OneDev
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
server
Code
Files
Commits
Branches
Tags
Code Comments
Code Compare
Pull Requests
Issues
Builds
Packages
Statistics
Child Projects
OneDev 10.4.0
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects onedev server Commits 482ba403
  • ■ ■ ■ ■ ■ ■
    server-product/helm/.helmignore
     1 +# Patterns to ignore when building packages.
     2 +# This supports shell glob matching, relative path matching, and
     3 +# negation (prefixed with !). Only one pattern per line.
     4 +.DS_Store
     5 +# Common VCS dirs
     6 +.git/
     7 +.gitignore
     8 +.bzr/
     9 +.bzrignore
     10 +.hg/
     11 +.hgignore
     12 +.svn/
     13 +# Common backup files
     14 +*.swp
     15 +*.bak
     16 +*.tmp
     17 +*.orig
     18 +*~
     19 +# Various IDEs
     20 +.project
     21 +.idea/
     22 +*.tmproj
     23 +.vscode/
     24 + 
  • ■ ■ ■ ■ ■ ■
    server-product/helm/Chart.yaml
     1 +apiVersion: v2
     2 +name: onedev
     3 +description: All-In-One DevOps Platform
     4 +type: application
     5 +version: 0.0.11
     6 +appVersion: ${buildVersion}
     7 + 
  • ■ ■ ■ ■ ■ ■
    server-product/helm/build.sh
     1 +#!/bin/bash
     2 + 
     3 +set -e
     4 + 
     5 +cd ../target
     6 + 
     7 +buildVersion=`ls onedev-*.zip|sed -e 's/onedev-\(.*\).zip/\1/'`
     8 + 
     9 +rm -rf helm-resources
     10 +cp -r ../helm helm-resources
     11 +rm helm-resources/build.sh
     12 + 
     13 +if [[ "$OSTYPE" == "darwin"* ]]; then
     14 + find helm-resources -name "*.yaml" | xargs sed -i '' "s/\${buildVersion}/${buildVersion}/g"
     15 +else
     16 + find helm-resources -name "*.yaml" | xargs sed -i -e "s/\${buildVersion}/${buildVersion}/g"
     17 +fi
     18 + 
     19 +zip -r helm-resources.zip helm-resources
     20 + 
     21 + 
     22 + 
  • ■ ■ ■ ■ ■ ■
    server-product/helm/templates/NOTES.txt
     1 +Get the application URL by running these commands:
     2 +{{- if .Values.ingress.enabled }}
     3 +{{- range $host := .Values.ingress.hosts }}
     4 + {{- range .paths }}
     5 + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
     6 + {{- end }}
     7 +{{- end }}
     8 +{{- end }}
  • ■ ■ ■ ■ ■ ■
    server-product/helm/templates/_helpers.tpl
     1 +{{/*
     2 +Expand the name of the chart.
     3 +*/}}
     4 +{{- define "onedev.name" -}}
     5 +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
     6 +{{- end }}
     7 + 
     8 +{{/*
     9 +Create a default fully qualified app name.
     10 +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
     11 +If release name contains chart name it will be used as a full name.
     12 +*/}}
     13 +{{- define "onedev.fullname" -}}
     14 +{{- if .Values.fullnameOverride }}
     15 +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
     16 +{{- else }}
     17 +{{- $name := default .Chart.Name .Values.nameOverride }}
     18 +{{- if contains $name .Release.Name }}
     19 +{{- .Release.Name | trunc 63 | trimSuffix "-" }}
     20 +{{- else }}
     21 +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
     22 +{{- end }}
     23 +{{- end }}
     24 +{{- end }}
     25 + 
     26 +{{/*
     27 +Create chart name and version as used by the chart label.
     28 +*/}}
     29 +{{- define "onedev.chart" -}}
     30 +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
     31 +{{- end }}
     32 + 
     33 +{{/*
     34 +Common labels
     35 +*/}}
     36 +{{- define "onedev.labels" -}}
     37 +helm.sh/chart: {{ include "onedev.chart" . }}
     38 +{{ include "onedev.selectorLabels" . }}
     39 +{{- if .Chart.AppVersion }}
     40 +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
     41 +{{- end }}
     42 +app.kubernetes.io/managed-by: {{ .Release.Service }}
     43 +{{- end }}
     44 + 
     45 +{{/*
     46 +Selector labels
     47 +*/}}
     48 +{{- define "onedev.selectorLabels" -}}
     49 +app.kubernetes.io/name: {{ include "onedev.name" . }}
     50 +app.kubernetes.io/instance: {{ .Release.Name }}
     51 +{{- end }}
     52 + 
     53 +{{/*
     54 +Create the name of the service account to use
     55 +*/}}
     56 +{{- define "onedev.serviceAccountName" -}}
     57 +{{- if .Values.serviceAccount.create }}
     58 +{{- default (include "onedev.fullname" .) .Values.serviceAccount.name }}
     59 +{{- else }}
     60 +{{- default "default" .Values.serviceAccount.name }}
     61 +{{- end }}
     62 +{{- end }}
     63 + 
  • ■ ■ ■ ■ ■ ■
    server-product/helm/templates/cluster-role-bindings.yaml
     1 +kind: ClusterRoleBinding
     2 +apiVersion: rbac.authorization.k8s.io/v1
     3 +metadata:
     4 + name: onedev
     5 +subjects:
     6 + - kind: ServiceAccount
     7 + name: onedev
     8 + namespace: onedev
     9 + - kind: ServiceAccount
     10 + name: deploy
     11 + namespace: deploy
     12 +roleRef:
     13 + kind: ClusterRole
     14 + name: onedev
     15 + apiGroup: rbac.authorization.k8s.io
     16 + 
  • ■ ■ ■ ■ ■ ■
    server-product/helm/templates/cluster-roles.yaml
     1 +kind: ClusterRole
     2 +apiVersion: rbac.authorization.k8s.io/v1
     3 +metadata:
     4 + name: onedev
     5 +rules:
     6 + - apiGroups: [""]
     7 + resources: ["namespaces"]
     8 + verbs: ["get", "list", "create", "delete"] #require this permission to run builds in isolated namespaces
     9 + - apiGroups: ["rbac.authorization.k8s.io"]
     10 + resources: ["clusterrolebindings"]
     11 + verbs: ["get", "list", "create", "delete"] #require this permission to bind cluster roles to service account of running builds
     12 + - apiGroups: [""]
     13 + resources: ["nodes"]
     14 + verbs: ["get", "list", "patch"] #require this permission to label nodes with build cache properties to increase cache hit rate
     15 + - apiGroups: [""]
     16 + resources: ["services", "pods", "pods/log", "pods/exec", "secrets", "configmaps", "events"]
     17 + verbs: ["get", "list", "watch", "create", "patch", "delete"] #require this permission to run builds as pods
     18 + - apiGroups: ["apps"]
     19 + resources: ["deployments"]
     20 + verbs: ["get", "list", "create", "patch", "delete"] #require this permission to run builds as pods
  • ■ ■ ■ ■ ■ ■
    server-product/helm/templates/deployment.yaml
     1 +apiVersion: apps/v1
     2 +kind: Deployment
     3 +metadata:
     4 + name: {{ .Release.Name }}-onedev
     5 + labels:
     6 + tier: server
     7 + {{- include "onedev.labels" . | nindent 4 }}
     8 +spec:
     9 + replicas: 1 # only allow one replicas as OneDev doesn't support clustering
     10 + selector:
     11 + matchLabels:
     12 + tier: server
     13 + app: onedev
     14 + strategy:
     15 + type: Recreate
     16 + template:
     17 + metadata:
     18 + labels:
     19 + tier: server
     20 + app: onedev
     21 + {{- with .Values.podAnnotations }}
     22 + annotations:
     23 + {{- toYaml . | nindent 8 }}
     24 + {{- end }}
     25 + spec:
     26 + serviceAccountName: onedev
     27 + containers:
     28 + - name: onedev
     29 + resources:
     30 + requests:
     31 + memory: {{ .Values.resources.onedev.memory }}
     32 + volumeMounts:
     33 + - mountPath: "/opt/onedev"
     34 + name: onedev
     35 + image: "1dev/server:{{ .Values.image.tag | default .Chart.AppVersion }}"
     36 + ports:
     37 + - containerPort: 6610
     38 + - containerPort: 6611
     39 + env:
     40 + - name: hibernate_dialect
     41 + value: org.hibernate.dialect.MySQL5InnoDBDialect
     42 + - name: hibernate_connection_driver_class
     43 + value: com.mysql.cj.jdbc.Driver
     44 + - name: hibernate_connection_url
     45 + value: jdbc:mysql://{{ .Release.Name }}-mysql:3306/onedev?serverTimezone=UTC&allowPublicKeyRetrieval=true&useSSL=false
     46 + - name: hibernate_connection_username
     47 + value: root
     48 + - name: hibernate_connection_password
     49 + valueFrom:
     50 + secretKeyRef:
     51 + name: {{.Release.Name}}-mysql
     52 + key: password
     53 + - name: hibernate_hikari_maximumPoolSize
     54 + value: "25"
     55 + initContainers:
     56 + - name: init
     57 + image: busybox
     58 + command: ["sh", "-c", "until nslookup {{ .Release.Name }}-mysql.{{.Release.Namespace}}.svc.cluster.local; do echo waiting for mysql; sleep 2; done;"]
     59 + volumes:
     60 + - name: onedev
     61 + persistentVolumeClaim:
     62 + claimName: {{ .Release.Name }}-onedev
     63 + 
     64 +---
     65 +apiVersion: apps/v1
     66 +kind: Deployment
     67 +metadata:
     68 + name: {{ .Release.Name }}-mysql
     69 + labels:
     70 + tier: database
     71 +spec:
     72 + selector:
     73 + matchLabels:
     74 + tier: database
     75 + strategy:
     76 + type: Recreate
     77 + template:
     78 + metadata:
     79 + name: mysql
     80 + labels:
     81 + tier: database
     82 + app: onedev
     83 + spec:
     84 + containers:
     85 + - name: mysql
     86 + image: mysql:5.7
     87 + resources:
     88 + requests:
     89 + memory: {{ .Values.resources.mysql.memory }}
     90 + args:
     91 + - "--ignore-db-dir=lost+found"
     92 + env:
     93 + - name: MYSQL_DATABASE
     94 + value: onedev
     95 + - name: MYSQL_ROOT_PASSWORD
     96 + valueFrom:
     97 + secretKeyRef:
     98 + name: {{.Release.Name}}-mysql
     99 + key: password
     100 + ports:
     101 + - containerPort: 3306
     102 + volumeMounts:
     103 + - name: mysql
     104 + mountPath: /var/lib/mysql
     105 + readinessProbe:
     106 + exec:
     107 + command:
     108 + - bash
     109 + - "-c"
     110 + - |
     111 + mysql -uroot -p$MYSQL_ROOT_PASSWORD -e 'SELECT 1'
     112 + initialDelaySeconds: 5
     113 + periodSeconds: 2
     114 + timeoutSeconds: 1
     115 + volumes:
     116 + - name: mysql
     117 + persistentVolumeClaim:
     118 + claimName: {{ .Release.Name }}-mysql
  • ■ ■ ■ ■ ■ ■
    server-product/helm/templates/ingress.yaml
     1 +{{- if .Values.ingress.enabled -}}
     2 +{{- $fullName := include "onedev.fullname" . -}}
     3 +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
     4 +apiVersion: networking.k8s.io/v1beta1
     5 +{{- else -}}
     6 +apiVersion: extensions/v1beta1
     7 +{{- end }}
     8 +kind: Ingress
     9 +metadata:
     10 + name: {{ .Release.Name }}
     11 +spec:
     12 + {{- if .Values.ingress.tls }}
     13 + tls:
     14 + {{- range .Values.ingress.tls }}
     15 + - hosts:
     16 + {{- range .hosts }}
     17 + - {{ . | quote }}
     18 + {{- end }}
     19 + secretName: {{ .secretName }}
     20 + {{- end }}
     21 + {{- end }}
     22 + rules:
     23 + {{- range .Values.ingress.hosts }}
     24 + - host: {{ .host | quote }}
     25 + http:
     26 + paths:
     27 + {{- range .paths }}
     28 + - path: {{ .path }}
     29 + backend:
     30 + serviceName: {{ template "onedev.fullname" $ }}-onedev
     31 + servicePort: 80
     32 + {{- end }}
     33 + {{- end }}
     34 + {{- end }}
     35 + 
  • ■ ■ ■ ■ ■ ■
    server-product/helm/templates/persistent-volume-claims.yaml
     1 +{{- $onedevPvc := lookup "v1" "PersistentVolumeClaim" .Release.Namespace "onedev" -}}
     2 +{{- if not $onedevPvc }}
     3 +apiVersion: v1
     4 +kind: PersistentVolumeClaim
     5 +metadata:
     6 + annotations:
     7 + "helm.sh/resource-policy": keep
     8 + name: {{ .Release.Name }}-onedev
     9 + labels:
     10 + tier: server
     11 +spec:
     12 + storageClassName: {{ .Values.volumes.onedev.storageClassName }}
     13 + accessModes:
     14 + - ReadWriteOnce
     15 + resources:
     16 + requests:
     17 + storage: {{ .Values.volumes.onedev.size }}
     18 + {{- end }}
     19 +---
     20 +{{- $mysqlPvc := lookup "v1" "PersistentVolumeClaim" .Release.Namespace "mysql" -}}
     21 +{{ if not $mysqlPvc }}
     22 +apiVersion: v1
     23 +kind: PersistentVolumeClaim
     24 +metadata:
     25 + annotations:
     26 + "helm.sh/resource-policy": keep
     27 + name: {{ .Release.Name }}-mysql
     28 + labels:
     29 + tier: database
     30 +spec:
     31 + storageClassName: {{ .Values.volumes.onedev.storageClassName }}
     32 + accessModes:
     33 + - ReadWriteOnce
     34 + resources:
     35 + requests:
     36 + storage: {{ .Values.volumes.onedev.size }}
     37 +{{- end }}
  • ■ ■ ■ ■ ■ ■
    server-product/helm/templates/secrets.yaml
     1 +{{- $secret_name := "{{.Release.Name}}-mysql" -}}
     2 + 
     3 +apiVersion: v1
     4 +kind: Secret
     5 +metadata:
     6 + name: {{.Release.Name}}-mysql
     7 + 
     8 +data:
     9 + # try to get the old secret
     10 + # keep in mind, that a dry-run only returns an empty map
     11 + {{- $old_sec := lookup "v1" "Secret" .Release.Namespace $secret_name }}
     12 + 
     13 + # check, if a secret is already set
     14 + {{- if or (not $old_sec) (not $old_sec.data) }}
     15 + # if not set, then generate a new password
     16 + password: {{ randAlphaNum 20 | b64enc }}
     17 + {{ else }}
     18 + # if set, then use the old value
     19 + password: {{ index $old_sec.data "password" }}
     20 + {{ end }}
  • ■ ■ ■ ■ ■
    server-product/helm/templates/service-accounts.yaml
     1 +apiVersion: v1
     2 +kind: ServiceAccount
     3 +metadata:
     4 + name: onedev
     5 + 
  • ■ ■ ■ ■ ■ ■
    server-product/helm/templates/services.yaml
     1 +apiVersion: v1
     2 +kind: Service
     3 +metadata:
     4 + name: {{ .Release.Name }}-onedev
     5 + labels:
     6 + tier: server
     7 + app: ondev
     8 +spec:
     9 + type: ClusterIP
     10 + ports:
     11 + - name: http
     12 + port: 80
     13 + targetPort: 6610
     14 + protocol: TCP
     15 + - name: ssh
     16 + port: 22
     17 + targetPort: 6611
     18 + protocol: TCP
     19 + selector:
     20 + tier: server
     21 +---
     22 +apiVersion: v1
     23 +kind: Service
     24 +metadata:
     25 + name: {{ .Release.Name }}-mysql
     26 + labels:
     27 + tier: database
     28 + app: onedev
     29 +spec:
     30 + ports:
     31 + - port: 3306
     32 + selector:
     33 + tier: database
     34 + 
  • ■ ■ ■ ■ ■ ■
    server-product/helm/values.yaml
     1 +image:
     2 + repository:
     3 + pullPolicy: IfNotPresent
     4 + tag: ${buildVersion}
     5 + 
     6 +ingress:
     7 + enabled: false
     8 + annotations: {}
     9 + hosts:
     10 + - host: chart-example.local
     11 + paths: []
     12 + tls: []
     13 + # - secretName: chart-example-tls
     14 + # hosts:
     15 + # - chart-example.local
     16 + 
     17 + 
     18 +volumes:
     19 + onedev:
     20 + storageClassName: openebs-hostpath
     21 + size: 100Gi
     22 + mysql:
     23 + storageClassName: openebs-hostpath
     24 + size: 20Gi
     25 + 
     26 +resources:
     27 + onedev:
     28 + memory: 2Gi
     29 + mysql:
     30 + memory: 500Mi
     31 + 
Please wait...
Page is in error, reload to recover