From 2540c5334f4c3371fe5d5606fdfbff3f30aca01c Mon Sep 17 00:00:00 2001 From: Conan Scott Date: Thu, 20 Nov 2025 16:39:22 +0800 Subject: [PATCH] Initial commit --- Chart.lock | 3 + Chart.yaml | 20 + LICENSE | 18 + README.md | 99 +++ docs/README.md | 3 + docs/actions-dev.md | 33 + docs/share-dind-with-job-container.md | 36 + pnpm-lock.yaml | 933 ++++++++++++++++++++++++++ scripts/token.sh | 48 ++ templates/01-consistency-checks.yaml | 9 + templates/_helpers.tpl | 131 ++++ templates/config-act-runner.yaml | 19 + templates/statefulset.yaml | 140 ++++ values.yaml | 127 ++++ 14 files changed, 1619 insertions(+) create mode 100644 Chart.lock create mode 100644 Chart.yaml create mode 100644 LICENSE create mode 100644 README.md create mode 100644 docs/README.md create mode 100644 docs/actions-dev.md create mode 100644 docs/share-dind-with-job-container.md create mode 100644 pnpm-lock.yaml create mode 100644 scripts/token.sh create mode 100644 templates/01-consistency-checks.yaml create mode 100644 templates/_helpers.tpl create mode 100644 templates/config-act-runner.yaml create mode 100644 templates/statefulset.yaml create mode 100644 values.yaml diff --git a/Chart.lock b/Chart.lock new file mode 100644 index 0000000..98b46af --- /dev/null +++ b/Chart.lock @@ -0,0 +1,3 @@ +dependencies: [] +digest: sha256:643d5437104296e21d906ecb15b2c96ad278f20cfc4af53b12bb6069bd853726 +generated: "2025-03-30T15:22:59.016934+02:00" diff --git a/Chart.yaml b/Chart.yaml new file mode 100644 index 0000000..3895f96 --- /dev/null +++ b/Chart.yaml @@ -0,0 +1,20 @@ +apiVersion: v2 +appVersion: 0.261.3 +description: Gitea Actions chart for Kubernetes +keywords: +- cicd +- runner +- actions +maintainers: +- email: dselen@nerthus.nl + name: Daan Selen +- email: markus.pesch+apps@cryptic.systems + name: Markus Pesch +- email: christopher.homberger@web.de + name: Christopher Homberger +name: actions +sources: +- https://gitea.com/gitea/helm-actions +- https://gitea.com/gitea/act +type: application +version: 0.0.2 diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..e163afa --- /dev/null +++ b/LICENSE @@ -0,0 +1,18 @@ +MIT License + +Copyright (c) 2025 gitea + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and +associated documentation files (the "Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the +following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial +portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT +LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO +EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE +USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md new file mode 100644 index 0000000..bb31207 --- /dev/null +++ b/README.md @@ -0,0 +1,99 @@ +# Gitea Actions Helm Chart + +This helm chart serves as the way to deploy the Gitea [act-runners](https://gitea.com/gitea/act_runner) alongside a running Gitea instance. +It serves as a standalone chart and does not rely on Gitea to be present in the same environment, however it needs to be able to reach a Gitea instance to function. +The parameters which can be used to customize the deployment are described below, check those out if you want to see if something is supported. + +If you want to propose a new feature or mechanism, submit an [issue here](https://gitea.com/gitea/helm-actions/issues). + +## Docs + +[Docs](./docs/README.md) + +## Rootless Defaults + +If `.Values.image.rootless: true`, then the following will occur. In case you use `.Values.image.fullOverride`, check that this works in your image: + +- If `.Values.provisioning.enabled: true`, then uses the rootless Gitea image, must match helm-Gitea. + +## Quick-start + +To get started, add the Helm repo, assuming you have not already: + +```sh +helm repo add gitea-charts https://dl.gitea.com/charts/ +helm repo update +``` + +Then pull the values.yaml file and fill it accordingly. + +```sh +helm show values gitea-charts/actions > values.yaml +``` + +Deploy with your values, make sure the path is correct: + +```sh +helm upgrade --install gitea-actions gitea-charts/actions -f values.yaml +``` + +You should be good to go! + +## Parameters + +### Gitea Actions + +| Name | Description | Value | +| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ | +| `enabled` | Create an act runner StatefulSet. | `false` | +| `init.image.repository` | The image used for the init containers | `busybox` | +| `init.image.tag` | The image tag used for the init containers | `1.37.0` | +| `statefulset.replicas` | the amount of (replica) runner pods deployed | `1` | +| `statefulset.timezone` | is the timezone that will be set in the act_runner image | `Etc/UTC` | +| `statefulset.annotations` | Act runner annotations | `{}` | +| `statefulset.labels` | Act runner labels | `{}` | +| `statefulset.resources` | Act runner resources | `{}` | +| `statefulset.nodeSelector` | NodeSelector for the statefulset | `{}` | +| `statefulset.tolerations` | Tolerations for the statefulset | `[]` | +| `statefulset.affinity` | Affinity for the statefulset | `{}` | +| `statefulset.extraVolumes` | Extra volumes for the statefulset | `[]` | +| `statefulset.actRunner.registry` | image registry, e.g. gcr.io,docker.io | `docker.gitea.com` | +| `statefulset.actRunner.repository` | The Gitea act runner image | `act_runner` | +| `statefulset.actRunner.tag` | The Gitea act runner tag | `0.2.13` | +| `statefulset.actRunner.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | +| `statefulset.actRunner.pullPolicy` | The Gitea act runner pullPolicy | `IfNotPresent` | +| `statefulset.actRunner.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` | +| `statefulset.actRunner.extraVolumeMounts` | Allows mounting extra volumes in the act runner container | `[]` | +| `statefulset.actRunner.config` | Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details. | `Too complex. See values.yaml` | +| `statefulset.dind.registry` | image registry, e.g. gcr.io,docker.io | `""` | +| `statefulset.actRunner.extraEnvs` | Allows adding custom environment variables | `[]` | +| `statefulset.dind.repository` | The Docker-in-Docker image | `docker` | +| `statefulset.dind.tag` | The Docker-in-Docker image tag | `28.3.3-dind` | +| `statefulset.dind.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | +| `statefulset.dind.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` | +| `statefulset.dind.pullPolicy` | The Docker-in-Docker pullPolicy | `IfNotPresent` | +| `statefulset.dind.extraVolumeMounts` | Allows mounting extra volumes in the Docker-in-Docker container | `[]` | +| `statefulset.dind.extraEnvs` | Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY` | `[]` | +| `statefulset.persistence.size` | Size for persistence to store act runner data | `1Gi` | +| `statefulset.securityContext` | Customize the SecurityContext | `{}` | +| `existingSecret` | Secret that contains the token | `""` | +| `existingSecretKey` | Secret key | `""` | +| `giteaRootURL` | URL the act_runner registers and connect with | `""` | + +### Gitea Actions Init + +| Name | Description | Value | +| ------------------------- | ---------------------------------------------------------------------------------------------------------- | -------------- | +| `init.image.registry` | image registry, e.g. gcr.io,docker.io | `""` | +| `init.image.repository` | The init image | `busybox` | +| `init.image.tag` | the init image tag | `1.37.0` | +| `init.image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | +| `init.image.pullPolicy` | The init image pullPolicy | `IfNotPresent` | +| `init.image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. | `""` | + +### Global + +| Name | Description | Value | +| ---------------------- | ------------------------------ | ----- | +| `global.imageRegistry` | global image registry override | `""` | +| `global.storageClass` | global storage class override | `""` | diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 0000000..891006f --- /dev/null +++ b/docs/README.md @@ -0,0 +1,3 @@ +# Gitea Actions Helm Chart Docs + +- [Share dind with job container](share-dind-with-job-container.md) \ No newline at end of file diff --git a/docs/actions-dev.md b/docs/actions-dev.md new file mode 100644 index 0000000..2f69659 --- /dev/null +++ b/docs/actions-dev.md @@ -0,0 +1,33 @@ +# Gitea Actions + +In order to use the Gitea Actions act-runner you must either: + +- enable persistence (used for automatic deployment to be able to store the token in a place accessible for the Job) +- create a secret containing the act runner token and reference it as a `existingSecret` + +In order to use Gitea Actions, you must log on the server that's running Gitea and run the command: + `gitea actions generate-runner-token` + +This command will out a token that is needed by the act-runner to register with the Gitea backend. + +Because this is a manual operation, we automated this using a Kubernetes Job using the following containers: + +1) `actions-token-create`: it uses the current `gitea-rootless` image, mounts the persistent directory to `/data/` then it saves the output from `gitea actions generate-runner-token` to `/data/actions/token` +2) `actions-token-upload`: it uses a `bitnami/kubectl` image, mounts the scripts directory (`/scripts`) and +the persistent directory (`/data/`), and using the script from `/scripts/token.sh` stores the token in a Kubernetes secret + +After the token is stored in a Kubernetes secret we can create the statefulset that contains the following containers: + +1) `act-runner`: authenticates with Gitea using the token that was stored in the secret +2) `dind`: DockerInDocker image that is used to run the actions + +If you are not using persistent volumes, you cannot use the Job to automatically generate the token. +In this case, you can use either the Web UI to generate the token or run a shell into a Gitea pod and invoke +the command `gitea actions generate-runner-token`. After generating the token, you must create a secret and use it via: + +```yaml +provisioning: + enabled: false +existingSecret: "secret-name" +existingSecretKey: "secret-key" +``` diff --git a/docs/share-dind-with-job-container.md b/docs/share-dind-with-job-container.md new file mode 100644 index 0000000..57cd949 --- /dev/null +++ b/docs/share-dind-with-job-container.md @@ -0,0 +1,36 @@ +# Share dind with job container + +You can weaken isolation and allow jobs to call docker commands. + +## Limitations + +- Docker bind mounts like `-v /path/on/self/container:/path/to/new/container` do not work, because they are going to mount the path from the dind container +- Docker port expose to local host `-e 80:8080` is not going to work + +## Example Values + +```yaml +enabled: true +statefulset: + actRunner: + # See full example here: https://gitea.com/gitea/act_runner/src/branch/main/internal/pkg/config/config.example.yaml + config: | + log: + level: debug + cache: + enabled: false + container: + valid_volumes: + - /var/run/docker.sock + options: -v /var/run/docker.sock:/var/run/docker.sock + +## Specify an existing token secret +## +existingSecret: "runner-token2" +existingSecretKey: "token" + +## Specify the root URL of the Gitea instance +giteaRootURL: "http://192.168.1.2:3000" +``` + +Now you can run docker commands inside your jobs. \ No newline at end of file diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml new file mode 100644 index 0000000..940e034 --- /dev/null +++ b/pnpm-lock.yaml @@ -0,0 +1,933 @@ +lockfileVersion: '9.0' + +settings: + autoInstallPeers: true + excludeLinksFromLockfile: false + +importers: + + .: + devDependencies: + '@bitnami/readme-generator-for-helm': + specifier: ^2.7.0 + version: 2.7.2 + markdownlint-cli: + specifier: ^0.45.0 + version: 0.45.0 + +packages: + + '@bitnami/readme-generator-for-helm@2.7.2': + resolution: {integrity: sha512-7eXyJzxQTQj2ajpHlIhadciCCYWOqN8ieaweU25bStHOZowQ2c2CQyjO/bX4gxIf73LoRKxHhEYgLTllJY9SIw==} + hasBin: true + + '@isaacs/balanced-match@4.0.1': + resolution: {integrity: sha512-yzMTt9lEb8Gv7zRioUilSglI0c0smZ9k5D65677DLWLtWJaXIS3CqcGyUFByYKlnUj6TkjLVs54fBl6+TiGQDQ==} + engines: {node: 20 || >=22} + + '@isaacs/brace-expansion@5.0.0': + resolution: {integrity: sha512-ZT55BDLV0yv0RBm2czMiZ+SqCGO7AvmOM3G/w2xhVPH+te0aKgFjmBvGlL1dH+ql2tgGO3MVrbb3jCKyvpgnxA==} + engines: {node: 20 || >=22} + + '@isaacs/cliui@8.0.2': + resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} + engines: {node: '>=12'} + + '@types/debug@4.1.12': + resolution: {integrity: sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==} + + '@types/katex@0.16.7': + resolution: {integrity: sha512-HMwFiRujE5PjrgwHQ25+bsLJgowjGjm5Z8FVSf0N6PwgJrwxH0QxzHYDcKsTfV3wva0vzrpqMTJS2jXPr5BMEQ==} + + '@types/ms@2.1.0': + resolution: {integrity: sha512-GsCCIZDE/p3i96vtEqx+7dBUGXrc7zeSK3wwPHIaRThS+9OhWIXRqzs4d6k1SVU8g91DrNRWxWUGhp5KXQb2VA==} + + '@types/unist@2.0.11': + resolution: {integrity: sha512-CmBKiL6NNo/OqgmMn95Fk9Whlp2mtvIv+KNpQKN2F4SjvrEesubTRWGYSg+BnWZOnlCaSTU1sMpsBOzgbYhnsA==} + + ansi-regex@5.0.1: + resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==} + engines: {node: '>=8'} + + ansi-regex@6.2.2: + resolution: {integrity: sha512-Bq3SmSpyFHaWjPk8If9yc6svM8c56dB5BAtW4Qbw5jHTwwXXcTLoRMkpDJp6VL0XzlWaCHTXrkFURMYmD0sLqg==} + engines: {node: '>=12'} + + ansi-styles@4.3.0: + resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} + engines: {node: '>=8'} + + ansi-styles@6.2.3: + resolution: {integrity: sha512-4Dj6M28JB+oAH8kFkTLUo+a2jwOFkuqb3yucU0CANcRRUbxS0cP0nZYCGjcc3BNXwRIsUVmDGgzawme7zvJHvg==} + engines: {node: '>=12'} + + argparse@2.0.1: + resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==} + + balanced-match@1.0.2: + resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} + + brace-expansion@1.1.12: + resolution: {integrity: sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==} + + character-entities-legacy@3.0.0: + resolution: {integrity: sha512-RpPp0asT/6ufRm//AJVwpViZbGM/MkjQFxJccQRHmISF/22NBtsHqAWmL+/pmkPWoIUJdWyeVleTl1wydHATVQ==} + + character-entities@2.0.2: + resolution: {integrity: sha512-shx7oQ0Awen/BRIdkjkvz54PnEEI/EjwXDSIZp86/KKdbafHh1Df/RYGBhn4hbe2+uKC9FnT5UCEdyPz3ai9hQ==} + + character-reference-invalid@2.0.1: + resolution: {integrity: sha512-iBZ4F4wRbyORVsu0jPV7gXkOsGYjGHPmAyv+HiHG8gi5PtC9KI2j1+v8/tlibRvjoWX027ypmG/n0HtO5t7unw==} + + color-convert@2.0.1: + resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} + engines: {node: '>=7.0.0'} + + color-name@1.1.4: + resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} + + commander@13.1.0: + resolution: {integrity: sha512-/rFeCpNJQbhSZjGVwO9RFV3xPqbnERS8MmIQzCtD/zl6gpJuV/bMLuN92oG3F7d8oDEHHRrujSXNUr8fpjntKw==} + engines: {node: '>=18'} + + commander@6.2.1: + resolution: {integrity: sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA==} + engines: {node: '>= 6'} + + commander@8.3.0: + resolution: {integrity: sha512-OkTL9umf+He2DZkUq8f8J9of7yL6RJKI24dVITBmNfZBmri9zYZQrKkuXiKhyfPSu8tUhnVBB1iKXevvnlR4Ww==} + engines: {node: '>= 12'} + + concat-map@0.0.1: + resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} + + cross-spawn@7.0.6: + resolution: {integrity: sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==} + engines: {node: '>= 8'} + + debug@4.4.3: + resolution: {integrity: sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==} + engines: {node: '>=6.0'} + peerDependencies: + supports-color: '*' + peerDependenciesMeta: + supports-color: + optional: true + + decode-named-character-reference@1.2.0: + resolution: {integrity: sha512-c6fcElNV6ShtZXmsgNgFFV5tVX2PaV4g+MOAkb8eXHvn6sryJBrZa9r0zV6+dtTyoCKxtDy5tyQ5ZwQuidtd+Q==} + + deep-extend@0.6.0: + resolution: {integrity: sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==} + engines: {node: '>=4.0.0'} + + dequal@2.0.3: + resolution: {integrity: sha512-0je+qPKHEMohvfRTCEo3CrPG6cAzAYgmzKyxRiYSSDkS6eGJdyVJm7WaYA5ECaAD9wLB2T4EEeymA5aFVcYXCA==} + engines: {node: '>=6'} + + devlop@1.1.0: + resolution: {integrity: sha512-RWmIqhcFf1lRYBvNmr7qTNuyCt/7/ns2jbpp1+PalgE/rDQcBT0fioSMUpJ93irlUhC5hrg4cYqe6U+0ImW0rA==} + + dot-object@2.1.5: + resolution: {integrity: sha512-xHF8EP4XH/Ba9fvAF2LDd5O3IITVolerVV6xvkxoM8zlGEiCUrggpAnHyOoKJKCrhvPcGATFAUwIujj7bRG5UA==} + hasBin: true + + eastasianwidth@0.2.0: + resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} + + emoji-regex@8.0.0: + resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==} + + emoji-regex@9.2.2: + resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==} + + entities@4.5.0: + resolution: {integrity: sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==} + engines: {node: '>=0.12'} + + foreground-child@3.3.1: + resolution: {integrity: sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==} + engines: {node: '>=14'} + + fs.realpath@1.0.0: + resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==} + + glob@11.0.3: + resolution: {integrity: sha512-2Nim7dha1KVkaiF4q6Dj+ngPPMdfvLJEOpZk/jKiUAkqKebpGAWQXAq9z1xu9HKu5lWfqw/FASuccEjyznjPaA==} + engines: {node: 20 || >=22} + hasBin: true + + glob@7.2.3: + resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} + deprecated: Glob versions prior to v9 are no longer supported + + ignore@7.0.5: + resolution: {integrity: sha512-Hs59xBNfUIunMFgWAbGX5cq6893IbWg4KnrjbYwX3tx0ztorVgTDA6B2sxf8ejHJ4wz8BqGUMYlnzNBer5NvGg==} + engines: {node: '>= 4'} + + inflight@1.0.6: + resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} + deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. + + inherits@2.0.4: + resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} + + ini@4.1.3: + resolution: {integrity: sha512-X7rqawQBvfdjS10YU1y1YVreA3SsLrW9dX2CewP2EbBJM4ypVNLDkO5y04gejPwKIY9lR+7r9gn3rFPt/kmWFg==} + engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} + + is-alphabetical@2.0.1: + resolution: {integrity: sha512-FWyyY60MeTNyeSRpkM2Iry0G9hpr7/9kD40mD/cGQEuilcZYS4okz8SN2Q6rLCJ8gbCt6fN+rC+6tMGS99LaxQ==} + + is-alphanumerical@2.0.1: + resolution: {integrity: sha512-hmbYhX/9MUMF5uh7tOXyK/n0ZvWpad5caBA17GsC6vyuCqaWliRG5K1qS9inmUhEMaOBIW7/whAnSwveW/LtZw==} + + is-decimal@2.0.1: + resolution: {integrity: sha512-AAB9hiomQs5DXWcRB1rqsxGUstbRroFOPPVAomNk/3XHR5JyEZChOyTWe2oayKnsSsr/kcGqF+z6yuH6HHpN0A==} + + is-fullwidth-code-point@3.0.0: + resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} + engines: {node: '>=8'} + + is-hexadecimal@2.0.1: + resolution: {integrity: sha512-DgZQp241c8oO6cA1SbTEWiXeoxV42vlcJxgH+B3hi1AiqqKruZR3ZGF8In3fj4+/y/7rHvlOZLZtgJ/4ttYGZg==} + + isexe@2.0.0: + resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==} + + jackspeak@4.1.1: + resolution: {integrity: sha512-zptv57P3GpL+O0I7VdMJNBZCu+BPHVQUk55Ft8/QCJjTVxrnJHuVuX/0Bl2A6/+2oyR/ZMEuFKwmzqqZ/U5nPQ==} + engines: {node: 20 || >=22} + + js-yaml@4.1.0: + resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} + hasBin: true + + jsonc-parser@3.3.1: + resolution: {integrity: sha512-HUgH65KyejrUFPvHFPbqOY0rsFip3Bo5wb4ngvdi1EpCYWUQDC5V+Y7mZws+DLkr4M//zQJoanu1SP+87Dv1oQ==} + + jsonpointer@5.0.1: + resolution: {integrity: sha512-p/nXbhSEcu3pZRdkW1OfJhpsVtW1gd4Wa1fnQc9YLiTfAjn0312eMKimbdIQzuZl9aa9xUGaRlP9T/CJE/ditQ==} + engines: {node: '>=0.10.0'} + + katex@0.16.22: + resolution: {integrity: sha512-XCHRdUw4lf3SKBaJe4EvgqIuWwkPSo9XoeO8GjQW94Bp7TWv9hNhzZjZ+OH9yf1UmLygb7DIT5GSFQiyt16zYg==} + hasBin: true + + linkify-it@5.0.0: + resolution: {integrity: sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==} + + lodash@4.17.21: + resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==} + + lru-cache@11.2.2: + resolution: {integrity: sha512-F9ODfyqML2coTIsQpSkRHnLSZMtkU8Q+mSfcaIyKwy58u+8k5nvAYeiNhsyMARvzNcXJ9QfWVrcPsC9e9rAxtg==} + engines: {node: 20 || >=22} + + markdown-it@14.1.0: + resolution: {integrity: sha512-a54IwgWPaeBCAAsv13YgmALOF1elABB08FxO9i+r4VFk5Vl4pKokRPeX8u5TCgSsPi6ec1otfLjdOpVcgbpshg==} + hasBin: true + + markdown-table@2.0.0: + resolution: {integrity: sha512-Ezda85ToJUBhM6WGaG6veasyym+Tbs3cMAw/ZhOPqXiYsr0jgocBV3j3nx+4lk47plLlIqjwuTm/ywVI+zjJ/A==} + + markdownlint-cli@0.45.0: + resolution: {integrity: sha512-GiWr7GfJLVfcopL3t3pLumXCYs8sgWppjIA1F/Cc3zIMgD3tmkpyZ1xkm1Tej8mw53B93JsDjgA3KOftuYcfOw==} + engines: {node: '>=20'} + hasBin: true + + markdownlint@0.38.0: + resolution: {integrity: sha512-xaSxkaU7wY/0852zGApM8LdlIfGCW8ETZ0Rr62IQtAnUMlMuifsg09vWJcNYeL4f0anvr8Vo4ZQar8jGpV0btQ==} + engines: {node: '>=20'} + + mdurl@2.0.0: + resolution: {integrity: sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==} + + micromark-core-commonmark@2.0.3: + resolution: {integrity: sha512-RDBrHEMSxVFLg6xvnXmb1Ayr2WzLAWjeSATAoxwKYJV94TeNavgoIdA0a9ytzDSVzBy2YKFK+emCPOEibLeCrg==} + + micromark-extension-directive@4.0.0: + resolution: {integrity: sha512-/C2nqVmXXmiseSSuCdItCMho7ybwwop6RrrRPk0KbOHW21JKoCldC+8rFOaundDoRBUWBnJJcxeA/Kvi34WQXg==} + + micromark-extension-gfm-autolink-literal@2.1.0: + resolution: {integrity: sha512-oOg7knzhicgQ3t4QCjCWgTmfNhvQbDDnJeVu9v81r7NltNCVmhPy1fJRX27pISafdjL+SVc4d3l48Gb6pbRypw==} + + micromark-extension-gfm-footnote@2.1.0: + resolution: {integrity: sha512-/yPhxI1ntnDNsiHtzLKYnE3vf9JZ6cAisqVDauhp4CEHxlb4uoOTxOCJ+9s51bIB8U1N1FJ1RXOKTIlD5B/gqw==} + + micromark-extension-gfm-table@2.1.1: + resolution: {integrity: sha512-t2OU/dXXioARrC6yWfJ4hqB7rct14e8f7m0cbI5hUmDyyIlwv5vEtooptH8INkbLzOatzKuVbQmAYcbWoyz6Dg==} + + micromark-extension-math@3.1.0: + resolution: {integrity: sha512-lvEqd+fHjATVs+2v/8kg9i5Q0AP2k85H0WUOwpIVvUML8BapsMvh1XAogmQjOCsLpoKRCVQqEkQBB3NhVBcsOg==} + + micromark-factory-destination@2.0.1: + resolution: {integrity: sha512-Xe6rDdJlkmbFRExpTOmRj9N3MaWmbAgdpSrBQvCFqhezUn4AHqJHbaEnfbVYYiexVSs//tqOdY/DxhjdCiJnIA==} + + micromark-factory-label@2.0.1: + resolution: {integrity: sha512-VFMekyQExqIW7xIChcXn4ok29YE3rnuyveW3wZQWWqF4Nv9Wk5rgJ99KzPvHjkmPXF93FXIbBp6YdW3t71/7Vg==} + + micromark-factory-space@2.0.1: + resolution: {integrity: sha512-zRkxjtBxxLd2Sc0d+fbnEunsTj46SWXgXciZmHq0kDYGnck/ZSGj9/wULTV95uoeYiK5hRXP2mJ98Uo4cq/LQg==} + + micromark-factory-title@2.0.1: + resolution: {integrity: sha512-5bZ+3CjhAd9eChYTHsjy6TGxpOFSKgKKJPJxr293jTbfry2KDoWkhBb6TcPVB4NmzaPhMs1Frm9AZH7OD4Cjzw==} + + micromark-factory-whitespace@2.0.1: + resolution: {integrity: sha512-Ob0nuZ3PKt/n0hORHyvoD9uZhr+Za8sFoP+OnMcnWK5lngSzALgQYKMr9RJVOWLqQYuyn6ulqGWSXdwf6F80lQ==} + + micromark-util-character@2.1.1: + resolution: {integrity: sha512-wv8tdUTJ3thSFFFJKtpYKOYiGP2+v96Hvk4Tu8KpCAsTMs6yi+nVmGh1syvSCsaxz45J6Jbw+9DD6g97+NV67Q==} + + micromark-util-chunked@2.0.1: + resolution: {integrity: sha512-QUNFEOPELfmvv+4xiNg2sRYeS/P84pTW0TCgP5zc9FpXetHY0ab7SxKyAQCNCc1eK0459uoLI1y5oO5Vc1dbhA==} + + micromark-util-classify-character@2.0.1: + resolution: {integrity: sha512-K0kHzM6afW/MbeWYWLjoHQv1sgg2Q9EccHEDzSkxiP/EaagNzCm7T/WMKZ3rjMbvIpvBiZgwR3dKMygtA4mG1Q==} + + micromark-util-combine-extensions@2.0.1: + resolution: {integrity: sha512-OnAnH8Ujmy59JcyZw8JSbK9cGpdVY44NKgSM7E9Eh7DiLS2E9RNQf0dONaGDzEG9yjEl5hcqeIsj4hfRkLH/Bg==} + + micromark-util-decode-numeric-character-reference@2.0.2: + resolution: {integrity: sha512-ccUbYk6CwVdkmCQMyr64dXz42EfHGkPQlBj5p7YVGzq8I7CtjXZJrubAYezf7Rp+bjPseiROqe7G6foFd+lEuw==} + + micromark-util-encode@2.0.1: + resolution: {integrity: sha512-c3cVx2y4KqUnwopcO9b/SCdo2O67LwJJ/UyqGfbigahfegL9myoEFoDYZgkT7f36T0bLrM9hZTAaAyH+PCAXjw==} + + micromark-util-html-tag-name@2.0.1: + resolution: {integrity: sha512-2cNEiYDhCWKI+Gs9T0Tiysk136SnR13hhO8yW6BGNyhOC4qYFnwF1nKfD3HFAIXA5c45RrIG1ub11GiXeYd1xA==} + + micromark-util-normalize-identifier@2.0.1: + resolution: {integrity: sha512-sxPqmo70LyARJs0w2UclACPUUEqltCkJ6PhKdMIDuJ3gSf/Q+/GIe3WKl0Ijb/GyH9lOpUkRAO2wp0GVkLvS9Q==} + + micromark-util-resolve-all@2.0.1: + resolution: {integrity: sha512-VdQyxFWFT2/FGJgwQnJYbe1jjQoNTS4RjglmSjTUlpUMa95Htx9NHeYW4rGDJzbjvCsl9eLjMQwGeElsqmzcHg==} + + micromark-util-sanitize-uri@2.0.1: + resolution: {integrity: sha512-9N9IomZ/YuGGZZmQec1MbgxtlgougxTodVwDzzEouPKo3qFWvymFHWcnDi2vzV1ff6kas9ucW+o3yzJK9YB1AQ==} + + micromark-util-subtokenize@2.1.0: + resolution: {integrity: sha512-XQLu552iSctvnEcgXw6+Sx75GflAPNED1qx7eBJ+wydBb2KCbRZe+NwvIEEMM83uml1+2WSXpBAcp9IUCgCYWA==} + + micromark-util-symbol@2.0.1: + resolution: {integrity: sha512-vs5t8Apaud9N28kgCrRUdEed4UJ+wWNvicHLPxCa9ENlYuAY31M0ETy5y1vA33YoNPDFTghEbnh6efaE8h4x0Q==} + + micromark-util-types@2.0.2: + resolution: {integrity: sha512-Yw0ECSpJoViF1qTU4DC6NwtC4aWGt1EkzaQB8KPPyCRR8z9TWeV0HbEFGTO+ZY1wB22zmxnJqhPyTpOVCpeHTA==} + + micromark@4.0.2: + resolution: {integrity: sha512-zpe98Q6kvavpCr1NPVSCMebCKfD7CA2NqZ+rykeNhONIJBpc1tFKt9hucLGwha3jNTNI8lHpctWJWoimVF4PfA==} + + minimatch@10.0.3: + resolution: {integrity: sha512-IPZ167aShDZZUMdRk66cyQAW3qr0WzbHkPdMYa8bzZhlHhO3jALbKdxcaak7W9FfT2rZNpQuUu4Od7ILEpXSaw==} + engines: {node: 20 || >=22} + + minimatch@3.1.2: + resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} + + minimist@1.2.8: + resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==} + + minipass@7.1.2: + resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} + engines: {node: '>=16 || 14 >=14.17'} + + ms@2.1.3: + resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} + + once@1.4.0: + resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} + + package-json-from-dist@1.0.1: + resolution: {integrity: sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==} + + parse-entities@4.0.2: + resolution: {integrity: sha512-GG2AQYWoLgL877gQIKeRPGO1xF9+eG1ujIb5soS5gPvLQ1y2o8FL90w2QWNdf9I361Mpp7726c+lj3U0qK1uGw==} + + path-is-absolute@1.0.1: + resolution: {integrity: sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==} + engines: {node: '>=0.10.0'} + + path-key@3.1.1: + resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==} + engines: {node: '>=8'} + + path-scurry@2.0.0: + resolution: {integrity: sha512-ypGJsmGtdXUOeM5u93TyeIEfEhM6s+ljAhrk5vAvSx8uyY/02OvrZnA0YNGUrPXfpJMgI1ODd3nwz8Npx4O4cg==} + engines: {node: 20 || >=22} + + punycode.js@2.3.1: + resolution: {integrity: sha512-uxFIHU0YlHYhDQtV4R9J6a52SLx28BCjT+4ieh7IGbgwVJWO+km431c4yRlREUAsAmt/uMjQUyQHNEPf0M39CA==} + engines: {node: '>=6'} + + repeat-string@1.6.1: + resolution: {integrity: sha512-PV0dzCYDNfRi1jCDbJzpW7jNNDRuCOG/jI5ctQcGKt/clZD+YcPS3yIlWuTJMmESC8aevCFmWJy5wjAFgNqN6w==} + engines: {node: '>=0.10'} + + run-con@1.3.2: + resolution: {integrity: sha512-CcfE+mYiTcKEzg0IqS08+efdnH0oJ3zV0wSUFBNrMHMuxCtXvBCLzCJHatwuXDcu/RlhjTziTo/a1ruQik6/Yg==} + hasBin: true + + shebang-command@2.0.0: + resolution: {integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==} + engines: {node: '>=8'} + + shebang-regex@3.0.0: + resolution: {integrity: sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==} + engines: {node: '>=8'} + + signal-exit@4.1.0: + resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} + engines: {node: '>=14'} + + smol-toml@1.3.4: + resolution: {integrity: sha512-UOPtVuYkzYGee0Bd2Szz8d2G3RfMfJ2t3qVdZUAozZyAk+a0Sxa+QKix0YCwjL/A1RR0ar44nCxaoN9FxdJGwA==} + engines: {node: '>= 18'} + + string-width@4.2.3: + resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} + engines: {node: '>=8'} + + string-width@5.1.2: + resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==} + engines: {node: '>=12'} + + strip-ansi@6.0.1: + resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==} + engines: {node: '>=8'} + + strip-ansi@7.1.2: + resolution: {integrity: sha512-gmBGslpoQJtgnMAvOVqGZpEz9dyoKTCzy2nfz/n8aIFhN/jCE/rCmcxabB6jOOHV+0WNnylOxaxBQPSvcWklhA==} + engines: {node: '>=12'} + + strip-json-comments@3.1.1: + resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} + engines: {node: '>=8'} + + uc.micro@2.1.0: + resolution: {integrity: sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==} + + which@2.0.2: + resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==} + engines: {node: '>= 8'} + hasBin: true + + wrap-ansi@7.0.0: + resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} + engines: {node: '>=10'} + + wrap-ansi@8.1.0: + resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==} + engines: {node: '>=12'} + + wrappy@1.0.2: + resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} + + yaml@2.8.1: + resolution: {integrity: sha512-lcYcMxX2PO9XMGvAJkJ3OsNMw+/7FKes7/hgerGUYWIoWu5j/+YQqcZr5JnPZWzOsEBgMbSbiSTn/dv/69Mkpw==} + engines: {node: '>= 14.6'} + hasBin: true + +snapshots: + + '@bitnami/readme-generator-for-helm@2.7.2': + dependencies: + commander: 13.1.0 + dot-object: 2.1.5 + lodash: 4.17.21 + markdown-table: 2.0.0 + yaml: 2.8.1 + + '@isaacs/balanced-match@4.0.1': {} + + '@isaacs/brace-expansion@5.0.0': + dependencies: + '@isaacs/balanced-match': 4.0.1 + + '@isaacs/cliui@8.0.2': + dependencies: + string-width: 5.1.2 + string-width-cjs: string-width@4.2.3 + strip-ansi: 7.1.2 + strip-ansi-cjs: strip-ansi@6.0.1 + wrap-ansi: 8.1.0 + wrap-ansi-cjs: wrap-ansi@7.0.0 + + '@types/debug@4.1.12': + dependencies: + '@types/ms': 2.1.0 + + '@types/katex@0.16.7': {} + + '@types/ms@2.1.0': {} + + '@types/unist@2.0.11': {} + + ansi-regex@5.0.1: {} + + ansi-regex@6.2.2: {} + + ansi-styles@4.3.0: + dependencies: + color-convert: 2.0.1 + + ansi-styles@6.2.3: {} + + argparse@2.0.1: {} + + balanced-match@1.0.2: {} + + brace-expansion@1.1.12: + dependencies: + balanced-match: 1.0.2 + concat-map: 0.0.1 + + character-entities-legacy@3.0.0: {} + + character-entities@2.0.2: {} + + character-reference-invalid@2.0.1: {} + + color-convert@2.0.1: + dependencies: + color-name: 1.1.4 + + color-name@1.1.4: {} + + commander@13.1.0: {} + + commander@6.2.1: {} + + commander@8.3.0: {} + + concat-map@0.0.1: {} + + cross-spawn@7.0.6: + dependencies: + path-key: 3.1.1 + shebang-command: 2.0.0 + which: 2.0.2 + + debug@4.4.3: + dependencies: + ms: 2.1.3 + + decode-named-character-reference@1.2.0: + dependencies: + character-entities: 2.0.2 + + deep-extend@0.6.0: {} + + dequal@2.0.3: {} + + devlop@1.1.0: + dependencies: + dequal: 2.0.3 + + dot-object@2.1.5: + dependencies: + commander: 6.2.1 + glob: 7.2.3 + + eastasianwidth@0.2.0: {} + + emoji-regex@8.0.0: {} + + emoji-regex@9.2.2: {} + + entities@4.5.0: {} + + foreground-child@3.3.1: + dependencies: + cross-spawn: 7.0.6 + signal-exit: 4.1.0 + + fs.realpath@1.0.0: {} + + glob@11.0.3: + dependencies: + foreground-child: 3.3.1 + jackspeak: 4.1.1 + minimatch: 10.0.3 + minipass: 7.1.2 + package-json-from-dist: 1.0.1 + path-scurry: 2.0.0 + + glob@7.2.3: + dependencies: + fs.realpath: 1.0.0 + inflight: 1.0.6 + inherits: 2.0.4 + minimatch: 3.1.2 + once: 1.4.0 + path-is-absolute: 1.0.1 + + ignore@7.0.5: {} + + inflight@1.0.6: + dependencies: + once: 1.4.0 + wrappy: 1.0.2 + + inherits@2.0.4: {} + + ini@4.1.3: {} + + is-alphabetical@2.0.1: {} + + is-alphanumerical@2.0.1: + dependencies: + is-alphabetical: 2.0.1 + is-decimal: 2.0.1 + + is-decimal@2.0.1: {} + + is-fullwidth-code-point@3.0.0: {} + + is-hexadecimal@2.0.1: {} + + isexe@2.0.0: {} + + jackspeak@4.1.1: + dependencies: + '@isaacs/cliui': 8.0.2 + + js-yaml@4.1.0: + dependencies: + argparse: 2.0.1 + + jsonc-parser@3.3.1: {} + + jsonpointer@5.0.1: {} + + katex@0.16.22: + dependencies: + commander: 8.3.0 + + linkify-it@5.0.0: + dependencies: + uc.micro: 2.1.0 + + lodash@4.17.21: {} + + lru-cache@11.2.2: {} + + markdown-it@14.1.0: + dependencies: + argparse: 2.0.1 + entities: 4.5.0 + linkify-it: 5.0.0 + mdurl: 2.0.0 + punycode.js: 2.3.1 + uc.micro: 2.1.0 + + markdown-table@2.0.0: + dependencies: + repeat-string: 1.6.1 + + markdownlint-cli@0.45.0: + dependencies: + commander: 13.1.0 + glob: 11.0.3 + ignore: 7.0.5 + js-yaml: 4.1.0 + jsonc-parser: 3.3.1 + jsonpointer: 5.0.1 + markdown-it: 14.1.0 + markdownlint: 0.38.0 + minimatch: 10.0.3 + run-con: 1.3.2 + smol-toml: 1.3.4 + transitivePeerDependencies: + - supports-color + + markdownlint@0.38.0: + dependencies: + micromark: 4.0.2 + micromark-core-commonmark: 2.0.3 + micromark-extension-directive: 4.0.0 + micromark-extension-gfm-autolink-literal: 2.1.0 + micromark-extension-gfm-footnote: 2.1.0 + micromark-extension-gfm-table: 2.1.1 + micromark-extension-math: 3.1.0 + micromark-util-types: 2.0.2 + transitivePeerDependencies: + - supports-color + + mdurl@2.0.0: {} + + micromark-core-commonmark@2.0.3: + dependencies: + decode-named-character-reference: 1.2.0 + devlop: 1.1.0 + micromark-factory-destination: 2.0.1 + micromark-factory-label: 2.0.1 + micromark-factory-space: 2.0.1 + micromark-factory-title: 2.0.1 + micromark-factory-whitespace: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-chunked: 2.0.1 + micromark-util-classify-character: 2.0.1 + micromark-util-html-tag-name: 2.0.1 + micromark-util-normalize-identifier: 2.0.1 + micromark-util-resolve-all: 2.0.1 + micromark-util-subtokenize: 2.1.0 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-extension-directive@4.0.0: + dependencies: + devlop: 1.1.0 + micromark-factory-space: 2.0.1 + micromark-factory-whitespace: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + parse-entities: 4.0.2 + + micromark-extension-gfm-autolink-literal@2.1.0: + dependencies: + micromark-util-character: 2.1.1 + micromark-util-sanitize-uri: 2.0.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-extension-gfm-footnote@2.1.0: + dependencies: + devlop: 1.1.0 + micromark-core-commonmark: 2.0.3 + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-normalize-identifier: 2.0.1 + micromark-util-sanitize-uri: 2.0.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-extension-gfm-table@2.1.1: + dependencies: + devlop: 1.1.0 + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-extension-math@3.1.0: + dependencies: + '@types/katex': 0.16.7 + devlop: 1.1.0 + katex: 0.16.22 + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-factory-destination@2.0.1: + dependencies: + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-factory-label@2.0.1: + dependencies: + devlop: 1.1.0 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-factory-space@2.0.1: + dependencies: + micromark-util-character: 2.1.1 + micromark-util-types: 2.0.2 + + micromark-factory-title@2.0.1: + dependencies: + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-factory-whitespace@2.0.1: + dependencies: + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-util-character@2.1.1: + dependencies: + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-util-chunked@2.0.1: + dependencies: + micromark-util-symbol: 2.0.1 + + micromark-util-classify-character@2.0.1: + dependencies: + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-util-combine-extensions@2.0.1: + dependencies: + micromark-util-chunked: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-util-decode-numeric-character-reference@2.0.2: + dependencies: + micromark-util-symbol: 2.0.1 + + micromark-util-encode@2.0.1: {} + + micromark-util-html-tag-name@2.0.1: {} + + micromark-util-normalize-identifier@2.0.1: + dependencies: + micromark-util-symbol: 2.0.1 + + micromark-util-resolve-all@2.0.1: + dependencies: + micromark-util-types: 2.0.2 + + micromark-util-sanitize-uri@2.0.1: + dependencies: + micromark-util-character: 2.1.1 + micromark-util-encode: 2.0.1 + micromark-util-symbol: 2.0.1 + + micromark-util-subtokenize@2.1.0: + dependencies: + devlop: 1.1.0 + micromark-util-chunked: 2.0.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + + micromark-util-symbol@2.0.1: {} + + micromark-util-types@2.0.2: {} + + micromark@4.0.2: + dependencies: + '@types/debug': 4.1.12 + debug: 4.4.3 + decode-named-character-reference: 1.2.0 + devlop: 1.1.0 + micromark-core-commonmark: 2.0.3 + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-chunked: 2.0.1 + micromark-util-combine-extensions: 2.0.1 + micromark-util-decode-numeric-character-reference: 2.0.2 + micromark-util-encode: 2.0.1 + micromark-util-normalize-identifier: 2.0.1 + micromark-util-resolve-all: 2.0.1 + micromark-util-sanitize-uri: 2.0.1 + micromark-util-subtokenize: 2.1.0 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.2 + transitivePeerDependencies: + - supports-color + + minimatch@10.0.3: + dependencies: + '@isaacs/brace-expansion': 5.0.0 + + minimatch@3.1.2: + dependencies: + brace-expansion: 1.1.12 + + minimist@1.2.8: {} + + minipass@7.1.2: {} + + ms@2.1.3: {} + + once@1.4.0: + dependencies: + wrappy: 1.0.2 + + package-json-from-dist@1.0.1: {} + + parse-entities@4.0.2: + dependencies: + '@types/unist': 2.0.11 + character-entities-legacy: 3.0.0 + character-reference-invalid: 2.0.1 + decode-named-character-reference: 1.2.0 + is-alphanumerical: 2.0.1 + is-decimal: 2.0.1 + is-hexadecimal: 2.0.1 + + path-is-absolute@1.0.1: {} + + path-key@3.1.1: {} + + path-scurry@2.0.0: + dependencies: + lru-cache: 11.2.2 + minipass: 7.1.2 + + punycode.js@2.3.1: {} + + repeat-string@1.6.1: {} + + run-con@1.3.2: + dependencies: + deep-extend: 0.6.0 + ini: 4.1.3 + minimist: 1.2.8 + strip-json-comments: 3.1.1 + + shebang-command@2.0.0: + dependencies: + shebang-regex: 3.0.0 + + shebang-regex@3.0.0: {} + + signal-exit@4.1.0: {} + + smol-toml@1.3.4: {} + + string-width@4.2.3: + dependencies: + emoji-regex: 8.0.0 + is-fullwidth-code-point: 3.0.0 + strip-ansi: 6.0.1 + + string-width@5.1.2: + dependencies: + eastasianwidth: 0.2.0 + emoji-regex: 9.2.2 + strip-ansi: 7.1.2 + + strip-ansi@6.0.1: + dependencies: + ansi-regex: 5.0.1 + + strip-ansi@7.1.2: + dependencies: + ansi-regex: 6.2.2 + + strip-json-comments@3.1.1: {} + + uc.micro@2.1.0: {} + + which@2.0.2: + dependencies: + isexe: 2.0.0 + + wrap-ansi@7.0.0: + dependencies: + ansi-styles: 4.3.0 + string-width: 4.2.3 + strip-ansi: 6.0.1 + + wrap-ansi@8.1.0: + dependencies: + ansi-styles: 6.2.3 + string-width: 5.1.2 + strip-ansi: 7.1.2 + + wrappy@1.0.2: {} + + yaml@2.8.1: {} diff --git a/scripts/token.sh b/scripts/token.sh new file mode 100644 index 0000000..ac4fd37 --- /dev/null +++ b/scripts/token.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +set -eu + +timeout_delay=15 + +check_token() { + set +e + + echo "Checking for existing token..." + if ! token=$(kubectl get secret "${SECRET_NAME}" -o jsonpath="{.data['token']}" 2> /dev/null); then + return 1 + fi + + if [ -z "${token}" ]; then + return 2 + fi + + return 0 +} + +create_token() { + echo "Waiting for new token to be generated..." + begin=$(date +%s) + end=$((begin + timeout_delay)) + while true; do + [ -f /data/actions/token ] && return 0 + [ "$(date +%s)" -gt $end ] && return 1 + sleep 5 + done +} + +store_token() { + echo "Storing the token in Kubernetes secret..." + kubectl patch secret "$SECRET_NAME" -p "{\"data\":{\"token\":\"$(base64 /data/actions/token | tr -d '\n')\"}}" +} + +if check_token; then + echo "Key already in place, exiting." + exit +fi + +if ! create_token; then + echo "Checking for an existing act runner token in secret $SECRET_NAME timed out after $timeout_delay" + exit 1 +fi + +store_token diff --git a/templates/01-consistency-checks.yaml b/templates/01-consistency-checks.yaml new file mode 100644 index 0000000..d93de36 --- /dev/null +++ b/templates/01-consistency-checks.yaml @@ -0,0 +1,9 @@ +{{- if .Values.enabled -}} + + {{- if or (empty .Values.existingSecret) (empty .Values.existingSecretKey) -}} + {{- fail "existingSecret and existingSecretKey are required when provisioning is disabled" -}} + {{- end -}} + {{- if not .Values.giteaRootURL -}} + {{- fail "giteaRootURL is required" -}} + {{- end -}} +{{- end -}} diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl new file mode 100644 index 0000000..3d4216e --- /dev/null +++ b/templates/_helpers.tpl @@ -0,0 +1,131 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} + +{{- define "gitea.actions.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "gitea.actions.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a default worker name. +*/}} +{{- define "gitea.actions.workername" -}} +{{- printf "%s-%s" .global.Release.Name .worker | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "gitea.actions.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Storage Class +*/}} +{{- define "gitea.actions.persistence.storageClass" -}} +{{- $storageClass := default (tpl ( default "" .Values.global.storageClass) .) }} +{{- if $storageClass }} +storageClassName: {{ $storageClass | quote }} +{{- end }} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "gitea.actions.labels" -}} +helm.sh/chart: {{ include "gitea.actions.chart" . }} +app: {{ include "gitea.actions.name" . }} +{{ include "gitea.actions.selectorLabels" . }} +app.kubernetes.io/version: {{ default .Chart.AppVersion | quote }} +version: {{ default .Chart.AppVersion | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{- define "gitea.actions.labels.actRunner" -}} +helm.sh/chart: {{ include "gitea.actions.chart" . }} +app: {{ include "gitea.actions.name" . }}-act-runner +{{ include "gitea.actions.selectorLabels.actRunner" . }} +app.kubernetes.io/version: {{ default .Chart.AppVersion | quote }} +version: {{ default .Chart.AppVersion | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "gitea.actions.selectorLabels" -}} +app.kubernetes.io/name: {{ include "gitea.actions.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{- define "gitea.actions.selectorLabels.actRunner" -}} +app.kubernetes.io/name: {{ include "gitea.actions.name" . }}-act-runner +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{- define "gitea.actions.local_root_url" -}} + {{- .Values.giteaRootURL -}} +{{- end -}} + +{{/* +Common create image implementation +*/}} +{{- define "gitea.actions.common.image" -}} +{{- $fullOverride := .image.fullOverride | default "" -}} +{{- $registry := .root.Values.global.imageRegistry | default .image.registry -}} +{{- $repository := .image.repository -}} +{{- $separator := ":" -}} +{{- $tag := .image.tag | default .root.Chart.AppVersion | toString -}} +{{- $digest := "" -}} +{{- if .image.digest }} + {{- $digest = (printf "@%s" (.image.digest | toString)) -}} +{{- end -}} +{{- if $fullOverride }} + {{- printf "%s" $fullOverride -}} +{{- else if $registry }} + {{- printf "%s/%s%s%s%s" $registry $repository $separator $tag $digest -}} +{{- else -}} + {{- printf "%s%s%s%s" $repository $separator $tag $digest -}} +{{- end -}} +{{- end -}} + +{{/* +Create image for the Gitea Actions Act Runner +*/}} +{{- define "gitea.actions.actRunner.image" -}} +{{ include "gitea.actions.common.image" (dict "root" . "image" .Values.statefulset.actRunner) }} +{{- end -}} + +{{/* +Create image for DinD +*/}} +{{- define "gitea.actions.dind.image" -}} +{{ include "gitea.actions.common.image" (dict "root" . "image" .Values.statefulset.dind) }} +{{- end -}} + +{{/* +Create image for Init +*/}} +{{- define "gitea.actions.init.image" -}} +{{ include "gitea.actions.common.image" (dict "root" . "image" .Values.init.image) }} +{{- end -}} \ No newline at end of file diff --git a/templates/config-act-runner.yaml b/templates/config-act-runner.yaml new file mode 100644 index 0000000..8e8874b --- /dev/null +++ b/templates/config-act-runner.yaml @@ -0,0 +1,19 @@ +{{- if .Values.enabled }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "gitea.actions.fullname" . }}-act-runner-config + namespace: {{ .Values.namespace | default .Release.Namespace }} + labels: + {{- include "gitea.actions.labels" . | nindent 4 }} +data: + config.yaml: | + {{- with .Values.statefulset.actRunner.config -}} + {{- if kindIs "string" . -}} + {{ . | nindent 4}} + {{- else -}} + {{ toYaml . | nindent 4}} + {{- end -}} + {{- end -}} +{{- end }} diff --git a/templates/statefulset.yaml b/templates/statefulset.yaml new file mode 100644 index 0000000..a1b550d --- /dev/null +++ b/templates/statefulset.yaml @@ -0,0 +1,140 @@ +{{- if .Values.enabled }} +{{- $secretName := include "gitea.actions.workername" (dict "global" . "worker" "actions-token") }} +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + {{- include "gitea.actions.labels.actRunner" . | nindent 4 }} + {{- with .Values.statefulset.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + annotations: + {{- with .Values.statefulset.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "gitea.actions.fullname" . }}-act-runner + namespace: {{ .Values.namespace | default .Release.Namespace }} +spec: + replicas: {{ .Values.statefulset.replicas | default 1 }} + selector: + matchLabels: + {{- include "gitea.actions.selectorLabels.actRunner" . | nindent 6 }} + template: + metadata: + annotations: + checksum/config: {{ include (print $.Template.BasePath "/config-act-runner.yaml") . | sha256sum }} + labels: + {{- include "gitea.actions.labels.actRunner" . | nindent 8 }} + {{- with .Values.statefulset.labels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + securityContext: + {{- toYaml .Values.statefulset.securityContext | nindent 8 }} + initContainers: + - name: init-gitea + image: "{{ include "gitea.actions.init.image" . }}" + command: + - sh + - -c + - | + echo 'Trying to reach Gitea on {{ include "gitea.actions.local_root_url" . }}' + until timeout 10 wget --no-check-certificate --spider {{ include "gitea.actions.local_root_url" . }}; do + sleep 3 + echo "Trying again in 3 seconds..." + done + echo "Gitea has been reached!" + containers: + - name: act-runner + image: "{{ include "gitea.actions.actRunner.image" . }}" + imagePullPolicy: {{ .Values.statefulset.actRunner.pullPolicy }} + workingDir: /data + env: + - name: DOCKER_HOST + value: tcp://127.0.0.1:2376 + - name: DOCKER_TLS_VERIFY + value: "1" + - name: DOCKER_CERT_PATH + value: /certs/client + - name: GITEA_RUNNER_REGISTRATION_TOKEN + valueFrom: + secretKeyRef: + name: "{{ .Values.existingSecret | default $secretName }}" + key: "{{ .Values.existingSecretKey | default "token" }}" + - name: GITEA_INSTANCE_URL + value: {{ include "gitea.actions.local_root_url" . }} + - name: CONFIG_FILE + value: /actrunner/config.yaml + - name: TZ + value: {{ .Values.statefulset.timezone | default "Etc/UTC" }} + {{- if .Values.statefulset.actRunner.extraEnvs }} + {{- toYaml .Values.statefulset.actRunner.extraEnvs | nindent 12 }} + {{- end }} + resources: + {{- toYaml .Values.statefulset.resources | nindent 12 }} + volumeMounts: + - mountPath: /actrunner/config.yaml + name: act-runner-config + subPath: config.yaml + - mountPath: /certs/client + name: docker-certs + - mountPath: /data + name: data-act-runner + {{- with .Values.statefulset.actRunner.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + - name: dind + image: "{{ include "gitea.actions.dind.image" . }}" + imagePullPolicy: {{ .Values.statefulset.dind.pullPolicy }} + env: + - name: DOCKER_HOST + value: tcp://127.0.0.1:2376 + - name: DOCKER_TLS_VERIFY + value: "1" + - name: DOCKER_CERT_PATH + value: /certs/client + {{- if .Values.statefulset.dind.extraEnvs }} + {{- toYaml .Values.statefulset.dind.extraEnvs | nindent 12 }} + {{- end }} + securityContext: + privileged: true + resources: + {{- toYaml .Values.statefulset.resources | nindent 12 }} + volumeMounts: + - mountPath: /certs/client + name: docker-certs + {{- with .Values.statefulset.dind.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- range $key, $value := .Values.statefulset.nodeSelector }} + nodeSelector: + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- with .Values.statefulset.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.statefulset.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: act-runner-config + configMap: + name: {{ include "gitea.actions.fullname" . }}-act-runner-config + - name: docker-certs + emptyDir: {} + {{- with .Values.statefulset.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} + volumeClaimTemplates: + - metadata: + name: data-act-runner + spec: + accessModes: [ "ReadWriteOnce" ] + {{- include "gitea.actions.persistence.storageClass" . | nindent 8 }} + resources: + requests: + storage: {{ .Values.statefulset.persistence.size }} +{{- end }} diff --git a/values.yaml b/values.yaml new file mode 100644 index 0000000..6e89f6d --- /dev/null +++ b/values.yaml @@ -0,0 +1,127 @@ +# Configure Gitea Actions +## @section Gitea Actions +# +## @param enabled Create an act runner StatefulSet. +## @param init.image.repository The image used for the init containers +## @param init.image.tag The image tag used for the init containers +## @param statefulset.replicas the amount of (replica) runner pods deployed +## @param statefulset.timezone is the timezone that will be set in the act_runner image +## @param statefulset.annotations Act runner annotations +## @param statefulset.labels Act runner labels +## @param statefulset.resources Act runner resources +## @param statefulset.nodeSelector NodeSelector for the statefulset +## @param statefulset.tolerations Tolerations for the statefulset +## @param statefulset.affinity Affinity for the statefulset +## @param statefulset.extraVolumes Extra volumes for the statefulset +## @param statefulset.actRunner.registry image registry, e.g. gcr.io,docker.io +## @param statefulset.actRunner.repository The Gitea act runner image +## @param statefulset.actRunner.tag The Gitea act runner tag +## @param statefulset.actRunner.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` +## @param statefulset.actRunner.pullPolicy The Gitea act runner pullPolicy +## @param statefulset.actRunner.fullOverride Completely overrides the image registry, path/image, tag and digest. +## @param statefulset.actRunner.extraVolumeMounts Allows mounting extra volumes in the act runner container +## @param statefulset.actRunner.config [default: Too complex. See values.yaml] Act runner custom configuration. See [Act Runner documentation](https://docs.gitea.com/usage/actions/act-runner#configuration) for details. +## @param statefulset.dind.registry image registry, e.g. gcr.io,docker.io +## @param statefulset.actRunner.extraEnvs Allows adding custom environment variables +## @param statefulset.dind.repository The Docker-in-Docker image +## @param statefulset.dind.tag The Docker-in-Docker image tag +## @param statefulset.dind.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` +## @param statefulset.dind.fullOverride Completely overrides the image registry, path/image, tag and digest. +## @param statefulset.dind.pullPolicy The Docker-in-Docker pullPolicy +## @param statefulset.dind.extraVolumeMounts Allows mounting extra volumes in the Docker-in-Docker container +## @param statefulset.dind.extraEnvs Allows adding custom environment variables, such as `DOCKER_IPTABLES_LEGACY` +## @param statefulset.persistence.size Size for persistence to store act runner data +## @param statefulset.securityContext Customize the SecurityContext +## @param existingSecret Secret that contains the token +## @param existingSecretKey Secret key +## @param giteaRootURL URL the act_runner registers and connect with +enabled: false +statefulset: + replicas: 1 + timezone: Etc/UTC + annotations: {} + labels: {} + resources: {} + nodeSelector: {} + tolerations: [] + affinity: {} + extraVolumes: [] + securityContext: {} + + actRunner: + registry: "docker.gitea.com" + repository: act_runner + tag: 0.2.13 + digest: "" + pullPolicy: IfNotPresent + fullOverride: "" + extraVolumeMounts: [] + extraEnvs: + [] + # - name: "GITEA_RUNNER_NAME" + # valueFrom: + # fieldRef: + # fieldPath: metadata.name + + # See full example here: https://gitea.com/gitea/act_runner/src/branch/main/internal/pkg/config/config.example.yaml + config: | + log: + level: debug + cache: + enabled: false + container: + require_docker: true + docker_timeout: 300s + + dind: + registry: "" + repository: docker + tag: 28.3.3-dind + digest: "" + pullPolicy: IfNotPresent + fullOverride: "" + extraVolumeMounts: [] + + # If the container keeps crashing in your environment, you might have to add the `DOCKER_IPTABLES_LEGACY` environment variable. + # See https://github.com/docker-library/docker/issues/463#issuecomment-1881909456 + extraEnvs: + [] + # - name: "DOCKER_IPTABLES_LEGACY" + # value: "1" + + persistence: + size: 1Gi + +## @section Gitea Actions Init +# +## @param init.image.registry image registry, e.g. gcr.io,docker.io +## @param init.image.repository The init image +## @param init.image.tag the init image tag +## @param init.image.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` +## @param init.image.pullPolicy The init image pullPolicy +## @param init.image.fullOverride Completely overrides the image registry, path/image, tag and digest. +init: + image: + registry: "" + repository: busybox + # Overrides the image tag whose default is the chart appVersion. + tag: "1.37.0" + digest: "" + pullPolicy: IfNotPresent + fullOverride: "" + +## Specify an existing token secret +## +existingSecret: "" +existingSecretKey: "" + +## Specify the root URL of the Gitea instance +giteaRootURL: "" + +## @section Global +# +## @param global.imageRegistry global image registry override +## @param global.storageClass global storage class override +global: + imageRegistry: "" + storageClass: ""