tegwick
660a63c674
Some checks failed
railiance-tests / smoke (push) Has been cancelled
T01: helm/gitea-values.yaml with postgresql-ha.pgpool.adminPassword
(fill REPLACE_WITH_PGPOOL_ADMIN_PASSWORD before helm upgrade)
T02: tests/smoke_kube.sh — add pgpool and postgresql-ha pod health checks
T03: tests/test_ha_failover.sh — D3 HA failover test script
T04: docs/incidents/2026-03-10-pgpool-missing-secret.md + README link
Also: make test-ha-failover target, Makefile .PHONY updated.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
20 lines
968 B
YAML
20 lines
968 B
YAML
# Gitea Helm values — railiance-cluster
|
|
# Chart: gitea v12.2.0 / postgresql-ha subchart v16.2.2
|
|
#
|
|
# SECURITY: This file contains sensitive values.
|
|
# Encrypt before committing: sops --encrypt --in-place helm/gitea-values.yaml
|
|
# Usage: helm upgrade gitea gitea/gitea --values helm/gitea-values.yaml
|
|
#
|
|
# To find current values on the cluster:
|
|
# sudo k3s kubectl get secret -n default gitea-postgresql-ha-postgresql -o yaml
|
|
|
|
postgresql-ha:
|
|
pgpool:
|
|
# FIX for WP-0003 / D3:
|
|
# The Bitnami postgresql-ha subchart (v16.2.2) does not write pgpool-password
|
|
# into the postgresql secret automatically. Without this key, pgpool enters
|
|
# CrashLoopBackOff on any pod restart (including HA failover).
|
|
# Value must match the sr-check-password used during initial deployment.
|
|
# Decode current value: kubectl get secret gitea-postgresql-ha-postgresql -o jsonpath='{.data.pgpool-password}' | base64 -d
|
|
adminPassword: "REPLACE_WITH_PGPOOL_ADMIN_PASSWORD"
|