Configure Gitea Actions for Helm chart CI and release
- Replace GitHub chart-releaser with Gitea-compatible workflow - Lint job: helm lint, template validation on push to main/master - Release job: package and publish to Gitea releases on tag push (v*) - Use gitea-release-action for creating releases - Support both main and master branches Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
@@ -3,4 +3,4 @@ dependencies:
|
||||
repository: https://fleetdm.github.io/fleet/charts
|
||||
version: v6.8.0
|
||||
digest: sha256:ab8c11dfc9bb9f35ca7d2dc9cc8d29afc8b031119c5bc68a9ce8ad3885f1914a
|
||||
generated: "2026-02-19T16:05:03.470525533Z"
|
||||
generated: "2026-02-19T16:50:24.092915774Z"
|
||||
|
||||
@@ -12,7 +12,6 @@ maintainers:
|
||||
- name: Flamingo Applicant
|
||||
email: eslider@gmail.com
|
||||
dependencies:
|
||||
# Use Fleet's built-in mysql/redis so migration hook runs after they exist
|
||||
- name: fleet
|
||||
version: ">=6.7.0"
|
||||
repository: https://fleetdm.github.io/fleet/charts
|
||||
|
||||
@@ -0,0 +1,19 @@
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDFTCCAf2gAwIBAgIUG6NBYS7EkqWlbUAgzGLd7ZeDVv8wDQYJKoZIhvcNAQEL
|
||||
BQAwGjEYMBYGA1UEAwwPZmxlZXQubG9jYWxob3N0MB4XDTI2MDIxOTE3MTAwOFoX
|
||||
DTI3MDIxOTE3MTAwOFowGjEYMBYGA1UEAwwPZmxlZXQubG9jYWxob3N0MIIBIjAN
|
||||
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArviJGl6jQzJcYwERavcseuw4egI8
|
||||
/dciq4vrMnz8kiVAcDHtts8b+Ew/5ExiTl1vtaJrhjDoNbGWaQrGDCB8q9oRQA4l
|
||||
77JLkc4ocbVHvqv6sFP7sSpnLfbkSEK4LeV7My4RFdnYyBDf4OrdJVxwK/7TRv1E
|
||||
OI8P7RvVdGz2hfWTUVIz4x74oupA8glG7UiENHzZPWJ0yxF+5VbS/+lnLIq4fkAo
|
||||
SP8y+dc6sQqgz+uUxFG/4Dk5mVuu9NyDszbk07EB9lEfY/vt1pbeGhp7ns1+EhJt
|
||||
7ffRwlARASWwJZy/dlY0YDKCH2xdVuiP2KxjS+I/ICbymbxMgXtQJEUbLQIDAQAB
|
||||
o1MwUTAdBgNVHQ4EFgQUO69x6k6QM+nccL9zxCSpkEdyS1EwHwYDVR0jBBgwFoAU
|
||||
O69x6k6QM+nccL9zxCSpkEdyS1EwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B
|
||||
AQsFAAOCAQEAYaJHZAzEpL2JLoYaNDYW7RxMOw0Q4RhMMfrfFh5wdUbyBF2bhGU+
|
||||
rzmq3UV3xWeXl3o4sMZfRNlQVT88jwDMm1qzDrbIutTe+vrPGTInPbLT6jnYg3OR
|
||||
qFwhTNRa7zPlCMESrn0nCH7MXgSsi5fACaVCxwIl0tdqT3JaaqQXsPwIrI3Q7lEX
|
||||
sPrRrr4GWzh7ZzjKzps0+HFIZJuZsYhtXdGrSN9UJKhRs7IsxQWAZNBfYljvZrBB
|
||||
F49dxwLEIgjb2r9NamvCWs7zfddRVnb6bNdnaUWIjaFE5dLKjTu9AG3t9wGvs659
|
||||
+t+0ZJYObnmMzK7v40qoABijprqZZlN+cg==
|
||||
-----END CERTIFICATE-----
|
||||
@@ -0,0 +1,28 @@
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCu+IkaXqNDMlxj
|
||||
ARFq9yx67Dh6Ajz91yKri+syfPySJUBwMe22zxv4TD/kTGJOXW+1omuGMOg1sZZp
|
||||
CsYMIHyr2hFADiXvskuRzihxtUe+q/qwU/uxKmct9uRIQrgt5XszLhEV2djIEN/g
|
||||
6t0lXHAr/tNG/UQ4jw/tG9V0bPaF9ZNRUjPjHvii6kDyCUbtSIQ0fNk9YnTLEX7l
|
||||
VtL/6Wcsirh+QChI/zL51zqxCqDP65TEUb/gOTmZW6703IOzNuTTsQH2UR9j++3W
|
||||
lt4aGnuezX4SEm3t99HCUBEBJbAlnL92VjRgMoIfbF1W6I/YrGNL4j8gJvKZvEyB
|
||||
e1AkRRstAgMBAAECggEAJ+Rmbeqx0npC8hemPvsH2ybMYZTtDvrj3rTR9PrmIvP3
|
||||
Ux0vE4T43Y2U65o2t6M5+vGDDl9MMiHBJ0XbjZxCkHPxhucy4wmFjUKxmes45lIT
|
||||
n+wl8Gi4iZRGy+raTyyJAEw6fP7kHAks4fzqWsBOmtlIlmDcEwEbInY8HoVRV40b
|
||||
fXKXCqp1IhFnxPHcirj1acCr4W8Bi/R5f7ynPlGgNPXXbYBXJUnuCZZeQBwEhCOb
|
||||
dPtVuVt9Zpk/7r128/i2go6u9u6UE7teeh3ZaIaoBPGubMecYeQgHLNB9z5MST3R
|
||||
Qo2JG8rxjwmxHnbX4njaizY66Q55BUytm8N5sg1fgQKBgQDT13ep0sVaATpNVXdt
|
||||
BGQsqX1gB4nAUcvJQOmACBO+/gduF4Aqcw9NY/WSb0FJnn85o24Q/rBxIFywnLuI
|
||||
sYWwzSA2E08AjStT5IlMy6KI4g4rdAXL8iI9VdR5f4dlivLDQFjF3lFV9/WrHuAR
|
||||
BvZ+0XC6hB/IXPDVLF+tH2Tw8QKBgQDTcYaUZABlFxtpeuSLH2IYYPyRMdJ8bsCY
|
||||
nZI+8LFB9OlCU22SNoxdutAmcyixEdP7ldM5M0WTJ0uRjOiVjh6JiAklbhEckn+P
|
||||
IFctwgMGGrWaH0yn2gob9xlOVxcEm2G+hqwf6b0Ie9bGXVCnOvZly+FKgcG08w9U
|
||||
yPEw0bLN/QKBgQCgw2iteSWJy1q6a3zJP8bh2fIqmS3hxHFZlqhdIEQT8mYjFzSN
|
||||
gmn/ejdX3JR4UQ8N58fUn+O4xi1xXlA3STlC1jh2sSqIKZnS/aFwpS0AokTMlyz6
|
||||
/BMd5u/rEGvpFIxsvn1gE/o3uog2R6UVZupTjY/2C+SuwlGGBTnKgQOykQKBgGck
|
||||
bNK8CVlGsU997DhVQcPEo8+r7xJV8EtCKhHb1YvoDVUWX0/Ani4mr9zhtgrSOIb0
|
||||
KgowEZNbysggZWB26DyMiHGixGQcrm7CBuTCTDlRFB8vf3Qtr1q+6bBGWWsc5MxM
|
||||
42/Z1CVsS3OOF4bMA1/a2XY/358GJgdk0grPcBp9AoGAVif7hpQK+Ky+akPqASbx
|
||||
rN2O5uS5A7feIuxxqAKlqSn/mavgV1kRPqnh+xnWOG5RnwnDUfd37ZIvzg2hGW80
|
||||
i2OhMAf/6VE1eWs2xtuK0W6GkcCXEQ7jwZP8ALWr+nkyL1C3P3atk/z4eZLBDPyM
|
||||
QF2jUFmY32C9122XEfSpHr0=
|
||||
-----END PRIVATE KEY-----
|
||||
@@ -0,0 +1,15 @@
|
||||
# Fleet server expects secret "fleet" (S3, TLS). Self-signed cert for local dev.
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: fleet
|
||||
labels:
|
||||
app.kubernetes.io/name: fleetdm-stack
|
||||
type: Opaque
|
||||
stringData:
|
||||
s3-bucket: ""
|
||||
software-installers: ""
|
||||
server.cert: |
|
||||
{{ .Files.Get "certs/cert.pem" | nindent 4 }}
|
||||
server.key: |
|
||||
{{ .Files.Get "certs/key.pem" | nindent 4 }}
|
||||
@@ -0,0 +1,11 @@
|
||||
# Fleet migration expects secret "mysql"; Fleet's MySQL subchart creates "fleetdm-stack-mysql".
|
||||
# This alias ensures the migration finds the password.
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: mysql
|
||||
labels:
|
||||
app.kubernetes.io/name: fleetdm-stack
|
||||
type: Opaque
|
||||
stringData:
|
||||
mysql-password: {{ .Values.fleet.mysql.auth.password | quote }}
|
||||
+43
-41
@@ -1,53 +1,27 @@
|
||||
# FleetDM Stack - Values for FleetDM Server, MySQL and Redis
|
||||
# Uses Fleet chart's built-in mysql/redis (ensures migration runs after DB is ready)
|
||||
# Deploy with: helm install fleetdm-stack . -n fleetdm -f values.yaml
|
||||
# FleetDM Stack - FleetDM Server + MySQL + Redis
|
||||
# Uses Fleet chart with built-in mysql/redis (correct install order for migration)
|
||||
|
||||
global:
|
||||
namespace: fleetdm
|
||||
|
||||
# Fleet chart (includes mysql + redis as its subcharts)
|
||||
fleet:
|
||||
# MySQL (Fleet's subchart)
|
||||
mysql:
|
||||
enabled: true
|
||||
image:
|
||||
registry: docker.io
|
||||
repository: bitnamilegacy/mysql
|
||||
tag: 8.0.35-debian-12-r2
|
||||
auth:
|
||||
username: fleet
|
||||
database: fleet
|
||||
password: "fleetdm-local-dev"
|
||||
primary:
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 8Gi
|
||||
# Redis (Fleet's subchart)
|
||||
redis:
|
||||
enabled: true
|
||||
image:
|
||||
registry: docker.io
|
||||
repository: bitnamilegacy/redis
|
||||
tag: 7.2.4-debian-12-r12
|
||||
architecture: standalone
|
||||
auth:
|
||||
enabled: false
|
||||
master:
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
commonConfiguration: |
|
||||
maxmemory 256mb
|
||||
maxmemory-policy allkeys-lru
|
||||
enabled: true
|
||||
database:
|
||||
address: fleetdm-stack-mysql:3306
|
||||
database: fleet
|
||||
username: fleet
|
||||
secretName: mysql
|
||||
passwordKey: mysql-password
|
||||
cache:
|
||||
address: fleetdm-stack-redis-master:6379
|
||||
database: "0"
|
||||
usePassword: false
|
||||
hostName: fleet.localhost
|
||||
replicas: 1
|
||||
imageRepository: fleetdm/fleet
|
||||
imageTag: v4.80.1
|
||||
fleet:
|
||||
autoApplySQLMigrations: true
|
||||
tls:
|
||||
enabled: false
|
||||
fleet:
|
||||
autoApplySQLMigrations: true
|
||||
ingress:
|
||||
enabled: true
|
||||
className: nginx
|
||||
@@ -58,7 +32,6 @@ fleet:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls: []
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
@@ -66,3 +39,32 @@ fleet:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 128Mi
|
||||
# MySQL (Fleet subchart) - bitnamilegacy image (Bitnami moved)
|
||||
mysql:
|
||||
enabled: true
|
||||
auth:
|
||||
username: fleet
|
||||
database: fleet
|
||||
password: "fleetdm-local-dev"
|
||||
image:
|
||||
registry: docker.io
|
||||
repository: bitnamilegacy/mysql
|
||||
tag: "8.0"
|
||||
primary:
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 8Gi
|
||||
# Redis (Fleet subchart)
|
||||
redis:
|
||||
enabled: true
|
||||
architecture: standalone
|
||||
auth:
|
||||
enabled: false
|
||||
image:
|
||||
registry: docker.io
|
||||
repository: bitnamilegacy/redis
|
||||
tag: 7.2.4-debian-12-r12
|
||||
master:
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 1Gi
|
||||
|
||||
Reference in New Issue
Block a user