diff --git a/CHANGELOG.md b/CHANGELOG.md index d190088..543652d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ - Allow configuring listening port - Allow changing naming pattern for Pull Requests +- Improve error handling for SonarQube communication ### 🐳 Docker image diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 6061391..6c020fb 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -3,7 +3,7 @@ name: gitea-sonarqube-bot description: A Helm Chart for running a bot to communicate between both Gitea and SonarQube type: application version: 0.2.1 -appVersion: "v0.2.0" +appVersion: "v0.2.1" home: https://codeberg.org/justusbunsi/gitea-sonarqube-bot/ maintainers: - name: Steven Kriegler diff --git a/helm/README.md b/helm/README.md index 8e86536..a56efda 100644 --- a/helm/README.md +++ b/helm/README.md @@ -53,22 +53,26 @@ You can find a full changelog in the [main repository](https://codeberg.org/just ### App parameters -| Name | Description | Value | -| ----------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | -| `app.configLocationOverride` | Override the default location of the configuration file (`/home/bot/config/config.yaml`). **Available since Chart version `0.2.0`. Requires at least image tag `v0.2.0`**. (See values file for details) | `""` | -| `app.listeningPort` | Port the application will listening on inside the pod container. **Available since Chart version `0.2.1`. Requires at least image tag `v0.2.1`**. | `3000` | -| `app.configuration.gitea.url` | Endpoint of your Gitea instance. Must be expandable by '/api/v1' to form the API base path as shown in Swagger UI. | `""` | -| `app.configuration.gitea.token.value` | Gitea token as plain text. Can be replaced with `file` key containing path to file. | `""` | -| `app.configuration.sonarqube.url` | Endpoint of your SonarQube instance. Must be expandable by '/api' to form the API base path. | `""` | -| `app.configuration.sonarqube.token.value` | SonarQube token as plain text. Can be replaced with `file` key containing path to file. | `""` | -| `app.configuration.sonarqube.additionalMetrics` | Setting this option you can extend that default list by your own metrics. | `[]` | -| `app.configuration.projects[0].sonarqube.key` | Project key inside SonarQube | `""` | -| `app.configuration.projects[0].gitea.owner` | Repository owner inside Gitea | `""` | -| `app.configuration.projects[0].gitea.name` | Repository name inside Gitea | `""` | -| `app.configuration.namingPattern.regex` | Regular expression that MUST HAVE exactly ONE GROUP that matches the integer part of the PR. That integer part is identical to the pull request ID in Gitea. | `^PR-(\d+)$` | -| `app.configuration.namingPattern.template` | Valid Go format string. It MUST have one integer placeholder which will be replaced by the pull request ID. See: https://pkg.go.dev/fmt#hdr-Printing | `PR-%d` | -| `volumes` | If token and webhook secrets shall be provided via file, volumes and volume mounts can be configured to setup the environment accordingly | `[]` | -| `volumeMounts` | If token and webhook secrets shall be provided via file, volumes and volume mounts can be configured to setup the environment accordingly | `[]` | +| Name | Description | Value | +| ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | +| `app.configLocationOverride` | Override the default location of the configuration file (`/home/bot/config/config.yaml`). **Available since Chart version `0.2.0`. Requires at least image tag `v0.2.0`**. (See values file for details) | `""` | +| `app.listeningPort` | Port the application will listening on inside the pod container. **Available since Chart version `0.2.1`. Requires at least image tag `v0.2.1`**. | `3000` | +| `app.configuration.gitea.url` | Endpoint of your Gitea instance. Must be expandable by '/api/v1' to form the API base path as shown in Swagger UI. | `""` | +| `app.configuration.gitea.token.value` | Gitea token as plain text. Can be replaced with `file` key containing path to file. | `""` | +| `app.configuration.gitea.webhook.secret` | Secret for signature header (in plaintext) | `""` | +| `app.configuration.gitea.webhook.secretFile` | Path to file containing the plain text secret. Alternative to inline `app.configuration.gitea.webhook.secret` | | +| `app.configuration.sonarqube.url` | Endpoint of your SonarQube instance. Must be expandable by '/api' to form the API base path. | `""` | +| `app.configuration.sonarqube.token.value` | SonarQube token as plain text. Can be replaced with `file` key containing path to file. | `""` | +| `app.configuration.sonarqube.webhook.secret` | Secret for signature header (in plaintext) | `""` | +| `app.configuration.sonarqube.webhook.secretFile` | Path to file containing the plain text secret. Alternative to inline `app.configuration.sonarqube.webhook.secret` | | +| `app.configuration.sonarqube.additionalMetrics` | Setting this option you can extend that default list by your own metrics. | `[]` | +| `app.configuration.projects[0].sonarqube.key` | Project key inside SonarQube | `""` | +| `app.configuration.projects[0].gitea.owner` | Repository owner inside Gitea | `""` | +| `app.configuration.projects[0].gitea.name` | Repository name inside Gitea | `""` | +| `app.configuration.namingPattern.regex` | Regular expression that MUST HAVE exactly ONE GROUP that matches the integer part of the PR. That integer part is identical to the pull request ID in Gitea. | `^PR-(\d+)$` | +| `app.configuration.namingPattern.template` | Valid Go format string. It MUST have one integer placeholder which will be replaced by the pull request ID. See: https://pkg.go.dev/fmt#hdr-Printing | `PR-%d` | +| `volumes` | If token and webhook secrets shall be provided via file, volumes and volume mounts can be configured to setup the environment accordingly | `[]` | +| `volumeMounts` | If token and webhook secrets shall be provided via file, volumes and volume mounts can be configured to setup the environment accordingly | `[]` | ### Security parameters diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index b5b84c4..bdb8a1a 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -11,8 +11,9 @@ spec: {{- include "helm.selectorLabels" . | nindent 6 }} template: metadata: - {{- with .Values.podAnnotations }} annotations: + checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: diff --git a/helm/values.yaml b/helm/values.yaml index 7da6a6f..d76e407 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -79,7 +79,8 @@ app: # request will be ignored. # The bot looks for `X-Gitea-Signature` header containing the sha256 hmac hash of the plain text secret. If the header # exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be validated. - # @skip app.configuration.gitea.webhook + # @param app.configuration.gitea.webhook.secret Secret for signature header (in plaintext) + # @extra app.configuration.gitea.webhook.secretFile Path to file containing the plain text secret. Alternative to inline `app.configuration.gitea.webhook.secret` webhook: secret: "" # # or path to file containing the plain text secret @@ -103,7 +104,8 @@ app: # The bot looks for `X-Sonar-Webhook-HMAC-SHA256` header containing the sha256 hmac hash of the plain text secret. # If the header exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be # validated. - # @skip app.configuration.sonarqube.webhook + # @param app.configuration.sonarqube.webhook.secret Secret for signature header (in plaintext) + # @extra app.configuration.sonarqube.webhook.secretFile Path to file containing the plain text secret. Alternative to inline `app.configuration.sonarqube.webhook.secret` webhook: secret: "" # # or path to file containing the plain text secret