andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rancher-partner-charts/charts/codefresh/cf-runtime/7.1.6/values.yaml

915 lines
29 KiB
YAML
Raw Blame History

# -- String to partially override cf-runtime.fullname template (will maintain the release name)
nameOverride: ""
# -- String to fully override cf-runtime.fullname template
fullnameOverride: ""
# -- Global parameters
# @default -- See below
global:
# -- Global Docker image registry
imageRegistry: ""
# -- Global Docker registry secret names as array
imagePullSecrets: []
# -- URL of Codefresh Platform (required!)
codefreshHost: "https://g.codefresh.io"
# -- User token in plain text (required if `global.codefreshTokenSecretKeyRef` is omitted!)
# Ref: https://g.codefresh.io/user/settings (see API Keys)
# Minimal API key scopes: Runner-Installation(read+write), Agent(read+write), Agents(read+write)
codefreshToken: ""
# -- User token that references an existing secret containing API key (required if `global.codefreshToken` is omitted!)
codefreshTokenSecretKeyRef: {}
# E.g.
# codefreshTokenSecretKeyRef:
# name: my-codefresh-api-token
# key: codefresh-api-token
# -- Account ID (required!)
# Can be obtained here https://g.codefresh.io/2.0/account-settings/account-information
accountId: ""
# -- K8s context name (required!)
context: ""
# E.g.
# context: prod-ue1-runtime-1
# -- Agent Name (optional!)
# If omitted, the following format will be used `{{ .Values.global.context }}_{{ .Release.Namespace }}`
agentName: ""
# E.g.
# agentName: prod-ue1-runtime-1
# -- Runtime name (optional!)
# If omitted, the following format will be used `{{ .Values.global.context }}/{{ .Release.Namespace }}`
runtimeName: ""
# E.g.
# runtimeName: prod-ue1-runtime-1/namespace
# -- DEPRECATED Agent token in plain text.
# !!! MUST BE provided if migrating from < 6.x chart version
agentToken: ""
# -- DEPRECATED Agent token that references an existing secret containing API key.
# !!! MUST BE provided if migrating from < 6.x chart version
agentTokenSecretKeyRef: {}
# E.g.
# agentTokenSecretKeyRef:
# name: my-codefresh-agent-secret
# key: codefresh-agent-token
# DEPRECATED -- Use `.Values.global.imageRegistry` instead
dockerRegistry: ""
# DEPRECATED -- Use `.Values.runtime` instead
re: {}
# -- Runner parameters
# @default -- See below
runner:
# -- Enable the runner
enabled: true
# -- Set number of pods
replicasCount: 1
# -- Upgrade strategy
updateStrategy:
type: RollingUpdate
# -- Set pod annotations
podAnnotations: {}
# -- Set image
image:
registry: quay.io
repository: codefresh/venona
tag: 1.10.2
digest: sha256:f7768390d3368aff0843519368c10a0a97cf98a98f2753a89509cf8f6c9798e1
# -- Init container
init:
image:
registry: quay.io
repository: codefresh/cli
tag: 0.85.0-rootless
digest: sha256:27281df44814d837fbcc41ba53ee8010ce5496eb758c29f775958d713c79c41a
resources:
limits:
memory: 512Mi
cpu: '1'
requests:
memory: 256Mi
cpu: '0.2'
# -- Sidecar container
# Reconciles runtime spec from Codefresh API for drift detection
sidecar:
enabled: false
image:
registry: quay.io
repository: codefresh/kubectl
tag: 1.31.2
digest: sha256:a30a8810dde249d0198f67792ed9696363f15c8cecbac955ee9bd267b5454ee7
env:
RECONCILE_INTERVAL: 300
resources: {}
# -- Add additional env vars
env: {}
# E.g.
# env:
# WORKFLOW_CONCURRENCY: 50 # The number of workflow creation and termination tasks the Runner can handle in parallel. Defaults to 50
# -- Service Account parameters
serviceAccount:
# -- Create service account
create: true
# -- Override service account name
name: ""
# -- Additional service account annotations
annotations: {}
# -- RBAC parameters
rbac:
# -- Create RBAC resources
create: true
# -- Add custom rule to the role
rules: []
# -- Set security context for the pod
# @default -- See below
podSecurityContext:
enabled: true
runAsUser: 10001
runAsGroup: 10001
fsGroup: 10001
# -- Readiness probe configuration
# @default -- See below
readinessProbe:
failureThreshold: 5
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
# -- Set requests and limits
resources: {}
# -- Set node selector
nodeSelector: {}
# -- Set tolerations
tolerations: []
# -- Set affinity
affinity: {}
# -- Volume Provisioner parameters
# @default -- See below
volumeProvisioner:
# -- Enable volume-provisioner
enabled: true
# -- Set number of pods
replicasCount: 1
# -- Upgrade strategy
updateStrategy:
type: Recreate
# -- Set pod annotations
podAnnotations: {}
# -- Set image
image:
registry: quay.io
repository: codefresh/dind-volume-provisioner
tag: 1.35.2
digest: sha256:ede6f663c912a08b7d335b5ec5518ccc266b27c431d0854d22971005992adc5d
# -- Add additional env vars
env: {}
# E.g.
# env:
# THREADINESS: 4 # The number of PVC requests the dind-volume-provisioner can process in parallel. Defaults to 4
# -- Service Account parameters
serviceAccount:
# -- Create service account
create: true
# -- Override service account name
name: ""
# -- Additional service account annotations
annotations: {}
# E.g.
# serviceAccount:
# annotations:
# eks.amazonaws.com/role-arn: "arn:aws:iam::<ACCOUNT_ID>:role/<IAM_ROLE_NAME>"
# -- RBAC parameters
rbac:
# -- Create RBAC resources
create: true
# -- Add custom rule to the role
rules: []
# -- Set security context for the pod
# @default -- See below
podSecurityContext:
enabled: true
runAsUser: 3000
runAsGroup: 3000
fsGroup: 3000
# -- Set node selector
nodeSelector: {}
# -- Set resources
resources: {}
# -- Set tolerations
tolerations: []
# -- Set affinity
affinity: {}
# -- `dind-lv-monitor` DaemonSet parameters
# (local volumes cleaner)
# @default -- See below
dind-lv-monitor:
enabled: true
image:
registry: quay.io
repository: codefresh/dind-volume-utils
tag: 1.30.0
digest: sha256:506915ccb63481cd6b249e9068235100ea2ae39d4c811c3e49851c20cbe5ee6f
podAnnotations: {}
podSecurityContext:
enabled: false
runAsUser: 1000
fsGroup: 1000
containerSecurityContext: {}
env: {}
resources: {}
nodeSelector: {}
tolerations:
- key: 'codefresh/dind'
operator: 'Exists'
effect: 'NoSchedule'
volumePermissions:
enabled: false
image:
registry: docker.io
repository: alpine
tag: 3.18
digest: sha256:2995c82e8e723d9a5c8585cb8e901d1c50e3c2759031027d3bff577449435157
resources: {}
securityContext:
runAsUser: 0 # auto
# `dind-volume-cleanup` CronJob parameters
# (external volumes cleaner)
# @default -- See below
dind-volume-cleanup:
enabled: true
image:
registry: quay.io
repository: codefresh/dind-volume-cleanup
tag: 1.2.0
digest: sha256:1af3e3ecc87bf2e26ba07ecef68f54ad100d7e3b5fcf074099f627fd5d917369
env: {}
concurrencyPolicy: Forbid
schedule: "*/10 * * * *"
successfulJobsHistory: 3
failedJobsHistory: 1
suspend: false
podAnnotations: {}
podSecurityContext:
enabled: true
fsGroup: 3000
runAsGroup: 3000
runAsUser: 3000
nodeSelector: {}
affinity: {}
tolerations: []
# Storage parameters for volume-provisioner
# @default -- See below
storage:
# -- Set backend volume type (`local`/`ebs`/`ebs-csi`/`gcedisk`/`azuredisk`)
backend: local
# -- Set filesystem type (`ext4`/`xfs`)
fsType: "ext4"
# Storage parametrs example for local volumes on the K8S nodes filesystem (i.e. `storage.backend=local`)
# https://kubernetes.io/docs/concepts/storage/volumes/#local
# @default -- See below
local:
# -- Set volume path on the host filesystem
volumeParentDir: /var/lib/codefresh/dind-volumes
# Storage parameters example for aws ebs disks (i.e. `storage.backend=ebs`/`storage.backend=ebs-csi`)
# https://aws.amazon.com/ebs/
# https://codefresh.io/docs/docs/installation/codefresh-runner/#aws-backend-volume-configuration
# @default -- See below
ebs:
# -- Set EBS volume type (`gp2`/`gp3`/`io1`) (required)
volumeType: "gp2"
# -- Set EBS volumes availability zone (required)
availabilityZone: "us-east-1a"
# -- Enable encryption (optional)
encrypted: "false"
# -- Set KMS encryption key ID (optional)
kmsKeyId: ""
# -- Set AWS_ACCESS_KEY_ID for volume-provisioner (optional)
# Ref: https://codefresh.io/docs/docs/installation/codefresh-runner/#dind-volume-provisioner-permissions
accessKeyId: ""
# -- Existing secret containing AWS_ACCESS_KEY_ID.
accessKeyIdSecretKeyRef: {}
# E.g.
# accessKeyIdSecretKeyRef:
# name:
# key:
# -- Set AWS_SECRET_ACCESS_KEY for volume-provisioner (optional)
# Ref: https://codefresh.io/docs/docs/installation/codefresh-runner/#dind-volume-provisioner-permissions
secretAccessKey: ""
# -- Existing secret containing AWS_SECRET_ACCESS_KEY
secretAccessKeySecretKeyRef: {}
# E.g.
# secretAccessKeySecretKeyRef:
# name:
# key:
# E.g.
# ebs:
# volumeType: gp3
# availabilityZone: us-east-1c
# encrypted: false
# iops: "5000"
# # I/O operations per second. Only effetive when gp3 volume type is specified.
# # Default value - 3000.
# # Max - 16,000
# throughput: "500"
# # Throughput in MiB/s. Only effective when gp3 volume type is specified.
# # Default value - 125.
# # Max - 1000.
# ebs:
# volumeType: gp2
# availabilityZone: us-east-1c
# encrypted: true
# kmsKeyId: "1234abcd-12ab-34cd-56ef-1234567890ab"
# accessKeyId: "MYKEYID"
# secretAccessKey: "MYACCESSKEY"
# Storage parameters example for gce disks
# https://cloud.google.com/compute/docs/disks#pdspecs
# https://codefresh.io/docs/docs/installation/codefresh-runner/#gke-google-kubernetes-engine-backend-volume-configuration
# @default -- See below
gcedisk:
# -- Set GCP volume backend type (`pd-ssd`/`pd-standard`)
volumeType: "pd-ssd"
# -- Set GCP volume availability zone
availabilityZone: "us-west1-a"
# -- Set Google SA JSON key for volume-provisioner (optional)
serviceAccountJson: ""
# -- Existing secret containing containing Google SA JSON key for volume-provisioner (optional)
serviceAccountJsonSecretKeyRef: {}
# E.g.
# gcedisk:
# volumeType: pd-ssd
# availabilityZone: us-central1-c
# serviceAccountJson: |-
# {
# "type": "service_account",
# "project_id": "...",
# "private_key_id": "...",
# "private_key": "...",
# "client_email": "...",
# "client_id": "...",
# "auth_uri": "...",
# "token_uri": "...",
# "auth_provider_x509_cert_url": "...",
# "client_x509_cert_url": "..."
# }
# Storage parameters example for Azure Disks
# https://codefresh.io/docs/docs/installation/codefresh-runner/#install-codefresh-runner-on-azure-kubernetes-service-aks
# @default -- See below
azuredisk:
# -- Set storage type (`Premium_LRS`)
skuName: Premium_LRS
cachingMode: None
# availabilityZone: northeurope-1
# resourceGroup:
# DiskIOPSReadWrite: 500
# DiskMBpsReadWrite: 100
mountAzureJson: false
# -- Set runtime parameters
# @default -- See below
runtime:
# -- Set annotation on engine Service Account
# Ref: https://codefresh.io/docs/docs/administration/codefresh-runner/#injecting-aws-arn-roles-into-the-cluster
serviceAccount:
create: true
annotations: {}
# E.g.
# serviceAccount:
# annotations:
# eks.amazonaws.com/role-arn: "arn:aws:iam::<ACCOUNT_ID>:role/<IAM_ROLE_NAME>"
# -- Set parent runtime to inherit.
# Should not be changes. Parent runtime is controlled from Codefresh side.
runtimeExtends:
- system/default/hybrid/k8s_low_limits
# -- Runtime description
description: ""
# -- RBAC parameters
rbac:
# -- Create RBAC resources
create: true
# -- Add custom rule to the engine role
rules: []
# -- (for On-Premise only) Enable agent
agent: true
# -- (for On-Premise only) Set inCluster runtime
inCluster: true
# -- (for On-Premise only) Assign accounts to runtime (list of account ids)
accounts: []
# -- Parameters for DinD (docker-in-docker) pod (aka "runtime" pod).
dind:
# -- Set dind image.
image:
registry: quay.io
repository: codefresh/dind
tag: 26.1.4-1.28.8 # use `latest-rootless/rootless/26.1.4-1.28.8-rootless` tags for rootless-dind
pullPolicy: IfNotPresent
digest: sha256:33c343dd01e8a24f0b4a872bbe62884320719f9d9dc27b7a8fed9f7e9fc7e80e
# -- Set dind resources.
resources:
requests: null
limits:
cpu: 400m
memory: 800Mi
# -- Set termination grace period.
terminationGracePeriodSeconds: 30
# -- PV claim spec parametes.
pvcs:
# -- Default dind PVC parameters
dind:
# -- PVC name prefix.
# Keep `dind` as default! Don't change!
name: dind
# -- PVC storage class name.
# Change ONLY if you need to use storage class NOT from Codefresh volume-provisioner
storageClassName: '{{ include "dind-volume-provisioner.storageClassName" . }}'
# -- PVC size.
volumeSize: 16Gi
# -- PV reuse selector.
# Ref: https://codefresh.io/docs/docs/installation/codefresh-runner/#volume-reuse-policy
reuseVolumeSelector: codefresh-app,io.codefresh.accountName
reuseVolumeSortOrder: pipeline_id
# -- PV annotations.
annotations: {}
# E.g.:
# annotations:
# codefresh.io/volume-retention: 7d
# -- Set additional env vars.
env:
DOCKER_ENABLE_DEPRECATED_PULL_SCHEMA_1_IMAGE: true
# -- Set pod annotations.
podAnnotations: {}
# -- Set pod labels.
podLabels: {}
# -- Set node selector.
nodeSelector: {}
# -- Set affinity
affinity: {}
# -- Set tolerations.
tolerations: []
# -- Set security context for the pod.
podSecurityContext: {}
# -- Set container security context.
containerSecurityContext: {}
# -- Set scheduler name.
schedulerName: ""
# -- Set service account for pod.
serviceAccount: codefresh-engine
# -- Keep `true` as default!
userAccess: true
# -- Add extra volumes
userVolumes: {}
# E.g.:
# userVolumes:
# regctl-docker-registry:
# name: regctl-docker-registry
# secret:
# items:
# - key: .dockerconfigjson
# path: config.json
# secretName: regctl-docker-registry
# optional: true
# -- Add extra volume mounts
userVolumeMounts: {}
# E.g.:
# userVolumeMounts:
# regctl-docker-registry:
# name: regctl-docker-registry
# mountPath: /home/appuser/.docker/
# readOnly: true
volumePermissions:
enabled: false
image:
registry: docker.io
repository: alpine
tag: 3.18
digest: sha256:2995c82e8e723d9a5c8585cb8e901d1c50e3c2759031027d3bff577449435157
resources: {}
securityContext:
runAsUser: 0 # auto
# -- Parameters for Engine pod (aka "pipeline" orchestrator).
engine:
# -- Set image.
image:
registry: quay.io
repository: codefresh/engine
tag: 1.174.18
pullPolicy: IfNotPresent
digest: sha256:6d995ddf26edb4ad4240060f3fa68831bbf9b86a4b342928b116f15921aa9182
# -- Set container command.
command:
- npm
- run
- start
# -- Set resources.
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 1000m
memory: 2048Mi
# -- Set termination grace period.
terminationGracePeriodSeconds: 180
# -- Set system(base) runtime images.
# @default -- See below.
runtimeImages:
COMPOSE_IMAGE: quay.io/codefresh/compose:v2.28.1-1.5.0@sha256:362977564c096b7c2c007b8478ec87cac13d781839adc271d858290213bd89f2
CONTAINER_LOGGER_IMAGE: quay.io/codefresh/cf-container-logger:1.11.7@sha256:1e7bcee65203f9fdfc7ee5231cb4d29b179479d70dd42ec9855d20c57ab43c48
DOCKER_BUILDER_IMAGE: quay.io/codefresh/cf-docker-builder:1.3.16@sha256:142288b34c4af9abad44f304f00b109825df0894853a66a77a09f3ebf507d176
DOCKER_PULLER_IMAGE: quay.io/codefresh/cf-docker-puller:8.0.18@sha256:1a15c3ae0952d3986de7866a3def8ac7e3e39f668fe87fd46c63d886ca06c6d7
DOCKER_PUSHER_IMAGE: quay.io/codefresh/cf-docker-pusher:6.0.16@sha256:05efc1af8b1196f1b9b3f0781b4dcc1aa2cdd0ffc1347ee5fa81b16d029ec5c2
DOCKER_TAG_PUSHER_IMAGE: quay.io/codefresh/cf-docker-tag-pusher:1.3.14@sha256:801caf9100218c9ed638fb5ca205fcc133f54d00468ed81093b22a4f0a0ffae9
FS_OPS_IMAGE: quay.io/codefresh/fs-ops:1.2.3@sha256:57374ccd5275325fc36b237fb38c77dd1f65c84d5aebfe88c9ea0e434ea20fc9
GIT_CLONE_IMAGE: quay.io/codefresh/cf-git-cloner:10.2.0@sha256:a3ec854823f17d0fd817d978219122e644b1abd6db778fd835688fcb6d88c515
KUBE_DEPLOY: quay.io/codefresh/cf-deploy-kubernetes:16.1.11@sha256:b6b3fc6cc5fad3ba9e36055278ce99a74a86876be116574503c6fbb4c1b4aa76
PIPELINE_DEBUGGER_IMAGE: quay.io/codefresh/cf-debugger:1.3.6@sha256:4892d72afc0e27718134eff2cb3c1276f731f3d2a41fd76cd73b500310326e47
TEMPLATE_ENGINE: quay.io/codefresh/pikolo:0.14.1@sha256:fb7173cfed7536f7de68e75996106e2ce3a0a204e6c5609cba0d7eb62c9db9e1
CR_6177_FIXER: alpine:edge@sha256:8431297eedca8df8f1e6144803c6d7e057ecff2408aa6861213cb9e507acadf8
GC_BUILDER_IMAGE: quay.io/codefresh/cf-gc-builder:0.5.3@sha256:33ac914e6b844909f188a208cf90e569358cafa5aaa60f49848f49d99bcaf875
COSIGN_IMAGE_SIGNER_IMAGE: quay.io/codefresh/cf-cosign-image-signer:2.4.0-cf.2@sha256:5e0993207aa809c25ed70cf89af444d9720892fb4a29deb82db45618b0cae4a9
# -- Set additional env vars.
env:
# -- Interval to check the exec status in the container-logger
CONTAINER_LOGGER_EXEC_CHECK_INTERVAL_MS: 1000
# -- Timeout while doing requests to the Docker daemon
DOCKER_REQUEST_TIMEOUT_MS: 30000
# -- If "true", composition images will be pulled sequentially
FORCE_COMPOSE_SERIAL_PULL: false
# -- Level of logging for engine
LOGGER_LEVEL: debug
# -- Enable debug-level logging of outgoing HTTP/HTTPS requests
LOG_OUTGOING_HTTP_REQUESTS: false
# -- Enable emitting metrics from engine
METRICS_PROMETHEUS_ENABLED: true
# -- Enable legacy metrics
METRICS_PROMETHEUS_ENABLE_LEGACY_METRICS: false
# -- Enable collecting process metrics
METRICS_PROMETHEUS_COLLECT_PROCESS_METRICS: false
# -- Host for Prometheus metrics server
METRICS_PROMETHEUS_HOST: '0.0.0.0'
# -- Port for Prometheus metrics server
METRICS_PROMETHEUS_PORT: 9100
# -- Trusted QEMU images used for docker builds - when left blank only 'tonistiigi/binfmt' is trusted.
TRUSTED_QEMU_IMAGES: ''
# -- Set workflow limits.
workflowLimits:
# -- Maximum time allowed to the engine to wait for the pre-steps (aka "Initializing Process") to succeed; seconds.
MAXIMUM_ALLOWED_TIME_BEFORE_PRE_STEPS_SUCCESS: 600
# -- Maximum time for workflow execution; seconds.
MAXIMUM_ALLOWED_WORKFLOW_AGE_BEFORE_TERMINATION: 86400
# -- Maximum time allowed to workflow to spend in "elected" state; seconds.
MAXIMUM_ELECTED_STATE_AGE_ALLOWED: 900
# -- Maximum retry attempts allowed for workflow.
MAXIMUM_RETRY_ATTEMPTS_ALLOWED: 20
# -- Maximum time allowed to workflow to spend in "terminating" state until force terminated; seconds.
MAXIMUM_TERMINATING_STATE_AGE_ALLOWED: 900
# -- Maximum time allowed to workflow to spend in "terminating" state without logs activity until force terminated; seconds.
MAXIMUM_TERMINATING_STATE_AGE_ALLOWED_WITHOUT_UPDATE: 300
# -- Time since the last health check report after which workflow is terminated; seconds.
TIME_ENGINE_INACTIVE_UNTIL_TERMINATION: 300
# -- Time since the last health check report after which the engine is considered unhealthy; seconds.
TIME_ENGINE_INACTIVE_UNTIL_UNHEALTHY: 60
# -- Time since the last workflow logs activity after which workflow is terminated; seconds.
TIME_INACTIVE_UNTIL_TERMINATION: 2700
# -- Set pod annotations.
podAnnotations: {}
# -- Set pod labels.
podLabels: {}
# -- Set node selector.
nodeSelector: {}
# -- Set affinity
affinity: {}
# -- Set tolerations.
tolerations: []
# -- Set scheduler name.
schedulerName: ""
# -- Set service account for pod.
serviceAccount: codefresh-engine
# -- Set extra env vars
userEnvVars: []
# E.g.
# userEnvVars:
# - name: GITHUB_TOKEN
# valueFrom:
# secretKeyRef:
# name: github-token
# key: token
# -- Parameters for `runtime-patch` post-upgrade/install hook
# @default -- See below
patch:
enabled: true
image:
registry: quay.io
repository: codefresh/cli
tag: 0.85.0-rootless
digest: sha256:27281df44814d837fbcc41ba53ee8010ce5496eb758c29f775958d713c79c41a
rbac:
enabled: true
annotations: {}
affinity: {}
nodeSelector: {}
podSecurityContext: {}
resources: {}
tolerations: []
ttlSecondsAfterFinished: 180
env:
HOME: /tmp
# -- Parameters for `gencerts-dind` post-upgrade/install hook
# @default -- See below
gencerts:
enabled: true
image:
registry: quay.io
repository: codefresh/kubectl
tag: 1.31.2
digest: sha256:a30a8810dde249d0198f67792ed9696363f15c8cecbac955ee9bd267b5454ee7
rbac:
enabled: true
annotations: {}
affinity: {}
nodeSelector: {}
podSecurityContext: {}
resources: {}
tolerations: []
ttlSecondsAfterFinished: 180
# -- DinD pod daemon config
# @default -- See below
dindDaemon:
hosts:
- unix:///var/run/docker.sock
- tcp://0.0.0.0:1300
tlsverify: true
tls: true
tlscacert: /etc/ssl/cf-client/ca.pem
tlscert: /etc/ssl/cf/server-cert.pem
tlskey: /etc/ssl/cf/server-key.pem
insecure-registries:
- 192.168.99.100:5000
metrics-addr: 0.0.0.0:9323
experimental: true
# App-Proxy parameters
# Ref: https://codefresh.io/docs/docs/installation/codefresh-runner/#app-proxy-installation
# @default -- See below
appProxy:
# -- Enable app-proxy
enabled: false
# -- Set number of pods
replicasCount: 1
# -- Upgrade strategy
updateStrategy:
type: RollingUpdate
# -- Set pod annotations
podAnnotations: {}
# -- Set image
image:
registry: quay.io
repository: codefresh/cf-app-proxy
tag: 0.0.47
digest: sha256:324a9b89924152cce195c7239ddd8501c8aa5f901d19bc4d9f3936cbe5dac14f
# -- Add additional env vars
env: {}
# Set app-proxy ingress parameters
# @default -- See below
ingress:
# -- Set path prefix for ingress (keep empty for default `/` path)
pathPrefix: ""
# -- Set ingress class
class: ""
# -- Set DNS hostname the ingress will use
host: ""
# -- Set k8s tls secret for the ingress object
tlsSecret: ""
# -- Set extra annotations for ingress object
annotations: {}
# E.g.
# ingress:
# pathPrefix: "/cf-app-proxy"
# class: "nginx"
# host: "mydomain.com"
# tlsSecret: "tls-cert-app-proxy"
# annotations:
# nginx.ingress.kubernetes.io/whitelist-source-range: 123.123.123.123/130
# -- Service Account parameters
serviceAccount:
# -- Create service account
create: true
# -- Override service account name
name: ""
# -- Use Role(true)/ClusterRole(true)
namespaced: true
# -- Additional service account annotations
annotations: {}
# -- RBAC parameters
rbac:
# -- Create RBAC resources
create: true
# -- Use Role(true)/ClusterRole(true)
namespaced: true
# -- Add custom rule to the role
rules: []
# -- Set security context for the pod
podSecurityContext: {}
# -- Readiness probe configuration
# @default -- See below
readinessProbe:
failureThreshold: 5
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
# -- Set requests and limits
resources: {}
# -- Set node selector
nodeSelector: {}
# -- Set tolerations
tolerations: []
# -- Set affinity
affinity: {}
# Monitor parameters
# @default -- See below
monitor:
# -- Enable monitor
# Ref: https://codefresh.io/docs/docs/installation/codefresh-runner/#install-monitoring-component
enabled: false
# -- Set number of pods
replicasCount: 1
# -- Upgrade strategy
updateStrategy:
type: RollingUpdate
# -- Set pod annotations
podAnnotations: {}
# -- Set image
image:
registry: quay.io
repository: codefresh/cf-k8s-agent
tag: 1.3.19
digest: sha256:5be2b798d583abdae68271f57724dd7f2b0251a238845c466fa7b67f078f59ad
# -- Add additional env vars
env: {}
# -- Service Account parameters
serviceAccount:
# -- Create service account
create: true
# -- Override service account name
name: ""
# -- Additional service account annotations
annotations: {}
# -- RBAC parameters
rbac:
# -- Create RBAC resources
create: true
# -- Use Role(true)/ClusterRole(true)
namespaced: true
# -- Add custom rule to the role
rules: []
# -- Readiness probe configuration
# @default -- See below
readinessProbe:
failureThreshold: 5
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
podSecurityContext: {}
# -- Set node selector
nodeSelector: {}
# -- Set resources
resources: {}
# -- Set tolerations
tolerations: []
# -- Set affinity
affinity: {}
# -- Add serviceMonitor
# @default -- See below
serviceMonitor:
main:
# -- Enable service monitor for dind pods
enabled: false
nameOverride: dind
selector:
matchLabels:
app: dind
endpoints:
- path: /metrics
targetPort: 9100
relabelings:
- action: labelmap
regex: __meta_kubernetes_pod_label_(.+)
# -- Add podMonitor (for engine pods)
# @default -- See below
podMonitor:
main:
# -- Enable pod monitor for engine pods
enabled: false
nameOverride: engine
selector:
matchLabels:
app: runtime
podMetricsEndpoints:
- path: /metrics
targetPort: 9100
runner:
# -- Enable pod monitor for runner pod
enabled: false
nameOverride: runner
selector:
matchLabels:
codefresh.io/application: runner
podMetricsEndpoints:
- path: /metrics
targetPort: 8080
volume-provisioner:
# -- Enable pod monitor for volumeProvisioner pod
enabled: false
nameOverride: volume-provisioner
selector:
matchLabels:
codefresh.io/application: volume-provisioner
podMetricsEndpoints:
- path: /metrics
targetPort: 8080
# -- Event exporter parameters
# @default -- See below
event-exporter:
# -- Enable event-exporter
enabled: false
# -- Set number of pods
replicasCount: 1
# -- Upgrade strategy
updateStrategy:
type: Recreate
# -- Set pod annotations
podAnnotations: {}
# -- Set image
image:
registry: docker.io
repository: codefresh/k8s-event-exporter
tag: latest
digest: sha256:cf52048f1378fb6659dffd1394d68fdf23a7ea709585dc14b5007f3e5a1b7584
# -- Add additional env vars
env: {}
# -- Service Account parameters
serviceAccount:
# -- Create service account
create: true
# -- Override service account name
name: ""
# -- Additional service account annotations
annotations: {}
# -- RBAC parameters
rbac:
# -- Create RBAC resources
create: true
# -- Add custom rule to the role
rules: []
# -- Set security context for the pod
# @default -- See below
podSecurityContext:
enabled: false
# -- Set node selector
nodeSelector: {}
# -- Set resources
resources: {}
# -- Set tolerations
tolerations: []
# -- Set affinity
affinity: {}
# -- Array of extra objects to deploy with the release
extraResources: []
# E.g.
# extraResources:
# - apiVersion: rbac.authorization.k8s.io/v1
# kind: ClusterRole
# metadata:
# name: codefresh-role
# rules:
# - apiGroups: [ "*"]
# resources: ["*"]
# verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
# - apiVersion: v1
# kind: ServiceAccount
# metadata:
# name: codefresh-user
# namespace: "{{ .Release.Namespace }}"
# - apiVersion: rbac.authorization.k8s.io/v1
# kind: ClusterRoleBinding
# metadata:
# name: codefresh-user
# roleRef:
# apiGroup: rbac.authorization.k8s.io
# kind: ClusterRole
# name: codefresh-role
# subjects:
# - kind: ServiceAccount
# name: codefresh-user
# namespace: "{{ .Release.Namespace }}"
# - apiVersion: v1
# kind: Secret
# type: kubernetes.io/service-account-token
# metadata:
# name: codefresh-user-token
# namespace: "{{ .Release.Namespace }}"
# annotations:
# kubernetes.io/service-account.name: "codefresh-user"
Reference in New Issue View Git Blame Copy Permalink