trigger pipeline

Reviewed-on: #2

.gitea/workflows/buildcharts.yaml

@@ -0,0 +1,60 @@
+name: Package and publish helm chart
+
+on:
+  push:
+
+jobs:
+  package-helm:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        name: Check out code
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v4.2.0
+        with:
+          version: v3.14.4
+
+      - name: Set up yq
+        uses: mikefarah/yq@master
+
+      - name: Check for changed charts
+        id: changed-files
+        uses: tj-actions/changed-files@v44
+        with:
+          dir_names: true
+          dir_names_max_depth: '2'
+          files: 'charts/**'
+
+      - name: Run helm lint on all changed charts
+        shell: bash
+        env:
+          ALL_CHANGED_CHARTS: ${{ steps.changed-files.outputs.all_changed_files }}
+        run: |
+          REPO_PATH=$(git rev-parse --show-toplevel)
+          for chart in ${ALL_CHANGED_CHARTS}; do
+            cd ${REPO_PATH}/${chart}
+            helm dependency build
+            helm lint .
+          done
+
+      - name: build helm package
+        shell: bash
+        if: gitea.ref == 'refs/heads/main'
+        env:
+          PACKAGE_TOKEN: ${{ secrets.PACKAGE_TOKEN }}
+          CHART_NAME: ${{ steps.chart_name.outputs.result }}
+          CHART_VERSION: ${{ steps.chart_version.outputs.result }}
+          ALL_CHANGED_CHARTS: ${{ steps.changed-files.outputs.all_changed_files }}
+        run: |
+          REPO_PATH=$(git rev-parse --show-toplevel)
+          for chart in ${ALL_CHANGED_CHARTS}; do
+            cd ${REPO_PATH}/${chart}
+            CHART_NAME=$(yq .name Chart.yaml)
+            CHART_VERSION=$(yq .version Chart.yaml)
+            echo "Building dependancies for helm-chart"
+            helm dependency build
+            echo "Packaging ${CHART_NAME}-${CHART_VERSION}"
+            helm package .
+            curl -H "Authorization: token $PACKAGE_TOKEN" -X POST --upload-file ${CHART_NAME}-${CHART_VERSION}.tgz https://git.rre.nu/api/packages/jonas/helm/api/charts
+          done

.pre-commit-config.yaml

@@ -8,4 +8,5 @@ repos:
   - id: end-of-file-fixer
     exclude: README.md$
   - id: check-yaml
+    exclude: all.yaml
   - id: check-added-large-files

Makefile

@@ -1,3 +0,0 @@
-pre-commit:
-	pip install pre-commit
-	pre-commit install

README.md

@@ -0,0 +1 @@
+# My helm-charts

charts/.gitignore

@@ -1,2 +1,3 @@
 Chart.lock
 charts/
+*.tgz

charts/ansible-semaphore/.gitignore

@@ -1,2 +0,0 @@
-Chart.lock
-charts/

charts/ansible-semaphore/Chart.yaml

@@ -1,18 +0,0 @@
----
-apiVersion: v2
-name: ansible-semaphore
-description: Powerful API for Ansible
-type: application
-version: 1.0.0
-appVersion: v2.8.53
-kubeVersion: ">=1.27.0"
-home: https://semaphoreui.com/
-sources:
-  - https://git.rre.nu/jonas/helm-charts
-maintainers:
-  - name: Jonas Forsberg
-    email: barregargamel@gmail.com
-dependencies:
-  - name: lib
-    repository: "file://../../../lib/"
-    version: 1.0.1

charts/ansible-semaphore/README.md

@@ -1,62 +0,0 @@
-
-Ansible-semaphore
-===========
-
-Powerful API for Ansible
-
-
-## Configuration
-
-The following table lists the configurable parameters of the Ansible-semaphore chart and their default values.
-
-| Parameter                | Description             | Default        |
-| ------------------------ | ----------------------- | -------------- |
-| `image.repository` |  | `"ansiblesemaphore/semaphore"` |
-| `config.bolt.host` | Path to the BoltDB database file | `null` |
-| `config.mysql.host` | MySQL database host | `null` |
-| `config.mysql.name` | MySQL database (schema) name | `null` |
-| `config.mysql.user` | MySQL user name | `null` |
-| `config.mysql.pass` | MySQL user's password | `null` |
-| `config.postgres.host` | Postgres database host | `null` |
-| `config.postgres.name` | Postgres database (schema) name | `null` |
-| `config.postgres.user` | Postgres user name | `null` |
-| `config.postgres.pass` | Postgres user's password | `null` |
-| `config.dialect` | Can be mysql, postgres or bolt | `"bolt"` |
-| `config.port` | TCP port on which the web interface will be available. Default: 3000 | `3000` |
-| `config.interface` | Useful if your server has multiple network interfaces | `null` |
-| `config.tmp_path` | Path to directory where cloned repositories and generated files are stored. Default: /tmp/semaphore | `"/tmp/semaphore"` |
-| `config.access_key_encryption` | Secret key used for encrypting access keys in database. Read more in [Database encryption reference](https://docs.semaphoreui.com/administration-guide/security#database-encryption). | `null` |
-| `config.web_host` | Can be useful if you want to use Semaphore by the subpath, for example: http://yourdomain.com/semaphore. Do not add a trailing /. | `null` |
-| `config.email_sender` |  | `null` |
-| `config.email_host` |  | `null` |
-| `config.email_port` |  | `null` |
-| `config.email_secure` |  | `null` |
-| `config.email_username` |  | `null` |
-| `config.email_password` |  | `null` |
-| `config.email_alert` |  | `null` |
-| `config.telegram_alert` |  | `null` |
-| `config.slack_alert` | Set to True to enable pushing alerts to slack. It should be used in combination with slack_url | `null` |
-| `config.slack_url` | The slack webhook url. Semaphore will used it to POST Slack formatted json alerts to the provided url | `null` |
-| `config.rocketchat_alert` | Set to True to enable pushing alerts to Rocket.Chat. It should be used in combination with rocketchat_url. Available since v2.9.56. | `null` |
-| `config.rocketchat_url` | The rocketchat webhook url. Semaphore will used it to POST Rocket.Chat formatted json alerts to the provided url. Available since v2.9.56. | `null` |
-| `config.ldap_enable` |  | `null` |
-| `config.ldap_needtls` |  | `null` |
-| `config.ldap_binddn` |  | `null` |
-| `config.ldap_bindpassword` |  | `null` |
-| `config.ldap_server` |  | `null` |
-| `config.ldap_searchdn` |  | `null` |
-| `config.concurrency_mode` | Can be unset/empty or project or node. When set to project, tasks will run in parallel if and only if they do not share the same project id, with no regard to the nodes/hosts that are affected. When set to node, a task will run in parallel if and only if the hosts affected by tasks already running does not intersect with the hosts that would be affected by the task in question. If concurrency_mode is not specified or left empty, no task will start before the previous one has finished. | `null` |
-| `max_parallel_tasks` |  | `null` |
-| `oidc_providers` | OpenID provider settings. You can provide multiple OpenID providers. More about OpenID configuration read in [OpenID](https://docs.semaphoreui.com/administration-guide/openid/). | `null` |
-| `password_login_disable` | Disable login with using password. Only LDAP and OpenID. | `false` |
-| `non_admin_can_create_project` | Allow non-admin users to create new projects. | `false` |
-| `service.http.enabled` |  | `true` |
-| `service.http.ports.http.port` |  | `80` |
-| `service.http.ports.http.targetPort` |  | `3000` |
-| `volumes` |  | `[{"name": "config", "secret": {"secretName": "ansible-semaphore-config", "optional": false}}]` |
-| `volumeMounts` |  | `[{"name": "config", "mountPath": "/etc/semaphore", "readOnly": true}]` |
-
-
-
-
-

charts/ansible-semaphore/templates/config.tpl

@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: ansible-semaphore-config
-  namespace: {{- .Values.namespace }}
-  labels:
-    {{- include "lib.labels" . | nindent 4}}
-type: Opauge
-data:
-  config.json: {{ toJson .Values.config | b64enc }}

charts/ansible-semaphore/values.yaml

@@ -1,64 +0,0 @@
-image:
-  repository: ansiblesemaphore/semaphore
-
-config:
-  bolt:
-    host: # Path to the BoltDB database file
-  mysql:
-    host: # MySQL database host
-    name: # MySQL database (schema) name
-    user: # MySQL user name
-    pass: # MySQL user's password
-  postgres:
-    host: # Postgres database host
-    name: # Postgres database (schema) name
-    user: # Postgres user name
-    pass: # Postgres user's password
-  dialect: bolt # Can be mysql, postgres or bolt
-  port: 3000 # TCP port on which the web interface will be available. Default: 3000
-  interface: # Useful if your server has multiple network interfaces
-  tmp_path: /tmp/semaphore # Path to directory where cloned repositories and generated files are stored. Default: /tmp/semaphore
-  access_key_encryption: # Secret key used for encrypting access keys in database. Read more in [Database encryption reference](https://docs.semaphoreui.com/administration-guide/security#database-encryption).
-  web_host: # Can be useful if you want to use Semaphore by the subpath, for example: http://yourdomain.com/semaphore. Do not add a trailing /.
-  email_sender:
-  email_host:
-  email_port:
-  email_secure:
-  email_username:
-  email_password:
-  email_alert:
-  telegram_alert:
-  slack_alert:  # Set to True to enable pushing alerts to slack. It should be used in combination with slack_url
-  slack_url: # The slack webhook url. Semaphore will used it to POST Slack formatted json alerts to the provided url
-  rocketchat_alert: # Set to True to enable pushing alerts to Rocket.Chat. It should be used in combination with rocketchat_url. Available since v2.9.56.
-  rocketchat_url: # The rocketchat webhook url. Semaphore will used it to POST Rocket.Chat formatted json alerts to the provided url. Available since v2.9.56.
-  ldap_enable:
-  ldap_needtls:
-  ldap_binddn:
-  ldap_bindpassword:
-  ldap_server:
-  ldap_searchdn:
-  concurrency_mode: # Can be unset/empty or project or node. When set to project, tasks will run in parallel if and only if they do not share the same project id, with no regard to the nodes/hosts that are affected. When set to node, a task will run in parallel if and only if the hosts affected by tasks already running does not intersect with the hosts that would be affected by the task in question. If concurrency_mode is not specified or left empty, no task will start before the previous one has finished.
-max_parallel_tasks:
-oidc_providers: # OpenID provider settings. You can provide multiple OpenID providers. More about OpenID configuration read in [OpenID](https://docs.semaphoreui.com/administration-guide/openid/).
-password_login_disable: false # Disable login with using password. Only LDAP and OpenID.
-non_admin_can_create_project: false # Allow non-admin users to create new projects.
-
-service:
-  http:
-    enabled: true
-    ports:
-      http:
-        port: 80
-        targetPort: 3000
-
-volumes:
-  - name: config
-    secret:
-      secretName: ansible-semaphore-config
-      optional: false
-
-volumeMounts:
-  - name: config
-    mountPath: /etc/semaphore
-    readOnly: true

charts/home-assistant/Chart.yaml

@@ -0,0 +1,19 @@
+---
+apiVersion: v2
+name: home-assistant
+description: Open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts.
+type: application
+version: 1.0.0
+appVersion: v2024.11.1
+kubeVersion: ">=1.27.0"
+home: https://www.home-assistant.io/
+sources:
+  - https://git.rre.nu/jonas/helm-charts
+  - https://github.com/home-assistant/core
+maintainers:
+  - name: Jonas Forsberg
+    email: barregargamel@gmail.com
+dependencies:
+  - name: lib
+    repository: https://git.rre.nu/api/packages/jonas/helm
+    version: 1.0.3

charts/home-assistant/README.md

@@ -0,0 +1,37 @@
+
+Home-assistant
+===========
+
+Open source home automation that puts local control and privacy first. Powered by a worldwide community of tinkerers and DIY enthusiasts.
+
+
+## Configuration
+
+The following table lists the configurable parameters of the Home-assistant chart and their default values.
+
+| Parameter                | Description             | Default        |
+| ------------------------ | ----------------------- | -------------- |
+| `image.repository` |  | `"ghcr.io/home-assistant/home-assistant"` |
+| `image.tag` |  | `null` |
+| `controller.enabled` | should the main workload be included or not | `true` |
+| `controller.type` | valid options are deployment, statefulset, job | `"statefulset"` |
+| `service.http.enabled` |  | `true` |
+| `service.http.ports.http.port` |  | `80` |
+| `service.http.ports.http.targetPort` |  | `8123` |
+| `ingress.enabled` |  | `false` |
+| `ingress.service` | what service should the ingress target | `"http"` |
+| `ingress.servicePort` |  | `80` |
+| `ingress.className` |  | `"nginx"` |
+| `ingress.hosts` |  | `[{"host": "example.local", "paths": [{"path": "/", "pathType": "Prefix"}]}]` |
+| `ingress.annotations` |  | `{}` |
+| `ingress.tls` |  | `[]` |
+| `volumeClaimTemplates` |  | `[{"name": "config", "mountPath": "/config", "accessMode": "ReadWriteOnce", "storageClassName": "default", "size": "1Gi"}]` |
+| `livenessProbe.httpGet.path` |  | `"/"` |
+| `livenessProbe.httpGet.port` |  | `8123` |
+| `livenessProbe.initialDelaySeconds` |  | `5` |
+| `livenessProbe.periodSeconds` |  | `3` |
+
+
+
+
+

charts/home-assistant/values.yaml

@@ -0,0 +1,48 @@
+image:
+  repository: ghcr.io/home-assistant/home-assistant
+  tag:
+
+controller: # main workload
+  enabled: true # should the main workload be included or not
+  type: statefulset # valid options are deployment, statefulset, job
+
+service:
+  http:
+    enabled: true
+    ports:
+      http:
+        port: 80
+        targetPort: 8123
+
+ingress:
+  enabled: false
+  service: http # what service should the ingress target
+  servicePort: 80
+  className: "nginx"
+  hosts:
+    - host: example.local
+      paths:
+        - path: /
+          pathType: Prefix
+  annotations:
+    {}
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+
+volumeClaimTemplates:
+  - name: config
+    mountPath: /config
+    accessMode: "ReadWriteOnce"
+    storageClassName: "default"
+    size: 1Gi
+
+
+livenessProbe:
+  httpGet:
+    path: /
+    port: 8123
+  initialDelaySeconds: 5
+  periodSeconds: 3

charts/semaphoreui/Chart.yaml

@@ -1,18 +0,0 @@
----
-apiVersion: v2
-name: semaphoreui
-description: Powerful API for Ansible
-type: application
-version: 1.0.0
-appVersion: v2.10.31
-kubeVersion: ">=1.27.0"
-home: https://semaphoreui.com/
-sources:
-  - https://git.rre.nu/jonas/helm-charts
-maintainers:
-  - name: Jonas Forsberg
-    email: barregargamel@gmail.com
-dependencies:
-  - name: lib
-    repository: "file://../../../lib/"
-    version: 1.0.1

charts/semaphoreui/Makefile

@@ -1,2 +0,0 @@
-doc:
-	frigate gen --output-format markdown --no-deps --no-credits ./ > README.md

charts/semaphoreui/README.md

@@ -1,33 +0,0 @@
-
-Semaphoreui
-===========
-
-Powerful API for Ansible
-
-
-## Configuration
-
-The following table lists the configurable parameters of the Semaphoreui chart and their default values.
-
-| Parameter                | Description             | Default        |
-| ------------------------ | ----------------------- | -------------- |
-| `image.repository` |  | `"semaphoreui/semaphore"` |
-| `config` |  | `{}` |
-| `service.http.enabled` |  | `true` |
-| `service.http.ports.http.port` |  | `80` |
-| `service.http.ports.http.targetPort` |  | `3000` |
-| `ingress.enabled` |  | `false` |
-| `ingress.service` | what service should the ingress target | `"http"` |
-| `ingress.servicePort` |  | `80` |
-| `ingress.className` |  | `"nginx"` |
-| `ingress.hosts` |  | `[{"host": "example.local", "paths": [{"path": "/", "pathType": "Prefix"}]}]` |
-| `ingress.annotations` |  | `{}` |
-| `controller.command` | Need to override server-wrapper due to stupid DB ping in container | `["/bin/sh"]` |
-| `controller.args` |  | `["/var/local/bin/entrypoint.sh"]` |
-| `volumes` |  | `[{"name": "config", "secret": {"secretName": "semaphoreui-config", "optional": false}}, {"name": "entrypoint", "configMap": {"name": "semaphoreui-entrypoint", "items": [{"key": "entrypoint.sh", "path": "entrypoint.sh"}]}}]` |
-| `volumeMounts` |  | `[{"name": "config", "mountPath": "/var/semaphoreui-secret", "readOnly": true}, {"name": "entrypoint", "mountPath": "/var/local/bin/entrypoint.sh", "subPath": "entrypoint.sh"}]` |
-
-
-
-
-

charts/semaphoreui/templates/base.tpl

@@ -1 +0,0 @@
-{{ include "lib.all" . }}

charts/semaphoreui/templates/config.tpl

@@ -1,10 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  name: semaphoreui-config
-  namespace: {{ .Values.namespace | default "default" }}
-  labels:
-    {{- include "lib.labels" . | nindent 4}}
-type: Opauge
-data:
-  config.json: {{ toJson .Values.config | b64enc }}

charts/semaphoreui/templates/entrypoint.sh

@@ -1,28 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: semaphoreui-entrypoint
-  namespace: {{ .Values.namespace | default "default" }}
-  labels:
-    {{- include "lib.labels" . | nindent 4}}
-data:
-  entrypoint.sh: |
-    #!/bin/sh
-    echo "creating /etc/semaphore/config.json"
-    cp /var/semaphoreui-secret/config.json /etc/semaphore/config.json
-    if test -f /etc/semaphore/packages.txt; then
-      echo "Installing additional system dependencies"
-      apk add --no-cache --upgrade \
-      $(cat /etc/semaphore/packages.txt | xargs)
-    else
-      echo "No additional system dependencies to install"
-    fi
-    if test -f /etc/semaphore/requirements.txt; then
-      echo "Installing additional python dependencies"
-      pip3 install --upgrade \
-        -r /etc/semaphore/requirements.txt
-    else
-      echo "No additional python dependencies to install"
-    fi
-    echo "Starting semapore server"
-    exec /usr/local/bin/semaphore server  --config /etc/semaphore/config.json

charts/semaphoreui/values.yaml

@@ -1,92 +0,0 @@
-image:
-  repository: semaphoreui/semaphore
-
-config: {}
-#  bolt:
-#    host: # Path to the BoltDB database file
-#  mysql:
-#    host: # MySQL database host
-#    name: # MySQL database (schema) name
-#    user: # MySQL user name
-#    pass: # MySQL user's password
-#  postgres:
-#    host: # Postgres database host
-#    name: # Postgres database (schema) name
-#    user: # Postgres user name
-#    pass: # Postgres user's password
-#  dialect: bolt # Can be mysql, postgres or bolt
-#  port: 3000 # TCP port on which the web interface will be available. Default: 3000
-#  interface: # Useful if your server has multiple network interfaces
-#  tmp_path: /tmp/semaphore # Path to directory where cloned repositories and generated files are stored. Default: /tmp/semaphore
-#  access_key_encryption: # Secret key used for encrypting access keys in database. Read more in [Database encryption reference](https://docs.semaphoreui.com/administration-guide/security#database-encryption).
-#  web_host: # Can be useful if you want to use Semaphore by the subpath, for example: http://yourdomain.com/semaphore. Do not add a trailing /.
-#  email_sender:
-#  email_host:
-#  email_port:
-#  email_secure:
-#  email_username:
-#  email_password:
-#  email_alert:
-#  telegram_alert:
-#  slack_alert:  # Set to True to enable pushing alerts to slack. It should be used in combination with slack_url
-#  slack_url: # The slack webhook url. Semaphore will used it to POST Slack formatted json alerts to the provided url
-#  rocketchat_alert: # Set to True to enable pushing alerts to Rocket.Chat. It should be used in combination with rocketchat_url. Available since v2.9.56.
-#  rocketchat_url: # The rocketchat webhook url. Semaphore will used it to POST Rocket.Chat formatted json alerts to the provided url. Available since v2.9.56.
-#  ldap_enable:
-#  ldap_needtls:
-#  ldap_binddn:
-#  ldap_bindpassword:
-#  ldap_server:
-#  ldap_searchdn:
-#  concurrency_mode: # Can be unset/empty or project or node. When set to project, tasks will run in parallel if and only if they do not share the same project id, with no regard to the nodes/hosts that are affected. When set to node, a task will run in parallel if and only if the hosts affected by tasks already running does not intersect with the hosts that would be affected by the task in question. If concurrency_mode is not specified or left empty, no task will start before the previous one has finished.
-#max_parallel_tasks:
-#oidc_providers: # OpenID provider settings. You can provide multiple OpenID providers. More about OpenID configuration read in [OpenID](https://docs.semaphoreui.com/administration-guide/openid/).
-#password_login_disable: false # Disable login with using password. Only LDAP and OpenID.
-#non_admin_can_create_project: false # Allow non-admin users to create new projects.
-
-service:
-  http:
-    enabled: true
-    ports:
-      http:
-        port: 80
-        targetPort: 3000
-
-ingress:
-  enabled: false
-  service: http # what service should the ingress target
-  servicePort: 80
-  className: "nginx"
-  hosts:
-    - host: example.local
-      paths:
-        - path: /
-          pathType: Prefix
-  annotations:
-    {}
-
-
-controller:
-  command: ["/bin/sh"] # Need to override server-wrapper due to stupid DB ping in container
-  args:
-    - /var/local/bin/entrypoint.sh
-
-volumes:
-  - name: config
-    secret:
-      secretName: semaphoreui-config
-      optional: false
-  - name: entrypoint
-    configMap:
-      name: semaphoreui-entrypoint
-      items:
-        - key: entrypoint.sh
-          path: entrypoint.sh
-
-volumeMounts:
-  - name: config
-    mountPath: /var/semaphoreui-secret
-    readOnly: true
-  - name: entrypoint
-    mountPath: /var/local/bin/entrypoint.sh
-    subPath: entrypoint.sh