From d5c2125a474ec5ba1ddb0c588309f525cb98b3a8 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Thu, 18 Apr 2024 15:01:33 +0200 Subject: [PATCH 01/14] feat: otomi db for gitea --- .gitignore | 3 +- helmfile.d/helmfile-04.databases.yaml | 7 +++- helmfile.d/snippets/defaults.yaml | 11 +++++++ upgrades/pre/upgrade-2-11-0.sh | 7 ++++ values-schema.yaml | 13 ++++++++ values/gitea/gitea-otomi-db.gotmpl | 47 +++++++++++++++++++++++++++ values/gitea/gitea-raw.gotmpl | 10 +++++- values/gitea/gitea.gotmpl | 8 +++++ 8 files changed, 103 insertions(+), 3 deletions(-) create mode 100755 upgrades/pre/upgrade-2-11-0.sh create mode 100644 values/gitea/gitea-otomi-db.gotmpl diff --git a/.gitignore b/.gitignore index 8c706776f0..582d5c2dd2 100644 --- a/.gitignore +++ b/.gitignore @@ -15,4 +15,5 @@ chart/otomi/README.md workflow/ *.new .envrc -otomi.cpuprofile \ No newline at end of file +otomi.cpuprofile +/.idea/ diff --git a/helmfile.d/helmfile-04.databases.yaml b/helmfile.d/helmfile-04.databases.yaml index 0312ff1dbe..4fb61c7da3 100644 --- a/helmfile.d/helmfile-04.databases.yaml +++ b/helmfile.d/helmfile-04.databases.yaml @@ -25,4 +25,9 @@ releases: namespace: keycloak labels: pkg: keycloak - <<: *otomiDb \ No newline at end of file + <<: *otomiDb + - name: gitea-otomi-db + namespace: gitea + labels: + pkg: gitea + <<: *otomiDb diff --git a/helmfile.d/snippets/defaults.yaml b/helmfile.d/snippets/defaults.yaml index d27c39a78c..8aa5b36ed2 100644 --- a/helmfile.d/snippets/defaults.yaml +++ b/helmfile.d/snippets/defaults.yaml @@ -767,6 +767,17 @@ environments: requests: cpu: 50m memory: 256Mi + gitea: + imported: false + size: '5Gi' + replicas: 2 + resources: + limits: + cpu: 100m + memory: 512Mi + requests: + cpu: 50m + memory: 256Mi platformBackups: database: harbor: diff --git a/upgrades/pre/upgrade-2-11-0.sh b/upgrades/pre/upgrade-2-11-0.sh new file mode 100755 index 0000000000..ace7daa3f4 --- /dev/null +++ b/upgrades/pre/upgrade-2-11-0.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +set -eu + +kubectl annotate -n harbor secret/harbor-database helm.sh/resource-policy='keep' deprecated=true +kubectl annotate -n harbor sts/harbor-database helm.sh/resource-policy='keep' deprecated=true +kubectl annotate -n harbor svc/harbor-database helm.sh/resource-policy='keep' deprecated=true diff --git a/values-schema.yaml b/values-schema.yaml index 677f083431..609b5ffaf7 100644 --- a/values-schema.yaml +++ b/values-schema.yaml @@ -4109,6 +4109,19 @@ properties: imported: type: boolean default: false + gitea: + title: gitea + properties: + size: + type: string + resources: + $ref: '#/definitions/resources' + replicas: + type: integer + default: 2 + imported: + type: boolean + default: false teamConfig: additionalProperties: false patternProperties: diff --git a/values/gitea/gitea-otomi-db.gotmpl b/values/gitea/gitea-otomi-db.gotmpl new file mode 100644 index 0000000000..a2f9b9305e --- /dev/null +++ b/values/gitea/gitea-otomi-db.gotmpl @@ -0,0 +1,47 @@ +{{- $v := .Values }} +{{- $k := $v.apps.gitea }} +{{- $cnpg := $v.apps.cnpg }} +{{- $kdb := $v.databases.gitea }} + +name: gitea-db +storage: + size: {{ $kdb.size }} + +{{- if $kdb.imported }} +clusterSpec: + bootstrap: + initdb: + database: gitea + owner: gitea + import: + type: microservice + databases: + - gitea + source: + externalCluster: gitea-postgresql + externalClusters: + - name: gitea-postgresql + connectionParameters: + host: gitea-postgresql.gitea.svc.cluster.local + user: gitea + dbname: gitea + sslmode: disable + password: + name: gitea-postgresql + key: postgresql-password + +{{- else }} +clusterSpec: + bootstrap: + initdb: + database: gitea + owner: gitea + secret: + name: gitea-db-secret + localeCollate: 'en_US.UTF-8' + localeCType: 'en_US.UTF-8' +{{- end }} + +instances: {{ $kdb.replicas }} + +resources: {{- toYaml $kdb.resources | nindent 6 }} diff --git a/values/gitea/gitea-raw.gotmpl b/values/gitea/gitea-raw.gotmpl index e7a863ae80..e42a5fac1d 100644 --- a/values/gitea/gitea-raw.gotmpl +++ b/values/gitea/gitea-raw.gotmpl @@ -8,4 +8,12 @@ resources: name: custom-ca data: ca-certificates.crt: {{ .Values._derived.caCert | b64enc }} -{{- end }} \ No newline at end of file +{{- end }} + - apiVersion: v1 + kind: Secret + type: kubernetes.io/basic-auth + metadata: + name: gitea-db-secret + data: + username: "{{ gitea | b64enc }}" + password: "{{ $v.apps.gitea.adminPassword | b64enc }}" diff --git a/values/gitea/gitea.gotmpl b/values/gitea/gitea.gotmpl index e929ea156f..b35d855453 100644 --- a/values/gitea/gitea.gotmpl +++ b/values/gitea/gitea.gotmpl @@ -56,6 +56,13 @@ gitea: username: {{ $g.adminUsername }} password: {{ $g.adminPassword }} config: + database: + DB_TYPE: postgresql + HOST: gitea-db-rw.gitea.svc.cluster.local:5432 + NAME: gitea + USER: gitea + PASSWD: gitea + SCHEMA: gitea admin: DISABLE_REGULAR_ORG_CREATION: false log: @@ -170,6 +177,7 @@ persistence: {{- end }} postgresql: + enabled: false # @TODO: image: tag: {{ $g | get "image.postgresql.tag" "13.5.0" }} From 57facd87b2c81f923e387de99f059bb61283d66f Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Thu, 18 Apr 2024 15:03:10 +0200 Subject: [PATCH 02/14] feat: otomi db for gitea --- values/gitea/gitea-raw.gotmpl | 2 +- values/gitea/gitea.gotmpl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/values/gitea/gitea-raw.gotmpl b/values/gitea/gitea-raw.gotmpl index e42a5fac1d..54fb70c84e 100644 --- a/values/gitea/gitea-raw.gotmpl +++ b/values/gitea/gitea-raw.gotmpl @@ -15,5 +15,5 @@ resources: metadata: name: gitea-db-secret data: - username: "{{ gitea | b64enc }}" + username: "{{ "gitea" | b64enc }}" password: "{{ $v.apps.gitea.adminPassword | b64enc }}" diff --git a/values/gitea/gitea.gotmpl b/values/gitea/gitea.gotmpl index b35d855453..d77929d8e0 100644 --- a/values/gitea/gitea.gotmpl +++ b/values/gitea/gitea.gotmpl @@ -61,7 +61,7 @@ gitea: HOST: gitea-db-rw.gitea.svc.cluster.local:5432 NAME: gitea USER: gitea - PASSWD: gitea + PASSWD: {{ $v.apps.gitea.adminPassword | b64enc }} SCHEMA: gitea admin: DISABLE_REGULAR_ORG_CREATION: false From 152e14c1ab3dcaaf282ec0268f8256b23b9ae445 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Thu, 18 Apr 2024 16:37:54 +0200 Subject: [PATCH 03/14] fix: bug in gitea-raw --- values/gitea/gitea-raw.gotmpl | 2 +- values/gitea/gitea.gotmpl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/values/gitea/gitea-raw.gotmpl b/values/gitea/gitea-raw.gotmpl index 54fb70c84e..b3518fa105 100644 --- a/values/gitea/gitea-raw.gotmpl +++ b/values/gitea/gitea-raw.gotmpl @@ -1,7 +1,7 @@ {{- $v := .Values }} -{{- if $v._derived.untrustedCA }} resources: +{{- if $v._derived.untrustedCA }} - apiVersion: v1 kind: Secret metadata: diff --git a/values/gitea/gitea.gotmpl b/values/gitea/gitea.gotmpl index d77929d8e0..7c07928c6f 100644 --- a/values/gitea/gitea.gotmpl +++ b/values/gitea/gitea.gotmpl @@ -61,7 +61,7 @@ gitea: HOST: gitea-db-rw.gitea.svc.cluster.local:5432 NAME: gitea USER: gitea - PASSWD: {{ $v.apps.gitea.adminPassword | b64enc }} + PASSWD: {{ $v.apps.gitea.adminPassword }} SCHEMA: gitea admin: DISABLE_REGULAR_ORG_CREATION: false From f163fd46240c06fe9ecb877f71e2f63c1fde3ede Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Fri, 19 Apr 2024 09:07:26 +0200 Subject: [PATCH 04/14] fix: set db type to postgres instead of postgresql --- values/gitea/gitea.gotmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/values/gitea/gitea.gotmpl b/values/gitea/gitea.gotmpl index 7c07928c6f..5068f00398 100644 --- a/values/gitea/gitea.gotmpl +++ b/values/gitea/gitea.gotmpl @@ -57,7 +57,7 @@ gitea: password: {{ $g.adminPassword }} config: database: - DB_TYPE: postgresql + DB_TYPE: postgres HOST: gitea-db-rw.gitea.svc.cluster.local:5432 NAME: gitea USER: gitea From 89c742db78eb89f64a2e45e2365b22722fef81b0 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Fri, 19 Apr 2024 09:54:27 +0200 Subject: [PATCH 05/14] fix: create gitea schema --- values/gitea/gitea-otomi-db.gotmpl | 3 +++ 1 file changed, 3 insertions(+) diff --git a/values/gitea/gitea-otomi-db.gotmpl b/values/gitea/gitea-otomi-db.gotmpl index a2f9b9305e..0faf29a4e0 100644 --- a/values/gitea/gitea-otomi-db.gotmpl +++ b/values/gitea/gitea-otomi-db.gotmpl @@ -40,6 +40,9 @@ clusterSpec: name: gitea-db-secret localeCollate: 'en_US.UTF-8' localeCType: 'en_US.UTF-8' + postInitApplicationSQL: + - CREATE SCHEMA gitea + - GRANT ALL PRIVILEGES ON SCHEMA gitea TO gitea; {{- end }} instances: {{ $kdb.replicas }} From daf9c23fa9e363b45d624eecc4fb23e1748478a8 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Mon, 22 Apr 2024 10:15:40 +0200 Subject: [PATCH 06/14] feat: add upgrade yaml to annotate gitea databases --- upgrades.yaml | 3 +++ upgrades/pre/upgrade-2-11-0.sh | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/upgrades.yaml b/upgrades.yaml index 66c38d4bd6..c9a0944f9f 100644 --- a/upgrades.yaml +++ b/upgrades.yaml @@ -81,3 +81,6 @@ operations: - version: 2.10.0 pre: - upgrades/pre/upgrade-2-10-0.sh || true + - version: 2.11.0 + pre: + - upgrades/pre/upgrade-2-11-0.sh || true diff --git a/upgrades/pre/upgrade-2-11-0.sh b/upgrades/pre/upgrade-2-11-0.sh index ace7daa3f4..40f345c226 100755 --- a/upgrades/pre/upgrade-2-11-0.sh +++ b/upgrades/pre/upgrade-2-11-0.sh @@ -2,6 +2,6 @@ set -eu -kubectl annotate -n harbor secret/harbor-database helm.sh/resource-policy='keep' deprecated=true -kubectl annotate -n harbor sts/harbor-database helm.sh/resource-policy='keep' deprecated=true -kubectl annotate -n harbor svc/harbor-database helm.sh/resource-policy='keep' deprecated=true +kubectl annotate -n harbor secret/gitea-database helm.sh/resource-policy='keep' deprecated=true +kubectl annotate -n harbor sts/gitea-database helm.sh/resource-policy='keep' deprecated=true +kubectl annotate -n harbor svc/gitea-database helm.sh/resource-policy='keep' deprecated=true From e7eea7de14287a3a72daa75c4049da6ee3a31928 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Mon, 22 Apr 2024 13:13:35 +0200 Subject: [PATCH 07/14] feat: add upgrade yaml to annotate gitea databases --- upgrades/pre/upgrade-2-11-0.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/upgrades/pre/upgrade-2-11-0.sh b/upgrades/pre/upgrade-2-11-0.sh index 40f345c226..a43ff273eb 100755 --- a/upgrades/pre/upgrade-2-11-0.sh +++ b/upgrades/pre/upgrade-2-11-0.sh @@ -2,6 +2,6 @@ set -eu -kubectl annotate -n harbor secret/gitea-database helm.sh/resource-policy='keep' deprecated=true -kubectl annotate -n harbor sts/gitea-database helm.sh/resource-policy='keep' deprecated=true -kubectl annotate -n harbor svc/gitea-database helm.sh/resource-policy='keep' deprecated=true +kubectl annotate -n gitea secret/gitea-postgresql helm.sh/resource-policy='keep' deprecated=true +kubectl annotate -n gitea sts/gitea-postgresql helm.sh/resource-policy='keep' deprecated=true +kubectl annotate -n gitea svc/gitea-postgresql helm.sh/resource-policy='keep' deprecated=true From 1910b95a1c04182922c4835291c7cff9b2a88d9a Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Mon, 22 Apr 2024 15:02:12 +0200 Subject: [PATCH 08/14] feat: add useOtomiDB value --- helmfile.d/snippets/defaults.yaml | 1 + values-schema.yaml | 3 +++ values/gitea/gitea-otomi-db.gotmpl | 10 +++++----- values/gitea/gitea-raw.gotmpl | 2 +- values/gitea/gitea.gotmpl | 10 +++++++++- 5 files changed, 19 insertions(+), 7 deletions(-) diff --git a/helmfile.d/snippets/defaults.yaml b/helmfile.d/snippets/defaults.yaml index fe7b1c1106..89f1034f54 100644 --- a/helmfile.d/snippets/defaults.yaml +++ b/helmfile.d/snippets/defaults.yaml @@ -765,6 +765,7 @@ environments: coreDatabase: registry gitea: imported: false + useOtomiDB: true size: '5Gi' replicas: 2 resources: diff --git a/values-schema.yaml b/values-schema.yaml index d1dcbbd8f8..2e2ab62323 100644 --- a/values-schema.yaml +++ b/values-schema.yaml @@ -4104,6 +4104,9 @@ properties: imported: type: boolean default: false + useOtomiDB: + type: boolean + default: true teamConfig: additionalProperties: false patternProperties: diff --git a/values/gitea/gitea-otomi-db.gotmpl b/values/gitea/gitea-otomi-db.gotmpl index 0faf29a4e0..4742c99208 100644 --- a/values/gitea/gitea-otomi-db.gotmpl +++ b/values/gitea/gitea-otomi-db.gotmpl @@ -1,13 +1,13 @@ {{- $v := .Values }} {{- $k := $v.apps.gitea }} {{- $cnpg := $v.apps.cnpg }} -{{- $kdb := $v.databases.gitea }} +{{- $gdb := $v.databases.gitea }} name: gitea-db storage: - size: {{ $kdb.size }} + size: {{ $gdb.size }} -{{- if $kdb.imported }} +{{- if $gdb.imported }} clusterSpec: bootstrap: initdb: @@ -45,6 +45,6 @@ clusterSpec: - GRANT ALL PRIVILEGES ON SCHEMA gitea TO gitea; {{- end }} -instances: {{ $kdb.replicas }} +instances: {{ $gdb.replicas }} -resources: {{- toYaml $kdb.resources | nindent 6 }} +resources: {{- toYaml $gdb.resources | nindent 6 }} diff --git a/values/gitea/gitea-raw.gotmpl b/values/gitea/gitea-raw.gotmpl index b3518fa105..aee4561269 100644 --- a/values/gitea/gitea-raw.gotmpl +++ b/values/gitea/gitea-raw.gotmpl @@ -16,4 +16,4 @@ resources: name: gitea-db-secret data: username: "{{ "gitea" | b64enc }}" - password: "{{ $v.apps.gitea.adminPassword | b64enc }}" + password: "{{ $v.apps.gitea.postgresqlPassword | b64enc }}" diff --git a/values/gitea/gitea.gotmpl b/values/gitea/gitea.gotmpl index 5068f00398..e9ca1f44a0 100644 --- a/values/gitea/gitea.gotmpl +++ b/values/gitea/gitea.gotmpl @@ -4,6 +4,8 @@ {{- $k := $v.apps.keycloak }} {{- $giteaDomain := printf "gitea.%s" $v.cluster.domainSuffix }} {{- $cm := $v.apps | get "cert-manager" }} +{{- $gdb := $v.databases.gitea }} + nameOverride: gitea fullnameOverride: gitea @@ -56,13 +58,15 @@ gitea: username: {{ $g.adminUsername }} password: {{ $g.adminPassword }} config: + {{- if $gdb.useOtomiDB }} database: DB_TYPE: postgres HOST: gitea-db-rw.gitea.svc.cluster.local:5432 NAME: gitea USER: gitea - PASSWD: {{ $v.apps.gitea.adminPassword }} + PASSWD: {{ $v.apps.gitea.postgresqlPassword }} SCHEMA: gitea + {{- end }} admin: DISABLE_REGULAR_ORG_CREATION: false log: @@ -177,7 +181,11 @@ persistence: {{- end }} postgresql: + {{- if $gdb.useOtomiDB }} enabled: false + {{- else }} + enabled: true + {{- end }} # @TODO: image: tag: {{ $g | get "image.postgresql.tag" "13.5.0" }} From 5262f082d5cca4853681f34e5d67b514af290e8a Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Tue, 23 Apr 2024 10:43:25 +0200 Subject: [PATCH 09/14] fix: upgrade scenario for gitea to cnpg --- helmfile.d/helmfile-04.databases.yaml | 3 +-- upgrades.yaml | 4 ++-- upgrades/pre/{upgrade-2-11-0.sh => upgrade-3-0-0.sh} | 0 values-changes.yaml | 4 ++++ values/gitea/gitea-otomi-db.gotmpl | 2 ++ 5 files changed, 9 insertions(+), 4 deletions(-) rename upgrades/pre/{upgrade-2-11-0.sh => upgrade-3-0-0.sh} (100%) diff --git a/helmfile.d/helmfile-04.databases.yaml b/helmfile.d/helmfile-04.databases.yaml index f1a2bf3a55..7cf7d0fe66 100644 --- a/helmfile.d/helmfile-04.databases.yaml +++ b/helmfile.d/helmfile-04.databases.yaml @@ -11,8 +11,6 @@ bases: {{- $v := .Values }} {{- $a := $v.apps }} {{- $h := $a.harbor }} -{{- $hdb := $v.databases.harbor }} -{{- $kdb := $v.databases.keycloak }} {{- $k := $a.keycloak }} releases: @@ -29,6 +27,7 @@ releases: pkg: keycloak <<: *otomiDb - name: gitea-otomi-db + installed: {{ or $v.databases.gitea.useOtomiDB $v.databases.gitea.imported }} namespace: gitea labels: pkg: gitea diff --git a/upgrades.yaml b/upgrades.yaml index c9a0944f9f..4661f47d97 100644 --- a/upgrades.yaml +++ b/upgrades.yaml @@ -81,6 +81,6 @@ operations: - version: 2.10.0 pre: - upgrades/pre/upgrade-2-10-0.sh || true - - version: 2.11.0 + - version: 3.0.0 pre: - - upgrades/pre/upgrade-2-11-0.sh || true + - upgrades/pre/upgrade-3-0-0.sh || true diff --git a/upgrades/pre/upgrade-2-11-0.sh b/upgrades/pre/upgrade-3-0-0.sh similarity index 100% rename from upgrades/pre/upgrade-2-11-0.sh rename to upgrades/pre/upgrade-3-0-0.sh diff --git a/values-changes.yaml b/values-changes.yaml index b1f852df23..1d8b909702 100644 --- a/values-changes.yaml +++ b/values-changes.yaml @@ -143,3 +143,7 @@ changes: relocations: - 'apps.harbor.database.size': 'databases.harbor.size' - 'apps.harbor.resources.database': 'databases.harbor.resources' + - version: 22 + additions: + - databases.gitea.useOtomiDB: false + - databases.gitea.imported: false diff --git a/values/gitea/gitea-otomi-db.gotmpl b/values/gitea/gitea-otomi-db.gotmpl index 4742c99208..256478740b 100644 --- a/values/gitea/gitea-otomi-db.gotmpl +++ b/values/gitea/gitea-otomi-db.gotmpl @@ -13,6 +13,8 @@ clusterSpec: initdb: database: gitea owner: gitea + secret: + name: gitea-db-secret import: type: microservice databases: From 2e2d13740f9212b493249bcbe7db7293fde1ab67 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Wed, 24 Apr 2024 11:00:16 +0200 Subject: [PATCH 10/14] fix: set gitea db schema back to public --- values/gitea/gitea-otomi-db.gotmpl | 3 --- values/gitea/gitea.gotmpl | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/values/gitea/gitea-otomi-db.gotmpl b/values/gitea/gitea-otomi-db.gotmpl index 256478740b..57d68f01c8 100644 --- a/values/gitea/gitea-otomi-db.gotmpl +++ b/values/gitea/gitea-otomi-db.gotmpl @@ -42,9 +42,6 @@ clusterSpec: name: gitea-db-secret localeCollate: 'en_US.UTF-8' localeCType: 'en_US.UTF-8' - postInitApplicationSQL: - - CREATE SCHEMA gitea - - GRANT ALL PRIVILEGES ON SCHEMA gitea TO gitea; {{- end }} instances: {{ $gdb.replicas }} diff --git a/values/gitea/gitea.gotmpl b/values/gitea/gitea.gotmpl index e9ca1f44a0..eb9afb2f6a 100644 --- a/values/gitea/gitea.gotmpl +++ b/values/gitea/gitea.gotmpl @@ -65,7 +65,7 @@ gitea: NAME: gitea USER: gitea PASSWD: {{ $v.apps.gitea.postgresqlPassword }} - SCHEMA: gitea + SCHEMA: public {{- end }} admin: DISABLE_REGULAR_ORG_CREATION: false From fe08b27fcaa04144fdd1af8b41dd55160ce92731 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Wed, 24 Apr 2024 11:56:03 +0200 Subject: [PATCH 11/14] fix: set defaults for gitea otomidb --- helmfile.d/snippets/defaults.yaml | 2 +- values-schema.yaml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/helmfile.d/snippets/defaults.yaml b/helmfile.d/snippets/defaults.yaml index 89f1034f54..a4777a2e10 100644 --- a/helmfile.d/snippets/defaults.yaml +++ b/helmfile.d/snippets/defaults.yaml @@ -764,8 +764,8 @@ environments: replicas: 2 coreDatabase: registry gitea: - imported: false useOtomiDB: true + imported: false size: '5Gi' replicas: 2 resources: diff --git a/values-schema.yaml b/values-schema.yaml index 2e2ab62323..0a609a712e 100644 --- a/values-schema.yaml +++ b/values-schema.yaml @@ -4094,6 +4094,9 @@ properties: gitea: title: gitea properties: + useOtomiDB: + type: boolean + default: false size: type: string resources: @@ -4104,9 +4107,6 @@ properties: imported: type: boolean default: false - useOtomiDB: - type: boolean - default: true teamConfig: additionalProperties: false patternProperties: From 171788c8b4dbb3ee3e5ecae546c8cd0d192e4245 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Wed, 24 Apr 2024 12:33:38 +0200 Subject: [PATCH 12/14] fix: set databases gitea postgresqlPassword secret --- .values/env/settings.yaml | 2 +- helmfile.d/snippets/defaults.yaml | 2 +- tests/fixtures/env/apps/secrets.gitea.yaml | 3 +++ tests/fixtures/env/settings.yaml | 2 +- values-schema.yaml | 5 +++++ values/gitea/gitea-raw.gotmpl | 2 +- values/gitea/gitea.gotmpl | 2 +- 7 files changed, 13 insertions(+), 5 deletions(-) diff --git a/.values/env/settings.yaml b/.values/env/settings.yaml index 5ed3e746d5..2f98cb16f1 100644 --- a/.values/env/settings.yaml +++ b/.values/env/settings.yaml @@ -1 +1 @@ -version: 20 +version: 22 diff --git a/helmfile.d/snippets/defaults.yaml b/helmfile.d/snippets/defaults.yaml index a4777a2e10..5a53b02769 100644 --- a/helmfile.d/snippets/defaults.yaml +++ b/helmfile.d/snippets/defaults.yaml @@ -819,7 +819,7 @@ environments: upgrade: version: main # TODO: update this when schema version changes: (and think more?) - version: 20 + version: 22 letsencryptRootCA: | -----BEGIN CERTIFICATE----- MIIFmDCCA4CgAwIBAgIQU9C87nMpOIFKYpfvOHFHFDANBgkqhkiG9w0BAQsFADBm diff --git a/tests/fixtures/env/apps/secrets.gitea.yaml b/tests/fixtures/env/apps/secrets.gitea.yaml index 534c52df38..8a4871db5d 100644 --- a/tests/fixtures/env/apps/secrets.gitea.yaml +++ b/tests/fixtures/env/apps/secrets.gitea.yaml @@ -2,3 +2,6 @@ apps: gitea: postgresqlPassword: postgresqlPassword adminPassword: giteaAdminPassword +databases: + gitea: + postgresqlPassword: databasesPostgresqlPassword diff --git a/tests/fixtures/env/settings.yaml b/tests/fixtures/env/settings.yaml index d64b0e172c..f060d3f695 100644 --- a/tests/fixtures/env/settings.yaml +++ b/tests/fixtures/env/settings.yaml @@ -127,4 +127,4 @@ status: deployingVersion: 0.21.0 status: deployed version: 0.21.0 -version: 20 +version: 22 diff --git a/values-schema.yaml b/values-schema.yaml index 0a609a712e..40abb3e458 100644 --- a/values-schema.yaml +++ b/values-schema.yaml @@ -4107,6 +4107,11 @@ properties: imported: type: boolean default: false + postgresqlPassword: + type: string + description: This password was generated and cannot be changed without manual intervention. + x-secret: '{{ randAlphaNum 20 }}' + readOnly: true teamConfig: additionalProperties: false patternProperties: diff --git a/values/gitea/gitea-raw.gotmpl b/values/gitea/gitea-raw.gotmpl index aee4561269..50edbe04e2 100644 --- a/values/gitea/gitea-raw.gotmpl +++ b/values/gitea/gitea-raw.gotmpl @@ -16,4 +16,4 @@ resources: name: gitea-db-secret data: username: "{{ "gitea" | b64enc }}" - password: "{{ $v.apps.gitea.postgresqlPassword | b64enc }}" + password: "{{ $v.databases.gitea.postgresqlPassword | b64enc }}" diff --git a/values/gitea/gitea.gotmpl b/values/gitea/gitea.gotmpl index eb9afb2f6a..a59cd8ac9a 100644 --- a/values/gitea/gitea.gotmpl +++ b/values/gitea/gitea.gotmpl @@ -64,7 +64,7 @@ gitea: HOST: gitea-db-rw.gitea.svc.cluster.local:5432 NAME: gitea USER: gitea - PASSWD: {{ $v.apps.gitea.postgresqlPassword }} + PASSWD: {{ $v.databases.gitea.postgresqlPassword }} SCHEMA: public {{- end }} admin: From 02abd522ec76628c0f30a72cb5f0fcbbd671ebb4 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Wed, 24 Apr 2024 17:32:56 +0200 Subject: [PATCH 13/14] fix: test database secrets --- helmfile.d/snippets/defaults.yaml | 1 + src/common/values.ts | 12 ++++++++++++ tests/fixtures/env/apps/secrets.gitea.yaml | 3 --- tests/fixtures/env/databases/secrets.gitea.yaml | 3 +++ 4 files changed, 16 insertions(+), 3 deletions(-) create mode 100644 tests/fixtures/env/databases/secrets.gitea.yaml diff --git a/helmfile.d/snippets/defaults.yaml b/helmfile.d/snippets/defaults.yaml index 5a53b02769..468cb7f5b1 100644 --- a/helmfile.d/snippets/defaults.yaml +++ b/helmfile.d/snippets/defaults.yaml @@ -775,6 +775,7 @@ environments: requests: cpu: 50m memory: 256Mi + postgresqlPassword: {{ randAlphaNum 20 }} platformBackups: database: harbor: diff --git a/src/common/values.ts b/src/common/values.ts index 6e61409d49..58edfecd2c 100644 --- a/src/common/values.ts +++ b/src/common/values.ts @@ -277,6 +277,18 @@ export const writeValues = async (inValues: Record, overwrite = fal }) await Promise.all(secretValuesPromises) + const databasesSecretValuesPromises = Object.keys((secrets.databases || {}) as Record).map( + (database) => { + const valueObject = { + databases: { + [database]: secrets.databases[database], + }, + } + return writeValuesToFile(`${env.ENV_DIR}/env/databases/secrets.${database}.yaml`, valueObject, overwrite) + }, + ) + await Promise.all(databasesSecretValuesPromises) + d.info('All values were written to ENV_DIR') } diff --git a/tests/fixtures/env/apps/secrets.gitea.yaml b/tests/fixtures/env/apps/secrets.gitea.yaml index 8a4871db5d..534c52df38 100644 --- a/tests/fixtures/env/apps/secrets.gitea.yaml +++ b/tests/fixtures/env/apps/secrets.gitea.yaml @@ -2,6 +2,3 @@ apps: gitea: postgresqlPassword: postgresqlPassword adminPassword: giteaAdminPassword -databases: - gitea: - postgresqlPassword: databasesPostgresqlPassword diff --git a/tests/fixtures/env/databases/secrets.gitea.yaml b/tests/fixtures/env/databases/secrets.gitea.yaml new file mode 100644 index 0000000000..6d17fc0e83 --- /dev/null +++ b/tests/fixtures/env/databases/secrets.gitea.yaml @@ -0,0 +1,3 @@ +databases: + gitea: + postgresqlPassword: databasesPostgresqlPassword From e95ce26f1ccf4e63751cb057e2c9cad2b174fee3 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Thu, 25 Apr 2024 10:56:17 +0200 Subject: [PATCH 14/14] fix: revert back to apps gitea postgresqlpassword --- src/common/values.ts | 12 ------------ tests/fixtures/env/databases/secrets.gitea.yaml | 3 --- values-schema.yaml | 5 ----- values/gitea/gitea-raw.gotmpl | 2 +- values/gitea/gitea.gotmpl | 2 +- 5 files changed, 2 insertions(+), 22 deletions(-) delete mode 100644 tests/fixtures/env/databases/secrets.gitea.yaml diff --git a/src/common/values.ts b/src/common/values.ts index 58edfecd2c..6e61409d49 100644 --- a/src/common/values.ts +++ b/src/common/values.ts @@ -277,18 +277,6 @@ export const writeValues = async (inValues: Record, overwrite = fal }) await Promise.all(secretValuesPromises) - const databasesSecretValuesPromises = Object.keys((secrets.databases || {}) as Record).map( - (database) => { - const valueObject = { - databases: { - [database]: secrets.databases[database], - }, - } - return writeValuesToFile(`${env.ENV_DIR}/env/databases/secrets.${database}.yaml`, valueObject, overwrite) - }, - ) - await Promise.all(databasesSecretValuesPromises) - d.info('All values were written to ENV_DIR') } diff --git a/tests/fixtures/env/databases/secrets.gitea.yaml b/tests/fixtures/env/databases/secrets.gitea.yaml deleted file mode 100644 index 6d17fc0e83..0000000000 --- a/tests/fixtures/env/databases/secrets.gitea.yaml +++ /dev/null @@ -1,3 +0,0 @@ -databases: - gitea: - postgresqlPassword: databasesPostgresqlPassword diff --git a/values-schema.yaml b/values-schema.yaml index 40abb3e458..0a609a712e 100644 --- a/values-schema.yaml +++ b/values-schema.yaml @@ -4107,11 +4107,6 @@ properties: imported: type: boolean default: false - postgresqlPassword: - type: string - description: This password was generated and cannot be changed without manual intervention. - x-secret: '{{ randAlphaNum 20 }}' - readOnly: true teamConfig: additionalProperties: false patternProperties: diff --git a/values/gitea/gitea-raw.gotmpl b/values/gitea/gitea-raw.gotmpl index 50edbe04e2..aee4561269 100644 --- a/values/gitea/gitea-raw.gotmpl +++ b/values/gitea/gitea-raw.gotmpl @@ -16,4 +16,4 @@ resources: name: gitea-db-secret data: username: "{{ "gitea" | b64enc }}" - password: "{{ $v.databases.gitea.postgresqlPassword | b64enc }}" + password: "{{ $v.apps.gitea.postgresqlPassword | b64enc }}" diff --git a/values/gitea/gitea.gotmpl b/values/gitea/gitea.gotmpl index a59cd8ac9a..eb9afb2f6a 100644 --- a/values/gitea/gitea.gotmpl +++ b/values/gitea/gitea.gotmpl @@ -64,7 +64,7 @@ gitea: HOST: gitea-db-rw.gitea.svc.cluster.local:5432 NAME: gitea USER: gitea - PASSWD: {{ $v.databases.gitea.postgresqlPassword }} + PASSWD: {{ $v.apps.gitea.postgresqlPassword }} SCHEMA: public {{- end }} admin: