Copy the labels to the persistent data volume

Move the custom label definitions to a custom folder in the kubernetes
folder, as well as the config files

.gitignore

@@ -1 +1 @@
-/kubernetes/config/
+/kubernetes/custom/config/

doc/kubernetes.md

@@ -41,3 +41,31 @@ Kubernetes before uploading them again. This is done by this script:
 > @whitecolor, in your case you should be fine by clearing `PV.Spec.ClaimRef.UID` in the PV. Only the re-created PVC (with any UID) can then use the PV. And it's your responsibility that only the right person can craft appropriate PVC so nobody can steal your data.
 
 https://github.com/kubernetes/kubernetes/issues/48609#issuecomment-314066616
+
+## Update Gitea
+
+### Released version
+
+Change the image for the gitea-server container
+(`kubernetes/gitea-server.yaml`) to `gitea/gitea:TAG`, for example:
+`gitea/gitea:1.7.0-rc2`
+
+### Unreleased version
+
+This is useful to deploy features that are in master but not yet in a release.
+
+    $ docker pull gitea/gitea
+    $ docker tag gitea/gitea:latest kosmosorg/gitea:production
+    $ docker push kosmosorg/gitea
+
+Set the image for the gitea-server container to `kosmosorg/gitea:latest`, or run 
+this command to force a deployment if it is already set to it
+
+    $ kubectl patch deployment gitea-server -p "{\"spec\":{\"template\":{\"metadata\":{\"annotations\":{\"date\":\"`date +'%s'`\"}}}}}"
+
+### Build our own image
+
+At the root of the [https://github.com/go-gitea/gitea](gitea repo)
+
+    $ DOCKER_TAG=production DOCKER_IMAGE=kosmosorg/gitea make docker # builds and tags kosmosorg/gitea:production locally
+    $ docker push kosmosorg/gitea

kubernetes/gitea-server.yaml

@@ -15,18 +15,23 @@ spec:
       initContainers:
         - name: init-config
           image: busybox
-          command: ['sh', '-c', 'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && chown -R 1000:1000 /data/gitea']
+          command: [
+            'sh', '-c',
+            'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && mkdir -p /data/gitea/options/label && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && cp /root/options/label/* /data/gitea/options/label/ && chown -R 1000:1000 /data/gitea'
+          ]
           volumeMounts:
           - mountPath: /data
             name: gitea-server-data
           - mountPath: /root/conf
             name: config
+          # The labels have been created as a ConfigMap from local files using this command:
+          #
+          # kubectl create configmap gitea-options-label --from-file=custom/options/label/
+          - mountPath: /root/options/label
+            name: label
       containers:
-      # This is only used for the initial setup, it does nothing once a app.ini
-      # file exists in the conf/ directory of the data directory
-      # (/data/gitea/conf in our case)
       - name: gitea-server
-        image: gitea/gitea:1.7
+        image: gitea/gitea:1.7.1
         ports:
         - containerPort: 3000
         - containerPort: 3001
@@ -52,6 +57,9 @@ spec:
             - key: key.pem
               path: key.pem
               mode: 256
+      - name: label
+        configMap:
+          name: gitea-options-label
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim

script/get_secrets

@@ -7,7 +7,7 @@ secret = `kubectl get secret gitea-config -o yaml`
 yaml = YAML.load(secret)
 
 yaml['data'].each do |key, data|
-  filename = File.join('kubernetes', 'config', key)
+  filename = File.join('kubernetes', 'custom', 'config', key)
   File.open(filename, "w+") do |f|
     puts "Writing #{filename}"
     f.write Base64.decode64(data)

script/replace_secrets

@@ -2,8 +2,8 @@
 
 # Delete the gitea-config secrets
 kubectl delete secret gitea-config
-# Replace it from the local files in kubernetes/config/* (acquired by running
+# Replace it from the local files in kubernetes/custom/config/* (acquired by running
 # ./script/get_secrets)
-kubectl create secret generic gitea-config --from-file=cert.pem=kubernetes/config/cert.pem --from-file=key.pem=kubernetes/config/key.pem --from-file=app.ini=kubernetes/config/app.ini
+kubectl create secret generic gitea-config --from-file=cert.pem=kubernetes/custom/config/cert.pem --from-file=key.pem=kubernetes/custom/config/key.pem --from-file=app.ini=kubernetes/custom/config/app.ini
 # Force the pod to restart by patching the deployment resource
 kubectl patch deployment gitea-server -p "{\"spec\":{\"template\":{\"metadata\":{\"annotations\":{\"date\":\"`date +'%s'`\"}}}}}"