Integrate Gitea Repo and Team Management into cr8tor-operator#51
Open
sauravscode wants to merge 13 commits into
Open
Integrate Gitea Repo and Team Management into cr8tor-operator#51sauravscode wants to merge 13 commits into
sauravscode wants to merge 13 commits into
Conversation
sauravscode
commented
May 18, 2026
sauravscode
commented
- Adds async Gitea organisation, team, and repository provisioning for projects and groups.
- Handles Gitea user-team membership based on group membership.
- Adds robust error handling and feature flag for Gitea integration.
- Updates operator deployment and Helm chart to support Gitea configuration via secrets and environment variables.
- Refactors operator handlers to support async Gitea operations.
- Ensures all Gitea API calls are modular, secure, and up-to-date with the latest Gitea API.
- CRD management and project/group logic refactored for extensibility.
…licy isolation (#14) - Implemented cr8tor to handle per-project namespace setup - Implemented the storage provision for vdi and notebooks - Added provision to specify the CRD namespace
There was a problem hiding this comment.
Pull request overview
This PR extends the cr8tor operator with Gitea provisioning capabilities (org/team/repo + user/team membership syncing), introduces a new “project-sync” plugin/handler for generating CRDs from published project data, and updates Helm/chart configuration to support these integrations.
Changes:
- Add async Gitea client/manager and integrate Gitea org/team/repo provisioning + membership updates into identity/project handlers.
- Introduce
project_syncplugin and a ConfigMap-triggered handler to generate/apply User/Group/Project CRDs. - Update Helm values/deployment wiring and relax project network policy to allow Gitea and external egress.
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| src/cr8tor/services/network_policy_manager.py | Allows ingress/egress to gitea namespace and adds egress to world. |
| src/cr8tor/services/gitea/client.py | New async HTTP client for Gitea API access via env-configured URL/token. |
| src/cr8tor/services/gitea/manager.py | New async helpers for ensuring/deleting orgs, teams, repos, and team membership. |
| src/cr8tor/services/gitea/init.py | Exposes Gitea integration functions via package exports. |
| src/cr8tor/plugins/registry.py | Registers new builtin plugin module cr8tor.plugins.project_sync. |
| src/cr8tor/plugins/project_sync.py | New plugin that generates/applies CRDs based on published project data. |
| src/cr8tor/handlers/project_sync_handler.py | New kopf handler to trigger project sync from labeled ConfigMaps. |
| src/cr8tor/handlers/identity_handler.py | Refactors handlers to async and adds Gitea provisioning/membership logic. |
| src/cr8tor/handlers/init.py | Ensures new handler module is imported/available. |
| charts/cr8tor-operator/values.yaml | Adds services ConfigMap name and Gitea enablement/secret configuration. |
| charts/cr8tor-operator/templates/deployment.yaml | Wires services ConfigMap + Gitea env vars and adds initContainer wait logic. |
| charts/cr8tor-operator/templates/configmap.yaml | Updates VDI pod template to reference a renamed init-scripts ConfigMap. |
Comments suppressed due to low confidence (1)
src/cr8tor/handlers/identity_handler.py:81
get_user_projects()usesapi.list_namespaced_custom_object(...)butapiis no longer defined in this function (theCustomObjectsApi()instantiation was removed). This will raise aNameErrorand break notebook PVC provisioning and any downstream logic that depends on project resolution. Reintroduce a localapi = kubernetes.client.CustomObjectsApi()(or otherwise pass/reuse a defined client) before callingapi.list_namespaced_custom_object.
try:
all_groups = api.list_namespaced_custom_object(
group="identity.karectl.io",
version="v1alpha1",
namespace=IDENTITY_NAMESPACE,
plural="groups",
)
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+58
to
+83
| async def get(self, path): | ||
| """ Make GET requests. | ||
| """ | ||
| async with httpx.AsyncClient(verify=self.verify_tls, timeout=30.0) as client: | ||
| url = f"{self.base_url}{path}" | ||
| logger.debug(f"GET {url}") | ||
| response = await client.get(url, headers=self._get_headers()) | ||
| response.raise_for_status() | ||
| return response.json() | ||
|
|
||
| async def post(self, path, data): | ||
| """ Make POST request | ||
| """ | ||
| async with httpx.AsyncClient(verify=self.verify_tls, timeout=30.0) as client: | ||
| url = f"{self.base_url}{path}" | ||
| logger.debug(f"POST {url}") | ||
| response = await client.post(url, headers=self._get_headers(), json=data) | ||
| response.raise_for_status() | ||
| return response.json() if response.content else {} | ||
|
|
||
| async def put(self, path, data=None): | ||
| """ Make PUT request. | ||
| """ | ||
| async with httpx.AsyncClient(verify=self.verify_tls, timeout=30.0) as client: | ||
| url = f"{self.base_url}{path}" | ||
| logger.debug(f"PUT {url}") |
Alwin-K-Thomas
requested changes
May 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.