= Gitea Operator
== Overview
This repository contains the code to build a Gitea Operator for Kubernetes, including Red Hat OpenShift Container Platform.
The Operator will create a PostgreSQL database and a Gitea instance connected to the PostgreSQL database.
It is implemented on top of the Red Hat https://sdk.operatorframework.io/[Operator SDK] - in particular the https://sdk.operatorframework.io/docs/building-operators/ansible/[Ansible Operator].
== Building the Operator
There is a script hack/operate.sh which will download the prerequisites (operator-sdk etc.), build the operator artifacts from operator-sdk defaults, package and push the operator container image, deploy the artifacts to a Kubernetes cluster, and create a kind: Gitea CR to deploy an instance. You should use the help page to look at what the various options do, but for the most part if you want to deploy Gitea to a cluster directly from this repo you could run hack/operate.sh -d.
Before running the script make sure to update the location of the container image to a repository you have access to. If you decide to build your own container image for the operator, make sure to update hack/operate.conf with an updated container image location and add the -p flag to operate.sh.
== Installation
=== Operator Installation Steps
The installation of the Custom Resource Definition and Cluster Role requires cluster-admin privileges. After that regular users with admin privileges on their projects (which is automatically granted to the user who creates a project) can provision the Gitea Operator in their projects and deploy instances of Gitea using the gitea.redhatgov.io Custom Resource. If you've installed the operator from the https://github.com/RedHatGov/operator-catalog[RedHatGov Operator Catalog Index] on an OLM-enabled cluster, the Gitea operator can be installed from the OperatorHub interface of the console.
Perform the following tasks as cluster-admin:
config/samples/redhatgov_v1alpha1_gitea*.yaml example CustomResources:
+
[source,sh]== Deploying a custom Gitea instance using the Operator
A Gitea instance is deployed by creating a kind: Gitea Custom Resource based on the Gitea Custom Resource Definition. You can see some samples in the link:config/samples/[samples directory]. If you've installed the operator from the https://github.com/RedHatGov/operator-catalog[RedHatGov Operator Catalog Index] on an OLM-enabled cluster, Custom Resource creation can be done through the console UI with embedded documentation or a form view.
. Use the hostname returned in your Web Browser to open the Gitea UI (the first user created will be an administrator).
== Deleting a Gitea instance
Deleting a Gitea instance and its associated resources is as simple as deleting the gitea object. If you created a Gitea Custom Resource with metadata.name of gitea-example it suffices to run the delete command on that resource:
The Operator adds ownerReference fields to all created objects - which means that deleting the Gitea object also deletes all objects that have been created by the Operator.
== Uninstalling the Gitea Operator
In case you wish to uninstall the Gitea Operator make sure that there are no more Gitea instances running. Once all Gitea instances have been deleted simply delete the operator and its resources with:
OLM uninstallation for OLM-based operators can be handled through the UI, or by deleting the Subscription.
== Notes on disconnected installations
The Operator SDK makes heavy use of Kustomize for development and installation, but intends bundles to be generated for use in an operator catalog. This enables the Operator Lifecycle Manager, deployed onto your cluster, to install and configure operators with a simple kind: Subscription object, instead of a large collection of manifests.
If you are using a registries.conf change and/or ImageContentSourcePolicy mirror that covers quay.io/redhatgov images, you should not have to change anything.
To change the image sources for all necessary images to deploy the operator without such a policy, you need to have the following images hosted in a container repository on your disconnected network:
. quay.io/redhatgov/gitea-operator:latest . quay.io/redhatgov/gitea:latest . Some PostgreSQL 10 image that either behaves like the Red Hat PostgreSQL 10 RHEL 8 image or the docker.io/library/postgres:10 image.
The places where you must update those sources are then, respectively:
. The kind: Gitea custom resource manifest: spec.gitea.image.src and spec.gitea.image.tag should be updated
. The kind: Gitea custom resource manifest: spec.postgresql.image.src and spec.postgresql.image.tag should be updated
If you intend on using hack/operate.sh it expects you to be in a development environment. Operator installation from this script therefore expects access to the internet. This comes with one extra concern: If kustomize isn't in your path, it tries to download it from the internet and save it locally into a .gitignored folder. If you intend on using hack/operate.sh to install the operator, you should also bring kustomize and place it in the $PATH of the user who will be running the script. Additionally, in order to install the operator with hack/operate.sh you'll need to make the following change:
. hack/operate.conf: IMG should point to the gitea-operator image in your environment
== Adding an additional Certificate Authority trust bundle
The operator can mount an additional trust bundle ConfigMap into the Gitea pod. Create your ConfigMap and set the spec.gitea.trustBundleConfigMap parameter to the name of the ConfigMap. The ConfigMap must be in the
same namespace as the Gitea custom resource.
The CA bundle must be included under a key named ca-bundle.crt within the ConfigMap. The resulting CA bundle will be mounted at /etc/pki/tls/certs/ca-bundle.crt in the Gitea pod.
Example:
apiVersion: redhatgov.io/v1alpha1
kind: Gitea
metadata:
name: gitea-sample
spec:
gitea:
expose:
kind: Ingress
ssl: true
uri: gitea-sample.example.com
image:
pullPolicy: Always
src: quay.io/redhatgov/gitea
tag: latest
trustBundleConfigMap: user-ca-bundle
postgresql:
volumeSize: 1Gi