From c13c67c785930264d78e9c1b14846b64179fa5c1 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Tue, 14 Apr 2026 17:27:20 +0000 Subject: [PATCH] chore: Update manifests after automerge --- clusters/cl01tl/manifests/gitea/Deployment-gitea.yaml | 9 +++------ .../manifests/gitea/Pod-gitea-test-connection.yaml | 2 +- clusters/cl01tl/manifests/gitea/Secret-gitea-init.yaml | 4 ++-- .../manifests/gitea/Secret-gitea-inline-config.yaml | 2 +- clusters/cl01tl/manifests/gitea/Secret-gitea.yaml | 2 +- clusters/cl01tl/manifests/gitea/Service-gitea-http.yaml | 2 +- clusters/cl01tl/manifests/gitea/Service-gitea-ssh.yaml | 2 +- 7 files changed, 10 insertions(+), 13 deletions(-) diff --git a/clusters/cl01tl/manifests/gitea/Deployment-gitea.yaml b/clusters/cl01tl/manifests/gitea/Deployment-gitea.yaml index c62ef5110..f71b3b441 100644 --- a/clusters/cl01tl/manifests/gitea/Deployment-gitea.yaml +++ b/clusters/cl01tl/manifests/gitea/Deployment-gitea.yaml @@ -5,7 +5,7 @@ metadata: namespace: gitea annotations: labels: - helm.sh/chart: gitea-12.5.0 + helm.sh/chart: gitea-12.5.1 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea @@ -26,10 +26,10 @@ spec: template: metadata: annotations: - checksum/config: 878b6957d244540764fe2218a124d9617a7d00acd64d1837f28805cdc5881739 + checksum/config: 5376a0d0dbcef6cab9e566f163e391f3d7df9fe832a8d6c9be29df1ad9d8c11f checksum/oauth_0: 03073bf48e66f48f622bd02092a5f93bfd06dbcb5fd833aded3b0d40980be93d labels: - helm.sh/chart: gitea-12.5.0 + helm.sh/chart: gitea-12.5.1 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea @@ -64,7 +64,6 @@ spec: - mountPath: /data/gitea/public/assets/css name: gitea-themes-storage readOnly: false - securityContext: {} resources: limits: {} requests: @@ -125,7 +124,6 @@ spec: - mountPath: /data/gitea/public/assets/css name: gitea-themes-storage readOnly: false - securityContext: {} resources: limits: {} requests: @@ -229,7 +227,6 @@ spec: requests: cpu: 1000m memory: 600Mi - securityContext: {} volumeMounts: - name: temp mountPath: /tmp diff --git a/clusters/cl01tl/manifests/gitea/Pod-gitea-test-connection.yaml b/clusters/cl01tl/manifests/gitea/Pod-gitea-test-connection.yaml index dde694e95..afc08e158 100644 --- a/clusters/cl01tl/manifests/gitea/Pod-gitea-test-connection.yaml +++ b/clusters/cl01tl/manifests/gitea/Pod-gitea-test-connection.yaml @@ -4,7 +4,7 @@ metadata: name: "gitea-test-connection" namespace: gitea labels: - helm.sh/chart: gitea-12.5.0 + helm.sh/chart: gitea-12.5.1 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea diff --git a/clusters/cl01tl/manifests/gitea/Secret-gitea-init.yaml b/clusters/cl01tl/manifests/gitea/Secret-gitea-init.yaml index f62c91d56..77a7cf56c 100644 --- a/clusters/cl01tl/manifests/gitea/Secret-gitea-init.yaml +++ b/clusters/cl01tl/manifests/gitea/Secret-gitea-init.yaml @@ -4,7 +4,7 @@ metadata: name: gitea-init namespace: gitea labels: - helm.sh/chart: gitea-12.5.0 + helm.sh/chart: gitea-12.5.1 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea @@ -34,4 +34,4 @@ stringData: # prepare temp directory structure mkdir -pv "${GITEA_TEMP}" chmod -v ug+rwx "${GITEA_TEMP}" - configure_gitea.sh: "#!/usr/bin/env bash\n\nset -euo pipefail\n\necho '==== BEGIN GITEA CONFIGURATION ===='\n\n{ # try\n gitea migrate\n} || { # catch\n echo \"Gitea migrate might fail due to database connection...This init-container will try again in a few seconds\"\n exit 1\n}\nfunction configure_admin_user() {\n local full_admin_list=$(gitea admin user list --admin)\n local actual_user_table=''\n\n # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line\n local regex=\"(.*)(ID\\s+Username\\s+Email\\s+IsActive.*)\"\n if [[ \"${full_admin_list}\" =~ $regex ]]; then\n actual_user_table=$(echo \"${BASH_REMATCH[2]}\" | tail -n+2) # tail'ing to drop the table headline\n else\n # This code block should never be reached, as long as the output table header remains the same.\n # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.\n\n echo \"ERROR: 'configure_admin_user' was not able to determine the current list of admin users.\"\n echo \" Please review the output of 'gitea admin user list --admin' shown below.\"\n echo \" If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-gitea/issues.\"\n echo \"DEBUG: Output of 'gitea admin user list --admin'\"\n echo \"--\"\n echo \"${full_admin_list}\"\n echo \"--\"\n exit 1\n fi\n\n local ACCOUNT_ID=$(echo \"${actual_user_table}\" | grep -E \"\\s+${GITEA_ADMIN_USERNAME}\\s+\" | awk -F \" \" \"{printf \\$1}\")\n if [[ -z \"${ACCOUNT_ID}\" ]]; then\n local -a create_args\n create_args=(--admin --username \"${GITEA_ADMIN_USERNAME}\" --password \"${GITEA_ADMIN_PASSWORD}\" --email \"gitea@local.domain\")\n if [[ \"${GITEA_ADMIN_PASSWORD_MODE}\" = initialOnlyRequireReset ]]; then\n create_args+=(--must-change-password=true)\n else\n create_args+=(--must-change-password=false)\n fi\n echo \"No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now...\"\n gitea admin user create \"${create_args[@]}\"\n echo '...created.'\n else\n if [[ \"${GITEA_ADMIN_PASSWORD_MODE}\" = keepUpdated ]]; then\n echo \"Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password...\"\n # See https://gitea.com/gitea/helm-gitea/issues/673\n # --must-change-password argument was added to change-password, defaulting to true, counter to the previous behavior\n # which acted as if it were provided with =false. If the argument is present in this version of gitea, then we\n # should add it to prevent requiring frequent admin password resets.\n local -a change_args\n change_args=(--username \"${GITEA_ADMIN_USERNAME}\" --password \"${GITEA_ADMIN_PASSWORD}\")\n if gitea admin user change-password --help | grep -qF -- '--must-change-password'; then\n change_args+=(--must-change-password=false)\n fi\n gitea admin user change-password \"${change_args[@]}\"\n echo '...password sync done.'\n else\n echo \"Admin account '${GITEA_ADMIN_USERNAME}' already exist, but update mode is set to '${GITEA_ADMIN_PASSWORD_MODE}'. Skipping.\"\n fi\n fi\n}\n\nconfigure_admin_user\n\nfunction configure_ldap() {\n echo 'no ldap configuration... skipping.'\n}\n\nconfigure_ldap\n\nfunction configure_oauth() {\n local OAUTH_NAME='Authentik'\n local full_auth_list=$(gitea admin auth list --vertical-bars)\n local actual_auth_table=''\n\n # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line\n local regex=\"(.*)(ID\\s+\\|Name\\s+\\|Type\\s+\\|Enabled.*)\"\n if [[ \"${full_auth_list}\" =~ $regex ]]; then\n actual_auth_table=$(echo \"${BASH_REMATCH[2]}\" | tail -n+2) # tail'ing to drop the table headline\n else\n # This code block should never be reached, as long as the output table header remains the same.\n # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.\n\n echo \"ERROR: 'configure_oauth' was not able to determine the current list of authentication sources.\"\n echo \" Please review the output of 'gitea admin auth list --vertical-bars' shown below.\"\n echo \" If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-gitea/issues.\"\n echo \"DEBUG: Output of 'gitea admin auth list --vertical-bars'\"\n echo \"--\"\n echo \"${full_auth_list}\"\n echo \"--\"\n exit 1\n fi\n\n local AUTH_ID=$(echo \"${actual_auth_table}\" | grep -E \"\\|${OAUTH_NAME}\\s+\\|\" | grep -iE '\\|OAuth2\\s+\\|' | awk -F \" \" \"{print \\$1}\")\n\n if [[ -z \"${AUTH_ID}\" ]]; then\n echo \"No oauth configuration found with name '${OAUTH_NAME}'. Installing it now...\"\n gitea admin auth add-oauth --auto-discover-url \"https://auth.alexlebens.dev/application/o/gitea/.well-known/openid-configuration\" --icon-url \"https://goauthentik.io/img/icon.png\" --key \"${GITEA_OAUTH_KEY_0}\" --name \"Authentik\" --provider \"openidConnect\" --scopes \"email profile\" --secret \"${GITEA_OAUTH_SECRET_0}\" \n echo '...installed.'\n else\n echo \"Existing oauth configuration with name '${OAUTH_NAME}': '${AUTH_ID}'. Running update to sync settings...\"\n gitea admin auth update-oauth --id \"${AUTH_ID}\" --auto-discover-url \"https://auth.alexlebens.dev/application/o/gitea/.well-known/openid-configuration\" --icon-url \"https://goauthentik.io/img/icon.png\" --key \"${GITEA_OAUTH_KEY_0}\" --name \"Authentik\" --provider \"openidConnect\" --scopes \"email profile\" --secret \"${GITEA_OAUTH_SECRET_0}\" \n echo '...sync settings done.'\n fi\n}\n\nconfigure_oauth\n\necho '==== END GITEA CONFIGURATION ===='" + configure_gitea.sh: "#!/usr/bin/env bash\n\nset -euo pipefail\n\necho '==== BEGIN GITEA CONFIGURATION ===='\n\n{ # try\n gitea migrate\n} || { # catch\n echo \"Gitea migrate might fail due to database connection...This init-container will try again in a few seconds\"\n exit 1\n}\nfunction configure_admin_user() {\n local full_admin_list=$(gitea admin user list --admin)\n local actual_user_table=''\n\n # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line\n local regex=\"(.*)(ID\\s+Username\\s+Email\\s+IsActive.*)\"\n if [[ \"${full_admin_list}\" =~ $regex ]]; then\n actual_user_table=$(echo \"${BASH_REMATCH[2]}\" | tail -n+2) # tail'ing to drop the table headline\n else\n # This code block should never be reached, as long as the output table header remains the same.\n # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.\n\n echo \"ERROR: 'configure_admin_user' was not able to determine the current list of admin users.\"\n echo \" Please review the output of 'gitea admin user list --admin' shown below.\"\n echo \" If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-gitea/issues.\"\n echo \"DEBUG: Output of 'gitea admin user list --admin'\"\n echo \"--\"\n echo \"${full_admin_list}\"\n echo \"--\"\n exit 1\n fi\n\n local ACCOUNT_ID=$(echo \"${actual_user_table}\" | grep -E \"\\s+${GITEA_ADMIN_USERNAME}\\s+\" | awk -F \" \" \"{printf \\$1}\")\n if [[ -z \"${ACCOUNT_ID}\" ]]; then\n local -a create_args\n create_args=(--admin --username \"${GITEA_ADMIN_USERNAME}\" --password \"${GITEA_ADMIN_PASSWORD}\" --email \"gitea@local.domain\")\n if [[ \"${GITEA_ADMIN_PASSWORD_MODE}\" = initialOnlyRequireReset ]]; then\n create_args+=(--must-change-password=true)\n else\n create_args+=(--must-change-password=false)\n fi\n echo \"No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now...\"\n gitea admin user create \"${create_args[@]}\"\n echo '...created.'\n else\n if [[ \"${GITEA_ADMIN_PASSWORD_MODE}\" = keepUpdated ]]; then\n echo \"Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password...\"\n # See https://gitea.com/gitea/helm-gitea/issues/673\n # --must-change-password argument was added to change-password, defaulting to true, counter to the previous behavior\n # which acted as if it were provided with =false. If the argument is present in this version of gitea, then we\n # should add it to prevent requiring frequent admin password resets.\n local -a change_args\n change_args=(--username \"${GITEA_ADMIN_USERNAME}\" --password \"${GITEA_ADMIN_PASSWORD}\")\n if gitea admin user change-password --help | grep -F -- '--must-change-password' >/dev/null; then\n change_args+=(--must-change-password=false)\n fi\n gitea admin user change-password \"${change_args[@]}\"\n echo '...password sync done.'\n else\n echo \"Admin account '${GITEA_ADMIN_USERNAME}' already exist, but update mode is set to '${GITEA_ADMIN_PASSWORD_MODE}'. Skipping.\"\n fi\n fi\n}\n\nconfigure_admin_user\n\nfunction configure_ldap() {\n echo 'no ldap configuration... skipping.'\n}\n\nconfigure_ldap\n\nfunction configure_oauth() {\n local OAUTH_NAME='Authentik'\n local full_auth_list=$(gitea admin auth list --vertical-bars)\n local actual_auth_table=''\n\n # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line\n local regex=\"(.*)(ID\\s+\\|Name\\s+\\|Type\\s+\\|Enabled.*)\"\n if [[ \"${full_auth_list}\" =~ $regex ]]; then\n actual_auth_table=$(echo \"${BASH_REMATCH[2]}\" | tail -n+2) # tail'ing to drop the table headline\n else\n # This code block should never be reached, as long as the output table header remains the same.\n # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script.\n\n echo \"ERROR: 'configure_oauth' was not able to determine the current list of authentication sources.\"\n echo \" Please review the output of 'gitea admin auth list --vertical-bars' shown below.\"\n echo \" If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-gitea/issues.\"\n echo \"DEBUG: Output of 'gitea admin auth list --vertical-bars'\"\n echo \"--\"\n echo \"${full_auth_list}\"\n echo \"--\"\n exit 1\n fi\n\n local AUTH_ID=$(echo \"${actual_auth_table}\" | grep -E \"\\|${OAUTH_NAME}\\s+\\|\" | grep -iE '\\|OAuth2\\s+\\|' | awk -F \" \" \"{print \\$1}\")\n\n if [[ -z \"${AUTH_ID}\" ]]; then\n echo \"No oauth configuration found with name '${OAUTH_NAME}'. Installing it now...\"\n gitea admin auth add-oauth --auto-discover-url \"https://auth.alexlebens.dev/application/o/gitea/.well-known/openid-configuration\" --icon-url \"https://goauthentik.io/img/icon.png\" --key \"${GITEA_OAUTH_KEY_0}\" --name \"Authentik\" --provider \"openidConnect\" --scopes \"email profile\" --secret \"${GITEA_OAUTH_SECRET_0}\" \n echo '...installed.'\n else\n echo \"Existing oauth configuration with name '${OAUTH_NAME}': '${AUTH_ID}'. Running update to sync settings...\"\n gitea admin auth update-oauth --id \"${AUTH_ID}\" --auto-discover-url \"https://auth.alexlebens.dev/application/o/gitea/.well-known/openid-configuration\" --icon-url \"https://goauthentik.io/img/icon.png\" --key \"${GITEA_OAUTH_KEY_0}\" --name \"Authentik\" --provider \"openidConnect\" --scopes \"email profile\" --secret \"${GITEA_OAUTH_SECRET_0}\" \n echo '...sync settings done.'\n fi\n}\n\nconfigure_oauth\n\necho '==== END GITEA CONFIGURATION ===='" diff --git a/clusters/cl01tl/manifests/gitea/Secret-gitea-inline-config.yaml b/clusters/cl01tl/manifests/gitea/Secret-gitea-inline-config.yaml index 41be871b2..59163ee60 100644 --- a/clusters/cl01tl/manifests/gitea/Secret-gitea-inline-config.yaml +++ b/clusters/cl01tl/manifests/gitea/Secret-gitea-inline-config.yaml @@ -4,7 +4,7 @@ metadata: name: gitea-inline-config namespace: gitea labels: - helm.sh/chart: gitea-12.5.0 + helm.sh/chart: gitea-12.5.1 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea diff --git a/clusters/cl01tl/manifests/gitea/Secret-gitea.yaml b/clusters/cl01tl/manifests/gitea/Secret-gitea.yaml index 252e6be9e..cfe9bb6d3 100644 --- a/clusters/cl01tl/manifests/gitea/Secret-gitea.yaml +++ b/clusters/cl01tl/manifests/gitea/Secret-gitea.yaml @@ -4,7 +4,7 @@ metadata: name: gitea namespace: gitea labels: - helm.sh/chart: gitea-12.5.0 + helm.sh/chart: gitea-12.5.1 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea diff --git a/clusters/cl01tl/manifests/gitea/Service-gitea-http.yaml b/clusters/cl01tl/manifests/gitea/Service-gitea-http.yaml index dfe3ef874..8af0c3714 100644 --- a/clusters/cl01tl/manifests/gitea/Service-gitea-http.yaml +++ b/clusters/cl01tl/manifests/gitea/Service-gitea-http.yaml @@ -4,7 +4,7 @@ metadata: name: gitea-http namespace: gitea labels: - helm.sh/chart: gitea-12.5.0 + helm.sh/chart: gitea-12.5.1 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea diff --git a/clusters/cl01tl/manifests/gitea/Service-gitea-ssh.yaml b/clusters/cl01tl/manifests/gitea/Service-gitea-ssh.yaml index 7f47676ad..cef37c7de 100644 --- a/clusters/cl01tl/manifests/gitea/Service-gitea-ssh.yaml +++ b/clusters/cl01tl/manifests/gitea/Service-gitea-ssh.yaml @@ -4,7 +4,7 @@ metadata: name: gitea-ssh namespace: gitea labels: - helm.sh/chart: gitea-12.5.0 + helm.sh/chart: gitea-12.5.1 app: gitea app.kubernetes.io/name: gitea app.kubernetes.io/instance: gitea