Secret for .gitconfig in gitserver

[clawoflight]

I found how to provide ssh keys and known_hosts using sshSecret. Is there a corresponding way to provide .gitconfig?

[loujar]

Assuming you have your .gitignore file stored as a config map in your cluster, you should be able to accomplish this by configuring gitserver.extraVolumeMounts and gitserver.extraVolumes like so:

values.yaml override file:

gitserver:
  extraVolumes:
    - name: gitignore
      configMap:
        name: gitignore-cm
  extraVolumeMounts:
    - name: gitignore
      mountPath: /etc/gitconfig

output gitserver.StatefulSet.yaml

apiVersion: apps/v1
kind: StatefulSet
metadata:
  annotations:
    description: Stores clones of repositories to perform Git operations.
  labels:
    helm.sh/chart: sourcegraph-5.2.6
    app.kubernetes.io/name: sourcegraph
    app.kubernetes.io/instance: release-name
    app.kubernetes.io/version: "5.2.6"
    app.kubernetes.io/managed-by: Helm
    deploy: sourcegraph
    app.kubernetes.io/component: gitserver
  name: gitserver
spec:
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app.kubernetes.io/name: sourcegraph
      app.kubernetes.io/instance: release-name
      app: gitserver
  serviceName: gitserver
  template:
    metadata:
      annotations:
        kubectl.kubernetes.io/default-container: gitserver
        checksum/redis: 63b58e05a2640417d599c4aee6d866cb9063e3a9aa452dc08dbfff836b7781b7
      labels:
        app.kubernetes.io/name: sourcegraph
        app.kubernetes.io/instance: release-name
        app: gitserver
        group: backend
        type: gitserver
        deploy: sourcegraph
    spec:
      containers:
      - name: gitserver
        args:
        - run
        image: index.docker.io/sourcegraph/gitserver:5.2.6@sha256:ebda86dea40ff8cc641e457f8a2d6189e8b9291e5aaa10a2bfa91947cb49f5b1
        imagePullPolicy: IfNotPresent
        env:
        - name: REDIS_CACHE_ENDPOINT
          valueFrom:
            secretKeyRef:
              key: endpoint
              name: redis-cache
        - name: REDIS_STORE_ENDPOINT
          valueFrom:
            secretKeyRef:
              key: endpoint
              name: redis-store
        # OTEL_AGENT_HOST must be defined before OTEL_EXPORTER_OTLP_ENDPOINT to substitute the node IP on which the DaemonSet pod instance runs in the latter variable
        - name: OTEL_AGENT_HOST
          valueFrom:
            fieldRef:
              fieldPath: status.hostIP
        - name: OTEL_EXPORTER_OTLP_ENDPOINT
          value: http://$(OTEL_AGENT_HOST):4317
        terminationMessagePolicy: FallbackToLogsOnError
        livenessProbe:
          initialDelaySeconds: 5
          tcpSocket:
            port: rpc
          timeoutSeconds: 5
        ports:
        - containerPort: 3178
          name: rpc
        resources:
          limits:
            cpu: "4"
            memory: 8G
          requests:
            cpu: "4"
            memory: 8G
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          runAsGroup: 101
          runAsUser: 100
        volumeMounts:
        - mountPath: /tmp
          name: tmpdir
        - mountPath: /data/repos
          name: repos
        - mountPath: /etc/gitconfig
          name: gitignore
      securityContext:
        fsGroup: 101
        fsGroupChangePolicy: OnRootMismatch
        runAsGroup: 101
        runAsUser: 100
      nodeSelector:
      affinity:
      tolerations:

      volumes:
      - name: tmpdir
        emptyDir: {}
      - name: repos
      - configMap:
          name: gitignore-cm
        name: gitignore
  updateStrategy:
    type: RollingUpdate
  volumeClaimTemplates:
  - metadata:
      name: repos
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          # The size of disk used to mirror your git repositories.
          # If you change this, also change indexed-search's disk size.
          storage: 200Gi
      storageClassName: sourcegraph