Add Gitea self-hosted git/CI/registry to replace GitHub

Deploy Gitea via Helm with dedicated CloudNativePG database, in-cluster Actions runner (DinD), and built-in container registry. ArgoCD repoURLs updated to use in-cluster Gitea SSH. Preview ApplicationSet switched from GitHub PR generator to Gitea PR generator. App images now pull from gitea.coreworlds.io registry. Remaining setup after deploy: seal runner token, ArgoCD API token, and registry pull secret once Gitea is running. Add ArgoCD deploy key to Gitea repo settings.
2026-03-21 15:43:30 +00:00
parent 06ae2c7d46
commit f04ecbf5cd
36 changed files with 640 additions and 52 deletions
--- a/infra/kubernetes/platform/gitea/application.yaml
+++ b/infra/kubernetes/platform/gitea/application.yaml
@@ -0,0 +1,77 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: gitea-helm
+  namespace: argocd
+  annotations:
+    argocd.argoproj.io/sync-wave: "1"
+spec:
+  project: default
+  source:
+    repoURL: https://dl.gitea.com/charts/
+    chart: gitea
+    targetRevision: 10.6.0
+    helm:
+      valuesObject:
+        # Disable bundled dependencies — we use external DB and Valkey
+        postgresql:
+          enabled: false
+        postgresql-ha:
+          enabled: false
+        redis-cluster:
+          enabled: false
+        redis:
+          enabled: false
+
+        gitea:
+          admin:
+            existingSecret: gitea-admin-credentials
+          config:
+            database:
+              DB_TYPE: postgres
+              HOST: gitea-pg-rw.platform.svc:5432
+              NAME: gitea
+              USER: gitea
+              PASSWD:
+                _secret: gitea-pg-credentials
+                _key: password
+            cache:
+              ADAPTER: redis
+              HOST: redis://valkey.platform.svc:6379/0
+            session:
+              PROVIDER: redis
+              PROVIDER_CONFIG: redis://valkey.platform.svc:6379/1
+            server:
+              DOMAIN: gitea.coreworlds.io
+              ROOT_URL: https://gitea.coreworlds.io
+              SSH_DOMAIN: gitea.coreworlds.io
+              SSH_PORT: 2222
+              SSH_LISTEN_PORT: 2222
+            actions:
+              ENABLED: true
+              DEFAULT_ACTIONS_URL: github
+            packages:
+              ENABLED: true
+
+        persistence:
+          enabled: true
+          storageClass: longhorn-nvme
+          size: 20Gi
+
+        service:
+          http:
+            type: ClusterIP
+            port: 3000
+          ssh:
+            type: NodePort
+            port: 2222
+            nodePort: 30022
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: platform
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true