affinity |
map |
{} |
Affinity rules to apply to the pod |
autoscaling |
map |
{"enabled":false,"maxReplicas":100,"minReplicas":1,"targetCPUUtilizationPercentage":80} |
Configuration for autoscaling the number of replicas |
autoscaling.enabled |
bool |
false |
Whether autoscaling is enabled |
autoscaling.maxReplicas |
int |
100 |
The maximum number of replicas to scale up to |
autoscaling.minReplicas |
int |
1 |
The minimum number of replicas to scale down to |
autoscaling.targetCPUUtilizationPercentage |
int |
80 |
The target CPU utilization percentage for autoscaling |
commonLabels |
map |
nil |
Will completely override the commonLabels defined in the common chart's _label_setup.tpl |
criticalService |
string |
"true" |
Valid options are "true" or "false". If invalid option is set- the value will default to "false". |
datadogLogsInjection |
bool |
true |
If enabled, the Datadog Agent will automatically inject Datadog-specific metadata into your application logs. |
datadogProfilingEnabled |
bool |
true |
If enabled, the Datadog Agent will collect profiling data for your application using the Continuous Profiler. This data can be used to identify performance bottlenecks and optimize your application. |
datadogTraceSampleRate |
int |
1 |
A value between 0 and 1, that represents the percentage of requests that will be traced. For example, a value of 0.5 means that 50% of requests will be traced. |
env |
list |
[{"name":"JWKS_ENDPOINT","value":"http://fence-service/.well-known/jwks"}] |
Environment variables to pass to the container |
env[0] |
string |
{"name":"JWKS_ENDPOINT","value":"http://fence-service/.well-known/jwks"} |
The URL of the JSON Web Key Set (JWKS) endpoint for authentication |
externalSecrets |
map |
{"dbcreds":null} |
External Secrets settings. |
externalSecrets.dbcreds |
string |
nil |
Will override the name of the aws secrets manager secret. Default is "Values.global.environment-.Chart.Name-creds" |
fullnameOverride |
string |
"" |
Override the full name of the deployment. |
global.aws |
map |
{"awsAccessKeyId":null,"awsSecretAccessKey":null,"enabled":false} |
AWS configuration |
global.aws.awsAccessKeyId |
string |
nil |
Credentials for AWS stuff. |
global.aws.awsSecretAccessKey |
string |
nil |
Credentials for AWS stuff. |
global.aws.enabled |
bool |
false |
Set to true if deploying to AWS. Controls ingress annotations. |
global.ddEnabled |
bool |
false |
Whether Datadog is enabled. |
global.dev |
bool |
true |
Whether the deployment is for development purposes. |
global.dictionaryUrl |
string |
"https://s3.amazonaws.com/dictionary-artifacts/datadictionary/develop/schema.json" |
URL of the data dictionary. |
global.dispatcherJobNum |
int |
"10" |
Number of dispatcher jobs. |
global.environment |
string |
"default" |
Environment name. This should be the same as vpcname if you're doing an AWS deployment. Currently this is being used to share ALB's if you have multiple namespaces. Might be used other places too. |
global.externalSecrets |
map |
{"deploy":false,"separateSecretStore":false} |
External Secrets settings. |
global.externalSecrets.deploy |
bool |
false |
Will use ExternalSecret resources to pull secrets from Secrets Manager instead of creating them locally. Be cautious as this will override any arborist secrets you have deployed. |
global.externalSecrets.separateSecretStore |
string |
false |
Will deploy a separate External Secret Store for this service. |
global.hostname |
string |
"localhost" |
Hostname for the deployment. |
global.kubeBucket |
string |
"kube-gen3" |
S3 bucket name for Kubernetes manifest files. |
global.logsBucket |
string |
"logs-gen3" |
S3 bucket name for log files. |
global.minAvialable |
int |
1 |
The minimum amount of pods that are available at all times if the PDB is deployed. |
global.netPolicy |
bool |
true |
Whether network policies are enabled. |
global.pdb |
bool |
false |
If the service will be deployed with a Pod Disruption Budget. Note- you need to have more than 2 replicas for the pdb to be deployed. |
global.portalApp |
string |
"gitops" |
Portal application name. |
global.postgres.dbCreate |
bool |
true |
Whether the database should be created. |
global.postgres.externalSecret |
string |
"" |
Name of external secret. Disabled if empty |
global.postgres.master |
map |
{"host":null,"password":null,"port":"5432","username":"postgres"} |
Master credentials to postgres. This is going to be the default postgres server being used for each service, unless each service specifies their own postgres |
global.postgres.master.host |
string |
nil |
hostname of postgres server |
global.postgres.master.password |
string |
nil |
password for superuser in postgres. This is used to create or restore databases |
global.postgres.master.port |
string |
"5432" |
Port for Postgres. |
global.postgres.master.username |
string |
"postgres" |
username of superuser in postgres. This is used to create or restore databases |
global.publicDataSets |
bool |
true |
Whether public datasets are enabled. |
global.revproxyArn |
string |
"arn:aws:acm:us-east-1:123456:certificate" |
ARN of the reverse proxy certificate. |
global.tierAccessLevel |
string |
"libre" |
Access level for tiers. acceptable values for tier_access_level are: libre , regular and private . If omitted, by default common will be treated as private |
image |
map |
{"pullPolicy":"IfNotPresent","repository":"quay.io/cdis/arborist","tag":""} |
Docker image information. |
image.pullPolicy |
string |
"IfNotPresent" |
Docker pull policy. |
image.repository |
string |
"quay.io/cdis/arborist" |
Docker repository. |
image.tag |
string |
"" |
Overrides the image tag whose default is the chart appVersion. |
imagePullSecrets |
list |
[] |
Docker image pull secrets. |
nameOverride |
string |
"" |
Override the name of the chart. |
nodeSelector |
map |
{} |
Node selector to apply to the pod |
partOf |
string |
"Authentication" |
Label to help organize pods and their use. Any value is valid, but use "_" or "-" to divide words. |
podAnnotations |
map |
{} |
Annotations to add to the pod |
podSecurityContext |
map |
nil |
Security context to apply to the pod |
postgres |
map |
{"database":null,"dbCreate":null,"host":null,"password":null,"port":"5432","separate":false,"username":null} |
Postgres database configuration. If db does not exist in postgres cluster and dbCreate is set ot true then these databases will be created for you |
postgres.database |
string |
nil |
Database name for postgres. This is a service override, defaults to - |
postgres.dbCreate |
bool |
nil |
Whether the database should be created. Default to global.postgres.dbCreate |
postgres.host |
string |
nil |
Hostname for postgres server. This is a service override, defaults to global.postgres.host |
postgres.password |
string |
nil |
Password for Postgres. Will be autogenerated if left empty. |
postgres.port |
string |
"5432" |
Port for Postgres. |
postgres.separate |
string |
false |
Will create a Database for the individual service to help with developing it. |
postgres.username |
string |
nil |
Username for postgres. This is a service override, defaults to - |
postgresql |
map |
{"primary":{"persistence":{"enabled":false}}} |
Postgresql subchart settings if deployed separately option is set to "true". Disable persistence by default so we can spin up and down ephemeral environments |
postgresql.primary.persistence.enabled |
bool |
false |
Option to persist the dbs data. |
release |
string |
"production" |
Valid options are "production" or "dev". If invalid option is set- the value will default to "dev". |
replicaCount |
int |
1 |
Number of replicas for the deployment. |
resources |
map |
{"limits":{"cpu":1,"memory":"512Mi"},"requests":{"cpu":0.1,"memory":"12Mi"}} |
Resource requests and limits for the containers in the pod |
resources.limits |
map |
{"cpu":1,"memory":"512Mi"} |
The maximum amount of resources that the container is allowed to use |
resources.limits.cpu |
string |
1 |
The maximum amount of CPU the container can use |
resources.limits.memory |
string |
"512Mi" |
The maximum amount of memory the container can use |
resources.requests |
map |
{"cpu":0.1,"memory":"12Mi"} |
The amount of resources that the container requests |
resources.requests.cpu |
string |
0.1 |
The amount of CPU requested |
resources.requests.memory |
string |
"12Mi" |
The amount of memory requested |
secrets |
map |
{"awsAccessKeyId":null,"awsSecretAccessKey":null} |
Secret information for External Secrets. |
secrets.awsAccessKeyId |
str |
nil |
AWS access key ID. Overrides global key. |
secrets.awsSecretAccessKey |
str |
nil |
AWS secret access key ID. Overrides global key. |
securityContext |
map |
{} |
Security context to apply to the container |
selectorLabels |
map |
nil |
Will completely override the selectorLabels defined in the common chart's _label_setup.tpl |
service |
map |
{"port":80,"type":"ClusterIP"} |
Kubernetes service information. |
service.port |
int |
80 |
The port number that the service exposes. |
service.type |
string |
"ClusterIP" |
Type of service. Valid values are "ClusterIP", "NodePort", "LoadBalancer", "ExternalName". |
serviceAccount |
map |
{"annotations":{},"create":true,"name":""} |
Service account to use or create. |
serviceAccount.annotations |
map |
{} |
Annotations to add to the service account. |
serviceAccount.create |
bool |
true |
Specifies whether a service account should be created. |
serviceAccount.name |
string |
"" |
The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
tolerations |
list |
[] |
Tolerations to apply to the pod |
volumeMounts |
list |
[] |
Volume mounts to attach to the container |
volumes |
list |
[] |
Volumes to attach to the pod |