Files
2026-07-05 12:11:18 +00:00

211 lines
5.7 KiB
YAML

version: 1
kind: platform-infra-gitea
metadata:
id: gitea-internal-mirror
owner: unidesk
spec: GH-1548/GH-1550
relatedIssues:
- 1548
- 1549
- 1550
defaults:
targetId: JD01
migration:
role: gitea-actions-driven-cicd-source-authority
replaces: branch-follower-self-maintained-branch-observer
parentConfigRef: config/cicd-gitea-actions-poc.yaml#spec.sourceAuthority.giteaMirror
envReusePolicy: preserve-existing-runtime-env-reuse
buildPlane: controlled-docker-or-buildkit-outside-runtime
runtimePlane: k3s-gitea-service-zero-docker
sourceAuthority:
enabled: true
stage: gitea-controlled-mirror-source-authority
statusAuthority: gitea-repository-refs-plus-snapshot-ref
firstCiConsumer: agentrun-jd01-v02
credentials:
sourceRoot: /root/unidesk
admin:
sourceRef: .env/gitea.auth
format: line-pair
usernameLine: 1
passwordLine: 2
requiredFor:
- repo-bootstrap
- mirror-sync
- snapshot-create
github:
transport: https-token
sourceRef: /root/.config/unidesk/github.env
sourceKey: GH_TOKEN
requiredFor:
- upstream-mirror
- mirror-sync
githubProxy:
enabled: true
url: http://127.0.0.1:10808
noProxy:
- 127.0.0.1
- localhost
- .svc
- .svc.cluster.local
responsibilities:
- name: source-read
current: legacy-git-mirror
target: gitea
disposition: replaced-by-gitea
- name: branch-observation
current: branch-follower
target: gitea-mirror
disposition: replaced-by-gitea
- name: immutable-snapshot-ref
current: legacy-git-mirror-cache
target: gitea-ref
disposition: replaced-by-gitea
- name: gitops-flush
current: legacy-git-mirror
target: github-direct-or-gitea-writeback
disposition: retained-for-gitops-flush
- name: legacy-status
current: branch-follower-status
target: gitea-mirror-status
disposition: migration-readonly
repositories:
- key: agentrun-jd01-v02
targetId: JD01
upstream:
repository: pikasTech/agentrun
cloneUrl: https://github.com/pikasTech/agentrun.git
branch: v0.2
gitea:
owner: mirrors
name: pikasTech-agentrun
mirrorMode: controlled-push
publicRead: true
readUrl: http://gitea-http.devops-infra.svc.cluster.local:3000/mirrors/pikasTech-agentrun.git
gitops:
branch: jd01-v0.2-gitops
flushDisposition: retained-for-gitops-flush
snapshot:
prefix: refs/unidesk/snapshots/gitea-actions/agentrun-v0.2
legacyGitMirror:
readUrl: http://git-mirror-http.devops-infra.svc.cluster.local:8080/pikasTech/agentrun.git
configRef: config/cicd-branch-followers.yaml#followers.agentrun-jd01-v02.nativeStatus.source.gitMirrorReadUrl
disposition: replaced-by-gitea
- key: unidesk-master
targetId: JD01
upstream:
repository: pikasTech/unidesk
cloneUrl: https://github.com/pikasTech/unidesk.git
branch: master
gitea:
owner: mirrors
name: pikasTech-unidesk
mirrorMode: controlled-push
publicRead: true
readUrl: http://gitea-http.devops-infra.svc.cluster.local:3000/mirrors/pikasTech-unidesk.git
gitops:
branch: master
flushDisposition: not-a-gitops-branch
snapshot:
prefix: refs/unidesk/snapshots/gitea-actions/unidesk-master
legacyGitMirror:
readUrl: http://git-mirror-http.devops-infra.svc.cluster.local:8080/pikasTech/unidesk.git
configRef: config/cicd-branch-followers.yaml#controller.source.gitMirrorReadUrl
disposition: replaced-by-gitea
targets:
- id: JD01
route: JD01:k3s
namespace: devops-infra
role: active-poc
enabled: true
createNamespace: true
storageClassName: local-path
app:
name: gitea
statefulSetName: gitea
serviceName: gitea-http
replicas: 1
image:
repository: docker.gitea.com/gitea
tag: 1.26.4-rootless
pullPolicy: IfNotPresent
service:
type: ClusterIP
httpPort: 3000
sshPort: 2222
server:
domain: gitea.pikapython.com
rootUrl: https://gitea.pikapython.com/
sshDomain: gitea-http.devops-infra.svc.cluster.local
protocol: http
startSshServer: true
publicExposure:
enabled: true
publicBaseUrl: https://gitea.pikapython.com
secretRoot: /root/unidesk/.state/secrets
dns:
hostname: gitea.pikapython.com
expectedA: 82.156.23.220
resolvers: [1.1.1.1, 8.8.8.8, 223.5.5.5, 114.114.114.114]
frpc:
deploymentName: gitea-frpc
secretName: gitea-frpc-secrets
secretKey: frpc.toml
image: fatedier/frpc:v0.68.1
serverAddr: 82.156.23.220
serverPort: 22000
proxyName: platform-infra-gitea-jd01-web
remotePort: 22080
localIP: gitea-http.devops-infra.svc.cluster.local
localPort: 3000
tokenSourceRef: platform-infra/pk01-frp.env
tokenSourceKey: FRP_TOKEN
pk01:
route: PK01
caddyConfigPath: /etc/caddy/Caddyfile
caddyServiceName: caddy
responseHeaderTimeoutSeconds: 600
database:
type: sqlite3
path: /var/lib/gitea/gitea.db
actions:
enabled: true
webhook:
allowedHostList: private,loopback
registration:
disabled: true
storage:
data:
size: 8Gi
mountPath: /var/lib/gitea
config:
size: 1Gi
mountPath: /etc/gitea
securityContext:
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: "1"
memory: 1Gi
probes:
healthPath: /api/healthz
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 12
validation:
waitTimeoutSeconds: 55
healthPath: /api/healthz