This repository has been archived by the owner on Feb 22, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 16.8k
/
values.yaml
403 lines (368 loc) · 17 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
# Default values for gocd.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
rbac:
# Specifies whether rbac resources must be created.
create: true
# The API version to use while creating the rbac resources. Use `kubectl api-versions | grep rbac` to find which abi versions are supported for your cluster.
apiVersion: v1
# Create a cluster role binding with the existing role, do not create a new one. If left blank, a new cluster role is created.
roleRef:
serviceAccount:
# Specifies whether a service account should be created
create: true
# The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
# If create is false and a name is not specified, the default service account is used for the cluster role binding.
name:
server:
# server.enabled is the toggle to run GoCD Server. Change to false for Agent Only Deployment.
enabled: true
# server.annotations is the annotations for the GoCD Server Deployment and Pod spec.
annotations:
deployment:
# iam.amazonaws.com/role: arn:aws:iam::xxx:role/my-custom-role
pod:
# iam.amazonaws.com/role: arn:aws:iam::xxx:role/my-custom-role
# Specify security settings for GoCD Server Pod
securityContext:
# Specify the container user for the GoCD server pod
runAsUser: 1000
# Specify the container group for the GoCD server pod
runAsGroup: 0
# Specify the container supplementary group for the GoCD server pod
fsGroup: 0
# server.shouldPreconfigure is used to invoke a script to pre configure the elastic agent profile and the plugin settings in the GoCD server.
# Note: If this value is set to true, then, the serviceAccount.name is configured for the GoCD server pod. The service account token is mounted as a secret and is used in the lifecycle hook.
# Note: An attempt to preconfigure the GoCD server is made. There are cases where the pre-configuration can fail and the GoCD server starts with an empty config.
shouldPreconfigure: true
preconfigureCommand:
- "/bin/bash"
- "/preconfigure_server.sh"
# server.preStop - array of commands to use in the server pre-stop lifecycle hook
# preStop:
# - "/bin/bash"
# - "/backup_and_stop.sh"
# server.terminationGracePeriodSeconds is the optional duration in seconds the gocd server pod needs to terminate gracefully.
# Note: SIGTERM is issued immediately after the pod deletion request is sent. If the pod doesn't terminate, k8s waits for terminationGracePeriodSeconds before issuing SIGKILL.
# server.terminationGracePeriodSeconds: 60
image:
# server.image.repository is the GoCD Server image name
repository: "gocd/gocd-server"
# server.image.tag is the GoCD Server image's tag
tag:
# server.image.pullPolicy is the GoCD Server image's pull policy
pullPolicy: "IfNotPresent"
## Configure GoCD server resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
# requests:
# memory: 512Mi
# cpu: 300m
# limits:
# cpu: 100m
# memory: 1024Mi
# Sidecar containers that runs alongside GoCD server.
# https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/
sidecarContainers: []
# - name: sidecar-container
# image: sidecar-image:latest
# volumeMounts:
# - name: goserver-vol
# mountPath: /godata
# specify init containers, e.g. to prepopulate home directories etc
initContainers: []
# - name: download-kubectl
# image: "ellerbrock/alpine-bash-curl-ssl:latest"
# imagePullPolicy: "IfNotPresent"
# volumeMounts:
# - name: kubectl
# mountPath: /download
# workingDir: /download
# command: ["/bin/bash"]
# args:
# - "-c"
# - 'curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && chmod +x ./kubectl'
# specify restart policy for server
restartPolicy: Always
## Additional GoCD server pod labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
nodeSelector: {}
## Affinity for assigning pods to specific nodes
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
affinity: {}
## Tolerations for allowing pods to be scheduled on nodes with matching taints
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: {}
healthCheck:
# server.healthCheck.initialDelaySeconds is the initial delays in seconds to start the health checks
initialDelaySeconds: 90
# server.healthCheck.periodSeconds is the health check interval duration
periodSeconds: 15
# server.healthCheck.failureThreshold is the number of unsuccessful attempts made to the GoCD server health check endpoint before the container is restarted (for liveness) or marked as unready (for readiness)
failureThreshold: 10
env:
# server.env.goServerJvmOpts is a list of JVM options, which needs to be provided to the GoCD Server, typically prefixed with -D unless otherwise stated.
# Example: "-Xmx4096mb -Dfoo=bar"
goServerJvmOpts:
# server.env.extraEnvVars is the list of environment variables passed to GoCD Server
extraEnvVars:
- name: GOCD_PLUGIN_INSTALL_kubernetes-elastic-agents
value: https://github.com/gocd/kubernetes-elastic-agents/releases/download/v3.4.0-196/kubernetes-elastic-agent-3.4.0-196.jar
- name: GOCD_PLUGIN_INSTALL_docker-registry-artifact-plugin
value: https://github.com/gocd/docker-registry-artifact-plugin/releases/download/v1.1.0-104/docker-registry-artifact-plugin-1.1.0-104.jar
service:
# server.service.type is the GoCD Server service type
type: "NodePort"
# server.service.httpPort is the GoCD Server HTTP port
httpPort: 8153
# Provide the nodeHttpPort and nodeHttpsPort if you want the service to be exposed on specific ports. Without this, random node ports will be assigned.
# server.service.nodeHttpPort is the GoCD Server Service Node HTTP port
nodeHttpPort:
# server.service.nodeHttpPort is the GoCD Server Service Node HTTPS port
nodeHttpsPort:
annotations:
## When using LoadBalancer service type, use the following AWS certificate from ACM
## https://aws.amazon.com/documentation/acm/
# service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:eu-west-1:123456789:certificate/abc123-abc123-abc123-abc123"
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "https"
# service.beta.kubernetes.io/aws-load-balancer-backend-port: "https"
## When using LoadBalancer service type, whitelist these source IP ranges
## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/
# loadBalancerSourceRanges:
# - 192.168.1.10/32
ingress:
# server.ingress.enabled is the toggle to enable/disable GoCD Server Ingress
enabled: true
# server.ingress.hosts is used to create an Ingress record.
# hosts:
# - ci.example.com
annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
tls:
# - secretName: ci-example-tls
# hosts:
# - ci.example.com
persistence:
# server.persistence.enabled is the toggle for server volume persistence.
enabled: true
accessMode: "ReadWriteOnce"
# The storage space that should be claimed from the persistent volume
size: 2Gi
# If defined, storageClassName: <storageClass>
# If set to "-", storageClassName: "", which disables dynamic provisioning
# If undefined (the default) or set to null, no storageClassName spec is
# set, choosing 'standard' storage class available with the default provisioner (gcd-pd on GKE, hostpath on minikube, etc).
# storageClass: "-"
# A manually managed Persistent Volume and Claim
# If defined, PVC must be created manually before volume will be bound
existingClaim:
# To choose a suitable persistent volume from available static persistent volumes, selectors are used.
pvSelector:
# matchLabels:
# volume-type: ssd
name:
# server.persistence.name.dockerEntryPoint name of the volume mounted at /docker-entrypoint.d/ on the server
dockerEntryPoint: goserver-vol
# "" for the volume root
subpath:
# godata is where the config, db, plugins are stored
godata: godata
# homego can be used for storing and mounting secrets
homego: homego
# custom entrypoint scripts that should be run before starting the GoCD server inside the container.
dockerEntryPoint: scripts
# server.persistence.extraVolumes additional server volumes
extraVolumes: []
# - name: gocd-server-init-scripts
# configMap:
# name: gocd-server-init-scripts
# defaultMode: 0755
# - name: github-key
# secret:
# secretName: github-key
# defaultMode: 0744
# server.persistence.extraVolumeMounts additional server volumeMounts
extraVolumeMounts: []
# - name: github-key
# mountPath: /etc/config/keys/
# readOnly: true
# - name: gocd-server-init-scripts
# mountPath: /docker-entrypoint.d/
# server.hostAliases allows the modification of the hosts file inside a container
hostAliases:
# - ip: "192.168.1.10"
# hostnames:
# - "example.com"
# - "www.example.com"
security:
ssh:
# server.security.ssh.enabled is the toggle to enable/disable mounting of ssh secret on GoCD server pods
enabled: false
# server.security.ssh.secretName specifies the name of the k8s secret object that contains the ssh key and known hosts
secretName: gocd-server-ssh
agent:
# specifies overrides for agent specific service account creation
serviceAccount:
# specifies whether the top level service account (also used by the server) should be reused as the service account for gocd agents
reuseTopLevelServiceAccount: false
# if reuseTopLevelServiceAccount is false, this field specifies the name of an existing service account to be associated with gocd agents
# If field is empty, the service account "default" will be used.
name:
# agent.annotations is the annotations for the GoCD Agent Deployment and Pod Spec
annotations:
deployment:
# iam.amazonaws.com/role: arn:aws:iam::xxx:role/my-custom-role
pod:
# iam.amazonaws.com/role: arn:aws:iam::xxx:role/my-custom-role
# Specify security settings for GoCD Agent Pod
securityContext:
# Specify the container user for all the GoCD agent pods
runAsUser: 1000
# Specify the container group for all the GoCD agent pods
runAsGroup: 0
# Specify the container supplementary group for all the GoCD agent pods
fsGroup: 0
# agent.replicaCount is the GoCD Agent replicas Count. Specify the number of GoCD agents to run
replicaCount: 0
# agent.preStop - array of command and arguments to run in the agent pre-stop lifecycle hook
# preStop:
# - "/bin/bash"
# - "/disable_and_stop.sh"
# agent.postStart - array of command and arguments to run in agent post-start lifecycle hook
# postStart:
# - "/bin/bash"
# - "/agent_startup.sh"
# agent.deployStrategy is the strategy explained in detail at https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
# agent.terminationGracePeriodSeconds is the optional duration in seconds the gocd agent pods need to terminate gracefully.
# Note: SIGTERM is issued immediately after the pod deletion request is sent. If the pod doesn't terminate, k8s waits for terminationGracePeriodSeconds before issuing SIGKILL.
# agent.terminationGracePeriodSeconds: 60
deployStrategy: {}
image:
# agent.image.repository is the GoCD Agent image name
repository: "gocd/gocd-agent-alpine-3.9"
# agent.image.tag is the GoCD Agent image's tag
tag:
# agent.image.pullPolicy is the GoCD Agent image's pull policy
pullPolicy: "IfNotPresent"
env:
# agent.env.goServerUrl is the GoCD Server Url
goServerUrl:
# agent.env.agentAutoRegisterKey is the GoCD Agent auto-register key
agentAutoRegisterKey:
# agent.env.agentAutoRegisterResources is the GoCD Agent auto-register resources
agentAutoRegisterResources:
# agent.env.agentAutoRegisterEnvironments is the GoCD Agent auto-register Environments
# deprecated because of a typo. Use agent.env.agentAutoRegisterEnvironments instead
agentAutoRegisterEnvironemnts:
# agent.env.agentAutoRegisterEnvironments is the GoCD Agent auto-register Environments
agentAutoRegisterEnvironments:
# agent.env.agentAutoRegisterHostname is the GoCD Agent auto-register hostname
agentAutoRegisterHostname:
# agent.env.goAgentJvmOpts is the GoCD Agent JVM options
goAgentJvmOpts:
# agent.env.goAgentBootstrapperArgs is the GoCD Agent bootstrapper args
goAgentBootstrapperArgs:
# agent.env.goAgentBootstrapperJvmArgs is the GoCD Agent bootstrapper JVM args
goAgentBootstrapperJvmArgs:
# agent.env.extraEnvVars is the list of environment variables passed to GoCD Agent
extraEnvVars:
persistence:
# agent.persistence.enabled is the toggle for agent volume persistence. Change to true if a persistent volume is available and configured manually.
enabled: false
accessMode: "ReadWriteOnce"
size: 1Gi
# If defined, storageClassName: <storageClass>
# If set to "-", storageClassName: "", which disables dynamic provisioning
# If undefined (the default) or set to null, no storageClassName spec is
# set, choosing 'standard' storage class available with the default provisioner (gcd-pd on GKE, hostpath on minikube, etc).
# storageClass: "-"
# A manually managed Persistent Volume and Claim
# If defined, PVC must be created manually before volume will be bound
existingClaim:
pvSelector:
# matchLabels:
# app: godata-gocd-agent
name:
# agent.persistence.name.dockerEntryPoint name of the volume mounted at /docker-entrypoint.d/ on the agent
dockerEntryPoint: goagent-vol
# "" for the volume root
subpath:
homego: homego
dockerEntryPoint: scripts
# agent.persistence.extraVolumes additional agent volumes
extraVolumes: []
# - name: gocd-agent-init-scripts
# configMap:
# name: gocd-agent-init-scripts
# defaultMode: 0755
# - name: github-key
# secret:
# secretName: github-key
# defaultMode: 0744
# agent.persistence.extraVolumeMounts additional agent volumeMounts
extraVolumeMounts: []
# - name: github-key
# mountPath: /etc/config/keys/
# readOnly: true
# - name: gocd-agent-init-scripts
# mountPath: /docker-entrypoint.d/
# specify init containers, e.g. to prepopulate home directories etc
initContainers: []
# - name: download-kubectl
# image: "ellerbrock/alpine-bash-curl-ssl:latest"
# imagePullPolicy: "IfNotPresent"
# volumeMounts:
# - name: kubectl
# mountPath: /download
# workingDir: /download
# command: ["/bin/bash"]
# args:
# - "-c"
# - 'curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && chmod +x ./kubectl'
# specify restart policy for agents
restartPolicy: Always
# agent.privileged is needed for running Docker-in-Docker (DinD) agents
privileged: false
healthCheck:
# agent.healthCheck.enable is the toggle for GoCD agent health checks
enabled: false
# agent.healthCheck.initialDelaySeconds is the initial delays in seconds to start the health checks
initialDelaySeconds: 60
# agent.healthCheck.periodSeconds is the health check interval duration
periodSeconds: 60
# agent.healthCheck.failureThreshold is the health check failure threshold of GoCD agent
failureThreshold: 60
security:
ssh:
# agent.security.ssh.enabled is the toggle to enable/disable mounting of ssh secret on GoCD agent pods
enabled: false
# agent.security.ssh.secretName specifies the name of the k8s secret object that contains the ssh key and known hosts
secretName: gocd-agent-ssh
## Configure GoCD agent resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
# requests:
# memory: 512Mi
# cpu: 300m
# limits:
# cpu: 100m
# memory: 1024Mi
# agent.hostAliases allows the modification of the hosts file inside a container
hostAliases:
# - ip: "192.168.1.10"
# hostnames:
# - "example.com"
# - "www.example.com"
## Additional GoCD agent pod labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
nodeSelector: {}
## Affinity for assigning pods to specific nodes
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
affinity: {}
## Tolerations for allowing pods to be scheduled on nodes with matching taints
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: {}