diff --git a/apps.yaml b/apps.yaml index feab82d143..e4f88f92cd 100644 --- a/apps.yaml +++ b/apps.yaml @@ -73,7 +73,7 @@ appsInfo: - Click 'I understand' to continue using Falco dashboard gitea: title: Gitea Self-hosted GIT - appVersion: 1.24.5 + appVersion: 1.24.6 repo: https://github.com/go-gitea/gitea maintainers: Gitea relatedLinks: diff --git a/chart/chart-index/Chart.yaml b/chart/chart-index/Chart.yaml index a56c4f384e..3214aa0b5e 100644 --- a/chart/chart-index/Chart.yaml +++ b/chart/chart-index/Chart.yaml @@ -24,7 +24,7 @@ dependencies: version: 0.9.7 repository: https://falcosecurity.github.io/charts - name: gitea - version: 12.2.0 + version: 12.3.0 repository: https://dl.gitea.io/charts - name: harbor version: 1.17.2 diff --git a/charts/gitea/Chart.lock b/charts/gitea/Chart.lock index e173d47651..6b2ab8cf8c 100644 --- a/charts/gitea/Chart.lock +++ b/charts/gitea/Chart.lock @@ -1,15 +1,15 @@ dependencies: - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 16.7.26 + version: 16.7.27 - name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 16.2.2 + version: 16.3.2 - name: valkey-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 3.0.23 + version: 3.0.24 - name: valkey repository: oci://registry-1.docker.io/bitnamicharts - version: 3.0.30 -digest: sha256:efbb4d491704539d74879b7679bdd39bd727b6dead920c50a7126866e9c1c2fa -generated: "2025-08-14T21:44:28.086112741Z" + version: 3.0.31 +digest: sha256:ceb6a1890cfdc2627abb85d3e2a4baa64d30afd21dcfabce978a824a67f0a2bb +generated: "2025-08-30T00:03:04.59764502Z" diff --git a/charts/gitea/Chart.yaml b/charts/gitea/Chart.yaml index ca6ce06bad..965c8ae85b 100644 --- a/charts/gitea/Chart.yaml +++ b/charts/gitea/Chart.yaml @@ -1,50 +1,56 @@ annotations: artifacthub.io/changes: | - kind: changed - description: adapt indentation of extraInitContainer tests + description: update lockfiles (#950) - kind: changed - description: fulfill MD044/proper-names - - kind: added - description: support further initContainers + description: update workflow dependencies (minor & patch) (#949) - kind: changed - description: update lockfiles (#929) + description: update dependency go-gitea/gitea to v1.24.6 (#948) - kind: changed - description: update bats testing framework (#927) + description: update lockfiles (#947) - kind: changed - description: update lockfiles (#926) + description: update https://github.com/aws-actions/configure-aws-credentials action to v5 (#946) - kind: changed - description: update subcharts (minor & patch) (#922) + description: update lockfiles (#945) - kind: changed - description: update dependency go-gitea/gitea to v1.24.5 (#925) - - kind: fixed - description: add lockFileMaintenance (#924) + description: update actions/checkout action to v5 (#928) - kind: changed - description: update dependency go-gitea/gitea to v1.24.4 (#919) + description: update workflow dependencies (minor & patch) (#943) - kind: changed - description: update docker.io/thegeeklab/git-sv docker tag to v2.0.4 (#921) + description: update subcharts (minor & patch) (#942) - kind: changed - description: update dependency helm-unittest/helm-unittest to v1 (#914) + description: update subcharts (minor & patch) (#941) - kind: changed - description: be compliant with markdownlint (#923) + description: update unittests/bash/test_helper/bats-support digest to 0954abb (#939) + - kind: changed + description: update alpine/helm docker tag to v3.18.5 (#940) + - kind: changed + description: update maintainers list - add ChristopherHX (#937) + - kind: changed + description: update maintainers list - DaanSelen (#936) + - kind: changed + description: update maintainers list - volker.raschek (#933) + - kind: changed + description: update maintainers list - rossigee (#932) apiVersion: v2 -appVersion: 1.24.5 +appVersion: 1.24.6 dependencies: - condition: postgresql.enabled name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 16.7.26 + version: 16.7.27 - condition: postgresql-ha.enabled name: postgresql-ha repository: oci://registry-1.docker.io/bitnamicharts - version: 16.2.2 + version: 16.3.2 - condition: valkey-cluster.enabled name: valkey-cluster repository: oci://registry-1.docker.io/bitnamicharts - version: 3.0.23 + version: 3.0.24 - condition: valkey.enabled name: valkey repository: oci://registry-1.docker.io/bitnamicharts - version: 3.0.30 + version: 3.0.31 description: Gitea Helm chart for Kubernetes icon: https://gitea.com/assets/img/logo.svg keywords: @@ -55,18 +61,18 @@ keywords: - gitea - gogs maintainers: -- email: charlie@charliedrage.com - name: Charlie Drage -- email: maintainers@gitea.io - name: Gitea Authors -- email: konrad.lother@novum-rgi.de - name: Konrad Lother -- email: lucas.hahn@novum-rgi.de - name: Lucas Hahn +- email: ross@golder.org + name: Ross Golder +- email: markus.pesch+apps@cryptic.systems + name: Markus Pesch +- email: dselen@nerthus.nl + name: Daan Selen +- email: christopher.homberger@web.de + name: Christopher Homberger name: gitea sources: - https://gitea.com/gitea/helm-gitea - https://github.com/go-gitea/gitea - https://docker.gitea.com/gitea type: application -version: 12.2.0 +version: 12.3.0 diff --git a/charts/gitea/README.md b/charts/gitea/README.md index d1a668e0ae..e712bd73fb 100644 --- a/charts/gitea/README.md +++ b/charts/gitea/README.md @@ -63,8 +63,6 @@ [Gitea](https://gitea.com) is a community managed lightweight code hosting solution written in Go. It is published under the MIT license. -> :warning: This chart is currently unmaintained and in desperate need of a new maintainer. If you want to apply as a maintainer, please comment on [#916](https://gitea.com/gitea/helm-gitea/issues/916) - ## Introduction This helm chart has taken some inspiration from [jfelten's helm chart](https://github.com/jfelten/gitea-helm-chart). diff --git a/charts/gitea/charts/postgresql-ha/Chart.yaml b/charts/gitea/charts/postgresql-ha/Chart.yaml index 83e66eed37..e4231cea0f 100644 --- a/charts/gitea/charts/postgresql-ha/Chart.yaml +++ b/charts/gitea/charts/postgresql-ha/Chart.yaml @@ -2,13 +2,13 @@ annotations: category: Database images: | - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r50 + image: docker.io/bitnami/os-shell:12-debian-12-r51 - name: pgpool - image: docker.io/bitnami/pgpool:4.6.2-debian-12-r7 + image: docker.io/bitnami/pgpool:4.6.3-debian-12-r0 - name: postgres-exporter - image: docker.io/bitnami/postgres-exporter:0.17.1-debian-12-r15 + image: docker.io/bitnami/postgres-exporter:0.17.1-debian-12-r16 - name: postgresql-repmgr - image: docker.io/bitnami/postgresql-repmgr:17.6.0-debian-12-r0 + image: docker.io/bitnami/postgresql-repmgr:17.6.0-debian-12-r2 licenses: Apache-2.0 tanzuCategory: service apiVersion: v2 @@ -40,4 +40,4 @@ maintainers: name: postgresql-ha sources: - https://github.com/bitnami/charts/tree/main/bitnami/postgresql-ha -version: 16.2.2 +version: 16.3.2 diff --git a/charts/gitea/charts/postgresql-ha/README.md b/charts/gitea/charts/postgresql-ha/README.md index b9ab2c4048..1ee8fdffea 100644 --- a/charts/gitea/charts/postgresql-ha/README.md +++ b/charts/gitea/charts/postgresql-ha/README.md @@ -455,7 +455,7 @@ A default `StorageClass` is needed in the Kubernetes cluster to dynamically prov | `postgresql.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` | | `postgresql.podManagementPolicy` | Sets the pod management policy | `Parallel` | | `postgresql.livenessProbe.enabled` | Enable livenessProbe | `true` | -| `postgresql.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `postgresql.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `15` | | `postgresql.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | | `postgresql.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | | `postgresql.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | diff --git a/charts/gitea/charts/postgresql-ha/templates/_helpers.tpl b/charts/gitea/charts/postgresql-ha/templates/_helpers.tpl index 4c53eaec4f..55fc25aeec 100644 --- a/charts/gitea/charts/postgresql-ha/templates/_helpers.tpl +++ b/charts/gitea/charts/postgresql-ha/templates/_helpers.tpl @@ -450,19 +450,3 @@ Return the path to the cert key file. {{- define "postgresql-ha.postgresql.tlsCertKey" -}} {{- required "Certificate Key filename is required when TLS in enabled" .Values.postgresql.tls.certKeyFilename | printf "/opt/bitnami/postgresql/certs/%s" -}} {{- end -}} - -{{/* -Get the readiness probe command -*/}} -{{- define "postgresql-ha.readinessProbeCommand" -}} -{{- $block := index .context.Values .component }} -{{- if eq .component "postgresql" -}} -- | - exec pg_isready -U "postgres" {{- if $block.tls.enabled }} -d "sslcert={{ include "postgresql-ha.postgresql.tlsCert" .context }} sslkey={{ include "postgresql-ha.postgresql.tlsCertKey" .context }}"{{- end }} -h 127.0.0.1 -p {{ $block.containerPorts.postgresql }} -{{- if contains "bitnami/" $block.image.repository }} - [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] -{{- end }} -{{- else -}} -- exec pg_isready -U "postgres" -h 127.0.0.1 -p {{ $block.containerPorts.postgresql }} -{{- end }} -{{- end -}} diff --git a/charts/gitea/charts/postgresql-ha/templates/postgresql/hooks-scripts-configmap.yaml b/charts/gitea/charts/postgresql-ha/templates/postgresql/hooks-scripts-configmap.yaml deleted file mode 100644 index 8977a2501b..0000000000 --- a/charts/gitea/charts/postgresql-ha/templates/postgresql/hooks-scripts-configmap.yaml +++ /dev/null @@ -1,136 +0,0 @@ -{{- /* -Copyright Broadcom, Inc. All Rights Reserved. -SPDX-License-Identifier: APACHE-2.0 -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ printf "%s-hooks-scripts" (include "postgresql-ha.postgresql" .) }} - namespace: {{ include "common.names.namespace" . | quote }} - labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} - app.kubernetes.io/component: postgresql - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -data: - pre-stop.sh: |- - #!/bin/bash - set -o errexit - set -o pipefail - set -o nounset - - # Debug section - exec 3>&1 - exec 4>&2 - - # Process input parameters - MIN_DELAY_AFTER_PG_STOP_SECONDS=$1 - - # Load Libraries - . /opt/bitnami/scripts/liblog.sh - . /opt/bitnami/scripts/libpostgresql.sh - . /opt/bitnami/scripts/librepmgr.sh - - # Load PostgreSQL & repmgr environment variables - . /opt/bitnami/scripts/postgresql-env.sh - - # Auxiliary functions - is_new_primary_ready() { - return_value=1 - currenty_primary_node="$(repmgr_get_primary_node)" - currenty_primary_host="$(echo $currenty_primary_node | awk '{print $1}')" - - info "$currenty_primary_host != $REPMGR_NODE_NETWORK_NAME" - if [[ $(echo $currenty_primary_node | wc -w) -eq 2 ]] && [[ "$currenty_primary_host" != "$REPMGR_NODE_NETWORK_NAME" ]]; then - info "New primary detected, leaving the cluster..." - return_value=0 - else - info "Waiting for a new primary to be available..." - fi - return $return_value - } - - export MODULE="pre-stop-hook" - - if [[ "${BITNAMI_DEBUG}" == "true" ]]; then - info "Bash debug is on" - else - info "Bash debug is off" - exec 1>/dev/null - exec 2>/dev/null - fi - - postgresql_enable_nss_wrapper - - # Prepare env vars for managing roles - readarray -t primary_node < <(repmgr_get_upstream_node) - primary_host="${primary_node[0]}" - - # Stop postgresql for graceful exit. - PG_STOP_TIME=$EPOCHSECONDS - postgresql_stop - - if [[ -z "$primary_host" ]] || [[ "$primary_host" == "$REPMGR_NODE_NETWORK_NAME" ]]; then - info "Primary node need to wait for a new primary node before leaving the cluster" - retry_while is_new_primary_ready 10 5 - else - info "Standby node doesn't need to wait for a new primary switchover. Leaving the cluster" - fi - - # Make sure pre-stop hook waits at least 25 seconds after stop of PG to make sure PGPOOL detects node is down. - # default terminationGracePeriodSeconds=30 seconds - PG_STOP_DURATION=$(($EPOCHSECONDS - $PG_STOP_TIME)) - if (( $PG_STOP_DURATION < $MIN_DELAY_AFTER_PG_STOP_SECONDS )); then - WAIT_TO_PG_POOL_TIME=$(($MIN_DELAY_AFTER_PG_STOP_SECONDS - $PG_STOP_DURATION)) - info "PG stopped including primary switchover in $PG_STOP_DURATION. Waiting additional $WAIT_TO_PG_POOL_TIME seconds for PG pool" - sleep $WAIT_TO_PG_POOL_TIME - fi - - readiness-probe.sh: |- - #!/bin/bash - set -o errexit - set -o pipefail - set -o nounset - - # Debug section - exec 3>&1 - exec 4>&2 - - # Load Libraries - . /opt/bitnami/scripts/liblog.sh - . /opt/bitnami/scripts/libpostgresql.sh - - # Load PostgreSQL & repmgr environment variables - . /opt/bitnami/scripts/postgresql-env.sh - - # Process input parameters - MIN_DELAY_AFTER_POD_READY_FIRST_TIME=$1 - TMP_FIRST_READY_FILE_TS="/tmp/ts-first-ready.mark" - TMP_DELAY_APPLIED_FILE="/tmp/delay-applied.mark" - - DB_CHECK_RESULT=$(echo "SELECT 1" | postgresql_execute_print_output "$POSTGRESQL_DATABASE" "$POSTGRESQL_USERNAME" "$POSTGRESQL_PASSWORD" "-h 127.0.0.1 -tA" || echo "command failed") - if [[ "$DB_CHECK_RESULT" == "1" ]]; then - if [[ ! -f "$TMP_DELAY_APPLIED_FILE" ]]; then - # DB up, but initial readiness delay not applied - if [[ -f "$TMP_FIRST_READY_FILE_TS" ]]; then - # calculate delay from the first readiness success - FIRST_READY_TS=$(cat $TMP_FIRST_READY_FILE_TS) - CURRENT_DELAY_SECONDS=$(($EPOCHSECONDS - $FIRST_READY_TS)) - if (( $CURRENT_DELAY_SECONDS > $MIN_DELAY_AFTER_POD_READY_FIRST_TIME )); then - # minimal delay of the first readiness state passed - report success and mark delay as applied - touch "$TMP_DELAY_APPLIED_FILE" - else - # minimal delay of the first readiness state not reached yet - report failure - exit 1 - fi - else - # first ever readiness test success - store timestamp and report failure - echo $EPOCHSECONDS > $TMP_FIRST_READY_FILE_TS - exit 1 - fi - fi - else - # DB test failed - report failure - exit 1 - fi diff --git a/charts/gitea/charts/postgresql-ha/templates/postgresql/scripts-configmap.yaml b/charts/gitea/charts/postgresql-ha/templates/postgresql/scripts-configmap.yaml new file mode 100644 index 0000000000..84fccb22b7 --- /dev/null +++ b/charts/gitea/charts/postgresql-ha/templates/postgresql/scripts-configmap.yaml @@ -0,0 +1,159 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-scripts" (include "postgresql-ha.postgresql" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" .) | nindent 4 }} + app.kubernetes.io/component: postgresql + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" .) | nindent 4 }} + {{- end }} +data: + pre-stop.sh: |- + #!/bin/bash + + set -o errexit + set -o pipefail + set -o nounset + + # Debug section + exec 3>&1 + exec 4>&2 + + # Process input parameters + MIN_DELAY_AFTER_PG_STOP_SECONDS=$1 + + # Load Libraries + . /opt/bitnami/scripts/libpostgresql.sh + . /opt/bitnami/scripts/librepmgr.sh + + # Load PostgreSQL & repmgr environment variables + . /opt/bitnami/scripts/postgresql-env.sh + + # Auxiliary functions + is_new_primary_ready() { + local -a current_primary_node + readarray -t current_primary_node < <(repmgr_get_primary_node) + local current_primary_host="${current_primary_node[0]}" + + if [[ -n "$current_primary_host" ]] && [[ "$current_primary_host" != "$REPMGR_NODE_NETWORK_NAME" ]]; then + info "New primary detected, leaving the cluster..." + return 0 + fi + + info "Waiting for a new primary to be available..." + return 1 + } + + export MODULE="pre-stop-hook" + if ! is_boolean_yes "$BITNAMI_DEBUG"; then + exec 1>/dev/null + exec 2>/dev/null + fi + + postgresql_enable_nss_wrapper + + # Prepare env vars for managing roles + readarray -t primary_node < <(repmgr_get_upstream_node) + primary_host="${primary_node[0]}" + + # Stop postgresql for graceful exit. + PG_STOP_INIT=$EPOCHSECONDS + postgresql_stop + + if [[ -z "$primary_host" ]] || [[ "$primary_host" = "$REPMGR_NODE_NETWORK_NAME" ]]; then + info "Primary node need to wait for a new primary node before leaving the cluster" + retry_while is_new_primary_ready 10 5 + else + info "Standby node doesn't need to wait for a new primary switchover. Leaving the cluster" + fi + + # Make sure pre-stop hook waits at least 25 seconds after stop of PG to make sure Pgpool-II detects node is down. + # default terminationGracePeriodSeconds=30 seconds + PG_STOP_DURATION=$((EPOCHSECONDS - PG_STOP_INIT)) + if (( PG_STOP_DURATION < MIN_DELAY_AFTER_PG_STOP_SECONDS )); then + WAIT_TO_PG_POOL_TIME=$((MIN_DELAY_AFTER_PG_STOP_SECONDS - PG_STOP_DURATION)) + info "Waiting additional $WAIT_TO_PG_POOL_TIME seconds for Pgpool-II to detect node is down" + sleep $WAIT_TO_PG_POOL_TIME + fi + liveness-probe.sh: |- + #!/bin/bash + + set -o errexit + set -o pipefail + set -o nounset + + # Load Libraries + . /opt/bitnami/scripts/libpostgresql.sh + . /opt/bitnami/scripts/librepmgr.sh + + # Load PostgreSQL & repmgr environment variables + . /opt/bitnami/scripts/postgresql-env.sh + + # Check if PG is ready + pg_isready_args=("-U" "postgres" "-p" "$POSTGRESQL_PORT_NUMBER" "-h" "127.0.0.1") + is_boolean_yes "$POSTGRESQL_ENABLE_TLS" && pg_isready_args+=("-d" "sslcert=$POSTGRESQL_TLS_CERT_FILE sslkey=$POSTGRESQL_TLS_KEY_FILE") + debug_execute pg_isready "${pg_isready_args[@]}" + + # Check if repmgr has split-brain issues + postgresql_enable_nss_wrapper + repmgr_check_status + readiness-probe.sh: |- + #!/bin/bash + + set -o errexit + set -o pipefail + set -o nounset + + # Load Libraries + . /opt/bitnami/scripts/libpostgresql.sh + . /opt/bitnami/scripts/librepmgr.sh + + # Load PostgreSQL & repmgr environment variables + . /opt/bitnami/scripts/postgresql-env.sh + + # We should not proceed if a standby clone is in progress + if ps waux | grep "data standby clone" | grep -qv grep; then + echo "standby clone in progress" + exit 1 + fi + + # Then, let's check if PG is responding to queries +{{- if .Values.postgresql.headlessWithNotReadyAddresses }} + MIN_DELAY_AFTER_POD_READY_FIRST_TIME={{ add .Values.pgpool.livenessProbe.periodSeconds .Values.pgpool.livenessProbe.timeoutSeconds }} + FIRST_READY_TS_FILE="/tmp/.first-ready.epoch" + DELAY_SEMAPHORE="/tmp/.delay" +{{- end }} + if [[ $(PGPASSWORD="$POSTGRESQL_PASSWORD" psql -w -U "$POSTGRESQL_USERNAME" -d $POSTGRESQL_DATABASE -h 127.0.0.1 -p "$POSTGRESQL_PORT_NUMBER" -tA -c "SELECT 1" 2> /dev/null || true) = 1 ]]; then +{{- if .Values.postgresql.headlessWithNotReadyAddresses }} + # DB up, but initial readiness delay not applied + if [[ ! -f "$DELAY_SEMAPHORE" ]] && [[ -f "$FIRST_READY_TS_FILE" ]]; then + # calculate delay from the first readiness success + FIRST_READY_TS=$(cat $FIRST_READY_TS_FILE) + CURRENT_DELAY_SECONDS=$((EPOCHSECONDS - FIRST_READY_TS)) + # Wait for the minimal delay after the first readiness state + if (( CURRENT_DELAY_SECONDS > MIN_DELAY_AFTER_POD_READY_FIRST_TIME )); then + # mark delay as applied + touch "$DELAY_APPLIED_FILE" + else + echo "minimal delay not met" + exit 1 + fi + # first ever readiness test success - store timestamp and report failure + elif [[ ! -f "$DELAY_SEMAPHORE" ]]; then + echo $EPOCHSECONDS > $FIRST_READY_TS_FILE + exit 1 + fi +{{- end }} + # Finally, check if repmgr has split-brain issues + postgresql_enable_nss_wrapper + repmgr_check_status + else + echo "connection to database failed" + exit 1 + fi diff --git a/charts/gitea/charts/postgresql-ha/templates/postgresql/statefulset.yaml b/charts/gitea/charts/postgresql-ha/templates/postgresql/statefulset.yaml index 60a469d409..52ec8d36d7 100644 --- a/charts/gitea/charts/postgresql-ha/templates/postgresql/statefulset.yaml +++ b/charts/gitea/charts/postgresql-ha/templates/postgresql/statefulset.yaml @@ -416,25 +416,15 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.postgresql.livenessProbe "enabled") "context" $) | nindent 12 }} exec: command: - - bash - - -ec - - 'ps waux | grep "data standby clone" | grep -v grep || {{ include "postgresql-ha.pgpassword" . }} psql -w -U {{ include "postgresql-ha.postgresqlUsername" . | quote }} -d {{ (include "postgresql-ha.postgresqlDatabase" .) | quote }} -h 127.0.0.1 -p {{ .Values.postgresql.containerPorts.postgresql }} -c "SELECT 1"' + - /liveness-probe.sh {{- end }} {{- if .Values.postgresql.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.postgresql.customReadinessProbe "context" $) | nindent 12 }} {{- else if .Values.postgresql.readinessProbe.enabled }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.postgresql.readinessProbe "enabled") "context" $) | nindent 12 }} exec: - {{- if .Values.postgresql.headlessWithNotReadyAddresses }} command: - /readiness-probe.sh - - {{ add .Values.pgpool.livenessProbe.periodSeconds .Values.pgpool.livenessProbe.timeoutSeconds | quote }} - {{- else }} - command: - - bash - - -ec - {{- include "postgresql-ha.readinessProbeCommand" (dict "component" "postgresql" "context" $) | nindent 16 }} - {{- end }} {{- end }} {{- if .Values.postgresql.customStartupProbe }} startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.postgresql.customStartupProbe "context" $) | nindent 12 }} @@ -509,10 +499,13 @@ spec: {{- end }} - name: data mountPath: {{ .Values.persistence.mountPath }} - - name: hooks-scripts + - name: scripts mountPath: /pre-stop.sh subPath: pre-stop.sh - - name: hooks-scripts + - name: scripts + mountPath: /liveness-probe.sh + subPath: liveness-probe.sh + - name: scripts mountPath: /readiness-probe.sh subPath: readiness-probe.sh {{- if .Values.postgresql.extraVolumeMounts }} @@ -628,9 +621,9 @@ spec: configMap: name: {{ include "postgresql.metricsCM" . }} {{- end }} - - name: hooks-scripts + - name: scripts configMap: - name: {{ printf "%s-hooks-scripts" (include "postgresql-ha.postgresql" .) }} + name: {{ printf "%s-scripts" (include "postgresql-ha.postgresql" .) }} defaultMode: 0755 {{- if or .Values.postgresql.repmgrConfiguration .Values.postgresql.configuration .Values.postgresql.pgHbaConfiguration .Values.postgresql.configurationCM }} - name: postgresql-config diff --git a/charts/gitea/charts/postgresql-ha/templates/postgresql/witness-statefulset.yaml b/charts/gitea/charts/postgresql-ha/templates/postgresql/witness-statefulset.yaml index c2ebb9f833..b1dc3c9a52 100644 --- a/charts/gitea/charts/postgresql-ha/templates/postgresql/witness-statefulset.yaml +++ b/charts/gitea/charts/postgresql-ha/templates/postgresql/witness-statefulset.yaml @@ -367,9 +367,13 @@ spec: livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.witness.livenessProbe "enabled") "context" $) | nindent 12 }} exec: command: - - bash - - -ec - - '{{ include "postgresql-ha.pgpassword" . }} psql -w -U {{ include "postgresql-ha.postgresqlUsername" . | quote }} -d {{ (include "postgresql-ha.postgresqlDatabase" .) | quote }} -h 127.0.0.1 -p {{ .Values.witness.containerPorts.postgresql }} -c "SELECT 1"' + - pg_isready + - -U + - postgres + - -h + - "127.0.0.1" + - -p + - {{ .Values.witness.containerPorts.postgresql | quote }} {{- end }} {{- if .Values.witness.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.witness.customReadinessProbe "context" $) | nindent 12 }} @@ -379,7 +383,7 @@ spec: command: - bash - -ec - {{- include "postgresql-ha.readinessProbeCommand" (dict "component" "witness" "context" $) | nindent 16 }} + - '{{ include "postgresql-ha.pgpassword" . }} psql -w -U {{ include "postgresql-ha.postgresqlUsername" . | quote }} -d {{ (include "postgresql-ha.postgresqlDatabase" .) | quote }} -h 127.0.0.1 -p {{ .Values.witness.containerPorts.postgresql }} -c "SELECT 1"' {{- end }} {{- if .Values.witness.customStartupProbe }} startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.witness.customStartupProbe "context" $) | nindent 12 }} @@ -442,7 +446,7 @@ spec: {{- end }} - name: data mountPath: {{ .Values.persistence.mountPath }} - - name: hooks-scripts + - name: scripts mountPath: /pre-stop.sh subPath: pre-stop.sh {{- if .Values.witness.extraVolumeMounts }} @@ -554,9 +558,9 @@ spec: configMap: name: {{ include "postgresql.metricsCM" . }} {{- end }} - - name: hooks-scripts + - name: scripts configMap: - name: {{ printf "%s-hooks-scripts" (include "postgresql-ha.postgresql" .) }} + name: {{ printf "%s-scripts" (include "postgresql-ha.postgresql" .) }} defaultMode: 0755 {{- if or .Values.witness.repmgrConfiguration .Values.witness.configuration .Values.witness.pgHbaConfiguration .Values.witness.configurationCM }} - name: postgresql-config diff --git a/charts/gitea/charts/postgresql-ha/values.yaml b/charts/gitea/charts/postgresql-ha/values.yaml index b37c91e8c8..a144b88676 100644 --- a/charts/gitea/charts/postgresql-ha/values.yaml +++ b/charts/gitea/charts/postgresql-ha/values.yaml @@ -120,7 +120,7 @@ postgresql: image: registry: docker.io repository: bitnami/postgresql-repmgr - tag: 17.6.0-debian-12-r0 + tag: 17.6.0-debian-12-r2 digest: "" ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images ## @@ -351,7 +351,7 @@ postgresql: ## livenessProbe: enabled: true - initialDelaySeconds: 30 + initialDelaySeconds: 15 periodSeconds: 10 timeoutSeconds: 5 successThreshold: 1 @@ -694,6 +694,7 @@ postgresql: ## This mode also enables enriched readiness probe implementation which delays first switch of POD to READY state ## after start/restart of container. It gives Pgpool-II time switch node back from DOWN to UP state during rolling ## upgrade. + ## headlessWithNotReadyAddresses: false witness: ## ref: https://hub.docker.com/r/bitnami/postgresql/tags/ @@ -1132,7 +1133,7 @@ pgpool: image: registry: docker.io repository: bitnami/pgpool - tag: 4.6.2-debian-12-r7 + tag: 4.6.3-debian-12-r0 digest: "" ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images ## @@ -1736,7 +1737,7 @@ metrics: image: registry: docker.io repository: bitnami/postgres-exporter - tag: 0.17.1-debian-12-r15 + tag: 0.17.1-debian-12-r16 digest: "" ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images ## @@ -1986,7 +1987,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 12-debian-12-r50 + tag: 12-debian-12-r51 digest: "" ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images ## diff --git a/charts/gitea/charts/postgresql/Chart.yaml b/charts/gitea/charts/postgresql/Chart.yaml index 9c7c988bd9..27351d0ed3 100644 --- a/charts/gitea/charts/postgresql/Chart.yaml +++ b/charts/gitea/charts/postgresql/Chart.yaml @@ -2,11 +2,11 @@ annotations: category: Database images: | - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r50 + image: docker.io/bitnami/os-shell:12-debian-12-r51 - name: postgres-exporter - image: docker.io/bitnami/postgres-exporter:0.17.1-debian-12-r15 + image: docker.io/bitnami/postgres-exporter:0.17.1-debian-12-r16 - name: postgresql - image: docker.io/bitnami/postgresql:17.6.0-debian-12-r0 + image: docker.io/bitnami/postgresql:17.6.0-debian-12-r4 licenses: Apache-2.0 tanzuCategory: service apiVersion: v2 @@ -35,4 +35,4 @@ maintainers: name: postgresql sources: - https://github.com/bitnami/charts/tree/main/bitnami/postgresql -version: 16.7.26 +version: 16.7.27 diff --git a/charts/gitea/charts/postgresql/values.yaml b/charts/gitea/charts/postgresql/values.yaml index 948f533830..01c3ed12e2 100644 --- a/charts/gitea/charts/postgresql/values.yaml +++ b/charts/gitea/charts/postgresql/values.yaml @@ -121,7 +121,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/postgresql - tag: 17.6.0-debian-12-r0 + tag: 17.6.0-debian-12-r4 digest: "" ## Specify a imagePullPolicy ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images @@ -1599,7 +1599,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 12-debian-12-r50 + tag: 12-debian-12-r51 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1708,7 +1708,7 @@ metrics: image: registry: docker.io repository: bitnami/postgres-exporter - tag: 0.17.1-debian-12-r15 + tag: 0.17.1-debian-12-r16 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/gitea/charts/valkey-cluster/Chart.yaml b/charts/gitea/charts/valkey-cluster/Chart.yaml index 96daaf2b19..ab79fb3756 100644 --- a/charts/gitea/charts/valkey-cluster/Chart.yaml +++ b/charts/gitea/charts/valkey-cluster/Chart.yaml @@ -2,9 +2,9 @@ annotations: category: Database images: | - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r50 + image: docker.io/bitnami/os-shell:12-debian-12-r51 - name: redis-exporter - image: docker.io/bitnami/redis-exporter:1.75.0-debian-12-r1 + image: docker.io/bitnami/redis-exporter:1.76.0-debian-12-r0 - name: valkey-cluster image: docker.io/bitnami/valkey-cluster:8.1.3-debian-12-r3 licenses: Apache-2.0 @@ -33,4 +33,4 @@ name: valkey-cluster sources: - https://github.com/bitnami/charts/tree/main/bitnami/valkey-cluster - https://github.com/bitnami/containers/tree/main/bitnami/vakey-cluster -version: 3.0.23 +version: 3.0.24 diff --git a/charts/gitea/charts/valkey-cluster/values.yaml b/charts/gitea/charts/valkey-cluster/values.yaml index fc7b976d79..f13ea7117b 100644 --- a/charts/gitea/charts/valkey-cluster/values.yaml +++ b/charts/gitea/charts/valkey-cluster/values.yaml @@ -435,7 +435,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 12-debian-12-r50 + tag: 12-debian-12-r51 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -917,7 +917,7 @@ metrics: image: registry: docker.io repository: bitnami/redis-exporter - tag: 1.75.0-debian-12-r1 + tag: 1.76.0-debian-12-r0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1123,7 +1123,7 @@ sysctlImage: ## registry: docker.io repository: bitnami/os-shell - tag: 12-debian-12-r50 + tag: 12-debian-12-r51 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/gitea/charts/valkey/Chart.yaml b/charts/gitea/charts/valkey/Chart.yaml index c2345ec277..946f0fc380 100644 --- a/charts/gitea/charts/valkey/Chart.yaml +++ b/charts/gitea/charts/valkey/Chart.yaml @@ -4,13 +4,13 @@ annotations: - name: kubectl image: docker.io/bitnami/kubectl:1.33.4-debian-12-r0 - name: os-shell - image: docker.io/bitnami/os-shell:12-debian-12-r50 + image: docker.io/bitnami/os-shell:12-debian-12-r51 - name: redis-exporter - image: docker.io/bitnami/redis-exporter:1.75.0-debian-12-r1 + image: docker.io/bitnami/redis-exporter:1.76.0-debian-12-r0 - name: valkey image: docker.io/bitnami/valkey:8.1.3-debian-12-r3 - name: valkey-sentinel - image: docker.io/bitnami/valkey-sentinel:8.1.3-debian-12-r2 + image: docker.io/bitnami/valkey-sentinel:8.1.3-debian-12-r3 licenses: Apache-2.0 tanzuCategory: service apiVersion: v2 @@ -36,4 +36,4 @@ maintainers: name: valkey sources: - https://github.com/bitnami/charts/tree/main/bitnami/valkey -version: 3.0.30 +version: 3.0.31 diff --git a/charts/gitea/charts/valkey/values.yaml b/charts/gitea/charts/valkey/values.yaml index 6136a7c027..6e637be6a1 100644 --- a/charts/gitea/charts/valkey/values.yaml +++ b/charts/gitea/charts/valkey/values.yaml @@ -1166,7 +1166,7 @@ sentinel: image: registry: docker.io repository: bitnami/valkey-sentinel - tag: 8.1.3-debian-12-r2 + tag: 8.1.3-debian-12-r3 digest: "" ## Specify a imagePullPolicy ## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images @@ -1652,7 +1652,7 @@ metrics: image: registry: docker.io repository: bitnami/redis-exporter - tag: 1.75.0-debian-12-r1 + tag: 1.76.0-debian-12-r0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -2018,7 +2018,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 12-debian-12-r50 + tag: 12-debian-12-r51 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets.