Skip to content

feat: use smart git-http-server#3103

Draft
CasLubbers wants to merge 30 commits intomainfrom
APL-1704
Draft

feat: use smart git-http-server#3103
CasLubbers wants to merge 30 commits intomainfrom
APL-1704

Conversation

@CasLubbers
Copy link
Copy Markdown
Contributor

@CasLubbers CasLubbers commented Apr 1, 2026

📌 Summary

🔍 Reviewer Notes

🧹 Checklist

  • Code is readable, maintainable, and robust.
  • Unit tests added/updated

j-zimnowoda
j-zimnowoda reviewed Apr 2, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@j-zimnowoda j-zimnowoda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. I have successfully deployed. ✅

  2. I like the fact that it is using istio sidecar, so mTLS can be set between communicating parties. ✅

  3. I am wondering if mtls should be enforced though ⚠️

  4. I was also able to clone the repo::white_check_mark:

kubectl port-forward --namespace git-server svc/git-server 9090:80
git clone http://127.0.0.1:9090/otomi/values.git

kubectl get secret git-server-credentials -n git-server -o jsonpath='{.data.password}'
  1. After enabling gitea things get messy, so fine tuning needs to be done so the platform does not try to switch to gitea. ⚠️

j-zimnowoda
j-zimnowoda reviewed Apr 2, 2026
View reviewed changes
charts/git-server/values.yaml
repoName: otomi/values.git

image:
repository: docker.io/clubbers1892/simple-git-server
Copy link
Copy Markdown
Contributor

@j-zimnowoda j-zimnowoda Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Once PoC is approved we will host it at docker.io/linode

j-zimnowoda
j-zimnowoda reviewed Apr 2, 2026
View reviewed changes
charts/git-server/values.yaml
pullPolicy: IfNotPresent

persistence:
size: 1Gi
Copy link
Copy Markdown
Contributor

@j-zimnowoda j-zimnowoda Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

256Mi should be more than enough

j-zimnowoda
j-zimnowoda reviewed Apr 2, 2026
View reviewed changes
helmfile.d/helmfile-03.init.yaml.gotmpl

releases:
- name: git-server
installed: {{ not ($a | get "gitea.enabled") }}
Copy link
Copy Markdown
Contributor

@j-zimnowoda j-zimnowoda Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pls, make it independent from git.
The git-server is going to be default mode. It should be possible to switch it to Gitea but that falls into to BYO git procedure and should not differ from switching to Github or other 3rd party provider.

CasLubbers
CasLubbers commented Apr 8, 2026
View reviewed changes
charts/git-server/templates/deployment.yaml
- |
if [ ! -d /data/{{ .Values.repoName }} ]; then
mkdir -p /data/{{ dir .Values.repoName }}
git init --bare --initial-branch=main /data/{{ .Values.repoName }}
Copy link
Copy Markdown
Contributor Author

@CasLubbers CasLubbers Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This branch needs to be configurable

ferruhcihan
ferruhcihan reviewed Apr 8, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@ferruhcihan ferruhcihan left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work, overall looks good to me. Just consider adding a securityContext (runAsNonRoot, drop capabilities) and/or an egress rule to the network policy to harden the deployment.

charts/git-server/values.yaml
initImage:
git:
repository: alpine/git
tag: latest
Copy link
Copy Markdown
Collaborator

@ferruhcihan ferruhcihan Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should use a pinned tag instead of latest.

ferruhcihan
ferruhcihan reviewed Apr 8, 2026
View reviewed changes
charts/git-server/templates/pvc.yaml
kind: PersistentVolumeClaim
metadata:
name: git-server-data
namespace: {{ .Release.Namespace }}
Copy link
Copy Markdown
Collaborator

@ferruhcihan ferruhcihan Apr 8, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
namespace: {{ .Release.Namespace }}
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/resource-policy": keep

Should we add this annotation to prevent data loss?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@j-zimnowoda j-zimnowoda j-zimnowoda left review comments

@ferruhcihan ferruhcihan ferruhcihan left review comments

@merll merll Awaiting requested review from merll merll will be requested when the pull request is marked ready for review merll is a code owner

@Ani1357 Ani1357 Awaiting requested review from Ani1357 Ani1357 will be requested when the pull request is marked ready for review Ani1357 is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@CasLubbers @j-zimnowoda @ferruhcihan @svcAPLBot