211 lines
5.7 KiB
YAML
211 lines
5.7 KiB
YAML
version: 1
|
|
kind: platform-infra-gitea
|
|
|
|
metadata:
|
|
id: gitea-internal-mirror
|
|
owner: unidesk
|
|
spec: GH-1548/GH-1550
|
|
relatedIssues:
|
|
- 1548
|
|
- 1549
|
|
- 1550
|
|
|
|
defaults:
|
|
targetId: JD01
|
|
|
|
migration:
|
|
role: gitea-actions-driven-cicd-source-authority
|
|
replaces: branch-follower-self-maintained-branch-observer
|
|
parentConfigRef: config/cicd-gitea-actions-poc.yaml#spec.sourceAuthority.giteaMirror
|
|
envReusePolicy: preserve-existing-runtime-env-reuse
|
|
buildPlane: controlled-docker-or-buildkit-outside-runtime
|
|
runtimePlane: k3s-gitea-service-zero-docker
|
|
|
|
sourceAuthority:
|
|
enabled: true
|
|
stage: gitea-controlled-mirror-source-authority
|
|
statusAuthority: gitea-repository-refs-plus-snapshot-ref
|
|
firstCiConsumer: agentrun-jd01-v02
|
|
credentials:
|
|
sourceRoot: /root/unidesk
|
|
admin:
|
|
sourceRef: .env/gitea.auth
|
|
format: line-pair
|
|
usernameLine: 1
|
|
passwordLine: 2
|
|
requiredFor:
|
|
- repo-bootstrap
|
|
- mirror-sync
|
|
- snapshot-create
|
|
github:
|
|
transport: https-token
|
|
sourceRef: /root/.config/unidesk/github.env
|
|
sourceKey: GH_TOKEN
|
|
requiredFor:
|
|
- upstream-mirror
|
|
- mirror-sync
|
|
githubProxy:
|
|
enabled: true
|
|
url: http://127.0.0.1:10808
|
|
noProxy:
|
|
- 127.0.0.1
|
|
- localhost
|
|
- .svc
|
|
- .svc.cluster.local
|
|
responsibilities:
|
|
- name: source-read
|
|
current: legacy-git-mirror
|
|
target: gitea
|
|
disposition: replaced-by-gitea
|
|
- name: branch-observation
|
|
current: branch-follower
|
|
target: gitea-mirror
|
|
disposition: replaced-by-gitea
|
|
- name: immutable-snapshot-ref
|
|
current: legacy-git-mirror-cache
|
|
target: gitea-ref
|
|
disposition: replaced-by-gitea
|
|
- name: gitops-flush
|
|
current: legacy-git-mirror
|
|
target: github-direct-or-gitea-writeback
|
|
disposition: retained-for-gitops-flush
|
|
- name: legacy-status
|
|
current: branch-follower-status
|
|
target: gitea-mirror-status
|
|
disposition: migration-readonly
|
|
repositories:
|
|
- key: agentrun-jd01-v02
|
|
targetId: JD01
|
|
upstream:
|
|
repository: pikasTech/agentrun
|
|
cloneUrl: https://github.com/pikasTech/agentrun.git
|
|
branch: v0.2
|
|
gitea:
|
|
owner: mirrors
|
|
name: pikasTech-agentrun
|
|
mirrorMode: controlled-push
|
|
publicRead: true
|
|
readUrl: http://gitea-http.devops-infra.svc.cluster.local:3000/mirrors/pikasTech-agentrun.git
|
|
gitops:
|
|
branch: jd01-v0.2-gitops
|
|
flushDisposition: retained-for-gitops-flush
|
|
snapshot:
|
|
prefix: refs/unidesk/snapshots/gitea-actions/agentrun-v0.2
|
|
legacyGitMirror:
|
|
readUrl: http://git-mirror-http.devops-infra.svc.cluster.local:8080/pikasTech/agentrun.git
|
|
configRef: config/cicd-branch-followers.yaml#followers.agentrun-jd01-v02.nativeStatus.source.gitMirrorReadUrl
|
|
disposition: replaced-by-gitea
|
|
- key: unidesk-master
|
|
targetId: JD01
|
|
upstream:
|
|
repository: pikasTech/unidesk
|
|
cloneUrl: https://github.com/pikasTech/unidesk.git
|
|
branch: master
|
|
gitea:
|
|
owner: mirrors
|
|
name: pikasTech-unidesk
|
|
mirrorMode: controlled-push
|
|
publicRead: true
|
|
readUrl: http://gitea-http.devops-infra.svc.cluster.local:3000/mirrors/pikasTech-unidesk.git
|
|
gitops:
|
|
branch: master
|
|
flushDisposition: not-a-gitops-branch
|
|
snapshot:
|
|
prefix: refs/unidesk/snapshots/gitea-actions/unidesk-master
|
|
legacyGitMirror:
|
|
readUrl: http://git-mirror-http.devops-infra.svc.cluster.local:8080/pikasTech/unidesk.git
|
|
configRef: config/cicd-branch-followers.yaml#controller.source.gitMirrorReadUrl
|
|
disposition: replaced-by-gitea
|
|
|
|
targets:
|
|
- id: JD01
|
|
route: JD01:k3s
|
|
namespace: devops-infra
|
|
role: active-poc
|
|
enabled: true
|
|
createNamespace: true
|
|
storageClassName: local-path
|
|
|
|
app:
|
|
name: gitea
|
|
statefulSetName: gitea
|
|
serviceName: gitea-http
|
|
replicas: 1
|
|
image:
|
|
repository: docker.gitea.com/gitea
|
|
tag: 1.26.4-rootless
|
|
pullPolicy: IfNotPresent
|
|
service:
|
|
type: ClusterIP
|
|
httpPort: 3000
|
|
sshPort: 2222
|
|
server:
|
|
domain: gitea.pikapython.com
|
|
rootUrl: https://gitea.pikapython.com/
|
|
sshDomain: gitea-http.devops-infra.svc.cluster.local
|
|
protocol: http
|
|
startSshServer: true
|
|
publicExposure:
|
|
enabled: true
|
|
publicBaseUrl: https://gitea.pikapython.com
|
|
secretRoot: /root/unidesk/.state/secrets
|
|
dns:
|
|
hostname: gitea.pikapython.com
|
|
expectedA: 82.156.23.220
|
|
resolvers: [1.1.1.1, 8.8.8.8, 223.5.5.5, 114.114.114.114]
|
|
frpc:
|
|
deploymentName: gitea-frpc
|
|
secretName: gitea-frpc-secrets
|
|
secretKey: frpc.toml
|
|
image: fatedier/frpc:v0.68.1
|
|
serverAddr: 82.156.23.220
|
|
serverPort: 22000
|
|
proxyName: platform-infra-gitea-jd01-web
|
|
remotePort: 22080
|
|
localIP: gitea-http.devops-infra.svc.cluster.local
|
|
localPort: 3000
|
|
tokenSourceRef: platform-infra/pk01-frp.env
|
|
tokenSourceKey: FRP_TOKEN
|
|
pk01:
|
|
route: PK01
|
|
caddyConfigPath: /etc/caddy/Caddyfile
|
|
caddyServiceName: caddy
|
|
responseHeaderTimeoutSeconds: 600
|
|
database:
|
|
type: sqlite3
|
|
path: /var/lib/gitea/gitea.db
|
|
actions:
|
|
enabled: true
|
|
webhook:
|
|
allowedHostList: private,loopback
|
|
registration:
|
|
disabled: true
|
|
storage:
|
|
data:
|
|
size: 8Gi
|
|
mountPath: /var/lib/gitea
|
|
config:
|
|
size: 1Gi
|
|
mountPath: /etc/gitea
|
|
securityContext:
|
|
runAsUser: 1000
|
|
runAsGroup: 1000
|
|
fsGroup: 1000
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
limits:
|
|
cpu: "1"
|
|
memory: 1Gi
|
|
probes:
|
|
healthPath: /api/healthz
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 12
|
|
|
|
validation:
|
|
waitTimeoutSeconds: 55
|
|
healthPath: /api/healthz
|