chore(deps): update actions/checkout action to v4

.drone.yml

@@ -1,23 +0,0 @@
----
-kind: pipeline
-type: docker
-name: default
-
-trigger:
-  event:
-    - push
-
-steps:
-  - name: release
-    image: cr.grachevko.ru/drone/helm:0.1.4
-    settings:
-      name: hedgedoc
-      registry: https://harbor.grachevko.ru/chartrepo
-      username:
-        from_secret: HELM_REPO_USERNAME
-      password:
-        from_secret: HELM_REPO_PASSWORD
-    when:
-      branch:
-        - master
-        - rc

.gitea/workflows/release.yaml

@@ -0,0 +1,29 @@
+name: Release Chart
+
+on:
+  push:
+    tags:
+    - '*'
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+
+    env:
+      REGISTRY: harbor.grachevko.ru
+
+    steps:
+    - uses: actions/checkout@v4
+    - uses: yokawasa/action-setup-kube-tools@v0.9.3
+      with:
+        setup-tools: helm
+    - name: deps and lint
+      run: |
+        helm dependency update
+        helm lint --strict .
+    - name: build
+      run: helm package --version ${{ gitea.ref_name }} .
+    - name: publish
+      run: |
+        echo "${{ secrets.REGISTRY_PASSWORD }}" | helm registry login ${{ env.REGISTRY }} --username "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
+        helm push ./*.tgz oci://harbor.grachevko.ru/${{ gitea.repository }}

Chart.yaml

@@ -3,7 +3,7 @@ name: hedgedoc
 description: A Helm chart for Kubernetes
 type: application
 version: 0.1.0
-appVersion: 1.9.7
+appVersion: 1.9.8
 icon: https://raw.githubusercontent.com/hedgedoc/hedgedoc/develop/frontend/public/icons/android-chrome-192x192.png
 maintainers:
 - email: me@grachevko.ru

renovate.json

@@ -0,0 +1,3 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json"
+}

templates/NOTES.txt

@@ -13,7 +13,7 @@
      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
            You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "hedgedoc.fullname" . }}'
   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "hedgedoc.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
-  echo http://$SERVICE_IP:{{ .Values.service.port }}
+  echo http://$SERVICE_IP:{{ .Values.config.port }}
 {{- else if contains "ClusterIP" .Values.service.type }}
   export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "hedgedoc.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
   export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")

templates/configmap.yaml

@@ -5,107 +5,304 @@ metadata:
   labels:
     {{- include "hedgedoc.labels" . | nindent 4 }}
 data:
+  {{ if .Values.config.sourceURL -}}
   CMD_SOURCE_URL: {{ .Values.config.sourceURL | quote }}
+  {{ end -}}
   CMD_DOMAIN: {{ .Values.config.domain | quote }}
   CMD_URL_PATH: {{ .Values.config.urlPath | quote }}
   CMD_HOST: {{ .Values.config.host | quote }}
   CMD_PORT: {{ .Values.config.port | quote }}
+  {{  if .Values.config.path -}}
   CMD_PATH: {{ .Values.config.path | quote }}
+  {{ end -}}
+  {{  if .Values.config.loglevel -}}
   CMD_LOGLEVEL: {{ .Values.config.loglevel | quote }}
+  {{ end -}}
+  {{  if .Values.config.urlAddPort -}}
   CMD_URL_ADDPORT: {{ .Values.config.urlAddPort | quote }}
+  {{ end -}}
+  {{  if .Values.config.useSSL -}}
   CMD_USESSL: {{ .Values.config.useSSL | quote }}
+  {{ end -}}
+  {{  if .Values.config.hsts.enable -}}
   CMD_HSTS_ENABLE: {{ .Values.config.hsts.enable | quote }}
+  {{ end -}}
+  {{  if .Values.config.hsts.maxAgeSeconds -}}
   CMD_HSTS_MAX_AGE: {{ .Values.config.hsts.maxAgeSeconds | quote }}
+  {{ end -}}
+  {{  if .Values.config.hsts.includeSubdomains -}}
   CMD_HSTS_INCLUDE_SUBDOMAINS: {{ .Values.config.hsts.includeSubdomains | quote }}
+  {{ end -}}
+  {{  if .Values.config.hsts.preload -}}
   CMD_HSTS_PRELOAD: {{ .Values.config.hsts.preload | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.enable -}}
   CMD_CSP_ENABLE: {{ .Values.config.csp.enable | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.reportURI -}}
   CMD_CSP_REPORTURI: {{ .Values.config.csp.reportURI | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.addDisqus -}}
   CMD_CSP_ADD_DISQUS: {{ .Values.config.csp.addDisqus | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.addGoogleAnalytics -}}
   CMD_CSP_ADD_GOOGLE_ANALYTICS: {{ .Values.config.csp.addGoogleAnalytics | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.allowFraming -}}
   CMD_CSP_ALLOW_FRAMING: {{ .Values.config.csp.allowFraming | quote }}
+  {{ end -}}
+  {{  if .Values.config.csp.allowPDFEmbed -}}
   CMD_CSP_ALLOW_PDF_EMBED: {{ .Values.config.csp.allowPDFEmbed | quote }}
+  {{ end -}}
+  {{  if .Values.config.cookiePolicy -}}
   CMD_COOKIE_POLICY: {{ .Values.config.cookiePolicy | quote }}
+  {{ end -}}
+  {{  if .Values.config.protocolUseSSL -}}
   CMD_PROTOCOL_USESSL: {{ .Values.config.protocolUseSSL | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowOrigin -}}
   CMD_ALLOW_ORIGIN: {{ .Values.config.allowOrigin | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowAnonymous -}}
   CMD_ALLOW_ANONYMOUS: {{ .Values.config.allowAnonymous | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowAnonymousEdits -}}
   CMD_ALLOW_ANONYMOUS_EDITS: {{ .Values.config.allowAnonymousEdits | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowFreeURL -}}
   CMD_ALLOW_FREEURL: {{ .Values.config.allowFreeURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.requireFreeURLAuthentication -}}
   CMD_REQUIRE_FREEURL_AUTHENTICATION: {{ .Values.config.requireFreeURLAuthentication | quote }}
+  {{ end -}}
+  {{  if .Values.config.forbiddenNoteIDs -}}
   CMD_FORBIDDEN_NOTE_IDS: {{ .Values.config.forbiddenNoteIDs | quote }}
+  {{ end -}}
+  {{  if .Values.config.defaultPermission -}}
   CMD_DEFAULT_PERMISSION: {{ .Values.config.defaultPermission | quote }}
+  {{ end -}}
+  {{  if .Values.config.db.username -}}
   CMD_DB_USERNAME: {{ .Values.config.db.username | quote }}
+  {{ end -}}
+  {{  if .Values.config.db.host -}}
   CMD_DB_HOST: {{ .Values.config.db.host | quote }}
+  {{ end -}}
+  {{  if .Values.config.db.port -}}
   CMD_DB_PORT: {{ .Values.config.db.port | quote }}
+  {{ end -}}
+  {{  if .Values.config.db.database -}}
   CMD_DB_DATABASE: {{ .Values.config.db.database | quote }}
+  {{ end -}}
+  {{  if .Values.config.db.dialect -}}
   CMD_DB_DIALECT: {{ .Values.config.db.dialect | quote }}
-  CMD_SESSION_SECRET: {{ .Values.config.sessionSecret | quote }}
+  {{ end -}}
+  {{  if .Values.config.sessionLife -}}
   CMD_SESSION_LIFE: {{ .Values.config.sessionLife | quote }}
+  {{ end -}}
+  {{  if .Values.config.tooBusyLag -}}
   CMD_TOOBUSY_LAG: {{ .Values.config.tooBusyLag | quote }}
+  {{ end -}}
+  {{  if .Values.config.imageUploadType -}}
   CMD_IMAGE_UPLOAD_TYPE: {{ .Values.config.imageUploadType | quote }}
+  {{ end -}}
+  {{  if .Values.config.imgur.clientID -}}
   CMD_IMGUR_CLIENTID: {{ .Values.config.imgur.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3.accessKeyId -}}
   CMD_S3_ACCESS_KEY_ID: {{ .Values.config.s3.accessKeyId | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3.region -}}
   CMD_S3_REGION: {{ .Values.config.s3.region | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3.endpoint -}}
   CMD_S3_ENDPOINT: {{ .Values.config.s3.endpoint | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3bucket -}}
   CMD_S3_BUCKET: {{ .Values.config.s3bucket | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3folder -}}
   CMD_S3_FOLDER: {{ .Values.config.s3folder | quote }}
+  {{ end -}}
+  {{  if .Values.config.s3publicFiles -}}
   CMD_S3_PUBLIC_FILES: {{ .Values.config.s3publicFiles | quote }}
+  {{ end -}}
+  {{  if .Values.config.minio.accessKey -}}
   CMD_MINIO_ACCESS_KEY: {{ .Values.config.minio.accessKey | quote }}
+  {{ end -}}
+  {{  if .Values.config.minio.endPoint -}}
   CMD_MINIO_ENDPOINT: {{ .Values.config.minio.endPoint | quote }}
+  {{ end -}}
+  {{  if .Values.config.minio.secure -}}
   CMD_MINIO_SECURE: {{ .Values.config.minio.secure | quote }}
+  {{ end -}}
+  {{  if .Values.config.minio.port -}}
   CMD_MINIO_PORT: {{ .Values.config.minio.port | quote }}
+  {{ end -}}
+  {{  if .Values.config.lutim.url -}}
   CMD_LUTIM_URL: {{ .Values.config.lutim.url | quote }}
+  {{ end -}}
+  {{  if .Values.config.azure.connectionString -}}
   CMD_AZURE_CONNECTION_STRING: {{ .Values.config.azure.connectionString | quote }}
+  {{ end -}}
+  {{  if .Values.config.azure.container -}}
   CMD_AZURE_CONTAINER: {{ .Values.config.azure.container | quote }}
+  {{ end -}}
+  {{  if .Values.config.facebook.clientID -}}
   CMD_FACEBOOK_CLIENTID: {{ .Values.config.facebook.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.twitter.consumerKey -}}
   CMD_TWITTER_CONSUMERKEY: {{ .Values.config.twitter.consumerKey | quote }}
+  {{ end -}}
+  {{  if .Values.config.github.clientID -}}
   CMD_GITHUB_CLIENTID: {{ .Values.config.github.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.gitlab.baseURL -}}
   CMD_GITLAB_BASEURL: {{ .Values.config.gitlab.baseURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.gitlab.clientID -}}
   CMD_GITLAB_CLIENTID: {{ .Values.config.gitlab.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.gitlab.scope -}}
   CMD_GITLAB_SCOPE: {{ .Values.config.gitlab.scope | quote }}
+  {{ end -}}
+  {{  if .Values.config.mattermost.baseURL -}}
   CMD_MATTERMOST_BASEURL: {{ .Values.config.mattermost.baseURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.mattermost.clientID -}}
   CMD_MATTERMOST_CLIENTID: {{ .Values.config.mattermost.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.providerName -}}
   CMD_OAUTH2_PROVIDERNAME: {{ .Values.config.oauth2.providerName | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.baseURL -}}
   CMD_OAUTH2_BASEURL: {{ .Values.config.oauth2.baseURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.userProfileURL -}}
   CMD_OAUTH2_USER_PROFILE_URL: {{ .Values.config.oauth2.userProfileURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.userProfileIdAttr -}}
   CMD_OAUTH2_USER_PROFILE_ID_ATTR: {{ .Values.config.oauth2.userProfileIdAttr | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.userProfileUsernameAttr -}}
   CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR: {{ .Values.config.oauth2.userProfileUsernameAttr | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.userProfileDisplayNameAttr -}}
   CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR: {{ .Values.config.oauth2.userProfileDisplayNameAttr | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.userProfileEmailAttr -}}
   CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR: {{ .Values.config.oauth2.userProfileEmailAttr | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.tokenURL -}}
   CMD_OAUTH2_TOKEN_URL: {{ .Values.config.oauth2.tokenURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.authorizationURL -}}
   CMD_OAUTH2_AUTHORIZATION_URL: {{ .Values.config.oauth2.authorizationURL | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.clientID -}}
   CMD_OAUTH2_CLIENT_ID: {{ .Values.config.oauth2.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.scope -}}
   CMD_OAUTH2_SCOPE: {{ .Values.config.oauth2.scope | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.rolesClaim -}}
   CMD_OAUTH2_ROLES_CLAIM: {{ .Values.config.oauth2.rolesClaim | quote }}
+  {{ end -}}
+  {{  if .Values.config.oauth2.accessRole -}}
   CMD_OAUTH2_ACCESS_ROLE: {{ .Values.config.oauth2.accessRole | quote }}
+  {{ end -}}
+  {{  if .Values.config.dropbox.clientID -}}
   CMD_DROPBOX_CLIENTID: {{ .Values.config.dropbox.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.dropbox.appKey -}}
   CMD_DROPBOX_APPKEY: {{ .Values.config.dropbox.appKey | quote }}
+  {{ end -}}
+  {{  if .Values.config.google.clientID -}}
   CMD_GOOGLE_CLIENTID: {{ .Values.config.google.clientID | quote }}
+  {{ end -}}
+  {{  if .Values.config.google.hostedDomain -}}
   CMD_GOOGLE_HOSTEDDOMAIN: {{ .Values.config.google.hostedDomain | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.providerName -}}
   CMD_LDAP_PROVIDERNAME: {{ .Values.config.ldap.providerName | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.url -}}
   CMD_LDAP_URL: {{ .Values.config.ldap.url | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.bindDn -}}
   CMD_LDAP_BINDDN: {{ .Values.config.ldap.bindDn | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.bindCredentials -}}
   CMD_LDAP_BINDCREDENTIALS: {{ .Values.config.ldap.bindCredentials | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.searchBase -}}
   CMD_LDAP_SEARCHBASE: {{ .Values.config.ldap.searchBase | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.searchFilter -}}
   CMD_LDAP_SEARCHFILTER: {{ .Values.config.ldap.searchFilter | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.searchAttributes -}}
   CMD_LDAP_SEARCHATTRIBUTES: {{ .Values.config.ldap.searchAttributes | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.usernameField -}}
   CMD_LDAP_USERNAMEFIELD: {{ .Values.config.ldap.usernameField | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.useridField -}}
   CMD_LDAP_USERIDFIELD: {{ .Values.config.ldap.useridField | quote }}
+  {{ end -}}
+  {{  if .Values.config.ldap.tlsca -}}
   CMD_LDAP_TLS_CA: {{ .Values.config.ldap.tlsca | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.providerName -}}
   CMD_SAML_PROVIDERNAME: {{ .Values.config.saml.providerName | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.idpSsoUrl -}}
   CMD_SAML_IDPSSOURL: {{ .Values.config.saml.idpSsoUrl | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.idpCert -}}
   CMD_SAML_IDPCERT: {{ .Values.config.saml.idpCert | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.clientCert -}}
   CMD_SAML_CLIENTCERT: {{ .Values.config.saml.clientCert | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.issuer -}}
   CMD_SAML_ISSUER: {{ .Values.config.saml.issuer | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.identifierFormat -}}
   CMD_SAML_IDENTIFIERFORMAT: {{ .Values.config.saml.identifierFormat | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.disableRequestedAuthnContext -}}
   CMD_SAML_DISABLEREQUESTEDAUTHNCONTEXT: {{ .Values.config.saml.disableRequestedAuthnContext | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.groupAttribute -}}
   CMD_SAML_GROUPATTRIBUTE: {{ .Values.config.saml.groupAttribute | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.externalGroups -}}
   CMD_SAML_EXTERNALGROUPS: {{ .Values.config.saml.externalGroups | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.requiredGroups -}}
   CMD_SAML_REQUIREDGROUPS: {{ .Values.config.saml.requiredGroups | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.attribute.id -}}
   CMD_SAML_ATTRIBUTE_ID: {{ .Values.config.saml.attribute.id | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.attribute.username -}}
   CMD_SAML_ATTRIBUTE_USERNAME: {{ .Values.config.saml.attribute.username | quote }}
+  {{ end -}}
+  {{  if .Values.config.saml.attribute.email -}}
   CMD_SAML_ATTRIBUTE_EMAIL: {{ .Values.config.saml.attribute.email | quote }}
+  {{ end -}}
+  {{  if .Values.config.email -}}
   CMD_EMAIL: {{ .Values.config.email | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowEmailRegister -}}
   CMD_ALLOW_EMAIL_REGISTER: {{ .Values.config.allowEmailRegister | quote }}
+  {{ end -}}
+  {{  if .Values.config.allowGravatar -}}
   CMD_ALLOW_GRAVATAR: {{ .Values.config.allowGravatar | quote }}
+  {{ end -}}
+  {{  if .Values.config.openID -}}
   CMD_OPENID: {{ .Values.config.openID | quote }}
+  {{ end -}}
+  {{  if .Values.config.linkifyHeaderStyle -}}
   CMD_LINKIFY_HEADER_STYLE: {{ .Values.config.linkifyHeaderStyle | quote }}
+  {{ end -}}

templates/deployment.yaml

@@ -30,34 +30,34 @@ spec:
       securityContext:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       containers:
-        - name: {{ .Chart.Name }}
+      - name: {{ .Chart.Name }}
-          securityContext:
+        securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
-          image: "{{ .Values.image.registry}}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+        image: "{{ .Values.image.registry}}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
-          envFrom:
+        envFrom:
-          - configMapRef:
+        - configMapRef:
-              name: {{ include "hedgedoc.fullname" . }}
+            name: {{ include "hedgedoc.fullname" . }}
           {{- if .Values.existingSecret }}
-            - secretRef:
+        - secretRef:
-                name: {{ .Values.existingSecret }}
+            name: {{ .Values.existingSecret }}
           {{- else }}
-            - secretRef:
+        - secretRef:
-                name: {{ include "hedgedoc.fullname" . }}
+            name: {{ include "hedgedoc.fullname" . }}
           {{- end }}
-          ports:
+        ports:
-            - name: http
+        - name: http
-              containerPort: {{ .Values.service.port }}
+          containerPort: {{ .Values.config.port }}
-              protocol: TCP
+          protocol: TCP
-          livenessProbe:
+        livenessProbe:
-            httpGet:
+          httpGet:
-              path: /
+            path: /
-              port: http
+            port: http
-          readinessProbe:
+        readinessProbe:
-            httpGet:
+          httpGet:
-              path: /
+            path: /
-              port: http
+            port: http
-          resources:
+        resources:
             {{- toYaml .Values.resources | nindent 12 }}
       {{- with .Values.nodeSelector }}
       nodeSelector:

templates/hpa.yaml

@@ -14,15 +14,15 @@ spec:
   maxReplicas: {{ .Values.autoscaling.maxReplicas }}
   metrics:
     {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
-    - type: Resource
+  - type: Resource
-      resource:
+    resource:
-        name: cpu
+      name: cpu
-        targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+      targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
     {{- end }}
     {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
-    - type: Resource
+  - type: Resource
-      resource:
+    resource:
-        name: memory
+      name: memory
-        targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+      targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
     {{- end }}
 {{- end }}

templates/ingress.yaml

@@ -1,6 +1,6 @@
 {{- if .Values.ingress.enabled -}}
 {{- $fullName := include "hedgedoc.fullname" . -}}
-{{- $svcPort := .Values.service.port -}}
+{{- $svcPort := .Values.config.port -}}
 {{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
   {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
   {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
@@ -29,32 +29,32 @@ spec:
   {{- if .Values.ingress.tls }}
   tls:
     {{- range .Values.ingress.tls }}
-    - hosts:
+  - hosts:
         {{- range .hosts }}
-        - {{ . | quote }}
+    - {{ . | quote }}
         {{- end }}
-      secretName: {{ .secretName }}
+    secretName: {{ .secretName }}
     {{- end }}
   {{- end }}
   rules:
     {{- range .Values.ingress.hosts }}
-    - host: {{ .host | quote }}
+  - host: {{ .host | quote }}
-      http:
+    http:
-        paths:
+      paths:
           {{- range .paths }}
-          - path: {{ .path }}
+      - path: {{ .path }}
             {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
-            pathType: {{ .pathType }}
+        pathType: {{ .pathType }}
             {{- end }}
-            backend:
+        backend:
               {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
-              service:
+          service:
-                name: {{ $fullName }}
+            name: {{ $fullName }}
-                port:
+            port:
-                  number: {{ $svcPort }}
+              number: {{ $svcPort }}
               {{- else }}
-              serviceName: {{ $fullName }}
+          serviceName: {{ $fullName }}
-              servicePort: {{ $svcPort }}
+          servicePort: {{ $svcPort }}
               {{- end }}
           {{- end }}
     {{- end }}

templates/secrets.yaml

@@ -7,16 +7,41 @@ metadata:
     {{- include "hedgedoc.labels" . | nindent 4 }}
 type: Opaque
 data:
-  CMD_DB_URL: {{ .Values.config.dbURL | b64enc | quote }}
+  CMD_SESSION_SECRET: {{ default (randAlphaNum 64) .Values.config.sessionSecret | b64enc | quote }}
-  CMD_DB_PASSWORD: {{ .Values.config.db.password | b64enc | quote }}
+  {{ if .Values.config.dbURL  -}}
-  CMD_S3_SECRET_ACCESS_KEY: {{ .Values.config.s3.secretAccessKey | b64enc | quote }}
+  CMD_DB_URL: {{ .Values.config.dbURL | b64enc  | quote }}
-  CMD_MINIO_SECRET_KEY: {{ .Values.config.minio.secretKey | b64enc | quote }}
+  {{- end }}
-  CMD_FACEBOOK_CLIENTSECRET: {{ .Values.config.facebook.clientSecret | b64enc | quote }}
+  {{ if .Values.config.db.password  -}}
-  CMD_TWITTER_CONSUMERSECRET: {{ .Values.config.twitter.consumerSecret | b64enc | quote }}
+  CMD_DB_PASSWORD: {{ .Values.config.db.password | b64enc  | quote }}
-  CMD_GITHUB_CLIENTSECRET: {{ .Values.config.github.clientSecret | b64enc | quote }}
+  {{- end }}
-  CMD_GITLAB_CLIENTSECRET: {{ .Values.config.gitlab.clientSecret | b64enc | quote }}
+  {{ if .Values.config.s3.secretAccessKey  -}}
-  CMD_MATTERMOST_CLIENTSECRET: {{ .Values.config.mattermost.clientSecret | b64enc | quote }}
+  CMD_S3_SECRET_ACCESS_KEY: {{ .Values.config.s3.secretAccessKey | b64enc  | quote }}
-  CMD_OAUTH2_CLIENT_SECRET: {{ .Values.config.oauth2.clientSecret | b64enc | quote }}
+  {{- end }}
-  CMD_DROPBOX_CLIENTSECRET: {{ .Values.config.dropbox.clientSecret | b64enc | quote }}
+  {{ if .Values.config.minio.secretKey  -}}
-  CMD_GOOGLE_CLIENTSECRET: {{ .Values.config.google.clientSecret | b64enc | quote }}
+  CMD_MINIO_SECRET_KEY: {{ .Values.config.minio.secretKey | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.facebook.clientSecret  -}}
+  CMD_FACEBOOK_CLIENTSECRET: {{ .Values.config.facebook.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.twitter.consumerSecret  -}}
+  CMD_TWITTER_CONSUMERSECRET: {{ .Values.config.twitter.consumerSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.github.clientSecret  -}}
+  CMD_GITHUB_CLIENTSECRET: {{ .Values.config.github.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.gitlab.clientSecret  -}}
+  CMD_GITLAB_CLIENTSECRET: {{ .Values.config.gitlab.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.mattermost.clientSecret  -}}
+  CMD_MATTERMOST_CLIENTSECRET: {{ .Values.config.mattermost.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.oauth2.clientSecret  -}}
+  CMD_OAUTH2_CLIENT_SECRET: {{ .Values.config.oauth2.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.dropbox.clientSecret  -}}
+  CMD_DROPBOX_CLIENTSECRET: {{ .Values.config.dropbox.clientSecret | b64enc  | quote }}
+  {{- end }}
+  {{ if .Values.config.google.clientSecret  -}}
+  CMD_GOOGLE_CLIENTSECRET: {{ .Values.config.google.clientSecret | b64enc  | quote }}
+  {{- end }}
 {{- end }}

templates/service.yaml

@@ -7,9 +7,9 @@ metadata:
 spec:
   type: {{ .Values.service.type }}
   ports:
-    - port: {{ .Values.service.port }}
+  - port: {{ .Values.config.port }}
-      targetPort: http
+    targetPort: http
-      protocol: TCP
+    protocol: TCP
-      name: http
+    name: http
   selector:
     {{- include "hedgedoc.selectorLabels" . | nindent 4 }}

templates/tests/test-connection.yaml

@@ -8,8 +8,8 @@ metadata:
     "helm.sh/hook": test
 spec:
   containers:
-    - name: wget
+  - name: wget
-      image: busybox
+    image: busybox
-      command: ['wget']
+    command: ['wget']
-      args: ['{{ include "hedgedoc.fullname" . }}:{{ .Values.service.port }}']
+    args: ['{{ include "hedgedoc.fullname" . }}:{{ .Values.config.port }}']
   restartPolicy: Never

values.yaml

@@ -2,8 +2,8 @@ config:
   sourceURL: ""
   domain: ""
   urlPath: ""
-  host: ""
+  host: 0.0.0.0
-  port: ""
+  port: 3000
   path: ""
   loglevel: ""
   urlAddPort: ""
@@ -150,7 +150,7 @@ image:
   # Overrides the image tag whose default is the chart appVersion.
   tag: ""
 
-imagePullSecrets: [ ]
+imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
 
@@ -178,20 +178,21 @@ securityContext: {}
 
 service:
   type: ClusterIP
-  port: 3000
+  # Port option used from config.port
+  #  port: 3000
 
 ingress:
   enabled: false
   className: ""
   annotations: {}
-    # kubernetes.io/ingress.class: nginx
+  # kubernetes.io/ingress.class: nginx
   # kubernetes.io/tls-acme: "true"
   hosts:
   - host: chart-example.local
     paths:
     - path: /
       pathType: ImplementationSpecific
-  tls: [ ]
+  tls: []
   #  - secretName: chart-example-tls
   #    hosts:
   #      - chart-example.local
@@ -217,6 +218,6 @@ autoscaling:
 
 nodeSelector: {}
 
-tolerations: [ ]
+tolerations: []
 
 affinity: {}