feat(gitea): add runner helm

2026-01-19 19:24:47 +08:00
@@ -22,7 +22,7 @@ spec:
              namespaceSelector: {} 
    image:
      repository: halohub/halo-pro
-      tag: 2.22.9
+      tag: 2.22.10
    service:
      type: ClusterIP
    ingress:
@@ -16,7 +16,7 @@ data:
                                    <h1 class="ui icon header title">
                                            {{AppName}}
                                    </h1>
-                                    <h2><a href="https://git.dev.cm">dev.cm</a> - Git 仓库</h2>
+                                    <h2><a href="https://dev.cm">dev.cm</a> - Git {{ctx.Locale.Tr "repository"}}</h2>
                            </div>
                    </div>
            </div>
@@ -24,4 +24,8 @@ data:
    {{template "base/footer" .}}
  extra_links.tmpl: |-
-    <a class="item" href="https://ci.dev.cm" target="_blank">CI</a>
+    <a class="item" href="https://dev.cm" target="_blank">{{if eq ctx.Locale.Lang "zh-CN"}}博客{{else}}Blog{{end}}</a>
    <a class="item extra-links-end" href="https://fillcode.com" target="_blank">Fillcode</a>
    <style>
      .extra-links-end ~ a { display:none !important; }
    </style>
@@ -0,0 +1,24 @@
 apiVersion: helm.cattle.io/v1
 kind: HelmChart
 metadata:
  name: gitea-actions
  namespace: infra-devops
 spec:
  repo: https://dl.gitea.com/charts
  chart: actions
  targetNamespace: infra-devops
  version: 0.0.2
  valuesContent: |-
    enabled: true
    statefulset:
      affinity:
        nodeSelector:
          dev-cm-runner/enabled: "true"
    giteaRootURL: http://gitea-http.infra-devops.svc.cluster.local:3000
    existingSecret: gitea-runner
    existingSecretKey: token
@@ -80,6 +80,8 @@ spec:
          CONN_STR: redis://:ribiPwYQNU6GWxCYR0Nj@redis-cluster-sh-master.infra-data:6379/0
        repository:
          DEFAULT_REPO_UNITS: repo.code,repo.releases,repo.issues,repo.pulls
        actions:
          ENABLED: true
        service:
          DISABLE_REGISTRATION: true
          NO_REPLY_ADDRESS: noreply.dev.cm
@@ -90,6 +92,7 @@ spec:
          NAMES: 简体中文,English
        other:
          SHOW_FOOTER_VERSION: false
          SHOW_FOOTER_POWERED_BY: false
        log:
          LEVEL: Info
    valkey-cluster:
@@ -7,7 +7,7 @@ spec:
  repo: https://emberstack.github.io/helm-charts
  chart: reflector
  targetNamespace: infra-devops
-  version: 9.1.38
+  version: 9.1.45
  valuesContent: |-
    affinity:
      nodeAffinity:
@@ -7,7 +7,7 @@ spec:
  repo: https://vmware-tanzu.github.io/helm-charts
  chart: velero
  targetNamespace: infra-devops
-  version: 11.1.1
+  version: 11.3.2
  valuesContent: |-
    affinity:
      nodeAffinity:
@@ -7,7 +7,7 @@ spec:
  repo: https://grafana.github.io/helm-charts
  chart: loki
  targetNamespace: infra-monitor
-  version: 6.46.0
+  version: 6.49.0
  valuesContent: |-
    deploymentMode: SingleBinary
    gateway:
@@ -18,11 +18,11 @@ spec:
          tenant_id: 1
      snippets:
        extraRelabelConfigs:
-          # 匹配log_collecting_enabled标签 只有为true时才收集日志
+          # 匹配 devcm-log-collecting/enabled 标签 只有为true时才收集日志
-          - source_labels: [__meta_kubernetes_pod_label_log_collecting_enabled]
+          - source_labels: [__meta_kubernetes_pod_label_devcm_log_collecting_enabled]
            action: keep
            regex: true
-          # 匹配log_collecting_only_errors标签并只保留stderr流
+          # 匹配 devcm-log-collecting/only-errors标签并只保留stderr流
-          - source_labels: [__meta_kubernetes_pod_label_log_collecting_only_errors]
+          - source_labels: [__meta_kubernetes_pod_label_devcm_log_collecting_only_errors]
            action: drop
            regex: stdout
@@ -7,7 +7,7 @@ spec:
  repo: https://prometheus-community.github.io/helm-charts
  chart: kube-prometheus-stack
  targetNamespace: infra-monitor
-  version: 79.5.0
+  version: 81.0.0
  valuesContent: |-
    kubeControllerManager:
      enabled: false
@@ -7,11 +7,11 @@ spec:
  repo: https://crowdsecurity.github.io/helm-charts
  chart: crowdsec
  targetNamespace: infra-net
-  version: 0.20.1
+  version: 0.21.1
  valuesContent: |-
    container_runtime: containerd
    image:
-      tag: v1.7.3
+      tag: v1.7.4
    agent:
      affinity:
        podAffinity:
@@ -6,11 +6,16 @@ metadata:
 spec:
  repo: https://kubernetes.github.io/ingress-nginx
  chart: ingress-nginx
-  version: 4.11.8
+  version: 4.13.2
  targetNamespace: infra-net
  valuesContent: |-
    fullnameOverride: ingress-nginx
    controller:
      image:
        registry: docker.io
        image: crowdsecurity/controller
        tag: v1.13.2
        digest: sha256:4575be24781cad35f8e58437db6a3f492df2a3167fed2b6759a6ff0dc3488d56
      nodeSelector:
        svccontroller.k3s.cattle.io/enablelb: "true"
      tolerations:
@@ -18,7 +23,7 @@ spec:
          operator: "Exists"
          effect: "NoSchedule"
      labels:
-        log-collecting/enabled: "true"
+        devcm-log-collecting/enabled: "true"
      kind: DaemonSet
      hostNetwork: true
      hostPort:
@@ -33,6 +38,8 @@ spec:
        enabled: false
      publishService:
        enabled: false
      # 禁用默认的注解验证以防止冲突
      enableAnnotationValidations: false
      config:
        use-forwarded-headers: "true"
        allow-snippet-annotations: "true"
@@ -121,13 +128,13 @@ spec:
        plugins: "crowdsec"
        lua-shared-dicts: "crowdsec_cache: 50m"
      # 启用geoip2模块
-      maxmindLicenseKey: "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"
+      maxmindLicenseKey: "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"
      extraArgs:
        default-ssl-certificate: "infra-net/dev-cm-crt"
      # crowdsec插件配置
      extraInitContainers:
        - name: init-clone-crowdsec-bouncer
-          image: crowdsecurity/lua-bouncer-plugin:v1.0.5
+          image: crowdsecurity/lua-bouncer-plugin:v1.1.2
          imagePullPolicy: IfNotPresent
          env:
            - name: SHELL