Merge branch 'docs_label' of kosmos/gitea.kosmos.org into master

It was previously set to extensions/v1beta1. I have discovered that when
the Deployment is created as a extensions/v1beta1, it causes the
existing pod to be killed immediately when doing a rolling update. When
the Deployment was created as apps/v1, a rolling update behaves as
expected: a new pod is created, and the old one is only terminated once
the new pod is ready to serve traffic.

The existing Deployment resource will need to be deleted and recreated:

    kubectl delete deployment gitea-server
    kubectl apply -f gitea-server.yaml

Applying the file without deleting it first will not fix the issue with
rolling updates. It will cause a short downtime

.gitmodules

@@ -1,3 +0,0 @@
-[submodule "vendor/ark"]
-	path = vendor/ark
-	url = git@github.com:heptio/ark.git

README.md

@@ -1,9 +1,26 @@
 # gitea.kosmos.org
 
 This repository contains configuration files and other assets, that are used to
-deploy and operate this Gitea instance.
+deploy and operate this Gitea instance. Feel free to [open
+issues](https://gitea.kosmos.org/kosmos/gitea.kosmos.org/issues) for questions,
+suggestions, bugs, to-do items, and whatever else you want to discuss or
+resolve.
 
-Feel free to [open issues] for questions, suggestions, bugs, to-do items, and
+## Building & deploying
-whatever else you want to discuss or resolve.
 
-[open issues]: https://gitea.kosmos.org/kosmos/gitea.kosmos.org/issues
+To create a new image containing the customizations:
+
+Edit `packer/custom.json` to increment the tag, then run this script (needs
+[Packer](https://www.packer.io/) in your path)
+
+
+    ./script/build_customizations_image
+
+
+Then edit `kubernetes/gitea-server.yaml` to use the new tag
+(`image: eu.gcr.io/fluted-magpie-218106/gitea_custom:$VERSION`) and apply the
+change:
+
+
+    cd kubernetes
+    kubectl apply -f gitea-server.yaml

custom/options/label/Default

@@ -0,0 +1,11 @@
+#db231d bug ; Something is not working
+#76db1d enhancement ; Improving existing functionality
+#1d76db feature ; New functionality
+#db1d76 idea ; Something to consider
+#db1d76 question ; Looking for an answer
+#fbca04 security ; All your base are belong to us
+#1dd5db ui/ux ; User interface, process design, etc.
+#333333 dev environment ; Config, builds, CI, deployment, etc.
+#cccccc duplicate ; This issue or pull request already exists
+#cccccc invalid ; Not a bug
+#cccccc wontfix ; This won't be fixed

custom/options/label/Kosmos

@@ -0,0 +1,15 @@
+#db231d bug ; Something is not working
+#ead746 docs ; Documentation
+#76db1d enhancement ; Improving existing functionality
+#1d76db feature ; New functionality
+#db1d76 idea ; Something to consider
+#db1d76 question ; Looking for an answer
+#fbca04 security ; All your base are belong to us
+#1dd5db ui/ux ; User interface, process design, etc.
+#333333 dev environment ; Config, builds, CI, deployment, etc.
+#008080 kredits-1 ; Small contribution
+#008080 kredits-2 ; Medium contribution
+#008080 kredits-3 ; Large contribution
+#cccccc duplicate ; This issue or pull request already exists
+#cccccc invalid ; Not a bug
+#cccccc wontfix ; This won't be fixed

doc/backup-and-restore.md

@@ -1,36 +1,28 @@
 # Backups
 
-We're using [Ark][1] for backing up Kubernetes config and GKE resources. It is
+We're using [Velero][1] (formerly Ark) for backing up Kubernetes config and GKE
-available as a Git submodule in the `vendor/` folder (incl. the `ark`
+resources. It is available as a compiled binary for your platform [on GitHub][2]
-executable).
 
-In order to initialize and update submodules in your local repo, run once:
+The Velero service is running on the Sidamo cluster and was set up using the
-
+[official docs' GCP instructions][3]. There's a daily backup
-    git submodule update --init
-
-Then, to fetch/update the modules, run:
-
-    git submodule update
-
-The Ark service is running on the Sidamo cluster and was set up using the
-[official docs' GCP instructions and config files][4]. There's a daily backup
 schedule in effect for Gitea (using the label `app=gitea`).
 
-Please refer to Ark's [ Getting Started ][5] doc for all backup and restore
+Please refer to Velero's [ Getting Started ][4] doc for all backup and restore
 commands.
 
 ## Backup location
 
 Cluster configuration (including all live resources) is backed up to [a Google
-Cloud Storage container][3].
+Cloud Storage container][5].
 
 ## Persistent volumes
 
-Persistent volumes are just GCE disks. Thus, with the current config, Ark
+Persistent volumes are just GCE disks. Thus, with the current config, Velero
-creates volume snapshots as native [GCE disk snapshots][2].
+creates volume snapshots as native [GCE disk snapshots][6].
 
-[1]: https://heptio.github.io/ark/v0.10.0
+[1]: https://velero.io/docs/v1.0.0
-[2]: https://console.cloud.google.com/compute/snapshots?organizationId=772167872692&project=fluted-magpie-218106&tab=snapshots&snapshotssize=50
+[2]: https://github.com/heptio/velero/releases/tag/v1.0.0
-[3]: https://console.cloud.google.com/storage/browser/sidamo-backups?project=fluted-magpie-218106&organizationId=772167872692
+[3]: https://velero.io/docs/v1.0.0/gcp-config/
-[4]: https://heptio.github.io/ark/v0.10.0/gcp-config
+[4]: https://velero.io/docs/v1.0.0/about/
-[5]: https://heptio.github.io/ark/v0.10.0/get-started
+[5]: https://console.cloud.google.com/storage/browser/sidamo-backups-new?project=fluted-magpie-218106&organizationId=772167872692
+[6]: https://console.cloud.google.com/compute/snapshots?organizationId=772167872692&project=fluted-magpie-218106&tab=snapshots&snapshotssize=50

kubernetes/gitea-db.yaml

@@ -32,13 +32,19 @@ spec:
           value: gitea
         image: mariadb:10.3.10
         name: gitea-db
-        resources: {}
         ports:
           - containerPort: 3306
             name: mysql
         volumeMounts:
         - mountPath: /var/lib/mysql
           name: gitea-db-data
+        resources:
+          requests:
+            cpu: 250m
+            memory: 150Mi
+          limits:
+            cpu: 500m
+            memory: 300Mi
       restartPolicy: Always
       volumes:
       - name: gitea-db-data

kubernetes/gitea-server.yaml

@@ -1,4 +1,4 @@
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: gitea-server
@@ -6,6 +6,9 @@ metadata:
     app: gitea
 spec:
   replicas: 1
+  selector:
+    matchLabels:
+      app: gitea
   template:
     metadata:
       labels:
@@ -14,19 +17,22 @@ spec:
     spec:
       initContainers:
         - name: init-config
-          image: busybox
+          # This is a busybox image with our gitea customizations saved to
-          command: ['sh', '-c', 'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && chown -R 1000:1000 /data/gitea']
+          # /custom, built using ./script/build_customizations_image from the
+          # root of the repo
+          image: eu.gcr.io/fluted-magpie-218106/gitea_custom:0.1.2
+          command: [
+            'sh', '-c',
+            'mkdir -p /data/gitea/conf && mkdir -p /data/gitea/https && cp /root/conf/app.ini /data/gitea/conf/app.ini && chown 1000:1000 /data/gitea/conf/app.ini && chmod 660 /data/gitea/conf/app.ini && cp /root/conf/*.pem /data/gitea/https && chmod 600 /data/gitea/https/*.pem && cp -R /custom/* /data/gitea && chown -R 1000:1000 /data/gitea'
+          ]
           volumeMounts:
           - mountPath: /data
             name: gitea-server-data
           - mountPath: /root/conf
             name: config
       containers:
-      # This is only used for the initial setup, it does nothing once a app.ini
-      # file exists in the conf/ directory of the data directory
-      # (/data/gitea/conf in our case)
       - name: gitea-server
-        image: gitea/gitea:1.7.1
+        image: gitea/gitea:1.9.0
         ports:
         - containerPort: 3000
         - containerPort: 3001
@@ -34,6 +40,13 @@ spec:
         volumeMounts:
         - mountPath: /data
           name: gitea-server-data
+        resources:
+          requests:
+            cpu: 250m
+            memory: 256Mi
+          limits:
+            cpu: 500m
+            memory: 512Mi
       restartPolicy: Always
       volumes:
       - name: gitea-server-data
@@ -64,7 +77,7 @@ spec:
   - ReadWriteOnce
   resources:
     requests:
-      storage: 1Gi
+      storage: 20Gi
 ---
 apiVersion: v1
 kind: Service

packer/custom.json

@@ -0,0 +1,29 @@
+{
+  "builders": [{
+    "type": "docker",
+    "image": "busybox",
+    "run_command": ["-d", "-i", "-t", "{{.Image}}", "/bin/sh"],
+    "commit": true
+  }],
+  "provisioners": [
+    {
+      "inline": ["mkdir /custom"],
+      "type": "shell"
+    },
+    {
+      "type": "file",
+      "source": "../custom/",
+      "destination": "/custom"
+    }
+  ],
+  "post-processors": [
+    [
+      {
+        "type": "docker-tag",
+        "repository": "eu.gcr.io/fluted-magpie-218106/gitea_custom",
+        "tag": "0.1.2"
+      },
+      "docker-push"
+    ]
+  ]
+}

script/build_customizations_image

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+# fail fast
+set -e
+
+cd packer/
+packer build custom.json
+cd -