Commit new App releases for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>

incubator/gitea/0.0.1/CHANGELOG.md

@@ -0,0 +1,4 @@
+
+<a name="gitea-0.0.1"></a>
+### gitea-0.0.1 (2021-10-01)
+

incubator/gitea/0.0.1/CONFIG.md

@@ -0,0 +1,8 @@
+# Configuration Options
+
+##### Connecting to other apps
+If you need to connect this App to other Apps on TrueNAS SCALE, please refer to our "Linking Apps Internally" quick-start guide:
+https://truecharts.org/manual/Quick-Start%20Guides/14-linking-apps/
+
+##### Available config options
+In the future this page is going to contain an automated list of options available in the installation/edit UI.

incubator/gitea/0.0.1/Chart.lock

@@ -0,0 +1,12 @@
+dependencies:
+- name: common
+  repository: https://truecharts.org
+  version: 8.0.13
+- name: postgresql
+  repository: https://truecharts.org/
+  version: 3.0.4
+- name: memcached
+  repository: https://charts.bitnami.com/bitnami
+  version: 5.15.3
+digest: sha256:31ea20ec333f850afa9cf3a2496456944683769564b80fd997d8321ca3f56830
+generated: "2021-10-01T12:22:17.047015624Z"

incubator/gitea/0.0.1/Chart.yaml

@@ -0,0 +1,37 @@
+apiVersion: v2
+appVersion: "1.15.3-roo"
+dependencies:
+- name: common
+  repository: https://truecharts.org
+  version: 8.0.13
+- condition: postgresql.enabled
+  name: postgresql
+  repository: https://truecharts.org/
+  version: 3.0.4
+- condition: memcached.enabled
+  name: memcached
+  repository: https://charts.bitnami.com/bitnami
+  version: 5.15.3
+deprecated: false
+description: Self hosted GIT repositories
+home: https://github.com/truecharts/apps/tree/master/charts/stable/gitea
+icon: https://docs.gitea.io/images/gitea.png
+keywords:
+- git
+- issue tracker
+- code review
+- wiki
+- gitea
+- gogs
+kubeVersion: '>=1.16.0-0'
+maintainers:
+- email: info@truecharts.org
+  name: TrueCharts
+  url: truecharts.org
+name: gitea
+sources:
+- https://gitea.com/gitea/helm-chart
+- https://github.com/go-gitea/gitea
+- https://hub.docker.com/r/gitea/gitea/
+type: application
+version: 0.0.1

incubator/gitea/0.0.1/README.md

@@ -0,0 +1,41 @@
+# Introduction
+
+Self hosted GIT repositories
+
+TrueCharts are designed to be installed as TrueNAS SCALE app only. We can not guarantee this charts works as a stand-alone helm installation.
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/apps/issues/new/choose)**
+
+## Source Code
+
+* <https://gitea.com/gitea/helm-chart>
+* <https://github.com/go-gitea/gitea>
+* <https://hub.docker.com/r/gitea/gitea/>
+
+## Requirements
+
+Kubernetes: `>=1.16.0-0`
+
+## Dependencies
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://charts.bitnami.com/bitnami | memcached | 5.15.3 |
+| https://truecharts.org/ | postgresql | 3.0.4 |
+| https://truecharts.org | common | 8.0.13 |
+
+## Installing the Chart
+
+To install this App on TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/03-Installing-an-App/).
+
+## Uninstalling the Chart
+
+To remove this App from TrueNAS SCALE check our [Quick-Start Guide](https://truecharts.org/manual/Quick-Start%20Guides/07-Deleting-an-App/).
+
+## Support
+
+- Please check our [quick-start guides](https://truecharts.org/manual/Quick-Start%20Guides/01-Open-Apps/) first.
+- See the [Wiki](https://truecharts.org)
+- Check our [Discord](https://discord.gg/tVsPTHWTtr)
+- Open a [issue](https://github.com/truecharts/apps/issues/new/choose)
+---
+All Rights Reserved - The TrueCharts Project

incubator/gitea/0.0.1/app-readme.md

@@ -0,0 +1,3 @@
+Self hosted GIT repositories
+
+This App is supplied by TrueCharts, for more information please visit https://truecharts.org

incubator/gitea/0.0.1/helm-values.md

@@ -0,0 +1,83 @@
+# Default Helm-Values
+
+TrueCharts is primarily build to supply TrueNAS SCALE Apps.
+However, we also supply all Apps as standard Helm-Charts. In this document we aim to document the default values in our values.yaml file.
+
+Most of our Apps also consume our "common" Helm Chart.
+If this is the case, this means that all values.yaml values are set to the common chart values.yaml by default. This values.yaml file will only contain values that deviate from the common chart.
+You will, however, be able to use all values referenced in the common chart here, besides the values listed in this document.
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| admin.email | string | `"gitea@local.domain"` |  |
+| admin.password | string | `"r8sA8CPHD9!bt6d"` |  |
+| admin.username | string | `"giteaadmin"` |  |
+| config.APP_NAME | string | `"Gitea: Git with a cup of tea"` |  |
+| config.RUN_MODE | string | `"dev"` |  |
+| customConfig | list | `[]` |  |
+| envFrom[0].configMapRef.name | string | `"gitea-env"` |  |
+| image.pullPolicy | string | `"IfNotPresent"` |  |
+| image.repository | string | `"gitea/gitea"` |  |
+| image.tag | string | `"1.15.3-rootless"` |  |
+| initContainers.0-init-postgresdb.command[0] | string | `"sh"` |  |
+| initContainers.0-init-postgresdb.command[1] | string | `"-c"` |  |
+| initContainers.0-init-postgresdb.command[2] | string | `"until pg_isready -U gitea -h ${pghost} ; do sleep 2 ; done"` |  |
+| initContainers.0-init-postgresdb.env[0].name | string | `"pghost"` |  |
+| initContainers.0-init-postgresdb.env[0].valueFrom.secretKeyRef.key | string | `"plainhost"` |  |
+| initContainers.0-init-postgresdb.env[0].valueFrom.secretKeyRef.name | string | `"dbcreds"` |  |
+| initContainers.0-init-postgresdb.image | string | `"{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"` |  |
+| initContainers.0-init-postgresdb.imagePullPolicy | string | `"IfNotPresent"` |  |
+| initContainers.1-init-directories.command[0] | string | `"/usr/sbin/init_directory_structure.sh"` |  |
+| initContainers.1-init-directories.envFrom[0].configMapRef.name | string | `"gitea-env"` |  |
+| initContainers.1-init-directories.image | string | `"{{ .Values.image.repository }}:{{ .Values.image.tag }}"` |  |
+| initContainers.1-init-directories.securityContext.runAsNonRoot | bool | `false` |  |
+| initContainers.1-init-directories.securityContext.runAsUser | int | `0` |  |
+| initContainers.1-init-directories.volumeMounts[0].mountPath | string | `"/usr/sbin"` |  |
+| initContainers.1-init-directories.volumeMounts[0].name | string | `"init"` |  |
+| initContainers.1-init-directories.volumeMounts[1].mountPath | string | `"/tmp"` |  |
+| initContainers.1-init-directories.volumeMounts[1].name | string | `"temp"` |  |
+| initContainers.1-init-directories.volumeMounts[2].mountPath | string | `"/etc/gitea/conf"` |  |
+| initContainers.1-init-directories.volumeMounts[2].name | string | `"config"` |  |
+| initContainers.1-init-directories.volumeMounts[3].mountPath | string | `"/data"` |  |
+| initContainers.1-init-directories.volumeMounts[3].name | string | `"data"` |  |
+| initContainers.2-configure-gitea.command[0] | string | `"/usr/sbin/configure_gitea.sh"` |  |
+| initContainers.2-configure-gitea.envFrom[0].configMapRef.name | string | `"gitea-env"` |  |
+| initContainers.2-configure-gitea.image | string | `"{{ .Values.image.repository }}:{{ .Values.image.tag }}"` |  |
+| initContainers.2-configure-gitea.volumeMounts[0].mountPath | string | `"/usr/sbin"` |  |
+| initContainers.2-configure-gitea.volumeMounts[0].name | string | `"init"` |  |
+| initContainers.2-configure-gitea.volumeMounts[1].mountPath | string | `"/tmp"` |  |
+| initContainers.2-configure-gitea.volumeMounts[1].name | string | `"temp"` |  |
+| initContainers.2-configure-gitea.volumeMounts[2].mountPath | string | `"/data"` |  |
+| initContainers.2-configure-gitea.volumeMounts[2].name | string | `"data"` |  |
+| ldap.enabled | bool | `false` |  |
+| memcached | object | `{"enabled":true}` | memcached dependency settings |
+| metrics.enabled | bool | `false` |  |
+| metrics.serviceMonitor.enabled | bool | `false` |  |
+| oauth.enabled | bool | `false` |  |
+| persistence.data.accessMode | string | `"ReadWriteOnce"` |  |
+| persistence.data.enabled | bool | `true` |  |
+| persistence.data.mountPath | string | `"/data"` |  |
+| persistence.data.size | string | `"100Gi"` |  |
+| persistence.data.type | string | `"pvc"` |  |
+| persistence.temp.enabled | bool | `true` |  |
+| persistence.temp.mountPath | string | `"/tmp"` |  |
+| persistence.temp.type | string | `"emptyDir"` |  |
+| persistence.varlib.enabled | bool | `true` |  |
+| persistence.varlib.mountPath | string | `"/var/lib/gitea"` |  |
+| persistence.varlib.type | string | `"emptyDir"` |  |
+| postgresql.enabled | bool | `true` |  |
+| postgresql.existingSecret | string | `"dbcreds"` |  |
+| postgresql.postgresqlDatabase | string | `"gitea"` |  |
+| postgresql.postgresqlUsername | string | `"gitea"` |  |
+| postgresqlImage.pullPolicy | string | `"IfNotPresent"` |  |
+| postgresqlImage.repository | string | `"bitnami/postgresql"` |  |
+| postgresqlImage.tag | string | `"13.4.0@sha256:33c276dffe6140d32f357753993c4088cf945a2d02d4c20d310f5a5e9d6e4a36"` |  |
+| service.main.ports.main.port | int | `3000` |  |
+| service.ssh.ports.ssh.port | int | `2222` |  |
+| service.ssh.ports.ssh.targetPort | int | `2222` |  |
+| signing.enabled | bool | `true` |  |
+| signing.gpgHome | string | `"/data/git/.gnupg"` |  |
+
+All Rights Reserved - The TrueCharts Project

incubator/gitea/0.0.1/ix_values.yaml

@@ -0,0 +1,122 @@
+##
+# This file contains Values.yaml content that gets added to the output of questions.yaml
+# It's ONLY meant for content that the user is NOT expected to change.
+# Example: Everything under "image" is not included in questions.yaml but is included here.
+##
+
+image:
+  repository: gitea/gitea
+  tag: 1.15.3-rootless
+  pullPolicy: IfNotPresent
+
+postgresqlImage:
+  repository: bitnami/postgresql
+  pullPolicy: IfNotPresent
+  tag: 13.4.0@sha256:33c276dffe6140d32f357753993c4088cf945a2d02d4c20d310f5a5e9d6e4a36
+
+envFrom:
+  - configMapRef:
+      name: gitea-env
+
+initContainers:
+  0-init-postgresdb:
+    image: "{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"
+    command:
+      - "sh"
+      - "-c"
+      - "until pg_isready -U gitea -h ${pghost} ; do sleep 2 ; done"
+    imagePullPolicy: IfNotPresent
+    env:
+      - name: pghost
+        valueFrom:
+          secretKeyRef:
+            name: dbcreds
+            key: plainhost
+  1-init-directories:
+    image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+    command: ["/usr/sbin/init_directory_structure.sh"]
+    securityContext:
+      runAsUser: 0
+      runAsNonRoot: false
+    envFrom:
+      - configMapRef:
+          name: gitea-env
+    volumeMounts:
+      - name: init
+        mountPath: /usr/sbin
+      - name: temp
+        mountPath: /tmp
+      - name: config
+        mountPath: /etc/gitea/conf
+      - name: data
+        mountPath: /data
+  2-configure-gitea:
+    image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+    command: ["/usr/sbin/configure_gitea.sh"]
+    envFrom:
+      - configMapRef:
+          name: gitea-env
+    volumeMounts:
+      - name: init
+        mountPath: /usr/sbin
+      - name: temp
+        mountPath: /tmp
+      - name: data
+        mountPath: /data
+
+# Configure commit/action signing prerequisites
+signing:
+  enabled: true
+  gpgHome: /data/git/.gnupg
+
+metrics:
+  enabled: false
+  serviceMonitor:
+    enabled: false
+    #  additionalLabels:
+    #    prometheus-release: prom1
+
+ldap:
+  enabled: false
+  # name:
+  # securityProtocol:
+  # host:
+  # port:
+  # userSearchBase:
+  # userFilter:
+  # adminFilter:
+  # emailAttribute:
+  # bindDn:
+  # bindPassword:
+  # usernameAttribute:
+  # sshPublicKeyAttribute:
+
+oauth:
+  enabled: false
+  # name:
+  # provider:
+  # key:
+  # secret:
+  # autoDiscoverUrl:
+  # useCustomUrls:
+  # customAuthUrl:
+  # customTokenUrl:
+  # customProfileUrl:
+  # customEmailUrl:
+
+# Enabled postgres
+postgresql:
+  enabled: true
+  postgresqlUsername: gitea
+  postgresqlDatabase: gitea
+  existingSecret: dbcreds
+
+# --  memcached dependency settings
+memcached:
+  enabled: true
+
+
+##
+# Most other defaults are set in questions.yaml
+# For other options please refer to the wiki, default_values.yaml or the common library chart
+##

incubator/gitea/0.0.1/templates/_configmap.tpl

@@ -0,0 +1,24 @@
+{{/* Define the configmap */}}
+{{- define "gitea.configmap" -}}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: gitea-env
+data:
+  GITEA_APP_INI: "/data/gitea/conf/app.ini"
+  GITEA_CUSTOM: "/data/gitea"
+  GITEA_WORK_DIR: "/data"
+  GITEA_TEMP: "/tmp/gitea"
+  GITEA_ADMIN_USERNAME: {{ .Values.admin.username }}
+  GITEA_ADMIN_PASSWORD: {{ .Values.admin.password }}
+  SSH_PORT: {{ .Values.service.ssh.ports.ssh.port | quote }}
+  SSH_LISTEN_PORT: {{ .Values.service.ssh.ports.ssh.targetPort | quote }}
+  GITEA_APP_INI: "/data/gitea/conf/app.ini"
+  GITEA_CUSTOM: "/data/gitea"
+  GITEA_WORK_DIR: "/data"
+  GITEA_TEMP: "/tmp/gitea"
+  TMPDIR: "/tmp/gitea"
+  GNUPGHOME: "/data/git/.gnupg"
+
+{{- end -}}

incubator/gitea/0.0.1/templates/_secrets.tpl

@@ -0,0 +1,270 @@
+{{/* Define the secrets */}}
+{{- define "gitea.secrets" -}}
+---
+
+apiVersion: v1
+kind: Secret
+metadata:
+  labels:
+    {{- include "common.labels" . | nindent 4 }}
+  name: dbcreds
+{{- $dbprevious := lookup "v1" "Secret" .Release.Namespace "dbcreds" }}
+{{- $dbPass := "" }}
+data:
+{{- if $dbprevious }}
+  {{- $dbPass = ( index $dbprevious.data "postgresql-password" ) | b64dec  }}
+  postgresql-password: {{ ( index $dbprevious.data "postgresql-password" ) }}
+  postgresql-postgres-password: {{ ( index $dbprevious.data "postgresql-postgres-password" ) }}
+{{- else }}
+  {{- $dbPass = randAlphaNum 50 }}
+  postgresql-password: {{ $dbPass | b64enc | quote }}
+  postgresql-postgres-password: {{ randAlphaNum 50 | b64enc | quote }}
+{{- end }}
+  url: {{ ( printf "%v%v:%v@%v-%v:%v/%v" "postgresql://" .Values.postgresql.postgresqlUsername $dbPass .Release.Name "postgresql" "5432" .Values.postgresql.postgresqlDatabase  ) | b64enc | quote }}
+  plainhost: {{ ( printf "%v-%v" .Release.Name "postgresql" ) | b64enc | quote }}
+type: Opaque
+
+
+---
+
+{{- $DOMAIN := ( printf "%s-gitea.%s.svc.%s" .Release.Name .Release.Namespace "cluster.local" | quote ) -}}
+{{- if and ( .Values.ingress.main.enabled ) ( gt (len .Values.ingress.main.hosts) 0 ) -}}
+{{- $DOMAIN = (index .Values.ingress.main.hosts 0).host -}}
+{{- end -}}
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  labels:
+    {{- include "common.labels" . | nindent 4 }}
+type: Opaque
+stringData:
+  app.ini: |-
+    APP_NAME = {{ .Values.config.APP_NAME }}
+    RUN_MODE = {{ .Values.config.RUN_MODE }}
+
+    [cache]
+    ADAPTER = memcache
+    ENABLED = true
+    HOST = {{ printf "%v-%v:%v" .Release.Name "memcached" "11211" }}
+    {{- range $catindex, $catvalue := .Values.customConfig }}
+    {{- if eq $catvalue.name "cache" }}
+    {{- range $index, $value := $catvalue.keys }}
+    {{ $value.name }} = {{ $value.value }}
+    {{- end }}
+    {{- end }}
+    {{- end }}
+
+    [database]
+    DB_TYPE = postgres
+    HOST = {{ printf "%v-%v:%v" .Release.Name "postgresql" "5432" }}
+    NAME = {{ .Values.postgresql.postgresqlDatabase }}
+    PASSWD = {{ $dbPass }}
+    USER = {{ .Values.postgresql.postgresqlUsername }}
+    {{- range $catindex, $catvalue := .Values.customConfig }}
+    {{- if eq $catvalue.name "database" }}
+    {{- range $index, $value := $catvalue.keys }}
+    {{ $value.name }} = {{ $value.value }}
+    {{- end }}
+    {{- end }}
+    {{- end }}
+
+    [metrics]
+    ENABLED = {{ .Values.metrics.enabled }}
+    {{- range $catindex, $catvalue := .Values.customConfig }}
+    {{- if eq $catvalue.name "metrics" }}
+    {{- range $index, $value := $catvalue.keys }}
+    {{ $value.name }} = {{ $value.value }}
+    {{- end }}
+    {{- end }}
+    {{- end }}
+
+    [repository]
+    ROOT = /data/git/gitea-repositories
+    {{- range $catindex, $catvalue := .Values.customConfig }}
+    {{- if eq $catvalue.name "repository" }}
+    {{- range $index, $value := $catvalue.keys }}
+    {{ $value.name }} = {{ $value.value }}
+    {{- end }}
+    {{- end }}
+    {{- end }}
+
+
+    [security]
+    INSTALL_LOCK = true
+    PASSWORD_COMPLEXITY = spec
+    {{- range $catindex, $catvalue := .Values.customConfig }}
+    {{- if eq $catvalue.name "security" }}
+    {{- range $index, $value := $catvalue.keys }}
+    {{ $value.name }} = {{ $value.value }}
+    {{- end }}
+    {{- end }}
+    {{- end }}
+
+    [server]
+    APP_DATA_PATH = /data
+    DOMAIN = {{ $DOMAIN }}
+    ENABLE_PPROF = false
+    HTTP_PORT = {{ .Values.service.main.ports.main.port }}
+    PROTOCOL = http
+    {{- if and ( .Values.ingress.main.enabled ) ( gt (len .Values.ingress.main.hosts) 0 ) }}
+    ROOT_URL = {{ printf "https://%s" $DOMAIN }}
+    {{- else }}
+    ROOT_URL = {{ printf "http://%s" $DOMAIN }}
+    {{- end }}
+    SSH_DOMAIN = {{ $DOMAIN }}
+    SSH_LISTEN_PORT = {{ .Values.service.ssh.ports.ssh.targetPort }}
+    SSH_PORT = {{ .Values.service.ssh.ports.ssh.port }}
+    START_SSH_SERVER = true
+    {{- range $catindex, $catvalue := .Values.customConfig }}
+    {{- if eq $catvalue.name "server" }}
+    {{- range $index, $value := $catvalue.keys }}
+    {{ $value.name }} = {{ $value.value }}
+    {{- end }}
+    {{- end }}
+    {{- end }}
+
+    {{- range $catindex, $catvalue := .Values.customConfig }}
+    {{- if not ( or ( eq $catvalue.name "server" ) ( eq $catvalue.name "server" ) ( eq $catvalue.name "security" ) ( eq $catvalue.name "repository" ) ( eq $catvalue.name "metrics" ) ( eq $catvalue.name "database" ) ( eq $catvalue.name "cache" ) ) }}
+    [{{ $catvalue.name }}]
+    {{- range $index, $value := $catvalue.keys }}
+    {{ $value.name }} = {{ $value.value }}
+    {{- end }}
+    {{- end }}
+    {{- end }}
+
+---
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.names.fullname" . }}-init
+  labels:
+    {{- include "common.labels" . | nindent 4 }}
+type: Opaque
+stringData:
+  init_directory_structure.sh: |-
+    #!/usr/bin/env bash
+
+    set -euo pipefail
+
+    {{- if .Values.initPreScript }}
+    # BEGIN: initPreScript
+    {{- with .Values.initPreScript -}}
+    {{ . | nindent 4}}
+    {{- end -}}
+    # END: initPreScript
+    {{- end }}
+
+    set -x
+
+    mkdir -p /data/git/.ssh
+    chmod -R 700 /data/git/.ssh
+    [ ! -d /data/gitea ] && mkdir -p /data/gitea/conf
+
+    # prepare temp directory structure
+    mkdir -p "${GITEA_TEMP}"
+    chown -Rf {{ .Values.podSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} "${GITEA_TEMP}"
+    chmod ug+rwx "${GITEA_TEMP}"
+
+    # Copy config file to writable volume
+    cp /etc/gitea/conf/app.ini /data/gitea/conf/app.ini
+    chown -Rf {{ .Values.podSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}  "/data/gitea"
+    chmod a+rwx /data/gitea/conf/app.ini
+
+    # Patch dockercontainer for dynamic users
+    chown -Rf {{ .Values.podSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}  "/var/lib/gitea"
+
+  configure_gitea.sh: |-
+    #!/usr/bin/env bash
+
+    set -euo pipefail
+
+
+    # Connection retry inspired by https://gist.github.com/dublx/e99ea94858c07d2ca6de
+    function test_db_connection() {
+      local RETRY=0
+      local MAX=30
+
+      echo 'Wait for database to become avialable...'
+      until [ "${RETRY}" -ge "${MAX}" ]; do
+        nc -vz -w2 {{ printf "%v-%v" .Release.Name "postgresql" }} 5432 && break
+        RETRY=$[${RETRY}+1]
+        echo "...not ready yet (${RETRY}/${MAX})"
+      done
+
+      if [ "${RETRY}" -ge "${MAX}" ]; then
+        echo "Database not reachable after '${MAX}' attempts!"
+        exit 1
+      fi
+    }
+
+    test_db_connection
+
+
+    echo '==== BEGIN GITEA MIGRATION ===='
+
+    gitea migrate
+
+    echo '==== BEGIN GITEA CONFIGURATION ===='
+
+    {{- if or .Values.admin.existingSecret (and .Values.admin.username .Values.admin.password) }}
+    function configure_admin_user() {
+      local ACCOUNT_ID=$(gitea admin user list --admin | grep -e "\s\+${GITEA_ADMIN_USERNAME}\s\+" | awk -F " " "{printf \$1}")
+      if [[ -z "${ACCOUNT_ID}" ]]; then
+        echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..."
+        gitea admin user create --admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.admin.email | quote }} --must-change-password=false
+        echo '...created.'
+      else
+        echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..."
+        gitea admin user change-password --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}"
+        echo '...password sync done.'
+      fi
+    }
+
+    configure_admin_user
+    {{- end }}
+
+    {{- if .Values.ldap.enabled }}
+    function configure_ldap() {
+      local LDAP_NAME={{ (printf "%s" .Values.ldap.name) | squote }}
+      local GITEA_AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " "  "{print \$1}")
+
+      if [[ -z "${GITEA_AUTH_ID}" ]]; then
+        echo "No ldap configuration found with name '${LDAP_NAME}'. Installing it now..."
+        gitea admin auth add-ldap {{- include "gitea.ldap_settings" . | indent 1 }}
+        echo '...installed.'
+      else
+        echo "Existing ldap configuration with name '${LDAP_NAME}': '${GITEA_AUTH_ID}'. Running update to sync settings..."
+        gitea admin auth update-ldap --id "${GITEA_AUTH_ID}" {{- include "gitea.ldap_settings" . | indent 1 }}
+        echo '...sync settings done.'
+      fi
+    }
+
+    configure_ldap
+    {{- end }}
+
+    {{- if .Values.oauth.enabled }}
+    function configure_oauth() {
+      local OAUTH_NAME={{ (printf "%s" .Values.oauth.name) | squote }}
+      local AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " "  "{print \$1}")
+
+      if [[ -z "${AUTH_ID}" ]]; then
+        echo "No oauth configuration found with name '${OAUTH_NAME}'. Installing it now..."
+        gitea admin auth add-oauth {{- include "gitea.oauth_settings" . | indent 1 }}
+        echo '...installed.'
+      else
+        echo "Existing oauth configuration with name '${OAUTH_NAME}': '${AUTH_ID}'. Running update to sync settings..."
+        gitea admin auth update-oauth --id "${AUTH_ID}" {{- include "gitea.oauth_settings" . | indent 1 }}
+        echo '...sync settings done.'
+      fi
+    }
+
+    configure_oauth
+    {{- end }}
+
+    echo '==== END GITEA CONFIGURATION ===='
+
+
+{{- end -}}

incubator/gitea/0.0.1/templates/common.yaml

@@ -0,0 +1,38 @@
+{{/* Make sure all variables are set properly */}}
+{{- include "common.values.setup" . }}
+
+{{/* Render secrets for gitea */}}
+{{- include "gitea.secrets" . }}
+
+{{/* Render configmap for gitea */}}
+{{- include "gitea.configmap" . }}
+
+{{/* Append the general secret volumes to the volumes */}}
+{{- define "gitea.initvolume" -}}
+enabled: "true"
+mountPath: "/secrets/ini"
+readOnly: true
+type: "custom"
+volumeSpec:
+  secret:
+    secretName: {{ include "common.names.fullname" . }}-init
+    defaultMode: 0777
+{{- end -}}
+
+{{/* Append the general secret volumes to the volumes */}}
+{{- define "gitea.configvolume" -}}
+enabled: "true"
+mountPath: "/secrets/config"
+readOnly: true
+type: "custom"
+volumeSpec:
+  secret:
+    secretName: {{ include "common.names.fullname" . }}
+{{- end -}}
+
+{{- $_ := set .Values.persistence "init" (include "gitea.initvolume" . | fromYaml) -}}
+{{- $_ := set .Values.persistence "config" (include "gitea.configvolume" . | fromYaml) -}}
+
+
+{{/* Render the templates */}}
+{{ include "common.all" . }}

incubator/gitea/0.0.1/test_values.yaml

@@ -0,0 +1,152 @@
+image:
+  repository: gitea/gitea
+  tag: 1.15.3-rootless
+  pullPolicy: IfNotPresent
+
+postgresqlImage:
+  repository: bitnami/postgresql
+  pullPolicy: IfNotPresent
+  tag: 13.4.0@sha256:33c276dffe6140d32f357753993c4088cf945a2d02d4c20d310f5a5e9d6e4a36
+
+service:
+  main:
+    ports:
+      main:
+        port: 3000
+  ssh:
+    ports:
+      ssh:
+        port: 2222
+        targetPort: 2222
+
+envFrom:
+  - configMapRef:
+      name: gitea-env
+
+initContainers:
+  0-init-postgresdb:
+    image: "{{ .Values.postgresqlImage.repository}}:{{ .Values.postgresqlImage.tag }}"
+    command:
+      - "sh"
+      - "-c"
+      - "until pg_isready -U gitea -h ${pghost} ; do sleep 2 ; done"
+    imagePullPolicy: IfNotPresent
+    env:
+      - name: pghost
+        valueFrom:
+          secretKeyRef:
+            name: dbcreds
+            key: plainhost
+  1-init-directories:
+    image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+    command: ["/usr/sbin/init_directory_structure.sh"]
+    securityContext:
+      runAsUser: 0
+      runAsNonRoot: false
+    envFrom:
+      - configMapRef:
+          name: gitea-env
+    volumeMounts:
+      - name: init
+        mountPath: /usr/sbin
+      - name: temp
+        mountPath: /tmp
+      - name: config
+        mountPath: /etc/gitea/conf
+      - name: data
+        mountPath: /data
+  2-configure-gitea:
+    image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+    command: ["/usr/sbin/configure_gitea.sh"]
+    envFrom:
+      - configMapRef:
+          name: gitea-env
+    volumeMounts:
+      - name: init
+        mountPath: /usr/sbin
+      - name: temp
+        mountPath: /tmp
+      - name: data
+        mountPath: /data
+
+persistence:
+  data:
+    enabled: true
+    mountPath: "/data"
+    type: pvc
+    accessMode: ReadWriteOnce
+    size: "100Gi"
+  temp:
+    enabled: true
+    mountPath: "/tmp"
+    type: emptyDir
+  varlib:
+    enabled: true
+    mountPath: "/var/lib/gitea"
+    type: emptyDir
+
+# Configure commit/action signing prerequisites
+signing:
+  enabled: true
+  gpgHome: /data/git/.gnupg
+
+admin:
+  username: giteaadmin
+  password: r8sA8CPHD9!bt6d
+  email: "gitea@local.domain"
+
+metrics:
+  enabled: false
+  serviceMonitor:
+    enabled: false
+    #  additionalLabels:
+    #    prometheus-release: prom1
+
+ldap:
+  enabled: false
+  # name:
+  # securityProtocol:
+  # host:
+  # port:
+  # userSearchBase:
+  # userFilter:
+  # adminFilter:
+  # emailAttribute:
+  # bindDn:
+  # bindPassword:
+  # usernameAttribute:
+  # sshPublicKeyAttribute:
+
+oauth:
+  enabled: false
+  # name:
+  # provider:
+  # key:
+  # secret:
+  # autoDiscoverUrl:
+  # useCustomUrls:
+  # customAuthUrl:
+  # customTokenUrl:
+  # customProfileUrl:
+  # customEmailUrl:
+
+config:
+  APP_NAME: "Gitea: Git with a cup of tea"
+  RUN_MODE: dev
+
+customConfig: []
+  # - name: test
+  #   keys:
+  #     - name: testkey
+  #       value: testvalue
+
+# Enabled postgres
+postgresql:
+  enabled: true
+  postgresqlUsername: gitea
+  postgresqlDatabase: gitea
+  existingSecret: dbcreds
+
+# --  memcached dependency settings
+memcached:
+  enabled: true

incubator/gitea/item.yaml

@@ -0,0 +1,3 @@
+categories:
+  - GIT
+icon_url: https://docs.gitea.io/images/gitea.png