chore: bump version up to 1.9.8

.drone.yml

@@ -5,19 +5,18 @@ name: default
 
 trigger:
   event:
-    - push
+  - push
+  - tag
 
 steps:
-  - name: release
-    image: cr.grachevko.ru/drone/helm:0.1.4
-    settings:
-      name: hedgedoc
-      registry: https://harbor.grachevko.ru/chartrepo
-      username:
-        from_secret: HELM_REPO_USERNAME
-      password:
-        from_secret: HELM_REPO_PASSWORD
-    when:
-      branch:
-        - master
-        - rc
+- name: release
+  image: cr.grachevko.ru/drone/helm:24
+  settings:
+    tag: ${DRONE_TAG}
+    username:
+      from_secret: HELM_REPO_USERNAME
+    password:
+      from_secret: HELM_REPO_PASSWORD
+  when:
+    event:
+    - tag

Chart.yaml

@@ -3,7 +3,8 @@ name: hedgedoc
 description: A Helm chart for Kubernetes
 type: application
 version: 0.1.0
-appVersion: 1.9.7
+appVersion: 1.9.8
+icon: https://raw.githubusercontent.com/hedgedoc/hedgedoc/develop/frontend/public/icons/android-chrome-192x192.png
 maintainers:
 - email: me@grachevko.ru
   name: Konstantin Grachev

templates/NOTES.txt

@@ -13,7 +13,7 @@
      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
            You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "hedgedoc.fullname" . }}'
   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "hedgedoc.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
-  echo http://$SERVICE_IP:{{ .Values.service.port }}
+  echo http://$SERVICE_IP:{{ .Values.config.port }}
 {{- else if contains "ClusterIP" .Values.service.type }}
   export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "hedgedoc.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
   export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")

templates/configmap.yaml

@@ -5,107 +5,304 @@ metadata:
   labels:
     {{- include "hedgedoc.labels" . | nindent 4 }}
 data:
+  {{ if .Values.config.sourceURL -}}
   CMD_SOURCE_URL: {{ .Values.config.sourceURL | quote }}
-  CMD_DOMAIN: {{ .Values. config.domain | quote }}
-  CMD_URL_PATH: {{ .Values. config.urlPath | quote }}
-  CMD_HOST: {{ .Values. config.host | quote }}
-  CMD_PORT): {{ .Values. config.port | quote }}
-  CMD_PATH: {{ .Values. config.path | quote }}
-  CMD_LOGLEVEL: {{ .Values. config.loglevel | quote }}
-  CMD_URL_ADDPORT: {{ .Values. config.urlAddPort | quote }}
-  CMD_USESSL: {{ .Values. config.useSSL | quote }}
-  CMD_HSTS_ENABLE: {{ .Values. config.hsts.enable | quote }}
-  CMD_HSTS_MAX_AGE: {{ .Values. config.hsts.maxAgeSeconds | quote }}
-  CMD_HSTS_INCLUDE_SUBDOMAINS: {{ .Values. config.hsts.includeSubdomains | quote }}
-  CMD_HSTS_PRELOAD: {{ .Values. config.hsts.preload | quote }}
-  CMD_CSP_ENABLE: {{ .Values. config.csp.enable | quote }}
-  CMD_CSP_REPORTURI: {{ .Values. config.csp.reportURI | quote }}
-  CMD_CSP_ADD_DISQUS: {{ .Values. config.csp.addDisqus | quote }}
-  CMD_CSP_ADD_GOOGLE_ANALYTICS: {{ .Values. config.csp.addGoogleAnalytics | quote }}
-  CMD_CSP_ALLOW_FRAMING: {{ .Values. config.csp.allowFraming | quote }}
-  CMD_CSP_ALLOW_PDF_EMBED: {{ .Values. config.csp.allowPDFEmbed | quote }}
-  CMD_COOKIE_POLICY: {{ .Values. config.cookiePolicy | quote }}
-  CMD_PROTOCOL_USESSL: {{ .Values. config.protocolUseSSL | quote }}
-  CMD_ALLOW_ORIGIN: {{ .Values. config.allowOrigin | quote }}
-  CMD_ALLOW_ANONYMOUS: {{ .Values. config.allowAnonymous | quote }}
-  CMD_ALLOW_ANONYMOUS_EDITS: {{ .Values. config.allowAnonymousEdits | quote }}
-  CMD_ALLOW_FREEURL: {{ .Values. config.allowFreeURL | quote }}
-  CMD_REQUIRE_FREEURL_AUTHENTICATION: {{ .Values. config.requireFreeURLAuthentication | quote }}
-  CMD_FORBIDDEN_NOTE_IDS: {{ .Values. config.forbiddenNoteIDs | quote }}
-  CMD_DEFAULT_PERMISSION: {{ .Values. config.defaultPermission | quote }}
-  CMD_DB_USERNAME: {{ .Values. config.csp.db.username | quote }}
-  CMD_DB_HOST: {{ .Values. config.csp.db.host | quote }}
-  CMD_DB_PORT: {{ .Values. config.csp.db.port | quote }}
-  CMD_DB_DATABASE: {{ .Values. config.csp.db.database | quote }}
-  CMD_DB_DIALECT: {{ .Values. config.csp.db.dialect | quote }}
-  CMD_SESSION_SECRET: {{ .Values. config.sessionSecret | quote }}
-  CMD_SESSION_LIFE: {{ .Values. config.sessionLife | quote }}
-  CMD_TOOBUSY_LAG: {{ .Values. config.tooBusyLag | quote }}
-  CMD_IMAGE_UPLOAD_TYPE: {{ .Values. config.imageUploadType | quote }}
-  CMD_IMGUR_CLIENTID: {{ .Values. config.imgur.clientID | quote }}
-  CMD_S3_ACCESS_KEY_ID: {{ .Values. config.s3.accessKeyId | quote }}
-  CMD_S3_REGION: {{ .Values. config.s3.region | quote }}
-  CMD_S3_ENDPOINT: {{ .Values. config.s3.endpoint | quote }}
-  CMD_S3_BUCKET: {{ .Values. config.s3bucket | quote }}
-  CMD_S3_FOLDER: {{ .Values. config.s3folder | quote }}
-  CMD_S3_PUBLIC_FILES: {{ .Values. config.s3publicFiles | quote }}
-  CMD_MINIO_ACCESS_KEY: {{ .Values. config.minio.accessKey | quote }}
-  CMD_MINIO_ENDPOINT: {{ .Values. config.minio.endPoint | quote }}
-  CMD_MINIO_SECURE: {{ .Values. config.minio.secure | quote }}
-  CMD_MINIO_PORT: {{ .Values. config.minio.port | quote }}
-  CMD_LUTIM_URL: {{ .Values. config.lutim.url | quote }}
-  CMD_AZURE_CONNECTION_STRING: {{ .Values. config.azure.connectionString | quote }}
-  CMD_AZURE_CONTAINER: {{ .Values. config.azure.container | quote }}
-  CMD_FACEBOOK_CLIENTID: {{ .Values. config.facebook.clientID | quote }}
-  CMD_TWITTER_CONSUMERKEY: {{ .Values. config.twitter.consumerKey | quote }}
-  CMD_GITHUB_CLIENTID: {{ .Values. config.github.clientID | quote }}
-  CMD_GITLAB_BASEURL: {{ .Values. config.gitlab.baseURL | quote }}
-  CMD_GITLAB_CLIENTID: {{ .Values. config.gitlab.clientID | quote }}
-  CMD_GITLAB_SCOPE: {{ .Values. config.gitlab.scope | quote }}
-  CMD_MATTERMOST_BASEURL: {{ .Values. config.mattermost.baseURL | quote }}
-  CMD_MATTERMOST_CLIENTID: {{ .Values. config.mattermost.clientID | quote }}
-  CMD_OAUTH2_PROVIDERNAME: {{ .Values. config.oauth2.providerName | quote }}
-  CMD_OAUTH2_BASEURL: {{ .Values. config.oauth2.baseURL | quote }}
-  CMD_OAUTH2_USER_PROFILE_URL: {{ .Values. config.oauth2.userProfileURL | quote }}
-  CMD_OAUTH2_USER_PROFILE_ID_ATTR: {{ .Values. config.oauth2.userProfileIdAttr | quote }}
-  CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR: {{ .Values. config.oauth2.userProfileUsernameAttr | quote }}
-  CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR: {{ .Values. config.oauth2.userProfileDisplayNameAttr | quote }}
-  CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR: {{ .Values. config.oauth2.userProfileEmailAttr | quote }}
-  CMD_OAUTH2_TOKEN_URL: {{ .Values. config.oauth2.tokenURL | quote }}
-  CMD_OAUTH2_AUTHORIZATION_URL: {{ .Values. config.oauth2.authorizationURL | quote }}
-  CMD_OAUTH2_CLIENT_ID: {{ .Values. config.oauth2.clientID | quote }}
-  CMD_OAUTH2_SCOPE: {{ .Values. config.oauth2.scope | quote }}
-  CMD_OAUTH2_ROLES_CLAIM: {{ .Values. config.oauth2.rolesClaim | quote }}
-  CMD_OAUTH2_ACCESS_ROLE: {{ .Values. config.oauth2.accessRole | quote }}
-  CMD_DROPBOX_CLIENTID: {{ .Values. config.dropbox.clientID | quote }}
-  CMD_DROPBOX_APPKEY: {{ .Values. config.dropbox.appKey | quote }}
-  CMD_GOOGLE_CLIENTID: {{ .Values. config.google.clientID | quote }}
-  CMD_GOOGLE_HOSTEDDOMAIN: {{ .Values. config.google.hostedDomain | quote }}
-  CMD_LDAP_PROVIDERNAME: {{ .Values. config.ldap.providerName | quote }}
-  CMD_LDAP_URL: {{ .Values. config.ldap.url | quote }}
-  CMD_LDAP_BINDDN: {{ .Values. config.ldap.bindDn | quote }}
-  CMD_LDAP_BINDCREDENTIALS: {{ .Values. config.ldap.bindCredentials | quote }}
-  CMD_LDAP_SEARCHBASE: {{ .Values. config.ldap.searchBase | quote }}
-  CMD_LDAP_SEARCHFILTER: {{ .Values. config.ldap.searchFilter | quote }}
-  CMD_LDAP_SEARCHATTRIBUTES: {{ .Values. config.ldap.searchAttributes | quote }}
-  CMD_LDAP_USERNAMEFIELD: {{ .Values. config.ldap.usernameField | quote }}
-  CMD_LDAP_USERIDFIELD: {{ .Values. config.ldap.useridField | quote }}
-  CMD_LDAP_TLS_CA: {{ .Values. config.ldap.tlsca | quote }}
-  CMD_SAML_PROVIDERNAME: {{ .Values. config.saml.providerName | quote }}
-  CMD_SAML_IDPSSOURL: {{ .Values. config.saml.idpSsoUrl | quote }}
-  CMD_SAML_IDPCERT: {{ .Values. config.saml.idpCert | quote }}
-  CMD_SAML_CLIENTCERT: {{ .Values. config.saml.clientCert | quote }}
-  CMD_SAML_ISSUER: {{ .Values. config.saml.issuer | quote }}
-  CMD_SAML_IDENTIFIERFORMAT: {{ .Values. config.saml.identifierFormat | quote }}
-  CMD_SAML_DISABLEREQUESTEDAUTHNCONTEXT: {{ .Values. config.saml.disableRequestedAuthnContext | quote }}
-  CMD_SAML_GROUPATTRIBUTE: {{ .Values. config.saml.groupAttribute | quote }}
-  CMD_SAML_EXTERNALGROUPS: {{ .Values. config.saml.externalGroups | quote }}
-  CMD_SAML_REQUIREDGROUPS: {{ .Values. config.saml.requiredGroups | quote }}
-  CMD_SAML_ATTRIBUTE_ID: {{ .Values. config.saml.attribute.id | quote }}
-  CMD_SAML_ATTRIBUTE_USERNAME: {{ .Values. config.saml.attribute.username | quote }}
-  CMD_SAML_ATTRIBUTE_EMAIL: {{ .Values. config.saml.attribute.email | quote }}
-  CMD_EMAIL: {{ .Values. config.email | quote }}
-  CMD_ALLOW_EMAIL_REGISTER: {{ .Values. config.allowEmailRegister | quote }}
-  CMD_ALLOW_GRAVATAR: {{ .Values. config.allowGravatar | quote }}
-  CMD_OPENID: {{ .Values. config.openID | quote }}
-  CMD_LINKIFY_HEADER_STYLE: {{ .Values. config.linkifyHeaderStyle | quote }}
+  {{ end -}}
+  CMD_DOMAIN: {{ .Values.config.domain | quote }}
+  CMD_URL_PATH: {{ .Values.config.urlPath | quote }}
+  CMD_HOST: {{ .Values.config.host | quote }}
+  CMD_PORT: {{ .Values.config.port | quote }}
+  {{  if .Values.config.path -}}
+  CMD_PATH: {{ .Values.config.path | quote }}
+  {{ end -}}
+  {{  if .Values.config.loglevel -}}
+  CMD_LOGLEVEL: {{ .Values.config.loglevel | quote }}
+  {{ end -}}
+  {{  if .Values.config.urlAddPort -}}
+  CMD_URL_ADDPORT: {{ .Values.config.urlAddPort | quote }}
+  {{ end -}}
+  {{  if .Values.config.useSSL -}}
+  CMD_USESSL: {{ .Values.config.useSSL | quote }}
+  {{ end -}}
+  {{  if .Values.config.hsts.enable -}}
+  CMD_HSTS_ENABLE: {{ .Values.config.hsts.enable | quote }}
+  {{ end -}}
+  {{  if .Values.config.hsts.maxAgeSeconds -}}
+  CMD_HSTS_MAX_AGE: {{ .Values.config.hsts.maxAgeSeconds | quote }}
+  {{ end -}}
+  {{  if .Values.config.hsts.includeSubdomains -}}
+  CMD_HSTS_INCLUDE_SUBDOMAINS: {{ .Values.config.hsts.includeSubdomains | quote }}
+  {{ end -}}
+  {{  if .Values.config.hsts.preload -}}
+  CMD_HSTS_PRELOAD: {{ .Values.config.hsts.preload | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.enable -}}
+  CMD_CSP_ENABLE: {{ .Values.config.csp.enable | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.reportURI -}}
+  CMD_CSP_REPORTURI: {{ .Values.config.csp.reportURI | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.addDisqus -}}
+  CMD_CSP_ADD_DISQUS: {{ .Values.config.csp.addDisqus | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.addGoogleAnalytics -}}
+  CMD_CSP_ADD_GOOGLE_ANALYTICS: {{ .Values.config.csp.addGoogleAnalytics | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.allowFraming -}}
+  CMD_CSP_ALLOW_FRAMING: {{ .Values.config.csp.allowFraming | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.allowPDFEmbed -}}
+  CMD_CSP_ALLOW_PDF_EMBED: {{ .Values.config.csp.allowPDFEmbed | quote }}
+  {{ end -}}
+  {{  if .Values.config.cookiePolicy -}}
+  CMD_COOKIE_POLICY: {{ .Values.config.cookiePolicy | quote }}
+  {{ end -}}
+  {{  if .Values.config.protocolUseSSL -}}
+  CMD_PROTOCOL_USESSL: {{ .Values.config.protocolUseSSL | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowOrigin -}}
+  CMD_ALLOW_ORIGIN: {{ .Values.config.allowOrigin | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowAnonymous -}}
+  CMD_ALLOW_ANONYMOUS: {{ .Values.config.allowAnonymous | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowAnonymousEdits -}}
+  CMD_ALLOW_ANONYMOUS_EDITS: {{ .Values.config.allowAnonymousEdits | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowFreeURL -}}
+  CMD_ALLOW_FREEURL: {{ .Values.config.allowFreeURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.requireFreeURLAuthentication -}}
+  CMD_REQUIRE_FREEURL_AUTHENTICATION: {{ .Values.config.requireFreeURLAuthentication | quote }}
+  {{ end -}}
+  {{  if .Values.config.forbiddenNoteIDs -}}
+  CMD_FORBIDDEN_NOTE_IDS: {{ .Values.config.forbiddenNoteIDs | quote }}
+  {{ end -}}
+  {{  if .Values.config.defaultPermission -}}
+  CMD_DEFAULT_PERMISSION: {{ .Values.config.defaultPermission | quote }}
+  {{ end -}}
+  {{  if .Values.config.db.username -}}
+  CMD_DB_USERNAME: {{ .Values.config.db.username | quote }}
+  {{ end -}}
+  {{  if .Values.config.db.host -}}
+  CMD_DB_HOST: {{ .Values.config.db.host | quote }}
+  {{ end -}}
+  {{  if .Values.config.db.port -}}
+  CMD_DB_PORT: {{ .Values.config.db.port | quote }}
+  {{ end -}}
+  {{  if .Values.config.db.database -}}
+  CMD_DB_DATABASE: {{ .Values.config.db.database | quote }}
+  {{ end -}}
+  {{  if .Values.config.db.dialect -}}
+  CMD_DB_DIALECT: {{ .Values.config.db.dialect | quote }}
+  {{ end -}}
+  {{  if .Values.config.sessionLife -}}
+  CMD_SESSION_LIFE: {{ .Values.config.sessionLife | quote }}
+  {{ end -}}
+  {{  if .Values.config.tooBusyLag -}}
+  CMD_TOOBUSY_LAG: {{ .Values.config.tooBusyLag | quote }}
+  {{ end -}}
+  {{  if .Values.config.imageUploadType -}}
+  CMD_IMAGE_UPLOAD_TYPE: {{ .Values.config.imageUploadType | quote }}
+  {{ end -}}
+  {{  if .Values.config.imgur.clientID -}}
+  CMD_IMGUR_CLIENTID: {{ .Values.config.imgur.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3.accessKeyId -}}
+  CMD_S3_ACCESS_KEY_ID: {{ .Values.config.s3.accessKeyId | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3.region -}}
+  CMD_S3_REGION: {{ .Values.config.s3.region | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3.endpoint -}}
+  CMD_S3_ENDPOINT: {{ .Values.config.s3.endpoint | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3bucket -}}
+  CMD_S3_BUCKET: {{ .Values.config.s3bucket | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3folder -}}
+  CMD_S3_FOLDER: {{ .Values.config.s3folder | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3publicFiles -}}
+  CMD_S3_PUBLIC_FILES: {{ .Values.config.s3publicFiles | quote }}
+  {{ end -}}
+  {{  if .Values.config.minio.accessKey -}}
+  CMD_MINIO_ACCESS_KEY: {{ .Values.config.minio.accessKey | quote }}
+  {{ end -}}
+  {{  if .Values.config.minio.endPoint -}}
+  CMD_MINIO_ENDPOINT: {{ .Values.config.minio.endPoint | quote }}
+  {{ end -}}
+  {{  if .Values.config.minio.secure -}}
+  CMD_MINIO_SECURE: {{ .Values.config.minio.secure | quote }}
+  {{ end -}}
+  {{  if .Values.config.minio.port -}}
+  CMD_MINIO_PORT: {{ .Values.config.minio.port | quote }}
+  {{ end -}}
+  {{  if .Values.config.lutim.url -}}
+  CMD_LUTIM_URL: {{ .Values.config.lutim.url | quote }}
+  {{ end -}}
+  {{  if .Values.config.azure.connectionString -}}
+  CMD_AZURE_CONNECTION_STRING: {{ .Values.config.azure.connectionString | quote }}
+  {{ end -}}
+  {{  if .Values.config.azure.container -}}
+  CMD_AZURE_CONTAINER: {{ .Values.config.azure.container | quote }}
+  {{ end -}}
+  {{  if .Values.config.facebook.clientID -}}
+  CMD_FACEBOOK_CLIENTID: {{ .Values.config.facebook.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.twitter.consumerKey -}}
+  CMD_TWITTER_CONSUMERKEY: {{ .Values.config.twitter.consumerKey | quote }}
+  {{ end -}}
+  {{  if .Values.config.github.clientID -}}
+  CMD_GITHUB_CLIENTID: {{ .Values.config.github.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.gitlab.baseURL -}}
+  CMD_GITLAB_BASEURL: {{ .Values.config.gitlab.baseURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.gitlab.clientID -}}
+  CMD_GITLAB_CLIENTID: {{ .Values.config.gitlab.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.gitlab.scope -}}
+  CMD_GITLAB_SCOPE: {{ .Values.config.gitlab.scope | quote }}
+  {{ end -}}
+  {{  if .Values.config.mattermost.baseURL -}}
+  CMD_MATTERMOST_BASEURL: {{ .Values.config.mattermost.baseURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.mattermost.clientID -}}
+  CMD_MATTERMOST_CLIENTID: {{ .Values.config.mattermost.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.providerName -}}
+  CMD_OAUTH2_PROVIDERNAME: {{ .Values.config.oauth2.providerName | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.baseURL -}}
+  CMD_OAUTH2_BASEURL: {{ .Values.config.oauth2.baseURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.userProfileURL -}}
+  CMD_OAUTH2_USER_PROFILE_URL: {{ .Values.config.oauth2.userProfileURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.userProfileIdAttr -}}
+  CMD_OAUTH2_USER_PROFILE_ID_ATTR: {{ .Values.config.oauth2.userProfileIdAttr | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.userProfileUsernameAttr -}}
+  CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR: {{ .Values.config.oauth2.userProfileUsernameAttr | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.userProfileDisplayNameAttr -}}
+  CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR: {{ .Values.config.oauth2.userProfileDisplayNameAttr | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.userProfileEmailAttr -}}
+  CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR: {{ .Values.config.oauth2.userProfileEmailAttr | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.tokenURL -}}
+  CMD_OAUTH2_TOKEN_URL: {{ .Values.config.oauth2.tokenURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.authorizationURL -}}
+  CMD_OAUTH2_AUTHORIZATION_URL: {{ .Values.config.oauth2.authorizationURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.clientID -}}
+  CMD_OAUTH2_CLIENT_ID: {{ .Values.config.oauth2.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.scope -}}
+  CMD_OAUTH2_SCOPE: {{ .Values.config.oauth2.scope | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.rolesClaim -}}
+  CMD_OAUTH2_ROLES_CLAIM: {{ .Values.config.oauth2.rolesClaim | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.accessRole -}}
+  CMD_OAUTH2_ACCESS_ROLE: {{ .Values.config.oauth2.accessRole | quote }}
+  {{ end -}}
+  {{  if .Values.config.dropbox.clientID -}}
+  CMD_DROPBOX_CLIENTID: {{ .Values.config.dropbox.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.dropbox.appKey -}}
+  CMD_DROPBOX_APPKEY: {{ .Values.config.dropbox.appKey | quote }}
+  {{ end -}}
+  {{  if .Values.config.google.clientID -}}
+  CMD_GOOGLE_CLIENTID: {{ .Values.config.google.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.google.hostedDomain -}}
+  CMD_GOOGLE_HOSTEDDOMAIN: {{ .Values.config.google.hostedDomain | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.providerName -}}
+  CMD_LDAP_PROVIDERNAME: {{ .Values.config.ldap.providerName | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.url -}}
+  CMD_LDAP_URL: {{ .Values.config.ldap.url | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.bindDn -}}
+  CMD_LDAP_BINDDN: {{ .Values.config.ldap.bindDn | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.bindCredentials -}}
+  CMD_LDAP_BINDCREDENTIALS: {{ .Values.config.ldap.bindCredentials | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.searchBase -}}
+  CMD_LDAP_SEARCHBASE: {{ .Values.config.ldap.searchBase | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.searchFilter -}}
+  CMD_LDAP_SEARCHFILTER: {{ .Values.config.ldap.searchFilter | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.searchAttributes -}}
+  CMD_LDAP_SEARCHATTRIBUTES: {{ .Values.config.ldap.searchAttributes | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.usernameField -}}
+  CMD_LDAP_USERNAMEFIELD: {{ .Values.config.ldap.usernameField | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.useridField -}}
+  CMD_LDAP_USERIDFIELD: {{ .Values.config.ldap.useridField | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.tlsca -}}
+  CMD_LDAP_TLS_CA: {{ .Values.config.ldap.tlsca | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.providerName -}}
+  CMD_SAML_PROVIDERNAME: {{ .Values.config.saml.providerName | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.idpSsoUrl -}}
+  CMD_SAML_IDPSSOURL: {{ .Values.config.saml.idpSsoUrl | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.idpCert -}}
+  CMD_SAML_IDPCERT: {{ .Values.config.saml.idpCert | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.clientCert -}}
+  CMD_SAML_CLIENTCERT: {{ .Values.config.saml.clientCert | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.issuer -}}
+  CMD_SAML_ISSUER: {{ .Values.config.saml.issuer | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.identifierFormat -}}
+  CMD_SAML_IDENTIFIERFORMAT: {{ .Values.config.saml.identifierFormat | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.disableRequestedAuthnContext -}}
+  CMD_SAML_DISABLEREQUESTEDAUTHNCONTEXT: {{ .Values.config.saml.disableRequestedAuthnContext | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.groupAttribute -}}
+  CMD_SAML_GROUPATTRIBUTE: {{ .Values.config.saml.groupAttribute | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.externalGroups -}}
+  CMD_SAML_EXTERNALGROUPS: {{ .Values.config.saml.externalGroups | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.requiredGroups -}}
+  CMD_SAML_REQUIREDGROUPS: {{ .Values.config.saml.requiredGroups | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.attribute.id -}}
+  CMD_SAML_ATTRIBUTE_ID: {{ .Values.config.saml.attribute.id | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.attribute.username -}}
+  CMD_SAML_ATTRIBUTE_USERNAME: {{ .Values.config.saml.attribute.username | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.attribute.email -}}
+  CMD_SAML_ATTRIBUTE_EMAIL: {{ .Values.config.saml.attribute.email | quote }}
+  {{ end -}}
+  {{  if .Values.config.email -}}
+  CMD_EMAIL: {{ .Values.config.email | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowEmailRegister -}}
+  CMD_ALLOW_EMAIL_REGISTER: {{ .Values.config.allowEmailRegister | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowGravatar -}}
+  CMD_ALLOW_GRAVATAR: {{ .Values.config.allowGravatar | quote }}
+  {{ end -}}
+  {{  if .Values.config.openID -}}
+  CMD_OPENID: {{ .Values.config.openID | quote }}
+  {{ end -}}
+  {{  if .Values.config.linkifyHeaderStyle -}}
+  CMD_LINKIFY_HEADER_STYLE: {{ .Values.config.linkifyHeaderStyle | quote }}
+  {{ end -}}

templates/deployment.yaml

@@ -13,8 +13,10 @@ spec:
       {{- include "hedgedoc.selectorLabels" . | nindent 6 }}
   template:
     metadata:
-      {{- with .Values.podAnnotations }}
       annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+        checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }}
+      {{- with .Values.podAnnotations }}
         {{- toYaml . | nindent 8 }}
       {{- end }}
       labels:
@@ -28,24 +30,34 @@ spec:
       securityContext:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       containers:
-        - name: {{ .Chart.Name }}
-          securityContext:
+      - name: {{ .Chart.Name }}
+        securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.image.registry}}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          ports:
-            - name: http
-              containerPort: {{ .Values.service.port }}
-              protocol: TCP
-          livenessProbe:
-            httpGet:
-              path: /
-              port: http
-          readinessProbe:
-            httpGet:
-              path: /
-              port: http
-          resources:
+        image: "{{ .Values.image.registry}}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        envFrom:
+        - configMapRef:
+            name: {{ include "hedgedoc.fullname" . }}
+          {{- if .Values.existingSecret }}
+        - secretRef:
+            name: {{ .Values.existingSecret }}
+          {{- else }}
+        - secretRef:
+            name: {{ include "hedgedoc.fullname" . }}
+          {{- end }}
+        ports:
+        - name: http
+          containerPort: {{ .Values.config.port }}
+          protocol: TCP
+        livenessProbe:
+          httpGet:
+            path: /
+            port: http
+        readinessProbe:
+          httpGet:
+            path: /
+            port: http
+        resources:
             {{- toYaml .Values.resources | nindent 12 }}
       {{- with .Values.nodeSelector }}
       nodeSelector:

templates/hpa.yaml

@@ -14,15 +14,15 @@ spec:
   maxReplicas: {{ .Values.autoscaling.maxReplicas }}
   metrics:
     {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
-    - type: Resource
-      resource:
-        name: cpu
-        targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+  - type: Resource
+    resource:
+      name: cpu
+      targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
     {{- end }}
     {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
-    - type: Resource
-      resource:
-        name: memory
-        targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+  - type: Resource
+    resource:
+      name: memory
+      targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
     {{- end }}
 {{- end }}

templates/ingress.yaml

@@ -1,6 +1,6 @@
 {{- if .Values.ingress.enabled -}}
 {{- $fullName := include "hedgedoc.fullname" . -}}
-{{- $svcPort := .Values.service.port -}}
+{{- $svcPort := .Values.config.port -}}
 {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
   {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
   {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
@@ -29,32 +29,32 @@ spec:
   {{- if .Values.ingress.tls }}
   tls:
     {{- range .Values.ingress.tls }}
-    - hosts:
+  - hosts:
         {{- range .hosts }}
-        - {{ . | quote }}
+    - {{ . | quote }}
         {{- end }}
-      secretName: {{ .secretName }}
+    secretName: {{ .secretName }}
     {{- end }}
   {{- end }}
   rules:
     {{- range .Values.ingress.hosts }}
-    - host: {{ .host | quote }}
-      http:
-        paths:
+  - host: {{ .host | quote }}
+    http:
+      paths:
           {{- range .paths }}
-          - path: {{ .path }}
+      - path: {{ .path }}
             {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
-            pathType: {{ .pathType }}
+        pathType: {{ .pathType }}
             {{- end }}
-            backend:
+        backend:
               {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
-              service:
-                name: {{ $fullName }}
-                port:
-                  number: {{ $svcPort }}
+          service:
+            name: {{ $fullName }}
+            port:
+              number: {{ $svcPort }}
               {{- else }}
-              serviceName: {{ $fullName }}
-              servicePort: {{ $svcPort }}
+          serviceName: {{ $fullName }}
+          servicePort: {{ $svcPort }}
               {{- end }}
           {{- end }}
     {{- end }}

templates/secrets.yaml

@@ -7,17 +7,41 @@ metadata:
     {{- include "hedgedoc.labels" . | nindent 4 }}
 type: Opaque
 data:
-  CMD_DB_URL: {{ .Values. config.dbURL | quote }}
-  CMD_DB_PASSWORD: {{ .Values. config.csp.db.password | quote }}
-  CMD_S3_SECRET_ACCESS_KEY: {{ .Values. config.s3.secretAccessKey | quote }}
-  CMD_MINIO_SECRET_KEY: {{ .Values. config.minio.secretKey | quote }}
-  CMD_FACEBOOK_CLIENTSECRET: {{ .Values. config.facebook.clientSecret | quote }}
-  CMD_TWITTER_CONSUMERSECRET: {{ .Values. config.twitter.consumerSecret | quote }}
-  CMD_GITHUB_CLIENTSECRET: {{ .Values. config.github.clientSecret | quote }}
-  CMD_GITLAB_CLIENTSECRET: {{ .Values. config.gitlab.clientSecret | quote }}
-  CMD_MATTERMOST_CLIENTSECRET: {{ .Values. config.mattermost.clientSecret | quote }}
-  CMD_OAUTH2_CLIENT_SECRET: {{ .Values. config.oauth2.clientSecret | quote }}
-  CMD_DROPBOX_CLIENTSECRET: {{ .Values. config.dropbox.clientSecret | quote }}
-  CMD_GOOGLE_CLIENTSECRET: {{ .Values. config.google.clientSecret | quote }}
-
+  CMD_SESSION_SECRET: {{ default (randAlphaNum 64) .Values.config.sessionSecret | b64enc | quote }}
+  {{ if .Values.config.dbURL  -}}
+  CMD_DB_URL: {{ .Values.config.dbURL | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.db.password  -}}
+  CMD_DB_PASSWORD: {{ .Values.config.db.password | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.s3.secretAccessKey  -}}
+  CMD_S3_SECRET_ACCESS_KEY: {{ .Values.config.s3.secretAccessKey | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.minio.secretKey  -}}
+  CMD_MINIO_SECRET_KEY: {{ .Values.config.minio.secretKey | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.facebook.clientSecret  -}}
+  CMD_FACEBOOK_CLIENTSECRET: {{ .Values.config.facebook.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.twitter.consumerSecret  -}}
+  CMD_TWITTER_CONSUMERSECRET: {{ .Values.config.twitter.consumerSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.github.clientSecret  -}}
+  CMD_GITHUB_CLIENTSECRET: {{ .Values.config.github.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.gitlab.clientSecret  -}}
+  CMD_GITLAB_CLIENTSECRET: {{ .Values.config.gitlab.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.mattermost.clientSecret  -}}
+  CMD_MATTERMOST_CLIENTSECRET: {{ .Values.config.mattermost.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.oauth2.clientSecret  -}}
+  CMD_OAUTH2_CLIENT_SECRET: {{ .Values.config.oauth2.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.dropbox.clientSecret  -}}
+  CMD_DROPBOX_CLIENTSECRET: {{ .Values.config.dropbox.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.google.clientSecret  -}}
+  CMD_GOOGLE_CLIENTSECRET: {{ .Values.config.google.clientSecret | b64enc  | quote }}
+  {{- end }}
 {{- end }}

templates/service.yaml

@@ -7,9 +7,9 @@ metadata:
 spec:
   type: {{ .Values.service.type }}
   ports:
-    - port: {{ .Values.service.port }}
-      targetPort: http
-      protocol: TCP
-      name: http
+  - port: {{ .Values.config.port }}
+    targetPort: http
+    protocol: TCP
+    name: http
   selector:
     {{- include "hedgedoc.selectorLabels" . | nindent 4 }}

templates/tests/test-connection.yaml

@@ -8,8 +8,8 @@ metadata:
     "helm.sh/hook": test
 spec:
   containers:
-    - name: wget
-      image: busybox
-      command: ['wget']
-      args: ['{{ include "hedgedoc.fullname" . }}:{{ .Values.service.port }}']
+  - name: wget
+    image: busybox
+    command: ['wget']
+    args: ['{{ include "hedgedoc.fullname" . }}:{{ .Values.config.port }}']
   restartPolicy: Never

values.yaml

@@ -2,8 +2,8 @@ config:
   sourceURL: ""
   domain: ""
   urlPath: ""
-  host: ""
-  port: ""
+  host: 0.0.0.0
+  port: 3000
   path: ""
   loglevel: ""
   urlAddPort: ""
@@ -31,12 +31,12 @@ config:
   defaultPermission: ""
   dbURL: ""
   db:
-    username: ""
+    username: "hedgedoc"
     password: ""
     host: ""
-    port: ""
-    database: ""
-    dialect: ""
+    port: "5432"
+    database: "hedgedoc"
+    dialect: "postgres"
   sessionSecret: ""
   sessionLife: ""
   tooBusyLag: ""
@@ -150,7 +150,7 @@ image:
   # Overrides the image tag whose default is the chart appVersion.
   tag: ""
 
-imagePullSecrets: [ ]
+imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
 
@@ -178,20 +178,21 @@ securityContext: {}
 
 service:
   type: ClusterIP
-  port: 3000
+  # Port option used from config.port
+  #  port: 3000
 
 ingress:
   enabled: false
   className: ""
   annotations: {}
-    # kubernetes.io/ingress.class: nginx
+  # kubernetes.io/ingress.class: nginx
   # kubernetes.io/tls-acme: "true"
   hosts:
   - host: chart-example.local
     paths:
     - path: /
       pathType: ImplementationSpecific
-  tls: [ ]
+  tls: []
   #  - secretName: chart-example-tls
   #    hosts:
   #      - chart-example.local
@@ -217,6 +218,6 @@ autoscaling:
 
 nodeSelector: {}
 
-tolerations: [ ]
+tolerations: []
 
 affinity: {}