Deploy Forgejo on railiance01 using gitea-charts/gitea 12.5.0
Pin chart to 12.5.0 because 12.6+ calls `gitea config edit-ini`, which Forgejo 11 lacks. Ingress targets forgejo-gitea-http (Helm release naming). Smoke test uses GET for /v2/ registry challenge (HEAD returns 405).
This commit is contained in:
parent
6d00232865
commit
75698636c6
8 changed files with 296 additions and 2 deletions
67
Makefile
67
Makefile
|
|
@ -32,10 +32,24 @@ REUSE_CERTIFICATE ?= reuse-surface-tls
|
|||
RAILIANCE01_KUBECONFIG ?= $(HOME)/.kube/config-hosteurope
|
||||
INTER_HUB_KUBECONFIG ?= $(RAILIANCE01_KUBECONFIG)
|
||||
REUSE_KUBECONFIG ?= $(RAILIANCE01_KUBECONFIG)
|
||||
FORGEJO_KUBECONFIG ?= $(RAILIANCE01_KUBECONFIG)
|
||||
FORGEJO_RELEASE ?= forgejo
|
||||
FORGEJO_NAMESPACE ?= forgejo
|
||||
FORGEJO_CHART ?= gitea-charts/gitea
|
||||
# Forgejo 11.x (Gitea 1.22) lacks `gitea config edit-ini`; chart 12.6+ requires Gitea 1.26+.
|
||||
FORGEJO_CHART_VERSION ?= 12.5.0
|
||||
FORGEJO_VALUES ?= helm/forgejo-values.yaml
|
||||
FORGEJO_REGISTRY_VALUES ?= helm/forgejo-registry-values.yaml
|
||||
FORGEJO_SECRETS ?= helm/forgejo-secrets.sops.yaml
|
||||
FORGEJO_INGRESS ?= manifests/forgejo-ingress.yaml
|
||||
FORGEJO_SSH_NODEPORT ?= manifests/forgejo-ssh-nodeport.yaml
|
||||
FORGEJO_BASE_URL ?= https://forgejo.coulomb.social
|
||||
FORGEJO_DB_CLUSTER ?= forgejo-db
|
||||
FORGEJO_DB_NAMESPACE ?= databases
|
||||
INTER_HUB_IMAGE_REF = $(INTER_HUB_IMAGE_REPOSITORY):$(INTER_HUB_IMAGE_TAG)
|
||||
INTER_HUB_IMAGE_SET_ARG = $(if $(strip $(INTER_HUB_IMAGE_TAG)),--set image.tag=$(INTER_HUB_IMAGE_TAG),)
|
||||
|
||||
SOPS_SENTINEL ?=
|
||||
SOPS_SENTINEL ?= $(FORGEJO_SECRETS)
|
||||
DRY_RUN_CREATE_NAMESPACES ?= false
|
||||
|
||||
##@ Operator checks
|
||||
|
|
@ -153,6 +167,55 @@ inter-hub-smoke: ## Verify public inter-hub v2 route and OpenAPI surface after r
|
|||
inter-hub-logs: check-railiance01-kubeconfig ## Tail inter-hub app logs from Railiance01
|
||||
KUBECONFIG="$(INTER_HUB_KUBECONFIG)" kubectl logs -n $(INTER_HUB_NAMESPACE) -l app=$(INTER_HUB_RELEASE) -f --tail=50
|
||||
|
||||
##@ Forgejo (forgejo.coulomb.social)
|
||||
|
||||
forgejo-dry-run: check-railiance01-kubeconfig check-sops ## helm template render for Forgejo
|
||||
KUBECONFIG="$(FORGEJO_KUBECONFIG)" helm template $(FORGEJO_RELEASE) $(FORGEJO_CHART) \
|
||||
--version $(FORGEJO_CHART_VERSION) \
|
||||
--namespace $(FORGEJO_NAMESPACE) \
|
||||
-f $(FORGEJO_VALUES) \
|
||||
-f $(FORGEJO_REGISTRY_VALUES) \
|
||||
-f <(sops -d $(FORGEJO_SECRETS))
|
||||
|
||||
forgejo-server-dry-run: check-railiance01-kubeconfig check-sops ## Helm server dry-run Forgejo upgrade
|
||||
KUBECONFIG="$(FORGEJO_KUBECONFIG)" helm upgrade --install $(FORGEJO_RELEASE) $(FORGEJO_CHART) \
|
||||
--version $(FORGEJO_CHART_VERSION) \
|
||||
--namespace $(FORGEJO_NAMESPACE) --create-namespace \
|
||||
-f $(FORGEJO_VALUES) \
|
||||
-f $(FORGEJO_REGISTRY_VALUES) \
|
||||
-f <(sops -d $(FORGEJO_SECRETS)) \
|
||||
--dry-run=server --timeout 5m
|
||||
|
||||
forgejo-deploy: check-railiance01-kubeconfig check-sops ## Deploy / upgrade Forgejo on railiance01
|
||||
KUBECONFIG="$(FORGEJO_KUBECONFIG)" helm repo add gitea-charts https://dl.gitea.com/charts/ --force-update
|
||||
KUBECONFIG="$(FORGEJO_KUBECONFIG)" helm upgrade --install $(FORGEJO_RELEASE) $(FORGEJO_CHART) \
|
||||
--version $(FORGEJO_CHART_VERSION) \
|
||||
--namespace $(FORGEJO_NAMESPACE) --create-namespace \
|
||||
-f $(FORGEJO_VALUES) \
|
||||
-f $(FORGEJO_REGISTRY_VALUES) \
|
||||
-f <(sops -d $(FORGEJO_SECRETS)) \
|
||||
--wait --timeout 10m
|
||||
|
||||
forgejo-ingress-deploy: check-railiance01-kubeconfig ## Apply Forgejo HTTPS ingress
|
||||
KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl apply -f $(FORGEJO_INGRESS)
|
||||
|
||||
forgejo-ssh-nodeport-deploy: check-railiance01-kubeconfig ## Apply Forgejo SSH NodePort (30022)
|
||||
KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl apply -f $(FORGEJO_SSH_NODEPORT)
|
||||
|
||||
forgejo-status: check-railiance01-kubeconfig ## Show Forgejo pods, svc, ingress, cert, database
|
||||
KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl get pods,svc,ingress,certificate,pvc -n $(FORGEJO_NAMESPACE) --ignore-not-found
|
||||
@if KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl cnpg status $(FORGEJO_DB_CLUSTER) -n $(FORGEJO_DB_NAMESPACE) >/dev/null 2>&1; then \
|
||||
KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl cnpg status $(FORGEJO_DB_CLUSTER) -n $(FORGEJO_DB_NAMESPACE); \
|
||||
else \
|
||||
KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl get cluster $(FORGEJO_DB_CLUSTER) -n $(FORGEJO_DB_NAMESPACE) --ignore-not-found; \
|
||||
fi
|
||||
|
||||
forgejo-smoke: ## Verify Forgejo web and OCI registry challenge
|
||||
FORGEJO_BASE_URL="$(FORGEJO_BASE_URL)" tools/forgejo-smoke.sh
|
||||
|
||||
forgejo-logs: check-railiance01-kubeconfig ## Tail Forgejo application logs
|
||||
KUBECONFIG="$(FORGEJO_KUBECONFIG)" kubectl logs -n $(FORGEJO_NAMESPACE) -l app.kubernetes.io/instance=$(FORGEJO_RELEASE) -f --tail=50
|
||||
|
||||
##@ reuse-surface (reuse.coulomb.social)
|
||||
|
||||
reuse-dry-run: check-railiance01-kubeconfig ## helm template render (no apply) for reuse-surface
|
||||
|
|
@ -183,4 +246,4 @@ help: ## Show this help
|
|||
/^[a-zA-Z0-9_-]+:.*?##/ { printf " \033[36m%-20s\033[0m %s\n", $$1, $$2 } \
|
||||
/^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) }' $(MAKEFILE_LIST)
|
||||
|
||||
.PHONY: check-tools check-sops k8s-server-dry-run apps-pg-status check-railiance01-kubeconfig check-inter-hub-image-tag check-inter-hub-image vergabe-dry-run vergabe-deploy vergabe-ingress-deploy vergabe-status vergabe-migrate vergabe-seed vergabe-superuser vergabe-logs vergabe-db-url-secret inter-hub-render-baseline inter-hub-dry-run inter-hub-server-dry-run inter-hub-deploy inter-hub-status inter-hub-release-info inter-hub-smoke inter-hub-logs reuse-dry-run reuse-deploy reuse-status reuse-smoke reuse-logs help
|
||||
.PHONY: check-tools check-sops k8s-server-dry-run apps-pg-status check-railiance01-kubeconfig check-inter-hub-image-tag check-inter-hub-image vergabe-dry-run vergabe-deploy vergabe-ingress-deploy vergabe-status vergabe-migrate vergabe-seed vergabe-superuser vergabe-logs vergabe-db-url-secret forgejo-dry-run forgejo-server-dry-run forgejo-deploy forgejo-ingress-deploy forgejo-ssh-nodeport-deploy forgejo-status forgejo-smoke forgejo-logs inter-hub-render-baseline inter-hub-dry-run inter-hub-server-dry-run inter-hub-deploy inter-hub-status inter-hub-release-info inter-hub-smoke inter-hub-logs reuse-dry-run reuse-deploy reuse-status reuse-smoke reuse-logs help
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue