cMAw/ZhOPqXiYsr0jgocBV3j3nx+4lk47plLlIqjwuTm/ywVI+zjJ/A==}
markdownlint-cli@0.47.0:
resolution: {integrity: sha512-HOcxeKFAdDoldvoYDofd85vI8LgNWy8vmYpCwnlLV46PJcodmGzD7COSSBlhHwsfT4o9KrAStGodImVBus31Bg==}
engines: {node: '>=20'}
markdownlint-cli@0.44.0:
resolution: {integrity: sha512-ZJTAONlvF9NkrIBltCdW15DxN9UTbPiKMEqAh2EU2gwIFlrCMavyCEPPO121cqfYOrLUJWW8/XKWongstmmTeQ==}
engines: {node: '>=18'}
hasBin: true
markdownlint@0.40.0:
resolution: {integrity: sha512-UKybllYNheWac61Ia7T6fzuQNDZimFIpCg2w6hHjgV1Qu0w1TV0LlSgryUGzM0bkKQCBhy2FDhEELB73Kb0kAg==}
engines: {node: '>=20'}
markdownlint@0.37.4:
resolution: {integrity: sha512-u00joA/syf3VhWh6/ybVFkib5Zpj2e5KB/cfCei8fkSRuums6nyisTWGqjTWIOFoFwuXoTBQQiqlB4qFKp8ncQ==}
engines: {node: '>=18'}
mdurl@2.0.0:
resolution: {integrity: sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==}
micromark-core-commonmark@2.0.3:
resolution: {integrity: sha512-RDBrHEMSxVFLg6xvnXmb1Ayr2WzLAWjeSATAoxwKYJV94TeNavgoIdA0a9ytzDSVzBy2YKFK+emCPOEibLeCrg==}
micromark-core-commonmark@2.0.2:
resolution: {integrity: sha512-FKjQKbxd1cibWMM1P9N+H8TwlgGgSkWZMmfuVucLCHaYqeSvJ0hFeHsIa65pA2nYbes0f8LDHPMrd9X7Ujxg9w==}
micromark-extension-directive@4.0.0:
resolution: {integrity: sha512-/C2nqVmXXmiseSSuCdItCMho7ybwwop6RrrRPk0KbOHW21JKoCldC+8rFOaundDoRBUWBnJJcxeA/Kvi34WQXg==}
micromark-extension-directive@3.0.2:
resolution: {integrity: sha512-wjcXHgk+PPdmvR58Le9d7zQYWy+vKEU9Se44p2CrCDPiLr2FMyiT4Fyb5UFKFC66wGB3kPlgD7q3TnoqPS7SZA==}
micromark-extension-gfm-autolink-literal@2.1.0:
resolution: {integrity: sha512-oOg7knzhicgQ3t4QCjCWgTmfNhvQbDDnJeVu9v81r7NltNCVmhPy1fJRX27pISafdjL+SVc4d3l48Gb6pbRypw==}
@ -212,8 +251,8 @@ packages:
micromark-extension-gfm-footnote@2.1.0:
resolution: {integrity: sha512-/yPhxI1ntnDNsiHtzLKYnE3vf9JZ6cAisqVDauhp4CEHxlb4uoOTxOCJ+9s51bIB8U1N1FJ1RXOKTIlD5B/gqw==}
micromark-extension-gfm-table@2.1.1:
resolution: {integrity: sha512-t2OU/dXXioARrC6yWfJ4hqB7rct14e8f7m0cbI5hUmDyyIlwv5vEtooptH8INkbLzOatzKuVbQmAYcbWoyz6Dg==}
micromark-extension-gfm-table@2.1.0:
resolution: {integrity: sha512-Ub2ncQv+fwD70/l4ou27b4YzfNaCJOvyX4HxXU15m7mpYY+rjuWzsLIPZHJL253Z643RpbcP1oeIJlQ/SKW67g==}
micromark-extension-math@3.1.0:
resolution: {integrity: sha512-lvEqd+fHjATVs+2v/8kg9i5Q0AP2k85H0WUOwpIVvUML8BapsMvh1XAogmQjOCsLpoKRCVQqEkQBB3NhVBcsOg==}
@ -269,28 +308,35 @@ packages:
micromark-util-symbol@2.0.1:
resolution: {integrity: sha512-vs5t8Apaud9N28kgCrRUdEed4UJ+wWNvicHLPxCa9ENlYuAY31M0ETy5y1vA33YoNPDFTghEbnh6efaE8h4x0Q==}
micromark-util-types@2.0.2:
resolution: {integrity: sha512-Yw0ECSpJoViF1qTU4DC6NwtC4aWGt1EkzaQB8KPPyCRR8z9TWeV0HbEFGTO+ZY1wB22zmxnJqhPyTpOVCpeHTA==}
micromark-util-types@2.0.1:
resolution: {integrity: sha512-534m2WhVTddrcKVepwmVEVnUAmtrx9bfIjNoQHRqfnvdaHQiFytEhJoTgpWJvDEXCO5gLTQh3wYC1PgOJA4NSQ==}
micromark@4.0.2:
resolution: {integrity: sha512-zpe98Q6kvavpCr1NPVSCMebCKfD7CA2NqZ+rykeNhONIJBpc1tFKt9hucLGwha3jNTNI8lHpctWJWoimVF4PfA==}
micromark@4.0.1:
resolution: {integrity: sha512-eBPdkcoCNvYcxQOAKAlceo5SNdzZWfF+FcSupREAzdAh9rRmE239CEQAiTwIgblwnoM8zzj35sZ5ZwvSEOF6Kw==}
minimatch@10.1.3:
resolution: {integrity: sha512-IF6URNyBX7Z6XfvjpaNy5meRxPZiIf2OqtOoSLs+hLJ9pJAScnM1RjrFcbCaD85y42KcI+oZmKjFIJKYDFjQfg==}
engines: {node: 20 || >=22}
minimatch@3.1.2:
resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==}
minimatch@3.1.5:
resolution: {integrity: sha512-VgjWUsnnT6n+NUk6eZq77zeFdpW2LWDzP6zFGrCbHXiYNul5Dzqk2HHQ5uFH2DNW5Xbp8+jVzaeNt94ssEEl4w==}
minimatch@9.0.5:
resolution: {integrity: sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==}
engines: {node: '>=16 || 14 >=14.17'}
minimist@1.2.8:
resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==}
minipass@7.1.2:
resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==}
engines: {node: '>=16 || 14 >=14.17'}
ms@2.1.3:
resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==}
once@1.4.0:
resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==}
package-json-from-dist@1.0.1:
resolution: {integrity: sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==}
parse-entities@4.0.2:
resolution: {integrity: sha512-GG2AQYWoLgL877gQIKeRPGO1xF9+eG1ujIb5soS5gPvLQ1y2o8FL90w2QWNdf9I361Mpp7726c+lj3U0qK1uGw==}
@ -298,9 +344,13 @@ packages:
resolution: {integrity: sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==}
engines: {node: '>=0.10.0'}
picomatch@4.0.4:
resolution: {integrity: sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==}
engines: {node: '>=12'}
path-key@3.1.1:
resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==}
engines: {node: '>=8'}
path-scurry@1.11.1:
resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==}
engines: {node: '>=16 || 14 >=14.18'}
punycode.js@2.3.1:
resolution: {integrity: sha512-uxFIHU0YlHYhDQtV4R9J6a52SLx28BCjT+4ieh7IGbgwVJWO+km431c4yRlREUAsAmt/uMjQUyQHNEPf0M39CA==}
@ -314,73 +364,120 @@ packages:
resolution: {integrity: sha512-CcfE+mYiTcKEzg0IqS08+efdnH0oJ3zV0wSUFBNrMHMuxCtXvBCLzCJHatwuXDcu/RlhjTziTo/a1ruQik6/Yg==}
hasBin: true
smol-toml@1.5.2:
resolution: {integrity: sha512-QlaZEqcAH3/RtNyet1IPIYPsEWAaYyXXv1Krsi+1L/QHppjX4Ifm8MQsBISz9vE8cHicIq3clogsheili5vhaQ==}
shebang-command@2.0.0:
resolution: {integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==}
engines: {node: '>=8'}
shebang-regex@3.0.0:
resolution: {integrity: sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==}
engines: {node: '>=8'}
signal-exit@4.1.0:
resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==}
engines: {node: '>=14'}
smol-toml@1.3.1:
resolution: {integrity: sha512-tEYNll18pPKHroYSmLLrksq233j021G0giwW7P3D24jC54pQ5W5BXMsQ/Mvw1OJCmEYDgY+lrzT+3nNUtoNfXQ==}
engines: {node: '>= 18'}
string-width@8.1.0:
resolution: {integrity: sha512-Kxl3KJGb/gxkaUMOjRsQ8IrXiGW75O4E3RPjFIINOVH8AMl2SQ/yWdTzWwF3FevIX9LcMAjJW+GRwAlAbTSXdg==}
engines: {node: '>=20'}
string-width@4.2.3:
resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==}
engines: {node: '>=8'}
strip-ansi@7.2.0:
resolution: {integrity: sha512-yDPMNjp4WyfYBkHnjIRLfca1i6KMyGCtsVgoKe/z1+6vukgaENdgGBZt+ZmKPc4gavvEZ5OgHfHdrazhgNyG7w==}
string-width@5.1.2:
resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==}
engines: {node: '>=12'}
strip-ansi@6.0.1:
resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==}
engines: {node: '>=8'}
strip-ansi@7.1.0:
resolution: {integrity: sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==}
engines: {node: '>=12'}
strip-json-comments@3.1.1:
resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==}
engines: {node: '>=8'}
tinyglobby@0.2.15:
resolution: {integrity: sha512-j2Zq4NyQYG5XMST4cbs02Ak8iJUdxRM0XI5QyxXuZOzKOINmWurp3smXu3y5wDcJrptwpSjgXHzIQxR0omXljQ==}
engines: {node: '>=12.0.0'}
uc.micro@2.1.0:
resolution: {integrity: sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==}
which@2.0.2:
resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==}
engines: {node: '>= 8'}
hasBin: true
wrap-ansi@7.0.0:
resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==}
engines: {node: '>=10'}
wrap-ansi@8.1.0:
resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==}
engines: {node: '>=12'}
wrappy@1.0.2:
resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==}
yaml@2.8.3:
resolution: {integrity: sha512-AvbaCLOO2Otw/lW5bmh9d/WEdcDFdQp2Z2ZUH3pX9U2ihyUY0nvLv7J6TrWowklRGPYbB/IuIMfYgxaCPg5Bpg==}
engines: {node: '>= 14.6'}
yaml@2.7.0:
resolution: {integrity: sha512-+hSoy/QHluxmC9kCIJyL/uyFmLmc+e5CFR5Wa+bpIhIj85LVb9ZH2nVnqrHoSvKogwODv0ClqZkmiSSaIH5LTA==}
engines: {node: '>= 14'}
hasBin: true
snapshots:
'@bitnami/readme-generator-for-helm@2.7.2':
'@bitnami/readme-generator-for-helm@2.7.0':
dependencies:
commander: 13.1.0
dot-object: 2.1.5
lodash: 4.17.21
markdown-table: 2.0.0
yaml: 2.8.3
yaml: 2.7.0
'@types/debug@4.1.13':
'@isaacs/cliui@8.0.2':
dependencies:
string-width: 5.1.2
string-width-cjs: string-width@4.2.3
strip-ansi: 7.1.0
strip-ansi-cjs: strip-ansi@6.0.1
wrap-ansi: 8.1.0
wrap-ansi-cjs: wrap-ansi@7.0.0
'@pkgjs/parseargs@0.11.0':
optional: true
'@types/debug@4.1.12':
dependencies:
'@types/ms': 2.1.0
'@types/katex@0.16.8': {}
'@types/katex@0.16.7': {}
'@types/ms@2.1.0': {}
'@types/unist@2.0.11': {}
ansi-regex@6.2.2: {}
ansi-regex@5.0.1: {}
ansi-regex@6.1.0: {}
ansi-styles@4.3.0:
dependencies:
color-convert: 2.0.1
ansi-styles@6.2.1: {}
argparse@2.0.1: {}
balanced-match@1.0.2: {}
balanced-match@4.0.4: {}
brace-expansion@1.1.13:
brace-expansion@1.1.11:
dependencies:
balanced-match: 1.0.2
concat-map: 0.0.1
brace-expansion@5.0.5:
brace-expansion@2.0.1:
dependencies:
balanced-match: 4.0.4
balanced-match: 1.0.2
character-entities-legacy@3.0.0: {}
@ -388,9 +485,13 @@ snapshots:
character-reference-invalid@2.0.1: {}
commander@13.1.0: {}
color-convert@2.0.1:
dependencies:
color-name: 1.1.4
commander@14.0.3: {}
color-name@1.1.4: {}
commander@13.1.0: {}
commander@6.2.1: {}
@ -398,11 +499,17 @@ snapshots:
concat-map@0.0.1: {}
debug@4.4.3:
cross-spawn@7.0.6:
dependencies:
path-key: 3.1.1
shebang-command: 2.0.0
which: 2.0.2
debug@4.4.0:
dependencies:
ms: 2.1.3
decode-named-character-reference@1.3.0:
decode-named-character-reference@1.1.0:
dependencies:
character-entities: 2.0.2
@ -419,26 +526,40 @@ snapshots:
commander: 6.2.1
glob: 7.2.3
eastasianwidth@0.2.0: {}
emoji-regex@8.0.0: {}
emoji-regex@9.2.2: {}
entities@4.5.0: {}
fdir@6.5.0(picomatch@4.0.4):
optionalDependencies:
picomatch: 4.0.4
foreground-child@3.3.1:
dependencies:
cross-spawn: 7.0.6
signal-exit: 4.1.0
fs.realpath@1.0.0: {}
get-east-asian-width@1.5.0: {}
glob@10.4.5:
dependencies:
foreground-child: 3.3.1
jackspeak: 3.4.3
minimatch: 9.0.5
minipass: 7.1.2
package-json-from-dist: 1.0.1
path-scurry: 1.11.1
glob@7.2.3:
dependencies:
fs.realpath: 1.0.0
inflight: 1.0.6
inherits: 2.0.4
minimatch: 3.1.5
minimatch: 3.1.2
once: 1.4.0
path-is-absolute: 1.0.1
ignore@7.0.5: {}
ignore@7.0.3: {}
inflight@1.0.6:
dependencies:
@ -458,9 +579,19 @@ snapshots:
is-decimal@2.0.1: {}
is-fullwidth-code-point@3.0.0: {}
is-hexadecimal@2.0.1: {}
js-yaml@4.1.1:
isexe@2.0.0: {}
jackspeak@3.4.3:
dependencies:
'@isaacs/cliui': 8.0.2
optionalDependencies:
'@pkgjs/parseargs': 0.11.0
js-yaml@4.1.0:
dependencies:
argparse: 2.0.1
@ -468,7 +599,7 @@ snapshots:
jsonpointer@5.0.1: {}
katex@0.16.44:
katex@0.16.21:
dependencies:
commander: 8.3.0
@ -478,7 +609,9 @@ snapshots:
lodash@4.17.21: {}
markdown-it@14.1.1:
lru-cache@10.4.3: {}
markdown-it@14.1.0:
dependencies:
argparse: 2.0.1
entities: 4.5.0
@ -491,42 +624,40 @@ snapshots:
dependencies:
repeat-string: 1.6.1
markdownlint-cli@0.47.0:
markdownlint-cli@0.44.0:
dependencies:
commander: 14.0.3
deep-extend: 0.6.0
ignore: 7.0.5
js-yaml: 4.1.1
commander: 13.1.0
glob: 10.4.5
ignore: 7.0.3
js-yaml: 4.1.0
jsonc-parser: 3.3.1
jsonpointer: 5.0.1
markdown-it: 14.1.1
markdownlint: 0.40.0
minimatch: 10.1.3
markdownlint: 0.37.4
minimatch: 9.0.5
run-con: 1.3.2
smol-toml: 1.5.2
tinyglobby: 0.2.15
smol-toml: 1.3.1
transitivePeerDependencies:
- supports-color
markdownlint@0.40.0:
markdownlint@0.37.4:
dependencies:
micromark: 4.0.2
micromark-core-commonmark: 2.0.3
micromark-extension-directive: 4.0.0
markdown-it: 14.1.0
micromark: 4.0.1
micromark-core-commonmark: 2.0.2
micromark-extension-directive: 3.0.2
micromark-extension-gfm-autolink-literal: 2.1.0
micromark-extension-gfm-footnote: 2.1.0
micromark-extension-gfm-table: 2.1.1
micromark-extension-gfm-table: 2.1.0
micromark-extension-math: 3.1.0
micromark-util-types: 2.0.2
string-width: 8.1.0
micromark-util-types: 2.0.1
transitivePeerDependencies:
- supports-color
mdurl@2.0.0: {}
micromark-core-commonmark@2.0.3:
micromark-core-commonmark@2.0.2:
dependencies:
decode-named-character-reference: 1.3.0
decode-named-character-reference: 1.1.0
devlop: 1.1.0
micromark-factory-destination: 2.0.1
micromark-factory-label: 2.0.1
@ -541,16 +672,16 @@ snapshots:
micromark-util-resolve-all: 2.0.1
micromark-util-subtokenize: 2.1.0
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-extension-directive@4.0.0:
micromark-extension-directive@3.0.2:
dependencies:
devlop: 1.1.0
micromark-factory-space: 2.0.1
micromark-factory-whitespace: 2.0.1
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
parse-entities: 4.0.2
micromark-extension-gfm-autolink-literal@2.1.0:
@ -558,73 +689,73 @@ snapshots:
micromark-util-character: 2.1.1
micromark-util-sanitize-uri: 2.0.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-extension-gfm-footnote@2.1.0:
dependencies:
devlop: 1.1.0
micromark-core-commonmark: 2.0.3
micromark-core-commonmark: 2.0.2
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-normalize-identifier: 2.0.1
micromark-util-sanitize-uri: 2.0.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-extension-gfm-table@2.1.1:
micromark-extension-gfm-table@2.1.0:
dependencies:
devlop: 1.1.0
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-extension-math@3.1.0:
dependencies:
'@types/katex': 0.16.8
'@types/katex': 0.16.7
devlop: 1.1.0
katex: 0.16.44
katex: 0.16.21
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-factory-destination@2.0.1:
dependencies:
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-factory-label@2.0.1:
dependencies:
devlop: 1.1.0
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-factory-space@2.0.1:
dependencies:
micromark-util-character: 2.1.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-factory-title@2.0.1:
dependencies:
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-factory-whitespace@2.0.1:
dependencies:
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-character@2.1.1:
dependencies:
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-chunked@2.0.1:
dependencies:
@ -634,12 +765,12 @@ snapshots:
dependencies:
micromark-util-character: 2.1.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-combine-extensions@2.0.1:
dependencies:
micromark-util-chunked: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-decode-numeric-character-reference@2.0.2:
dependencies:
@ -655,7 +786,7 @@ snapshots:
micromark-util-resolve-all@2.0.1:
dependencies:
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-sanitize-uri@2.0.1:
dependencies:
@ -668,19 +799,19 @@ snapshots:
devlop: 1.1.0
micromark-util-chunked: 2.0.1
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
micromark-util-symbol@2.0.1: {}
micromark-util-types@2.0.2: {}
micromark-util-types@2.0.1: {}
micromark@4.0.2:
micromark@4.0.1:
dependencies:
'@types/debug': 4.1.13
debug: 4.4.3
decode-named-character-reference: 1.3.0
'@types/debug': 4.1.12
debug: 4.4.0
decode-named-character-reference: 1.1.0
devlop: 1.1.0
micromark-core-commonmark: 2.0.3
micromark-core-commonmark: 2.0.2
micromark-factory-space: 2.0.1
micromark-util-character: 2.1.1
micromark-util-chunked: 2.0.1
@ -692,39 +823,48 @@ snapshots:
micromark-util-sanitize-uri: 2.0.1
micromark-util-subtokenize: 2.1.0
micromark-util-symbol: 2.0.1
micromark-util-types: 2.0.2
micromark-util-types: 2.0.1
transitivePeerDependencies:
- supports-color
minimatch@10.1.3:
minimatch@3.1.2:
dependencies:
brace-expansion: 5.0.5
brace-expansion: 1.1.11
minimatch@3.1.5:
minimatch@9.0.5:
dependencies:
brace-expansion: 1.1.13
brace-expansion: 2.0.1
minimist@1.2.8: {}
minipass@7.1.2: {}
ms@2.1.3: {}
once@1.4.0:
dependencies:
wrappy: 1.0.2
package-json-from-dist@1.0.1: {}
parse-entities@4.0.2:
dependencies:
'@types/unist': 2.0.11
character-entities-legacy: 3.0.0
character-reference-invalid: 2.0.1
decode-named-character-reference: 1.3.0
decode-named-character-reference: 1.1.0
is-alphanumerical: 2.0.1
is-decimal: 2.0.1
is-hexadecimal: 2.0.1
path-is-absolute@1.0.1: {}
picomatch@4.0.4: {}
path-key@3.1.1: {}
path-scurry@1.11.1:
dependencies:
lru-cache: 10.4.3
minipass: 7.1.2
punycode.js@2.3.1: {}
@ -737,26 +877,56 @@ snapshots:
minimist: 1.2.8
strip-json-comments: 3.1.1
smol-toml@1.5.2: {}
string-width@8.1.0:
shebang-command@2.0.0:
dependencies:
get-east-asian-width: 1.5.0
strip-ansi: 7.2.0
shebang-regex: 3.0.0
strip-ansi@7.2.0:
shebang-regex@3.0.0: {}
signal-exit@4.1.0: {}
smol-toml@1.3.1: {}
string-width@4.2.3:
dependencies:
ansi-regex: 6.2.2
emoji-regex: 8.0.0
is-fullwidth-code-point: 3.0.0
strip-ansi: 6.0.1
string-width@5.1.2:
dependencies:
eastasianwidth: 0.2.0
emoji-regex: 9.2.2
strip-ansi: 7.1.0
strip-ansi@6.0.1:
dependencies:
ansi-regex: 5.0.1
strip-ansi@7.1.0:
dependencies:
ansi-regex: 6.1.0
strip-json-comments@3.1.1: {}
tinyglobby@0.2.15:
dependencies:
fdir: 6.5.0(picomatch@4.0.4)
picomatch: 4.0.4
uc.micro@2.1.0: {}
which@2.0.2:
dependencies:
isexe: 2.0.0
wrap-ansi@7.0.0:
dependencies:
ansi-styles: 4.3.0
string-width: 4.2.3
strip-ansi: 6.0.1
wrap-ansi@8.1.0:
dependencies:
ansi-styles: 6.2.1
string-width: 5.1.2
strip-ansi: 7.1.0
wrappy@1.0.2: {}
yaml@2.8.3: {}
yaml@2.7.0: {}

33
renovate.json5
View File

@ -9,19 +9,19 @@
labels: [
'kind/dependency',
],
digest: {
automerge: true,
"digest": {
"automerge": true
},
automergeStrategy: 'squash',
'git-submodules': {
enabled: true,
'enabled': true
},
customManagers: [
{
description: 'Gitea-version of https://docs.renovatebot.com/presets-regexManagers/#regexmanagersgithubactionsversions',
customType: 'regex',
managerFilePatterns: [
'/.gitea/workflows/.+\\.ya?ml$/',
fileMatch: [
'.gitea/workflows/.+\\.ya?ml$',
],
matchStrings: [
'# renovate: datasource=(?<datasource>[a-z-.]+?) depName=(?<depName>[^\\s]+?)(?: (?:lookupName|packageName)=(?<packageName>[^\\s]+?))?(?: versioning=(?<versioning>[a-z-0-9]+?))?\\s+[A-Za-z0-9_]+?_VERSION\\s*:\\s*["\']?(?<currentValue>.+?)["\']?\\s',
@ -30,23 +30,13 @@
{
description: 'Detect helm-unittest yaml schema file',
customType: 'regex',
managerFilePatterns: [
'/.vscode/settings\\.json$/',
],
fileMatch: ['.vscode/settings\\.json$'],
matchStrings: [
'https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json',
],
datasourceTemplate: 'github-releases',
},
],
lockFileMaintenance: {
"enabled": true,
"commitMessageAction": "update",
"commitMessageTopic": "lockfiles",
schedule: [
'at any time',
]
},
packageRules: [
{
groupName: 'subcharts (minor & patch)',
@ -59,17 +49,6 @@
'digest',
],
},
{
groupName: 'bats testing framework',
matchManagers: [
'git-submodules',
],
matchUpdateTypes: [
'minor',
'patch',
'digest',
],
},
{
groupName: 'workflow dependencies (minor & patch)',
matchManagers: [

45
templates/_helpers.tpl
View File

@ -84,48 +84,5 @@ app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{- define "gitea.actions.local_root_url" -}}
{{- tpl .Values.giteaRootURL . -}}
{{- end -}}
{{/*
Common create image implementation
*/}}
{{- define "gitea.actions.common.image" -}}
{{- $fullOverride := .image.fullOverride | default "" -}}
{{- $registry := .root.Values.global.imageRegistry | default .image.registry -}}
{{- $repository := .image.repository -}}
{{- $separator := ":" -}}
{{- $tag := .image.tag | default .root.Chart.AppVersion | toString -}}
{{- $digest := "" -}}
{{- if .image.digest }}
{{- $digest = (printf "@%s" (.image.digest | toString)) -}}
{{- end -}}
{{- if $fullOverride }}
{{- printf "%s" $fullOverride -}}
{{- else if $registry }}
{{- printf "%s/%s%s%s%s" $registry $repository $separator $tag $digest -}}
{{- else -}}
{{- printf "%s%s%s%s" $repository $separator $tag $digest -}}
{{- end -}}
{{- end -}}
{{/*
Create image for the Gitea Actions Act Runner
*/}}
{{- define "gitea.actions.actRunner.image" -}}
{{ include "gitea.actions.common.image" (dict "root" . "image" .Values.statefulset.actRunner) }}
{{- end -}}
{{/*
Create image for DinD
*/}}
{{- define "gitea.actions.dind.image" -}}
{{ include "gitea.actions.common.image" (dict "root" . "image" .Values.statefulset.dind) }}
{{- end -}}
{{/*
Create image for Init
*/}}
{{- define "gitea.actions.init.image" -}}
{{ include "gitea.actions.common.image" (dict "root" . "image" .Values.init.image) }}
{{- .Values.giteaRootURL -}}
{{- end -}}

4
templates/config-act-runner.yaml
View File

@ -10,10 +10,6 @@ metadata:
data:
config.yaml: |
{{- with .Values.statefulset.actRunner.config -}}
{{- if kindIs "string" . -}}
{{ . | nindent 4}}
{{- else -}}
{{ toYaml . | nindent 4}}
{{- end -}}
{{- end -}}
{{- end }}

109
templates/statefulset.yaml
View File

@ -30,18 +30,9 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
restartPolicy: Always
{{- if .Values.statefulset.serviceAccountName }}
serviceAccountName: {{ .Values.statefulset.serviceAccountName }}
{{- end }}
securityContext:
{{- toYaml .Values.statefulset.securityContext | nindent 8 }}
initContainers:
{{- if .Values.preExtraInitContainers }}
{{- toYaml .Values.preExtraInitContainers | nindent 8 }}
{{- end }}
- name: init-gitea
image: "{{ include "gitea.actions.init.image" . }}"
image: "{{ .Values.init.image.repository }}:{{ .Values.init.image.tag }}"
command:
- sh
- -c
@ -52,90 +43,62 @@ spec:
echo "Trying again in 3 seconds..."
done
echo "Gitea has been reached!"
- name: dind
image: "{{ include "gitea.actions.dind.image" . }}"
restartPolicy: Always
imagePullPolicy: {{ .Values.statefulset.dind.pullPolicy }}
{{- if .Values.statefulset.dind.extraEnvs }}
env:
{{- toYaml .Values.statefulset.dind.extraEnvs | nindent 12 }}
{{- end }}
securityContext:
privileged: true
startupProbe:
exec:
command:
- /usr/bin/test
- -S
{{- if .Values.statefulset.dind.rootless }}
- /run/user/{{ .Values.statefulset.dind.uid | default 1000 }}/docker.sock
{{- else }}
- /var/run/docker.sock
{{- end }}
livenessProbe:
exec:
command:
- /usr/bin/test
- -S
{{- if .Values.statefulset.dind.rootless }}
- /run/user/{{ .Values.statefulset.dind.uid | default 1000 }}/docker.sock
{{- else }}
- /var/run/docker.sock
{{- end }}
resources:
{{- toYaml .Values.statefulset.resources | nindent 12 }}
volumeMounts:
{{- if .Values.statefulset.dind.rootless }}
- mountPath: /run/user/{{ .Values.statefulset.dind.uid | default 1000 }}/
{{- else }}
- mountPath: /var/run/
{{- end }}
name: docker-socket
{{- with .Values.statefulset.dind.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.postExtraInitContainers }}
{{- toYaml .Values.postExtraInitContainers | nindent 8 }}
{{- end }}
containers:
- name: act-runner
image: "{{ include "gitea.actions.actRunner.image" . }}"
image: "{{ .Values.statefulset.actRunner.repository }}:{{ .Values.statefulset.actRunner.tag }}"
imagePullPolicy: {{ .Values.statefulset.actRunner.pullPolicy }}
workingDir: /data
env:
- name: DOCKER_HOST
value: tcp://127.0.0.1:2376
- name: DOCKER_TLS_VERIFY
value: "1"
- name: DOCKER_CERT_PATH
value: /certs/server
- name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom:
secretKeyRef:
name: "{{ (tpl .Values.existingSecret . ) | default $secretName }}"
key: "{{ (tpl .Values.existingSecretKey . ) | default "token" }}"
name: "{{ .Values.existingSecret | default $secretName }}"
key: "{{ .Values.existingSecretKey | default "token" }}"
- name: GITEA_INSTANCE_URL
value: {{ include "gitea.actions.local_root_url" . }}
- name: CONFIG_FILE
value: /actrunner/config.yaml
- name: TZ
value: {{ .Values.statefulset.timezone | default "Etc/UTC" }}
{{- if .Values.statefulset.actRunner.extraEnvs }}
{{- toYaml .Values.statefulset.actRunner.extraEnvs | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.statefulset.resources | nindent 12 }}
volumeMounts:
- mountPath: /actrunner/config.yaml
name: act-runner-config
subPath: config.yaml
- mountPath: /var/run/docker.sock
name: docker-socket
subPath: docker.sock
- mountPath: /certs/server
name: docker-certs
- mountPath: /data
name: data-act-runner
{{- with .Values.statefulset.actRunner.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- range .Values.global.imagePullSecrets }}
- name: {{ . }}
- name: dind
image: "{{ .Values.statefulset.dind.repository }}:{{ .Values.statefulset.dind.tag }}"
imagePullPolicy: {{ .Values.statefulset.dind.pullPolicy }}
env:
- name: DOCKER_HOST
value: tcp://127.0.0.1:2376
- name: DOCKER_TLS_VERIFY
value: "1"
- name: DOCKER_CERT_PATH
value: /certs/server
{{- if .Values.statefulset.dind.extraEnvs }}
{{- toYaml .Values.statefulset.dind.extraEnvs | nindent 12 }}
{{- end }}
securityContext:
privileged: true
resources:
{{- toYaml .Values.statefulset.resources | nindent 12 }}
volumeMounts:
- mountPath: /certs/server
name: docker-certs
{{- with .Values.statefulset.dind.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- range $key, $value := .Values.statefulset.nodeSelector }}
nodeSelector:
@ -153,7 +116,7 @@ spec:
- name: act-runner-config
configMap:
name: {{ include "gitea.actions.fullname" . }}-act-runner-config
- name: docker-socket
- name: docker-certs
emptyDir: {}
{{- with .Values.statefulset.extraVolumes }}
{{- toYaml . | nindent 8 }}
@ -163,9 +126,7 @@ spec:
name: data-act-runner
spec:
accessModes: [ "ReadWriteOnce" ]
{{- if .Values.global.storageClass }}
{{- include "gitea.actions.persistence.storageClass" . | indent 8 }}
{{- end }}
{{- include "gitea.actions.persistence.storageClass" . | nindent 8 }}
resources:
requests:
storage: {{ .Values.statefulset.persistence.size }}

24
unittests/helm/config-act-runner.yaml
View File

@ -42,27 +42,3 @@ tests:
runner:
labels:
- "ubuntu-latest"
- it: renders a ConfigMap with inline yaml
template: templates/config-act-runner.yaml
set:
enabled: true
statefulset:
actRunner:
config: |
container:
valid_volumes:
- /var/run/docker.sock
options: -v /var/run/docker.sock:/var/run/docker.sock
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: ConfigMap
apiVersion: v1
name: gitea-unittests-actions-act-runner-config
- matchRegex:
path: data["config.yaml"]
pattern: '(?m)^\s*options:\s*-v /var/run/docker.sock:/var/run/docker.sock\s*$'
- matchRegex:
path: data["config.yaml"]
pattern: '(?m)^\s*valid_volumes:\s*\n\s*-\s*/var/run/docker.sock\s*$'

297
unittests/helm/statefulset.yaml
View File

@ -6,216 +6,6 @@ templates:
- templates/statefulset.yaml
- templates/config-act-runner.yaml
tests:
- it: act-runner uses fullOverride
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
statefulset.actRunner.fullOverride: test.io/act_runner:x.y.z
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].image
value: test.io/act_runner:x.y.z
- it: act-runner uses digest
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
statefulset.actRunner.tag: 0.2.13
statefulset.actRunner.digest: sha256:abcdef123456
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].image
value: docker.gitea.com/act_runner:0.2.13@sha256:abcdef123456
- it: act-runner uses global.imageRegistry
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
global.imageRegistry: test.io
statefulset.actRunner.tag: 0.2.13
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].image
value: test.io/act_runner:0.2.13
- it: dind uses fullOverride
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
statefulset.dind.fullOverride: test.io/dind:x.y.z
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.initContainers[1].image
value: test.io/dind:x.y.z
- it: dind uses global.imageRegistry
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
global.imageRegistry: test.io
statefulset.dind.tag: 28.3.3-dind
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.initContainers[1].image
value: test.io/docker:28.3.3-dind
- it: init uses fullOverride
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
init.image.fullOverride: test.io/busybox:x.y.z
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.initContainers[0].image
value: test.io/busybox:x.y.z
- it: init uses global.imageRegistry
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
global.imageRegistry: test.io
init.image.tag: 1.37.0
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.initContainers[0].image
value: test.io/busybox:1.37.0
- it: renders additional environment variables for act-runner container in StatefulSet
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
statefulset:
actRunner:
extraEnvs:
- name: "CUSTOM_ENV"
value: "1"
- name: "GITEA_RUNNER_NAME"
valueFrom:
fieldRef:
fieldPath: metadata.name
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].env[4]
value:
name: CUSTOM_ENV
value: "1"
- matchRegex:
path: spec.template.spec.containers[0].env[5].valueFrom.fieldRef.fieldPath
pattern: "metadata\\.name"
- matchRegex:
path: spec.template.spec.containers[0].env[5].name
pattern: "GITEA_RUNNER_NAME"
- it: Has fsGroup in securityContext
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
statefulset.securityContext:
fsGroup: 1000
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.securityContext["fsGroup"]
value: 1000
- it: Has fsGroupChangePolicy in securityContext
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
statefulset.securityContext:
fsGroupChangePolicy: OnRootMismatch
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.securityContext["fsGroupChangePolicy"]
value: "OnRootMismatch"
- it: Has Always in securityContext
template: templates/statefulset.yaml
set:
enabled: true
existingSecret: "my-secret"
existingSecretKey: "my-secret-key"
statefulset.securityContext:
fsGroupChangePolicy: Always
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.securityContext["fsGroupChangePolicy"]
value: "Always"
- it: doesn't renders a StatefulSet by default
template: templates/statefulset.yaml
asserts:
@ -235,7 +25,7 @@ tests:
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].env[0]
path: spec.template.spec.containers[0].env[3]
value:
name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom:
@ -256,7 +46,7 @@ tests:
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].env[0]
path: spec.template.spec.containers[0].env[3]
value:
name: GITEA_RUNNER_REGISTRATION_TOKEN
valueFrom:
@ -279,7 +69,7 @@ tests:
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.metadata.annotations["checksum/config"]
value: "2bafbf04b3c4293c8ddf895ae3d908e14176ee54a6c724c8cf5b2a1e43c6ece7"
value: "7566d9c60261bf8cbff6a6936fc7aead96cec540d8c793d142a5ad4664c56ba5"
- it: renders a StatefulSet http (with correct GITEA_INSTANCE_URL env from giteaRootURL)
template: templates/statefulset.yaml
set:
@ -295,7 +85,7 @@ tests:
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].env[1]
path: spec.template.spec.containers[0].env[4]
value:
name: GITEA_INSTANCE_URL
value: "http://git.example.com"
@ -323,7 +113,7 @@ tests:
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].env[1]
path: spec.template.spec.containers[0].env[4]
value:
name: GITEA_INSTANCE_URL
value: "https://git.example.com"
@ -351,7 +141,7 @@ tests:
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].env[1]
path: spec.template.spec.containers[0].env[4]
value:
name: GITEA_INSTANCE_URL
value: "https://git.example.com:8443"
@ -375,7 +165,7 @@ tests:
value: "custom env value"
asserts:
- equal:
path: spec.template.spec.initContainers[1].env[0]
path: spec.template.spec.containers[1].env[3]
value:
name: "CUSTOM_ENV_NAME"
value: "custom env value"
@ -425,78 +215,7 @@ tests:
name: gitea-unittests-actions-act-runner
- contains:
any: true
path: spec.template.spec.initContainers[1].volumeMounts
path: spec.template.spec.containers[1].volumeMounts
content:
mountPath: /mnt
name: my-dind-volume
- it: should interpret existingSecret & existingSecretKey templating
template: templates/statefulset.yaml
set:
gitea:
token:
secret:
name: "gitea-secret"
key: "secret-key"
enabled: true
existingSecret: "{{ .Release.Name }}-{{ .Values.gitea.token.secret.name}}"
existingSecretKey: "{{ .Values.gitea.token.secret.key}}"
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].env[0].name
value: "GITEA_RUNNER_REGISTRATION_TOKEN"
- equal:
path: spec.template.spec.containers[0].env[0].valueFrom.secretKeyRef.name
value: "gitea-unittests-gitea-secret"
- equal:
path: spec.template.spec.containers[0].env[0].valueFrom.secretKeyRef.key
value: "secret-key"
- it: should interpret Gitea Root URL templating
template: templates/statefulset.yaml
set:
global:
gitea:
service:
name: "my-gitea-svc-http"
port: 3210
enabled: true
giteaRootURL: "http://{{ .Values.global.gitea.service.name }}:{{ .Values.global.gitea.service.port }}"
asserts:
- hasDocuments:
count: 1
- containsDocument:
kind: StatefulSet
apiVersion: apps/v1
name: gitea-unittests-actions-act-runner
- equal:
path: spec.template.spec.containers[0].env[1].name
value: "GITEA_INSTANCE_URL"
- equal:
path: spec.template.spec.containers[0].env[1].value
value: "http://my-gitea-svc-http:3210"
- equal:
path: spec.template.spec.initContainers[0].command[2]
value: |
echo 'Trying to reach Gitea on http://my-gitea-svc-http:3210'
until timeout 10 wget --no-check-certificate --spider http://my-gitea-svc-http:3210; do
sleep 3
echo "Trying again in 3 seconds..."
done
echo "Gitea has been reached!"
- it: should render service account name correctly
template: templates/statefulset.yaml
set:
enabled: true
statefulset:
serviceAccountName: "my-service-account"
asserts:
- hasDocuments:
count: 1
- equal:
path: spec.template.spec.serviceAccountName
value: "my-service-account"

81
values.yaml
View File

@ -2,8 +2,9 @@
## @section Gitea Actions
#
## @param enabled Create an act runner StatefulSet.
## @param init.image.repository The image used for the init containers
## @param init.image.tag The image tag used for the init containers
## @param statefulset.replicas the amount of (replica) runner pods deployed
## @param statefulset.timezone is the timezone that will be set in the act_runner image
## @param statefulset.annotations Act runner annotations
## @param statefulset.labels Act runner labels
## @param statefulset.resources Act runner resources
@ -11,32 +12,23 @@
## @param statefulset.tolerations Tolerations for the statefulset
## @param statefulset.affinity Affinity for the statefulset
## @param statefulset.extraVolumes Extra volumes for the statefulset
## @param statefulset.actRunner.registry image registry, e.g. gcr.io,docker.io
## @param statefulset.actRunner.repository The Gitea act runner image
## @param statefulset.actRunner.tag The Gitea act runner tag
## @param statefulset.actRunner.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest`
## @param statefulset.actRunner.pullPolicy The Gitea act runner pullPolicy
## @param statefulset.actRunner.fullOverride Completely overrides the image registry, path/image, tag and digest.
## @param statefulset.actRunner.extraVolumeMounts Allows mounting extra volumes in the act runner container
## @param statefulset.actRunner.config [default: Too complex. See values.yaml] Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details.
## @param statefulset.dind.rootless [default: false] a simple flag to let helm know we are dealing with a rootless dind container
## @param statefulset.dind.uid a field to set the running user id for the rootless dind container, so it knows where to look for the socket
## @param statefulset.dind.registry image registry, e.g. gcr.io,docker.io
## @param statefulset.actRunner.extraEnvs Allows adding custom environment variables
## @param statefulset.dind.repository The Docker-in-Docker image
## @param statefulset.dind.tag The Docker-in-Docker image tag
## @param statefulset.dind.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest`
## @param statefulset.dind.fullOverride Completely overrides the image registry, path/image, tag and digest.
## @param statefulset.dind.pullPolicy The Docker-in-Docker pullPolicy
## @param statefulset.dind.extraVolumeMounts Allows mounting extra volumes in the Docker-in-Docker container
## @param statefulset.dind.extraEnvs Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY`
## @param statefulset.persistence.size Size for persistence to store act runner data
## @param statefulset.securityContext Customize the SecurityContext
## @param statefulset.serviceAccountName Customize the service account name
## @param existingSecret Secret that contains the token
## @param existingSecretKey Secret key
## @param giteaRootURL URL the act_runner registers and connect with
enabled: false
statefulset:
replicas: 1
timezone: Etc/UTC
annotations: {}
labels: {}
resources: {}
@ -44,23 +36,12 @@ statefulset:
tolerations: []
affinity: {}
extraVolumes: []
securityContext: {}
serviceAccountName: ""
actRunner:
registry: "docker.gitea.com"
repository: act_runner
tag: 0.3.0
digest: ""
repository: gitea/act_runner
tag: 0.2.11
pullPolicy: IfNotPresent
fullOverride: ""
extraVolumeMounts: []
extraEnvs:
[]
# - name: "GITEA_RUNNER_NAME"
# valueFrom:
# fieldRef:
# fieldPath: metadata.name
# See full example here: https://gitea.com/gitea/act_runner/src/branch/main/internal/pkg/config/config.example.yaml
config: |
@ -68,19 +49,11 @@ statefulset:
level: debug
cache:
enabled: false
container:
require_docker: true
docker_timeout: 300s
dind:
rootless: false
uid: ""
registry: "docker.io"
repository: docker
tag: 29.3.1-dind
digest: ""
tag: 25.0.2-dind
pullPolicy: IfNotPresent
fullOverride: ""
extraVolumeMounts: []
# If the container keeps crashing in your environment, you might have to add the `DOCKER_IPTABLES_LEGACY` environment variable.
@ -93,56 +66,24 @@ statefulset:
persistence:
size: 1Gi
## @section Gitea Actions Init
#
## @param init.image.registry image registry, e.g. gcr.io,docker.io
## @param init.image.repository The init image
## @param init.image.tag the init image tag
## @param init.image.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest`
## @param init.image.pullPolicy The init image pullPolicy
## @param init.image.fullOverride Completely overrides the image registry, path/image, tag and digest.
init:
image:
registry: ""
repository: busybox
# Overrides the image tag whose default is the chart appVersion.
tag: "1.37.0"
digest: ""
pullPolicy: IfNotPresent
fullOverride: ""
## @section Runner Token Secret Configuration
#
## @param existingSecret Secret that contains the token
## @param existingSecretKey Secret key
## Specify an existing token secret
##
existingSecret: ""
existingSecretKey: ""
## @section Gitea URL Setting
#
## @param giteaRootURL URL the act_runner registers and connect with
## Specify the root URL of the Gitea instance
giteaRootURL: ""
## @section Extra Init Containers
#
## @param preExtraInitContainers Additional init containers to run in the pod before gitea-actions runs it owns init containers.
## @param postExtraInitContainers Additional init containers to run in the pod after gitea-actions runs it owns init containers.
preExtraInitContainers: []
# - name: pre-init-container
# image: docker.io/library/busybox
# command: [ /bin/sh, -c, 'echo "Hello world! I am a pre init container."' ]
postExtraInitContainers: []
# - name: post-init-container
# image: docker.io/library/busybox
# command: [ /bin/sh, -c, 'echo "Hello world! I am a post init container."' ]
## @section Global
#
## @param global.imageRegistry global image registry override
## @param global.imagePullSecrets global image registry pull secrets
## @param global.storageClass global storage class override
global:
imageRegistry: ""
imagePullSecrets: []
storageClass: ""