Name: gerrit Namespace: sf CreationTimestamp: Wed, 10 Jun 2026 06:01:55 -0400 Selector: app=sf,run=gerrit Labels: Annotations: Replicas: 1 desired | 1 total Update Strategy: RollingUpdate Partition: 0 Pods Status: 1 Running / 0 Waiting / 0 Succeeded / 0 Failed Pod Template: Labels: app=sf run=gerrit Init Containers: gerrit-init: Image: quay.io/software-factory/gerrit:3.6.4-8 Port: Host Port: SeccompProfile: RuntimeDefault Command: sh -c #!/bin/bash set -ex export HOME=/gerrit # The /dev/./urandom is not a typo. https://stackoverflow.com/questions/58991966/what-java-security-egd-option-is-for JAVA_OPTIONS="-Djava.security.egd=file:/dev/./urandom -Xms${JVM_XMS} -Xmx${JVM_XMX}" echo "Initializing Gerrit site ..." java ${JAVA_OPTIONS} -jar /var/gerrit/bin/gerrit.war init -d ~/ --batch --no-auto-start --skip-plugins echo "Installing plugins ..." cp -u /var/gerrit-plugins/* ~/plugins cat << EOF > ~/.gitconfig [user] name = SF initial configurator email = admin@${FQDN} [gitreview] username = admin [push] default = simple EOF echo "Ensure admin user" # This command is noop if admin user already exists pynotedb create-admin-user --email "admin@${FQDN}" --pubkey "${GERRIT_ADMIN_SSH_PUB}" \ --all-users ~/git/All-Users.git --scheme gerrit echo "Setting Gerrit config file ..." git config -f ~/etc/gerrit.config --replace-all gerrit.canonicalWebUrl "https://gerrit.${FQDN}" git config -f ~/etc/gerrit.config --replace-all auth.type "DEVELOPMENT_BECOME_ANY_ACCOUNT" git config -f ~/etc/gerrit.config --replace-all sshd.listenaddress "*:29418" git config -f ~/etc/gerrit.config --unset-all httpd.listenUrl git config -f ~/etc/gerrit.config --add httpd.listenUrl "proxy-https://*:8080/" git config -f ~/etc/gerrit.config --replace-all user.email "gerrit@${FQDN}" git config -f ~/etc/gerrit.config --replace-all sendemail.enable "false" echo "Install the ready.sh script" cat << EOF > ~/ready.sh echo "Waiting for httpd" curl --fail http://localhost:8080/config/server/version echo "Waiting for sshd" python3 -c 'import socket; socket.socket(socket.AF_INET, socket.SOCK_STREAM).connect(("localhost", 29418))' EOF chmod +x ~/ready.sh Limits: cpu: 1 memory: 768Mi Requests: cpu: 100m memory: 512Mi Environment: GERRIT_ADMIN_SSH_PUB: Optional: false FQDN: sfop.me JVM_XMS: 256m JVM_XMX: 512m Mounts: /gerrit from gerrit (rw) Containers: gerrit: Image: quay.io/software-factory/gerrit:3.6.4-8 Ports: 8080/TCP (gerrit-httpd), 29418/TCP (gerrit-sshd) Host Ports: 0/TCP (gerrit-httpd), 0/TCP (gerrit-sshd) SeccompProfile: RuntimeDefault Command: sh -c #!/bin/bash set -ex # The /dev/./urandom is not a typo. https://stackoverflow.com/questions/58991966/what-java-security-egd-option-is-for JAVA_OPTIONS="-Djava.security.egd=file:/dev/./urandom -Xms${JVM_XMS} -Xmx${JVM_XMX}" echo "Set local git config for gerrit admin" cat << EOF > ~/.gitconfig [user] name = SF initial configurator email = admin@${FQDN} [gitreview] username = admin [push] default = simple EOF echo "Setup .ssh/config to allow container exec of 'ssh gerrit'" mkdir -p ~/.ssh cat << EOF > ~/.ssh/config Host gerrit User admin Hostname ${HOSTNAME} Port 29418 IdentityFile ~/.ssh/gerrit_admin EOF echo "Copy Gerrit Admin SSH keys on filesystem" echo "${GERRIT_ADMIN_SSH}" > ~/.ssh/gerrit_admin chmod 0600 ~/.ssh/gerrit_admin unset GERRIT_ADMIN_SSH echo "Running Gerrit ..." exec java ${JAVA_OPTIONS} -jar /var/gerrit/bin/gerrit.war daemon -d ~/ Limits: cpu: 1 memory: 768Mi Requests: cpu: 100m memory: 512Mi Liveness: exec [bash /gerrit/ready.sh] delay=5s timeout=5s period=20s #success=1 #failure=20 Readiness: exec [bash /gerrit/ready.sh] delay=0s timeout=5s period=10s #success=1 #failure=20 Startup: exec [bash /gerrit/ready.sh] delay=5s timeout=2s period=20s #success=1 #failure=10 Environment: HOME: /gerrit FQDN: sfop.me JVM_XMS: 128m JVM_XMX: 512m GERRIT_ADMIN_SSH: Optional: false Mounts: /gerrit from gerrit (rw) managesf-resources: Image: quay.io/software-factory/sf-op-busybox:1.5-20250925-1 Port: Host Port: SeccompProfile: RuntimeDefault Command: sh -c #!/bin/sh if [ "${HOME}" == "/" ]; then echo "HOME can not be / dir!" exit 1 fi mkdir -p ~/.ssh chmod 0700 ~/.ssh echo "${SF_ADMIN_SSH}" > ~/.ssh/id_rsa chmod 0400 ~/.ssh/id_rsa cat << EOF > ~/.ssh/config Host gerrit User admin Hostname ${GERRIT_SSHD_PORT_29418_TCP_ADDR} Port ${GERRIT_SSHD_SERVICE_PORT_GERRIT_SSHD} IdentityFile ~/.ssh/id_rsa StrictHostKeyChecking no EOF sleep inf Limits: cpu: 500m memory: 256Mi Requests: cpu: 100m memory: 128Mi Environment: HOME: /tmp FQDN: sfop.me SF_ADMIN_SSH: Optional: false Mounts: /etc/managesf from managesf-resources-config-vol (rw) /usr/share/managesf from managesf-resources-tooling-vol (rw) Volumes: managesf-resources-config-vol: Type: ConfigMap (a volume populated by a ConfigMap) Name: managesf-resources-config-map Optional: false managesf-resources-tooling-vol: Type: ConfigMap (a volume populated by a ConfigMap) Name: managesf-resources-tooling-config-map Optional: false Node-Selectors: Tolerations: Volume Claims: Name: gerrit StorageClass: Labels: Annotations: Capacity: 1Gi Access Modes: [ReadWriteOnce] Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal SuccessfulCreate 6m41s statefulset-controller create Claim gerrit-gerrit-0 Pod gerrit-0 in StatefulSet gerrit success Normal SuccessfulCreate 6m41s statefulset-controller create Pod gerrit-0 in StatefulSet gerrit successful