apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: {{ include "gitea.fullname" . }}
  labels:
    {{- include "gitea.labels" . | nindent 4 }}
spec:
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
      {{- include "gitea.selectorLabels" . | nindent 6 }}
  serviceName: {{ include "gitea.fullname" . }}
  template:
    metadata:
      annotations:
        checksum/config: {{ include (print $.Template.BasePath "/gitea/config.yaml") . | sha256sum }}
        {{- with .Values.gitea.podAnnotations }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
      labels:
        {{- include "gitea.selectorLabels" . | nindent 8 }}
    spec:
      securityContext:
        fsGroup: 1000
      initContainers:
        - name: init
          image: "{{ .Values.image.repository }}:{{ .Values.image.version }}"
          command: ["/usr/sbin/init_gitea.sh"]
          volumeMounts:
            - name: init
              mountPath: /usr/sbin
            - name: config
              mountPath: /etc/gitea/conf
            - name: data
              mountPath: /data
      terminationGracePeriodSeconds: {{ .Values.statefulset.terminationGracePeriodSeconds }}
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.version }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          env:
            # SSH Port values have to be set here as well for openssh configuration
            - name: SSH_LISTEN_PORT
              value: {{ .Values.gitea.config.server.SSH_LISTEN_PORT | quote }}
            - name: SSH_PORT
              value: {{ .Values.gitea.config.server.SSH_PORT | quote }}
            {{- range .Values.statefulset.env }}
            - name: {{ .name | quote | nospace }}
              value: {{ .value | quote }}
            {{- end }}
          ports:
            - name: ssh
              containerPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }}
            - name: http
              containerPort: {{ .Values.gitea.config.server.HTTP_PORT }}
          livenessProbe:
            tcpSocket:
              port: http
            initialDelaySeconds: 200
            timeoutSeconds: 1
            periodSeconds: 10
            successThreshold: 1
            failureThreshold: 10
          readinessProbe:
            tcpSocket:
              port: http
            initialDelaySeconds: 5
            periodSeconds: 10
            successThreshold: 1
            failureThreshold: 3
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
          volumeMounts:
            - name: data
              mountPath: /data
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
    {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
    {{- end }}
      volumes:
        - name: init
          secret:
            secretName: {{ include "gitea.fullname" . }}-init
            defaultMode: 0777
        - name: config
          secret:
            secretName: {{ include "gitea.fullname" . }}
  {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
        - name: data
          persistentVolumeClaim:
            claimName: {{ .Values.persistence.existingClaim }}
  {{- else if not .Values.persistence.enabled }}
        - name: data
          emptyDir: {}
  {{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
  volumeClaimTemplates:
    - metadata:
        name: data
      spec:
        accessModes:
          {{- range .Values.persistence.accessModes }}
            - {{ . | quote }}
          {{- end }}
        storageClassName: {{ .Values.persistence.storageClass | default "standard" | quote }}
        resources:
          requests:
            storage: {{ .Values.persistence.size | quote }}
  {{- end }}