Prepare v0.2.1 release
With PR #17 the Helm Chart parameters for webhook secrets were missing in the README parameters. This is now fixed. A checksum for bot configuration secret resource ensures replacement of the pod when there is a configuration change. Additional: - Bump Chart default image version - Add bug fix notes to changelog Signed-off-by: Steven Kriegler <sk.bunsenbrenner@gmail.com>
This commit is contained in:
parent
685c834b61
commit
385252cd72
|
@ -6,6 +6,7 @@
|
|||
|
||||
- Allow configuring listening port
|
||||
- Allow changing naming pattern for Pull Requests
|
||||
- Improve error handling for SonarQube communication
|
||||
|
||||
### 🐳 Docker image
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@ name: gitea-sonarqube-bot
|
|||
description: A Helm Chart for running a bot to communicate between both Gitea and SonarQube
|
||||
type: application
|
||||
version: 0.2.1
|
||||
appVersion: "v0.2.0"
|
||||
appVersion: "v0.2.1"
|
||||
home: https://codeberg.org/justusbunsi/gitea-sonarqube-bot/
|
||||
maintainers:
|
||||
- name: Steven Kriegler
|
||||
|
|
|
@ -53,22 +53,26 @@ You can find a full changelog in the [main repository](https://codeberg.org/just
|
|||
|
||||
### App parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ----------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ |
|
||||
| `app.configLocationOverride` | Override the default location of the configuration file (`/home/bot/config/config.yaml`). **Available since Chart version `0.2.0`. Requires at least image tag `v0.2.0`**. (See values file for details) | `""` |
|
||||
| `app.listeningPort` | Port the application will listening on inside the pod container. **Available since Chart version `0.2.1`. Requires at least image tag `v0.2.1`**. | `3000` |
|
||||
| `app.configuration.gitea.url` | Endpoint of your Gitea instance. Must be expandable by '/api/v1' to form the API base path as shown in Swagger UI. | `""` |
|
||||
| `app.configuration.gitea.token.value` | Gitea token as plain text. Can be replaced with `file` key containing path to file. | `""` |
|
||||
| `app.configuration.sonarqube.url` | Endpoint of your SonarQube instance. Must be expandable by '/api' to form the API base path. | `""` |
|
||||
| `app.configuration.sonarqube.token.value` | SonarQube token as plain text. Can be replaced with `file` key containing path to file. | `""` |
|
||||
| `app.configuration.sonarqube.additionalMetrics` | Setting this option you can extend that default list by your own metrics. | `[]` |
|
||||
| `app.configuration.projects[0].sonarqube.key` | Project key inside SonarQube | `""` |
|
||||
| `app.configuration.projects[0].gitea.owner` | Repository owner inside Gitea | `""` |
|
||||
| `app.configuration.projects[0].gitea.name` | Repository name inside Gitea | `""` |
|
||||
| `app.configuration.namingPattern.regex` | Regular expression that MUST HAVE exactly ONE GROUP that matches the integer part of the PR. That integer part is identical to the pull request ID in Gitea. | `^PR-(\d+)$` |
|
||||
| `app.configuration.namingPattern.template` | Valid Go format string. It MUST have one integer placeholder which will be replaced by the pull request ID. See: https://pkg.go.dev/fmt#hdr-Printing | `PR-%d` |
|
||||
| `volumes` | If token and webhook secrets shall be provided via file, volumes and volume mounts can be configured to setup the environment accordingly | `[]` |
|
||||
| `volumeMounts` | If token and webhook secrets shall be provided via file, volumes and volume mounts can be configured to setup the environment accordingly | `[]` |
|
||||
| Name | Description | Value |
|
||||
| ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ |
|
||||
| `app.configLocationOverride` | Override the default location of the configuration file (`/home/bot/config/config.yaml`). **Available since Chart version `0.2.0`. Requires at least image tag `v0.2.0`**. (See values file for details) | `""` |
|
||||
| `app.listeningPort` | Port the application will listening on inside the pod container. **Available since Chart version `0.2.1`. Requires at least image tag `v0.2.1`**. | `3000` |
|
||||
| `app.configuration.gitea.url` | Endpoint of your Gitea instance. Must be expandable by '/api/v1' to form the API base path as shown in Swagger UI. | `""` |
|
||||
| `app.configuration.gitea.token.value` | Gitea token as plain text. Can be replaced with `file` key containing path to file. | `""` |
|
||||
| `app.configuration.gitea.webhook.secret` | Secret for signature header (in plaintext) | `""` |
|
||||
| `app.configuration.gitea.webhook.secretFile` | Path to file containing the plain text secret. Alternative to inline `app.configuration.gitea.webhook.secret` | |
|
||||
| `app.configuration.sonarqube.url` | Endpoint of your SonarQube instance. Must be expandable by '/api' to form the API base path. | `""` |
|
||||
| `app.configuration.sonarqube.token.value` | SonarQube token as plain text. Can be replaced with `file` key containing path to file. | `""` |
|
||||
| `app.configuration.sonarqube.webhook.secret` | Secret for signature header (in plaintext) | `""` |
|
||||
| `app.configuration.sonarqube.webhook.secretFile` | Path to file containing the plain text secret. Alternative to inline `app.configuration.sonarqube.webhook.secret` | |
|
||||
| `app.configuration.sonarqube.additionalMetrics` | Setting this option you can extend that default list by your own metrics. | `[]` |
|
||||
| `app.configuration.projects[0].sonarqube.key` | Project key inside SonarQube | `""` |
|
||||
| `app.configuration.projects[0].gitea.owner` | Repository owner inside Gitea | `""` |
|
||||
| `app.configuration.projects[0].gitea.name` | Repository name inside Gitea | `""` |
|
||||
| `app.configuration.namingPattern.regex` | Regular expression that MUST HAVE exactly ONE GROUP that matches the integer part of the PR. That integer part is identical to the pull request ID in Gitea. | `^PR-(\d+)$` |
|
||||
| `app.configuration.namingPattern.template` | Valid Go format string. It MUST have one integer placeholder which will be replaced by the pull request ID. See: https://pkg.go.dev/fmt#hdr-Printing | `PR-%d` |
|
||||
| `volumes` | If token and webhook secrets shall be provided via file, volumes and volume mounts can be configured to setup the environment accordingly | `[]` |
|
||||
| `volumeMounts` | If token and webhook secrets shall be provided via file, volumes and volume mounts can be configured to setup the environment accordingly | `[]` |
|
||||
|
||||
|
||||
### Security parameters
|
||||
|
|
|
@ -11,8 +11,9 @@ spec:
|
|||
{{- include "helm.selectorLabels" . | nindent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
{{- with .Values.podAnnotations }}
|
||||
annotations:
|
||||
checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }}
|
||||
{{- with .Values.podAnnotations }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
labels:
|
||||
|
|
|
@ -79,7 +79,8 @@ app:
|
|||
# request will be ignored.
|
||||
# The bot looks for `X-Gitea-Signature` header containing the sha256 hmac hash of the plain text secret. If the header
|
||||
# exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be validated.
|
||||
# @skip app.configuration.gitea.webhook
|
||||
# @param app.configuration.gitea.webhook.secret Secret for signature header (in plaintext)
|
||||
# @extra app.configuration.gitea.webhook.secretFile Path to file containing the plain text secret. Alternative to inline `app.configuration.gitea.webhook.secret`
|
||||
webhook:
|
||||
secret: ""
|
||||
# # or path to file containing the plain text secret
|
||||
|
@ -103,7 +104,8 @@ app:
|
|||
# The bot looks for `X-Sonar-Webhook-HMAC-SHA256` header containing the sha256 hmac hash of the plain text secret.
|
||||
# If the header exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be
|
||||
# validated.
|
||||
# @skip app.configuration.sonarqube.webhook
|
||||
# @param app.configuration.sonarqube.webhook.secret Secret for signature header (in plaintext)
|
||||
# @extra app.configuration.sonarqube.webhook.secretFile Path to file containing the plain text secret. Alternative to inline `app.configuration.sonarqube.webhook.secret`
|
||||
webhook:
|
||||
secret: ""
|
||||
# # or path to file containing the plain text secret
|
||||
|
|
Loading…
Reference in a new issue