From 7980f88f8a1ed26759fa7a3c9c2fc0c207bfaa6c Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Mon, 8 Nov 2021 16:54:48 +0100 Subject: [PATCH] feat: add gitea to kubezero-ci --- charts/kubezero-ci/Chart.yaml | 7 ++- charts/kubezero-ci/README.md | 23 +++++++- .../templates/gitea/istio-service.yaml | 18 ++++++ .../kubezero-ci/templates/gitea/secrets.yaml | 12 ++++ .../templates/gocd/istio-service.yaml | 2 +- charts/kubezero-ci/values.yaml | 55 +++++++++++++++++++ 6 files changed, 114 insertions(+), 3 deletions(-) create mode 100644 charts/kubezero-ci/templates/gitea/istio-service.yaml create mode 100644 charts/kubezero-ci/templates/gitea/secrets.yaml diff --git a/charts/kubezero-ci/Chart.yaml b/charts/kubezero-ci/Chart.yaml index 4c329d24..5ce07322 100644 --- a/charts/kubezero-ci/Chart.yaml +++ b/charts/kubezero-ci/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: kubezero-ci description: KubeZero umbrella chart for all things CI type: application -version: 0.1.0 +version: 0.2.0 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: @@ -19,4 +19,9 @@ dependencies: version: 1.39.4 repository: https://gocd.github.io/helm-chart condition: gocd.enabled + - name: gitea + version: 4.1.1 + repository: https://dl.gitea.io/charts/ + condition: gitea.enabled + kubeVersion: ">= 1.18.0" diff --git a/charts/kubezero-ci/README.md b/charts/kubezero-ci/README.md index 4842a8cd..725795d1 100644 --- a/charts/kubezero-ci/README.md +++ b/charts/kubezero-ci/README.md @@ -1,6 +1,6 @@ # kubezero-ci -![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) KubeZero umbrella chart for all things CI @@ -18,6 +18,7 @@ Kubernetes: `>= 1.18.0` | Repository | Name | Version | |------------|------|---------| +| https://dl.gitea.io/charts/ | gitea | 4.1.1 | | https://gocd.github.io/helm-chart | gocd | 1.39.4 | | https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.4 | @@ -31,6 +32,26 @@ Kubernetes: `>= 1.18.0` | Key | Type | Default | Description | |-----|------|---------|-------------| +| gitea.enabled | bool | `false` | | +| gitea.gitea.admin.existingSecret | string | `"gitea-admin-secret"` | | +| gitea.gitea.cache.builtIn.enabled | bool | `false` | | +| gitea.gitea.config.cache.ADAPTER | string | `"memory"` | | +| gitea.gitea.config.database.DB_TYPE | string | `"sqlite3"` | | +| gitea.gitea.database.builtIn.mariadb.enabled | bool | `false` | | +| gitea.gitea.database.builtIn.mysql.enabled | bool | `false` | | +| gitea.gitea.database.builtIn.postgresql.enabled | bool | `false` | | +| gitea.gitea.demo | bool | `false` | | +| gitea.gitea.metrics.enabled | bool | `false` | | +| gitea.gitea.metrics.serviceMonitor.enabled | bool | `false` | | +| gitea.image.rootless | bool | `true` | | +| gitea.istio.enabled | bool | `false` | | +| gitea.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | | +| gitea.istio.url | string | `""` | | +| gitea.persistence.enabled | bool | `true` | | +| gitea.persistence.size | string | `"4Gi"` | | +| gitea.securityContext.allowPrivilegeEscalation | bool | `false` | | +| gitea.securityContext.capabilities.add[0] | string | `"SYS_CHROOT"` | | +| gitea.securityContext.capabilities.drop[0] | string | `"ALL"` | | | gocd.enabled | bool | `false` | | | gocd.istio.enabled | bool | `false` | | | gocd.istio.gateway | string | `"istio-ingress/private-ingressgateway"` | | diff --git a/charts/kubezero-ci/templates/gitea/istio-service.yaml b/charts/kubezero-ci/templates/gitea/istio-service.yaml new file mode 100644 index 00000000..44ee6995 --- /dev/null +++ b/charts/kubezero-ci/templates/gitea/istio-service.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.gitea.enabled .Values.gitea.istio.enabled }} +apiVersion: networking.istio.io/v1beta1 +kind: VirtualService +metadata: + name: {{ include "kubezero-lib.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kubezero-lib.labels" . | nindent 4 }} +spec: + gateways: + - {{ .Values.gitea.istio.gateway }} + hosts: + - {{ .Values.gitea.istio.url }} + http: + - route: + - destination: + host: gitea-http +{{- end }} diff --git a/charts/kubezero-ci/templates/gitea/secrets.yaml b/charts/kubezero-ci/templates/gitea/secrets.yaml new file mode 100644 index 00000000..7b466f21 --- /dev/null +++ b/charts/kubezero-ci/templates/gitea/secrets.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.gitea.enabled .Values.gitea.demo }} +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: gitea-admin-secret + labels: +{{ include "kubezero-lib.labels" . | indent 4 }} +data: + username: {{ "admin" | b64enc | quote }} + password: {{ "secret" | b64enc | quote }} +{{- end }} diff --git a/charts/kubezero-ci/templates/gocd/istio-service.yaml b/charts/kubezero-ci/templates/gocd/istio-service.yaml index 3a59541a..22d9b8ac 100644 --- a/charts/kubezero-ci/templates/gocd/istio-service.yaml +++ b/charts/kubezero-ci/templates/gocd/istio-service.yaml @@ -14,5 +14,5 @@ spec: http: - route: - destination: - host: {{ .Release.Name }}-gocd-server + host: gocd-server {{- end }} diff --git a/charts/kubezero-ci/values.yaml b/charts/kubezero-ci/values.yaml index 23a436e2..fbffd81d 100644 --- a/charts/kubezero-ci/values.yaml +++ b/charts/kubezero-ci/values.yaml @@ -12,5 +12,60 @@ gocd: gateway: istio-ingress/private-ingressgateway url: "" # gocd.example.com +gitea: + enabled: false + + image: + rootless: true + + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + add: + - SYS_CHROOT + + persistence: + enabled: true + size: 4Gi + + gitea: + admin: + existingSecret: gitea-admin-secret + + # Enable to install demo creds + demo: false + + metrics: + enabled: false + serviceMonitor: + enabled: false + + config: + database: + DB_TYPE: sqlite3 + + cache: + ADAPTER: memory + + database: + builtIn: + postgresql: + enabled: false + mysql: + enabled: false + mariadb: + enabled: false + + cache: + builtIn: + enabled: false + + istio: + enabled: false + gateway: istio-ingress/private-ingressgateway + url: "" # git.example.com + jenkins: enabled: false