apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "gitea.fullname" . }} labels: {{- include "gitea.labels" . | nindent 4 }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "gitea.selectorLabels" . | nindent 6 }} {{- if .Values.statefulset.labels }} {{- toYaml .Values.statefulset.labels | nindent 6 }} {{- end }} serviceName: {{ include "gitea.fullname" . }} template: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/gitea/config.yaml") . | sha256sum }} checksum/ldap: {{ include "gitea.ldap_settings" . | sha256sum }} checksum/oauth: {{ include "gitea.oauth_settings" . | sha256sum }} {{- with .Values.gitea.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "gitea.labels" . | nindent 8 }} {{- if .Values.statefulset.labels }} {{- toYaml .Values.statefulset.labels | nindent 8 }} {{- end }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} securityContext: fsGroup: 1000 initContainers: - name: init image: "{{ include "gitea.image" . }}" command: ["/usr/sbin/init_gitea.sh"] env: - name: GITEA_APP_INI value: /data/gitea/conf/app.ini - name: GITEA_CUSTOM value: /data/gitea - name: GITEA_WORK_DIR value: /data {{- if .Values.statefulset.env }} {{- toYaml .Values.statefulset.env | nindent 12 }} {{- end }} volumeMounts: - name: init mountPath: /usr/sbin - name: config mountPath: /etc/gitea/conf - name: data mountPath: /data {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 12 }} {{- end }} terminationGracePeriodSeconds: {{ .Values.statefulset.terminationGracePeriodSeconds }} containers: - name: {{ .Chart.Name }} image: "{{ include "gitea.image" . }}" imagePullPolicy: {{ .Values.image.pullPolicy }} env: # SSH Port values have to be set here as well for openssh configuration - name: SSH_LISTEN_PORT value: {{ .Values.gitea.config.server.SSH_LISTEN_PORT | quote }} - name: SSH_PORT value: {{ .Values.gitea.config.server.SSH_PORT | quote }} - name: GITEA_APP_INI value: /data/gitea/conf/app.ini - name: GITEA_CUSTOM value: /data/gitea - name: GITEA_WORK_DIR value: /data - name: GITEA_TEMP value: /tmp/gitea {{- if .Values.statefulset.env }} {{- toYaml .Values.statefulset.env | nindent 12 }} {{- end }} ports: - name: ssh containerPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }} - name: http containerPort: {{ .Values.gitea.config.server.HTTP_PORT }} {{- if .Values.gitea.config.server.ENABLE_PPROF }} - name: profiler containerPort: 6060 {{- end }} {{- if .Values.gitea.livenessProbe.enabled }} livenessProbe: tcpSocket: port: http initialDelaySeconds: {{ .Values.gitea.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.gitea.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.gitea.livenessProbe.timeoutSeconds }} successThreshold: {{ .Values.gitea.livenessProbe.successThreshold }} failureThreshold: {{ .Values.gitea.livenessProbe.failureThreshold }} {{- else if .Values.gitea.customLivenessProbe }} livenessProbe: {{- toYaml .Values.gitea.customLivenessProbe | nindent 12 }} {{- end }} {{- if .Values.gitea.readinessProbe.enabled }} readinessProbe: tcpSocket: port: http initialDelaySeconds: {{ .Values.gitea.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.gitea.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.gitea.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.gitea.readinessProbe.successThreshold }} failureThreshold: {{ .Values.gitea.readinessProbe.failureThreshold }} {{- else if .Values.gitea.customReadinessProbe }} readinessProbe: {{- toYaml .Values.gitea.customReadinessProbe | nindent 12 }} {{- end }} {{- if .Values.gitea.startupProbe.enabled }} startupProbe: tcpSocket: port: http initialDelaySeconds: {{ .Values.gitea.startupProbe.initialDelaySeconds }} periodSeconds: {{ .Values.gitea.startupProbe.periodSeconds }} timeoutSeconds: {{ .Values.gitea.startupProbe.timeoutSeconds }} successThreshold: {{ .Values.gitea.startupProbe.successThreshold }} failureThreshold: {{ .Values.gitea.startupProbe.failureThreshold }} {{- else if .Values.gitea.customStartupProbe }} startupProbe: {{- toYaml .Values.gitea.customStartupProbe | nindent 12 }} {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} volumeMounts: - name: temp mountPath: /tmp/gitea - name: data mountPath: /data {{- if .Values.extraVolumeMounts }} {{- toYaml .Values.extraVolumeMounts | nindent 12 }} {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} volumes: - name: init secret: secretName: {{ include "gitea.fullname" . }}-init defaultMode: 0777 - name: config secret: secretName: {{ include "gitea.fullname" . }} {{- if .Values.extraVolumes }} {{- toYaml .Values.extraVolumes | nindent 8 }} {{- end }} - name: temp emptyDir: {} {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }} - name: data persistentVolumeClaim: claimName: {{ .Values.persistence.existingClaim }} {{- else if not .Values.persistence.enabled }} - name: data emptyDir: {} {{- else if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} volumeClaimTemplates: - metadata: name: data {{- with .Values.persistence.annotations }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value }} {{- end }} {{- end }} {{- with .Values.persistence.labels }} labels: {{- range $key, $value := . }} {{ $key }}: {{ $value }} {{- end }} {{- end }} spec: accessModes: {{- range .Values.persistence.accessModes }} - {{ . | quote }} {{- end }} {{- if .Values.persistence.storageClass }} storageClassName: {{ .Values.persistence.storageClass | quote }} {{- end }} resources: requests: storage: {{ .Values.persistence.size | quote }} {{- end }}