From d5d4dd5b4300d159f0f60bed85af8ec60a5c8330 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 17 Jul 2024 08:29:14 +0200 Subject: [PATCH 01/22] fix -v option --- project.clj | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/project.clj b/project.clj index ed3592e..39bdde4 100644 --- a/project.clj +++ b/project.clj @@ -10,7 +10,8 @@ :target-path "target/%s/" :source-paths ["src/main/cljc" "src/main/clj"] - :resource-paths ["src/main/resources"] + :resource-paths ["src/main/resources" + "project.clj"] :repositories [["snapshots" :clojars] ["releases" :clojars]] :deploy-repositories [["snapshots" {:sign-releases false :url "https://clojars.org/repo"}] From d3dd3ca5efbbf2b85e7894aa315edd6b3d363219 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 17 Jul 2024 14:18:08 +0200 Subject: [PATCH 02/22] split auth and config --- project.clj | 2 +- src/main/clj/dda/c4k_forgejo/uberjar.clj | 5 ++- src/main/cljc/dda/c4k_forgejo/core.cljc | 51 +++++++++++++--------- src/main/cljs/dda/c4k_forgejo/browser.cljs | 36 ++++++++------- 4 files changed, 55 insertions(+), 39 deletions(-) diff --git a/project.clj b/project.clj index 39bdde4..a2fe8aa 100644 --- a/project.clj +++ b/project.clj @@ -5,7 +5,7 @@ :url "https://www.apache.org/licenses/LICENSE-2.0.html"} :dependencies [[org.clojure/clojure "1.11.3" :scope "provided"] [org.clojure/tools.reader "1.4.2"] - [org.domaindrivenarchitecture/c4k-common-clj "6.4.1"] + [org.domaindrivenarchitecture/c4k-common-clj "6.4.2-SNAPSHOT"] ; TODO: Release version with refactorings and update here [hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]] :target-path "target/%s/" :source-paths ["src/main/cljc" diff --git a/src/main/clj/dda/c4k_forgejo/uberjar.clj b/src/main/clj/dda/c4k_forgejo/uberjar.clj index 14338d6..42b2098 100644 --- a/src/main/clj/dda/c4k_forgejo/uberjar.clj +++ b/src/main/clj/dda/c4k_forgejo/uberjar.clj @@ -7,10 +7,11 @@ (set! *warn-on-reflection* true) (defn -main [& cmd-args] - (uberjar/main-common + (uberjar/main-cm "c4k-forgejo" core/config? core/auth? core/config-defaults - core/k8s-objects + core/config-objects + core/auth-objects cmd-args)) diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc index 9b39ce1..ca0c3a5 100644 --- a/src/main/cljc/dda/c4k_forgejo/core.cljc +++ b/src/main/cljc/dda/c4k_forgejo/core.cljc @@ -1,25 +1,25 @@ (ns dda.c4k-forgejo.core - (:require - [clojure.spec.alpha :as s] - [dda.c4k-common.yaml :as yaml] - [dda.c4k-common.common :as cm] - [dda.c4k-common.monitoring :as mon] - [dda.c4k-forgejo.forgejo :as forgejo] - [dda.c4k-forgejo.backup :as backup] - [dda.c4k-common.postgres :as postgres] - [dda.c4k-common.namespace :as ns])) + (:require + [clojure.spec.alpha :as s] + [dda.c4k-common.yaml :as yaml] + [dda.c4k-common.common :as cm] + [dda.c4k-common.monitoring :as mon] + [dda.c4k-forgejo.forgejo :as forgejo] + [dda.c4k-forgejo.backup :as backup] + [dda.c4k-common.postgres :as postgres] + [dda.c4k-common.namespace :as ns])) (def config-defaults {:issuer "staging", :deploy-federated "false"}) (def rate-limit-defaults {:max-rate 10, :max-concurrent-requests 5}) -(def config? (s/keys :req-un [::forgejo/fqdn - ::forgejo/mailer-from - ::forgejo/mailer-host +(def config? (s/keys :req-un [::forgejo/fqdn + ::forgejo/mailer-from + ::forgejo/mailer-host ::forgejo/mailer-port ::forgejo/service-noreply-address] - :opt-un [::forgejo/issuer + :opt-un [::forgejo/issuer ::forgejo/deploy-federated - ::forgejo/default-app-name + ::forgejo/default-app-name ::forgejo/service-domain-whitelist ::forgejo/forgejo-image-version-overwrite ::backup/restic-repository @@ -39,7 +39,7 @@ :postgres-image "postgres:14" :postgres-size :2gb}) -(defn k8s-objects [config auth] ; ToDo: ADR for generate functions - vector or no vector? +(defn config-objects [config] ; ToDo: ADR for generate functions - vector or no vector? (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path) resolved-config (merge {:namespace "forgejo"} postgres-config config)] (map yaml/to-string @@ -47,7 +47,6 @@ (cm/concat-vec (ns/generate resolved-config) [(postgres/generate-config resolved-config) - (postgres/generate-secret {:namespace "forgejo"} auth) (when (contains? resolved-config :postgres-data-volume-path) (postgres/generate-persistent-volume (select-keys resolved-config [:postgres-data-volume-path :pv-storage-size-gb]))) (postgres/generate-pvc (merge resolved-config {:pvc-storage-class-name storage-class})) @@ -57,13 +56,25 @@ (forgejo/generate-service) (forgejo/generate-service-ssh) (forgejo/generate-data-volume resolved-config) - (forgejo/generate-appini-env resolved-config) - (forgejo/generate-secrets auth)] ; this does not have a vector as output + (forgejo/generate-appini-env resolved-config)] (forgejo/generate-ratelimit-ingress-and-cert resolved-config) ; this function has a vector as output (when (contains? resolved-config :restic-repository) [(backup/generate-config resolved-config) - (backup/generate-secret auth) (backup/generate-cron) (backup/generate-backup-restore-deployment resolved-config)]) (when (:contains? resolved-config :mon-cfg) - (mon/generate (:mon-cfg resolved-config) (:mon-auth auth)))))))) + (mon/generate-config))))))) + +(defn auth-objects [config auth] ; ToDo: ADR for generate functions - vector or no vector? + (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path) + resolved-config (merge {:namespace "forgejo"} postgres-config config)] + (map yaml/to-string + (filter #(not (nil? %)) + (cm/concat-vec + (ns/generate resolved-config) + [(postgres/generate-secret {:namespace "forgejo"} auth) + (forgejo/generate-secrets auth)] + (when (contains? resolved-config :restic-repository) + [(backup/generate-secret auth)]) + (when (:contains? resolved-config :mon-cfg) + (mon/generate-auth (:mon-cfg resolved-config) (:mon-auth auth)))))))) diff --git a/src/main/cljs/dda/c4k_forgejo/browser.cljs b/src/main/cljs/dda/c4k_forgejo/browser.cljs index 70caf09..ba59420 100644 --- a/src/main/cljs/dda/c4k_forgejo/browser.cljs +++ b/src/main/cljs/dda/c4k_forgejo/browser.cljs @@ -4,7 +4,7 @@ [clojure.tools.reader.edn :as edn] [dda.c4k-forgejo.core :as core] [dda.c4k-forgejo.forgejo :as forgejo] - [dda.c4k-common.browser :as br] + [dda.c4k-common.browser :as br] [dda.c4k-common.common :as cm])) (defn generate-group @@ -73,14 +73,13 @@ :mailer-host (br/get-content-from-element "mailer-host") :mailer-port (br/get-content-from-element "mailer-port") :service-noreply-address (br/get-content-from-element "service-noreply-address") - :volume-total-storage-size (br/get-content-from-element "volume-total-storage-size" :deserializer js/parseInt)} + :volume-total-storage-size (br/get-content-from-element "volume-total-storage-size" :deserializer js/parseInt)} (when (not (st/blank? issuer)) {:issuer issuer}) (when (not (st/blank? app-name)) {:default-app-name app-name}) (when (not (st/blank? domain-whitelist)) - {:service-domain-whitelist domain-whitelist}) - ))) + {:service-domain-whitelist domain-whitelist})))) (defn validate-all! [] (br/validate! "fqdn" ::forgejo/fqdn) @@ -91,7 +90,7 @@ (br/validate! "deploy-federated" ::forgejo/deploy-federated :optional true) (br/validate! "issuer" ::forgejo/issuer :optional true) (br/validate! "app-name" ::forgejo/default-app-name :optional true) - (br/validate! "domain-whitelist" ::forgejo/service-domain-whitelist :optional true) + (br/validate! "domain-whitelist" ::forgejo/service-domain-whitelist :optional true) (br/validate! "volume-total-storage-size" ::forgejo/volume-total-storage-size :deserializer js/parseInt) (br/validate! "auth" forgejo/auth? :deserializer edn/read-string) (br/set-form-validated!)) @@ -103,16 +102,21 @@ (defn init [] (br/append-hickory (generate-content-div)) - (-> js/document - (.getElementById "generate-button") - (.addEventListener "click" - #(do (validate-all!) - (-> (cm/generate-common - (config-from-document) - (br/get-content-from-element "auth" :deserializer edn/read-string) - core/config-defaults - core/k8s-objects) - (br/set-output!))))) + (let [config-only false + auth-only false] + (-> js/document + (.getElementById "generate-button") + (.addEventListener "click" + #(do (validate-all!) + (-> (cm/generate-cm + (config-from-document) + (br/get-content-from-element "auth" :deserializer edn/read-string) + core/config-defaults + core/config-objects + core/auth-objects + config-only + auth-only) + (br/set-output!)))))) (add-validate-listener "fqdn") (add-validate-listener "deploy-federated") (add-validate-listener "mailer-from") @@ -120,7 +124,7 @@ (add-validate-listener "mailer-port") (add-validate-listener "service-noreply-address") (add-validate-listener "app-name") - (add-validate-listener "domain-whitelist") + (add-validate-listener "domain-whitelist") (add-validate-listener "volume-total-storage-size") (add-validate-listener "issuer") (add-validate-listener "auth")) \ No newline at end of file From 0055eb343533c6f972a3c62bece1e1ef0db3e432 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 17 Jul 2024 15:33:30 +0200 Subject: [PATCH 03/22] adjusted configs --- src/main/cljc/dda/c4k_forgejo/core.cljc | 73 ++++++++++++------------- 1 file changed, 36 insertions(+), 37 deletions(-) diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc index ca0c3a5..3a895ac 100644 --- a/src/main/cljc/dda/c4k_forgejo/core.cljc +++ b/src/main/cljc/dda/c4k_forgejo/core.cljc @@ -9,7 +9,14 @@ [dda.c4k-common.postgres :as postgres] [dda.c4k-common.namespace :as ns])) -(def config-defaults {:issuer "staging", :deploy-federated "false"}) +(def config-defaults {:namespace "forgejo" + :issuer "staging" + :deploy-federated "false" + :db-name "forgejo" + :pv-storage-size-gb 5 + :pvc-storage-class-name "" + :postgres-image "postgres:14" + :postgres-size :2gb}) (def rate-limit-defaults {:max-rate 10, :max-concurrent-requests 5}) (def config? (s/keys :req-un [::forgejo/fqdn @@ -33,48 +40,40 @@ (def vol? (s/keys :req-un [::forgejo/volume-total-storage-size])) -(def postgres-config {:db-name "forgejo" - :pv-storage-size-gb 5 - :pvc-storage-class-name "" - :postgres-image "postgres:14" - :postgres-size :2gb}) - (defn config-objects [config] ; ToDo: ADR for generate functions - vector or no vector? - (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path) - resolved-config (merge {:namespace "forgejo"} postgres-config config)] + (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)] (map yaml/to-string (filter #(not (nil? %)) (cm/concat-vec - (ns/generate resolved-config) - [(postgres/generate-config resolved-config) - (when (contains? resolved-config :postgres-data-volume-path) - (postgres/generate-persistent-volume (select-keys resolved-config [:postgres-data-volume-path :pv-storage-size-gb]))) - (postgres/generate-pvc (merge resolved-config {:pvc-storage-class-name storage-class})) - (postgres/generate-deployment resolved-config) - (postgres/generate-service resolved-config) - (forgejo/generate-deployment resolved-config) + (ns/generate config) + [(postgres/generate-config-configmap config) + (when (contains? config :postgres-data-volume-path) + (postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb]))) + (postgres/generate-pvc (merge config {:pvc-storage-class-name storage-class})) + (postgres/generate-deployment config) + (postgres/generate-service config) + (forgejo/generate-deployment config) (forgejo/generate-service) (forgejo/generate-service-ssh) - (forgejo/generate-data-volume resolved-config) - (forgejo/generate-appini-env resolved-config)] - (forgejo/generate-ratelimit-ingress-and-cert resolved-config) ; this function has a vector as output - (when (contains? resolved-config :restic-repository) - [(backup/generate-config resolved-config) + (forgejo/generate-data-volume config) + (forgejo/generate-appini-env config)] + (forgejo/generate-ratelimit-ingress-and-cert config) ; this function has a vector as output + (when (contains? config :restic-repository) + [(backup/generate-config config) (backup/generate-cron) - (backup/generate-backup-restore-deployment resolved-config)]) - (when (:contains? resolved-config :mon-cfg) + (backup/generate-backup-restore-deployment config)]) + (when (contains? config :mon-cfg) (mon/generate-config))))))) -(defn auth-objects [config auth] ; ToDo: ADR for generate functions - vector or no vector? - (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path) - resolved-config (merge {:namespace "forgejo"} postgres-config config)] - (map yaml/to-string - (filter #(not (nil? %)) - (cm/concat-vec - (ns/generate resolved-config) - [(postgres/generate-secret {:namespace "forgejo"} auth) - (forgejo/generate-secrets auth)] - (when (contains? resolved-config :restic-repository) - [(backup/generate-secret auth)]) - (when (:contains? resolved-config :mon-cfg) - (mon/generate-auth (:mon-cfg resolved-config) (:mon-auth auth)))))))) +; REVIEW gec: In general, how do we handle config and auth for auth-objects? +(defn auth-objects [config] ; ToDo: ADR for generate functions - vector or no vector? + (map yaml/to-string + (filter #(not (nil? %)) + (cm/concat-vec + (ns/generate config) + [(postgres/generate-secret config config) ; "config config" seems not right + (forgejo/generate-secrets config)] + (when (contains? config :restic-repository) + [(backup/generate-secret config)]) + (when (contains? config :mon-cfg) + (mon/generate-auth (:mon-cfg config) (:mon-auth config))))))) ; Here also "config config" seems not right From 2c3a03108187223419fed5b796d34a5caa7a9304 Mon Sep 17 00:00:00 2001 From: Clemens Date: Thu, 18 Jul 2024 08:55:00 +0200 Subject: [PATCH 04/22] adjust auth-objects signature --- src/main/cljc/dda/c4k_forgejo/core.cljc | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc index 3a895ac..e893af2 100644 --- a/src/main/cljc/dda/c4k_forgejo/core.cljc +++ b/src/main/cljc/dda/c4k_forgejo/core.cljc @@ -65,15 +65,14 @@ (when (contains? config :mon-cfg) (mon/generate-config))))))) -; REVIEW gec: In general, how do we handle config and auth for auth-objects? -(defn auth-objects [config] ; ToDo: ADR for generate functions - vector or no vector? +(defn auth-objects [config auth] (map yaml/to-string (filter #(not (nil? %)) (cm/concat-vec (ns/generate config) - [(postgres/generate-secret config config) ; "config config" seems not right + [(postgres/generate-secret config auth) (forgejo/generate-secrets config)] (when (contains? config :restic-repository) [(backup/generate-secret config)]) (when (contains? config :mon-cfg) - (mon/generate-auth (:mon-cfg config) (:mon-auth config))))))) ; Here also "config config" seems not right + (mon/generate-auth (:mon-cfg config) (:mon-auth auth))))))) From 0d13edc8d3a1e42ff4409a2e7079ca37d7ac0fba Mon Sep 17 00:00:00 2001 From: Clemens Date: Thu, 18 Jul 2024 09:31:42 +0200 Subject: [PATCH 05/22] fix auth calls --- src/main/cljc/dda/c4k_forgejo/core.cljc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc index e893af2..999a0a5 100644 --- a/src/main/cljc/dda/c4k_forgejo/core.cljc +++ b/src/main/cljc/dda/c4k_forgejo/core.cljc @@ -71,8 +71,8 @@ (cm/concat-vec (ns/generate config) [(postgres/generate-secret config auth) - (forgejo/generate-secrets config)] + (forgejo/generate-secrets auth)] (when (contains? config :restic-repository) - [(backup/generate-secret config)]) + [(backup/generate-secret auth)]) (when (contains? config :mon-cfg) (mon/generate-auth (:mon-cfg config) (:mon-auth auth))))))) From 3b10016fae99aa8c07db00c2ac795e17d246b674 Mon Sep 17 00:00:00 2001 From: Clemens Date: Thu, 18 Jul 2024 09:58:35 +0200 Subject: [PATCH 06/22] added todo --- shadow-cljs.edn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shadow-cljs.edn b/shadow-cljs.edn index 6b45f88..cce08cf 100644 --- a/shadow-cljs.edn +++ b/shadow-cljs.edn @@ -4,7 +4,7 @@ "src/test/cljc" "src/test/cljs" "src/test/resources"] - :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.4.1"] + :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.4.1"] ; TODO: Release version with refactorings and update here [hickory "0.7.1"]] :builds {:frontend {:target :browser :modules {:main {:init-fn dda.c4k-forgejo.browser/init}} From c5fcec4985ce50a3c1c5ec80735267c6f6524a83 Mon Sep 17 00:00:00 2001 From: Clemens Date: Fri, 19 Jul 2024 10:59:32 +0200 Subject: [PATCH 07/22] adjust postgres function call --- src/main/cljc/dda/c4k_forgejo/core.cljc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc index 999a0a5..5614ed4 100644 --- a/src/main/cljc/dda/c4k_forgejo/core.cljc +++ b/src/main/cljc/dda/c4k_forgejo/core.cljc @@ -46,7 +46,7 @@ (filter #(not (nil? %)) (cm/concat-vec (ns/generate config) - [(postgres/generate-config-configmap config) + [(postgres/generate-configmap config) (when (contains? config :postgres-data-volume-path) (postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path :pv-storage-size-gb]))) (postgres/generate-pvc (merge config {:pvc-storage-class-name storage-class})) From 97dace2030381e4a9ade773ce497fb9cc57f6d99 Mon Sep 17 00:00:00 2001 From: Clemens Date: Fri, 19 Jul 2024 11:27:03 +0200 Subject: [PATCH 08/22] updated deps --- project.clj | 2 +- shadow-cljs.edn | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/project.clj b/project.clj index a2fe8aa..4e65cf5 100644 --- a/project.clj +++ b/project.clj @@ -5,7 +5,7 @@ :url "https://www.apache.org/licenses/LICENSE-2.0.html"} :dependencies [[org.clojure/clojure "1.11.3" :scope "provided"] [org.clojure/tools.reader "1.4.2"] - [org.domaindrivenarchitecture/c4k-common-clj "6.4.2-SNAPSHOT"] ; TODO: Release version with refactorings and update here + [org.domaindrivenarchitecture/c4k-common-clj "7.0.0"] [hickory "0.7.1" :exclusions [viebel/codox-klipse-theme]]] :target-path "target/%s/" :source-paths ["src/main/cljc" diff --git a/shadow-cljs.edn b/shadow-cljs.edn index cce08cf..aafbb0b 100644 --- a/shadow-cljs.edn +++ b/shadow-cljs.edn @@ -4,7 +4,7 @@ "src/test/cljc" "src/test/cljs" "src/test/resources"] - :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "6.4.1"] ; TODO: Release version with refactorings and update here + :dependencies [[org.domaindrivenarchitecture/c4k-common-cljs "7.0.0"] [hickory "0.7.1"]] :builds {:frontend {:target :browser :modules {:main {:init-fn dda.c4k-forgejo.browser/init}} From 670a45966d4e8c964fbe246eaa762ae45fed7c66 Mon Sep 17 00:00:00 2001 From: patdyn Date: Wed, 10 Jul 2024 14:00:31 +0200 Subject: [PATCH 09/22] [Skip-CI] Add Analytics doc --- doc/Runbook_UpgradeFrom1.19To7.0.5.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/doc/Runbook_UpgradeFrom1.19To7.0.5.md b/doc/Runbook_UpgradeFrom1.19To7.0.5.md index 19ca6c2..4816595 100644 --- a/doc/Runbook_UpgradeFrom1.19To7.0.5.md +++ b/doc/Runbook_UpgradeFrom1.19To7.0.5.md @@ -85,3 +85,23 @@ In the logs the following error can be found. This will be resolved automaticall ``` 2024/07/08 08:31:30 ...g/config_provider.go:321:deprecatedSetting() [E] Deprecated fallback `[log]` `ROUTER` present. Use `[log]` `logger.router.MODE` instead. This fallback will be/has been removed in 1.21 ``` + +# Add Shynet Analytics + +1. Log into shynet & create new Service + 1. Copy the generated html snippet and save it somewhere you remember +1. SSH into prod server +1. Make the necessary folders and files in forgejo data dir: + 1. `kubectl exec -n forgejo -it forgejo-... -- bash` + 1. `mkdir -p /data/gitea/templates/custom` + 1. `touch /data/gitea/templates/custom/footer.tmpl` +1. Open the `footer.tmpl` and paste the saved snippet +1. Restart the pod + 1. `k scale -n forgejo deployment forgejo --replicas=0` + 1. `k scale -n forgejo deployment forgejo --replicas=1` +1. Add Information about analytics: Clone Datenschutz Repo + 1. `git clone ssh://git@repo.prod.meissa.de:2222/meissa/Datenschutz.git` +1. Merge forgejo-upgrade into main + 1. `git merge forgejo-upgrade` +1. Push to origin + 1. `git push` From a66f398d71d0a962c403c74f32119343f396cdc5 Mon Sep 17 00:00:00 2001 From: Clemens Date: Tue, 9 Jul 2024 11:10:40 +0200 Subject: [PATCH 10/22] updated to forgejo version 7.0 --- src/main/cljc/dda/c4k_forgejo/forgejo.cljc | 2 +- src/main/resources/forgejo/appini-env-configmap.yaml | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc index 7d1c86a..06e14f6 100644 --- a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc +++ b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc @@ -71,7 +71,7 @@ (def federated-image-name "domaindrivenarchitecture/c4k-forgejo-federated") (def federated-image-version "latest") (def non-federated-image-name "codeberg.org/forgejo/forgejo") -(def non-federated-image-version "1.19") +(def non-federated-image-version "7.0") (defn-spec generate-image-str string? [config config?] diff --git a/src/main/resources/forgejo/appini-env-configmap.yaml b/src/main/resources/forgejo/appini-env-configmap.yaml index 348a62a..247d2c2 100644 --- a/src/main/resources/forgejo/appini-env-configmap.yaml +++ b/src/main/resources/forgejo/appini-env-configmap.yaml @@ -16,7 +16,6 @@ data: FORGEJO__database__NAME: forgejo FORGEJO__database__LOG_SQL: "false" FORGEJO__database__SSL_MODE: disable - FORGEJO__database__CHARSET: utf8 #[DEFAULT] APP_NAME: APPNAME @@ -37,12 +36,12 @@ data: #[mailer] FORGEJO__mailer__ENABLED: "true" FORGEJO__mailer__FROM: FROM - FORGEJO__mailer__MAILER_TYPE: smtp+startls + FORGEJO__mailer__PROTOCOL: smtp+starttls FORGEJO__mailer__SMTP_ADDR: MAILERHOST FORGEJO__mailer__SMTP_PORT: MAILERPORT #[oauth2] - FORGEJO__oauth2__ENABLE: "true" + FORGEJO__oauth2__ENABLED: "true" #[openid] FORGEJO__openid__ENABLE_OPENID: "true" @@ -76,7 +75,7 @@ data: FORGEJO__service__REQUIRE_SIGNIN_VIEW: "false" FORGEJO__service__REGISTER_EMAIL_CONFIRM: "true" FORGEJO__service__ENABLE_NOTIFY_MAIL: "true" - FORGEJO__service__EMAIL_DOMAIN_WHITELIST: WHITELISTDOMAINS + FORGEJO__service__EMAIL_DOMAIN_ALLOWLIST: WHITELISTDOMAINS FORGEJO__service__ALLOW_ONLY_EXTERNAL_REGISTRATION: "false" FORGEJO__service__ENABLE_BASIC_AUTHENTICATION: "true" FORGEJO__service__ENABLE_CAPTCHA: "false" From 3f0ce02da3c69e619714b4b822503582bb291be7 Mon Sep 17 00:00:00 2001 From: Clemens Date: Tue, 9 Jul 2024 11:26:39 +0200 Subject: [PATCH 11/22] Added option for dedicated federation-enables and fixed tests --- src/main/cljc/dda/c4k_forgejo/core.cljc | 4 ++- src/main/cljc/dda/c4k_forgejo/forgejo.cljc | 30 +++++++++---------- .../cljc/dda/c4k_forgejo/forgejo_test.cljc | 12 ++++---- 3 files changed, 24 insertions(+), 22 deletions(-) diff --git a/src/main/cljc/dda/c4k_forgejo/core.cljc b/src/main/cljc/dda/c4k_forgejo/core.cljc index 5614ed4..303cbc3 100644 --- a/src/main/cljc/dda/c4k_forgejo/core.cljc +++ b/src/main/cljc/dda/c4k_forgejo/core.cljc @@ -12,6 +12,7 @@ (def config-defaults {:namespace "forgejo" :issuer "staging" :deploy-federated "false" + :federation-enabled "false" :db-name "forgejo" :pv-storage-size-gb 5 :pvc-storage-class-name "" @@ -26,7 +27,8 @@ ::forgejo/service-noreply-address] :opt-un [::forgejo/issuer ::forgejo/deploy-federated - ::forgejo/default-app-name + ::forgejo/federation-enabled + ::forgejo/default-app-name ::forgejo/service-domain-whitelist ::forgejo/forgejo-image-version-overwrite ::backup/restic-repository diff --git a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc index 06e14f6..abda99c 100644 --- a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc +++ b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc @@ -33,6 +33,7 @@ (s/def ::default-app-name string?) (s/def ::fqdn pred/fqdn-string?) (s/def ::deploy-federated boolean-string?) +(s/def ::federation-enabled boolean-string?) (s/def ::mailer-from pred/bash-env-string?) (s/def ::mailer-host pred/bash-env-string?) (s/def ::mailer-port pred/bash-env-string?) @@ -53,6 +54,7 @@ ::service-noreply-address] :opt-un [::issuer ::deploy-federated + ::federation-enabled ::default-app-name ::service-domain-whitelist ::forgejo-image-version-overwrite])) @@ -88,7 +90,7 @@ (defn generate-appini-env [config] (let [{:keys [default-app-name - deploy-federated + federation-enabled fqdn mailer-from mailer-host @@ -97,19 +99,19 @@ service-noreply-address] :or {default-app-name "forgejo instance" service-domain-whitelist fqdn}} config - deploy-federated-bool (boolean-from-string deploy-federated)] + federation-enabled-bool (boolean-from-string federation-enabled)] (-> (yaml/load-as-edn "forgejo/appini-env-configmap.yaml") - (cm/replace-all-matching "APPNAME" default-app-name) - (cm/replace-all-matching "FQDN" fqdn) - (cm/replace-all-matching "URL" (str "https://" fqdn)) - (cm/replace-all-matching "FROM" mailer-from) - (cm/replace-all-matching "MAILERHOST" mailer-host) - (cm/replace-all-matching "MAILERPORT" mailer-port) - (cm/replace-all-matching "WHITELISTDOMAINS" service-domain-whitelist) - (cm/replace-all-matching "NOREPLY" service-noreply-address) - (cm/replace-all-matching "IS_FEDERATED" - (if deploy-federated-bool + (cm/replace-all-matching-values-by-new-value "APPNAME" default-app-name) + (cm/replace-all-matching-values-by-new-value "FQDN" fqdn) + (cm/replace-all-matching-values-by-new-value "URL" (str "https://" fqdn)) + (cm/replace-all-matching-values-by-new-value "FROM" mailer-from) + (cm/replace-all-matching-values-by-new-value "MAILERHOST" mailer-host) + (cm/replace-all-matching-values-by-new-value "MAILERPORT" mailer-port) + (cm/replace-all-matching-values-by-new-value "WHITELISTDOMAINS" service-domain-whitelist) + (cm/replace-all-matching-values-by-new-value "NOREPLY" service-noreply-address) + (cm/replace-all-matching-values-by-new-value "IS_FEDERATED" + (if federation-enabled-bool "true" "false"))))) @@ -148,11 +150,9 @@ (defn-spec generate-deployment pred/map-or-seq? [config config?] - (let [{:keys [deploy-federated]} config - deploy-federated-bool (boolean-from-string deploy-federated)] (-> (yaml/load-as-edn "forgejo/deployment.yaml") - (cm/replace-all-matching "IMAGE_NAME" (generate-image-str config))))) + (cm/replace-all-matching "IMAGE_NAME" (generate-image-str config)))) (defn generate-service [] diff --git a/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc index 51f3021..d7b801b 100644 --- a/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc +++ b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc @@ -14,7 +14,7 @@ (deftest should-generate-image-str (testing "non-federated-image" - (is (= "codeberg.org/forgejo/forgejo:1.19" + (is (= "codeberg.org/forgejo/forgejo:7.0" (cut/generate-image-str {:fqdn "test.de" :mailer-from "" :mailer-host "m.t.de" @@ -63,12 +63,12 @@ :FORGEJO__server__ROOT_URL-c2 "https://test.com", :FORGEJO__server__SSH_DOMAIN-c1 "test.de", :FORGEJO__server__SSH_DOMAIN-c2 "test.com", - :FORGEJO__service__EMAIL_DOMAIN_WHITELIST-c1 "adb.de", - :FORGEJO__service__EMAIL_DOMAIN_WHITELIST-c2 "test.com,test.net", + :FORGEJO__service__EMAIL_DOMAIN_ALLOWLIST-c1 "adb.de", + :FORGEJO__service__EMAIL_DOMAIN_ALLOWLIST-c2 "test.com,test.net", :FORGEJO__service__NO_REPLY_ADDRESS-c1 "", :FORGEJO__service__NO_REPLY_ADDRESS-c2 "noreply@test.com"} (th/map-diff (cut/generate-appini-env {:default-app-name "" - :deploy-federated "false" + :federation-enabled "false" :fqdn "test.de" :mailer-from "" :mailer-host "m.t.de" @@ -76,7 +76,7 @@ :service-domain-whitelist "adb.de" :service-noreply-address ""}) (cut/generate-appini-env {:default-app-name "test forgejo" - :deploy-federated "true" + :federation-enabled "true" :fqdn "test.com" :mailer-from "test@test.com" :mailer-host "mail.test.com" @@ -97,7 +97,7 @@ :spec {:containers [{:name "forgejo", - :image "codeberg.org/forgejo/forgejo:1.19", + :image "codeberg.org/forgejo/forgejo:7.0", :imagePullPolicy "IfNotPresent", :envFrom [{:configMapRef {:name "forgejo-env"}} {:secretRef {:name "forgejo-secrets"}}], :volumeMounts [{:name "forgejo-data-volume", :mountPath "/data"}], From 6a291d962ae67acf3ec9ab4c8f6fc1512ebb81c7 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 10 Jul 2024 11:39:46 +0200 Subject: [PATCH 12/22] added namespace to runbook commands --- doc/Runbook_UpgradeFrom1.19To7.0.5.md | 58 +++++++++++++-------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/doc/Runbook_UpgradeFrom1.19To7.0.5.md b/doc/Runbook_UpgradeFrom1.19To7.0.5.md index 4816595..45cbf69 100644 --- a/doc/Runbook_UpgradeFrom1.19To7.0.5.md +++ b/doc/Runbook_UpgradeFrom1.19To7.0.5.md @@ -9,70 +9,70 @@ ## Preparations -1. Stop Forgejo Prod: `k scale deployment forgejo --replicas=0` -1. Disable Backup Cron: `k patch cronjobs forgejo-backup -p '{"spec" : {"suspend" : true }}'` -1. Scale up Backup-Restore Deployment: `kubectl scale deployment backup-restore --replicas=1` -1. Execute Manual Backup: `kubectl exec -it backup-restore-... -- /usr/local/bin/backup.sh` +1. Stop Forgejo Prod: `k scale -n forgejo deployment forgejo --replicas=0` +1. Disable Backup Cron: `k patch -n forgejo cronjobs forgejo-backup -p '{"spec" : {"suspend" : true }}'` +1. Scale up Backup-Restore Deployment: `kubectl scale -n forgejo deployment backup-restore --replicas=1` +1. Execute Manual Backup: `kubectl exec -n forgejo -it backup-restore-... -- /usr/local/bin/backup.sh` ### Create 2nd Repo Prod Server 1. Terraform Preparations for 2nd Server: TODO 1. Install c4k-forgejo Version TODO with config `"forgejo-image-version-overwrite": "1.19.3-0"` -1. Stop Forgejo Deployment: `k scale deployment forgejo --replicas=0` -1. Disable Backup Cron: `k patch cronjobs forgejo-backup -p '{"spec" : {"suspend" : true }}'` -1. Scale up Backup-Restore Deployment: `kubectl scale deployment backup-restore --replicas=1` +1. Stop Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Disable Backup Cron: `k patch -n forgejo cronjobs forgejo-backup -p '{"spec" : {"suspend" : true }}'` +1. Scale up Backup-Restore Deployment: `kubectl scale -n forgejo deployment backup-restore --replicas=1` 1. Restore Forgejo Backup: See [BackupAndRestore.md](BackupAndRestore.md) 1. Check for `..._INSTALL_LOCK: true` in ConfigMap `forgejo-env` -1. Scale up Forgejo Deployment and check for (startup) problems: `k scale deployment forgejo --replicas=1` +1. Scale up Forgejo Deployment and check for (startup) problems: `k scale -n forgejo deployment forgejo --replicas=1` ## Upgrade to 1.20.1-0 -1. Scale down Forgejo Deployment: `k scale deployment forgejo --replicas=0` -1. Adjust configmap: `k edit cm forgejo-env` +1. Scale down Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Adjust configmap: `k edit -n forgejo cm forgejo-env` 1. Remove `FORGEJO__database__CHARSET: utf8` (This was a misconfiguration, since this option only had effect for mysql dbs) 1. Change `FORGEJO__mailer__MAILER_TYPE: smtp+startls` TO `FORGEJO__mailer__PROTOCOL: smtp+starttls` (Missed deprecation from 1.19) 1. Change `FORGEJO__service__EMAIL_DOMAIN_WHITELIST: repo.test.meissa.de` TO `FORGEJO__service__EMAIL_DOMAIN_ALLOWLIST: repo.test.meissa.de` (Fallback deprecation in 1.21) -1. Delete app.ini: `k exec -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` -1. Set version to `1.20.1-0` with `k edit deployment forgejo` -1. Scale up Forgejo Deployment: `k scale deployment forgejo --replicas=1` +1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` +1. Set version to `1.20.1-0` with `k edit -n forgejo deployment forgejo` +1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` 1. Check for errors ## Upgrade to 1.21.1-0 -1. Scale down Forgejo Deployment: `k scale deployment forgejo --replicas=0` -1. Delete app.ini: `k exec -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` -1. Set version to `1.21.1-0` with `k edit deployment forgejo` -1. Scale up Forgejo Deployment: `k scale deployment forgejo --replicas=1` +1. Scale down Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` +1. Set version to `1.21.1-0` with `k edit -n forgejo deployment forgejo` +1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` 1. Check for errors 1. After upgrading, login as an admin, go to the `/admin` page and click run `Sync missed branches from git data to databases` (`Fehlende Branches aus den Git-Daten in die Datenbank synchronisieren`). If this is not done there will be messages such as `LoadBranches: branch does not exist in the logs`. ## Upgrade to 7.0.0 -1. Scale down Forgejo Deployment: `k scale deployment forgejo --replicas=0` -1. Adjust configmap: `k edit cm forgejo-env` +1. Scale down Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Adjust configmap: `k edit -n forgejo cm forgejo-env` 1. Change `FORGEJO__oauth2__ENABLE: "true"` TO `FORGEJO__oauth2__ENABLED: "true"` -1. Delete app.ini: `k exec -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` -1. Set version to `7.0.0` with `k edit deployment forgejo` -1. Scale up Forgejo Deployment: `k scale deployment forgejo --replicas=1` +1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` +1. Set version to `7.0.0` with `k edit -n forgejo deployment forgejo` +1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` 1. Check for errors ## Upgrade to 7.0.5 (no breaking changes) TODO: Upgrade to 8.0.0 instead after Release! -1. Scale down Forgejo Deployment: `k scale deployment forgejo --replicas=0` -1. Delete app.ini: `k exec -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` -1. Set version to `7.0.5` with `k edit deployment forgejo` -1. Scale up Forgejo Deployment: `k scale deployment forgejo --replicas=1` +1. Scale down Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` +1. Set version to `7.0.5` with `k edit -n forgejo deployment forgejo` +1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` 1. Check for errors ## Post Work 1. Switch DNS to new server -1. Reenable Backup Cron on new server: `k patch cronjobs forgejo-backup -p '{"spec" : {"suspend" : false }}'` -1. Execute manual Backup on new server: `kubectl exec -it backup-restore-... -- /usr/local/bin/backup.sh` -1. Scale down Backup-Restore Deployment: `kubectl scale deployment backup-restore --replicas=1` +1. Reenable Backup Cron on new server: `k patch -n forgejo cronjobs forgejo-backup -p '{"spec" : {"suspend" : false }}'` +1. Execute manual Backup on new server: `kubectl exec -n forgejo -it backup-restore-... -- /usr/local/bin/backup.sh` +1. Scale down Backup-Restore Deployment: `kubectl scale -n forgejo deployment backup-restore --replicas=1` 1. The scope of all access tokens might (invisibly) have changed (in v1.20). Thus, rotate all tokens! 1. Users should check their ssh keys: if they use rsa keys the minimum length should be 3072 bits! However, shorter keys should still work. From 5c521e287727e3826e1c6b8085dc0c42fdf63dea Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 31 Jul 2024 10:02:36 +0200 Subject: [PATCH 13/22] Added v8.0.0 upgrade to runbook --- doc/Runbook_UpgradeFrom1.19To7.0.5.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/doc/Runbook_UpgradeFrom1.19To7.0.5.md b/doc/Runbook_UpgradeFrom1.19To7.0.5.md index 4816595..c2b23d9 100644 --- a/doc/Runbook_UpgradeFrom1.19To7.0.5.md +++ b/doc/Runbook_UpgradeFrom1.19To7.0.5.md @@ -6,6 +6,7 @@ * 1.20.1-0: Breaking https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#1-20-1-0 * 1.21.1-0: https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#1-21-1-0 * 7.0.0: https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#7-0-0 +* 8.0.0: https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#8-0-0 ## Preparations @@ -57,9 +58,7 @@ 1. Scale up Forgejo Deployment: `k scale deployment forgejo --replicas=1` 1. Check for errors -## Upgrade to 7.0.5 (no breaking changes) - -TODO: Upgrade to 8.0.0 instead after Release! +## Upgrade to 8.0.0 (no relevant breaking changes) 1. Scale down Forgejo Deployment: `k scale deployment forgejo --replicas=0` 1. Delete app.ini: `k exec -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` From 26dba0b756ff350cd9186716e7254cc0291f3ce9 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 10 Jul 2024 11:39:46 +0200 Subject: [PATCH 14/22] added namespace to runbook commands --- doc/Runbook_UpgradeFrom1.19To7.0.5.md | 58 +++++++++++++-------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/doc/Runbook_UpgradeFrom1.19To7.0.5.md b/doc/Runbook_UpgradeFrom1.19To7.0.5.md index c2b23d9..85d4405 100644 --- a/doc/Runbook_UpgradeFrom1.19To7.0.5.md +++ b/doc/Runbook_UpgradeFrom1.19To7.0.5.md @@ -10,68 +10,68 @@ ## Preparations -1. Stop Forgejo Prod: `k scale deployment forgejo --replicas=0` -1. Disable Backup Cron: `k patch cronjobs forgejo-backup -p '{"spec" : {"suspend" : true }}'` -1. Scale up Backup-Restore Deployment: `kubectl scale deployment backup-restore --replicas=1` -1. Execute Manual Backup: `kubectl exec -it backup-restore-... -- /usr/local/bin/backup.sh` +1. Stop Forgejo Prod: `k scale -n forgejo deployment forgejo --replicas=0` +1. Disable Backup Cron: `k patch -n forgejo cronjobs forgejo-backup -p '{"spec" : {"suspend" : true }}'` +1. Scale up Backup-Restore Deployment: `kubectl scale -n forgejo deployment backup-restore --replicas=1` +1. Execute Manual Backup: `kubectl exec -n forgejo -it backup-restore-... -- /usr/local/bin/backup.sh` ### Create 2nd Repo Prod Server 1. Terraform Preparations for 2nd Server: TODO 1. Install c4k-forgejo Version TODO with config `"forgejo-image-version-overwrite": "1.19.3-0"` -1. Stop Forgejo Deployment: `k scale deployment forgejo --replicas=0` -1. Disable Backup Cron: `k patch cronjobs forgejo-backup -p '{"spec" : {"suspend" : true }}'` -1. Scale up Backup-Restore Deployment: `kubectl scale deployment backup-restore --replicas=1` +1. Stop Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Disable Backup Cron: `k patch -n forgejo cronjobs forgejo-backup -p '{"spec" : {"suspend" : true }}'` +1. Scale up Backup-Restore Deployment: `kubectl scale -n forgejo deployment backup-restore --replicas=1` 1. Restore Forgejo Backup: See [BackupAndRestore.md](BackupAndRestore.md) 1. Check for `..._INSTALL_LOCK: true` in ConfigMap `forgejo-env` -1. Scale up Forgejo Deployment and check for (startup) problems: `k scale deployment forgejo --replicas=1` +1. Scale up Forgejo Deployment and check for (startup) problems: `k scale -n forgejo deployment forgejo --replicas=1` ## Upgrade to 1.20.1-0 -1. Scale down Forgejo Deployment: `k scale deployment forgejo --replicas=0` -1. Adjust configmap: `k edit cm forgejo-env` +1. Scale down Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Adjust configmap: `k edit -n forgejo cm forgejo-env` 1. Remove `FORGEJO__database__CHARSET: utf8` (This was a misconfiguration, since this option only had effect for mysql dbs) 1. Change `FORGEJO__mailer__MAILER_TYPE: smtp+startls` TO `FORGEJO__mailer__PROTOCOL: smtp+starttls` (Missed deprecation from 1.19) 1. Change `FORGEJO__service__EMAIL_DOMAIN_WHITELIST: repo.test.meissa.de` TO `FORGEJO__service__EMAIL_DOMAIN_ALLOWLIST: repo.test.meissa.de` (Fallback deprecation in 1.21) -1. Delete app.ini: `k exec -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` -1. Set version to `1.20.1-0` with `k edit deployment forgejo` -1. Scale up Forgejo Deployment: `k scale deployment forgejo --replicas=1` +1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` +1. Set version to `1.20.1-0` with `k edit -n forgejo deployment forgejo` +1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` 1. Check for errors ## Upgrade to 1.21.1-0 -1. Scale down Forgejo Deployment: `k scale deployment forgejo --replicas=0` -1. Delete app.ini: `k exec -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` -1. Set version to `1.21.1-0` with `k edit deployment forgejo` -1. Scale up Forgejo Deployment: `k scale deployment forgejo --replicas=1` +1. Scale down Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` +1. Set version to `1.21.1-0` with `k edit -n forgejo deployment forgejo` +1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` 1. Check for errors 1. After upgrading, login as an admin, go to the `/admin` page and click run `Sync missed branches from git data to databases` (`Fehlende Branches aus den Git-Daten in die Datenbank synchronisieren`). If this is not done there will be messages such as `LoadBranches: branch does not exist in the logs`. ## Upgrade to 7.0.0 -1. Scale down Forgejo Deployment: `k scale deployment forgejo --replicas=0` -1. Adjust configmap: `k edit cm forgejo-env` +1. Scale down Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Adjust configmap: `k edit -n forgejo cm forgejo-env` 1. Change `FORGEJO__oauth2__ENABLE: "true"` TO `FORGEJO__oauth2__ENABLED: "true"` -1. Delete app.ini: `k exec -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` -1. Set version to `7.0.0` with `k edit deployment forgejo` -1. Scale up Forgejo Deployment: `k scale deployment forgejo --replicas=1` +1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` +1. Set version to `7.0.0` with `k edit -n forgejo deployment forgejo` +1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` 1. Check for errors ## Upgrade to 8.0.0 (no relevant breaking changes) -1. Scale down Forgejo Deployment: `k scale deployment forgejo --replicas=0` -1. Delete app.ini: `k exec -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` -1. Set version to `7.0.5` with `k edit deployment forgejo` -1. Scale up Forgejo Deployment: `k scale deployment forgejo --replicas=1` +1. Scale down Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` +1. Set version to `7.0.5` with `k edit -n forgejo deployment forgejo` +1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` 1. Check for errors ## Post Work 1. Switch DNS to new server -1. Reenable Backup Cron on new server: `k patch cronjobs forgejo-backup -p '{"spec" : {"suspend" : false }}'` -1. Execute manual Backup on new server: `kubectl exec -it backup-restore-... -- /usr/local/bin/backup.sh` -1. Scale down Backup-Restore Deployment: `kubectl scale deployment backup-restore --replicas=1` +1. Reenable Backup Cron on new server: `k patch -n forgejo cronjobs forgejo-backup -p '{"spec" : {"suspend" : false }}'` +1. Execute manual Backup on new server: `kubectl exec -n forgejo -it backup-restore-... -- /usr/local/bin/backup.sh` +1. Scale down Backup-Restore Deployment: `kubectl scale -n forgejo deployment backup-restore --replicas=1` 1. The scope of all access tokens might (invisibly) have changed (in v1.20). Thus, rotate all tokens! 1. Users should check their ssh keys: if they use rsa keys the minimum length should be 3072 bits! However, shorter keys should still work. From e1e032697dfae398dbb2540a5dfee05339922aa8 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 31 Jul 2024 10:16:47 +0200 Subject: [PATCH 15/22] Added cmd for pod logs to Runbook --- doc/Runbook_UpgradeFrom1.19To7.0.5.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/Runbook_UpgradeFrom1.19To7.0.5.md b/doc/Runbook_UpgradeFrom1.19To7.0.5.md index 85d4405..89fcc28 100644 --- a/doc/Runbook_UpgradeFrom1.19To7.0.5.md +++ b/doc/Runbook_UpgradeFrom1.19To7.0.5.md @@ -37,7 +37,7 @@ 1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` 1. Set version to `1.20.1-0` with `k edit -n forgejo deployment forgejo` 1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` -1. Check for errors +1. Check for errors: `k logs -n forgejo forgejo-...` ## Upgrade to 1.21.1-0 @@ -45,7 +45,7 @@ 1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` 1. Set version to `1.21.1-0` with `k edit -n forgejo deployment forgejo` 1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` -1. Check for errors +1. Check for errors: `k logs -n forgejo forgejo-...` 1. After upgrading, login as an admin, go to the `/admin` page and click run `Sync missed branches from git data to databases` (`Fehlende Branches aus den Git-Daten in die Datenbank synchronisieren`). If this is not done there will be messages such as `LoadBranches: branch does not exist in the logs`. ## Upgrade to 7.0.0 @@ -56,15 +56,15 @@ 1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` 1. Set version to `7.0.0` with `k edit -n forgejo deployment forgejo` 1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` -1. Check for errors +1. Check for errors: `k logs -n forgejo forgejo-...` ## Upgrade to 8.0.0 (no relevant breaking changes) 1. Scale down Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` 1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` -1. Set version to `7.0.5` with `k edit -n forgejo deployment forgejo` +1. Set version to `8.0.0` with `k edit -n forgejo deployment forgejo` 1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` -1. Check for errors +1. Check for errors: `k logs -n forgejo forgejo-...` ## Post Work From 6bab8fcc3919f97909947202d0314f82c1e5bce7 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 31 Jul 2024 11:22:13 +0200 Subject: [PATCH 16/22] release: 3.5.0 --- infrastructure/backup/build.py | 2 +- infrastructure/federated/build.py | 2 +- package.json | 2 +- project.clj | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/infrastructure/backup/build.py b/infrastructure/backup/build.py index 2a43c08..3a46ff8 100644 --- a/infrastructure/backup/build.py +++ b/infrastructure/backup/build.py @@ -6,7 +6,7 @@ from ddadevops import * name = "c4k-forgejo" MODULE = "backup" PROJECT_ROOT_PATH = "../.." -version = "3.4.5-dev" +version = "3.5.0" @init diff --git a/infrastructure/federated/build.py b/infrastructure/federated/build.py index 30cefe9..b9fbce4 100644 --- a/infrastructure/federated/build.py +++ b/infrastructure/federated/build.py @@ -6,7 +6,7 @@ from ddadevops import * name = 'c4k-forgejo' MODULE = 'federated' PROJECT_ROOT_PATH = '../..' -version = "3.4.5-dev" +version = "3.5.0" @init def initialize(project): diff --git a/package.json b/package.json index e4039aa..f028f3f 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "c4k-forgejo", "description": "Generate c4k yaml for a forgejo deployment.", "author": "meissa GmbH", - "version": "3.4.5-SNAPSHOT", + "version": "3.5.0", "homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-forgejo#readme", "repository": "https://www.npmjs.com/package/c4k-forgejo", "license": "APACHE2", diff --git a/project.clj b/project.clj index 4e65cf5..836a89a 100644 --- a/project.clj +++ b/project.clj @@ -1,4 +1,4 @@ -(defproject org.domaindrivenarchitecture/c4k-forgejo "3.4.5-SNAPSHOT" +(defproject org.domaindrivenarchitecture/c4k-forgejo "3.5.0" :description "forgejo c4k-installation package" :url "https://domaindrivenarchitecture.org" :license {:name "Apache License, Version 2.0" From b21317268c0da0f9fdc5cc6574b4a2f0ddf16a29 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 31 Jul 2024 11:22:13 +0200 Subject: [PATCH 17/22] bump version to: 3.5.1-SNAPSHOT --- infrastructure/backup/build.py | 2 +- infrastructure/federated/build.py | 2 +- package.json | 2 +- project.clj | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/infrastructure/backup/build.py b/infrastructure/backup/build.py index 3a46ff8..5a13e15 100644 --- a/infrastructure/backup/build.py +++ b/infrastructure/backup/build.py @@ -6,7 +6,7 @@ from ddadevops import * name = "c4k-forgejo" MODULE = "backup" PROJECT_ROOT_PATH = "../.." -version = "3.5.0" +version = "3.5.1-dev" @init diff --git a/infrastructure/federated/build.py b/infrastructure/federated/build.py index b9fbce4..81a9c55 100644 --- a/infrastructure/federated/build.py +++ b/infrastructure/federated/build.py @@ -6,7 +6,7 @@ from ddadevops import * name = 'c4k-forgejo' MODULE = 'federated' PROJECT_ROOT_PATH = '../..' -version = "3.5.0" +version = "3.5.1-dev" @init def initialize(project): diff --git a/package.json b/package.json index f028f3f..0f1eb50 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "c4k-forgejo", "description": "Generate c4k yaml for a forgejo deployment.", "author": "meissa GmbH", - "version": "3.5.0", + "version": "3.5.1-SNAPSHOT", "homepage": "https://gitlab.com/domaindrivenarchitecture/c4k-forgejo#readme", "repository": "https://www.npmjs.com/package/c4k-forgejo", "license": "APACHE2", diff --git a/project.clj b/project.clj index 836a89a..c977c83 100644 --- a/project.clj +++ b/project.clj @@ -1,4 +1,4 @@ -(defproject org.domaindrivenarchitecture/c4k-forgejo "3.5.0" +(defproject org.domaindrivenarchitecture/c4k-forgejo "3.5.1-SNAPSHOT" :description "forgejo c4k-installation package" :url "https://domaindrivenarchitecture.org" :license {:name "Apache License, Version 2.0" From ba2b5157d447e4a43f4d515981fb04829297b9d0 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 31 Jul 2024 11:29:00 +0200 Subject: [PATCH 18/22] [Skip-CI] added c4k-forgejo base version for upgrade to runbook --- doc/Runbook_UpgradeFrom1.19To7.0.5.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/Runbook_UpgradeFrom1.19To7.0.5.md b/doc/Runbook_UpgradeFrom1.19To7.0.5.md index 89fcc28..f6c0073 100644 --- a/doc/Runbook_UpgradeFrom1.19To7.0.5.md +++ b/doc/Runbook_UpgradeFrom1.19To7.0.5.md @@ -18,8 +18,8 @@ ### Create 2nd Repo Prod Server 1. Terraform Preparations for 2nd Server: TODO -1. Install c4k-forgejo Version TODO - with config `"forgejo-image-version-overwrite": "1.19.3-0"` +1. Install c4k-forgejo Version `3.5.0`! + with config `"forgejo-image-version-overwrite": "1.19.3-0"` (in server-setup) 1. Stop Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` 1. Disable Backup Cron: `k patch -n forgejo cronjobs forgejo-backup -p '{"spec" : {"suspend" : true }}'` 1. Scale up Backup-Restore Deployment: `kubectl scale -n forgejo deployment backup-restore --replicas=1` From c9f6d54ce1ca107d3d74804126a4e73c76dbdf07 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 31 Jul 2024 11:30:57 +0200 Subject: [PATCH 19/22] update forgejo image version to 8.0 --- src/main/cljc/dda/c4k_forgejo/forgejo.cljc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc index abda99c..0766a02 100644 --- a/src/main/cljc/dda/c4k_forgejo/forgejo.cljc +++ b/src/main/cljc/dda/c4k_forgejo/forgejo.cljc @@ -73,7 +73,7 @@ (def federated-image-name "domaindrivenarchitecture/c4k-forgejo-federated") (def federated-image-version "latest") (def non-federated-image-name "codeberg.org/forgejo/forgejo") -(def non-federated-image-version "7.0") +(def non-federated-image-version "8.0") (defn-spec generate-image-str string? [config config?] From b133f89ea4ca65b650b63e97d667d0fd086ec8e5 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 31 Jul 2024 11:37:23 +0200 Subject: [PATCH 20/22] fix tests --- src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc index d7b801b..25d64cd 100644 --- a/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc +++ b/src/test/cljc/dda/c4k_forgejo/forgejo_test.cljc @@ -14,7 +14,7 @@ (deftest should-generate-image-str (testing "non-federated-image" - (is (= "codeberg.org/forgejo/forgejo:7.0" + (is (= "codeberg.org/forgejo/forgejo:8.0" (cut/generate-image-str {:fqdn "test.de" :mailer-from "" :mailer-host "m.t.de" @@ -97,7 +97,7 @@ :spec {:containers [{:name "forgejo", - :image "codeberg.org/forgejo/forgejo:7.0", + :image "codeberg.org/forgejo/forgejo:8.0", :imagePullPolicy "IfNotPresent", :envFrom [{:configMapRef {:name "forgejo-env"}} {:secretRef {:name "forgejo-secrets"}}], :volumeMounts [{:name "forgejo-data-volume", :mountPath "/data"}], From be80628785138206b9aec832514981c9ed668313 Mon Sep 17 00:00:00 2001 From: Clemens Date: Wed, 31 Jul 2024 11:59:37 +0200 Subject: [PATCH 21/22] [Skip-CI] Added "enable federation" to runbook --- doc/Runbook_UpgradeFrom1.19To7.0.5.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/doc/Runbook_UpgradeFrom1.19To7.0.5.md b/doc/Runbook_UpgradeFrom1.19To7.0.5.md index f6c0073..4401d7b 100644 --- a/doc/Runbook_UpgradeFrom1.19To7.0.5.md +++ b/doc/Runbook_UpgradeFrom1.19To7.0.5.md @@ -66,6 +66,15 @@ 1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` 1. Check for errors: `k logs -n forgejo forgejo-...` +## Enable Federation + +1. Scale down Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=0` +1. Adjust configmap: `k edit -n forgejo cm forgejo-env` + 1. Change `FORGEJO__federation__ENABLED: "false"` TO `FORGEJO__federation__ENABLED: "true"` +1. Delete app.ini: `k exec -n forgejo -it backup-restore-... -- rm /var/backups/gitea/conf/app.ini` +1. Scale up Forgejo Deployment: `k scale -n forgejo deployment forgejo --replicas=1` +1. Check for errors: `k logs -n forgejo forgejo-...` + ## Post Work 1. Switch DNS to new server From 2d6f64b24895715515529fa536345b0fbae7ea00 Mon Sep 17 00:00:00 2001 From: Michael Jerger Date: Mon, 5 Aug 2024 08:58:14 +0200 Subject: [PATCH 22/22] update federation --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c31e0e0..1cede9f 100644 --- a/README.md +++ b/README.md @@ -41,8 +41,8 @@ Development happens at: https://repo.prod.meissa.de/meissa/c4k-forgejo Mirrors are: +* https://codeberg.org/meissa/c4k-forgejo (Issues and PR) * https://gitlab.com/domaindrivenarchitecture/c4k-forgejo (CI) -* https://codeberg.org/meissa/c4k-forgejo (issues and PR) * https://github.com/DomainDrivenArchitecture/c4k-forgejo For more details about our repository model see: https://repo.prod.meissa.de/meissa/federate-your-repos @@ -50,6 +50,6 @@ For more details about our repository model see: https://repo.prod.meissa.de/mei ## License -Copyright © 2023 meissa GmbH +Copyright © 2023, 2024 meissa GmbH Licensed under the [Apache License, Version 2.0](LICENSE) (the "License") Pls. find licenses of our subcomponents [here](doc/SUBCOMPONENT_LICENSE) \ No newline at end of file