diff --git a/.forgejo/actions/setup-k3s/action.yml b/.forgejo/actions/setup-k3s/action.yml new file mode 100644 index 0000000..4c237b0 --- /dev/null +++ b/.forgejo/actions/setup-k3s/action.yml @@ -0,0 +1,25 @@ +# action.yml +name: setup-k3s +description: 'setup k3s' + +inputs: + version: + description: 'k3s version' + required: true + +runs: + using: 'composite' + steps: + - shell: bash + name: install k3s + run: | + curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=${INPUT_VERSION} K3S_KUBECONFIG_MODE=640 sh -s - server + echo "KUBECONFIG=/etc/rancher/k3s/k3s.yaml" >> $GITHUB_ENV + - shell: bash + name: check k3s + run: kubectl cluster-info + - shell: bash + name: wait for nodes ready + run: | + sleep 3 + kubectl wait --for=condition=Ready nodes --all --timeout=600s diff --git a/.forgejo/actions/setup-node/action.yml b/.forgejo/actions/setup-node/action.yml index 1dd1bbf..5ab39be 100644 --- a/.forgejo/actions/setup-node/action.yml +++ b/.forgejo/actions/setup-node/action.yml @@ -5,11 +5,15 @@ description: 'setup node' runs: using: 'composite' steps: - - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + - name: Setup pnpm + uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 + with: + standalone: true + + - uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0 with: node-version-file: .node-version - # cache: 'npm' - - shell: bash - run: corepack enable + cache: 'pnpm' + - shell: bash run: pnpm install --frozen-lockfile diff --git a/.forgejo/actions/setup/action.yml b/.forgejo/actions/setup/action.yml index 01afeaf..fdc4d23 100644 --- a/.forgejo/actions/setup/action.yml +++ b/.forgejo/actions/setup/action.yml @@ -23,4 +23,5 @@ runs: python3-wheel \ python3-venv \ unzip \ + wget \ ; diff --git a/.forgejo/renovate/k3s.json b/.forgejo/renovate/k3s.json new file mode 100644 index 0000000..edb593d --- /dev/null +++ b/.forgejo/renovate/k3s.json @@ -0,0 +1,57 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "packageRules": [ + { + "description": "Separate minor and patch updates for k3s", + "matchDatasources": ["github-releases"], + "matchPackageNames": ["k3s-io/k3s"], + "separateMultipleMinor": true, + "separateMinorPatch": true, + "branchTopic": "{{{depNameSanitized}}}{{#if isMinor}}-minor{{/if}}-{{{newMajor}}}{{#if isPatch}}.{{{newMinor}}}{{/if}}.x{{#if isLockfileUpdate}}-lockfile{{/if}}", + "commitMessageSuffix": "{{#if isMinor}}(minor){{/if}}{{#if isPatch}}(patch){{/if}}" + }, + { + "description": "No automerge for k3s major and minor updates", + "matchDatasources": ["github-releases"], + "matchPackageNames": ["k3s-io/k3s"], + "matchUpdateTypes": ["major", "minor"], + "automerge": false + }, + { + "description": "Group k3s patch updates", + "matchDatasources": ["github-releases"], + "matchPackageNames": ["k3s-io/k3s"], + "matchUpdateTypes": ["patch"], + "groupName": "k3s" + }, + { + "description": "Disable k3s major and minor updates for old versions", + "matchDatasources": ["github-releases"], + "matchFileNames": [".forgejo/workflows/**"], + "matchPackageNames": ["k3s-io/k3s"], + "matchUpdateTypes": ["major", "minor"], + "matchCurrentValue": "!/^v1.32/", + "enabled": false + } + ], + "customDatasources": { + "k3s": { + "defaultRegistryUrlTemplate": "https://update.k3s.io/v1-release/channels", + "transformTemplates": [ + "($isVersion:=function($name){$contains($name,/^v\\d+.\\d+$/)};{\"releases\":[data[$isVersion(name)].{\"version\":latest}],\"sourceUrl\":\"https://github.com/k3s-io/k3s\",\"homepage\":\"https://k3s.io/\"})" + ] + } + }, + "customManagers": [ + { + "customType": "regex", + "fileMatch": [".forgejo/renovate/k3s.json"], + "matchStrings": [ + "matchCurrentValue\": \"!\\/^v(?\\d+\\.\\d+)\\/" + ], + "depNameTemplate": "k3s", + "versioningTemplate": "npm", + "datasourceTemplate": "custom.k3s" + } + ] +} diff --git a/.forgejo/workflows/build.yml b/.forgejo/workflows/build.yml index 2f476f1..5418491 100644 --- a/.forgejo/workflows/build.yml +++ b/.forgejo/workflows/build.yml @@ -5,19 +5,20 @@ on: push: branches: - main - - release/** + - maint/** tags: - v* + workflow_dispatch: permissions: contents: read env: - HELM_VERSION: v3.14.1 # renovate: datasource=github-releases depName=helm packageName=helm/helm - HELM_UNITTEST_VERSION: v0.4.1 # renovate: datasource=github-releases depName=helm-unittest packageName=helm-unittest/helm-unittest - HELM_CHART_TESTING_VERSION: v3.10.1 # renovate: datasource=github-releases depName=chart-testing packageName=helm/chart-testing - KIND_VERSION: v0.22.0 # renovate: datasource=github-releases depName=kind packageName=kubernetes-sigs/kind - KUBECTL_VERSION: v1.29.2 # renovate: datasource=github-releases depName=kubectl packageName=kubernetes/kubernetes + HELM_VERSION: v3.17.2 # renovate: datasource=github-releases depName=helm packageName=helm/helm + HELM_UNITTEST_VERSION: v0.7.2 # renovate: datasource=github-releases depName=helm-unittest packageName=helm-unittest/helm-unittest + HELM_CHART_TESTING_VERSION: v3.12.0 # renovate: datasource=github-releases depName=chart-testing packageName=helm/chart-testing + KUBECTL_VERSION: v1.32.3 # renovate: datasource=github-releases depName=kubectl packageName=kubernetes/kubernetes + CT_GITHUB_GROUPS: true jobs: lint-node: @@ -25,9 +26,11 @@ jobs: steps: - run: cat /etc/os-release - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: show-progress: false + fetch-depth: 0 # Important for changelog + filter: blob:none # We don't need all blobs - uses: ./.forgejo/actions/setup - uses: ./.forgejo/actions/setup-node @@ -37,6 +40,10 @@ jobs: - run: make readme - run: git diff --exit-code --name-only README.md + - name: changelog + run: | + pnpm changelog ${{ github.ref_type == 'tag' && 'true' || '' }} + lint-helm: runs-on: docker steps: @@ -44,20 +51,21 @@ jobs: - run: ps axf - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: show-progress: false fetch-depth: 0 + filter: blob:none # We don't need all blobs - uses: ./.forgejo/actions/setup - name: install chart-testing - uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1 + uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0 with: version: ${{ env.HELM_CHART_TESTING_VERSION }} - name: install helm - uses: azure/setup-helm@29960d0f5f19214b88e1d9ba750a9914ab0f1a2f # v4.0.0 + uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 with: version: ${{ env.HELM_VERSION }} @@ -73,55 +81,57 @@ jobs: - run: ct lint --config tools/ct.yml --charts . e2e: + needs: + - lint-node + - lint-helm runs-on: k8s strategy: matrix: - k8s: - # from https://hub.docker.com/r/kindest/node/tags - - v1.27.11 # renovate: kindest - - v1.28.7 # renovate: kindest - - v1.29.2 # renovate: kindest + k3s: + # https://github.com/k3s-io/k3s/branches + # oldest supported version + - v1.28.15+k3s1 # renovate: k3s + # https://github.com/k3s-io/k3s/blob/master/channel.yaml#L3-L4 + # stable version + - v1.31.6+k3s1 # renovate: k3s + # newest version + - v1.32.2+k3s1 # renovate: k3s steps: - run: cat /etc/os-release - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: show-progress: false fetch-depth: 0 + filter: blob:none # We don't need all blobs - uses: ./.forgejo/actions/setup - name: install helm - uses: azure/setup-helm@29960d0f5f19214b88e1d9ba750a9914ab0f1a2f # v4.0.0 + uses: azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 with: version: ${{ env.HELM_VERSION }} - name: Install chart-testing - # TODO: pin to version when this is released: https://github.com/helm/chart-testing-action/pull/137 - uses: helm/chart-testing-action@df9dfa7259f5d09615a31c4aae53338e2c621f8f # main + uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0 with: version: ${{ env.HELM_CHART_TESTING_VERSION }} - - uses: ./.forgejo/actions/setup-docker - - - name: Create kind cluster - uses: helm/kind-action@99576bfa6ddf9a8e612d83b513da5a75875caced # v1.9.0 + - uses: ./.forgejo/actions/setup-k3s with: - node_image: kindest/node:${{ matrix.k8s }} - kubectl_version: ${{ env.KUBECTL_VERSION }} - version: ${{ env.KIND_VERSION }} + version: ${{ matrix.k3s }} - run: kubectl get no -o wide - name: install chart - uses: https://github.com/nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 + uses: https://github.com/nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3.0.2 with: timeout_minutes: 15 max_attempts: 3 retry_on: error - retry_wait_seconds: 60 + retry_wait_seconds: 120 polling_interval_seconds: 5 command: ct install --config tools/ct.yml --charts . @@ -159,7 +169,7 @@ jobs: if: ${{ github.ref_type == 'tag' }} steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: show-progress: false fetch-depth: 0 # Important for changelog @@ -169,7 +179,7 @@ jobs: - uses: ./.forgejo/actions/setup-node - name: install helm - uses: https://github.com/azure/setup-helm@29960d0f5f19214b88e1d9ba750a9914ab0f1a2f # v4.0.0 + uses: https://github.com/azure/setup-helm@b9e51907a09c216f16ebe8536097933489208112 # v4.3.0 with: version: ${{ env.HELM_VERSION }} @@ -180,6 +190,7 @@ jobs: run: | echo ${CODEBERG_TOKEN} | helm registry login -u viceice --password-stdin codeberg.org/forgejo-contrib echo ${FORGEJO_TOKEN} | helm registry login -u viceice --password-stdin code.forgejo.org/forgejo-contrib + echo ${FORGEJO_TOKEN} | helm registry login -u viceice --password-stdin code.forgejo.org/forgejo-helm env: CODEBERG_TOKEN: ${{secrets.API_TOKEN}} FORGEJO_TOKEN: ${{secrets.FORGEJO_API_TOKEN}} @@ -188,6 +199,7 @@ jobs: run: | helm push tmp/forgejo-${GITHUB_REF_NAME#v}.tgz oci://codeberg.org/forgejo-contrib helm push tmp/forgejo-${GITHUB_REF_NAME#v}.tgz oci://code.forgejo.org/forgejo-contrib + helm push tmp/forgejo-${GITHUB_REF_NAME#v}.tgz oci://code.forgejo.org/forgejo-helm - name: publish forgejo release run: pnpm forgejo:release diff --git a/.forgejo/workflows/mirror.yml b/.forgejo/workflows/mirror.yml new file mode 100644 index 0000000..0e7c901 --- /dev/null +++ b/.forgejo/workflows/mirror.yml @@ -0,0 +1,26 @@ +on: + schedule: + - cron: '@hourly' + + push: + branches: + - 'main' + + workflow_dispatch: + +jobs: + mirror: + runs-on: docker + steps: + - name: git mirror branches {main,maint/*] & tags + run: | + git init --bare . + git remote add origin https://code.forgejo.org/${{ env.GITHUB_REPOSITORY }} + git fetch origin refs/heads/main:refs/mirror/main --tags + git ls-remote origin refs/heads/main/* | while read sha full_ref ; do + ref=${full_ref#refs/heads/} + git fetch origin $full_ref:refs/mirror/$ref + done + git push --force https://any:$CODEBERG_TOKEN@codeberg.org/forgejo-contrib/forgejo-helm refs/mirror/*:refs/heads/* --tags + env: + CODEBERG_TOKEN: ${{secrets.CODEBERG_TOKEN}} diff --git a/.node-version b/.node-version index 2dbbe00..7d41c73 100644 --- a/.node-version +++ b/.node-version @@ -1 +1 @@ -20.11.1 +22.14.0 diff --git a/.vscode/settings.json b/.vscode/settings.json index 676da63..da15f96 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -4,7 +4,7 @@ ".github/workflows/*", ".forgejo/workflows/*" ], - "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.4.1/schema/helm-testsuite.json": [ + "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v0.7.2/schema/helm-testsuite.json": [ "/unittests/**/*.yaml" ] }, diff --git a/Chart.lock b/Chart.lock index aadfc1e..bff1098 100644 --- a/Chart.lock +++ b/Chart.lock @@ -1,12 +1,18 @@ dependencies: +- name: common + repository: oci://ghcr.io/visualon/bitnamicharts + version: 2.30.0 - name: postgresql - repository: oci://registry-1.docker.io/bitnamicharts - version: 14.0.5 + repository: oci://ghcr.io/visualon/bitnamicharts + version: 16.5.6 - name: postgresql-ha - repository: oci://registry-1.docker.io/bitnamicharts - version: 13.4.1 + repository: oci://ghcr.io/visualon/bitnamicharts + version: 15.3.8 - name: redis-cluster - repository: oci://registry-1.docker.io/bitnamicharts - version: 9.5.2 -digest: sha256:5206dfb90fc77799f1bd8650739e24d618b7366b5a63280fb2d26671100c2e2e -generated: "2024-02-20T18:31:02.038876147Z" + repository: oci://ghcr.io/visualon/bitnamicharts + version: 11.4.6 +- name: redis + repository: oci://ghcr.io/visualon/bitnamicharts + version: 20.11.4 +digest: sha256:a9c9f0779663336dd22ca4896f22bb64427e28f20aa567aee2f18474f8e31a23 +generated: "2025-03-26T15:31:33.532188569Z" diff --git a/Chart.yaml b/Chart.yaml index ab7daad..8218677 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -3,8 +3,8 @@ name: forgejo description: Forgejo Helm chart for Kubernetes type: application version: 0.0.0 -appVersion: 1.21.5-0 -icon: https://design.codeberg.org/logo-kit/icon.svg +appVersion: 10.0.3 +icon: https://code.forgejo.org/forgejo/forgejo/raw/branch/forgejo/assets/logo.svg home: https://forgejo.org/ keywords: @@ -16,28 +16,41 @@ keywords: - gitea - gogs sources: - - https://codeberg.org/forgejo-contrib/forgejo-helm + - https://code.forgejo.org/forgejo-helm/forgejo-helm - https://codeberg.org/forgejo/forgejo maintainers: - name: Michael Kriese email: michael.kriese@visualon.de -# Bitnami charts are served from Docker Hub +# Bitnami charts are served from ghcr mirror because of rate limiting on Docker Hub # https://hub.docker.com/u/bitnamicharts # https://blog.bitnami.com/2023/01/bitnami-helm-charts-available-as-oci.html +# https://github.com/bitnami/charts/issues/30853 +# https://code.forgejo.org/forgejo-helm/forgejo-helm/issues/1045 dependencies: + # https://github.com/bitnami/charts/blob/main/bitnami/common/Chart.yaml + - name: common + repository: oci://ghcr.io/visualon/bitnamicharts + tags: + - bitnami-common + version: 2.30.0 # https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml - name: postgresql - repository: oci://registry-1.docker.io/bitnamicharts - version: 14.0.5 + repository: oci://ghcr.io/visualon/bitnamicharts + version: 16.5.6 condition: postgresql.enabled # https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml - name: postgresql-ha - repository: oci://registry-1.docker.io/bitnamicharts - version: 13.4.1 + repository: oci://ghcr.io/visualon/bitnamicharts + version: 15.3.8 condition: postgresql-ha.enabled # https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml - name: redis-cluster - repository: oci://registry-1.docker.io/bitnamicharts - version: 9.5.2 + repository: oci://ghcr.io/visualon/bitnamicharts + version: 11.4.6 condition: redis-cluster.enabled + # https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml + - name: redis + repository: oci://ghcr.io/visualon/bitnamicharts + version: 20.11.4 + condition: redis.enabled diff --git a/LICENSE b/LICENSE index bbf54de..b073755 100644 --- a/LICENSE +++ b/LICENSE @@ -1,5 +1,6 @@ MIT License +Copyright (c) 2023 The Forgejo Authors Copyright (c) 2020 The Gitea Authors Copyright (c) 2020 NOVUM-RGI Copyright (c) 2019 - 2020 Charlie Drage diff --git a/Makefile b/Makefile index 8354304..dd97d84 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,7 @@ readme: prepare-environment .PHONY: unittests unittests: - helm unittest --strict -f 'unittests/**/*.yaml' -f 'unittests/dependency-major-image-check.yaml' ./ + helm unittest --strict -f 'unittests/**/*.yaml' ./ .PHONY: helm update-helm-dependencies: diff --git a/README.md b/README.md index 80a4a9a..8a448fa 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,11 @@ # Forgejo Helm Chart -[![status-badge](https://ci.dachary.org/api/badges/forgejo-contrib/forgejo-helm/status.svg)](https://ci.dachary.org/forgejo-contrib/forgejo-helm) - - [Introduction](#introduction) - [Update and versioning policy](#update-and-versioning-policy) - [Dependencies](#dependencies) + - [HA Dependencies](#ha-dependencies) + - [Non-HA Dependencies](#non-ha-dependencies) + - [Dependency Versioning](#dependency-versioning) - [Installing](#installing) - [High Availability](#high-availability) - [Configuration](#configuration) @@ -13,12 +14,12 @@ - [Server defaults](#server-defaults) - [Metrics defaults](#metrics-defaults) - [Rootless Defaults](#rootless-defaults) + - [Session, Cache and Queue](#session-cache-and-queue) - [Single-Pod Configurations](#single-pod-configurations) - [Additional _app.ini_ settings](#additional-appini-settings) - [User defined environment variables in app.ini](#user-defined-environment-variables-in-appini) - [External Database](#external-database) - [Ports and external url](#ports-and-external-url) - - [ClusterIP](#clusterip) - [SSH and Ingress](#ssh-and-ingress) - [SSH on crio based kubernetes cluster](#ssh-on-crio-based-kubernetes-cluster) - [Cache](#cache) @@ -44,29 +45,37 @@ - [Init](#init) - [Signing](#signing) - [Gitea](#gitea) + - [`app.ini` overrides](#appini-overrides) - [LivenessProbe](#livenessprobe) - [ReadinessProbe](#readinessprobe) - [StartupProbe](#startupprobe) - - [redis-cluster](#redis-cluster) - - [PostgreSQL-ha](#postgresql-ha) + - [Redis® Cluster](#redis-cluster) + - [Redis®](#redis) + - [PostgreSQL HA](#postgresql-ha) - [PostgreSQL](#postgresql) - [Advanced](#advanced) - [Contributing](#contributing) - [Upgrading](#upgrading) + - [To v11](#to-v11) + - [To v10](#to-v10) + - [To v9](#to-v9) + - [To v8](#to-v8) + - [To v7](#to-v7) + - [To v6](#to-v6) [Forgejo](https://forgejo.org/) is a community managed lightweight code hosting solution written in Go. It is published under the MIT license. ## Introduction -This helm chart is based on official [Gitea helm chart](https://gitea.com/gitea/helm-chart). +This Helm chart is based on the [Gitea chart](https://gitea.com/gitea/helm-chart). Yet it takes a completely different approach in providing a database and cache with dependencies. Additionally, this chart allows to provide LDAP and admin user configuration with values. ## Update and versioning policy The Forgejo helm chart versioning does not follow Forgejo's versioning. -The latest chart version can be looked up in or in the [repository releases](https://codeberg.org/forgejo-contrib/forgejo-helm/releases). +The latest chart version can be looked up in or in the [repository releases](https://code.forgejo.org/forgejo-helm/forgejo-helm/releases). The chart aims to follow Forgejo's releases closely. There might be times when the chart is behind the latest Forgejo release. @@ -81,21 +90,51 @@ Yet most often no issues will be encountered and the chart maintainers aim to co Forgejo can be run with an external database and cache. This chart provides those dependencies, which can be enabled, or disabled via configuration. -Dependencies: +### HA Dependencies -- PostgreSQL HA ([configuration](#postgresql)) -- Redis Cluster ([configuration](#cache)) +These dependencies are enabled by default: + +- PostgreSQL HA ([Bitnami PostgreSQL-HA](https://github.com/bitnami/charts/blob/main/bitnami/postgresql-ha/Chart.yaml)) +- Redis-Cluster ([Bitnami Redis-Cluster](https://github.com/bitnami/charts/blob/main/bitnami/redis-cluster/Chart.yaml)) + +### Non-HA Dependencies + +Alternatively, the following non-HA replacements are available: + +- PostgreSQL ([Bitnami PostgreSQL](https://github.com/bitnami/charts/blob/main/bitnami/postgresql/Chart.yaml)) +- Redis ([Bitnami Redis](https://github.com/bitnami/charts/blob/main/bitnami/redis/Chart.yaml)) + +### Dependency Versioning + +Updates of sub-charts will be incorporated into the Gitea chart as they are released. +The reasoning behind this is that new users of the chart will start with the most recent sub-chart dependency versions. + +**Note** If you want to stay on an older appVersion of a sub-chart dependency (e.g. PostgreSQL), you need to override the image tag in your `values.yaml` file. +In fact, we recommend to do so right from the start to be independent of major sub-chart dependency changes as they are released. +There is no need to update to every new PostgreSQL major version - you can happily skip some and do larger updates when you are ready for them. + +We recommend to use a rolling tag like `:-debian-` to incorporate minor and patch updates for the respective major version as they are released. +Alternatively you can also use a versioning helper tool like [renovate](https://github.com/renovatebot/renovate). + +Please double-check the image repository and available tags in the sub-chart: + +- [PostgreSQL-HA](https://hub.docker.com/r/bitnami/postgresql-repmgr/tags) +- [PostgreSQL](https://hub.docker.com/r/bitnami/postgresql/tags) +- [Redis Cluster](https://hub.docker.com/r/bitnami/redis-cluster/tags) +- [Redis](https://hub.docker.com/r/bitnami/redis/tags) + +and look up the image tag which fits your needs on Dockerhub. ## Installing ```sh -helm install forgejo oci://codeberg.org/forgejo-contrib/forgejo +helm install forgejo oci://code.forgejo.org/forgejo-helm/forgejo ``` In case you want to supply values, you can reference a `values.yaml` file: ```sh -helm install forgejo -f values.yaml oci://codeberg.org/forgejo-contrib/forgejo +helm install forgejo -f values.yaml oci://code.forgejo.org/forgejo-helm/forgejo ``` When upgrading, please refer to the [Upgrading](#upgrading) section at the bottom of this document for major and breaking changes. @@ -111,14 +150,23 @@ See the [HA Setup](docs/ha-setup.md) document for more details. ## Configuration Forgejo offers lots of configuration options. -This is fully described in the [Gitea Cheat Sheet](https://docs.gitea.com/administration/config-cheat-sheet). +Every value described in the [Cheat Sheet](https://forgejo.org/docs/latest/admin/config-cheat-sheet/) can be set as a Helm value. +Configuration sections map to (lowercased) YAML blocks, while the keys themselves remain in all caps. ```yaml gitea: config: - APP_NAME: 'Forgejo: With a cup of tea.' + # values in the DEFAULT section + # (https://forgejo.org/docs/latest/admin/config-cheat-sheet/#overall-default) + # are un-namespaced + # + APP_NAME: 'Forgejo: Git with a cup of tea' + # + # https://forgejo.org/docs/latest/admin/config-cheat-sheet/#repository-repository repository: ROOT: '~/gitea-repositories' + # + # https://forgejo.org/docs/latest/admin/config-cheat-sheet/#repository---pull-request-repositorypull-request repository.pull-request: WORK_IN_PROGRESS_PREFIXES: 'WIP:,[WIP]:' ``` @@ -128,14 +176,14 @@ gitea: This chart will set a few defaults in the Forgejo configuration based on the service and ingress settings. All defaults can be overwritten in `gitea.config`. -INSTALL_LOCK is always set to true, since we want to configure Forgejo with this helm chart and everything is taken care of. +INSTALL_LOCK is always set to true because the configuration in this helm chart makes any configuration via installer superfluous. _All default settings are made directly in the generated `app.ini`, not in the Values._ #### Database defaults -If a builtIn database is enabled the database configuration is set automatically. -For example, PostgreSQL builtIn will appear in the `app.ini` as: +If a database subchart is enabled, the database configuration is set automatically. +For example, PostgreSQL will appear in the `app.ini` as: ```ini [database] @@ -194,11 +242,21 @@ If `.Values.image.rootless: true`, then the following will occur. In case you us [see deployment.yaml](./templates/gitea/deployment.yaml) template inside container "env" declarations +#### Session, Cache and Queue + +The session, cache and queue settings are set to use the built-in Redis Cluster sub-chart dependency. +If Redis Cluster is disabled, the chart will fall back to the Gitea defaults which use "memory" for `session` and `cache` and "level" for `queue`. + +While these will work and even not cause immediate issues after startup, **they are not recommended for production use**. +Reasons being that a single pod will take on all the work for `session` and `cache` tasks in its available memory. +It is likely that the pod will run out of memory or will face substantial memory spikes, depending on the workload. +External tools such as `redis-cluster` or `memcached` handle these workloads much better. + ### Single-Pod Configurations If HA is not needed/desired, the following configurations can be used to deploy a single-pod Forgejo instance. -1. For a production-ready single-pod Forgejo instance without external dependencies (using the chart dependency `postgresql`): +1. For a production-ready single-pod Forgejo instance without external dependencies (using the chart dependency `postgresql` and `redis`):
@@ -207,6 +265,8 @@ If HA is not needed/desired, the following configurations can be used to deploy ```yaml redis-cluster: enabled: false + redis: + enabled: true postgresql: enabled: true postgresql-ha: @@ -219,12 +279,6 @@ If HA is not needed/desired, the following configurations can be used to deploy config: database: DB_TYPE: postgres - session: - PROVIDER: db - cache: - ADAPTER: memory - queue: - TYPE: level indexer: ISSUE_INDEXER_TYPE: bleve REPO_INDEXER_ENABLED: true @@ -244,6 +298,8 @@ If HA is not needed/desired, the following configurations can be used to deploy ```yaml redis-cluster: enabled: false + redis: + enabled: false postgresql: enabled: false postgresql-ha: @@ -268,7 +324,7 @@ If HA is not needed/desired, the following configurations can be used to deploy ### Additional _app.ini_ settings -> **The [generic](https://docs.gitea.com/administration/config-cheat-sheet#overall-default) +> **The [generic](https://forgejo.org/docs/latest/admin/config-cheat-sheet/#overall-default) > section cannot be defined that way.** Some settings inside _app.ini_ (like passwords or whole authentication configurations) must be considered sensitive and therefore should not be passed via plain text inside the _values.yaml_ file. @@ -325,7 +381,7 @@ stringData: #### User defined environment variables in app.ini Users are able to define their own environment variables, which are loaded into the containers. -We also support to directly interact with the generated _app.ini_. +We also support interacting directly with the generated _app.ini_. To inject self defined variables into the _app.ini_ a certain format needs to be honored. This is described in detail on the [env-to-ini](https://github.com/go-gitea/gitea/tree/main/contrib/environment-to-ini) page. @@ -336,9 +392,10 @@ For example a database setting needs to have the following format: ```yaml gitea: + config: + database: + HOST: my.own.host additionalConfigFromEnvs: - - name: FORGEJO__DATABASE__HOST - value: my.own.host - name: FORGEJO__DATABASE__PASSWD valueFrom: secretKeyRef: @@ -355,7 +412,7 @@ Priority (highest to lowest) for defining app.ini variables: ### External Database -Any external database listed in [https://docs.gitea.com/installation/database-prep](https://docs.gitea.com/installation/database-prep) can be used instead of the built-in PostgreSQL. +A [supported external database](https://forgejo.org/docs/latest/admin/config-cheat-sheet/#database-database/)can be used instead of the built-in PostgreSQL. In fact, it is **highly recommended** to use an external database to ensure a stable Forgejo installation longterm. If an external database is used, no matter which type, make sure to set `postgresql.enabled` to `false` to disable the use of the built-in PostgreSQL. @@ -364,7 +421,7 @@ If an external database is used, no matter which type, make sure to set `postgre gitea: config: database: - DB_TYPE: mysql + DB_TYPE: mysql # supported values are mysql, postgres, mssql, sqlite3 HOST: NAME: gitea USER: root @@ -392,23 +449,6 @@ This helm chart automatically configures the clone urls to use the correct ports You can change these ports by hand using the `gitea.config` dict. However you should know what you're doing. -### ClusterIP - -By default the `clusterIP` will be set to `None`, which is the default for headless services. -However if you want to omit the clusterIP field in the service, use the following values: - -```yaml -service: - http: - type: ClusterIP - port: 3000 - clusterIP: - ssh: - type: ClusterIP - port: 22 - clusterIP: -``` - ### SSH and Ingress If you're using ingress and want to use SSH, keep in mind, that ingress is not able to forward SSH Ports. @@ -418,7 +458,7 @@ You will need a LoadBalancer like `metallb` and a setting in your ssh service an service: ssh: annotations: - metallb.universe.tf/allow-shared-ip: test + metallb.io/allow-shared-ip: test ``` ### SSH on crio based kubernetes cluster @@ -491,8 +531,6 @@ postgresql: This chart enables you to create a default admin user. It is also possible to update the password for this user by upgrading or redeploying the chart. -It is not possible to delete an admin user after it has been created. -This has to be done in the ui. You cannot use `admin` as username. ```yaml @@ -522,10 +560,26 @@ gitea: existingSecret: gitea-admin-secret ``` +To delete the admin user, set `username` or `password` to an empty value and delete the user in the UI. + +Whether you use the existing Secret or specify a username and password directly, there are three modes for how the admin user password is created or set. + +- `keepUpdated` (the default) will set the admin user password, and reset it to the defined value every time the pod is recreated. +- `initialOnlyNoReset` will set the admin user password when creating it, but never try to update the password. +- `initialOnlyRequireReset` will set the admin user password when creating it, never update it, and require that the password be changed at the initial login. + +These modes can be set like the following: + +```yaml +gitea: + admin: + passwordMode: initialOnlyRequireReset +``` + ### LDAP Settings Like the admin user the LDAP settings can be updated. -All LDAP values from are available. +All LDAP values from are available. Multiple LDAP sources can be configured with additional LDAP list items. @@ -578,9 +632,8 @@ Affected options: ### OAuth2 Settings Like the admin user, OAuth2 settings can be updated and disabled but not deleted. -Deleting OAuth2 settings has to be done in the ui. -All OAuth2 values, which are documented [here](https://docs.gitea.com/administration/command-line#admin), are -available. +Deleting OAuth2 settings has to be done in the UI. +[All OAuth2 values](https://forgejo.org/docs/latest/admin/command-line/#admin-auth-add-oauth) are available. Multiple OAuth2 sources can be configured with additional OAuth list items. @@ -619,14 +672,29 @@ gitea: existingSecret: gitea-oauth-secret ``` +### Compatibility with OCP (OKD or OpenShift) + +Normally OCP is automatically detected and the compatibility mode set accordingly. To enforce the OCP compatibility mode use the following configuration: + +```yaml +global: + compatibility: + openshift: + adaptSecurityContext: force +``` + +An OCP route to access Forgejo can be enabled with the following config: + +```yaml +route: + enabled: true +``` + ## Configure commit signing -When using the rootless image the gpg key folder is not persistent by default. -If you consider using signed commits for internal Forgejo activities (e.g. initial commit), you'd need to provide a signing key. -Prior to [PR186](https://gitea.com/gitea/helm-chart/pulls/186), imported keys had to be re-imported once the container got replaced by another. - -The mentioned PR introduced a new configuration object `signing` allowing you to configure prerequisites for commit signing. -By default this section is disabled to maintain backwards compatibility. +When using the rootless image, the GPG key folder is not persistent by default. +If you want commits by Forgejo (e.g. initial commit) to be signed, +you need to provide a signing key: ```yaml signing: @@ -634,8 +702,10 @@ signing: gpgHome: /data/git/.gnupg ``` -Regardless of the used container image the `signing` object allows to specify a private gpg key. -Either using the `signing.privateKey` to define the key inline, or refer to an existing secret containing the key data by using `signing.existingSecret`. +By default this section is disabled to maintain backwards compatibility. + +Regardless of the used container image the `signing` object allows to specify a private GPG key. +Either using the `signing.privateKey` to define the key inline, or referring to an existing secret containing the key data with `signing.existingSecret`. ```yaml apiVersion: v1 @@ -655,8 +725,8 @@ signing: existingSecret: custom-gitea-gpg-key ``` -To use the gpg key, Forgejo needs to be configured accordingly. -A detailed description can be found in the [official Gitea documentation](https://docs.gitea.com/administration/signing#general-configuration). +To use the GPG key, Forgejo needs to be configured accordingly. +A detailed description can be found in the [documentation](https://forgejo.org/docs/latest/admin/signing/#general-configuration). ## Metrics and profiling @@ -761,7 +831,7 @@ Here's an examplary `values.yml` definition which makes use of a digest: ```yaml image: - registry: codeberg.org + registry: code.forgejo.org repository: forgejo/forgejo tag: 1.20.2-0 digest: sha256:f597c14a403c2fdee9a62dae8bae29d6442f7b2cc85872cc9bb535a24cb1630e @@ -778,7 +848,7 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus "fileMatch": ["values\\.ya?ml"], "matchStrings": ["(?forgejo\\/forgejo)\\n(?\\s+)tag: (?[^@].*?)\\n\\s+digest: (?sha256:[a-f0-9]+)"], "datasourceTemplate": "docker", - "packageNameTemplate": "codeberg.org/{{depName}}", + "packageNameTemplate": "code.forgejo.org/{{depName}}", "autoReplaceStringTemplate": "{{depName}}\n{{indentation}}tag: {{newValue}}\n{{indentation}}digest: {{#if newDigest}}{{{newDigest}}}{{else}}{{{currentDigest}}}{{/if}}" } ] @@ -794,6 +864,7 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus | `global.imagePullSecrets` | global image pull secrets override; can be extended by `imagePullSecrets` | `[]` | | `global.storageClass` | global storage class override | `""` | | `global.hostAliases` | global hostAliases which will be added to the pod's hosts files | `[]` | +| `namespaceOverride` | String to fully override common.names.namespace | `""` | | `replicaCount` | number of replicas for the deployment | `1` | ### strategy @@ -807,16 +878,16 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus ### Image -| Name | Description | Value | -| -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------- | -| `image.registry` | image registry, e.g. gcr.io,docker.io | `codeberg.org` | -| `image.repository` | Image to start for this pod | `forgejo/forgejo` | -| `image.tag` | Visit: [Image tag](https://codeberg.org/forgejo/-/packages/container/forgejo/versions). Defaults to `appVersion` within Chart.yaml. | `""` | -| `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | -| `image.pullPolicy` | Image pull policy | `IfNotPresent` | -| `image.rootless` | Wether or not to pull the rootless version of Forgejo | `true` | -| `image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** | `""` | -| `imagePullSecrets` | Secret to use for pulling the image | `[]` | +| Name | Description | Value | +| -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | +| `image.registry` | image registry, e.g. gcr.io,docker.io | `code.forgejo.org` | +| `image.repository` | Image to start for this pod | `forgejo/forgejo` | +| `image.tag` | Visit: [Image tag](https://code.forgejo.org/forgejo/-/packages/container/forgejo/versions). Defaults to `appVersion` within Chart.yaml. | `""` | +| `image.digest` | Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` | `""` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `image.rootless` | Wether or not to pull the rootless version of Forgejo | `true` | +| `image.fullOverride` | Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** | `""` | +| `imagePullSecrets` | Secret to use for pulling the image | `[]` | ### Security @@ -833,7 +904,7 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus | --------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | | `service.http.type` | Kubernetes service type for web traffic | `ClusterIP` | | `service.http.port` | Port number for web traffic | `3000` | -| `service.http.clusterIP` | ClusterIP setting for http autosetup for deployment is None | `None` | +| `service.http.clusterIP` | ClusterIP setting for http autosetup for deployment | `nil` | | `service.http.loadBalancerIP` | LoadBalancer IP setting | `nil` | | `service.http.nodePort` | NodePort for http service | `nil` | | `service.http.externalTrafficPolicy` | If `service.http.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation | `nil` | @@ -842,9 +913,11 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus | `service.http.ipFamilies` | HTTP service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/). | `nil` | | `service.http.loadBalancerSourceRanges` | Source range filter for http loadbalancer | `[]` | | `service.http.annotations` | HTTP service annotations | `{}` | +| `service.http.labels` | HTTP service additional labels | `{}` | +| `service.http.loadBalancerClass` | Loadbalancer class | `nil` | | `service.ssh.type` | Kubernetes service type for ssh traffic | `ClusterIP` | | `service.ssh.port` | Port number for ssh traffic | `22` | -| `service.ssh.clusterIP` | ClusterIP setting for ssh autosetup for deployment is None | `None` | +| `service.ssh.clusterIP` | ClusterIP setting for ssh autosetup for deployment | `nil` | | `service.ssh.loadBalancerIP` | LoadBalancer IP setting | `nil` | | `service.ssh.nodePort` | NodePort for ssh service | `nil` | | `service.ssh.externalTrafficPolicy` | If `service.ssh.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation | `nil` | @@ -854,19 +927,36 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus | `service.ssh.hostPort` | HostPort for ssh service | `nil` | | `service.ssh.loadBalancerSourceRanges` | Source range filter for ssh loadbalancer | `[]` | | `service.ssh.annotations` | SSH service annotations | `{}` | +| `service.ssh.labels` | SSH service additional labels | `{}` | +| `service.ssh.loadBalancerClass` | Loadbalancer class | `nil` | ### Ingress -| Name | Description | Value | -| ------------------------------------ | --------------------------------------------------------------------------- | ----------------- | -| `ingress.enabled` | Enable ingress | `false` | -| `ingress.className` | Ingress class name | `nil` | -| `ingress.annotations` | Ingress annotations | `{}` | -| `ingress.hosts[0].host` | Default Ingress host | `git.example.com` | -| `ingress.hosts[0].paths[0].path` | Default Ingress path | `/` | -| `ingress.hosts[0].paths[0].pathType` | Ingress path type | `Prefix` | -| `ingress.tls` | Ingress tls settings | `[]` | -| `ingress.apiVersion` | Specify APIVersion of ingress object. Mostly would only be used for argocd. | | +| Name | Description | Value | +| ------------------------------------ | -------------------- | ----------------- | +| `ingress.enabled` | Enable ingress | `false` | +| `ingress.className` | Ingress class name | `nil` | +| `ingress.annotations` | Ingress annotations | `{}` | +| `ingress.hosts[0].host` | Default Ingress host | `git.example.com` | +| `ingress.hosts[0].paths[0].path` | Default Ingress path | `/` | +| `ingress.hosts[0].paths[0].pathType` | Ingress path type | `Prefix` | +| `ingress.tls` | Ingress tls settings | `[]` | + +### Route + +| Name | Description | Value | +| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | +| `route.enabled` | Enable route | `false` | +| `route.annotations` | Route annotations | `{}` | +| `route.host` | Host to use for the route (will be assigned automatically by OKD / OpenShift is not defined) | `nil` | +| `route.wildcardPolicy` | Wildcard policy if any for the route, currently only 'Subdomain' or 'None' is allowed. | `nil` | +| `route.tls.termination` | termination type (see [OKD documentation](https://docs.okd.io/latest/rest_api/network_apis/route-route-openshift-io-v1.html#spec-tls)) | `edge` | +| `route.tls.insecureEdgeTerminationPolicy` | the desired behavior for insecure connections to a route (e.g. with http) | `Redirect` | +| `route.tls.existingSecret` | the name of a predefined secret of type kubernetes.io/tls with both key (tls.crt and tls.key) set accordingly (if defined attributes 'certificate', 'caCertificate' and 'privateKey' are ignored) | `nil` | +| `route.tls.certificate` | PEM encoded single certificate | `nil` | +| `route.tls.privateKey` | PEM encoded private key | `nil` | +| `route.tls.caCertificate` | PEM encoded CA certificate or chain that issued the certificate | `nil` | +| `route.tls.destinationCACertificate` | PEM encoded CA certificate used to verify the authenticity of final end point when 'termination' is set to 'passthrough' (ignored otherwise) | `nil` | ### deployment @@ -931,27 +1021,83 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus | ------------------------ | ----------------------------------------------------------------- | ------------------ | | `signing.enabled` | Enable commit/action signing | `false` | | `signing.gpgHome` | GPG home directory | `/data/git/.gnupg` | -| `signing.privateKey` | Inline private gpg key for signed Forgejo actions | `""` | +| `signing.privateKey` | Inline private GPG key for signed internal Git activity | `""` | | `signing.existingSecret` | Use an existing secret to store the value of `signing.privateKey` | `""` | ### Gitea -| Name | Description | Value | -| -------------------------------------- | --------------------------------------------------------------------------- | -------------------- | -| `gitea.admin.username` | Username for the Forgejo admin user | `gitea_admin` | -| `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` | -| `gitea.admin.password` | Password for the Forgejo admin user | `r8sA8CPHD9!bt6d` | -| `gitea.admin.email` | Email for the Forgejo admin user | `gitea@local.domain` | -| `gitea.metrics.enabled` | Enable Forgejo metrics | `false` | -| `gitea.metrics.serviceMonitor.enabled` | Enable Forgejo metrics service monitor | `false` | -| `gitea.ldap` | LDAP configuration | `[]` | -| `gitea.oauth` | OAuth configuration | `[]` | -| `gitea.config.server.SSH_PORT` | SSH port for rootlful Forgejo image | `22` | -| `gitea.config.server.SSH_LISTEN_PORT` | SSH port for rootless Forgejo image | `2222` | -| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` | -| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` | -| `gitea.podAnnotations` | Annotations for the Forgejo pod | `{}` | -| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Forgejo image. | `INFO` | +| Name | Description | Value | +| ---------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | -------------------- | +| `gitea.admin.username` | Username for the Forgejo admin user | `gitea_admin` | +| `gitea.admin.existingSecret` | Use an existing secret to store admin user credentials | `nil` | +| `gitea.admin.password` | Password for the Forgejo admin user | `r8sA8CPHD9!bt6d` | +| `gitea.admin.email` | Email for the Forgejo admin user | `gitea@local.domain` | +| `gitea.admin.passwordMode` | Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated | `keepUpdated` | +| `gitea.metrics.enabled` | Enable Forgejo metrics | `false` | +| `gitea.metrics.serviceMonitor.enabled` | Enable Forgejo metrics service monitor | `false` | +| `gitea.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `gitea.ldap` | LDAP configuration | `[]` | +| `gitea.oauth` | OAuth configuration | `[]` | +| `gitea.additionalConfigSources` | Additional configuration from secret or configmap | `[]` | +| `gitea.additionalConfigFromEnvs` | Additional configuration sources from environment variables | `[]` | +| `gitea.podAnnotations` | Annotations for the Forgejo pod | `{}` | +| `gitea.ssh.logLevel` | Configure OpenSSH's log level. Only available for root-based Forgejo image. | `INFO` | + +### `app.ini` overrides + +Every value described in the [Cheat +Sheet](https://forgejo.org/docs/latest/admin/config-cheat-sheet/) can be +set as a Helm value. Configuration sections map to (lowercased) YAML +blocks, while the keys themselves remain in all caps. + +| Name | Description | Value | +| ------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| `gitea.config.APP_NAME` | Application name, used in the page title | `Forgejo: Beyond coding. We forge.` | +| `gitea.config.RUN_MODE` | Application run mode, affects performance and debugging: `dev` or `prod` | `prod` | +| `gitea.config.repository` | General repository settings | `{}` | +| `gitea.config.cors` | Cross-origin resource sharing settings | `{}` | +| `gitea.config.ui` | User interface settings | `{}` | +| `gitea.config.markdown` | Markdown parser settings | `{}` | +| `gitea.config.server` | General server settings | `{}` | +| `gitea.config.database` | Database configuration (only necessary with an [externally managed DB](https://code.forgejo.org/forgejo-helm/forgejo-helm#external-database)). | `{}` | +| `gitea.config.indexer` | Settings for what content is indexed and how | `{}` | +| `gitea.config.queue` | Job queue configuration | `{}` | +| `gitea.config.admin` | Admin user settings | `{}` | +| `gitea.config.security` | Site security settings | `{}` | +| `gitea.config.camo` | Settings for the [camo](https://github.com/cactus/go-camo) media proxy server (disabled by default) | `{}` | +| `gitea.config.openid` | Configuration for authentication with OpenID (disabled by default) | `{}` | +| `gitea.config.oauth2_client` | OAuth2 client settings | `{}` | +| `gitea.config.service` | Configuration for miscellaneous Forgejo services | `{}` | +| `gitea.config.ssh.minimum_key_sizes` | SSH minimum key sizes | `{}` | +| `gitea.config.webhook` | Webhook settings | `{}` | +| `gitea.config.mailer` | Mailer configuration (disabled by default) | `{}` | +| `gitea.config.email.incoming` | Configuration for handling incoming mail (disabled by default) | `{}` | +| `gitea.config.cache` | Cache configuration | `{}` | +| `gitea.config.session` | Session/cookie handling | `{}` | +| `gitea.config.picture` | User avatar settings | `{}` | +| `gitea.config.project` | Project board defaults | `{}` | +| `gitea.config.attachment` | Issue and PR attachment configuration | `{}` | +| `gitea.config.log` | Logging configuration | `{}` | +| `gitea.config.cron` | Cron job configuration | `{}` | +| `gitea.config.git` | Global settings for Git | `{}` | +| `gitea.config.metrics` | Settings for the Prometheus endpoint (disabled by default) | `{}` | +| `gitea.config.api` | Settings for the Swagger API documentation endpoints | `{}` | +| `gitea.config.oauth2` | Settings for the [OAuth2 provider](https://forgejo.org/docs/latest/admin/oauth2-provider/) | `{}` | +| `gitea.config.i18n` | Internationalization settings | `{}` | +| `gitea.config.markup` | Configuration for advanced markup processors | `{}` | +| `gitea.config.highlight.mapping` | File extension to language mapping overrides for syntax highlighting | `{}` | +| `gitea.config.time` | Locale settings | `{}` | +| `gitea.config.migrations` | Settings for Git repository migrations | `{}` | +| `gitea.config.federation` | Federation configuration | `{}` | +| `gitea.config.packages` | Package registry settings | `{}` | +| `gitea.config.mirror` | Configuration for repository mirroring | `{}` | +| `gitea.config.lfs` | Large File Storage configuration | `{}` | +| `gitea.config.repo-avatar` | Repository avatar storage configuration | `{}` | +| `gitea.config.avatar` | User/org avatar storage configuration | `{}` | +| `gitea.config.storage` | General storage settings | `{}` | +| `gitea.config.proxy` | Proxy configuration (disabled by default) | `{}` | +| `gitea.config.actions` | Configuration for [Forgejo Actions](https://forgejo.org/docs/latest/user/actions/) | `{}` | +| `gitea.config.other` | Uncategorized configuration options | `{}` | ### LivenessProbe @@ -967,15 +1113,16 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus ### ReadinessProbe -| Name | Description | Value | -| ------------------------------------------ | ------------------------------------------------- | ------ | -| `gitea.readinessProbe.enabled` | Enable readiness probe | `true` | -| `gitea.readinessProbe.tcpSocket.port` | Port to probe for readiness | `http` | -| `gitea.readinessProbe.initialDelaySeconds` | Initial delay before readiness probe is initiated | `5` | -| `gitea.readinessProbe.timeoutSeconds` | Timeout for readiness probe | `1` | -| `gitea.readinessProbe.periodSeconds` | Period for readiness probe | `10` | -| `gitea.readinessProbe.successThreshold` | Success threshold for readiness probe | `1` | -| `gitea.readinessProbe.failureThreshold` | Failure threshold for readiness probe | `3` | +| Name | Description | Value | +| ------------------------------------------ | ------------------------------------------------- | -------------- | +| `gitea.readinessProbe.enabled` | Enable readiness probe | `true` | +| `gitea.readinessProbe.httpGet.path` | Path to probe for readiness | `/api/healthz` | +| `gitea.readinessProbe.httpGet.port` | Port to probe for readiness | `http` | +| `gitea.readinessProbe.initialDelaySeconds` | Initial delay before readiness probe is initiated | `5` | +| `gitea.readinessProbe.timeoutSeconds` | Timeout for readiness probe | `1` | +| `gitea.readinessProbe.periodSeconds` | Period for readiness probe | `10` | +| `gitea.readinessProbe.successThreshold` | Success threshold for readiness probe | `1` | +| `gitea.readinessProbe.failureThreshold` | Failure threshold for readiness probe | `3` | ### StartupProbe @@ -992,19 +1139,33 @@ To comply with the Forgejo helm chart definition of the digest parameter, a "cus ### Redis® Cluster Redis® Cluster is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/redis-cluster) if enabled in the values. -Complete Configuration can be taken from their website. +Full configuration options are available on their website. +Redis cluster and [Redis](#redis) cannot be enabled at the same time. | Name | Description | Value | | -------------------------------- | -------------------------------------------- | ------- | -| `redis-cluster.enabled` | Enable redis | `true` | +| `redis-cluster.enabled` | Enable redis cluster | `true` | | `redis-cluster.usePassword` | Whether to use password authentication | `false` | | `redis-cluster.cluster.nodes` | Number of redis cluster master nodes | `3` | | `redis-cluster.cluster.replicas` | Number of redis cluster master node replicas | `0` | +### Redis® + +Redis® is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/redis) if enabled in the values. +Full configuration options are available on their website. +Redis and [Redis cluster](#redis-cluster) cannot be enabled at the same time. + +| Name | Description | Value | +| ----------------------------- | ------------------------------------------ | ------------ | +| `redis.enabled` | Enable redis standalone or replicated | `false` | +| `redis.architecture` | Whether to use standalone or replication | `standalone` | +| `redis.global.redis.password` | Required password | `changeme` | +| `redis.master.count` | Number of Redis master instances to deploy | `1` | + ### PostgreSQL HA PostgreSQL HA is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql-ha) if enabled in the values. -Complete Configuration can be taken from their website. +Full configuration options are available on their website. | Name | Description | Value | | ------------------------------------------- | ---------------------------------------------------------------- | ----------- | @@ -1017,12 +1178,12 @@ Complete Configuration can be taken from their website. | `postgresql-ha.postgresql.postgresPassword` | postgres Password | `changeme1` | | `postgresql-ha.pgpool.adminPassword` | pgpool adminPassword | `changeme3` | | `postgresql-ha.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `5432` | -| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL-ha volume | `10Gi` | +| `postgresql-ha.primary.persistence.size` | PVC Storage Request for PostgreSQL HA volume | `10Gi` | ### PostgreSQL PostgreSQL is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) if enabled in the values. -Complete Configuration can be taken from their website. +Full configuration options are available on their website. | Name | Description | Value | | ------------------------------------------------------- | ---------------------------------------------------------------- | ------- | @@ -1037,11 +1198,11 @@ Complete Configuration can be taken from their website. | Name | Description | Value | | ------------------ | ------------------------------------------------------------------ | --------- | -| `checkDeprecation` | Set it to false to skip this basic validation check. | `true` | -| `test.enabled` | Set it to false to disable test-connection Pod. | `true` | +| `checkDeprecation` | Whether to run this basic validation check. | `true` | +| `test.enabled` | Whether to use test-connection Pod. | `true` | | `test.image.name` | Image name for the wget container used in the test-connection Pod. | `busybox` | | `test.image.tag` | Image tag for the wget container used in the test-connection Pod. | `latest` | -| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `extraDeploy` | Array of extra objects to deploy with the release. | `[]` | ## Contributing @@ -1049,8 +1210,46 @@ Expected workflow is: Fork -> Patch -> Push -> Pull Request See [CONTRIBUTORS GUIDE](CONTRIBUTING.md) for details. +Hop into [our Matrix room](https://matrix.to/#/#forgejo-helm-chart:matrix.org) if you have any questions or want to get involved. + ## Upgrading This section lists major and breaking changes of each Helm Chart version. Please read them carefully to upgrade successfully, especially the change of the **default database backend**! If you miss this, blindly upgrading may delete your Postgres instance and you may lose your data! + +### To v11 + +PostgreSQL and PostgreSQL HA are now using PostgreSQL v17. +Please read PostgresSQL upgrade guide before upgrading. + +You need Forgejo v10+ to use this Helm Chart version. +Forgejo v9 is now EOL. + +ClusterIP is now emtpy instead of `None` for http and ssh service. +Unsupported api versions for `Ingress` and `PodDisruptionBudget` are removed. +`Ingress` and `Service` are now using named ports. +The ReadinessProbe is now using the `/api/healthz` endpoint. + +### To v10 + +You need Forgejo v9+ to use this Helm Chart version. +Forgejo v8 is now EOL. + +### To v9 + +Namespaces for all resources are now set to `common.names.namespace` by default. + +### To v8 + +You need Forgejo v8+ to use this Helm Chart version. +Use the v7 Helm Chart for Forgejo v7. + +### To v7 + +The Forgejo docker image is pulled from `code.forgejo.org` instead of `codeberg.org`. + +### To v6 + +You need Forgejo v7+ to use this Helm Chart version. +Use the v5 Helm Chart for Forgejo v1.21. diff --git a/artifacthub-repo.yml b/artifacthub-repo.yml index f30bf38..7a7ea81 100644 --- a/artifacthub-repo.yml +++ b/artifacthub-repo.yml @@ -2,7 +2,7 @@ # Artifact Hub repository metadata file # https://artifacthub.io/docs/topics/repositories/helm-charts/#oci-support # publish via: -# oras push codeberg.org/forgejo-contrib/forgejo:artifacthub.io --config artifacthub.config.json:application/vnd.cncf.artifacthub.config.v1+yaml artifacthub-repo.yml:application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml +# oras push code.forgejo.org/forgejo-helm/forgejo:artifacthub.io --config artifacthub.config.json:application/vnd.cncf.artifacthub.config.v1+yaml artifacthub-repo.yml:application/vnd.cncf.artifacthub.repository-metadata.layer.v1.yaml repositoryID: 'ec84c95a-a288-4aaa-a690-a656b57e3136' owners: # (optional, used to claim repository ownership) - name: viceice diff --git a/ci/default-values.yaml b/ci/default-values.yaml new file mode 100644 index 0000000..25fefaa --- /dev/null +++ b/ci/default-values.yaml @@ -0,0 +1,20 @@ +# default values with some modifications + +# Use mirror +# https://code.forgejo.org/forgejo-helm/forgejo-helm/issues/1045 +global: + security: + allowInsecureImages: true +redis-cluster: + image: + registry: public.ecr.aws +postgresql-ha: + postgresql: + image: + registry: public.ecr.aws + pgpool: + image: + registry: public.ecr.aws +test: + image: + name: code.forgejo.org/oci/busybox diff --git a/ci/default.yml b/ci/default.yml deleted file mode 100644 index d6c93d3..0000000 --- a/ci/default.yml +++ /dev/null @@ -1 +0,0 @@ -# default values diff --git a/ci/dev-values.yml b/ci/dev-values.yaml similarity index 56% rename from ci/dev-values.yml rename to ci/dev-values.yaml index 9e45329..a47f3ba 100644 --- a/ci/dev-values.yml +++ b/ci/dev-values.yaml @@ -1,7 +1,14 @@ +# Test codeberg.org image +image: + registry: codeberg.org +# Use mirror +# https://code.forgejo.org/forgejo-helm/forgejo-helm/issues/1045 +test: + image: + name: code.forgejo.org/oci/busybox + redis-cluster: enabled: false -postgresql: - enabled: false postgresql-ha: enabled: false diff --git a/ci/single-values.yml b/ci/single-values.yaml similarity index 53% rename from ci/single-values.yml rename to ci/single-values.yaml index 46ea966..6be58e6 100644 --- a/ci/single-values.yml +++ b/ci/single-values.yaml @@ -1,10 +1,24 @@ redis-cluster: enabled: false -postgresql: - enabled: true postgresql-ha: enabled: false +postgresql: + enabled: true + # Use mirror + # https://code.forgejo.org/forgejo-helm/forgejo-helm/issues/1045 + image: + registry: public.ecr.aws +global: + security: + allowInsecureImages: true + +# Use mirror +# https://code.forgejo.org/forgejo-helm/forgejo-helm/issues/1045 +test: + image: + name: code.forgejo.org/oci/busybox + persistence: enabled: true diff --git a/ci/v10-values.yaml b/ci/v10-values.yaml new file mode 100644 index 0000000..253b35b --- /dev/null +++ b/ci/v10-values.yaml @@ -0,0 +1,29 @@ +image: + registry: codeberg.org + repository: forgejo-experimental/forgejo + tag: 10 # don't pin, manifests can be missing + +# Use mirror +# https://code.forgejo.org/forgejo-helm/forgejo-helm/issues/1045 +test: + image: + name: code.forgejo.org/oci/busybox + +redis-cluster: + enabled: false +postgresql-ha: + enabled: false + +persistence: + enabled: false + +gitea: + config: + database: + DB_TYPE: sqlite3 + session: + PROVIDER: memory + cache: + ADAPTER: memory + queue: + TYPE: level diff --git a/ci/v11-values.yaml b/ci/v11-values.yaml new file mode 100644 index 0000000..6c1a24b --- /dev/null +++ b/ci/v11-values.yaml @@ -0,0 +1,29 @@ +image: + registry: codeberg.org + repository: forgejo-experimental/forgejo + tag: 11 # don't pin, manifests can be missing + +# Use mirror +# https://code.forgejo.org/forgejo-helm/forgejo-helm/issues/1045 +test: + image: + name: code.forgejo.org/oci/busybox + +redis-cluster: + enabled: false +postgresql-ha: + enabled: false + +persistence: + enabled: false + +gitea: + config: + database: + DB_TYPE: sqlite3 + session: + PROVIDER: memory + cache: + ADAPTER: memory + queue: + TYPE: level diff --git a/ci/v12-values.yaml b/ci/v12-values.yaml new file mode 100644 index 0000000..8429086 --- /dev/null +++ b/ci/v12-values.yaml @@ -0,0 +1,29 @@ +image: + registry: codeberg.org + repository: forgejo-experimental/forgejo + tag: 12 # don't pin, manifests can be missing + +# Use mirror +# https://code.forgejo.org/forgejo-helm/forgejo-helm/issues/1045 +test: + image: + name: code.forgejo.org/oci/busybox + +redis-cluster: + enabled: false +postgresql-ha: + enabled: false + +persistence: + enabled: false + +gitea: + config: + database: + DB_TYPE: sqlite3 + session: + PROVIDER: memory + cache: + ADAPTER: memory + queue: + TYPE: level diff --git a/package.json b/package.json index a459a32..d4cccfc 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "forgejo-helm-chart", - "homepage": "https://codeberg.org/forgejo-contrib/forgejo-helm.git", + "homepage": "https://code.forgejo.org/forgejo-helm/forgejo-helm", "license": "MIT", "private": true, "scripts": { @@ -10,21 +10,22 @@ "prettier": "prettier --check --ignore-unknown --cache '**/*.*'", "prettier-fix": "prettier --write --ignore-unknown --cache '**/*.*'", "readme:lint": "markdownlint *.md -f", - "readme:parameters": "readme-generator -v values.yaml -r README.md" + "readme:parameters": "readme-generator -v values.yaml -r README.md", + "test": "helm unittest --strict -f 'unittests/**/*.yaml' ./" }, "devDependencies": { - "@bitnami/readme-generator-for-helm": "^2.4.2", - "clipanion": "^3.2.1", - "conventional-changelog-conventionalcommits": "^7.0.0", - "conventional-changelog-core": "^7.0.0", - "husky": "^9.0.0", - "lint-staged": "^15.2.0", - "markdownlint-cli": "^0.39.0", - "prettier": "^3.1.0" + "@bitnami/readme-generator-for-helm": "2.7.0", + "clipanion": "3.2.1", + "conventional-changelog-conventionalcommits": "8.0.0", + "conventional-changelog-core": "9.0.0", + "husky": "9.1.7", + "lint-staged": "15.5.0", + "markdownlint-cli": "0.44.0", + "prettier": "3.5.3" }, - "packageManager": "pnpm@8.15.3", + "packageManager": "pnpm@10.7.0", "engines": { - "node": "^18.12.0 || >=20.9.0", - "pnpm": "^8.0.0" + "node": "^22.0.0", + "pnpm": "^10.0.0" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 01f851b..387c3dc 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -1,403 +1,965 @@ -lockfileVersion: '6.0' +lockfileVersion: '9.0' settings: autoInstallPeers: true excludeLinksFromLockfile: false -devDependencies: - '@bitnami/readme-generator-for-helm': - specifier: ^2.4.2 - version: 2.6.0 - clipanion: - specifier: ^3.2.1 - version: 3.2.1(typanion@3.14.0) - conventional-changelog-conventionalcommits: - specifier: ^7.0.0 - version: 7.0.2 - conventional-changelog-core: - specifier: ^7.0.0 - version: 7.0.0 - husky: - specifier: ^9.0.0 - version: 9.0.10 - lint-staged: - specifier: ^15.2.0 - version: 15.2.2 - markdownlint-cli: - specifier: ^0.39.0 - version: 0.39.0 - prettier: - specifier: ^3.1.0 - version: 3.2.5 +importers: + + .: + devDependencies: + '@bitnami/readme-generator-for-helm': + specifier: 2.7.0 + version: 2.7.0 + clipanion: + specifier: 3.2.1 + version: 3.2.1(typanion@3.14.0) + conventional-changelog-conventionalcommits: + specifier: 8.0.0 + version: 8.0.0 + conventional-changelog-core: + specifier: 9.0.0 + version: 9.0.0(conventional-commits-filter@4.0.0) + husky: + specifier: 9.1.7 + version: 9.1.7 + lint-staged: + specifier: 15.5.0 + version: 15.5.0 + markdownlint-cli: + specifier: 0.44.0 + version: 0.44.0 + prettier: + specifier: 3.5.3 + version: 3.5.3 packages: - /@babel/code-frame@7.23.5: - resolution: {integrity: sha512-CgH3s1a96LipHCmSUmYFPwY7MNx8C3avkq7i4Wl3cfa662ldtUe4VM1TPXX70pfmrlWTb6jLqTYrZyT2ZTJBgA==} - engines: {node: '>=6.9.0'} - dependencies: - '@babel/highlight': 7.23.4 - chalk: 2.4.2 - dev: true - - /@babel/helper-validator-identifier@7.22.20: - resolution: {integrity: sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==} - engines: {node: '>=6.9.0'} - dev: true - - /@babel/highlight@7.23.4: - resolution: {integrity: sha512-acGdbYSfp2WheJoJm/EBBBLh/ID8KDc64ISZ9DYtBmC8/Q204PZJLHyzeB5qMzJ5trcOkybd78M4x2KWsUq++A==} - engines: {node: '>=6.9.0'} - dependencies: - '@babel/helper-validator-identifier': 7.22.20 - chalk: 2.4.2 - js-tokens: 4.0.0 - dev: true - - /@bitnami/readme-generator-for-helm@2.6.0: - resolution: {integrity: sha512-LcByNCryaC2OJExL9rnhyFJ18+vrZu1gVoN2Z7j/HI42EjV4kLgT4G1KEPNnrKbls9HvozBqMG+sKZIDh0McFg==} + '@bitnami/readme-generator-for-helm@2.7.0': + resolution: {integrity: sha512-fVxExmcuJ9NZb9ZE9OW3+lG8pUlXJAJdaO8UukV3A7WzYu4qOTr03MXPH9Gt5e/6mo3x4WYI/cXBksKfS0qn3w==} hasBin: true - dependencies: - commander: 7.2.0 - dot-object: 2.1.4 - lodash: 4.17.21 - markdown-table: 2.0.0 - yaml: 2.3.4 - dev: true - /@hutson/parse-repository-url@5.0.0: + '@conventional-changelog/git-client@1.0.0': + resolution: {integrity: sha512-PkUIv8bcY8/mIJig+3CGneb1hfXvjUotuBcroBHyVO4obIz5WGJpBWTuo17XV4p1sTmbGa8TxAmdMzhlPU+tLA==} + engines: {node: '>=18'} + peerDependencies: + conventional-commits-filter: ^4.0.0 + conventional-commits-parser: ^5.0.0 + peerDependenciesMeta: + conventional-commits-filter: + optional: true + conventional-commits-parser: + optional: true + + '@hutson/parse-repository-url@5.0.0': resolution: {integrity: sha512-e5+YUKENATs1JgYHMzTr2MW/NDcXGfYFAuOQU8gJgF/kEh4EqKgfGrfLI67bMD4tbhZVlkigz/9YYwWcbOFthg==} engines: {node: '>=10.13.0'} - dev: true - /@isaacs/cliui@8.0.2: + '@isaacs/cliui@8.0.2': resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} engines: {node: '>=12'} - dependencies: - string-width: 5.1.2 - string-width-cjs: /string-width@4.2.3 - strip-ansi: 7.1.0 - strip-ansi-cjs: /strip-ansi@6.0.1 - wrap-ansi: 8.1.0 - wrap-ansi-cjs: /wrap-ansi@7.0.0 - dev: true - /@pkgjs/parseargs@0.11.0: + '@pkgjs/parseargs@0.11.0': resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==} engines: {node: '>=14'} - requiresBuild: true - dev: true - optional: true - /@types/normalize-package-data@2.4.4: - resolution: {integrity: sha512-37i+OaWTh9qeK4LSHPsyRC7NahnGotNuZvjLSgcPzblpHB3rrCJxAOgI5gCdKm7coonsaX1Of0ILiTcnZjbfxA==} - dev: true + '@types/debug@4.1.12': + resolution: {integrity: sha512-vIChWdVG3LG1SMxEvI/AK+FWJthlrqlTu7fbrlywTkkaONwk/UAGaULXRlf8vkzFBLVm0zkMdCquhL5aOjhXPQ==} - /JSONStream@1.3.5: - resolution: {integrity: sha512-E+iruNOY8VV9s4JEbe1aNEm6MiszPRr/UfcHMz0TQh1BXSxHK+ASV1R6W4HpjBhSeS+54PIsAMCBmwD06LLsqQ==} - hasBin: true - dependencies: - jsonparse: 1.3.1 - through: 2.3.8 - dev: true + '@types/katex@0.16.7': + resolution: {integrity: sha512-HMwFiRujE5PjrgwHQ25+bsLJgowjGjm5Z8FVSf0N6PwgJrwxH0QxzHYDcKsTfV3wva0vzrpqMTJS2jXPr5BMEQ==} - /add-stream@1.0.0: + '@types/ms@2.1.0': + resolution: {integrity: sha512-GsCCIZDE/p3i96vtEqx+7dBUGXrc7zeSK3wwPHIaRThS+9OhWIXRqzs4d6k1SVU8g91DrNRWxWUGhp5KXQb2VA==} + + '@types/semver@7.5.8': + resolution: {integrity: sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==} + + '@types/unist@2.0.11': + resolution: {integrity: sha512-CmBKiL6NNo/OqgmMn95Fk9Whlp2mtvIv+KNpQKN2F4SjvrEesubTRWGYSg+BnWZOnlCaSTU1sMpsBOzgbYhnsA==} + + add-stream@1.0.0: resolution: {integrity: sha512-qQLMr+8o0WC4FZGQTcJiKBVC59JylcPSrTtk6usvmIDFUOCKegapy1VHQwRbFMOFyb/inzUVqHs+eMYKDM1YeQ==} - dev: true - /ansi-escapes@6.2.0: - resolution: {integrity: sha512-kzRaCqXnpzWs+3z5ABPQiVke+iq0KXkHo8xiWV4RPTi5Yli0l97BEQuhXV1s7+aSU/fu1kUuxgS4MsQ0fRuygw==} - engines: {node: '>=14.16'} - dependencies: - type-fest: 3.13.1 - dev: true + ansi-escapes@7.0.0: + resolution: {integrity: sha512-GdYO7a61mR0fOlAsvC9/rIHf7L96sBc6dEWzeOu+KAea5bZyQRPIpojrVoI4AXGJS/ycu/fBTdLrUkA4ODrvjw==} + engines: {node: '>=18'} - /ansi-regex@5.0.1: + ansi-regex@5.0.1: resolution: {integrity: sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==} engines: {node: '>=8'} - dev: true - /ansi-regex@6.0.1: + ansi-regex@6.0.1: resolution: {integrity: sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA==} engines: {node: '>=12'} - dev: true - /ansi-styles@3.2.1: - resolution: {integrity: sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==} - engines: {node: '>=4'} - dependencies: - color-convert: 1.9.3 - dev: true - - /ansi-styles@4.3.0: + ansi-styles@4.3.0: resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} engines: {node: '>=8'} - dependencies: - color-convert: 2.0.1 - dev: true - /ansi-styles@6.2.1: + ansi-styles@6.2.1: resolution: {integrity: sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==} engines: {node: '>=12'} - dev: true - /argparse@2.0.1: + argparse@2.0.1: resolution: {integrity: sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==} - dev: true - /array-ify@1.0.0: + array-ify@1.0.0: resolution: {integrity: sha512-c5AMf34bKdvPhQ7tBGhqkgKNUzMr4WUs+WDtC2ZUGOUncbxKMTvqxYctiseW3+L4bA8ec+GcZ6/A/FW4m8ukng==} - dev: true - /balanced-match@1.0.2: + balanced-match@1.0.2: resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} - dev: true - /brace-expansion@1.1.11: + brace-expansion@1.1.11: resolution: {integrity: sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==} - dependencies: - balanced-match: 1.0.2 - concat-map: 0.0.1 - dev: true - /brace-expansion@2.0.1: + brace-expansion@2.0.1: resolution: {integrity: sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==} - dependencies: - balanced-match: 1.0.2 - dev: true - /braces@3.0.2: - resolution: {integrity: sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==} + braces@3.0.3: + resolution: {integrity: sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==} engines: {node: '>=8'} - dependencies: - fill-range: 7.0.1 - dev: true - /chalk@2.4.2: - resolution: {integrity: sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==} - engines: {node: '>=4'} - dependencies: - ansi-styles: 3.2.1 - escape-string-regexp: 1.0.5 - supports-color: 5.5.0 - dev: true - - /chalk@5.3.0: - resolution: {integrity: sha512-dLitG79d+GV1Nb/VYcCDFivJeK1hiukt9QjRNVOsUtTy1rR1YJsmpGGTZ3qJos+uw7WmWF4wUwBd9jxjocFC2w==} + chalk@5.4.1: + resolution: {integrity: sha512-zgVZuo2WcZgfUEmsn6eO3kINexW8RAE4maiQ8QNs8CtpPCSyMiYsULR3HQYkm3w8FIA3SberyMJMSldGsW+U3w==} engines: {node: ^12.17.0 || ^14.13 || >=16.0.0} - dev: true - /cli-cursor@4.0.0: - resolution: {integrity: sha512-VGtlMu3x/4DOtIUwEkRezxUZ2lBacNJCHash0N0WeZDBS+7Ux1dm3XWAgWYxLJFMMdOeXMHXorshEFhbMSGelg==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - dependencies: - restore-cursor: 4.0.0 - dev: true + character-entities-legacy@3.0.0: + resolution: {integrity: sha512-RpPp0asT/6ufRm//AJVwpViZbGM/MkjQFxJccQRHmISF/22NBtsHqAWmL+/pmkPWoIUJdWyeVleTl1wydHATVQ==} - /cli-truncate@4.0.0: + character-entities@2.0.2: + resolution: {integrity: sha512-shx7oQ0Awen/BRIdkjkvz54PnEEI/EjwXDSIZp86/KKdbafHh1Df/RYGBhn4hbe2+uKC9FnT5UCEdyPz3ai9hQ==} + + character-reference-invalid@2.0.1: + resolution: {integrity: sha512-iBZ4F4wRbyORVsu0jPV7gXkOsGYjGHPmAyv+HiHG8gi5PtC9KI2j1+v8/tlibRvjoWX027ypmG/n0HtO5t7unw==} + + cli-cursor@5.0.0: + resolution: {integrity: sha512-aCj4O5wKyszjMmDT4tZj93kxyydN/K5zPWSCe6/0AV/AA1pqe5ZBIw0a2ZfPQV7lL5/yb5HsUreJ6UFAF1tEQw==} + engines: {node: '>=18'} + + cli-truncate@4.0.0: resolution: {integrity: sha512-nPdaFdQ0h/GEigbPClz11D0v/ZJEwxmeVZGeMo3Z5StPtUTkA9o1lD6QwoirYiSDzbcwn2XcjwmCp68W1IS4TA==} engines: {node: '>=18'} - dependencies: - slice-ansi: 5.0.0 - string-width: 7.1.0 - dev: true - /clipanion@3.2.1(typanion@3.14.0): + clipanion@3.2.1: resolution: {integrity: sha512-dYFdjLb7y1ajfxQopN05mylEpK9ZX0sO1/RfMXdfmwjlIsPkbh4p7A682x++zFPLDCo1x3p82dtljHf5cW2LKA==} peerDependencies: typanion: '*' - dependencies: - typanion: 3.14.0 - dev: true - /color-convert@1.9.3: - resolution: {integrity: sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==} - dependencies: - color-name: 1.1.3 - dev: true - - /color-convert@2.0.1: + color-convert@2.0.1: resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} engines: {node: '>=7.0.0'} - dependencies: - color-name: 1.1.4 - dev: true - /color-name@1.1.3: - resolution: {integrity: sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==} - dev: true - - /color-name@1.1.4: + color-name@1.1.4: resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} - dev: true - /colorette@2.0.20: + colorette@2.0.20: resolution: {integrity: sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==} - dev: true - /commander@11.1.0: - resolution: {integrity: sha512-yPVavfyCcRhmorC7rWlkHn15b4wDVgVmBA7kV4QVBsF7kv/9TKJAbAXVTxvTnwP8HHKjRCJDClKbciiYS7p0DQ==} - engines: {node: '>=16'} - dev: true + commander@13.1.0: + resolution: {integrity: sha512-/rFeCpNJQbhSZjGVwO9RFV3xPqbnERS8MmIQzCtD/zl6gpJuV/bMLuN92oG3F7d8oDEHHRrujSXNUr8fpjntKw==} + engines: {node: '>=18'} - /commander@4.1.1: - resolution: {integrity: sha512-NOKm8xhkzAjzFx8B2v5OAHT+u5pRQc2UCa2Vq9jYL/31o2wi9mxBA7LIFs3sV5VSC49z6pEhfbMULvShKj26WA==} + commander@6.2.1: + resolution: {integrity: sha512-U7VdrJFnJgo4xjrHpTzu0yrHPGImdsmD95ZlgYSEajAn2JKzDhDTPG9kBTefmObL2w/ngeZnilk+OV9CG3d7UA==} engines: {node: '>= 6'} - dev: true - /commander@7.2.0: - resolution: {integrity: sha512-QrWXB+ZQSVPmIWIhtEO9H+gwHaMGYiF5ChvoJ+K9ZGHG/sVsa6yiesAD1GC/x46sET00Xlwo1u49RVVVzvcSkw==} - engines: {node: '>= 10'} - dev: true + commander@8.3.0: + resolution: {integrity: sha512-OkTL9umf+He2DZkUq8f8J9of7yL6RJKI24dVITBmNfZBmri9zYZQrKkuXiKhyfPSu8tUhnVBB1iKXevvnlR4Ww==} + engines: {node: '>= 12'} - /compare-func@2.0.0: + compare-func@2.0.0: resolution: {integrity: sha512-zHig5N+tPWARooBnb0Zx1MFcdfpyJrfTJ3Y5L+IFvUm8rM74hHz66z0gw0x4tijh5CorKkKUCnW82R2vmpeCRA==} - dependencies: - array-ify: 1.0.0 - dot-prop: 5.3.0 - dev: true - /concat-map@0.0.1: + concat-map@0.0.1: resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} - dev: true - /conventional-changelog-conventionalcommits@7.0.2: - resolution: {integrity: sha512-NKXYmMR/Hr1DevQegFB4MwfM5Vv0m4UIxKZTTYuD98lpTknaZlSRrDOG4X7wIXpGkfsYxZTghUN+Qq+T0YQI7w==} - engines: {node: '>=16'} - dependencies: - compare-func: 2.0.0 - dev: true + conventional-changelog-conventionalcommits@8.0.0: + resolution: {integrity: sha512-eOvlTO6OcySPyyyk8pKz2dP4jjElYunj9hn9/s0OB+gapTO8zwS9UQWrZ1pmF2hFs3vw1xhonOLGcGjy/zgsuA==} + engines: {node: '>=18'} - /conventional-changelog-core@7.0.0: - resolution: {integrity: sha512-UYgaB1F/COt7VFjlYKVE/9tTzfU3VUq47r6iWf6lM5T7TlOxr0thI63ojQueRLIpVbrtHK4Ffw+yQGduw2Bhdg==} - engines: {node: '>=16'} - dependencies: - '@hutson/parse-repository-url': 5.0.0 - add-stream: 1.0.0 - conventional-changelog-writer: 7.0.1 - conventional-commits-parser: 5.0.0 - git-raw-commits: 4.0.0 - git-semver-tags: 7.0.1 - hosted-git-info: 7.0.1 - normalize-package-data: 6.0.0 - read-pkg: 8.1.0 - read-pkg-up: 10.1.0 - dev: true + conventional-changelog-core@9.0.0: + resolution: {integrity: sha512-/XS1hE0axsZ+IwJAoXw1faEdbo5+A975pL6FeLHs5Iz8lgROZ9iAhEFmIFhjHW1/BOhGq7RJU9udzWbeumAfDQ==} + engines: {node: '>=18'} - /conventional-changelog-writer@7.0.1: - resolution: {integrity: sha512-Uo+R9neH3r/foIvQ0MKcsXkX642hdm9odUp7TqgFS7BsalTcjzRlIfWZrZR1gbxOozKucaKt5KAbjW8J8xRSmA==} - engines: {node: '>=16'} + conventional-changelog-writer@8.0.1: + resolution: {integrity: sha512-hlqcy3xHred2gyYg/zXSMXraY2mjAYYo0msUCpK+BGyaVJMFCKWVXPIHiaacGO2GGp13kvHWXFhYmxT4QQqW3Q==} + engines: {node: '>=18'} hasBin: true - dependencies: - conventional-commits-filter: 4.0.0 - handlebars: 4.7.8 - json-stringify-safe: 5.0.1 - meow: 12.1.1 - semver: 7.6.0 - split2: 4.2.0 - dev: true - /conventional-commits-filter@4.0.0: + conventional-commits-filter@4.0.0: resolution: {integrity: sha512-rnpnibcSOdFcdclpFwWa+pPlZJhXE7l+XK04zxhbWrhgpR96h33QLz8hITTXbcYICxVr3HZFtbtUAQ+4LdBo9A==} engines: {node: '>=16'} - dev: true - /conventional-commits-parser@5.0.0: - resolution: {integrity: sha512-ZPMl0ZJbw74iS9LuX9YIAiW8pfM5p3yh2o/NbXHbkFuZzY5jvdi5jFycEOkmBW5H5I7nA+D6f3UcsCLP2vvSEA==} - engines: {node: '>=16'} + conventional-commits-filter@5.0.0: + resolution: {integrity: sha512-tQMagCOC59EVgNZcC5zl7XqO30Wki9i9J3acbUvkaosCT6JX3EeFwJD7Qqp4MCikRnzS18WXV3BLIQ66ytu6+Q==} + engines: {node: '>=18'} + + conventional-commits-parser@6.1.0: + resolution: {integrity: sha512-5nxDo7TwKB5InYBl4ZC//1g9GRwB/F3TXOGR9hgUjMGfvSP4Vu5NkpNro2+1+TIEy1vwxApl5ircECr2ri5JIw==} + engines: {node: '>=18'} hasBin: true - dependencies: - JSONStream: 1.3.5 - is-text-path: 2.0.0 - meow: 12.1.1 - split2: 4.2.0 - dev: true - /cross-spawn@7.0.3: + cross-spawn@7.0.3: resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==} engines: {node: '>= 8'} - dependencies: - path-key: 3.1.1 - shebang-command: 2.0.0 - which: 2.0.2 - dev: true - /dargs@8.1.0: - resolution: {integrity: sha512-wAV9QHOsNbwnWdNW2FYvE1P56wtgSbM+3SZcdGiWQILwVjACCXDCI3Ai8QlCjMDB8YK5zySiXZYBiwGmNY3lnw==} - engines: {node: '>=12'} - dev: true - - /debug@4.3.4: - resolution: {integrity: sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==} + debug@4.4.0: + resolution: {integrity: sha512-6WTZ/IxCY/T6BALoZHaE4ctp9xm+Z5kY/pzYaCHRFeyVhojxlrm+46y68HA6hr0TcwEssoxNiDEUJQjfPZ/RYA==} engines: {node: '>=6.0'} peerDependencies: supports-color: '*' peerDependenciesMeta: supports-color: optional: true - dependencies: - ms: 2.1.2 - dev: true - /deep-extend@0.6.0: + decode-named-character-reference@1.0.2: + resolution: {integrity: sha512-O8x12RzrUF8xyVcY0KJowWsmaJxQbmy0/EtnNtHRpsOcT7dFk5W598coHqBVpmWo1oQQfsCqfCmkZN5DJrZVdg==} + + deep-extend@0.6.0: resolution: {integrity: sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==} engines: {node: '>=4.0.0'} - dev: true - /dot-object@2.1.4: - resolution: {integrity: sha512-7FXnyyCLFawNYJ+NhkqyP9Wd2yzuo+7n9pGiYpkmXCTYa8Ci2U0eUNDVg5OuO5Pm6aFXI2SWN8/N/w7SJWu1WA==} + dequal@2.0.3: + resolution: {integrity: sha512-0je+qPKHEMohvfRTCEo3CrPG6cAzAYgmzKyxRiYSSDkS6eGJdyVJm7WaYA5ECaAD9wLB2T4EEeymA5aFVcYXCA==} + engines: {node: '>=6'} + + devlop@1.1.0: + resolution: {integrity: sha512-RWmIqhcFf1lRYBvNmr7qTNuyCt/7/ns2jbpp1+PalgE/rDQcBT0fioSMUpJ93irlUhC5hrg4cYqe6U+0ImW0rA==} + + dot-object@2.1.5: + resolution: {integrity: sha512-xHF8EP4XH/Ba9fvAF2LDd5O3IITVolerVV6xvkxoM8zlGEiCUrggpAnHyOoKJKCrhvPcGATFAUwIujj7bRG5UA==} hasBin: true - dependencies: - commander: 4.1.1 - glob: 7.2.3 - dev: true - /dot-prop@5.3.0: + dot-prop@5.3.0: resolution: {integrity: sha512-QM8q3zDe58hqUqjraQOmzZ1LIH9SWQJTlEKCH4kJ2oQvLZk7RbQXvtDM2XEq3fwkV9CCvvH4LA0AV+ogFsBM2Q==} engines: {node: '>=8'} - dependencies: - is-obj: 2.0.0 - dev: true - /eastasianwidth@0.2.0: + eastasianwidth@0.2.0: resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} - dev: true - /emoji-regex@10.3.0: + emoji-regex@10.3.0: resolution: {integrity: sha512-QpLs9D9v9kArv4lfDEgg1X/gN5XLnf/A6l9cs8SPZLRZR3ZkY9+kwIQTxm+fsSej5UMYGE8fdoaZVIBlqG0XTw==} - dev: true - /emoji-regex@8.0.0: + emoji-regex@8.0.0: resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==} - dev: true - /emoji-regex@9.2.2: + emoji-regex@9.2.2: resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==} - dev: true - /entities@4.5.0: + entities@4.5.0: resolution: {integrity: sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==} engines: {node: '>=0.12'} - dev: true - /error-ex@1.3.2: - resolution: {integrity: sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==} - dependencies: - is-arrayish: 0.2.1 - dev: true + environment@1.1.0: + resolution: {integrity: sha512-xUtoPkMggbz0MPyPiIWr1Kp4aeWJjDZ6SMvURhimjdZgsRuDplF5/s9hcgGhyXMhs+6vpnuoiZ2kFiu3FMnS8Q==} + engines: {node: '>=18'} - /escape-string-regexp@1.0.5: - resolution: {integrity: sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==} - engines: {node: '>=0.8.0'} - dev: true - - /eventemitter3@5.0.1: + eventemitter3@5.0.1: resolution: {integrity: sha512-GWkBvjiSZK87ELrYOSESUYeVIc9mvLLf/nXalMOS5dYrgZq9o5OVkbZAVM06CVxYsCwH9BDZFPlQTlPA1j4ahA==} - dev: true - /execa@8.0.1: + execa@8.0.1: resolution: {integrity: sha512-VyhnebXciFV2DESc+p6B+y0LjSm0krU4OgJN44qFAhBY0TJ+1V61tYD2+wHusZ6F9n5K+vl8k0sTy7PEfV4qpg==} engines: {node: '>=16.17'} + + fd-package-json@1.2.0: + resolution: {integrity: sha512-45LSPmWf+gC5tdCQMNH4s9Sr00bIkiD9aN7dc5hqkrEw1geRYyDQS1v1oMHAW3ysfxfndqGsrDREHHjNNbKUfA==} + + fill-range@7.1.1: + resolution: {integrity: sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==} + engines: {node: '>=8'} + + foreground-child@3.1.1: + resolution: {integrity: sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==} + engines: {node: '>=14'} + + fs.realpath@1.0.0: + resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==} + + get-east-asian-width@1.2.0: + resolution: {integrity: sha512-2nk+7SIVb14QrgXFHcm84tD4bKQz0RxPuMT8Ag5KPOq7J5fEmAg0UbXdTOSHqNuHSU28k55qnceesxXRZGzKWA==} + engines: {node: '>=18'} + + get-stream@8.0.1: + resolution: {integrity: sha512-VaUJspBffn/LMCJVoMvSAdmscJyS1auj5Zulnn5UoYcY531UWmdwhRWkcGKnGU93m5HSXP9LP2usOryrBtQowA==} + engines: {node: '>=16'} + + git-raw-commits@5.0.0: + resolution: {integrity: sha512-I2ZXrXeOc0KrCvC7swqtIFXFN+rbjnC7b2T943tvemIOVNl+XP8YnA9UVwqFhzzLClnSA60KR/qEjLpXzs73Qg==} + engines: {node: '>=18'} + hasBin: true + + git-semver-tags@8.0.0: + resolution: {integrity: sha512-N7YRIklvPH3wYWAR2vysaqGLPRcpwQ0GKdlqTiVN5w1UmCdaeY3K8s6DMKRCh54DDdzyt/OAB6C8jgVtb7Y2Fg==} + engines: {node: '>=18'} + hasBin: true + + glob@10.4.5: + resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==} + hasBin: true + + glob@7.2.3: + resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} + deprecated: Glob versions prior to v9 are no longer supported + + handlebars@4.7.8: + resolution: {integrity: sha512-vafaFqs8MZkRrSX7sFVUdo3ap/eNiLnb4IakshzvP56X5Nr1iGKAIqdX6tMlm6HcNRIkr6AxO5jFEoJzzpT8aQ==} + engines: {node: '>=0.4.7'} + hasBin: true + + hosted-git-info@8.0.2: + resolution: {integrity: sha512-sYKnA7eGln5ov8T8gnYlkSOxFJvywzEx9BueN6xo/GKO8PGiI6uK6xx+DIGe45T3bdVjLAQDQW1aicT8z8JwQg==} + engines: {node: ^18.17.0 || >=20.5.0} + + human-signals@5.0.0: + resolution: {integrity: sha512-AXcZb6vzzrFAUE61HnN4mpLqd/cSIwNQjtNWR0euPm6y0iqx3G4gOXaIDdtdDwZmhwe82LA6+zinmW4UBWVePQ==} + engines: {node: '>=16.17.0'} + + husky@9.1.7: + resolution: {integrity: sha512-5gs5ytaNjBrh5Ow3zrvdUUY+0VxIuWVL4i9irt6friV+BqdCfmV11CQTWMiBYWHbXhco+J1kHfTOUkePhCDvMA==} + engines: {node: '>=18'} + hasBin: true + + ignore@7.0.3: + resolution: {integrity: sha512-bAH5jbK/F3T3Jls4I0SO1hmPR0dKU0a7+SY6n1yzRtG54FLO8d6w/nxLFX2Nb7dBu6cCWXPaAME6cYqFUMmuCA==} + engines: {node: '>= 4'} + + inflight@1.0.6: + resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} + deprecated: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. + + inherits@2.0.4: + resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} + + ini@4.1.1: + resolution: {integrity: sha512-QQnnxNyfvmHFIsj7gkPcYymR8Jdw/o7mp5ZFihxn6h8Ci6fh3Dx4E1gPjpQEpIuPo9XVNY/ZUwh4BPMjGyL01g==} + engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} + + is-alphabetical@2.0.1: + resolution: {integrity: sha512-FWyyY60MeTNyeSRpkM2Iry0G9hpr7/9kD40mD/cGQEuilcZYS4okz8SN2Q6rLCJ8gbCt6fN+rC+6tMGS99LaxQ==} + + is-alphanumerical@2.0.1: + resolution: {integrity: sha512-hmbYhX/9MUMF5uh7tOXyK/n0ZvWpad5caBA17GsC6vyuCqaWliRG5K1qS9inmUhEMaOBIW7/whAnSwveW/LtZw==} + + is-decimal@2.0.1: + resolution: {integrity: sha512-AAB9hiomQs5DXWcRB1rqsxGUstbRroFOPPVAomNk/3XHR5JyEZChOyTWe2oayKnsSsr/kcGqF+z6yuH6HHpN0A==} + + is-fullwidth-code-point@3.0.0: + resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} + engines: {node: '>=8'} + + is-fullwidth-code-point@4.0.0: + resolution: {integrity: sha512-O4L094N2/dZ7xqVdrXhh9r1KODPJpFms8B5sGdJLPy664AgvXsreZUyCQQNItZRDlYug4xStLjNp/sz3HvBowQ==} + engines: {node: '>=12'} + + is-fullwidth-code-point@5.0.0: + resolution: {integrity: sha512-OVa3u9kkBbw7b8Xw5F9P+D/T9X+Z4+JruYVNapTjPYZYUznQ5YfWeFkOj606XYYW8yugTfC8Pj0hYqvi4ryAhA==} + engines: {node: '>=18'} + + is-hexadecimal@2.0.1: + resolution: {integrity: sha512-DgZQp241c8oO6cA1SbTEWiXeoxV42vlcJxgH+B3hi1AiqqKruZR3ZGF8In3fj4+/y/7rHvlOZLZtgJ/4ttYGZg==} + + is-number@7.0.0: + resolution: {integrity: sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==} + engines: {node: '>=0.12.0'} + + is-obj@2.0.0: + resolution: {integrity: sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==} + engines: {node: '>=8'} + + is-stream@3.0.0: + resolution: {integrity: sha512-LnQR4bZ9IADDRSkvpqMGvt/tEJWclzklNgSw48V5EAaAeDd6qGvN8ei6k5p0tvxSR171VmGyHuTiAOfxAbr8kA==} + engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} + + isexe@2.0.0: + resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==} + + jackspeak@3.4.3: + resolution: {integrity: sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==} + + js-yaml@4.1.0: + resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} + hasBin: true + + jsonc-parser@3.3.1: + resolution: {integrity: sha512-HUgH65KyejrUFPvHFPbqOY0rsFip3Bo5wb4ngvdi1EpCYWUQDC5V+Y7mZws+DLkr4M//zQJoanu1SP+87Dv1oQ==} + + jsonpointer@5.0.1: + resolution: {integrity: sha512-p/nXbhSEcu3pZRdkW1OfJhpsVtW1gd4Wa1fnQc9YLiTfAjn0312eMKimbdIQzuZl9aa9xUGaRlP9T/CJE/ditQ==} + engines: {node: '>=0.10.0'} + + katex@0.16.21: + resolution: {integrity: sha512-XvqR7FgOHtWupfMiigNzmh+MgUVmDGU2kXZm899ZkPfcuoPuFxyHmXsgATDpFZDAXCI8tvinaVcDo8PIIJSo4A==} + hasBin: true + + lilconfig@3.1.3: + resolution: {integrity: sha512-/vlFKAoH5Cgt3Ie+JLhRbwOsCQePABiU3tJ1egGvyQ+33R/vcwM2Zl2QR/LzjsBeItPt3oSVXapn+m4nQDvpzw==} + engines: {node: '>=14'} + + linkify-it@5.0.0: + resolution: {integrity: sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==} + + lint-staged@15.5.0: + resolution: {integrity: sha512-WyCzSbfYGhK7cU+UuDDkzUiytbfbi0ZdPy2orwtM75P3WTtQBzmG40cCxIa8Ii2+XjfxzLH6Be46tUfWS85Xfg==} + engines: {node: '>=18.12.0'} + hasBin: true + + listr2@8.2.5: + resolution: {integrity: sha512-iyAZCeyD+c1gPyE9qpFu8af0Y+MRtmKOncdGoA2S5EY8iFq99dmmvkNnHiWo+pj0s7yH7l3KPIgee77tKpXPWQ==} + engines: {node: '>=18.0.0'} + + lodash@4.17.21: + resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==} + + log-update@6.1.0: + resolution: {integrity: sha512-9ie8ItPR6tjY5uYJh8K/Zrv/RMZ5VOlOWvtZdEHYSTFKZfIBPQa9tOAEeAWhd+AnIneLJ22w5fjOYtoutpWq5w==} + engines: {node: '>=18'} + + lru-cache@10.2.0: + resolution: {integrity: sha512-2bIM8x+VAf6JT4bKAljS1qUWgMsqZRPGJS6FSahIMPVvctcNhyVp7AJu7quxOW9jwkryBReKZY5tY5JYv2n/7Q==} + engines: {node: 14 || >=16.14} + + lru-cache@6.0.0: + resolution: {integrity: sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==} + engines: {node: '>=10'} + + markdown-it@14.1.0: + resolution: {integrity: sha512-a54IwgWPaeBCAAsv13YgmALOF1elABB08FxO9i+r4VFk5Vl4pKokRPeX8u5TCgSsPi6ec1otfLjdOpVcgbpshg==} + hasBin: true + + markdown-table@2.0.0: + resolution: {integrity: sha512-Ezda85ToJUBhM6WGaG6veasyym+Tbs3cMAw/ZhOPqXiYsr0jgocBV3j3nx+4lk47plLlIqjwuTm/ywVI+zjJ/A==} + + markdownlint-cli@0.44.0: + resolution: {integrity: sha512-ZJTAONlvF9NkrIBltCdW15DxN9UTbPiKMEqAh2EU2gwIFlrCMavyCEPPO121cqfYOrLUJWW8/XKWongstmmTeQ==} + engines: {node: '>=18'} + hasBin: true + + markdownlint@0.37.4: + resolution: {integrity: sha512-u00joA/syf3VhWh6/ybVFkib5Zpj2e5KB/cfCei8fkSRuums6nyisTWGqjTWIOFoFwuXoTBQQiqlB4qFKp8ncQ==} + engines: {node: '>=18'} + + mdurl@2.0.0: + resolution: {integrity: sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==} + + meow@13.2.0: + resolution: {integrity: sha512-pxQJQzB6djGPXh08dacEloMFopsOqGVRKFPYvPOt9XDZ1HasbgDZA74CJGreSU4G3Ak7EFJGoiH2auq+yXISgA==} + engines: {node: '>=18'} + + merge-stream@2.0.0: + resolution: {integrity: sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==} + + micromark-core-commonmark@2.0.2: + resolution: {integrity: sha512-FKjQKbxd1cibWMM1P9N+H8TwlgGgSkWZMmfuVucLCHaYqeSvJ0hFeHsIa65pA2nYbes0f8LDHPMrd9X7Ujxg9w==} + + micromark-extension-directive@3.0.2: + resolution: {integrity: sha512-wjcXHgk+PPdmvR58Le9d7zQYWy+vKEU9Se44p2CrCDPiLr2FMyiT4Fyb5UFKFC66wGB3kPlgD7q3TnoqPS7SZA==} + + micromark-extension-gfm-autolink-literal@2.1.0: + resolution: {integrity: sha512-oOg7knzhicgQ3t4QCjCWgTmfNhvQbDDnJeVu9v81r7NltNCVmhPy1fJRX27pISafdjL+SVc4d3l48Gb6pbRypw==} + + micromark-extension-gfm-footnote@2.1.0: + resolution: {integrity: sha512-/yPhxI1ntnDNsiHtzLKYnE3vf9JZ6cAisqVDauhp4CEHxlb4uoOTxOCJ+9s51bIB8U1N1FJ1RXOKTIlD5B/gqw==} + + micromark-extension-gfm-table@2.1.0: + resolution: {integrity: sha512-Ub2ncQv+fwD70/l4ou27b4YzfNaCJOvyX4HxXU15m7mpYY+rjuWzsLIPZHJL253Z643RpbcP1oeIJlQ/SKW67g==} + + micromark-extension-math@3.1.0: + resolution: {integrity: sha512-lvEqd+fHjATVs+2v/8kg9i5Q0AP2k85H0WUOwpIVvUML8BapsMvh1XAogmQjOCsLpoKRCVQqEkQBB3NhVBcsOg==} + + micromark-factory-destination@2.0.1: + resolution: {integrity: sha512-Xe6rDdJlkmbFRExpTOmRj9N3MaWmbAgdpSrBQvCFqhezUn4AHqJHbaEnfbVYYiexVSs//tqOdY/DxhjdCiJnIA==} + + micromark-factory-label@2.0.1: + resolution: {integrity: sha512-VFMekyQExqIW7xIChcXn4ok29YE3rnuyveW3wZQWWqF4Nv9Wk5rgJ99KzPvHjkmPXF93FXIbBp6YdW3t71/7Vg==} + + micromark-factory-space@2.0.1: + resolution: {integrity: sha512-zRkxjtBxxLd2Sc0d+fbnEunsTj46SWXgXciZmHq0kDYGnck/ZSGj9/wULTV95uoeYiK5hRXP2mJ98Uo4cq/LQg==} + + micromark-factory-title@2.0.1: + resolution: {integrity: sha512-5bZ+3CjhAd9eChYTHsjy6TGxpOFSKgKKJPJxr293jTbfry2KDoWkhBb6TcPVB4NmzaPhMs1Frm9AZH7OD4Cjzw==} + + micromark-factory-whitespace@2.0.1: + resolution: {integrity: sha512-Ob0nuZ3PKt/n0hORHyvoD9uZhr+Za8sFoP+OnMcnWK5lngSzALgQYKMr9RJVOWLqQYuyn6ulqGWSXdwf6F80lQ==} + + micromark-util-character@2.1.1: + resolution: {integrity: sha512-wv8tdUTJ3thSFFFJKtpYKOYiGP2+v96Hvk4Tu8KpCAsTMs6yi+nVmGh1syvSCsaxz45J6Jbw+9DD6g97+NV67Q==} + + micromark-util-chunked@2.0.1: + resolution: {integrity: sha512-QUNFEOPELfmvv+4xiNg2sRYeS/P84pTW0TCgP5zc9FpXetHY0ab7SxKyAQCNCc1eK0459uoLI1y5oO5Vc1dbhA==} + + micromark-util-classify-character@2.0.1: + resolution: {integrity: sha512-K0kHzM6afW/MbeWYWLjoHQv1sgg2Q9EccHEDzSkxiP/EaagNzCm7T/WMKZ3rjMbvIpvBiZgwR3dKMygtA4mG1Q==} + + micromark-util-combine-extensions@2.0.1: + resolution: {integrity: sha512-OnAnH8Ujmy59JcyZw8JSbK9cGpdVY44NKgSM7E9Eh7DiLS2E9RNQf0dONaGDzEG9yjEl5hcqeIsj4hfRkLH/Bg==} + + micromark-util-decode-numeric-character-reference@2.0.2: + resolution: {integrity: sha512-ccUbYk6CwVdkmCQMyr64dXz42EfHGkPQlBj5p7YVGzq8I7CtjXZJrubAYezf7Rp+bjPseiROqe7G6foFd+lEuw==} + + micromark-util-encode@2.0.1: + resolution: {integrity: sha512-c3cVx2y4KqUnwopcO9b/SCdo2O67LwJJ/UyqGfbigahfegL9myoEFoDYZgkT7f36T0bLrM9hZTAaAyH+PCAXjw==} + + micromark-util-html-tag-name@2.0.1: + resolution: {integrity: sha512-2cNEiYDhCWKI+Gs9T0Tiysk136SnR13hhO8yW6BGNyhOC4qYFnwF1nKfD3HFAIXA5c45RrIG1ub11GiXeYd1xA==} + + micromark-util-normalize-identifier@2.0.1: + resolution: {integrity: sha512-sxPqmo70LyARJs0w2UclACPUUEqltCkJ6PhKdMIDuJ3gSf/Q+/GIe3WKl0Ijb/GyH9lOpUkRAO2wp0GVkLvS9Q==} + + micromark-util-resolve-all@2.0.1: + resolution: {integrity: sha512-VdQyxFWFT2/FGJgwQnJYbe1jjQoNTS4RjglmSjTUlpUMa95Htx9NHeYW4rGDJzbjvCsl9eLjMQwGeElsqmzcHg==} + + micromark-util-sanitize-uri@2.0.1: + resolution: {integrity: sha512-9N9IomZ/YuGGZZmQec1MbgxtlgougxTodVwDzzEouPKo3qFWvymFHWcnDi2vzV1ff6kas9ucW+o3yzJK9YB1AQ==} + + micromark-util-subtokenize@2.0.4: + resolution: {integrity: sha512-N6hXjrin2GTJDe3MVjf5FuXpm12PGm80BrUAeub9XFXca8JZbP+oIwY4LJSVwFUCL1IPm/WwSVUN7goFHmSGGQ==} + + micromark-util-symbol@2.0.1: + resolution: {integrity: sha512-vs5t8Apaud9N28kgCrRUdEed4UJ+wWNvicHLPxCa9ENlYuAY31M0ETy5y1vA33YoNPDFTghEbnh6efaE8h4x0Q==} + + micromark-util-types@2.0.1: + resolution: {integrity: sha512-534m2WhVTddrcKVepwmVEVnUAmtrx9bfIjNoQHRqfnvdaHQiFytEhJoTgpWJvDEXCO5gLTQh3wYC1PgOJA4NSQ==} + + micromark@4.0.1: + resolution: {integrity: sha512-eBPdkcoCNvYcxQOAKAlceo5SNdzZWfF+FcSupREAzdAh9rRmE239CEQAiTwIgblwnoM8zzj35sZ5ZwvSEOF6Kw==} + + micromatch@4.0.8: + resolution: {integrity: sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==} + engines: {node: '>=8.6'} + + mimic-fn@4.0.0: + resolution: {integrity: sha512-vqiC06CuhBTUdZH+RYl8sFrL096vA45Ok5ISO6sE/Mr1jRbGH4Csnhi8f3wKVl7x8mO4Au7Ir9D3Oyv1VYMFJw==} + engines: {node: '>=12'} + + mimic-function@5.0.1: + resolution: {integrity: sha512-VP79XUPxV2CigYP3jWwAUFSku2aKqBH7uTAapFWCBqutsbmDo96KY5o8uh6U+/YSIn5OxJnXp73beVkpqMIGhA==} + engines: {node: '>=18'} + + minimatch@3.1.2: + resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} + + minimatch@9.0.5: + resolution: {integrity: sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==} + engines: {node: '>=16 || 14 >=14.17'} + + minimist@1.2.8: + resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==} + + minipass@7.1.2: + resolution: {integrity: sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==} + engines: {node: '>=16 || 14 >=14.17'} + + ms@2.1.3: + resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==} + + neo-async@2.6.2: + resolution: {integrity: sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==} + + normalize-package-data@7.0.0: + resolution: {integrity: sha512-k6U0gKRIuNCTkwHGZqblCfLfBRh+w1vI6tBo+IeJwq2M8FUiOqhX7GH+GArQGScA7azd1WfyRCvxoXDO3hQDIA==} + engines: {node: ^18.17.0 || >=20.5.0} + + npm-run-path@5.2.0: + resolution: {integrity: sha512-W4/tgAXFqFA0iL7fk0+uQ3g7wkL8xJmx3XdK0VGb4cHW//eZTtKGvFBBoRKVTpY7n6ze4NL9ly7rgXcHufqXKg==} + engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} + + once@1.4.0: + resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} + + onetime@6.0.0: + resolution: {integrity: sha512-1FlR+gjXK7X+AsAHso35MnyN5KqGwJRi/31ft6x0M194ht7S+rWAvd7PHss9xSKMzE0asv1pyIHaJYq+BbacAQ==} + engines: {node: '>=12'} + + onetime@7.0.0: + resolution: {integrity: sha512-VXJjc87FScF88uafS3JllDgvAm+c/Slfz06lorj2uAY34rlUu0Nt+v8wreiImcrgAjjIHp1rXpTDlLOGw29WwQ==} + engines: {node: '>=18'} + + package-json-from-dist@1.0.0: + resolution: {integrity: sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw==} + + parse-entities@4.0.2: + resolution: {integrity: sha512-GG2AQYWoLgL877gQIKeRPGO1xF9+eG1ujIb5soS5gPvLQ1y2o8FL90w2QWNdf9I361Mpp7726c+lj3U0qK1uGw==} + + path-is-absolute@1.0.1: + resolution: {integrity: sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==} + engines: {node: '>=0.10.0'} + + path-key@3.1.1: + resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==} + engines: {node: '>=8'} + + path-key@4.0.0: + resolution: {integrity: sha512-haREypq7xkM7ErfgIyA0z+Bj4AGKlMSdlQE2jvJo6huWD1EdkKYV+G/T4nq0YEF2vgTT8kqMFKo1uHn950r4SQ==} + engines: {node: '>=12'} + + path-scurry@1.11.1: + resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==} + engines: {node: '>=16 || 14 >=14.18'} + + picomatch@2.3.1: + resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} + engines: {node: '>=8.6'} + + pidtree@0.6.0: + resolution: {integrity: sha512-eG2dWTVw5bzqGRztnHExczNxt5VGsE6OwTeCG3fdUf9KBsZzO3R5OIIIzWR+iZA0NtZ+RDVdaoE2dK1cn6jH4g==} + engines: {node: '>=0.10'} + hasBin: true + + prettier@3.5.3: + resolution: {integrity: sha512-QQtaxnoDJeAkDvDKWCLiwIXkTgRhwYDEQCghU9Z6q03iyek/rxRh/2lC3HB7P8sWT2xC/y5JDctPLBIGzHKbhw==} + engines: {node: '>=14'} + hasBin: true + + punycode.js@2.3.1: + resolution: {integrity: sha512-uxFIHU0YlHYhDQtV4R9J6a52SLx28BCjT+4ieh7IGbgwVJWO+km431c4yRlREUAsAmt/uMjQUyQHNEPf0M39CA==} + engines: {node: '>=6'} + + repeat-string@1.6.1: + resolution: {integrity: sha512-PV0dzCYDNfRi1jCDbJzpW7jNNDRuCOG/jI5ctQcGKt/clZD+YcPS3yIlWuTJMmESC8aevCFmWJy5wjAFgNqN6w==} + engines: {node: '>=0.10'} + + restore-cursor@5.1.0: + resolution: {integrity: sha512-oMA2dcrw6u0YfxJQXm342bFKX/E4sG9rbTzO9ptUcR/e8A33cHuvStiYOwH7fszkZlZ1z/ta9AAoPk2F4qIOHA==} + engines: {node: '>=18'} + + rfdc@1.4.1: + resolution: {integrity: sha512-q1b3N5QkRUWUl7iyylaaj3kOpIT0N2i9MqIEQXP73GVsN9cw3fdx8X63cEmWhJGi2PPCF23Ijp7ktmd39rawIA==} + + run-con@1.3.2: + resolution: {integrity: sha512-CcfE+mYiTcKEzg0IqS08+efdnH0oJ3zV0wSUFBNrMHMuxCtXvBCLzCJHatwuXDcu/RlhjTziTo/a1ruQik6/Yg==} + hasBin: true + + semver@7.6.0: + resolution: {integrity: sha512-EnwXhrlwXMk9gKu5/flx5sv/an57AkRplG3hTK68W7FRDN+k+OWBj65M7719OkA82XLBxrcX0KSHj+X5COhOVg==} + engines: {node: '>=10'} + hasBin: true + + shebang-command@2.0.0: + resolution: {integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==} + engines: {node: '>=8'} + + shebang-regex@3.0.0: + resolution: {integrity: sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==} + engines: {node: '>=8'} + + signal-exit@4.1.0: + resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} + engines: {node: '>=14'} + + slice-ansi@5.0.0: + resolution: {integrity: sha512-FC+lgizVPfie0kkhqUScwRu1O/lF6NOgJmlCgK+/LYxDCTk8sGelYaHDhFcDN+Sn3Cv+3VSa4Byeo+IMCzpMgQ==} + engines: {node: '>=12'} + + slice-ansi@7.1.0: + resolution: {integrity: sha512-bSiSngZ/jWeX93BqeIAbImyTbEihizcwNjFoRUIY/T1wWQsfsm2Vw1agPKylXvQTU7iASGdHhyqRlqQzfz+Htg==} + engines: {node: '>=18'} + + smol-toml@1.3.1: + resolution: {integrity: sha512-tEYNll18pPKHroYSmLLrksq233j021G0giwW7P3D24jC54pQ5W5BXMsQ/Mvw1OJCmEYDgY+lrzT+3nNUtoNfXQ==} + engines: {node: '>= 18'} + + source-map@0.6.1: + resolution: {integrity: sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==} + engines: {node: '>=0.10.0'} + + spdx-correct@3.2.0: + resolution: {integrity: sha512-kN9dJbvnySHULIluDHy32WHRUu3Og7B9sbY7tsFLctQkIqnMh3hErYgdMjTYuqmcXX+lK5T1lnUt3G7zNswmZA==} + + spdx-exceptions@2.4.0: + resolution: {integrity: sha512-hcjppoJ68fhxA/cjbN4T8N6uCUejN8yFw69ttpqtBeCbF3u13n7mb31NB9jKwGTTWWnt9IbRA/mf1FprYS8wfw==} + + spdx-expression-parse@3.0.1: + resolution: {integrity: sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==} + + spdx-license-ids@3.0.16: + resolution: {integrity: sha512-eWN+LnM3GR6gPu35WxNgbGl8rmY1AEmoMDvL/QD6zYmPWgywxWqJWNdLGT+ke8dKNWrcYgYjPpG5gbTfghP8rw==} + + string-argv@0.3.2: + resolution: {integrity: sha512-aqD2Q0144Z+/RqG52NeHEkZauTAUWJO8c6yTftGJKO3Tja5tUgIfmIl6kExvhtxSDP7fXB6DvzkfMpCd/F3G+Q==} + engines: {node: '>=0.6.19'} + + string-width@4.2.3: + resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} + engines: {node: '>=8'} + + string-width@5.1.2: + resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==} + engines: {node: '>=12'} + + string-width@7.1.0: + resolution: {integrity: sha512-SEIJCWiX7Kg4c129n48aDRwLbFb2LJmXXFrWBG4NGaRtMQ3myKPKbwrD1BKqQn74oCoNMBVrfDEr5M9YxCsrkw==} + engines: {node: '>=18'} + + strip-ansi@6.0.1: + resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==} + engines: {node: '>=8'} + + strip-ansi@7.1.0: + resolution: {integrity: sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==} + engines: {node: '>=12'} + + strip-final-newline@3.0.0: + resolution: {integrity: sha512-dOESqjYr96iWYylGObzd39EuNTa5VJxyvVAEm5Jnh7KGo75V43Hk1odPQkNDyXNmUR6k+gEiDVXnjB8HJ3crXw==} + engines: {node: '>=12'} + + strip-json-comments@3.1.1: + resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} + engines: {node: '>=8'} + + to-regex-range@5.0.1: + resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} + engines: {node: '>=8.0'} + + typanion@3.14.0: + resolution: {integrity: sha512-ZW/lVMRabETuYCd9O9ZvMhAh8GslSqaUjxmK/JLPCh6l73CvLBiuXswj/+7LdnWOgYsQ130FqLzFz5aGT4I3Ug==} + + uc.micro@2.1.0: + resolution: {integrity: sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==} + + uglify-js@3.17.4: + resolution: {integrity: sha512-T9q82TJI9e/C1TAxYvfb16xO120tMVFZrGA3f9/P4424DNu6ypK103y0GPFVa17yotwSyZW5iYXgjYHkGrJW/g==} + engines: {node: '>=0.8.0'} + hasBin: true + + validate-npm-package-license@3.0.4: + resolution: {integrity: sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==} + + walk-up-path@3.0.1: + resolution: {integrity: sha512-9YlCL/ynK3CTlrSRrDxZvUauLzAswPCrsaCgilqFevUYpeEW0/3ScEjaa3kbW/T0ghhkEr7mv+fpjqn1Y1YuTA==} + + which@2.0.2: + resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==} + engines: {node: '>= 8'} + hasBin: true + + wordwrap@1.0.0: + resolution: {integrity: sha512-gvVzJFlPycKc5dZN4yPkP8w7Dc37BtP1yczEneOb4uq34pXZcvrtRTmWV8W+Ume+XCxKgbjM+nevkyFPMybd4Q==} + + wrap-ansi@7.0.0: + resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} + engines: {node: '>=10'} + + wrap-ansi@8.1.0: + resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==} + engines: {node: '>=12'} + + wrap-ansi@9.0.0: + resolution: {integrity: sha512-G8ura3S+3Z2G+mkgNRq8dqaFZAuxfsxpBB8OCTGRTCtp+l/v9nbFNmCUP1BZMts3G1142MsZfn6eeUKrr4PD1Q==} + engines: {node: '>=18'} + + wrappy@1.0.2: + resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} + + yallist@4.0.0: + resolution: {integrity: sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==} + + yaml@2.7.0: + resolution: {integrity: sha512-+hSoy/QHluxmC9kCIJyL/uyFmLmc+e5CFR5Wa+bpIhIj85LVb9ZH2nVnqrHoSvKogwODv0ClqZkmiSSaIH5LTA==} + engines: {node: '>= 14'} + hasBin: true + +snapshots: + + '@bitnami/readme-generator-for-helm@2.7.0': + dependencies: + commander: 13.1.0 + dot-object: 2.1.5 + lodash: 4.17.21 + markdown-table: 2.0.0 + yaml: 2.7.0 + + '@conventional-changelog/git-client@1.0.0(conventional-commits-filter@4.0.0)(conventional-commits-parser@6.1.0)': + dependencies: + '@types/semver': 7.5.8 + semver: 7.6.0 + optionalDependencies: + conventional-commits-filter: 4.0.0 + conventional-commits-parser: 6.1.0 + + '@hutson/parse-repository-url@5.0.0': {} + + '@isaacs/cliui@8.0.2': + dependencies: + string-width: 5.1.2 + string-width-cjs: string-width@4.2.3 + strip-ansi: 7.1.0 + strip-ansi-cjs: strip-ansi@6.0.1 + wrap-ansi: 8.1.0 + wrap-ansi-cjs: wrap-ansi@7.0.0 + + '@pkgjs/parseargs@0.11.0': + optional: true + + '@types/debug@4.1.12': + dependencies: + '@types/ms': 2.1.0 + + '@types/katex@0.16.7': {} + + '@types/ms@2.1.0': {} + + '@types/semver@7.5.8': {} + + '@types/unist@2.0.11': {} + + add-stream@1.0.0: {} + + ansi-escapes@7.0.0: + dependencies: + environment: 1.1.0 + + ansi-regex@5.0.1: {} + + ansi-regex@6.0.1: {} + + ansi-styles@4.3.0: + dependencies: + color-convert: 2.0.1 + + ansi-styles@6.2.1: {} + + argparse@2.0.1: {} + + array-ify@1.0.0: {} + + balanced-match@1.0.2: {} + + brace-expansion@1.1.11: + dependencies: + balanced-match: 1.0.2 + concat-map: 0.0.1 + + brace-expansion@2.0.1: + dependencies: + balanced-match: 1.0.2 + + braces@3.0.3: + dependencies: + fill-range: 7.1.1 + + chalk@5.4.1: {} + + character-entities-legacy@3.0.0: {} + + character-entities@2.0.2: {} + + character-reference-invalid@2.0.1: {} + + cli-cursor@5.0.0: + dependencies: + restore-cursor: 5.1.0 + + cli-truncate@4.0.0: + dependencies: + slice-ansi: 5.0.0 + string-width: 7.1.0 + + clipanion@3.2.1(typanion@3.14.0): + dependencies: + typanion: 3.14.0 + + color-convert@2.0.1: + dependencies: + color-name: 1.1.4 + + color-name@1.1.4: {} + + colorette@2.0.20: {} + + commander@13.1.0: {} + + commander@6.2.1: {} + + commander@8.3.0: {} + + compare-func@2.0.0: + dependencies: + array-ify: 1.0.0 + dot-prop: 5.3.0 + + concat-map@0.0.1: {} + + conventional-changelog-conventionalcommits@8.0.0: + dependencies: + compare-func: 2.0.0 + + conventional-changelog-core@9.0.0(conventional-commits-filter@4.0.0): + dependencies: + '@hutson/parse-repository-url': 5.0.0 + add-stream: 1.0.0 + conventional-changelog-writer: 8.0.1 + conventional-commits-parser: 6.1.0 + fd-package-json: 1.2.0 + git-raw-commits: 5.0.0(conventional-commits-filter@4.0.0)(conventional-commits-parser@6.1.0) + git-semver-tags: 8.0.0(conventional-commits-filter@4.0.0)(conventional-commits-parser@6.1.0) + hosted-git-info: 8.0.2 + normalize-package-data: 7.0.0 + transitivePeerDependencies: + - conventional-commits-filter + + conventional-changelog-writer@8.0.1: + dependencies: + conventional-commits-filter: 5.0.0 + handlebars: 4.7.8 + meow: 13.2.0 + semver: 7.6.0 + + conventional-commits-filter@4.0.0: + optional: true + + conventional-commits-filter@5.0.0: {} + + conventional-commits-parser@6.1.0: + dependencies: + meow: 13.2.0 + + cross-spawn@7.0.3: + dependencies: + path-key: 3.1.1 + shebang-command: 2.0.0 + which: 2.0.2 + + debug@4.4.0: + dependencies: + ms: 2.1.3 + + decode-named-character-reference@1.0.2: + dependencies: + character-entities: 2.0.2 + + deep-extend@0.6.0: {} + + dequal@2.0.3: {} + + devlop@1.1.0: + dependencies: + dequal: 2.0.3 + + dot-object@2.1.5: + dependencies: + commander: 6.2.1 + glob: 7.2.3 + + dot-prop@5.3.0: + dependencies: + is-obj: 2.0.0 + + eastasianwidth@0.2.0: {} + + emoji-regex@10.3.0: {} + + emoji-regex@8.0.0: {} + + emoji-regex@9.2.2: {} + + entities@4.5.0: {} + + environment@1.1.0: {} + + eventemitter3@5.0.1: {} + + execa@8.0.1: dependencies: cross-spawn: 7.0.3 get-stream: 8.0.1 @@ -408,87 +970,52 @@ packages: onetime: 6.0.0 signal-exit: 4.1.0 strip-final-newline: 3.0.0 - dev: true - /fill-range@7.0.1: - resolution: {integrity: sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==} - engines: {node: '>=8'} + fd-package-json@1.2.0: + dependencies: + walk-up-path: 3.0.1 + + fill-range@7.1.1: dependencies: to-regex-range: 5.0.1 - dev: true - /find-up@6.3.0: - resolution: {integrity: sha512-v2ZsoEuVHYy8ZIlYqwPe/39Cy+cFDzp4dXPaxNvkEuouymu+2Jbz0PxpKarJHYJTmv2HWT3O382qY8l4jMWthw==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - dependencies: - locate-path: 7.2.0 - path-exists: 5.0.0 - dev: true - - /foreground-child@3.1.1: - resolution: {integrity: sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==} - engines: {node: '>=14'} + foreground-child@3.1.1: dependencies: cross-spawn: 7.0.3 signal-exit: 4.1.0 - dev: true - /fs.realpath@1.0.0: - resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==} - dev: true + fs.realpath@1.0.0: {} - /function-bind@1.1.2: - resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} - dev: true + get-east-asian-width@1.2.0: {} - /get-east-asian-width@1.2.0: - resolution: {integrity: sha512-2nk+7SIVb14QrgXFHcm84tD4bKQz0RxPuMT8Ag5KPOq7J5fEmAg0UbXdTOSHqNuHSU28k55qnceesxXRZGzKWA==} - engines: {node: '>=18'} - dev: true + get-stream@8.0.1: {} - /get-stdin@9.0.0: - resolution: {integrity: sha512-dVKBjfWisLAicarI2Sf+JuBE/DghV4UzNAVe9yhEJuzeREd3JhOTE9cUaJTeSa77fsbQUK3pcOpJfM59+VKZaA==} - engines: {node: '>=12'} - dev: true - - /get-stream@8.0.1: - resolution: {integrity: sha512-VaUJspBffn/LMCJVoMvSAdmscJyS1auj5Zulnn5UoYcY531UWmdwhRWkcGKnGU93m5HSXP9LP2usOryrBtQowA==} - engines: {node: '>=16'} - dev: true - - /git-raw-commits@4.0.0: - resolution: {integrity: sha512-ICsMM1Wk8xSGMowkOmPrzo2Fgmfo4bMHLNX6ytHjajRJUqvHOw/TFapQ+QG75c3X/tTDDhOSRPGC52dDbNM8FQ==} - engines: {node: '>=16'} - hasBin: true + git-raw-commits@5.0.0(conventional-commits-filter@4.0.0)(conventional-commits-parser@6.1.0): dependencies: - dargs: 8.1.0 - meow: 12.1.1 - split2: 4.2.0 - dev: true + '@conventional-changelog/git-client': 1.0.0(conventional-commits-filter@4.0.0)(conventional-commits-parser@6.1.0) + meow: 13.2.0 + transitivePeerDependencies: + - conventional-commits-filter + - conventional-commits-parser - /git-semver-tags@7.0.1: - resolution: {integrity: sha512-NY0ZHjJzyyNXHTDZmj+GG7PyuAKtMsyWSwh07CR2hOZFa+/yoTsXci/nF2obzL8UDhakFNkD9gNdt/Ed+cxh2Q==} - engines: {node: '>=16'} - hasBin: true + git-semver-tags@8.0.0(conventional-commits-filter@4.0.0)(conventional-commits-parser@6.1.0): dependencies: - meow: 12.1.1 - semver: 7.6.0 - dev: true + '@conventional-changelog/git-client': 1.0.0(conventional-commits-filter@4.0.0)(conventional-commits-parser@6.1.0) + meow: 13.2.0 + transitivePeerDependencies: + - conventional-commits-filter + - conventional-commits-parser - /glob@10.3.10: - resolution: {integrity: sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g==} - engines: {node: '>=16 || 14 >=14.17'} - hasBin: true + glob@10.4.5: dependencies: foreground-child: 3.1.1 - jackspeak: 2.3.6 - minimatch: 9.0.3 - minipass: 7.0.4 - path-scurry: 1.10.1 - dev: true + jackspeak: 3.4.3 + minimatch: 9.0.5 + minipass: 7.1.2 + package-json-from-dist: 1.0.0 + path-scurry: 1.11.1 - /glob@7.2.3: - resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} + glob@7.2.3: dependencies: fs.realpath: 1.0.0 inflight: 1.0.6 @@ -496,12 +1023,8 @@ packages: minimatch: 3.1.2 once: 1.4.0 path-is-absolute: 1.0.1 - dev: true - /handlebars@4.7.8: - resolution: {integrity: sha512-vafaFqs8MZkRrSX7sFVUdo3ap/eNiLnb4IakshzvP56X5Nr1iGKAIqdX6tMlm6HcNRIkr6AxO5jFEoJzzpT8aQ==} - engines: {node: '>=0.4.7'} - hasBin: true + handlebars@4.7.8: dependencies: minimist: 1.2.8 neo-async: 2.6.2 @@ -509,739 +1032,547 @@ packages: wordwrap: 1.0.0 optionalDependencies: uglify-js: 3.17.4 - dev: true - /has-flag@3.0.0: - resolution: {integrity: sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==} - engines: {node: '>=4'} - dev: true - - /hasown@2.0.0: - resolution: {integrity: sha512-vUptKVTpIJhcczKBbgnS+RtcuYMB8+oNzPK2/Hp3hanz8JmpATdmmgLgSaadVREkDm+e2giHwY3ZRkyjSIDDFA==} - engines: {node: '>= 0.4'} - dependencies: - function-bind: 1.1.2 - dev: true - - /hosted-git-info@7.0.1: - resolution: {integrity: sha512-+K84LB1DYwMHoHSgaOY/Jfhw3ucPmSET5v98Ke/HdNSw4a0UktWzyW1mjhjpuxxTqOOsfWT/7iVshHmVZ4IpOA==} - engines: {node: ^16.14.0 || >=18.0.0} + hosted-git-info@8.0.2: dependencies: lru-cache: 10.2.0 - dev: true - /human-signals@5.0.0: - resolution: {integrity: sha512-AXcZb6vzzrFAUE61HnN4mpLqd/cSIwNQjtNWR0euPm6y0iqx3G4gOXaIDdtdDwZmhwe82LA6+zinmW4UBWVePQ==} - engines: {node: '>=16.17.0'} - dev: true + human-signals@5.0.0: {} - /husky@9.0.10: - resolution: {integrity: sha512-TQGNknoiy6bURzIO77pPRu+XHi6zI7T93rX+QnJsoYFf3xdjKOur+IlfqzJGMHIK/wXrLg+GsvMs8Op7vI2jVA==} - engines: {node: '>=18'} - hasBin: true - dev: true + husky@9.1.7: {} - /ignore@5.3.1: - resolution: {integrity: sha512-5Fytz/IraMjqpwfd34ke28PTVMjZjJG2MPn5t7OE4eUCUNf8BAa7b5WUS9/Qvr6mwOQS7Mk6vdsMno5he+T8Xw==} - engines: {node: '>= 4'} - dev: true + ignore@7.0.3: {} - /inflight@1.0.6: - resolution: {integrity: sha512-k92I/b08q4wvFscXCLvqfsHCrjrF7yiXsQuIVvVE7N82W3+aqpzuUdBbfhWcy/FZR3/4IgflMgKLOsvPDrGCJA==} + inflight@1.0.6: dependencies: once: 1.4.0 wrappy: 1.0.2 - dev: true - /inherits@2.0.4: - resolution: {integrity: sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==} - dev: true + inherits@2.0.4: {} - /ini@4.1.1: - resolution: {integrity: sha512-QQnnxNyfvmHFIsj7gkPcYymR8Jdw/o7mp5ZFihxn6h8Ci6fh3Dx4E1gPjpQEpIuPo9XVNY/ZUwh4BPMjGyL01g==} - engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} - dev: true + ini@4.1.1: {} - /is-arrayish@0.2.1: - resolution: {integrity: sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==} - dev: true + is-alphabetical@2.0.1: {} - /is-core-module@2.13.1: - resolution: {integrity: sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw==} + is-alphanumerical@2.0.1: dependencies: - hasown: 2.0.0 - dev: true + is-alphabetical: 2.0.1 + is-decimal: 2.0.1 - /is-fullwidth-code-point@3.0.0: - resolution: {integrity: sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==} - engines: {node: '>=8'} - dev: true + is-decimal@2.0.1: {} - /is-fullwidth-code-point@4.0.0: - resolution: {integrity: sha512-O4L094N2/dZ7xqVdrXhh9r1KODPJpFms8B5sGdJLPy664AgvXsreZUyCQQNItZRDlYug4xStLjNp/sz3HvBowQ==} - engines: {node: '>=12'} - dev: true + is-fullwidth-code-point@3.0.0: {} - /is-fullwidth-code-point@5.0.0: - resolution: {integrity: sha512-OVa3u9kkBbw7b8Xw5F9P+D/T9X+Z4+JruYVNapTjPYZYUznQ5YfWeFkOj606XYYW8yugTfC8Pj0hYqvi4ryAhA==} - engines: {node: '>=18'} + is-fullwidth-code-point@4.0.0: {} + + is-fullwidth-code-point@5.0.0: dependencies: get-east-asian-width: 1.2.0 - dev: true - /is-number@7.0.0: - resolution: {integrity: sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==} - engines: {node: '>=0.12.0'} - dev: true + is-hexadecimal@2.0.1: {} - /is-obj@2.0.0: - resolution: {integrity: sha512-drqDG3cbczxxEJRoOXcOjtdp1J/lyp1mNn0xaznRs8+muBhgQcrnbspox5X5fOw0HnMnbfDzvnEMEtqDEJEo8w==} - engines: {node: '>=8'} - dev: true + is-number@7.0.0: {} - /is-stream@3.0.0: - resolution: {integrity: sha512-LnQR4bZ9IADDRSkvpqMGvt/tEJWclzklNgSw48V5EAaAeDd6qGvN8ei6k5p0tvxSR171VmGyHuTiAOfxAbr8kA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - dev: true + is-obj@2.0.0: {} - /is-text-path@2.0.0: - resolution: {integrity: sha512-+oDTluR6WEjdXEJMnC2z6A4FRwFoYuvShVVEGsS7ewc0UTi2QtAKMDJuL4BDEVt+5T7MjFo12RP8ghOM75oKJw==} - engines: {node: '>=8'} - dependencies: - text-extensions: 2.4.0 - dev: true + is-stream@3.0.0: {} - /isexe@2.0.0: - resolution: {integrity: sha512-RHxMLp9lnKHGHRng9QFhRCMbYAcVpn69smSGcq3f36xjgVVWThj4qqLbTLlq7Ssj8B+fIQ1EuCEGI2lKsyQeIw==} - dev: true + isexe@2.0.0: {} - /jackspeak@2.3.6: - resolution: {integrity: sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==} - engines: {node: '>=14'} + jackspeak@3.4.3: dependencies: '@isaacs/cliui': 8.0.2 optionalDependencies: '@pkgjs/parseargs': 0.11.0 - dev: true - /js-tokens@4.0.0: - resolution: {integrity: sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==} - dev: true - - /js-yaml@4.1.0: - resolution: {integrity: sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==} - hasBin: true + js-yaml@4.1.0: dependencies: argparse: 2.0.1 - dev: true - /json-parse-even-better-errors@3.0.1: - resolution: {integrity: sha512-aatBvbL26wVUCLmbWdCpeu9iF5wOyWpagiKkInA+kfws3sWdBrTnsvN2CKcyCYyUrc7rebNBlK6+kteg7ksecg==} - engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} - dev: true + jsonc-parser@3.3.1: {} - /json-stringify-safe@5.0.1: - resolution: {integrity: sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==} - dev: true + jsonpointer@5.0.1: {} - /jsonc-parser@3.2.1: - resolution: {integrity: sha512-AilxAyFOAcK5wA1+LeaySVBrHsGQvUFCDWXKpZjzaL0PqW+xfBOttn8GNtWKFWqneyMZj41MWF9Kl6iPWLwgOA==} - dev: true - - /jsonparse@1.3.1: - resolution: {integrity: sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg==} - engines: {'0': node >= 0.2.0} - dev: true - - /lilconfig@3.0.0: - resolution: {integrity: sha512-K2U4W2Ff5ibV7j7ydLr+zLAkIg5JJ4lPn1Ltsdt+Tz/IjQ8buJ55pZAxoP34lqIiwtF9iAvtLv3JGv7CAyAg+g==} - engines: {node: '>=14'} - dev: true - - /lines-and-columns@2.0.4: - resolution: {integrity: sha512-wM1+Z03eypVAVUCE7QdSqpVIvelbOakn1M0bPDoA4SGWPx3sNDVUiMo3L6To6WWGClB7VyXnhQ4Sn7gxiJbE6A==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - dev: true - - /linkify-it@5.0.0: - resolution: {integrity: sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==} + katex@0.16.21: dependencies: - uc.micro: 2.0.0 - dev: true + commander: 8.3.0 - /lint-staged@15.2.2: - resolution: {integrity: sha512-TiTt93OPh1OZOsb5B7k96A/ATl2AjIZo+vnzFZ6oHK5FuTk63ByDtxGQpHm+kFETjEWqgkF95M8FRXKR/LEBcw==} - engines: {node: '>=18.12.0'} - hasBin: true + lilconfig@3.1.3: {} + + linkify-it@5.0.0: dependencies: - chalk: 5.3.0 - commander: 11.1.0 - debug: 4.3.4 + uc.micro: 2.1.0 + + lint-staged@15.5.0: + dependencies: + chalk: 5.4.1 + commander: 13.1.0 + debug: 4.4.0 execa: 8.0.1 - lilconfig: 3.0.0 - listr2: 8.0.1 - micromatch: 4.0.5 + lilconfig: 3.1.3 + listr2: 8.2.5 + micromatch: 4.0.8 pidtree: 0.6.0 string-argv: 0.3.2 - yaml: 2.3.4 + yaml: 2.7.0 transitivePeerDependencies: - supports-color - dev: true - /listr2@8.0.1: - resolution: {integrity: sha512-ovJXBXkKGfq+CwmKTjluEqFi3p4h8xvkxGQQAQan22YCgef4KZ1mKGjzfGh6PL6AW5Csw0QiQPNuQyH+6Xk3hA==} - engines: {node: '>=18.0.0'} + listr2@8.2.5: dependencies: cli-truncate: 4.0.0 colorette: 2.0.20 eventemitter3: 5.0.1 - log-update: 6.0.0 - rfdc: 1.3.1 + log-update: 6.1.0 + rfdc: 1.4.1 wrap-ansi: 9.0.0 - dev: true - /locate-path@7.2.0: - resolution: {integrity: sha512-gvVijfZvn7R+2qyPX8mAuKcFGDf6Nc61GdvGafQsHL0sBIxfKzA+usWn4GFC/bk+QdwPUD4kWFJLhElipq+0VA==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} + lodash@4.17.21: {} + + log-update@6.1.0: dependencies: - p-locate: 6.0.0 - dev: true - - /lodash@4.17.21: - resolution: {integrity: sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==} - dev: true - - /log-update@6.0.0: - resolution: {integrity: sha512-niTvB4gqvtof056rRIrTZvjNYE4rCUzO6X/X+kYjd7WFxXeJ0NwEFnRxX6ehkvv3jTwrXnNdtAak5XYZuIyPFw==} - engines: {node: '>=18'} - dependencies: - ansi-escapes: 6.2.0 - cli-cursor: 4.0.0 + ansi-escapes: 7.0.0 + cli-cursor: 5.0.0 slice-ansi: 7.1.0 strip-ansi: 7.1.0 wrap-ansi: 9.0.0 - dev: true - /lru-cache@10.2.0: - resolution: {integrity: sha512-2bIM8x+VAf6JT4bKAljS1qUWgMsqZRPGJS6FSahIMPVvctcNhyVp7AJu7quxOW9jwkryBReKZY5tY5JYv2n/7Q==} - engines: {node: 14 || >=16.14} - dev: true + lru-cache@10.2.0: {} - /lru-cache@6.0.0: - resolution: {integrity: sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==} - engines: {node: '>=10'} + lru-cache@6.0.0: dependencies: yallist: 4.0.0 - dev: true - /markdown-it@14.0.0: - resolution: {integrity: sha512-seFjF0FIcPt4P9U39Bq1JYblX0KZCjDLFFQPHpL5AzHpqPEKtosxmdq/LTVZnjfH7tjt9BxStm+wXcDBNuYmzw==} - hasBin: true + markdown-it@14.1.0: dependencies: argparse: 2.0.1 entities: 4.5.0 linkify-it: 5.0.0 mdurl: 2.0.0 punycode.js: 2.3.1 - uc.micro: 2.0.0 - dev: true + uc.micro: 2.1.0 - /markdown-table@2.0.0: - resolution: {integrity: sha512-Ezda85ToJUBhM6WGaG6veasyym+Tbs3cMAw/ZhOPqXiYsr0jgocBV3j3nx+4lk47plLlIqjwuTm/ywVI+zjJ/A==} + markdown-table@2.0.0: dependencies: repeat-string: 1.6.1 - dev: true - /markdownlint-cli@0.39.0: - resolution: {integrity: sha512-ZuFN7Xpsbn1Nbp0YYkeLOfXOMOfLQBik2lKRy8pVI/llmKQ2uW7x+8k5OMgF6o7XCsTDSYC/OOmeJ+3qplvnJQ==} - engines: {node: '>=18'} - hasBin: true + markdownlint-cli@0.44.0: dependencies: - commander: 11.1.0 - get-stdin: 9.0.0 - glob: 10.3.10 - ignore: 5.3.1 + commander: 13.1.0 + glob: 10.4.5 + ignore: 7.0.3 js-yaml: 4.1.0 - jsonc-parser: 3.2.1 - markdownlint: 0.33.0 - minimatch: 9.0.3 + jsonc-parser: 3.3.1 + jsonpointer: 5.0.1 + markdownlint: 0.37.4 + minimatch: 9.0.5 run-con: 1.3.2 - dev: true + smol-toml: 1.3.1 + transitivePeerDependencies: + - supports-color - /markdownlint-micromark@0.1.8: - resolution: {integrity: sha512-1ouYkMRo9/6gou9gObuMDnvZM8jC/ly3QCFQyoSPCS2XV1ZClU0xpKbL1Ar3bWWRT1RnBZkWUEiNKrI2CwiBQA==} - engines: {node: '>=16'} - dev: true - - /markdownlint@0.33.0: - resolution: {integrity: sha512-4lbtT14A3m0LPX1WS/3d1m7Blg+ZwiLq36WvjQqFGsX3Gik99NV+VXp/PW3n+Q62xyPdbvGOCfjPqjW+/SKMig==} - engines: {node: '>=18'} + markdownlint@0.37.4: dependencies: - markdown-it: 14.0.0 - markdownlint-micromark: 0.1.8 - dev: true + markdown-it: 14.1.0 + micromark: 4.0.1 + micromark-core-commonmark: 2.0.2 + micromark-extension-directive: 3.0.2 + micromark-extension-gfm-autolink-literal: 2.1.0 + micromark-extension-gfm-footnote: 2.1.0 + micromark-extension-gfm-table: 2.1.0 + micromark-extension-math: 3.1.0 + micromark-util-types: 2.0.1 + transitivePeerDependencies: + - supports-color - /mdurl@2.0.0: - resolution: {integrity: sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==} - dev: true + mdurl@2.0.0: {} - /meow@12.1.1: - resolution: {integrity: sha512-BhXM0Au22RwUneMPwSCnyhTOizdWoIEPU9sp0Aqa1PnDMR5Wv2FGXYDjuzJEIX+Eo2Rb8xuYe5jrnm5QowQFkw==} - engines: {node: '>=16.10'} - dev: true + meow@13.2.0: {} - /merge-stream@2.0.0: - resolution: {integrity: sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==} - dev: true + merge-stream@2.0.0: {} - /micromatch@4.0.5: - resolution: {integrity: sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==} - engines: {node: '>=8.6'} + micromark-core-commonmark@2.0.2: dependencies: - braces: 3.0.2 + decode-named-character-reference: 1.0.2 + devlop: 1.1.0 + micromark-factory-destination: 2.0.1 + micromark-factory-label: 2.0.1 + micromark-factory-space: 2.0.1 + micromark-factory-title: 2.0.1 + micromark-factory-whitespace: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-chunked: 2.0.1 + micromark-util-classify-character: 2.0.1 + micromark-util-html-tag-name: 2.0.1 + micromark-util-normalize-identifier: 2.0.1 + micromark-util-resolve-all: 2.0.1 + micromark-util-subtokenize: 2.0.4 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-extension-directive@3.0.2: + dependencies: + devlop: 1.1.0 + micromark-factory-space: 2.0.1 + micromark-factory-whitespace: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + parse-entities: 4.0.2 + + micromark-extension-gfm-autolink-literal@2.1.0: + dependencies: + micromark-util-character: 2.1.1 + micromark-util-sanitize-uri: 2.0.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-extension-gfm-footnote@2.1.0: + dependencies: + devlop: 1.1.0 + micromark-core-commonmark: 2.0.2 + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-normalize-identifier: 2.0.1 + micromark-util-sanitize-uri: 2.0.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-extension-gfm-table@2.1.0: + dependencies: + devlop: 1.1.0 + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-extension-math@3.1.0: + dependencies: + '@types/katex': 0.16.7 + devlop: 1.1.0 + katex: 0.16.21 + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-factory-destination@2.0.1: + dependencies: + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-factory-label@2.0.1: + dependencies: + devlop: 1.1.0 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-factory-space@2.0.1: + dependencies: + micromark-util-character: 2.1.1 + micromark-util-types: 2.0.1 + + micromark-factory-title@2.0.1: + dependencies: + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-factory-whitespace@2.0.1: + dependencies: + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-util-character@2.1.1: + dependencies: + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-util-chunked@2.0.1: + dependencies: + micromark-util-symbol: 2.0.1 + + micromark-util-classify-character@2.0.1: + dependencies: + micromark-util-character: 2.1.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-util-combine-extensions@2.0.1: + dependencies: + micromark-util-chunked: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-util-decode-numeric-character-reference@2.0.2: + dependencies: + micromark-util-symbol: 2.0.1 + + micromark-util-encode@2.0.1: {} + + micromark-util-html-tag-name@2.0.1: {} + + micromark-util-normalize-identifier@2.0.1: + dependencies: + micromark-util-symbol: 2.0.1 + + micromark-util-resolve-all@2.0.1: + dependencies: + micromark-util-types: 2.0.1 + + micromark-util-sanitize-uri@2.0.1: + dependencies: + micromark-util-character: 2.1.1 + micromark-util-encode: 2.0.1 + micromark-util-symbol: 2.0.1 + + micromark-util-subtokenize@2.0.4: + dependencies: + devlop: 1.1.0 + micromark-util-chunked: 2.0.1 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + + micromark-util-symbol@2.0.1: {} + + micromark-util-types@2.0.1: {} + + micromark@4.0.1: + dependencies: + '@types/debug': 4.1.12 + debug: 4.4.0 + decode-named-character-reference: 1.0.2 + devlop: 1.1.0 + micromark-core-commonmark: 2.0.2 + micromark-factory-space: 2.0.1 + micromark-util-character: 2.1.1 + micromark-util-chunked: 2.0.1 + micromark-util-combine-extensions: 2.0.1 + micromark-util-decode-numeric-character-reference: 2.0.2 + micromark-util-encode: 2.0.1 + micromark-util-normalize-identifier: 2.0.1 + micromark-util-resolve-all: 2.0.1 + micromark-util-sanitize-uri: 2.0.1 + micromark-util-subtokenize: 2.0.4 + micromark-util-symbol: 2.0.1 + micromark-util-types: 2.0.1 + transitivePeerDependencies: + - supports-color + + micromatch@4.0.8: + dependencies: + braces: 3.0.3 picomatch: 2.3.1 - dev: true - /mimic-fn@2.1.0: - resolution: {integrity: sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==} - engines: {node: '>=6'} - dev: true + mimic-fn@4.0.0: {} - /mimic-fn@4.0.0: - resolution: {integrity: sha512-vqiC06CuhBTUdZH+RYl8sFrL096vA45Ok5ISO6sE/Mr1jRbGH4Csnhi8f3wKVl7x8mO4Au7Ir9D3Oyv1VYMFJw==} - engines: {node: '>=12'} - dev: true + mimic-function@5.0.1: {} - /minimatch@3.1.2: - resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} + minimatch@3.1.2: dependencies: brace-expansion: 1.1.11 - dev: true - /minimatch@9.0.3: - resolution: {integrity: sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==} - engines: {node: '>=16 || 14 >=14.17'} + minimatch@9.0.5: dependencies: brace-expansion: 2.0.1 - dev: true - /minimist@1.2.8: - resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==} - dev: true + minimist@1.2.8: {} - /minipass@7.0.4: - resolution: {integrity: sha512-jYofLM5Dam9279rdkWzqHozUo4ybjdZmCsDHePy5V/PbBcVMiSZR97gmAy45aqi8CK1lG2ECd356FU86avfwUQ==} - engines: {node: '>=16 || 14 >=14.17'} - dev: true + minipass@7.1.2: {} - /ms@2.1.2: - resolution: {integrity: sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==} - dev: true + ms@2.1.3: {} - /neo-async@2.6.2: - resolution: {integrity: sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==} - dev: true + neo-async@2.6.2: {} - /normalize-package-data@6.0.0: - resolution: {integrity: sha512-UL7ELRVxYBHBgYEtZCXjxuD5vPxnmvMGq0jp/dGPKKrN7tfsBh2IY7TlJ15WWwdjRWD3RJbnsygUurTK3xkPkg==} - engines: {node: ^16.14.0 || >=18.0.0} + normalize-package-data@7.0.0: dependencies: - hosted-git-info: 7.0.1 - is-core-module: 2.13.1 + hosted-git-info: 8.0.2 semver: 7.6.0 validate-npm-package-license: 3.0.4 - dev: true - /npm-run-path@5.2.0: - resolution: {integrity: sha512-W4/tgAXFqFA0iL7fk0+uQ3g7wkL8xJmx3XdK0VGb4cHW//eZTtKGvFBBoRKVTpY7n6ze4NL9ly7rgXcHufqXKg==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} + npm-run-path@5.2.0: dependencies: path-key: 4.0.0 - dev: true - /once@1.4.0: - resolution: {integrity: sha512-lNaJgI+2Q5URQBkccEKHTQOPaXdUxnZZElQTZY0MFUAuaEqe1E+Nyvgdz/aIyNi6Z9MzO5dv1H8n58/GELp3+w==} + once@1.4.0: dependencies: wrappy: 1.0.2 - dev: true - /onetime@5.1.2: - resolution: {integrity: sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==} - engines: {node: '>=6'} - dependencies: - mimic-fn: 2.1.0 - dev: true - - /onetime@6.0.0: - resolution: {integrity: sha512-1FlR+gjXK7X+AsAHso35MnyN5KqGwJRi/31ft6x0M194ht7S+rWAvd7PHss9xSKMzE0asv1pyIHaJYq+BbacAQ==} - engines: {node: '>=12'} + onetime@6.0.0: dependencies: mimic-fn: 4.0.0 - dev: true - /p-limit@4.0.0: - resolution: {integrity: sha512-5b0R4txpzjPWVw/cXXUResoD4hb6U/x9BH08L7nw+GN1sezDzPdxeRvpc9c433fZhBan/wusjbCsqwqm4EIBIQ==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} + onetime@7.0.0: dependencies: - yocto-queue: 1.0.0 - dev: true + mimic-function: 5.0.1 - /p-locate@6.0.0: - resolution: {integrity: sha512-wPrq66Llhl7/4AGC6I+cqxT07LhXvWL08LNXz1fENOw0Ap4sRZZ/gZpTTJ5jpurzzzfS2W/Ge9BY3LgLjCShcw==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} + package-json-from-dist@1.0.0: {} + + parse-entities@4.0.2: dependencies: - p-limit: 4.0.0 - dev: true + '@types/unist': 2.0.11 + character-entities-legacy: 3.0.0 + character-reference-invalid: 2.0.1 + decode-named-character-reference: 1.0.2 + is-alphanumerical: 2.0.1 + is-decimal: 2.0.1 + is-hexadecimal: 2.0.1 - /parse-json@7.1.1: - resolution: {integrity: sha512-SgOTCX/EZXtZxBE5eJ97P4yGM5n37BwRU+YMsH4vNzFqJV/oWFXXCmwFlgWUM4PrakybVOueJJ6pwHqSVhTFDw==} - engines: {node: '>=16'} - dependencies: - '@babel/code-frame': 7.23.5 - error-ex: 1.3.2 - json-parse-even-better-errors: 3.0.1 - lines-and-columns: 2.0.4 - type-fest: 3.13.1 - dev: true + path-is-absolute@1.0.1: {} - /path-exists@5.0.0: - resolution: {integrity: sha512-RjhtfwJOxzcFmNOi6ltcbcu4Iu+FL3zEj83dk4kAS+fVpTxXLO1b38RvJgT/0QwvV/L3aY9TAnyv0EOqW4GoMQ==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - dev: true + path-key@3.1.1: {} - /path-is-absolute@1.0.1: - resolution: {integrity: sha512-AVbw3UJ2e9bq64vSaS9Am0fje1Pa8pbGqTTsmXfaIiMpnr5DlDhfJOuLj9Sf95ZPVDAUerDfEk88MPmPe7UCQg==} - engines: {node: '>=0.10.0'} - dev: true + path-key@4.0.0: {} - /path-key@3.1.1: - resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==} - engines: {node: '>=8'} - dev: true - - /path-key@4.0.0: - resolution: {integrity: sha512-haREypq7xkM7ErfgIyA0z+Bj4AGKlMSdlQE2jvJo6huWD1EdkKYV+G/T4nq0YEF2vgTT8kqMFKo1uHn950r4SQ==} - engines: {node: '>=12'} - dev: true - - /path-scurry@1.10.1: - resolution: {integrity: sha512-MkhCqzzBEpPvxxQ71Md0b1Kk51W01lrYvlMzSUaIzNsODdd7mqhiimSZlr+VegAz5Z6Vzt9Xg2ttE//XBhH3EQ==} - engines: {node: '>=16 || 14 >=14.17'} + path-scurry@1.11.1: dependencies: lru-cache: 10.2.0 - minipass: 7.0.4 - dev: true + minipass: 7.1.2 - /picomatch@2.3.1: - resolution: {integrity: sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==} - engines: {node: '>=8.6'} - dev: true + picomatch@2.3.1: {} - /pidtree@0.6.0: - resolution: {integrity: sha512-eG2dWTVw5bzqGRztnHExczNxt5VGsE6OwTeCG3fdUf9KBsZzO3R5OIIIzWR+iZA0NtZ+RDVdaoE2dK1cn6jH4g==} - engines: {node: '>=0.10'} - hasBin: true - dev: true + pidtree@0.6.0: {} - /prettier@3.2.5: - resolution: {integrity: sha512-3/GWa9aOC0YeD7LUfvOG2NiDyhOWRvt1k+rcKhOuYnMY24iiCphgneUfJDyFXd6rZCAnuLBv6UeAULtrhT/F4A==} - engines: {node: '>=14'} - hasBin: true - dev: true + prettier@3.5.3: {} - /punycode.js@2.3.1: - resolution: {integrity: sha512-uxFIHU0YlHYhDQtV4R9J6a52SLx28BCjT+4ieh7IGbgwVJWO+km431c4yRlREUAsAmt/uMjQUyQHNEPf0M39CA==} - engines: {node: '>=6'} - dev: true + punycode.js@2.3.1: {} - /read-pkg-up@10.1.0: - resolution: {integrity: sha512-aNtBq4jR8NawpKJQldrQcSW9y/d+KWH4v24HWkHljOZ7H0av+YTGANBzRh9A5pw7v/bLVsLVPpOhJ7gHNVy8lA==} - engines: {node: '>=16'} + repeat-string@1.6.1: {} + + restore-cursor@5.1.0: dependencies: - find-up: 6.3.0 - read-pkg: 8.1.0 - type-fest: 4.10.2 - dev: true + onetime: 7.0.0 + signal-exit: 4.1.0 - /read-pkg@8.1.0: - resolution: {integrity: sha512-PORM8AgzXeskHO/WEv312k9U03B8K9JSiWF/8N9sUuFjBa+9SF2u6K7VClzXwDXab51jCd8Nd36CNM+zR97ScQ==} - engines: {node: '>=16'} - dependencies: - '@types/normalize-package-data': 2.4.4 - normalize-package-data: 6.0.0 - parse-json: 7.1.1 - type-fest: 4.10.2 - dev: true + rfdc@1.4.1: {} - /repeat-string@1.6.1: - resolution: {integrity: sha512-PV0dzCYDNfRi1jCDbJzpW7jNNDRuCOG/jI5ctQcGKt/clZD+YcPS3yIlWuTJMmESC8aevCFmWJy5wjAFgNqN6w==} - engines: {node: '>=0.10'} - dev: true - - /restore-cursor@4.0.0: - resolution: {integrity: sha512-I9fPXU9geO9bHOt9pHHOhOkYerIMsmVaWB0rA2AI9ERh/+x/i7MV5HKBNrg+ljO5eoPVgCcnFuRjJ9uH6I/3eg==} - engines: {node: ^12.20.0 || ^14.13.1 || >=16.0.0} - dependencies: - onetime: 5.1.2 - signal-exit: 3.0.7 - dev: true - - /rfdc@1.3.1: - resolution: {integrity: sha512-r5a3l5HzYlIC68TpmYKlxWjmOP6wiPJ1vWv2HeLhNsRZMrCkxeqxiHlQ21oXmQ4F3SiryXBHhAD7JZqvOJjFmg==} - dev: true - - /run-con@1.3.2: - resolution: {integrity: sha512-CcfE+mYiTcKEzg0IqS08+efdnH0oJ3zV0wSUFBNrMHMuxCtXvBCLzCJHatwuXDcu/RlhjTziTo/a1ruQik6/Yg==} - hasBin: true + run-con@1.3.2: dependencies: deep-extend: 0.6.0 ini: 4.1.1 minimist: 1.2.8 strip-json-comments: 3.1.1 - dev: true - /semver@7.6.0: - resolution: {integrity: sha512-EnwXhrlwXMk9gKu5/flx5sv/an57AkRplG3hTK68W7FRDN+k+OWBj65M7719OkA82XLBxrcX0KSHj+X5COhOVg==} - engines: {node: '>=10'} - hasBin: true + semver@7.6.0: dependencies: lru-cache: 6.0.0 - dev: true - /shebang-command@2.0.0: - resolution: {integrity: sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==} - engines: {node: '>=8'} + shebang-command@2.0.0: dependencies: shebang-regex: 3.0.0 - dev: true - /shebang-regex@3.0.0: - resolution: {integrity: sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==} - engines: {node: '>=8'} - dev: true + shebang-regex@3.0.0: {} - /signal-exit@3.0.7: - resolution: {integrity: sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==} - dev: true + signal-exit@4.1.0: {} - /signal-exit@4.1.0: - resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} - engines: {node: '>=14'} - dev: true - - /slice-ansi@5.0.0: - resolution: {integrity: sha512-FC+lgizVPfie0kkhqUScwRu1O/lF6NOgJmlCgK+/LYxDCTk8sGelYaHDhFcDN+Sn3Cv+3VSa4Byeo+IMCzpMgQ==} - engines: {node: '>=12'} + slice-ansi@5.0.0: dependencies: ansi-styles: 6.2.1 is-fullwidth-code-point: 4.0.0 - dev: true - /slice-ansi@7.1.0: - resolution: {integrity: sha512-bSiSngZ/jWeX93BqeIAbImyTbEihizcwNjFoRUIY/T1wWQsfsm2Vw1agPKylXvQTU7iASGdHhyqRlqQzfz+Htg==} - engines: {node: '>=18'} + slice-ansi@7.1.0: dependencies: ansi-styles: 6.2.1 is-fullwidth-code-point: 5.0.0 - dev: true - /source-map@0.6.1: - resolution: {integrity: sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==} - engines: {node: '>=0.10.0'} - dev: true + smol-toml@1.3.1: {} - /spdx-correct@3.2.0: - resolution: {integrity: sha512-kN9dJbvnySHULIluDHy32WHRUu3Og7B9sbY7tsFLctQkIqnMh3hErYgdMjTYuqmcXX+lK5T1lnUt3G7zNswmZA==} + source-map@0.6.1: {} + + spdx-correct@3.2.0: dependencies: spdx-expression-parse: 3.0.1 spdx-license-ids: 3.0.16 - dev: true - /spdx-exceptions@2.4.0: - resolution: {integrity: sha512-hcjppoJ68fhxA/cjbN4T8N6uCUejN8yFw69ttpqtBeCbF3u13n7mb31NB9jKwGTTWWnt9IbRA/mf1FprYS8wfw==} - dev: true + spdx-exceptions@2.4.0: {} - /spdx-expression-parse@3.0.1: - resolution: {integrity: sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==} + spdx-expression-parse@3.0.1: dependencies: spdx-exceptions: 2.4.0 spdx-license-ids: 3.0.16 - dev: true - /spdx-license-ids@3.0.16: - resolution: {integrity: sha512-eWN+LnM3GR6gPu35WxNgbGl8rmY1AEmoMDvL/QD6zYmPWgywxWqJWNdLGT+ke8dKNWrcYgYjPpG5gbTfghP8rw==} - dev: true + spdx-license-ids@3.0.16: {} - /split2@4.2.0: - resolution: {integrity: sha512-UcjcJOWknrNkF6PLX83qcHM6KHgVKNkV62Y8a5uYDVv9ydGQVwAHMKqHdJje1VTWpljG0WYpCDhrCdAOYH4TWg==} - engines: {node: '>= 10.x'} - dev: true + string-argv@0.3.2: {} - /string-argv@0.3.2: - resolution: {integrity: sha512-aqD2Q0144Z+/RqG52NeHEkZauTAUWJO8c6yTftGJKO3Tja5tUgIfmIl6kExvhtxSDP7fXB6DvzkfMpCd/F3G+Q==} - engines: {node: '>=0.6.19'} - dev: true - - /string-width@4.2.3: - resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} - engines: {node: '>=8'} + string-width@4.2.3: dependencies: emoji-regex: 8.0.0 is-fullwidth-code-point: 3.0.0 strip-ansi: 6.0.1 - dev: true - /string-width@5.1.2: - resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==} - engines: {node: '>=12'} + string-width@5.1.2: dependencies: eastasianwidth: 0.2.0 emoji-regex: 9.2.2 strip-ansi: 7.1.0 - dev: true - /string-width@7.1.0: - resolution: {integrity: sha512-SEIJCWiX7Kg4c129n48aDRwLbFb2LJmXXFrWBG4NGaRtMQ3myKPKbwrD1BKqQn74oCoNMBVrfDEr5M9YxCsrkw==} - engines: {node: '>=18'} + string-width@7.1.0: dependencies: emoji-regex: 10.3.0 get-east-asian-width: 1.2.0 strip-ansi: 7.1.0 - dev: true - /strip-ansi@6.0.1: - resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==} - engines: {node: '>=8'} + strip-ansi@6.0.1: dependencies: ansi-regex: 5.0.1 - dev: true - /strip-ansi@7.1.0: - resolution: {integrity: sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==} - engines: {node: '>=12'} + strip-ansi@7.1.0: dependencies: ansi-regex: 6.0.1 - dev: true - /strip-final-newline@3.0.0: - resolution: {integrity: sha512-dOESqjYr96iWYylGObzd39EuNTa5VJxyvVAEm5Jnh7KGo75V43Hk1odPQkNDyXNmUR6k+gEiDVXnjB8HJ3crXw==} - engines: {node: '>=12'} - dev: true + strip-final-newline@3.0.0: {} - /strip-json-comments@3.1.1: - resolution: {integrity: sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==} - engines: {node: '>=8'} - dev: true + strip-json-comments@3.1.1: {} - /supports-color@5.5.0: - resolution: {integrity: sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==} - engines: {node: '>=4'} - dependencies: - has-flag: 3.0.0 - dev: true - - /text-extensions@2.4.0: - resolution: {integrity: sha512-te/NtwBwfiNRLf9Ijqx3T0nlqZiQ2XrrtBvu+cLL8ZRrGkO0NHTug8MYFKyoSrv/sHTaSKfilUkizV6XhxMJ3g==} - engines: {node: '>=8'} - dev: true - - /through@2.3.8: - resolution: {integrity: sha512-w89qg7PI8wAdvX60bMDP+bFoD5Dvhm9oLheFp5O4a2QF0cSBGsBX4qZmadPMvVqlLJBBci+WqGGOAPvcDeNSVg==} - dev: true - - /to-regex-range@5.0.1: - resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} - engines: {node: '>=8.0'} + to-regex-range@5.0.1: dependencies: is-number: 7.0.0 - dev: true - /typanion@3.14.0: - resolution: {integrity: sha512-ZW/lVMRabETuYCd9O9ZvMhAh8GslSqaUjxmK/JLPCh6l73CvLBiuXswj/+7LdnWOgYsQ130FqLzFz5aGT4I3Ug==} - dev: true + typanion@3.14.0: {} - /type-fest@3.13.1: - resolution: {integrity: sha512-tLq3bSNx+xSpwvAJnzrK0Ep5CLNWjvFTOp71URMaAEWBfRb9nnJiBoUe0tF8bI4ZFO3omgBR6NvnbzVUT3Ly4g==} - engines: {node: '>=14.16'} - dev: true + uc.micro@2.1.0: {} - /type-fest@4.10.2: - resolution: {integrity: sha512-anpAG63wSpdEbLwOqH8L84urkL6PiVIov3EMmgIhhThevh9aiMQov+6Btx0wldNcvm4wV+e2/Rt1QdDwKHFbHw==} - engines: {node: '>=16'} - dev: true - - /uc.micro@2.0.0: - resolution: {integrity: sha512-DffL94LsNOccVn4hyfRe5rdKa273swqeA5DJpMOeFmEn1wCDc7nAbbB0gXlgBCL7TNzeTv6G7XVWzan7iJtfig==} - dev: true - - /uglify-js@3.17.4: - resolution: {integrity: sha512-T9q82TJI9e/C1TAxYvfb16xO120tMVFZrGA3f9/P4424DNu6ypK103y0GPFVa17yotwSyZW5iYXgjYHkGrJW/g==} - engines: {node: '>=0.8.0'} - hasBin: true - requiresBuild: true - dev: true + uglify-js@3.17.4: optional: true - /validate-npm-package-license@3.0.4: - resolution: {integrity: sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==} + validate-npm-package-license@3.0.4: dependencies: spdx-correct: 3.2.0 spdx-expression-parse: 3.0.1 - dev: true - /which@2.0.2: - resolution: {integrity: sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==} - engines: {node: '>= 8'} - hasBin: true + walk-up-path@3.0.1: {} + + which@2.0.2: dependencies: isexe: 2.0.0 - dev: true - /wordwrap@1.0.0: - resolution: {integrity: sha512-gvVzJFlPycKc5dZN4yPkP8w7Dc37BtP1yczEneOb4uq34pXZcvrtRTmWV8W+Ume+XCxKgbjM+nevkyFPMybd4Q==} - dev: true + wordwrap@1.0.0: {} - /wrap-ansi@7.0.0: - resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} - engines: {node: '>=10'} + wrap-ansi@7.0.0: dependencies: ansi-styles: 4.3.0 string-width: 4.2.3 strip-ansi: 6.0.1 - dev: true - /wrap-ansi@8.1.0: - resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==} - engines: {node: '>=12'} + wrap-ansi@8.1.0: dependencies: ansi-styles: 6.2.1 string-width: 5.1.2 strip-ansi: 7.1.0 - dev: true - /wrap-ansi@9.0.0: - resolution: {integrity: sha512-G8ura3S+3Z2G+mkgNRq8dqaFZAuxfsxpBB8OCTGRTCtp+l/v9nbFNmCUP1BZMts3G1142MsZfn6eeUKrr4PD1Q==} - engines: {node: '>=18'} + wrap-ansi@9.0.0: dependencies: ansi-styles: 6.2.1 string-width: 7.1.0 strip-ansi: 7.1.0 - dev: true - /wrappy@1.0.2: - resolution: {integrity: sha512-l4Sp/DRseor9wL6EvV2+TuQn63dMkPjZ/sp9XkghTEbV9KlPS1xUsZ3u7/IQO4wxtcFB4bgpQPRcR3QCvezPcQ==} - dev: true + wrappy@1.0.2: {} - /yallist@4.0.0: - resolution: {integrity: sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==} - dev: true + yallist@4.0.0: {} - /yaml@2.3.4: - resolution: {integrity: sha512-8aAvwVUSHpfEqTQ4w/KMlf3HcRdt50E5ODIQJBw1fQ5RL34xabzxtUlzTXVqc4rkZsPbvrXKWnABCD7kWSmocA==} - engines: {node: '>= 14'} - dev: true - - /yocto-queue@1.0.0: - resolution: {integrity: sha512-9bnSc/HEW2uRy67wc+T8UwauLuPJVn28jb+GtJY16iiKWyvmYJRXVT4UamsAEGQfPohgr2q4Tq0sQbQlxTfi1g==} - engines: {node: '>=12.20'} - dev: true + yaml@2.7.0: {} diff --git a/renovate.json b/renovate.json index 9fbe45e..9e09aef 100644 --- a/renovate.json +++ b/renovate.json @@ -1,9 +1,24 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": ["forgejo-contrib/forgejo-renovate//base.json"], + "extends": [ + "forgejo-contrib/forgejo-renovate//base.json", + "forgejo-helm/forgejo-helm//.forgejo/renovate/k3s.json" + ], "assignees": ["viceice"], - "enabledManagers": ["helmv3", "nodenv", "npm", "regex", "github-actions"], + "baseBranches": ["main", "/^maint\\/.+/"], "packageRules": [ + { + "description": "Separate multiple major sub chart updates", + "matchFileNames": ["Chart.yaml"], + "separateMultipleMajor": true + }, + { + "description": "Require approval for major sub chart updates for maintenance branches", + "matchBaseBranches": ["/^maint\\/.+/"], + "matchUpdateTypes": ["major"], + "matchFileNames": ["Chart.yaml"], + "dependencyDashboardApproval": true + }, { "matchManagers": ["helmv3"], "matchUpdateTypes": ["minor", "patch"], @@ -15,23 +30,25 @@ "semanticCommitType": "feat" }, { - "matchManagers": ["regex"], + "matchManagers": ["custom.regex"], "matchDepNames": ["forgejo"], "matchUpdateTypes": ["patch"], "semanticCommitType": "fix" }, { - "matchManagers": ["regex"], + "matchManagers": ["custom.regex"], "matchDepNames": ["forgejo"], "matchUpdateTypes": ["major", "minor"], "semanticCommitType": "feat" }, { - "description": "Automerge patch deps updates", + "description": "Automerge and group helm subchart updates weekly (minor & patch)", "matchManagers": ["helmv3"], - "matchFiles": ["Chart.yaml"], - "matchUpdateTypes": ["patch"], - "automerge": true + "matchFileNames": ["Chart.yaml"], + "matchUpdateTypes": ["minor", "patch"], + "automerge": true, + "groupName": "subcharts", + "extends": ["schedule:weekly"] }, { "description": "Automerge dev deps updates", @@ -47,16 +64,40 @@ "automerge": true }, { - "description": "Separate minor and patch updates for kindest", - "matchPackageNames": ["kindest/node"], - "separateMinorPatch": true + "description": "Automerge some updates", + "matchDepNames": ["pnpm", "helm-unittest"], + "matchUpdateTypes": ["minor", "patch"], + "automerge": true }, { - "description": "Require approval and no automerge for kindest major and minor updates", - "matchPackageNames": ["kindest/node"], - "matchUpdateTypes": ["major", "minor"], - "dependencyDashboardApproval": true, - "automerge": false + "description": "Automerge digest updates", + "matchUpdateTypes": ["digest"], + "automerge": true + }, + { + "description": "Use test scope for forgejo ci tests", + "matchFileNames": ["ci/*.yaml"], + "additionalBranchPrefix": "ci-forgejo-", + "semanticCommitType": "ci", + "semanticCommitScope": "forgejo", + "groupName": "experimental docker digests", + "extends": ["schedule:daily"] + }, + { + "description": "Disable updates for forgejo ci tests", + "matchFileNames": ["ci/*.yaml"], + "matchUpdateTypes": ["major", "minor", "patch"], + "enabled": false + }, + { + "description": "Don't pin digests for forgejo ci tests, not supported", + "matchFileNames": ["ci/*.yaml"], + "pinDigests": false + }, + { + "description": "branch automerge not possible", + "automergeType": "pr", + "matchPackageNames": ["/.+/"] } ], "customManagers": [ @@ -66,38 +107,31 @@ "fileMatch": ["^Chart\\.yaml$"], "matchStrings": ["appVersion: (?.+?)\\s"], "depNameTemplate": "forgejo", - "packageNameTemplate": "codeberg.org/forgejo/forgejo", + "packageNameTemplate": "code.forgejo.org/forgejo/forgejo", "datasourceTemplate": "docker" }, - { - "description": "Update helm unittest plugin", - "customType": "regex", - "fileMatch": ["^\\.woodpecker/[a-z-]+\\.yml$"], - "matchStrings": [ - "helm plugin install --version (?.+?) https://github.com/helm-unittest/helm-unittest\\s" - ], - "depNameTemplate": "helm-unittest", - "packageNameTemplate": "helm-unittest/helm-unittest", - "datasourceTemplate": "github-releases" - }, { "description": "Detect helm-unittest yaml schema file", "customType": "regex", "fileMatch": [".vscode/settings\\.json$"], "matchStrings": [ - "https:\\/\\/raw\\.githubusercontent\\.com\\/(?[^\\s]+?)\\/(?v[0-9.]+?)\\/schema\\/helm-testsuite\\.json" + "https://raw\\.githubusercontent\\.com/helm-unittest/helm-unittest/(?v[0-9.]+?)/schema/helm-testsuite\\.json" ], + "depNameTemplate": "helm-unittest", + "packageNameTemplate": "helm-unittest/helm-unittest", "datasourceTemplate": "github-releases" }, { "customType": "regex", - "description": "Update kindest kubernetes references", - "fileMatch": ["^\\.forgejo\\/workflows\\/[^/]+\\.ya?ml$"], - "matchStrings": [ - " +- (?v\\d+\\.\\d+\\.\\d+) # renovate: kindest\\n" - ], - "depNameTemplate": "kindest/node", - "datasourceTemplate": "docker" + "description": "Update k3s kubernetes references", + "fileMatch": ["^\\.forgejo/workflows/[^/]+\\.ya?ml$"], + "matchStrings": [" +- (?.+?) # renovate: k3s\\n"], + "depNameTemplate": "k3s", + "packageNameTemplate": "k3s-io/k3s", + "datasourceTemplate": "github-releases" } - ] + ], + "helm-values": { + "fileMatch": ["^ci/.+\\.yaml$"] + } } diff --git a/templates/NOTES.txt b/templates/NOTES.txt index 25b35e7..a1ccb23 100644 --- a/templates/NOTES.txt +++ b/templates/NOTES.txt @@ -18,3 +18,19 @@ echo "Visit http://127.0.0.1:{{ .Values.service.http.port }} to use your application" kubectl --namespace {{ .Release.Namespace }} port-forward svc/{{ .Release.Name }}-http {{ .Values.service.http.port }}:{{ .Values.service.http.port }} {{- end }} +{{- $warnings := list -}} +{{- if eq (get .Values.gitea.config.cache "ADAPTER") "memory" -}} + {{- $warnings = append $warnings "Forgejo uses 'memory' for caching which is not recommended for production use. See https://forgejo.org/docs/latest/admin/config-cheat-sheet/#cache-cache for available options." -}} +{{- end }} +{{- if eq (get .Values.gitea.config.queue "TYPE") "level" -}} + {{- $warnings = append $warnings "Forgejo uses 'leveldb' for queue actions which is not recommended for production use. See https://forgejo.org/docs/latest/admin/config-cheat-sheet/#queue-queue-and-queue for available options." -}} +{{- end }} +{{- if eq (get .Values.gitea.config.session "PROVIDER") "memory" -}} + {{- $warnings = append $warnings "Forgejo uses 'memory' for sessions which is not recommended for production use. See https://forgejo.org/docs/latest/admin/config-cheat-sheet/#session-session for available options." -}} +{{- end }} +{{- if gt (len $warnings) 0 }} +2. Review these warnings: +{{- range $warnings }} + - {{ . }} +{{- end }} +{{- end }} diff --git a/templates/_helpers.tpl b/templates/_helpers.tpl index 0843da5..234c839 100644 --- a/templates/_helpers.tpl +++ b/templates/_helpers.tpl @@ -3,26 +3,6 @@ Expand the name of the chart. */}} -{{- /* multiple replicas assertions */ -}} -{{- if gt .Values.replicaCount 1.0 -}} - {{- fail "When using multiple replicas, a RWX file system is required" -}} - {{- if eq (get (.Values.persistence.accessModes 0) "ReadWriteOnce") -}} - {{- fail "When using multiple replicas, a RWX file system is required" -}} - {{- end }} - - {{- if eq (get .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE") "bleve" -}} - {{- fail "When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'" -}} - {{- end }} - - {{- if and (eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve") (eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED "true") -}} - {{- fail "When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'" -}} - {{- end }} - - {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}} - {{- (printf "DEBUG: When using multiple replicas, the repo indexer must be set to 'meilisearch' or 'elasticsearch'") | fail -}} - {{- end }} -{{- end }} - {{- define "gitea.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -52,6 +32,14 @@ Create chart name and version as used by the chart label. {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{/* +Get version from .Values.image.tag or Chart.AppVersion. +Trim optional docker digest. +*/}} +{{- define "gitea.version" -}} +{{- regexReplaceAll "@.+" (.Values.image.tag | default .Chart.AppVersion | toString) "" -}} +{{- end -}} + {{/* Create image name and tag used by the deployment. */}} @@ -60,7 +48,7 @@ Create image name and tag used by the deployment. {{- $registry := .Values.global.imageRegistry | default .Values.image.registry -}} {{- $repository := .Values.image.repository -}} {{- $separator := ":" -}} -{{- $tag := .Values.image.tag | default .Chart.AppVersion -}} +{{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}} {{- $rootless := ternary "-rootless" "" (.Values.image.rootless) -}} {{- $digest := "" -}} {{- if .Values.image.digest }} @@ -94,7 +82,7 @@ imagePullSecrets: Storage Class */}} {{- define "gitea.persistence.storageClass" -}} -{{- $storageClass := .Values.global.storageClass | default .Values.persistence.storageClass }} +{{- $storageClass := (tpl ( default "" .Values.persistence.storageClass) .) | default (tpl ( default "" .Values.global.storageClass) .) }} {{- if $storageClass }} storageClassName: {{ $storageClass | quote }} {{- end }} @@ -107,8 +95,8 @@ Common labels helm.sh/chart: {{ include "gitea.chart" . }} app: {{ include "gitea.name" . }} {{ include "gitea.selectorLabels" . }} -app.kubernetes.io/version: {{ .Values.image.tag | default .Chart.AppVersion | quote }} -version: {{ .Values.image.tag | default .Chart.AppVersion | quote }} +app.kubernetes.io/version: {{ include "gitea.version" . | quote }} +version: {{ include "gitea.version" . | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- end -}} @@ -133,20 +121,28 @@ app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} {{- define "redis.dns" -}} -{{- if (index .Values "redis-cluster").enabled -}} +{{- if and ((index .Values "redis-cluster").enabled) ((index .Values "redis").enabled) -}} +{{- fail "redis and redis-cluster cannot be enabled at the same time. Please only choose one." -}} +{{- else if (index .Values "redis-cluster").enabled -}} {{- printf "redis+cluster://:%s@%s-redis-cluster-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis-cluster").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis-cluster").service.ports.redis -}} +{{- else if (index .Values "redis").enabled -}} +{{- printf "redis://:%s@%s-redis-headless.%s.svc.%s:%g/0?pool_size=100&idle_timeout=180s&" (index .Values "redis").global.redis.password .Release.Name .Release.Namespace .Values.clusterDomain (index .Values "redis").master.service.ports.redis -}} {{- end -}} {{- end -}} {{- define "redis.port" -}} {{- if (index .Values "redis-cluster").enabled -}} {{ (index .Values "redis-cluster").service.ports.redis }} +{{- else if (index .Values "redis").enabled -}} +{{ (index .Values "redis").master.service.ports.redis }} {{- end -}} {{- end -}} {{- define "redis.servicename" -}} {{- if (index .Values "redis-cluster").enabled -}} {{- printf "%s-redis-cluster-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}} +{{- else if (index .Values "redis").enabled -}} +{{- printf "%s-redis-headless.%s.svc.%s" .Release.Name .Release.Namespace .Values.clusterDomain -}} {{- end -}} {{- end -}} @@ -228,7 +224,7 @@ https {{- $_ := set $inlines $key (join "\n" $section) -}} {{- end -}} {{- else }} - {{- if or (eq $key "APP_NAME") (eq $key "RUN_USER") (eq $key "RUN_MODE") -}} + {{- if or (eq $key "APP_NAME") (eq $key "RUN_USER") (eq $key "RUN_MODE") (eq $key "APP_SLOGAN") (eq $key "APP_DISPLAY_NAME_FORMAT") -}} {{- $generals = append $generals (printf "%s=%s" $key $value) -}} {{- else -}} {{- (printf "Key %s cannot be on top level of configuration" $key) | fail -}} @@ -290,23 +286,33 @@ https {{- if not (hasKey .Values.gitea.config.metrics "ENABLED") -}} {{- $_ := set .Values.gitea.config.metrics "ENABLED" .Values.gitea.metrics.enabled -}} {{- end -}} - {{- if (index .Values "redis-cluster").enabled -}} - {{- $_ := set .Values.gitea.config.cache "ENABLED" "true" -}} - {{- $_ := set .Values.gitea.config.cache "ADAPTER" "redis" -}} - {{- if not (.Values.gitea.config.cache.HOST) -}} - {{- $_ := set .Values.gitea.config.cache "HOST" (include "redis.dns" .) -}} - {{- end -}} - {{- end -}} {{- /* redis queue */ -}} - {{- if (index .Values "redis-cluster").enabled -}} + {{- if or ((index .Values "redis-cluster").enabled) ((index .Values "redis").enabled) -}} {{- $_ := set .Values.gitea.config.queue "TYPE" "redis" -}} {{- $_ := set .Values.gitea.config.queue "CONN_STR" (include "redis.dns" .) -}} - {{- end -}} - {{- if not (get .Values.gitea.config.session "PROVIDER") -}} {{- $_ := set .Values.gitea.config.session "PROVIDER" "redis" -}} - {{- end -}} - {{- if not (get .Values.gitea.config.session "PROVIDER_CONFIG") -}} {{- $_ := set .Values.gitea.config.session "PROVIDER_CONFIG" (include "redis.dns" .) -}} + {{- $_ := set .Values.gitea.config.cache "ADAPTER" "redis" -}} + {{- $_ := set .Values.gitea.config.cache "HOST" (include "redis.dns" .) -}} + {{- else -}} + {{- if not (get .Values.gitea.config.session "PROVIDER") -}} + {{- $_ := set .Values.gitea.config.session "PROVIDER" "memory" -}} + {{- end -}} + {{- if not (get .Values.gitea.config.session "PROVIDER_CONFIG") -}} + {{- $_ := set .Values.gitea.config.session "PROVIDER_CONFIG" "" -}} + {{- end -}} + {{- if not (get .Values.gitea.config.queue "TYPE") -}} + {{- $_ := set .Values.gitea.config.queue "TYPE" "level" -}} + {{- end -}} + {{- if not (get .Values.gitea.config.queue "CONN_STR") -}} + {{- $_ := set .Values.gitea.config.queue "CONN_STR" "" -}} + {{- end -}} + {{- if not (get .Values.gitea.config.cache "ADAPTER") -}} + {{- $_ := set .Values.gitea.config.cache "ADAPTER" "memory" -}} + {{- end -}} + {{- if not (get .Values.gitea.config.cache "HOST") -}} + {{- $_ := set .Values.gitea.config.cache "HOST" "" -}} + {{- end -}} {{- end -}} {{- if not .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE -}} {{- $_ := set .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE" "db" -}} @@ -402,3 +408,11 @@ https {{- define "gitea.serviceAccountName" -}} {{ .Values.serviceAccount.name | default (include "gitea.fullname" .) }} {{- end -}} + +{{- define "gitea.admin.passwordMode" -}} +{{- if has .Values.gitea.admin.passwordMode (tuple "keepUpdated" "initialOnlyNoReset" "initialOnlyRequireReset") -}} +{{ .Values.gitea.admin.passwordMode }} +{{- else -}} +{{ printf "gitea.admin.passwordMode must be set to one of 'keepUpdated', 'initialOnlyNoReset', or 'initialOnlyRequireReset'. Received: '%s'" .Values.gitea.admin.passwordMode | fail }} +{{- end -}} +{{- end -}} diff --git a/templates/gitea/config.yaml b/templates/gitea/config.yaml index 4627a88..c551c96 100644 --- a/templates/gitea/config.yaml +++ b/templates/gitea/config.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "gitea.fullname" . }}-inline-config + namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "gitea.labels" . | nindent 4 }} type: Opaque @@ -18,35 +19,40 @@ type: Opaque stringData: assertions: | -{{- /*assert that only one PG dep is enabled */ -}} -{{- if and (.Values.postgresql.enabled) (index .Values "postgresql-ha" "enabled") -}} - {{- fail "Only one of postgresql or postgresql-ha can be enabled at the same time." -}} -{{- end }} - -{{- /* multiple replicas assertions */ -}} -{{- if gt .Values.replicaCount 1.0 -}} - {{- if (get (get .Values.gitea.config "cron.GIT_GC_REPOS") "ENABLED") -}} - {{- fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." -}} - {{- end }} - - {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}} - {{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}} - {{- end }} - - {{- if eq (get .Values.gitea.config.indexer "ISSUE_INDEXER_TYPE") "bleve" -}} - {{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}} - {{- end }} - {{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}} - {{- if eq (get .Values.gitea.config.indexer "REPO_INDEXER_TYPE") "bleve" -}} - {{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}} - {{- if eq (get .Values.gitea.config.indexer "REPO_INDEXER_ENABLED") "true" -}} - {{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}} + {{- /*assert that only one PG dep is enabled */ -}} + {{- if and (.Values.postgresql.enabled) (index .Values "postgresql-ha" "enabled") -}} + {{- fail "Only one of postgresql or postgresql-ha can be enabled at the same time." -}} + {{- end }} + + {{- /* multiple replicas assertions */ -}} + {{- if gt .Values.replicaCount 1.0 -}} + {{- if .Values.gitea.config.cron -}} + {{- if .Values.gitea.config.cron.GIT_GC_REPOS -}} + {{- if eq .Values.gitea.config.cron.GIT_GC_REPOS.ENABLED true -}} + {{ fail "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." }} + {{- end }} {{- end }} {{- end }} + + {{- if eq (first .Values.persistence.accessModes) "ReadWriteOnce" -}} + {{- fail "When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany." -}} + {{- end }} + {{- if .Values.gitea.config.indexer -}} + {{- if eq .Values.gitea.config.indexer.ISSUE_INDEXER_TYPE "bleve" -}} + {{- fail "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." -}} + {{- end }} + {{- if .Values.gitea.config.indexer.REPO_INDEXER_TYPE -}} + {{- if eq .Values.gitea.config.indexer.REPO_INDEXER_TYPE "bleve" -}} + {{- if .Values.gitea.config.indexer.REPO_INDEXER_ENABLED -}} + {{- if eq .Values.gitea.config.indexer.REPO_INDEXER_ENABLED true -}} + {{- fail "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." -}} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} - {{- end }} - -{{- end }} config_environment.sh: |- #!/usr/bin/env bash set -euo pipefail @@ -63,7 +69,7 @@ stringData: # skip empty line return fi - + # 'xargs echo -n' trims all leading/trailing whitespaces and a trailing new line local setting="$(awk -F '=' '{print $1}' <<< "${line}" | xargs echo -n)" @@ -83,15 +89,18 @@ stringData: env2ini::log " + '${setting}'" + local masked_setting="${setting//./_0X2E_}" # '//' instructs to replace all matches + masked_setting="${masked_setting//-/_0X2D_}" + if [[ -z "${section}" ]]; then - export "FORGEJO____${setting^^}=${value}" # '^^' makes the variable content uppercase + export "FORGEJO____${masked_setting^^}=${value}" # '^^' makes the variable content uppercase return fi local masked_section="${section//./_0X2E_}" # '//' instructs to replace all matches masked_section="${masked_section//-/_0X2D_}" - export "FORGEJO__${masked_section^^}__${setting^^}=${value}" # '^^' makes the variable content uppercase + export "FORGEJO__${masked_section^^}__${masked_setting^^}=${value}" # '^^' makes the variable content uppercase } function env2ini::reload_preset_envs() { @@ -173,8 +182,10 @@ stringData: env2ini::log "...Initial secrets generated\n" } - env | (grep FORGEJO || [[ $? == 1 ]]) > /tmp/existing-envs - + # save existing envs prior to script execution. Necessary to keep order of + # preexisting and custom envs + env | (grep -e '^FORGEJO__' || [[ $? == 1 ]]) > /tmp/existing-envs + # MUST BE CALLED BEFORE OTHER CONFIGURATION env2ini::generate_initial_secrets diff --git a/templates/gitea/deployment.yaml b/templates/gitea/deployment.yaml index 247a560..f82c407 100644 --- a/templates/gitea/deployment.yaml +++ b/templates/gitea/deployment.yaml @@ -2,12 +2,16 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "gitea.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} annotations: {{- if .Values.deployment.annotations }} {{- toYaml .Values.deployment.annotations | nindent 4 }} {{- end }} labels: {{- include "gitea.labels" . | nindent 4 }} + {{- if .Values.deployment.labels }} + {{- toYaml .Values.deployment.labels | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.replicaCount }} strategy: @@ -53,7 +57,7 @@ spec: {{- end }} {{- include "gitea.images.pullSecrets" . | nindent 6 }} securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.podSecurityContext "context" $) | nindent 8 }} initContainers: - name: init-directories image: "{{ include "gitea.image" . }}" @@ -87,7 +91,7 @@ spec: {{- end }} {{- include "gitea.init-additional-mounts" . | nindent 12 }} securityContext: - {{- toYaml .Values.containerSecurityContext | nindent 12 }} + {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} resources: {{- toYaml .Values.initContainers.resources | nindent 12 }} - name: init-app-ini @@ -127,7 +131,7 @@ spec: {{- end }} {{- include "gitea.init-additional-mounts" . | nindent 12 }} securityContext: - {{- toYaml .Values.containerSecurityContext | nindent 12 }} + {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} resources: {{- toYaml .Values.initContainers.resources | nindent 12 }} {{- if .Values.signing.enabled }} @@ -141,7 +145,7 @@ spec: {{- if not (hasKey $csc "runAsUser") -}} {{- $_ := set $csc "runAsUser" 1000 -}} {{- end -}} - {{- toYaml $csc | nindent 12 }} + {{- include "common.compatibility.renderSecurityContext" (dict "secContext" $csc "context" $) | nindent 12 }} env: - name: GNUPGHOME value: {{ .Values.signing.gpgHome }} @@ -172,7 +176,7 @@ spec: {{- if not (hasKey $csc "runAsUser") -}} {{- $_ := set $csc "runAsUser" 1000 -}} {{- end -}} - {{- toYaml $csc | nindent 12 }} + {{- include "common.compatibility.renderSecurityContext" (dict "secContext" $csc "context" $) | nindent 12 }} env: - name: GITEA_APP_INI value: /data/gitea/conf/app.ini @@ -240,6 +244,8 @@ spec: - name: GITEA_ADMIN_PASSWORD value: {{ .Values.gitea.admin.password | quote }} {{- end }} + - name: GITEA_ADMIN_PASSWORD_MODE + value: {{ include "gitea.admin.passwordMode" $ }} {{- if .Values.deployment.env }} {{- toYaml .Values.deployment.env | nindent 12 }} {{- end }} @@ -321,9 +327,9 @@ spec: securityContext: {{- /* Honor the deprecated securityContext variable when defined */ -}} {{- if .Values.containerSecurityContext -}} - {{ toYaml .Values.containerSecurityContext | nindent 12 -}} + {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.containerSecurityContext "context" $) | nindent 12 }} {{- else -}} - {{ toYaml .Values.securityContext | nindent 12 -}} + {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.securityContext "context" $) | nindent 12 }} {{- end }} volumeMounts: - name: temp @@ -347,7 +353,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.topologySpreadConstraints }} - topologySpreadConstraints: + topologySpreadConstraints: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} diff --git a/templates/gitea/gpg-secret.yaml b/templates/gitea/gpg-secret.yaml index 12dce66..0b7716a 100644 --- a/templates/gitea/gpg-secret.yaml +++ b/templates/gitea/gpg-secret.yaml @@ -7,6 +7,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "gitea.gpg-key-secret-name" . }} + namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "gitea.labels" . | nindent 4 }} type: Opaque diff --git a/templates/gitea/http-svc.yaml b/templates/gitea/http-svc.yaml index 659724c..6962930 100644 --- a/templates/gitea/http-svc.yaml +++ b/templates/gitea/http-svc.yaml @@ -2,13 +2,21 @@ apiVersion: v1 kind: Service metadata: name: {{ include "gitea.fullname" . }}-http + namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "gitea.labels" . | nindent 4 }} + {{- if .Values.service.http.labels }} + {{- toYaml .Values.service.http.labels | nindent 4 }} + {{- end }} annotations: {{- toYaml .Values.service.http.annotations | nindent 4 }} spec: type: {{ .Values.service.http.type }} - {{- if and .Values.service.http.loadBalancerIP (eq .Values.service.http.type "LoadBalancer") }} + {{- if eq .Values.service.http.type "LoadBalancer" }} + {{- if .Values.service.http.loadBalancerClass }} + loadBalancerClass: {{ .Values.service.http.loadBalancerClass }} + {{- end }} + {{- if and .Values.service.http.loadBalancerIP }} loadBalancerIP: {{ .Values.service.http.loadBalancerIP }} {{- end }} {{- if .Values.service.http.loadBalancerSourceRanges }} @@ -17,6 +25,7 @@ spec: - {{ . }} {{- end }} {{- end }} + {{- end }} {{- if .Values.service.http.externalIPs }} externalIPs: {{- toYaml .Values.service.http.externalIPs | nindent 4 }} @@ -40,6 +49,6 @@ spec: {{- if .Values.service.http.nodePort }} nodePort: {{ .Values.service.http.nodePort }} {{- end }} - targetPort: {{ .Values.gitea.config.server.HTTP_PORT }} + targetPort: http selector: {{- include "gitea.selectorLabels" . | nindent 4 }} diff --git a/templates/gitea/ingress.yaml b/templates/gitea/ingress.yaml index 9991eec..d764bb6 100644 --- a/templates/gitea/ingress.yaml +++ b/templates/gitea/ingress.yaml @@ -1,18 +1,10 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "gitea.fullname" . -}} -{{- $httpPort := .Values.service.http.port -}} -{{- $apiVersion := "extensions/v1beta1" -}} -{{- if .Values.ingress.apiVersion -}} -{{- $apiVersion = .Values.ingress.apiVersion -}} -{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}} -{{- $apiVersion = "networking.k8s.io/v1" }} -{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress" -}} -{{- $apiVersion = "networking.k8s.io/v1beta1" }} -{{- end }} -apiVersion: {{ $apiVersion }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ $fullName }} + namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "gitea.labels" . | nindent 4 }} annotations: @@ -21,7 +13,7 @@ metadata: {{- end }} spec: {{- if .Values.ingress.className }} - ingressClassName: {{ .Values.ingress.className }} + ingressClassName: {{ tpl .Values.ingress.className . }} {{- end }} {{- if .Values.ingress.tls }} tls: @@ -40,19 +32,14 @@ spec: paths: {{- range .paths }} - path: {{ .path }} - {{- if and .pathType (eq $apiVersion "networking.k8s.io/v1") }} + {{- if .pathType }} pathType: {{ .pathType }} {{- end }} backend: - {{- if eq $apiVersion "networking.k8s.io/v1" }} service: name: {{ $fullName }}-http port: - number: {{ $httpPort }} - {{- else }} - serviceName: {{ $fullName }}-http - servicePort: {{ $httpPort }} - {{- end }} + name: http {{- end }} {{- end }} {{- end }} diff --git a/templates/gitea/init.yaml b/templates/gitea/init.yaml index 000cd9b..546f4c4 100644 --- a/templates/gitea/init.yaml +++ b/templates/gitea/init.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ include "gitea.fullname" . }}-init + namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "gitea.labels" . | nindent 4 }} type: Opaque @@ -86,15 +87,49 @@ stringData: {{- if or .Values.gitea.admin.existingSecret (and .Values.gitea.admin.username .Values.gitea.admin.password) }} function configure_admin_user() { - local ACCOUNT_ID=$(gitea admin user list --admin | grep -e "\s\+${GITEA_ADMIN_USERNAME}\s\+" | awk -F " " "{printf \$1}") + local full_admin_list=$(gitea admin user list --admin) + local actual_user_table='' + + # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line + local regex="(.*)(ID\s+Username\s+Email\s+IsActive.*)" + if [[ "${full_admin_list}" =~ $regex ]]; then + actual_user_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline + else + # This code block should never be reached, as long as the output table header remains the same. + # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script. + + echo "ERROR: 'configure_admin_user' was not able to determine the current list of admin users." + echo " Please review the output of 'gitea admin user list --admin' shown below." + echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues." + echo "DEBUG: Output of 'gitea admin user list --admin'" + echo "--" + echo "${full_admin_list}" + echo "--" + exit 1 + fi + + local ACCOUNT_ID=$(echo "${actual_user_table}" | grep -E "\s+${GITEA_ADMIN_USERNAME}\s+" | awk -F " " "{printf \$1}") if [[ -z "${ACCOUNT_ID}" ]]; then + local -a create_args + create_args=(--admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }}) + if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = initialOnlyRequireReset ]]; then + create_args+=(--must-change-password=true) + else + create_args+=(--must-change-password=false) + fi echo "No admin user '${GITEA_ADMIN_USERNAME}' found. Creating now..." - gitea admin user create --admin --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --email {{ .Values.gitea.admin.email | quote }} --must-change-password=false + gitea admin user create "${create_args[@]}" echo '...created.' else - echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..." - gitea admin user change-password --username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" - echo '...password sync done.' + if [[ "${GITEA_ADMIN_PASSWORD_MODE}" = keepUpdated ]]; then + echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist. Running update to sync password..." + local -a change_args + change_args=(--username "${GITEA_ADMIN_USERNAME}" --password "${GITEA_ADMIN_PASSWORD}" --must-change-password=false) + gitea admin user change-password "${change_args[@]}" + echo '...password sync done.' + else + echo "Admin account '${GITEA_ADMIN_USERNAME}' already exist, but update mode is set to '${GITEA_ADMIN_PASSWORD_MODE}'. Skipping." + fi fi } @@ -105,7 +140,28 @@ stringData: {{- if .Values.gitea.ldap }} {{- range $idx, $value := .Values.gitea.ldap }} local LDAP_NAME={{ (printf "%s" $value.name) | squote }} - local GITEA_AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " " "{print \$1}") + local full_auth_list=$(gitea admin auth list --vertical-bars) + local actual_auth_table='' + + # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line + local regex="(.*)(ID\s+\|Name\s+\|Type\s+\|Enabled.*)" + if [[ "${full_auth_list}" =~ $regex ]]; then + actual_auth_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline + else + # This code block should never be reached, as long as the output table header remains the same. + # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script. + + echo "ERROR: 'configure_ldap' was not able to determine the current list of authentication sources." + echo " Please review the output of 'gitea admin auth list --vertical-bars' shown below." + echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues." + echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'" + echo "--" + echo "${full_auth_list}" + echo "--" + exit 1 + fi + + local GITEA_AUTH_ID=$(echo "${actual_auth_table}" | grep -E "\|${LDAP_NAME}\s+\|" | grep -iE '\|LDAP \(via BindDN\)\s+\|' | awk -F " " "{print \$1}") if [[ -z "${GITEA_AUTH_ID}" ]]; then echo "No ldap configuration found with name '${LDAP_NAME}'. Installing it now..." @@ -128,7 +184,28 @@ stringData: {{- if .Values.gitea.oauth }} {{- range $idx, $value := .Values.gitea.oauth }} local OAUTH_NAME={{ (printf "%s" $value.name) | squote }} - local AUTH_ID=$(gitea admin auth list --vertical-bars | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " " "{print \$1}") + local full_auth_list=$(gitea admin auth list --vertical-bars) + local actual_auth_table='' + + # We might have distorted output due to warning logs, so we have to detect the actual user table by its headline and trim output above that line + local regex="(.*)(ID\s+\|Name\s+\|Type\s+\|Enabled.*)" + if [[ "${full_auth_list}" =~ $regex ]]; then + actual_auth_table=$(echo "${BASH_REMATCH[2]}" | tail -n+2) # tail'ing to drop the table headline + else + # This code block should never be reached, as long as the output table header remains the same. + # If this code block is reached, the regex doesn't match anymore and we probably have to adjust this script. + + echo "ERROR: 'configure_oauth' was not able to determine the current list of authentication sources." + echo " Please review the output of 'gitea admin auth list --vertical-bars' shown below." + echo " If you think it is an issue with the Helm Chart provisioning, file an issue at https://gitea.com/gitea/helm-chart/issues." + echo "DEBUG: Output of 'gitea admin auth list --vertical-bars'" + echo "--" + echo "${full_auth_list}" + echo "--" + exit 1 + fi + + local AUTH_ID=$(echo "${actual_auth_table}" | grep -E "\|${OAUTH_NAME}\s+\|" | grep -iE '\|OAuth2\s+\|' | awk -F " " "{print \$1}") if [[ -z "${AUTH_ID}" ]]; then echo "No oauth configuration found with name '${OAUTH_NAME}'. Installing it now..." diff --git a/templates/gitea/poddisruptionbudget.yaml b/templates/gitea/poddisruptionbudget.yaml index d2b7e17..d40a166 100644 --- a/templates/gitea/poddisruptionbudget.yaml +++ b/templates/gitea/poddisruptionbudget.yaml @@ -1,12 +1,9 @@ {{- if .Values.podDisruptionBudget -}} -{{- if .Capabilities.APIVersions.Has "policy/v1" }} apiVersion: policy/v1 -{{- else }} -apiVersion: policy/v1beta1 -{{- end }} kind: PodDisruptionBudget metadata: name: {{ include "gitea.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "gitea.labels" . | nindent 4 }} spec: @@ -14,4 +11,4 @@ spec: matchLabels: {{- include "gitea.selectorLabels" . | nindent 6 }} {{- toYaml .Values.podDisruptionBudget | nindent 2 }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/templates/gitea/pvc.yaml b/templates/gitea/pvc.yaml index 995bd10..2c82cb0 100644 --- a/templates/gitea/pvc.yaml +++ b/templates/gitea/pvc.yaml @@ -3,9 +3,13 @@ kind: PersistentVolumeClaim apiVersion: v1 metadata: name: {{ .Values.persistence.claimName }} - namespace: {{ $.Release.Namespace }} + namespace: {{ include "common.names.namespace" . | quote }} annotations: {{ .Values.persistence.annotations | toYaml | indent 4}} +{{- if .Values.persistence.labels }} + labels: +{{ .Values.persistence.labels | toYaml | indent 4}} +{{- end }} spec: accessModes: {{- if gt .Values.replicaCount 1.0 }} @@ -14,13 +18,11 @@ spec: {{- .Values.persistence.accessModes | toYaml | nindent 4 }} {{- end }} volumeMode: Filesystem - {{- if .Values.persistence.storageClass }} - storageClassName: {{ .Values.persistence.storageClass }} - {{- end }} + {{- include "gitea.persistence.storageClass" . | nindent 2 }} {{- with .Values.persistence.volumeName }} volumeName: {{ . }} {{- end }} resources: requests: storage: {{ .Values.persistence.size }} -{{- end }} \ No newline at end of file +{{- end }} diff --git a/templates/gitea/route.yaml b/templates/gitea/route.yaml new file mode 100644 index 0000000..740721f --- /dev/null +++ b/templates/gitea/route.yaml @@ -0,0 +1,43 @@ +{{- if .Values.route.enabled -}} +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: {{ include "gitea.fullname" . }}-http + namespace: {{ include "common.names.namespace" . | quote }} + labels: + {{- include "gitea.labels" . | nindent 4 }} + annotations: + {{- toYaml .Values.route.annotations | nindent 4 }} +spec: + {{- if .Values.route.host }} + host: {{ tpl .Values.route.host $ | quote }} + {{- end }} + {{- if .Values.route.wildcardPolicy }} + wildcardPolicy: {{ .Values.route.wildcardPolicy }} + {{- end }} + to: + kind: Service + name: {{ include "gitea.fullname" . }}-http + weight: 100 + port: + targetPort: http + tls: + termination: edge + insecureEdgeTerminationPolicy: Redirect + {{- if .Values.route.tls.existingSecret }} + externalCertificate: {{ .Values.route.tls.existingSecret }} + {{- else if and .Values.route.tls.certificate + .Values.route.tls.privateKey + .Values.route.tls.caCertificate }} + certificate: | +{{ .Values.route.tls.certificate | indent 6 }} + key: | +{{ .Values.route.tls.privateKey | indent 6 }} + caCertificate: | +{{ .Values.route.tls.caCertificate | indent 6 }} + {{- else if or .Values.route.tls.certificate + .Values.route.tls.privateKey + .Values.route.tls.caCertificate }} + {{- fail "certificate, privateKey and caCertificate must be specified together" }} + {{- end }} +{{- end }} diff --git a/templates/gitea/serviceaccount.yaml b/templates/gitea/serviceaccount.yaml index e730f9c..e97608b 100644 --- a/templates/gitea/serviceaccount.yaml +++ b/templates/gitea/serviceaccount.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "gitea.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "gitea.labels" . | nindent 4 }} {{- with .Values.serviceAccount.labels }} diff --git a/templates/gitea/servicemonitor.yaml b/templates/gitea/servicemonitor.yaml index 02750d0..c740ec8 100644 --- a/templates/gitea/servicemonitor.yaml +++ b/templates/gitea/servicemonitor.yaml @@ -3,6 +3,7 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ include "gitea.fullname" . }} + namespace: {{ default (include "common.names.namespace" .) .Values.gitea.metrics.serviceMonitor.namespace | quote }} labels: {{- include "gitea.labels" . | nindent 4 }} {{- if .Values.gitea.metrics.serviceMonitor.additionalLabels }} @@ -14,4 +15,4 @@ spec: {{- include "gitea.selectorLabels" . | nindent 6 }} endpoints: - port: http -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/templates/gitea/ssh-svc.yaml b/templates/gitea/ssh-svc.yaml index 3e8b3c2..c1576da 100644 --- a/templates/gitea/ssh-svc.yaml +++ b/templates/gitea/ssh-svc.yaml @@ -2,13 +2,20 @@ apiVersion: v1 kind: Service metadata: name: {{ include "gitea.fullname" . }}-ssh + namespace: {{ include "common.names.namespace" . | quote }} labels: {{- include "gitea.labels" . | nindent 4 }} + {{- if .Values.service.ssh.labels }} + {{- toYaml .Values.service.ssh.labels | nindent 4 }} + {{- end }} annotations: {{- toYaml .Values.service.ssh.annotations | nindent 4 }} spec: type: {{ .Values.service.ssh.type }} {{- if eq .Values.service.ssh.type "LoadBalancer" }} + {{- if .Values.service.ssh.loadBalancerClass }} + loadBalancerClass: {{ .Values.service.ssh.loadBalancerClass }} + {{- end }} {{- if .Values.service.ssh.loadBalancerIP }} loadBalancerIP: {{ .Values.service.ssh.loadBalancerIP }} {{- end -}} @@ -40,7 +47,7 @@ spec: - name: ssh port: {{ .Values.service.ssh.port }} {{- if .Values.gitea.config.server.SSH_LISTEN_PORT }} - targetPort: {{ .Values.gitea.config.server.SSH_LISTEN_PORT }} + targetPort: ssh {{- end }} protocol: TCP {{- if .Values.service.ssh.nodePort }} diff --git a/templates/tests/test-http-connection.yaml b/templates/tests/test-http-connection.yaml index 8157442..1a2e13f 100644 --- a/templates/tests/test-http-connection.yaml +++ b/templates/tests/test-http-connection.yaml @@ -6,7 +6,7 @@ metadata: labels: {{ include "gitea.labels" . | nindent 4 }} annotations: - "helm.sh/hook": test-success + "helm.sh/hook": test spec: containers: - name: wget diff --git a/tools/changelog.mjs b/tools/changelog.mjs index 1336934..0fe6c09 100644 --- a/tools/changelog.mjs +++ b/tools/changelog.mjs @@ -1,67 +1,12 @@ -import conventionalChangelogCore from 'conventional-changelog-core'; -import conventionalChangelogPreset from 'conventional-changelog-conventionalcommits'; -import fs from 'node:fs'; +import { getChangelog } from './changelog/util.js'; -const config = conventionalChangelogPreset({ - types: [ - { - type: 'feat', - section: 'Features', - }, - { - type: 'fix', - section: 'Bug Fixes', - }, - { - type: 'perf', - section: 'Performance Improvements', - }, - { - type: 'revert', - section: 'Reverts', - }, - { - type: 'docs', - section: 'Documentation', - }, - { - type: 'style', - section: 'Styles', - }, - { - type: 'refactor', - section: 'Code Refactoring', - }, - { - type: 'test', - section: 'Tests', - }, - { - type: 'build', - section: 'Build System', - }, - { - type: 'ci', - section: 'Continuous Integration', - }, - { - type: 'chore', - section: 'Miscellaneous Chores', - }, - ], -}); +const stream = getChangelog(!!process.argv[2]).setEncoding('utf8'); -const file = process.argv[3] - ? fs.createWriteStream(process.argv[3]) - : process.stdout; +const changes = (await stream.toArray()).join(''); -conventionalChangelogCore( - { - config, - releaseCount: 2, - }, - { version: process.argv[2], linkCompare: false }, - undefined, - undefined, - { headerPartial: '' }, -).pipe(file); +if (!changes.length) { + console.error('No changelog found'); + process.exit(1); +} + +process.stdout.write(changes); diff --git a/tools/changelog/util.js b/tools/changelog/util.js index 6883d54..bbbe366 100644 --- a/tools/changelog/util.js +++ b/tools/changelog/util.js @@ -56,17 +56,16 @@ export const config = conventionalChangelogPreset({ /** * - * @param {string} version - * @param {boolean} onTag + * @param {boolean|undefined} onTag * @returns */ -export function getChangelog(version, onTag) { +export function getChangelog(onTag = false) { return conventionalChangelogCore( { config, releaseCount: onTag ? 2 : 1, }, - { version, linkCompare: false }, + undefined, undefined, undefined, { headerPartial: '' }, diff --git a/tools/ct.yml b/tools/ct.yml index 0f81989..3d241fc 100644 --- a/tools/ct.yml +++ b/tools/ct.yml @@ -1,3 +1,4 @@ +# https://github.com/helm/chart-testing/blob/main/doc/ct_install.md helm-extra-args: --timeout 3m check-version-increment: false debug: true diff --git a/tools/forgejo-release.js b/tools/forgejo-release.js index fe0f9bc..bdbe8e2 100644 --- a/tools/forgejo-release.js +++ b/tools/forgejo-release.js @@ -68,7 +68,7 @@ class GiteaReleaseCommand extends Command { return 1; } - const stream = getChangelog(tag, true).setEncoding('utf8'); + const stream = getChangelog(true).setEncoding('utf8'); const changes = (await stream.toArray()).join(''); this.context.stdout.write(`Creating release ${tag}.\n`); diff --git a/unittests/config/cache-config.yaml b/unittests/config/cache-config.yaml new file mode 100644 index 0000000..b935fd1 --- /dev/null +++ b/unittests/config/cache-config.yaml @@ -0,0 +1,66 @@ +suite: config template | cache config +release: + name: gitea-unittests + namespace: testing +tests: + - it: 'cache is configured correctly for redis-cluster' + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: true + redis: + enabled: false + asserts: + - documentIndex: 0 + equal: + path: stringData.cache + value: |- + ADAPTER=redis + HOST=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + + - it: 'cache is configured correctly for redis' + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + redis: + enabled: true + asserts: + - documentIndex: 0 + equal: + path: stringData.cache + value: |- + ADAPTER=redis + HOST=redis://:changeme@gitea-unittests-redis-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + + - it: "cache is configured correctly for 'memory' when redis (or redis-cluster) is disabled" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + redis: + enabled: false + asserts: + - documentIndex: 0 + equal: + path: stringData.cache + value: |- + ADAPTER=memory + HOST= + + - it: 'cache can be customized when redis (or redis-cluster) is disabled' + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + redis: + enabled: false + gitea.config.cache.ADAPTER: custom-adapter + gitea.config.cache.HOST: custom-host + asserts: + - documentIndex: 0 + equal: + path: stringData.cache + value: |- + ADAPTER=custom-adapter + HOST=custom-host diff --git a/unittests/config/queue-config.yaml b/unittests/config/queue-config.yaml new file mode 100644 index 0000000..cdb2678 --- /dev/null +++ b/unittests/config/queue-config.yaml @@ -0,0 +1,66 @@ +suite: config template | queue config +release: + name: gitea-unittests + namespace: testing +tests: + - it: 'queue is configured correctly for redis-cluster' + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: true + redis: + enabled: false + asserts: + - documentIndex: 0 + equal: + path: stringData.queue + value: |- + CONN_STR=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + TYPE=redis + + - it: 'queue is configured correctly for redis' + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + redis: + enabled: true + asserts: + - documentIndex: 0 + equal: + path: stringData.queue + value: |- + CONN_STR=redis://:changeme@gitea-unittests-redis-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + TYPE=redis + + - it: "queue is configured correctly for 'levelDB' when redis (and redis-cluster) is disabled" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + redis: + enabled: false + asserts: + - documentIndex: 0 + equal: + path: stringData.queue + value: |- + CONN_STR= + TYPE=level + + - it: 'queue can be customized when redis (and redis-cluster) are disabled' + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + redis: + enabled: false + gitea.config.queue.TYPE: custom-type + gitea.config.queue.CONN_STR: custom-connection-string + asserts: + - documentIndex: 0 + equal: + path: stringData.queue + value: |- + CONN_STR=custom-connection-string + TYPE=custom-type diff --git a/unittests/config/session-config.yaml b/unittests/config/session-config.yaml new file mode 100644 index 0000000..2a49baa --- /dev/null +++ b/unittests/config/session-config.yaml @@ -0,0 +1,66 @@ +suite: config template | session config +release: + name: gitea-unittests + namespace: testing +tests: + - it: 'session is configured correctly for redis-cluster' + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: true + redis: + enabled: false + asserts: + - documentIndex: 0 + equal: + path: stringData.session + value: |- + PROVIDER=redis + PROVIDER_CONFIG=redis+cluster://:@gitea-unittests-redis-cluster-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + + - it: 'session is configured correctly for redis' + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + redis: + enabled: true + asserts: + - documentIndex: 0 + equal: + path: stringData.session + value: |- + PROVIDER=redis + PROVIDER_CONFIG=redis://:changeme@gitea-unittests-redis-headless.testing.svc.cluster.local:6379/0?pool_size=100&idle_timeout=180s& + + - it: "session is configured correctly for 'memory' when redis (and redis-cluster) is disabled" + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + redis: + enabled: false + asserts: + - documentIndex: 0 + equal: + path: stringData.session + value: |- + PROVIDER=memory + PROVIDER_CONFIG= + + - it: 'session can be customized when redis (and redis-cluster) is disabled' + template: templates/gitea/config.yaml + set: + redis-cluster: + enabled: false + redis: + enabled: false + gitea.config.session.PROVIDER: custom-provider + gitea.config.session.PROVIDER_CONFIG: custom-provider-config + asserts: + - documentIndex: 0 + equal: + path: stringData.session + value: |- + PROVIDER=custom-provider + PROVIDER_CONFIG=custom-provider-config diff --git a/unittests/dependency-major-image-check.yaml b/unittests/dependency-major-image-check.yaml index a8967c3..1ff65cc 100644 --- a/unittests/dependency-major-image-check.yaml +++ b/unittests/dependency-major-image-check.yaml @@ -15,7 +15,7 @@ tests: matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^docker.io/bitnami/postgresql-repmgr:16.+$ + pattern: ^docker.io/bitnami/postgresql-repmgr:17.+$ - it: '[postgresql] ensures we detect major image version upgrades' template: charts/postgresql/templates/primary/statefulset.yaml set: @@ -28,15 +28,30 @@ tests: matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^docker.io/bitnami/postgresql:16.+$ + pattern: ^docker.io/bitnami/postgresql:17.+$ - it: '[redis-cluster] ensures we detect major image version upgrades' template: charts/redis-cluster/templates/redis-statefulset.yaml set: redis-cluster: enabled: true + redis: + enabled: false + asserts: + - documentIndex: 0 + matchRegex: + path: spec.template.spec.containers[0].image + # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST + pattern: bitnami/redis-cluster:7.+$ + - it: '[redis] ensures we detect major image version upgrades' + template: charts/redis/templates/master/application.yaml + set: + redis-cluster: + enabled: false + redis: + enabled: true asserts: - documentIndex: 0 matchRegex: path: spec.template.spec.containers[0].image # IN CASE OF AN INTENTIONAL MAJOR BUMP, ADJUST THIS TEST - pattern: ^docker.io/bitnami/redis-cluster:7.+$ + pattern: bitnami/redis:7.+$ diff --git a/unittests/deployment/HA.yaml b/unittests/deployment/HA.yaml new file mode 100644 index 0000000..aeecad6 --- /dev/null +++ b/unittests/deployment/HA.yaml @@ -0,0 +1,59 @@ +suite: deployment template (HA) +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/deployment.yaml + - templates/gitea/config.yaml +tests: + - it: fails with multiple replicas and "GIT_GC_REPOS" enabled + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + persistence: + accessModes: + - ReadWriteMany + gitea: + config: + cron: + GIT_GC_REPOS: + ENABLED: true + asserts: + - failedTemplate: + errorMessage: "Invoking the garbage collector via CRON is not yet supported when running with multiple replicas. Please set 'cron.GIT_GC_REPOS.enabled = false'." + - it: fails with multiple replicas and RWX file system not set + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + asserts: + - failedTemplate: + errorMessage: 'When using multiple replicas, a RWX file system is required and gitea.persistence.accessModes[0] must be set to ReadWriteMany.' + - it: fails with multiple replicas and bleve issue indexer + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + persistence: + accessModes: + - ReadWriteMany + gitea: + config: + indexer: + ISSUE_INDEXER_TYPE: bleve + asserts: + - failedTemplate: + errorMessage: "When using multiple replicas, the issue indexer (gitea.config.indexer.ISSUE_INDEXER_TYPE) must be set to a HA-ready provider such as 'meilisearch', 'elasticsearch' or 'db' (if the DB is HA-ready)." + - it: fails with multiple replicas and bleve repo indexer + template: templates/gitea/deployment.yaml + set: + replicaCount: 2 + persistence: + accessModes: + - ReadWriteMany + gitea: + config: + indexer: + REPO_INDEXER_TYPE: bleve + REPO_INDEXER_ENABLED: true + asserts: + - failedTemplate: + errorMessage: "When using multiple replicas, the repo indexer (gitea.config.indexer.REPO_INDEXER_TYPE) must be set to 'meilisearch' or 'elasticsearch' or disabled." diff --git a/unittests/deployment/basic.yaml b/unittests/deployment/basic.yaml index bfcb9f2..133a7c2 100644 --- a/unittests/deployment/basic.yaml +++ b/unittests/deployment/basic.yaml @@ -15,3 +15,17 @@ tests: kind: Deployment apiVersion: apps/v1 name: forgejo-unittests + - it: deployment labels are set + template: templates/gitea/deployment.yaml + set: + deployment.labels: + hello: world + asserts: + - isSubset: + path: metadata.labels + content: + hello: world + - isSubset: + path: spec.template.metadata.labels + content: + hello: world diff --git a/unittests/deployment/image-configuration.yaml b/unittests/deployment/image-configuration.yaml index ab63f3d..9370b88 100644 --- a/unittests/deployment/image-configuration.yaml +++ b/unittests/deployment/image-configuration.yaml @@ -14,7 +14,7 @@ tests: asserts: - equal: path: spec.template.spec.containers[0].image - value: 'codeberg.org/forgejo/forgejo:1.19.3-rootless' + value: 'code.forgejo.org/forgejo/forgejo:1.19.3-rootless' - it: tag override template: templates/gitea/deployment.yaml set: @@ -22,7 +22,7 @@ tests: asserts: - equal: path: spec.template.spec.containers[0].image - value: 'codeberg.org/forgejo/forgejo:1.19.4-rootless' + value: 'code.forgejo.org/forgejo/forgejo:1.19.4-rootless' - it: root-based image template: templates/gitea/deployment.yaml set: @@ -30,7 +30,7 @@ tests: asserts: - equal: path: spec.template.spec.containers[0].image - value: 'codeberg.org/forgejo/forgejo:1.19.3' + value: 'code.forgejo.org/forgejo/forgejo:1.19.3' - it: scoped registry template: templates/gitea/deployment.yaml set: @@ -56,7 +56,7 @@ tests: asserts: - equal: path: spec.template.spec.containers[0].image - value: 'codeberg.org/forgejo/forgejo:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a' + value: 'code.forgejo.org/forgejo/forgejo:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a' - it: image fullOverride (does not append rootless) template: templates/gitea/deployment.yaml set: @@ -81,7 +81,7 @@ tests: asserts: - equal: path: spec.template.spec.containers[0].image - value: 'codeberg.org/forgejo/forgejo:1.19.3@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a' + value: 'code.forgejo.org/forgejo/forgejo:1.19.3@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a' - it: digest and global registry template: templates/gitea/deployment.yaml set: @@ -91,3 +91,20 @@ tests: - equal: path: spec.template.spec.containers[0].image value: 'global.example.com/forgejo/forgejo:1.19.3-rootless@sha256:b28e8f3089b52ebe6693295df142f8c12eff354e9a4a5bfbb5c10f296c3a537a' + - it: correctly renders floating tag references + template: templates/gitea/deployment.yaml + set: + image.tag: 1.21 # use non-quoted value on purpose. See: https://gitea.com/gitea/helm-chart/issues/631 + asserts: + - equal: + path: spec.template.spec.initContainers[0].image + value: 'code.forgejo.org/forgejo/forgejo:1.21-rootless' + - equal: + path: spec.template.spec.initContainers[1].image + value: 'code.forgejo.org/forgejo/forgejo:1.21-rootless' + - equal: + path: spec.template.spec.initContainers[2].image + value: 'code.forgejo.org/forgejo/forgejo:1.21-rootless' + - equal: + path: spec.template.spec.containers[0].image + value: 'code.forgejo.org/forgejo/forgejo:1.21-rootless' diff --git a/unittests/deployment/ingress-configuration.yaml b/unittests/deployment/ingress-configuration.yaml index 2d2476e..4dfda51 100644 --- a/unittests/deployment/ingress-configuration.yaml +++ b/unittests/deployment/ingress-configuration.yaml @@ -15,9 +15,33 @@ tests: hosts: - '{{ .Values.global.giteaHostName }}' asserts: + - isKind: + of: Ingress - equal: path: spec.tls[0].hosts[0] value: 'gitea.example.com' - equal: path: spec.rules[0].host value: 'gitea.example.com' + - it: Ingress Class using TPL + set: + global.ingress.className: 'ingress-class' + ingress.className: '{{ .Values.global.ingress.className }}' + ingress.enabled: true + ingress.hosts[0].host: 'some-host' + ingress.tls: + - secretName: gitea-tls + hosts: + - 'some-host' + asserts: + - isKind: + of: Ingress + - equal: + path: spec.tls[0].hosts[0] + value: 'some-host' + - equal: + path: spec.rules[0].host + value: 'some-host' + - equal: + path: spec.ingressClassName + value: 'ingress-class' diff --git a/unittests/deployment/route-configuration.yaml b/unittests/deployment/route-configuration.yaml new file mode 100644 index 0000000..b4da640 --- /dev/null +++ b/unittests/deployment/route-configuration.yaml @@ -0,0 +1,155 @@ +# $schema: https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: route template +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/route.yaml +tests: + - it: hostname using TPL + set: + global.giteaHostName: 'gitea.example.com' + route.enabled: true + route.host: '{{ .Values.global.giteaHostName }}' + asserts: + - isKind: + of: Route + - equal: + path: spec.host + value: 'gitea.example.com' + - notExists: + path: spec.wildcardPolicy + - it: wildcard policy + set: + global.giteaHostName: 'gitea.example.com' + route.enabled: true + route.wildcardPolicy: 'Subdomain' + asserts: + - isKind: + of: Route + - equal: + path: spec.wildcardPolicy + value: 'Subdomain' + - it: existing certificate + set: + route.enabled: true + route.tls.existingSecret: certificate-secret + route.tls.certificate: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + route.tls.privateKey: | + -----BEGIN PRIVATE KEY----- + ... + -----END PRIVATE KEY----- + route.tls.caCertificate: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + asserts: + - isKind: + of: Route + - equal: + path: spec.tls.externalCertificate + value: certificate-secret + - notExists: + path: spec.tls.certificate + - notExists: + path: spec.tls.key + - notExists: + path: spec.tls.caCertificate + - it: valid certificate values + set: + route.enabled: true + route.tls.certificate: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + route.tls.privateKey: | + -----BEGIN PRIVATE KEY----- + ... + -----END PRIVATE KEY----- + route.tls.caCertificate: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + asserts: + - isKind: + of: Route + - notExists: + path: spec.tls.externalCertificate + - equal: + path: spec.tls.certificate + value: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + - equal: + path: spec.tls.key + value: | + -----BEGIN PRIVATE KEY----- + ... + -----END PRIVATE KEY----- + - equal: + path: spec.tls.caCertificate + value: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + - it: missing certificate values + set: + route.enabled: true + route.tls.privateKey: | + -----BEGIN PRIVATE KEY----- + ... + -----END PRIVATE KEY----- + route.tls.caCertificate: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + asserts: + - failedTemplate: + errorMessage: certificate, privateKey and caCertificate must be specified together + - it: missing privateKey values + set: + route.enabled: true + route.tls.certificate: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + route.tls.caCertificate: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + asserts: + - failedTemplate: + errorMessage: certificate, privateKey and caCertificate must be specified together + - it: missing caCertificate values + set: + route.enabled: true + route.tls.certificate: | + -----BEGIN CERTIFICATE----- + ... + -----END CERTIFICATE----- + route.tls.privateKey: | + -----BEGIN PRIVATE KEY----- + ... + -----END PRIVATE KEY----- + asserts: + - failedTemplate: + errorMessage: certificate, privateKey and caCertificate must be specified together diff --git a/unittests/deployment/security-context-normal.yaml b/unittests/deployment/security-context-normal.yaml new file mode 100644 index 0000000..2418371 --- /dev/null +++ b/unittests/deployment/security-context-normal.yaml @@ -0,0 +1,25 @@ +# $schema: https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: deployment template (security context) +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/deployment.yaml + - templates/gitea/config.yaml +tests: + - it: FS group set to 1000 + template: templates/gitea/deployment.yaml + set: + image.rootless: false + asserts: + - equal: + path: spec.template.spec.securityContext.fsGroup + value: 1000 + - it: run configure-gitea with UID 1000 + template: templates/gitea/deployment.yaml + set: + image.rootless: false + asserts: + - equal: + path: spec.template.spec.initContainers[?(@.name == 'configure-gitea')].securityContext.runAsUser + value: 1000 diff --git a/unittests/deployment/security-context-ocp.yaml b/unittests/deployment/security-context-ocp.yaml new file mode 100644 index 0000000..5f7127a --- /dev/null +++ b/unittests/deployment/security-context-ocp.yaml @@ -0,0 +1,25 @@ +# $schema: https://raw.githubusercontent.com/helm-unittest/helm-unittest/main/schema/helm-testsuite.json +suite: deployment template (security context) +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/deployment.yaml + - templates/gitea/config.yaml +tests: + - it: FS group not set + template: templates/gitea/deployment.yaml + set: + image.rootless: false + global.compatibility.openshift.adaptSecurityContext: force + asserts: + - notExists: + path: spec.template.spec.securityContext.fsGroup + - it: configure-gitea without runaAsUser + template: templates/gitea/deployment.yaml + set: + image.rootless: false + global.compatibility.openshift.adaptSecurityContext: force + asserts: + - notExists: + path: spec.template.spec.initContainers[?(@.name == 'configure-gitea')].securityContext.runAsUser diff --git a/unittests/deployment/storage-class-configuration.yaml b/unittests/deployment/storage-class-configuration.yaml new file mode 100644 index 0000000..525197f --- /dev/null +++ b/unittests/deployment/storage-class-configuration.yaml @@ -0,0 +1,39 @@ +# File: tests/gitea-storageclass-tests.yaml + +suite: storage class configuration tests + +release: + name: gitea-storageclass-tests + namespace: testing + +templates: + - templates/gitea/pvc.yaml + +tests: + - it: should set storageClassName when persistence.storageClass is defined + template: templates/gitea/pvc.yaml + set: + persistence.storageClass: 'my-storage-class' + asserts: + - equal: + path: 'spec.storageClassName' + value: 'my-storage-class' + + - it: should set global.storageClass when persistence.storageClass is not defined + template: templates/gitea/pvc.yaml + set: + global.storageClass: 'default-storage-class' + asserts: + - equal: + path: spec.storageClassName + value: 'default-storage-class' + + - it: should set storageClassName when persistence.storageClass is defined and global.storageClass is defined + template: templates/gitea/pvc.yaml + set: + global.storageClass: 'default-storage-class' + persistence.storageClass: 'my-storage-class' + asserts: + - equal: + path: spec.storageClassName + value: 'my-storage-class' diff --git a/unittests/deployment/svc-configuration.yaml b/unittests/deployment/svc-configuration.yaml new file mode 100644 index 0000000..f39bb1b --- /dev/null +++ b/unittests/deployment/svc-configuration.yaml @@ -0,0 +1,128 @@ +suite: ssh-svc / http-svc template (Services configuration) +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/ssh-svc.yaml + - templates/gitea/http-svc.yaml +tests: + - it: supports adding custom labels to ssh-svc + template: templates/gitea/ssh-svc.yaml + set: + service: + ssh: + labels: + gitea/testkey: testvalue + asserts: + - equal: + path: metadata.labels["gitea/testkey"] + value: 'testvalue' + + - it: keeps existing labels (ssh) + template: templates/gitea/ssh-svc.yaml + set: + service: + ssh: + labels: {} + asserts: + - exists: + path: metadata.labels["app"] + + - it: supports adding custom labels to http-svc + template: templates/gitea/http-svc.yaml + set: + service: + http: + labels: + gitea/testkey: testvalue + asserts: + - equal: + path: metadata.labels["gitea/testkey"] + value: 'testvalue' + + - it: keeps existing labels (http) + template: templates/gitea/http-svc.yaml + set: + service: + http: + labels: {} + asserts: + - exists: + path: metadata.labels["app"] + + - it: uses default ports to ssh-svc + template: templates/gitea/ssh-svc.yaml + asserts: + - equal: + path: spec.ports[0].port + value: 22 + - equal: + path: spec.ports[0].targetPort + value: ssh + + - it: render service.ssh.loadBalancerClass if set and type is LoadBalancer + template: templates/gitea/ssh-svc.yaml + set: + service: + ssh: + loadBalancerClass: 'example.com/class' + type: LoadBalancer + loadBalancerIP: '1.2.3.4' + loadBalancerSourceRanges: + - '1.2.3.4/32' + - '5.6.7.8/32' + asserts: + - equal: + path: spec.loadBalancerClass + value: 'example.com/class' + - equal: + path: spec.loadBalancerIP + value: '1.2.3.4' + - equal: + path: spec.loadBalancerSourceRanges + value: ['1.2.3.4/32', '5.6.7.8/32'] + + - it: does not render when loadbalancer properties are set but type is not loadBalancerClass + template: templates/gitea/http-svc.yaml + set: + service: + http: + type: ClusterIP + loadBalancerClass: 'example.com/class' + loadBalancerIP: '1.2.3.4' + loadBalancerSourceRanges: + - '1.2.3.4/32' + - '5.6.7.8/32' + asserts: + - notExists: + path: spec.loadBalancerClass + - notExists: + path: spec.loadBalancerIP + - notExists: + path: spec.loadBalancerSourceRanges + + - it: does not render loadBalancerClass by default even when type is LoadBalancer + template: templates/gitea/http-svc.yaml + set: + service: + http: + type: LoadBalancer + loadBalancerIP: '1.2.3.4' + asserts: + - notExists: + path: spec.loadBalancerClass + - equal: + path: spec.loadBalancerIP + value: '1.2.3.4' + + - it: both ssh and http services exist + templates: + - templates/gitea/ssh-svc.yaml + - templates/gitea/http-svc.yaml + asserts: + - matchRegex: + path: metadata.name + pattern: '^gitea-unittests-forgejo-(?:ssh|http)$' + - matchRegex: + path: spec.ports[0].name + pattern: '^(?:ssh|http)$' diff --git a/unittests/init/init_directory_structure.sh-rootless.yaml b/unittests/init/init_directory_structure.sh-rootless.yaml index 29dac81..ea5f3cf 100644 --- a/unittests/init/init_directory_structure.sh-rootless.yaml +++ b/unittests/init/init_directory_structure.sh-rootless.yaml @@ -1,6 +1,6 @@ -suite: Init template +suite: Init template (rootless) release: - name: gitea-unittests + name: forgejo-unittests namespace: testing templates: - templates/gitea/init.yaml @@ -67,7 +67,6 @@ tests: chown 1000:1000 "${GNUPGHOME}" fi - it: it does not chown /data even when image.fullOverride is set - template: templates/gitea/init.yaml set: image.fullOverride: gitea/gitea:1.20.5 asserts: diff --git a/unittests/pvc/pvc-configuration.yaml b/unittests/pvc/pvc-configuration.yaml new file mode 100644 index 0000000..c3afaaf --- /dev/null +++ b/unittests/pvc/pvc-configuration.yaml @@ -0,0 +1,19 @@ +suite: PVC template +release: + name: gitea-unittests + namespace: testing +templates: + - templates/gitea/pvc.yaml +tests: + - it: Storage Class using TPL + set: + global.persistence.storageClass: 'storage-class' + persistence.enabled: true + persistence.create: true + persistence.storageClass: '{{ .Values.global.persistence.storageClass }}' + asserts: + - isKind: + of: PersistentVolumeClaim + - equal: + path: spec.storageClassName + value: 'storage-class' diff --git a/unittests/values-conflicting-checks.yaml b/unittests/values-conflicting-checks.yaml new file mode 100644 index 0000000..a257690 --- /dev/null +++ b/unittests/values-conflicting-checks.yaml @@ -0,0 +1,14 @@ +suite: Values conflicting checks +release: + name: gitea-unittests + namespace: testing +tests: + - it: fails when trying to configure redis and redis-cluster the same time + set: + redis-cluster: + enabled: true + redis: + enabled: true + asserts: + - failedTemplate: + errorMessage: redis and redis-cluster cannot be enabled at the same time. Please only choose one. diff --git a/values.yaml b/values.yaml index eac552e..4af2e9f 100644 --- a/values.yaml +++ b/values.yaml @@ -20,6 +20,10 @@ global: # hostnames: # - example.com +## @param namespaceOverride String to fully override common.names.namespace +## +namespaceOverride: '' + ## @param replicaCount number of replicas for the deployment replicaCount: 1 @@ -39,13 +43,13 @@ clusterDomain: cluster.local ## @section Image ## @param image.registry image registry, e.g. gcr.io,docker.io ## @param image.repository Image to start for this pod -## @param image.tag Visit: [Image tag](https://codeberg.org/forgejo/-/packages/container/forgejo/versions). Defaults to `appVersion` within Chart.yaml. +## @param image.tag Visit: [Image tag](https://code.forgejo.org/forgejo/-/packages/container/forgejo/versions). Defaults to `appVersion` within Chart.yaml. ## @param image.digest Image digest. Allows to pin the given image tag. Useful for having control over mutable tags like `latest` ## @param image.pullPolicy Image pull policy ## @param image.rootless Wether or not to pull the rootless version of Forgejo ## @param image.fullOverride Completely overrides the image registry, path/image, tag and digest. **Adjust `image.rootless` accordingly and review [Rootless defaults](#rootless-defaults).** image: - registry: codeberg.org + registry: code.forgejo.org repository: forgejo/forgejo # Overrides the image tag whose default is the chart appVersion. tag: '' @@ -97,7 +101,7 @@ podDisruptionBudget: {} service: ## @param service.http.type Kubernetes service type for web traffic ## @param service.http.port Port number for web traffic - ## @param service.http.clusterIP ClusterIP setting for http autosetup for deployment is None + ## @param service.http.clusterIP ClusterIP setting for http autosetup for deployment ## @param service.http.loadBalancerIP LoadBalancer IP setting ## @param service.http.nodePort NodePort for http service ## @param service.http.externalTrafficPolicy If `service.http.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation @@ -106,10 +110,12 @@ service: ## @param service.http.ipFamilies HTTP service dual-stack familiy selection,for dual-stack parameters see official kubernetes [dual-stack concept documentation](https://kubernetes.io/docs/concepts/services-networking/dual-stack/). ## @param service.http.loadBalancerSourceRanges Source range filter for http loadbalancer ## @param service.http.annotations HTTP service annotations + ## @param service.http.labels HTTP service additional labels + ## @param service.http.loadBalancerClass Loadbalancer class http: type: ClusterIP port: 3000 - clusterIP: None + clusterIP: loadBalancerIP: nodePort: externalTrafficPolicy: @@ -118,9 +124,11 @@ service: ipFamilies: loadBalancerSourceRanges: [] annotations: {} + labels: {} + loadBalancerClass: ## @param service.ssh.type Kubernetes service type for ssh traffic ## @param service.ssh.port Port number for ssh traffic - ## @param service.ssh.clusterIP ClusterIP setting for ssh autosetup for deployment is None + ## @param service.ssh.clusterIP ClusterIP setting for ssh autosetup for deployment ## @param service.ssh.loadBalancerIP LoadBalancer IP setting ## @param service.ssh.nodePort NodePort for ssh service ## @param service.ssh.externalTrafficPolicy If `service.ssh.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable source IP preservation @@ -130,10 +138,12 @@ service: ## @param service.ssh.hostPort HostPort for ssh service ## @param service.ssh.loadBalancerSourceRanges Source range filter for ssh loadbalancer ## @param service.ssh.annotations SSH service annotations + ## @param service.ssh.labels SSH service additional labels + ## @param service.ssh.loadBalancerClass Loadbalancer class ssh: type: ClusterIP port: 22 - clusterIP: None + clusterIP: loadBalancerIP: nodePort: externalTrafficPolicy: @@ -143,6 +153,8 @@ service: hostPort: loadBalancerSourceRanges: [] annotations: {} + labels: {} + loadBalancerClass: ## @section Ingress ## @param ingress.enabled Enable ingress @@ -152,7 +164,6 @@ service: ## @param ingress.hosts[0].paths[0].path Default Ingress path ## @param ingress.hosts[0].paths[0].pathType Ingress path type ## @param ingress.tls Ingress tls settings -## @extra ingress.apiVersion Specify APIVersion of ingress object. Mostly would only be used for argocd. ingress: enabled: false # className: nginx @@ -170,9 +181,48 @@ ingress: # - secretName: chart-example-tls # hosts: # - git.example.com - # Mostly for argocd or any other CI that uses `helm template | kubectl apply` or similar - # If helm doesn't correctly detect your ingress API version you can set it here. - # apiVersion: networking.k8s.io/v1 + +## @section Route +## @param route.enabled Enable route +## @param route.annotations Route annotations +## @param route.host Host to use for the route (will be assigned automatically by OKD / OpenShift is not defined) +## @param route.wildcardPolicy Wildcard policy if any for the route, currently only 'Subdomain' or 'None' is allowed. +## @param route.tls.termination termination type (see [OKD documentation](https://docs.okd.io/latest/rest_api/network_apis/route-route-openshift-io-v1.html#spec-tls)) +## @param route.tls.insecureEdgeTerminationPolicy the desired behavior for insecure connections to a route (e.g. with http) +## @param route.tls.existingSecret the name of a predefined secret of type kubernetes.io/tls with both key (tls.crt and tls.key) set accordingly (if defined attributes 'certificate', 'caCertificate' and 'privateKey' are ignored) +## @param route.tls.certificate PEM encoded single certificate +## @param route.tls.privateKey PEM encoded private key +## @param route.tls.caCertificate PEM encoded CA certificate or chain that issued the certificate +## @param route.tls.destinationCACertificate PEM encoded CA certificate used to verify the authenticity of final end point when 'termination' is set to 'passthrough' (ignored otherwise) +route: + enabled: false + annotations: {} + host: + wildcardPolicy: + tls: + termination: edge + insecureEdgeTerminationPolicy: Redirect + existingSecret: + certificate: + # certificate: |- + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- + privateKey: + # privateKey: |- + # -----BEGIN PRIVATE KEY----- + # ... + # -----END PRIVATE KEY----- + caCertificate: + # caCertificate: |- + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- + destinationCACertificate: + # destinationCACertificate: |- + # -----BEGIN CERTIFICATE----- + # ... + # -----END CERTIFICATE----- ## @section deployment # @@ -319,7 +369,7 @@ initContainers: # ## @param signing.enabled Enable commit/action signing ## @param signing.gpgHome GPG home directory -## @param signing.privateKey Inline private gpg key for signed Forgejo actions +## @param signing.privateKey Inline private GPG key for signed internal Git activity ## @param signing.existingSecret Use an existing secret to store the value of `signing.privateKey` signing: enabled: false @@ -338,19 +388,23 @@ gitea: ## @param gitea.admin.existingSecret Use an existing secret to store admin user credentials ## @param gitea.admin.password Password for the Forgejo admin user ## @param gitea.admin.email Email for the Forgejo admin user + ## @param gitea.admin.passwordMode Mode for how to set/update the admin user password. Options are: initialOnlyNoReset, initialOnlyRequireReset, and keepUpdated admin: # existingSecret: gitea-admin-secret existingSecret: username: gitea_admin password: r8sA8CPHD9!bt6d email: 'gitea@local.domain' + passwordMode: keepUpdated ## @param gitea.metrics.enabled Enable Forgejo metrics ## @param gitea.metrics.serviceMonitor.enabled Enable Forgejo metrics service monitor + ## @param gitea.metrics.serviceMonitor.namespace Namespace in which Prometheus is running metrics: enabled: false serviceMonitor: enabled: false + namespace: '' # additionalLabels: # prometheus-release: prom1 @@ -387,18 +441,6 @@ gitea: # customProfileUrl: # customEmailUrl: - ## @param gitea.config.server.SSH_PORT SSH port for rootlful Forgejo image - ## @param gitea.config.server.SSH_LISTEN_PORT SSH port for rootless Forgejo image - config: - # APP_NAME: "Forgejo: Git with a cup of tea" - # RUN_MODE: dev - server: - SSH_PORT: 22 # rootful image - SSH_LISTEN_PORT: 2222 # rootless image - # - # security: - # PASSWORD_COMPLEXITY: spec - ## @param gitea.additionalConfigSources Additional configuration from secret or configmap additionalConfigSources: [] # - secret: @@ -416,6 +458,158 @@ gitea: ssh: logLevel: 'INFO' + ## @section `app.ini` overrides + ## @descriptionStart + ## Every value described in the [Cheat + ## Sheet](https://forgejo.org/docs/latest/admin/config-cheat-sheet/) can be + ## set as a Helm value. Configuration sections map to (lowercased) YAML + ## blocks, while the keys themselves remain in all caps. + ## @descriptionEnd + config: + # values in the DEFAULT section + # (https://forgejo.org/docs/latest/admin/config-cheat-sheet/#overall-default) + # are un-namespaced + + ## @param gitea.config.APP_NAME Application name, used in the page title + APP_NAME: 'Forgejo: Beyond coding. We forge.' + + ## @param gitea.config.RUN_MODE Application run mode, affects performance and debugging: `dev` or `prod` + RUN_MODE: prod + + ## @param gitea.config.repository General repository settings + repository: {} + + ## @param gitea.config.cors Cross-origin resource sharing settings + cors: {} + + ## @param gitea.config.ui User interface settings + ui: {} + + ## @param gitea.config.markdown Markdown parser settings + markdown: {} + + ## @param gitea.config.server [object] General server settings + server: + SSH_PORT: 22 # rootful image + SSH_LISTEN_PORT: 2222 # rootless image + + ## @param gitea.config.database Database configuration (only necessary with an [externally managed DB](https://code.forgejo.org/forgejo-helm/forgejo-helm#external-database)). + database: {} + + ## @param gitea.config.indexer Settings for what content is indexed and how + indexer: {} + + ## @param gitea.config.queue Job queue configuration + queue: {} + + ## @param gitea.config.admin Admin user settings + admin: {} + + ## @param gitea.config.security Site security settings + security: {} + + ## @param gitea.config.camo Settings for the [camo](https://github.com/cactus/go-camo) media proxy server (disabled by default) + camo: {} + + ## @param gitea.config.openid Configuration for authentication with OpenID (disabled by default) + openid: {} + + ## @param gitea.config.oauth2_client OAuth2 client settings + oauth2_client: {} + + ## @param gitea.config.service Configuration for miscellaneous Forgejo services + service: {} + + ## @param gitea.config.ssh.minimum_key_sizes SSH minimum key sizes + ssh.minimum_key_sizes: {} + + ## @param gitea.config.webhook Webhook settings + webhook: {} + + ## @param gitea.config.mailer Mailer configuration (disabled by default) + mailer: {} + + ## @param gitea.config.email.incoming Configuration for handling incoming mail (disabled by default) + email.incoming: {} + + ## @param gitea.config.cache Cache configuration + cache: {} + + ## @param gitea.config.session Session/cookie handling + session: {} + + ## @param gitea.config.picture User avatar settings + picture: {} + + ## @param gitea.config.project Project board defaults + project: {} + + ## @param gitea.config.attachment Issue and PR attachment configuration + attachment: {} + + ## @param gitea.config.log Logging configuration + log: {} + + ## @param gitea.config.cron Cron job configuration + cron: {} + + ## @param gitea.config.git Global settings for Git + git: {} + + ## @param gitea.config.metrics Settings for the Prometheus endpoint (disabled by default) + metrics: {} + + ## @param gitea.config.api Settings for the Swagger API documentation endpoints + api: {} + + ## @param gitea.config.oauth2 Settings for the [OAuth2 provider](https://forgejo.org/docs/latest/admin/oauth2-provider/) + oauth2: {} + + ## @param gitea.config.i18n Internationalization settings + i18n: {} + + ## @param gitea.config.markup Configuration for advanced markup processors + markup: {} + + ## @param gitea.config.highlight.mapping File extension to language mapping overrides for syntax highlighting + highlight.mapping: {} + + ## @param gitea.config.time Locale settings + time: {} + + ## @param gitea.config.migrations Settings for Git repository migrations + migrations: {} + + ## @param gitea.config.federation Federation configuration + federation: {} + + ## @param gitea.config.packages Package registry settings + packages: {} + + ## @param gitea.config.mirror Configuration for repository mirroring + mirror: {} + + ## @param gitea.config.lfs Large File Storage configuration + lfs: {} + + ## @param gitea.config.repo-avatar Repository avatar storage configuration + repo-avatar: {} + + ## @param gitea.config.avatar User/org avatar storage configuration + avatar: {} + + ## @param gitea.config.storage General storage settings + storage: {} + + ## @param gitea.config.proxy Proxy configuration (disabled by default) + proxy: {} + + ## @param gitea.config.actions Configuration for [Forgejo Actions](https://forgejo.org/docs/latest/user/actions/) + actions: {} + + ## @param gitea.config.other Uncategorized configuration options + other: {} + ## @section LivenessProbe # ## @param gitea.livenessProbe.enabled Enable liveness probe @@ -439,7 +633,8 @@ gitea: ## @section ReadinessProbe # ## @param gitea.readinessProbe.enabled Enable readiness probe - ## @param gitea.readinessProbe.tcpSocket.port Port to probe for readiness + ## @param gitea.readinessProbe.httpGet.path Path to probe for readiness + ## @param gitea.readinessProbe.httpGet.port Port to probe for readiness ## @param gitea.readinessProbe.initialDelaySeconds Initial delay before readiness probe is initiated ## @param gitea.readinessProbe.timeoutSeconds Timeout for readiness probe ## @param gitea.readinessProbe.periodSeconds Period for readiness probe @@ -448,7 +643,8 @@ gitea: # Modify the readiness probe for your needs or completely disable it by commenting out. readinessProbe: enabled: true - tcpSocket: + httpGet: + path: /api/healthz port: http initialDelaySeconds: 5 timeoutSeconds: 1 @@ -479,10 +675,11 @@ gitea: ## @section Redis® Cluster ## @descriptionStart ## Redis® Cluster is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/redis-cluster) if enabled in the values. -## Complete Configuration can be taken from their website. +## Full configuration options are available on their website. +## Redis cluster and [Redis](#redis) cannot be enabled at the same time. ## @descriptionEnd # -## @param redis-cluster.enabled Enable redis +## @param redis-cluster.enabled Enable redis cluster ## @param redis-cluster.usePassword Whether to use password authentication ## @param redis-cluster.cluster.nodes Number of redis cluster master nodes ## @param redis-cluster.cluster.replicas Number of redis cluster master node replicas @@ -493,10 +690,30 @@ redis-cluster: nodes: 3 # default: 6 replicas: 0 # default: 1 +## @section Redis® +## @descriptionStart +## Redis® is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/redis) if enabled in the values. +## Full configuration options are available on their website. +## Redis and [Redis cluster](#redis-cluster) cannot be enabled at the same time. +## @descriptionEnd +# +## @param redis.enabled Enable redis standalone or replicated +## @param redis.architecture Whether to use standalone or replication +## @param redis.global.redis.password Required password +## @param redis.master.count Number of Redis master instances to deploy +redis: + enabled: false + architecture: standalone + global: + redis: + password: changeme + master: + count: 1 + ## @section PostgreSQL HA ## @descriptionStart ## PostgreSQL HA is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql-ha) if enabled in the values. -## Complete Configuration can be taken from their website. +## Full configuration options are available on their website. ## @descriptionEnd # ## @param postgresql-ha.enabled Enable PostgreSQL HA chart @@ -508,7 +725,7 @@ redis-cluster: ## @param postgresql-ha.postgresql.postgresPassword postgres Password ## @param postgresql-ha.pgpool.adminPassword pgpool adminPassword ## @param postgresql-ha.service.ports.postgresql PostgreSQL service port (overrides `service.ports.postgresql`) -## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL-ha volume +## @param postgresql-ha.primary.persistence.size PVC Storage Request for PostgreSQL HA volume postgresql-ha: global: postgresql: @@ -532,7 +749,7 @@ postgresql-ha: ## @section PostgreSQL ## @descriptionStart ## PostgreSQL is loaded as a dependency from [Bitnami](https://github.com/bitnami/charts/tree/master/bitnami/postgresql) if enabled in the values. -## Complete Configuration can be taken from their website. +## Full configuration options are available on their website. ## @descriptionEnd # ## @param postgresql.enabled Enable PostgreSQL @@ -559,8 +776,8 @@ postgresql: # By default, removed or moved settings that still remain in a user defined values.yaml will cause Helm to fail running the install/update. # Set it to false to skip this basic validation check. ## @section Advanced -## @param checkDeprecation Set it to false to skip this basic validation check. -## @param test.enabled Set it to false to disable test-connection Pod. +## @param checkDeprecation Whether to run this basic validation check. +## @param test.enabled Whether to use test-connection Pod. ## @param test.image.name Image name for the wget container used in the test-connection Pod. ## @param test.image.tag Image tag for the wget container used in the test-connection Pod. checkDeprecation: true @@ -570,6 +787,6 @@ test: name: busybox tag: latest -## @param extraDeploy Array of extra objects to deploy with the release +## @param extraDeploy Array of extra objects to deploy with the release. ## extraDeploy: []