Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-16 14:57:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/gitea] feat: 🔒 Add resource preset support (#23453)

Browse Source 
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com>
This commit is contained in:
Javier J. Salmerón-García
2024-02-20 13:29:58 +01:00
committed by GitHub
parent 173dd13878
commit 018d8abb41
5 changed files with 150 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
bitnami/gitea/Chart.lock
View File

@@ -4,6 +4,6 @@ dependencies:
version: 13.4.4 version: 13.4.4
- name: common - name: common
repository: oci://registry-1.docker.io/bitnamicharts repository: oci://registry-1.docker.io/bitnamicharts
version: 2.14.1 version: 2.15.3
digest: sha256:df7a91aeacacfd618cf1fd92a7d4b8b9db71abb89d1a67b026372cba2381d189 digest: sha256:e08d67109d82e36a3e93290f950311e7761cee1565ff9cf4af06faf37b10fa31
generated: "2024-02-02T10:56:06.021799737Z" generated: "2024-02-14T14:55:58.00036996+01:00"

222
bitnami/gitea/README.md
View File

@@ -78,104 +78,104 @@ The command removes all the Kubernetes components associated with the chart and
### Gitea parameters ### Gitea parameters
| Name | Description | Value | | Name | Description | Value |
| --------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ----------------------- | | --------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
| `image.registry` | Gitea image registry | `REGISTRY_NAME` | | `image.registry` | Gitea image registry | `REGISTRY_NAME` |
| `image.repository` | Gitea Image name | `REPOSITORY_NAME/gitea` | | `image.repository` | Gitea Image name | `REPOSITORY_NAME/gitea` |
| `image.digest` | Gitea image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.digest` | Gitea image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Gitea image pull policy | `IfNotPresent` | | `image.pullPolicy` | Gitea image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Specify if debug logs should be enabled | `false` | | `image.debug` | Specify if debug logs should be enabled | `false` |
| `adminUsername` | User of the application | `bn_user` | | `adminUsername` | User of the application | `bn_user` |
| `adminPassword` | Application password | `""` | | `adminPassword` | Application password | `""` |
| `adminEmail` | Admin email | `user@example.com` | | `adminEmail` | Admin email | `user@example.com` |
| `appName` | Gitea application name | `example` | | `appName` | Gitea application name | `example` |
| `runMode` | Gitea application host | `prod` | | `runMode` | Gitea application host | `prod` |
| `exposeSSH` | Make the SSH server accesible | `true` | | `exposeSSH` | Make the SSH server accesible | `true` |
| `rootURL` | UI Root URL (for link generation) | `""` | | `rootURL` | UI Root URL (for link generation) | `""` |
| `command` | Override default container command (useful when using custom images) | `[]` | | `command` | Override default container command (useful when using custom images) | `[]` |
| `args` | Override default container args (useful when using custom images) | `[]` | | `args` | Override default container args (useful when using custom images) | `[]` |
| `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` | | `updateStrategy.type` | Update strategy - only really applicable for deployments with RWO PVs attached | `RollingUpdate` |
| `priorityClassName` | Gitea pods' priorityClassName | `""` | | `priorityClassName` | Gitea pods' priorityClassName | `""` |
| `schedulerName` | Name of the k8s scheduler (other than default) | `""` | | `schedulerName` | Name of the k8s scheduler (other than default) | `""` |
| `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | | `topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` |
| `automountServiceAccountToken` | Mount Service Account token in pod | `false` | | `automountServiceAccountToken` | Mount Service Account token in pod | `false` |
| `hostAliases` | Add deployment host aliases | `[]` | | `hostAliases` | Add deployment host aliases | `[]` |
| `extraEnvVars` | Extra environment variables | `[]` | | `extraEnvVars` | Extra environment variables | `[]` |
| `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` | | `extraEnvVarsCM` | ConfigMap containing extra env vars | `""` |
| `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` | | `extraEnvVarsSecret` | Secret containing extra env vars (in case of sensitive data) | `""` |
| `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` | | `extraVolumes` | Array of extra volumes to be added to the deployment (evaluated as template). Requires setting `extraVolumeMounts` | `[]` |
| `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` | | `extraVolumeMounts` | Array of extra volume mounts to be added to the container (evaluated as template). Normally used with `extraVolumes`. | `[]` |
| `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` | | `initContainers` | Add additional init containers to the pod (evaluated as a template) | `[]` |
| `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` | | `sidecars` | Attach additional containers to the pod (evaluated as a template) | `[]` |
| `tolerations` | Tolerations for pod assignment | `[]` | | `tolerations` | Tolerations for pod assignment | `[]` |
| `existingSecret` | Name of a secret with the application password | `""` | | `existingSecret` | Name of a secret with the application password | `""` |
| `existingSecretKey` | Key inside the existing secret containing the password | `admin-password` | | `existingSecretKey` | Key inside the existing secret containing the password | `admin-password` |
| `smtpHost` | SMTP host | `""` | | `smtpHost` | SMTP host | `""` |
| `smtpPort` | SMTP port | `""` | | `smtpPort` | SMTP port | `""` |
| `smtpUser` | SMTP user | `""` | | `smtpUser` | SMTP user | `""` |
| `smtpPassword` | SMTP password | `""` | | `smtpPassword` | SMTP password | `""` |
| `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` | | `smtpExistingSecret` | The name of an existing secret with SMTP credentials | `""` |
| `containerPorts` | Container ports | `{}` | | `containerPorts` | Container ports | `{}` |
| `persistence.enabled` | Enable persistence using PVC | `true` | | `persistence.enabled` | Enable persistence using PVC | `true` |
| `persistence.storageClass` | PVC Storage Class for Gitea volume | `""` | | `persistence.storageClass` | PVC Storage Class for Gitea volume | `""` |
| `persistence.accessModes` | PVC Access Mode for Gitea volume | `["ReadWriteOnce"]` | | `persistence.accessModes` | PVC Access Mode for Gitea volume | `["ReadWriteOnce"]` |
| `persistence.size` | PVC Storage Request for Gitea volume | `8Gi` | | `persistence.size` | PVC Storage Request for Gitea volume | `8Gi` |
| `persistence.dataSource` | Custom PVC data source | `{}` | | `persistence.dataSource` | Custom PVC data source | `{}` |
| `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` | | `persistence.existingClaim` | A manually managed Persistent Volume Claim | `""` |
| `persistence.hostPath` | If defined, the gitea-data volume will mount to the specified hostPath. | `""` | | `persistence.hostPath` | If defined, the gitea-data volume will mount to the specified hostPath. | `""` |
| `persistence.annotations` | Persistent Volume Claim annotations | `{}` | | `persistence.annotations` | Persistent Volume Claim annotations | `{}` |
| `persistence.selector` | Selector to match an existing Persistent Volume for Gitea data PVC | `{}` | | `persistence.selector` | Selector to match an existing Persistent Volume for Gitea data PVC | `{}` |
| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | | `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | | `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | | `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | | `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` |
| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | | `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` |
| `affinity` | Affinity for pod assignment | `{}` | | `affinity` | Affinity for pod assignment | `{}` |
| `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` | | `nodeSelector` | Node labels for pod assignment. Evaluated as a template. | `{}` |
| `resources.requests` | The requested resources for the init container | `{}` | | `resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production). | `none` |
| `resources.limits` | The resources limits for the init container | `{}` | | `resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `podSecurityContext.enabled` | Enable Gitea pods' Security Context | `true` | | `podSecurityContext.enabled` | Enable Gitea pods' Security Context | `true` |
| `podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` | | `podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
| `podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` | | `podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
| `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` | | `podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `podSecurityContext.fsGroup` | Gitea pods' group ID | `1001` | | `podSecurityContext.fsGroup` | Gitea pods' group ID | `1001` |
| `containerSecurityContext.enabled` | Enabled containers' Security Context | `true` | | `containerSecurityContext.enabled` | Enabled containers' Security Context | `true` |
| `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` | | `containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `nil` |
| `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` | | `containerSecurityContext.runAsUser` | Set containers' Security Context runAsUser | `1001` |
| `containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` | | `containerSecurityContext.runAsNonRoot` | Set container's Security Context runAsNonRoot | `true` |
| `containerSecurityContext.privileged` | Set container's Security Context privileged | `false` | | `containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
| `containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `false` | | `containerSecurityContext.readOnlyRootFilesystem` | Set container's Security Context readOnlyRootFilesystem | `false` |
| `containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` | | `containerSecurityContext.allowPrivilegeEscalation` | Set container's Security Context allowPrivilegeEscalation | `false` |
| `containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` | | `containerSecurityContext.capabilities.drop` | List of capabilities to be dropped | `["ALL"]` |
| `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` | | `containerSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
| `startupProbe.enabled` | Enable startupProbe | `false` | | `startupProbe.enabled` | Enable startupProbe | `false` |
| `startupProbe.path` | Request path for startupProbe | `/` | | `startupProbe.path` | Request path for startupProbe | `/` |
| `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` | | `startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `600` |
| `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | | `startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | | `startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
| `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | | `startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` |
| `startupProbe.successThreshold` | Success threshold for startupProbe | `1` | | `startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `livenessProbe.enabled` | Enable livenessProbe | `true` | | `livenessProbe.enabled` | Enable livenessProbe | `true` |
| `livenessProbe.path` | Request path for livenessProbe | `/` | | `livenessProbe.path` | Request path for livenessProbe | `/` |
| `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` | | `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `600` |
| `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | | `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | | `livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | | `livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` |
| `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | | `livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `readinessProbe.enabled` | Enable readinessProbe | `true` | | `readinessProbe.enabled` | Enable readinessProbe | `true` |
| `readinessProbe.path` | Request path for readinessProbe | `/` | | `readinessProbe.path` | Request path for readinessProbe | `/` |
| `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | | `readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` |
| `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | | `readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` |
| `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | | `readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` |
| `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | | `readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` |
| `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | | `readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `customStartupProbe` | Override default startup probe | `{}` | | `customStartupProbe` | Override default startup probe | `{}` |
| `customLivenessProbe` | Override default liveness probe | `{}` | | `customLivenessProbe` | Override default liveness probe | `{}` |
| `customReadinessProbe` | Override default readiness probe | `{}` | | `customReadinessProbe` | Override default readiness probe | `{}` |
| `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` | | `lifecycleHooks` | LifecycleHook to set additional configuration at startup Evaluated as a template | `{}` |
| `podAnnotations` | Pod annotations | `{}` | | `podAnnotations` | Pod annotations | `{}` |
| `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` | | `podLabels` | Add additional labels to the pod (evaluated as a template) | `{}` |
### Traffic Exposure Parameters ### Traffic Exposure Parameters
@@ -238,16 +238,16 @@ The command removes all the Kubernetes components associated with the chart and
### Volume Permissions parameters ### Volume Permissions parameters
| Name | Description | Value | | Name | Description | Value |
| -------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | | ------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | | `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` |
| `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` | | `volumePermissions.image.repository` | Init container volume-permissions image name | `REPOSITORY_NAME/os-shell` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `volumePermissions.resources.limits` | The resources limits for the container | `{}` | | `volumePermissions.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production). | `none` |
| `volumePermissions.resources.requests` | The requested resources for the container | `{}` | | `volumePermissions.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
@@ -274,6 +274,12 @@ helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/gitea
## Configuration and installation details ## Configuration and installation details
### Resource requests and limits
Bitnami charts allow setting resource requests and limits for all containers inside the chart deployment. These are inside the `resources` value (check parameter table). Setting requests is essential for production workloads and these should be adapted to your specific use case.
To make this process easier, the chart contains the `resourcesPreset` values, which automatically sets the `resources` section according to different presets. Check these presets in [the bitnami/common chart](https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15). However, in production workloads using `resourcePreset` is discouraged as it may not fully adapt to your specific needs. Find more information on container resource management in the [official Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/).
### [Rolling VS Immutable tags](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers) ### [Rolling VS Immutable tags](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers)
It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.

1
bitnami/gitea/templates/NOTES.txt
View File

@@ -73,3 +73,4 @@ host. To configure Gitea to use and external database host:
{{- include "common.warnings.rollingTag" .Values.image }} {{- include "common.warnings.rollingTag" .Values.image }}
{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} {{- include "common.warnings.rollingTag" .Values.volumePermissions.image }}
{{- include "common.warnings.resources" (dict "sections" (list "" "volumePermissions") "context" $) }}

4
bitnami/gitea/templates/deployment.yaml
View File

@@ -77,6 +77,8 @@ spec:
runAsUser: 0 runAsUser: 0
{{- if .Values.volumePermissions.resources }} {{- if .Values.volumePermissions.resources }}
resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
{{- else if ne .Values.volumePermissions.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.volumePermissions.resourcesPreset) | nindent 12 }}
{{- end }} {{- end }}
volumeMounts: volumeMounts:
- name: gitea-data - name: gitea-data
@@ -214,6 +216,8 @@ spec:
{{- end }} {{- end }}
{{- if .Values.resources }} {{- if .Values.resources }}
resources: {{- toYaml .Values.resources | nindent 12 }} resources: {{- toYaml .Values.resources | nindent 12 }}
{{- else if ne .Values.resourcesPreset "none" }}
resources: {{- include "common.resources.preset" (dict "type" .Values.resourcesPreset) | nindent 12 }}
{{- end }} {{- end }}
volumeMounts: volumeMounts:
- name: gitea-data - name: gitea-data

59
bitnami/gitea/values.yaml
View File

@@ -19,7 +19,6 @@ global:
## ##
imagePullSecrets: [] imagePullSecrets: []
storageClass: "" storageClass: ""
## @section Common parameters ## @section Common parameters
## ##
@@ -41,11 +40,9 @@ commonAnnotations: {}
## @param commonLabels Common labels to add to all Gitea resources (sub-charts are not considered). Evaluated as a template ## @param commonLabels Common labels to add to all Gitea resources (sub-charts are not considered). Evaluated as a template
## ##
commonLabels: {} commonLabels: {}
## @param extraDeploy Array of extra objects to deploy with the release (evaluated as a template). ## @param extraDeploy Array of extra objects to deploy with the release (evaluated as a template).
## ##
extraDeploy: [] extraDeploy: []
## @section Gitea parameters ## @section Gitea parameters
## ##
@@ -243,7 +240,6 @@ persistence:
## app: my-app ## app: my-app
## ##
selector: {} selector: {}
## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` ## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
## ##
@@ -281,12 +277,21 @@ affinity: {}
nodeSelector: {} nodeSelector: {}
## Gitea container's resource requests and limits ## Gitea container's resource requests and limits
## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ ## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
## @param resources.requests [object] The requested resources for the init container ## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
## @param resources.limits The resources limits for the init container ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
## ##
resources: resourcesPreset: "none"
limits: {} ## @param resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
requests: {} ## Example:
## resources:
## requests:
## cpu: 2
## memory: 512Mi
## limits:
## cpu: 3
## memory: 1024Mi
##
resources: {}
## Configure Pods Security Context ## Configure Pods Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param podSecurityContext.enabled Enable Gitea pods' Security Context ## @param podSecurityContext.enabled Enable Gitea pods' Security Context
@@ -325,7 +330,6 @@ containerSecurityContext:
drop: ["ALL"] drop: ["ALL"]
seccompProfile: seccompProfile:
type: "RuntimeDefault" type: "RuntimeDefault"
## Configure extra options for startup probe ## Configure extra options for startup probe
## Gitea core exposes / to unauthenticated requests, making it a good ## Gitea core exposes / to unauthenticated requests, making it a good
## default startup and readiness path. However, that may not always be the ## default startup and readiness path. However, that may not always be the
@@ -412,7 +416,6 @@ podAnnotations: {}
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
## ##
podLabels: {} podLabels: {}
## @section Traffic Exposure Parameters ## @section Traffic Exposure Parameters
## ##
@@ -480,7 +483,6 @@ ingress:
## @param ingress.enabled Enable ingress controller resource ## @param ingress.enabled Enable ingress controller resource
## ##
enabled: false enabled: false
## @param ingress.pathType Ingress Path type ## @param ingress.pathType Ingress Path type
## ##
pathType: ImplementationSpecific pathType: ImplementationSpecific
@@ -572,7 +574,6 @@ ingress:
## name: http ## name: http
## ##
extraRules: [] extraRules: []
## @section Other Parameters ## @section Other Parameters
## ##
@@ -594,7 +595,6 @@ serviceAccount:
## @param serviceAccount.annotations Additional custom annotations for the ServiceAccount ## @param serviceAccount.annotations Additional custom annotations for the ServiceAccount
## ##
annotations: {} annotations: {}
## @section Database parameters ## @section Database parameters
## ##
@@ -619,7 +619,6 @@ postgresql:
service: service:
ports: ports:
postgresql: 5432 postgresql: 5432
## External PostgreSQL configuration ## External PostgreSQL configuration
## All of these values are only used when postgresql.enabled is set to false ## All of these values are only used when postgresql.enabled is set to false
## @param externalDatabase.host Database host ## @param externalDatabase.host Database host
@@ -638,7 +637,6 @@ externalDatabase:
password: "" password: ""
existingSecret: "" existingSecret: ""
existingSecretPasswordKey: "db-password" existingSecretPasswordKey: "db-password"
## @section Volume Permissions parameters ## @section Volume Permissions parameters
## ##
@@ -676,19 +674,18 @@ volumePermissions:
## choice for the user. This also increases chances charts run on environments with little ## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following ## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'. ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
## @param volumePermissions.resources.limits The resources limits for the container ## @param volumePermissions.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, small, medium, large, xlarge, 2xlarge). This is ignored if volumePermissions.resources is set (volumePermissions.resources is recommended for production).
## @param volumePermissions.resources.requests The requested resources for the container ## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
## ##
resources: resourcesPreset: "none"
## Example: ## @param volumePermissions.resources Set container requests and limits for different resources like CPU or memory (essential for production workloads)
## limits: ## Example:
## cpu: 100m ## resources:
## memory: 128Mi ## requests:
## ## cpu: 2
limits: {} ## memory: 512Mi
## Examples: ## limits:
## requests: ## cpu: 3
## cpu: 100m ## memory: 1024Mi
## memory: 128Mi ##
## resources: {}
requests: {}