From 21238a032dbe88cd6a41d43e23133b32e3a8fab0 Mon Sep 17 00:00:00 2001 From: Sebastian Kippe Date: Sun, 27 Jan 2019 16:19:19 +0800 Subject: [PATCH 1/4] Add default and Kosmos label sets Adds custom label set configs, overriding the default set and adding a new one for Kosmos (that includes kredits labels). closes #4 --- custom/options/label/Default | 11 +++++++++++ custom/options/label/Kosmos | 14 ++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 custom/options/label/Default create mode 100644 custom/options/label/Kosmos diff --git a/custom/options/label/Default b/custom/options/label/Default new file mode 100644 index 0000000..0bdfe06 --- /dev/null +++ b/custom/options/label/Default @@ -0,0 +1,11 @@ +#db231d bug ; Something is not working +#76db1d enhancement ; Improving existing functionality +#1d76db feature ; New functionality +#db1d76 idea ; Something to consider +#db1d76 question ; Looking for an answer +#fbca04 security ; All your base are belong to us +#1dd5db ui/ux ; User interface, process design, etc. +#333333 dev environment ; Config, builds, CI, deployment, etc. +#cccccc duplicate ; This issue or pull request already exists +#cccccc invalid ; Not a bug +#cccccc wontfix ; This won't be fixed diff --git a/custom/options/label/Kosmos b/custom/options/label/Kosmos new file mode 100644 index 0000000..5b29e23 --- /dev/null +++ b/custom/options/label/Kosmos @@ -0,0 +1,14 @@ +#db231d bug ; Something is not working +#76db1d enhancement ; Improving existing functionality +#1d76db feature ; New functionality +#db1d76 idea ; Something to consider +#db1d76 question ; Looking for an answer +#fbca04 security ; All your base are belong to us +#1dd5db ui/ux ; User interface, process design, etc. +#333333 dev environment ; Config, builds, CI, deployment, etc. +#008080 kredits-1 ; Small contribution +#008080 kredits-2 ; Medium contribution +#008080 kredits-3 ; Large contribution +#cccccc duplicate ; This issue or pull request already exists +#cccccc invalid ; Not a bug +#cccccc wontfix ; This won't be fixed From eba722992fe7faf6157b5b3ba5e1d5d1fddb9cc6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Tue, 5 Feb 2019 20:29:08 +0100 Subject: [PATCH 2/4] Copy the labels to the persistent data volume Move the custom label definitions to a custom folder in the kubernetes folder, as well as the config files --- .gitignore | 2 +- kubernetes/{ => custom}/config/.gitkeep | 0 .../custom}/options/label/Default | 0 .../custom}/options/label/Kosmos | 0 kubernetes/gitea-server.yaml | 16 ++++++++++++---- script/get_secrets | 2 +- script/replace_secrets | 4 ++-- 7 files changed, 16 insertions(+), 8 deletions(-) rename kubernetes/{ => custom}/config/.gitkeep (100%) rename {custom => kubernetes/custom}/options/label/Default (100%) rename {custom => kubernetes/custom}/options/label/Kosmos (100%) diff --git a/.gitignore b/.gitignore index 769e3a7..748794d 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -/kubernetes/config/ +/kubernetes/custom/config/ diff --git a/kubernetes/config/.gitkeep b/kubernetes/custom/config/.gitkeep similarity index 100% rename from kubernetes/config/.gitkeep rename to kubernetes/custom/config/.gitkeep diff --git a/custom/options/label/Default b/kubernetes/custom/options/label/Default similarity index 100% rename from custom/options/label/Default rename to kubernetes/custom/options/label/Default diff --git a/custom/options/label/Kosmos b/kubernetes/custom/options/label/Kosmos similarity index 100% rename from custom/options/label/Kosmos rename to kubernetes/custom/options/label/Kosmos diff --git a/kubernetes/gitea-server.yaml b/kubernetes/gitea-server.yaml index 61ad820..90eb3d5 100644 --- a/kubernetes/gitea-server.yaml +++ b/kubernetes/gitea-server.yaml @@ -15,16 +15,21 @@ spec: initContainers: - name: init-config image: busybox - command: ['sh', '-c', 'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && chown -R 1000:1000 /data/gitea'] + command: [ + 'sh', '-c', + 'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && mkdir -p /data/gitea/options/label && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && cp /root/options/label/* /data/gitea/options/label/ && chown -R 1000:1000 /data/gitea' + ] volumeMounts: - mountPath: /data name: gitea-server-data - mountPath: /root/conf name: config + # The labels have been created as a ConfigMap from local files using this command: + # + # kubectl create configmap gitea-options-label --from-file=custom/options/label/ + - mountPath: /root/options/label + name: label containers: - # This is only used for the initial setup, it does nothing once a app.ini - # file exists in the conf/ directory of the data directory - # (/data/gitea/conf in our case) - name: gitea-server image: gitea/gitea:1.7.1 ports: @@ -52,6 +57,9 @@ spec: - key: key.pem path: key.pem mode: 256 + - name: label + configMap: + name: gitea-options-label --- apiVersion: v1 kind: PersistentVolumeClaim diff --git a/script/get_secrets b/script/get_secrets index 0a7dcc2..310929c 100755 --- a/script/get_secrets +++ b/script/get_secrets @@ -7,7 +7,7 @@ secret = `kubectl get secret gitea-config -o yaml` yaml = YAML.load(secret) yaml['data'].each do |key, data| - filename = File.join('kubernetes', 'config', key) + filename = File.join('kubernetes', 'custom', 'config', key) File.open(filename, "w+") do |f| puts "Writing #{filename}" f.write Base64.decode64(data) diff --git a/script/replace_secrets b/script/replace_secrets index 2a3de09..c2ef0cf 100755 --- a/script/replace_secrets +++ b/script/replace_secrets @@ -2,8 +2,8 @@ # Delete the gitea-config secrets kubectl delete secret gitea-config -# Replace it from the local files in kubernetes/config/* (acquired by running +# Replace it from the local files in kubernetes/custom/config/* (acquired by running # ./script/get_secrets) -kubectl create secret generic gitea-config --from-file=cert.pem=kubernetes/config/cert.pem --from-file=key.pem=kubernetes/config/key.pem --from-file=app.ini=kubernetes/config/app.ini +kubectl create secret generic gitea-config --from-file=cert.pem=kubernetes/custom/config/cert.pem --from-file=key.pem=kubernetes/custom/config/key.pem --from-file=app.ini=kubernetes/custom/config/app.ini # Force the pod to restart by patching the deployment resource kubectl patch deployment gitea-server -p "{\"spec\":{\"template\":{\"metadata\":{\"annotations\":{\"date\":\"`date +'%s'`\"}}}}}" From bbfa3f29641fdc083d46b0fde6da1e5e0d347101 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Wed, 27 Feb 2019 17:47:48 +0100 Subject: [PATCH 3/4] Add a script to copy the content of the custom folder to a running pod For now it is only labels, but adding anything supported will work (robots.txt, public files, templates, etc) The content will be copied to the /data/gitea/ folder that is a mounted persistent volume https://docs.gitea.io/en-us/customizing-gitea/ --- .gitignore | 2 +- README.md | 6 ++++++ kubernetes/{custom => }/config/.gitkeep | 0 kubernetes/gitea-server.yaml | 10 +--------- script/copy_customization | 11 +++++++++++ script/get_secrets | 2 +- script/replace_secrets | 4 ++-- 7 files changed, 22 insertions(+), 13 deletions(-) rename kubernetes/{custom => }/config/.gitkeep (100%) create mode 100755 script/copy_customization diff --git a/.gitignore b/.gitignore index 748794d..769e3a7 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -/kubernetes/custom/config/ +/kubernetes/config/ diff --git a/README.md b/README.md index f9bc1dc..bbf687a 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,12 @@ This repository contains configuration files and other assets, that are used to deploy and operate this Gitea instance. +To upload the customization files to the running pod: + +``` +./script/copy_customization +``` + Feel free to [open issues] for questions, suggestions, bugs, to-do items, and whatever else you want to discuss or resolve. diff --git a/kubernetes/custom/config/.gitkeep b/kubernetes/config/.gitkeep similarity index 100% rename from kubernetes/custom/config/.gitkeep rename to kubernetes/config/.gitkeep diff --git a/kubernetes/gitea-server.yaml b/kubernetes/gitea-server.yaml index 802fd8e..7284ed5 100644 --- a/kubernetes/gitea-server.yaml +++ b/kubernetes/gitea-server.yaml @@ -17,18 +17,13 @@ spec: image: busybox command: [ 'sh', '-c', - 'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && mkdir -p /data/gitea/options/label && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && cp /root/options/label/* /data/gitea/options/label/ && chown -R 1000:1000 /data/gitea' + 'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && chown -R 1000:1000 /data/gitea' ] volumeMounts: - mountPath: /data name: gitea-server-data - mountPath: /root/conf name: config - # The labels have been created as a ConfigMap from local files using this command: - # - # kubectl create configmap gitea-options-label --from-file=custom/options/label/ - - mountPath: /root/options/label - name: label containers: - name: gitea-server image: gitea/gitea:1.7.2 @@ -57,9 +52,6 @@ spec: - key: key.pem path: key.pem mode: 256 - - name: label - configMap: - name: gitea-options-label --- apiVersion: v1 kind: PersistentVolumeClaim diff --git a/script/copy_customization b/script/copy_customization new file mode 100755 index 0000000..9b4ee13 --- /dev/null +++ b/script/copy_customization @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +for podname in $(kubectl get pods -l name=gitea-server -o json \ + | jq -r '.items[].metadata.name'); do + for path in ./kubernetes/custom/*; do + echo "Copying ${path}..." + kubectl cp "${path}" "${podname}":"/data/gitea/" + done + # Fix permissions + kubectl exec "${podname}" -- chown -R 1000:1000 /data/gitea/ + done diff --git a/script/get_secrets b/script/get_secrets index 310929c..0a7dcc2 100755 --- a/script/get_secrets +++ b/script/get_secrets @@ -7,7 +7,7 @@ secret = `kubectl get secret gitea-config -o yaml` yaml = YAML.load(secret) yaml['data'].each do |key, data| - filename = File.join('kubernetes', 'custom', 'config', key) + filename = File.join('kubernetes', 'config', key) File.open(filename, "w+") do |f| puts "Writing #{filename}" f.write Base64.decode64(data) diff --git a/script/replace_secrets b/script/replace_secrets index c2ef0cf..2a3de09 100755 --- a/script/replace_secrets +++ b/script/replace_secrets @@ -2,8 +2,8 @@ # Delete the gitea-config secrets kubectl delete secret gitea-config -# Replace it from the local files in kubernetes/custom/config/* (acquired by running +# Replace it from the local files in kubernetes/config/* (acquired by running # ./script/get_secrets) -kubectl create secret generic gitea-config --from-file=cert.pem=kubernetes/custom/config/cert.pem --from-file=key.pem=kubernetes/custom/config/key.pem --from-file=app.ini=kubernetes/custom/config/app.ini +kubectl create secret generic gitea-config --from-file=cert.pem=kubernetes/config/cert.pem --from-file=key.pem=kubernetes/config/key.pem --from-file=app.ini=kubernetes/config/app.ini # Force the pod to restart by patching the deployment resource kubectl patch deployment gitea-server -p "{\"spec\":{\"template\":{\"metadata\":{\"annotations\":{\"date\":\"`date +'%s'`\"}}}}}" From e0741b443816ba5952f9aa50808d9094a9f1bb5e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= Date: Mon, 1 Apr 2019 17:01:16 +0200 Subject: [PATCH 4/4] Ship the customizations as a Docker image The Docker image is used in the initialization process, to copy everything in the custom folder to the Gitea data dir (mounted as a persistent volume). It is built using Packer and is based on the busybox image, so we can use its minimalist shell system to copy files and set permissions --- README.md | 16 ++++++++-- .../custom => custom}/options/label/Default | 0 .../custom => custom}/options/label/Kosmos | 0 kubernetes/gitea-server.yaml | 7 +++-- packer/custom.json | 29 +++++++++++++++++++ script/build_customizations_image | 7 +++++ script/copy_customization | 11 ------- 7 files changed, 55 insertions(+), 15 deletions(-) rename {kubernetes/custom => custom}/options/label/Default (100%) rename {kubernetes/custom => custom}/options/label/Kosmos (100%) create mode 100644 packer/custom.json create mode 100755 script/build_customizations_image delete mode 100755 script/copy_customization diff --git a/README.md b/README.md index bbf687a..af0054b 100644 --- a/README.md +++ b/README.md @@ -3,10 +3,22 @@ This repository contains configuration files and other assets, that are used to deploy and operate this Gitea instance. -To upload the customization files to the running pod: +To create a new image containing the customizations: + +Edit `packer/custom.json` to increment the tag, then run this script (needs +[Packer](https://www.packer.io/) in your path) ``` -./script/copy_customization +./script/build_customizations_image +``` + +Then edit `kubernetes/gitea-server.yaml` to use the new tag +(`image: eu.gcr.io/fluted-magpie-218106/gitea_custom:$VERSION`) and apply the +change: + +``` +cd kubernetes +kubectl apply -f gitea-server.yaml ``` Feel free to [open issues] for questions, suggestions, bugs, to-do items, and diff --git a/kubernetes/custom/options/label/Default b/custom/options/label/Default similarity index 100% rename from kubernetes/custom/options/label/Default rename to custom/options/label/Default diff --git a/kubernetes/custom/options/label/Kosmos b/custom/options/label/Kosmos similarity index 100% rename from kubernetes/custom/options/label/Kosmos rename to custom/options/label/Kosmos diff --git a/kubernetes/gitea-server.yaml b/kubernetes/gitea-server.yaml index c4dfd9e..15cc123 100644 --- a/kubernetes/gitea-server.yaml +++ b/kubernetes/gitea-server.yaml @@ -14,10 +14,13 @@ spec: spec: initContainers: - name: init-config - image: busybox + # This is a busybox image with our gitea customizations saved to + # /custom, built using ./script/build_customizations_image from the + # root of the repo + image: eu.gcr.io/fluted-magpie-218106/gitea_custom:0.1 command: [ 'sh', '-c', - 'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && chown -R 1000:1000 /data/gitea' + 'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && cp -R /custom/* /data/gitea && chown -R 1000:1000 /data/gitea' ] volumeMounts: - mountPath: /data diff --git a/packer/custom.json b/packer/custom.json new file mode 100644 index 0000000..cbbffad --- /dev/null +++ b/packer/custom.json @@ -0,0 +1,29 @@ +{ + "builders": [{ + "type": "docker", + "image": "busybox", + "run_command": ["-d", "-i", "-t", "{{.Image}}", "/bin/sh"], + "commit": true + }], + "provisioners": [ + { + "inline": ["mkdir /custom"], + "type": "shell" + }, + { + "type": "file", + "source": "../custom/", + "destination": "/custom" + } + ], + "post-processors": [ + [ + { + "type": "docker-tag", + "repository": "eu.gcr.io/fluted-magpie-218106/gitea_custom", + "tag": "0.1" + }, + "docker-push" + ] + ] +} diff --git a/script/build_customizations_image b/script/build_customizations_image new file mode 100755 index 0000000..da61186 --- /dev/null +++ b/script/build_customizations_image @@ -0,0 +1,7 @@ +#!/usr/bin/env bash +# fail fast +set -e + +cd packer/ +packer build custom.json +cd - diff --git a/script/copy_customization b/script/copy_customization deleted file mode 100755 index 9b4ee13..0000000 --- a/script/copy_customization +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/env bash - -for podname in $(kubectl get pods -l name=gitea-server -o json \ - | jq -r '.items[].metadata.name'); do - for path in ./kubernetes/custom/*; do - echo "Copying ${path}..." - kubectl cp "${path}" "${podname}":"/data/gitea/" - done - # Fix permissions - kubectl exec "${podname}" -- chown -R 1000:1000 /data/gitea/ - done