gitea/helm-chart
45
54
Fork 127
Code Issues 31 Pull Requests 8 Actions Releases 87 Activity

Rework OAuth sources #244

Merged
luhahn merged 2 commits from justusbunsi/helm-chart:feature/191-multiple-oauth-sources into master 2021-12-20 14:43:56 +00:00
Conversation 10 Commits 2 Files Changed 5 +49 -2
4 changed files with 49 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 7a8fe820bf - Show all commits

21
README.md
View File

@ -545,6 +545,27 @@ gitea:
#customEmailUrl:
```
You can also use an existing secret to set the `key` and `secret`:
```yaml
apiVersion: v1
kind: Secret
metadata:
name: gitea-oauth-secret
type: Opaque
stringData:
key: hello
secret: world
```
```yaml
gitea:
oauth:
- name: 'MyAwesomeGiteaOAuth'
existingSecret: gitea-oauth-secret
...
```
### Metrics and profiling
A Prometheus `/metrics` endpoint on the `HTTP_PORT` and `pprof` profiling

12
templates/_helpers.tpl
View File

@ -141,9 +141,17 @@ app.kubernetes.io/instance: {{ .Release.Name }}
{{- $idx := index . 0 }}
justusbunsi marked this conversation as resolved Outdated
luhahn commented 2021-11-18 10:46:05 +00:00
Outdated
Review
Copy Link

we could add oauth password/secret key deployment via existing secrets like in the ldap settings. Otherwise idx won't be needed here.

we could add oauth password/secret key deployment via existing secrets like in the ldap settings. Otherwise idx won't be needed here.
{{- $values := index . 1 }}
{{- if not (hasKey $values "key") -}}
{{- $_ := set $values "key" (printf "${GITEA_OAUTH_KEY_%d}" $idx) -}}
{{- end -}}
{{- if not (hasKey $values "secret") -}}
{{- $_ := set $values "secret" (printf "${GITEA_OAUTH_SECRET_%d}" $idx) -}}
{{- end -}}
{{- range $key, $val := $values -}}
{{- if ne $key "enabled" -}}
{{- printf "--%s %s " ($key | kebabcase) ($val | squote) -}}
{{- if and (ne $key "enabled") (ne $key "existingSecret") -}}
{{- printf "--%s %s " ($key | kebabcase) ($val | quote) -}}
{{- end -}}
{{- end -}}
{{- end -}}

16
templates/gitea/statefulset.yaml
View File

@ -142,6 +142,22 @@ spec:
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.gitea.oauth }}
{{- range $idx, $value := .Values.gitea.oauth }}
{{- if $value.existingSecret }}
- name: GITEA_OAUTH_KEY_{{ $idx }}
valueFrom:
secretKeyRef:
key: key
name: {{ $value.existingSecret }}
- name: GITEA_OAUTH_SECRET_{{ $idx }}
valueFrom:
secretKeyRef:
key: secret
name: {{ $value.existingSecret }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.gitea.admin.existingSecret }}
- name: GITEA_ADMIN_USERNAME
valueFrom:

2
values.yaml
View File

@ -181,11 +181,13 @@ gitea:
# usernameAttribute:
# publicSSHKeyAttribute:
# Either specify inline `key` and `secret` or refer to them via `existingSecret`
oauth: []
# - name: 'OAuth 1'
# provider:
# key:
# secret:
# existingSecret:
# autoDiscoverUrl:
# useCustomUrls:
# customAuthUrl: