# Global parameters. # Global values are in generated_values.yaml. Run `codefresh runner init --generate-helm-values-file`! # @default -- See below global: namespace: "codefresh" codefreshHost: "" agentToken: "" # -- Existing secret (name-of-existing-secret) with API token from Codefresh (supersedes value for global.agentToken; secret must contain `codefresh.token` key) existingAgentToken: "" agentId: "" agentName: "" accountId: "" runtimeName: "" # -- Existing secret (name has to be `codefresh-certs-server`) (supersedes value for global.keys; secret must contain `server-cert.pem` `server-key.pem` and `ca.pem`` keys) existingDindCertsSecret: "" keys: key: "" ca: "" serverCert: "" # -- Set docker registry prefix for the runtime images dockerRegistry: "quay.io" # E.g. # dockerRegistry: "myreqistry.local" # Runner parameters # @default -- See below runner: # -- Set runner image image: "codefresh/venona:1.9.14" # -- Add additional env vars env: {} # E.g. # env: # HTTP_PROXY: 10.20.0.35:8080 # HTTPS_PROXY: 10.20.0.35:8080 # NO_PROXY: 10.20.0.* # -- Set runner requests and limits resources: {} # E.g. # resources: # limits: # cpu: 400m # memory: 1200Mi # requests: # cpu: 200m # memory: 500Mi # -- Set runner node selector nodeSelector: {} # E.g. # nodeSelector: # foo: bar # -- Set runner tolerations tolerations: [] ## E.g. # tolerations: # - key: codefresh # operator: Equal # value: dind # effect: NoSchedule # Volume Provisioner parameters # @default -- See below volumeProvisioner: # -- Set volume-provisioner image image: "codefresh/dind-volume-provisioner:1.33.3" # -- Set annotation on volume-provisioner Service Account serviceAccount: {} # E.g. # serviceAccount: # annotations: # eks.amazonaws.com/role-arn: "arn:aws:iam:::role/" # -- Set volume-provisioner node selector nodeSelector: {} # -- Set volume-provisioner requests and limits resources: {} # -- Set volume-provisioner tolerations tolerations: [] # -- Enable volume-provisioner pod's security context (running as non root user) securityContext: enabled: true # -- Add additional env vars env: {} # E.g. # env: # PRIVILEGED_CONTAINER: true ### https://codefresh.io/docs/docs/administration/codefresh-runner/#installing-on-aks # mountAzureJson: true annotations: {} # annotate volume-provisioner pod # `dind-volume-cleanup` CronJob parameters # @default -- See below volume-cleanup: # -- Set `dind-volume-cleanup` image image: codefresh/dind-volume-cleanup:1.2.0 # Storage parameters for volume-provisioner # @default -- See below storage: # -- Set backend volume type (`local`/`ebs`/`ebs-csi`/`gcedisk`/`azuredisk`) backend: local # -- Set filesystem type (`ext4`/`xfs`) fsType: "ext4" # Storage parametrs example for local volumes on the K8S nodes filesystem (i.e. `storage.backend=local`) # https://kubernetes.io/docs/concepts/storage/volumes/#local # @default -- See below local: # -- Set volume path on the host filesystem volumeParentDir: /var/lib/codefresh/dind-volumes # `dind-lv-monitor` DaemonSet parametes (deployed only when `storage.backend=local`) # @default -- See below localVolumeMonitor: # -- Set `dind-lv-monitor` image image: codefresh/dind-volume-utils:1.29.3 initContainer: image: alpine nodeSelector: {} resources: {} tolerations: [] env: {} # Storage parameters example for aws ebs disks (i.e. `storage.backend=ebs`/`storage.backend=ebs-csi`) # https://aws.amazon.com/ebs/ # https://codefresh.io/docs/docs/administration/codefresh-runner/#installing-on-aws # @default -- See below ebs: # -- Set EBS volume type (`gp2`/`gp3`/`io1`) (required) volumeType: "gp2" # -- Set EBS volumes availability zone (required) availabilityZone: "us-east-1a" # -- Enable encryption (optional) encrypted: "false" # -- Set KMS encryption key ID (optional) kmsKeyId: "" # -- Set AWS_ACCESS_KEY_ID for volume-provisioner (optional) # Ref: https://codefresh.io/docs/docs/installation/codefresh-runner/#dind-volume-provisioner-permissions accessKeyId: "" # -- Set AWS_SECRET_ACCESS_KEY for volume-provisioner (optional) # Ref: https://codefresh.io/docs/docs/installation/codefresh-runner/#dind-volume-provisioner-permissions secretAccessKey: "" # E.g. # ebs: # volumeType: gp3 # availabilityZone: us-east-1c # encrypted: false # iops: "5000" # # I/O operations per second. Only effetive when gp3 volume type is specified. # # Default value - 3000. # # Max - 16,000 # throughput: "500" # # Throughput in MiB/s. Only effective when gp3 volume type is specified. # # Default value - 125. # # Max - 1000. # ebs: # volumeType: gp2 # availabilityZone: us-east-1c # encrypted: true # kmsKeyId: "1234abcd-12ab-34cd-56ef-1234567890ab" # accessKeyId: "MYKEYID" # secretAccessKey: "MYACCESSKEY" # Storage parameters example for gce disks # https://cloud.google.com/compute/docs/disks#pdspecs # https://codefresh.io/docs/docs/administration/codefresh-runner/#installing-on-google-kubernetes-engine # @default -- See below gcedisk: # -- Set GCP volume backend type (`pd-ssd`/`pd-standard`) volumeType: "pd-ssd" # -- Set GCP volume availability zone availabilityZone: "us-west1-a" # -- Set Google SA JSON key for volume-provisioner (optional) serviceAccountJson: "" # E.g. # gcedisk: # volumeType: pd-ssd # availabilityZone: us-central1-c # serviceAccountJson: |- # { # "type": "service_account", # "project_id": "...", # "private_key_id": "...", # "private_key": "...", # "client_email": "...", # "client_id": "...", # "auth_uri": "...", # "token_uri": "...", # "auth_provider_x509_cert_url": "...", # "client_x509_cert_url": "..." # } # Storage parameters example for Azure Disks # https://codefresh.io/docs/docs/administration/codefresh-runner/#installing-on-aks # @default -- See below azuredisk: # -- Set storage type (`Premium_LRS`) skuName: Premium_LRS cachingMode: None # location: westcentralus # resourceGroup: # DiskIOPSReadWrite: 500 # DiskMBpsReadWrite: 100 # Set runtime parameters # @default -- See below re: # -- Set annotation on engine Service Account # Ref: https://codefresh.io/docs/docs/administration/codefresh-runner/#injecting-aws-arn-roles-into-the-cluster serviceAccount: annotations: {} # E.g. # serviceAccount: # annotations: # eks.amazonaws.com/role-arn: "arn:aws:iam:::role/" # DinD pod daemon config # @default -- See below dindDaemon: hosts: - unix:///var/run/docker.sock - tcp://0.0.0.0:1300 tlsverify: true tls: true tlscacert: /etc/ssl/cf-client/ca.pem tlscert: /etc/ssl/cf/server-cert.pem tlskey: /etc/ssl/cf/server-key.pem insecure-registries: - 192.168.99.100:5000 metrics-addr: 0.0.0.0:9323 experimental: true # App-Proxy parameters # Ref: https://codefresh.io/docs/docs/installation/codefresh-runner/#app-proxy-installation # @default -- See below appProxy: # -- Enable app-proxy enabled: false # -- Set app-proxy image image: "codefresh/cf-app-proxy:latest" # Set app-proxy ingress parameters # @default -- See below ingress: # -- Set path prefix for ingress pathPrefix: "/" # -- Set ingress class class: "" # -- Set DNS hostname the ingress will use host: "" # -- Set k8s tls secret for the ingress object tlsSecret: "" # -- Set extra annotations for ingress object annotations: {} # E.g. # ingress: # pathPrefix: "/app-proxy" # class: "nginx" # host: "mydomain.com" # tlsSecret: "tls-cert-app-proxy" # annotations: # nginx.ingress.kubernetes.io/whitelist-source-range: 123.123.123.123/130 env: {} resources: {} serviceAccount: annotations: {} # Monitor parameters # @default -- See below monitor: # -- Enable monitor # Ref: https://codefresh.io/docs/docs/installation/codefresh-runner/#install-monitoring-component enabled: false # -- Set monitor image image: "codefresh/agent:stable" # -- keep true as default! helm3: true # -- Use ClusterRole (`false`) or Role (`true`) RBAC useNamespaceWideRole: false # # -- Cluster name as it registered in account clusterId: "" # -- API token from Codefresh token: "" # -- Set Existing secret (name-of-existing-secret) with API token from Codefresh (supersedes value of monitor.token; secret must contain `codefresh.token` key) existingMonitorToken: "" env: {} resources: {} serviceAccount: annotations: {}