Ship the customizations as a Docker image

The Docker image is used in the initialization process, to copy
everything in the custom folder to the Gitea data dir (mounted as a
persistent volume). It is built using Packer and is based on the busybox
image, so we can use its minimalist shell system to copy files and set
permissions

README.md

@@ -3,10 +3,22 @@
 This repository contains configuration files and other assets, that are used to
 deploy and operate this Gitea instance.
 
-To upload the customization files to the running pod:
+To create a new image containing the customizations:
+
+Edit `packer/custom.json` to increment the tag, then run this script (needs
+[Packer](https://www.packer.io/) in your path)
 
 ```
-./script/copy_customization
+./script/build_customizations_image
+```
+
+Then edit `kubernetes/gitea-server.yaml` to use the new tag
+(`image: eu.gcr.io/fluted-magpie-218106/gitea_custom:$VERSION`) and apply the
+change:
+
+```
+cd kubernetes
+kubectl apply -f gitea-server.yaml
 ```
 
 Feel free to [open issues] for questions, suggestions, bugs, to-do items, and

kubernetes/gitea-server.yaml

@@ -14,10 +14,13 @@ spec:
     spec:
       initContainers:
         - name: init-config
-          image: busybox
+          # This is a busybox image with our gitea customizations saved to
+          # /custom, built using ./script/build_customizations_image from the
+          # root of the repo
+          image: eu.gcr.io/fluted-magpie-218106/gitea_custom:0.1
           command: [
             'sh', '-c',
-            'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && chown -R 1000:1000 /data/gitea'
+            'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && cp -R /custom/* /data/gitea && chown -R 1000:1000 /data/gitea'
           ]
           volumeMounts:
           - mountPath: /data

packer/custom.json

@@ -0,0 +1,29 @@
+{
+  "builders": [{
+    "type": "docker",
+    "image": "busybox",
+    "run_command": ["-d", "-i", "-t", "{{.Image}}", "/bin/sh"],
+    "commit": true
+  }],
+  "provisioners": [
+    {
+      "inline": ["mkdir /custom"],
+      "type": "shell"
+    },
+    {
+      "type": "file",
+      "source": "../custom/",
+      "destination": "/custom"
+    }
+  ],
+  "post-processors": [
+    [
+      {
+        "type": "docker-tag",
+        "repository": "eu.gcr.io/fluted-magpie-218106/gitea_custom",
+        "tag": "0.1"
+      },
+      "docker-push"
+    ]
+  ]
+}

script/build_customizations_image

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+# fail fast
+set -e
+
+cd packer/
+packer build custom.json
+cd -

script/copy_customization

@@ -1,11 +0,0 @@
-#!/usr/bin/env bash
-
-for podname in $(kubectl get pods -l name=gitea-server -o json \
-  | jq -r '.items[].metadata.name'); do
-    for path in ./kubernetes/custom/*; do
-      echo "Copying ${path}..."
-      kubectl cp "${path}" "${podname}":"/data/gitea/"
-    done
-  # Fix permissions
-  kubectl exec "${podname}" -- chown -R 1000:1000 /data/gitea/
-  done