-
Notifications
You must be signed in to change notification settings - Fork 43
/
values.yaml
385 lines (313 loc) · 9.91 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# replica count
replicaCount: 1
imageTag: v1.0.0-beta11
# image pull secrets
imagePullSecrets: []
#the common environments for all pods except grafana, grafana needs to be set in grafana section seperately
commonEnvs:
TZ: "UTC"
mysql:
# if use external mysql server, please set true
# by default using false, chart will create a single mysql instance
useExternal: false
# the external mysql server address
externalServer: 127.0.0.1
# external mysql port
externalPort: 3306
# the username for devlake database
username: merico
# the password for devlake database
password: merico
# the database for devlake
database: lake
# root password for mysql, only used when use_external=false
rootPassword: admin
# storage for mysql
storage:
# pvc or hostpath
type: pvc
# the storage class for pv, leave empty will using default
class: ""
size: 50Gi
hostPath: /devlake/mysql/data
# image for mysql
image:
repository: mysql
tag: 8
pullPolicy: IfNotPresent
# init containers for mysql if have
initContainers: []
# resources config for mysql if have
resources: {}
# nodeSelector config for mysql if have
nodeSelector: {}
# tolerations config for mysql if have
tolerations: []
# affinity config for mysql if have
affinity: {}
extraLabels: {}
securityContext: {}
containerSecurityContext: {}
podAnnotations: {}
service:
type: "ClusterIP"
nodePort: ""
# pgsql:
# # if use external pgsql server, please set true
# # by default using false, chart will create a single pgsql instance
# useExternal: false
# # the external pgsql server address
# externalServer: 127.0.0.1
# # external pgsql port
# externalPort: 5432
# # the username for devlake database
# username: merico
# # the password for devlake database
# password: merico
# # the database for devlake
# database: lake
# # storage for pgsql
# storage:
# # the storage class for pv, leave empty will using default
# class: ""
# size: 5Gi
# # image for pgsql
# image:
# repository: postgres
# tag: 14.5
# pullPolicy: IfNotPresent
# # resources config for pgsql if have
# resources: {}
# # nodeSelector config for pgsql if have
# nodeSelector: {}
# # tolerations config for pgsql if have
# tolerations: []
# # affinity config for pgsql if have
# affinity: {}
# extraLabels: {}
# securityContext: {}
# containerSecurityContext: {}
# annotations: {}
# dependency chart values
grafana:
enabled: true
#if grafana enabled is false, then external url should be provided
external:
url: ""
image:
repository: devlake.docker.scarf.sh/apache/devlake-dashboard
tag: v1.0.0-beta11
deploymentStrategy:
type: Recreate
adminPassword: ""
grafana.ini:
server:
serve_from_subpath: "true"
root_url: "%(protocol)s://%(domain)s/grafana"
#the secret name should be as same as .Values.option.connectionSecretName
envFromSecrets:
- name: "devlake-mysql-auth"
#keep grafana timezone same as other pods, which is set by .Values.commonEnvs.TZ
env:
TZ: "UTC"
persistence:
enabled: true
size: 4Gi
ingressServiceName: ""
ingressServicePort: ""
lake:
image:
repository: devlake.docker.scarf.sh/apache/devlake
pullPolicy: Always
# defaults to imageTag; if set, lake.image.tag will override imageTag
# tag:
# storage for config
port: 8080
envs:
API_TIMEOUT: "120s"
API_RETRY: "3"
API_REQUESTS_PER_HOUR: "10000"
PIPELINE_MAX_PARALLEL: "1"
IN_SECURE_SKIP_VERIFY: "false"
LOGGING_DIR: "/app/logs"
# debug, info, warn, error
LOGGING_LEVEL: "info"
##########################
# ENABLE_SUBTASKS_BY_DEFAULT: This environment variable is used to enable or disable the execution of subtasks.
# The format is as follows: plugin_name1:subtask_name1:enabled_value,plugin_name2:subtask_name2:enabled_value,plugin_name3:subtask_name3:enabled_value
##########################
# ENABLE_SUBTASKS_BY_DEFAULT default value as below:
# ENABLE_SUBTASKS_BY_DEFAULT: "jira:collectIssueChangelogs:true,jira:extractIssueChangelogs:true,jira:convertIssueChangelogs:true,tapd:collectBugChangelogs:true,tapd:extractBugChangelogs:true,tapd:convertBugChangelogs:true,zentao:collectBugRepoCommits:true,zentao:extractBugRepoCommits:true,zentao:convertBugRepoCommits:true,zentao:collectStoryRepoCommits:true,zentao:extractStoryRepoCommits:true,zentao:convertStoryRepoCommits:true,zentao:collectTaskRepoCommits:true,zentao:extractTaskRepoCommits:true,zentao:convertTaskRepoCommits:true"
#extra envs from an existing secret
extraEnvsFromSecret: ""
encryptionSecret:
# The name of secret which contains keys named ENCRYPTION_SECRET
secretName: ""
# if secretName is empty, secret should be set
# you can generate the encryption secret via cmd `openssl rand -base64 2000 | tr -dc 'A-Z' | fold -w 128 | head -n 1`
secret: ""
autoCreateSecret: true
# If hostNetwork is true, then dnsPolicy is set to ClusterFirstWithHostNet
hostNetwork: false
resources: {}
strategy:
type: Recreate
nodeSelector: {}
tolerations: []
affinity: {}
extraLabels: {}
securityContext: {}
containerSecurityContext: {}
podAnnotations: {}
livenessProbe:
httpGet:
path: /ping
port: 8080
scheme: HTTP
failureThreshold: 5
initialDelaySeconds: 30
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /ping
port: 8080
scheme: HTTP
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
deployment:
extraLabels: {}
ui:
image:
repository: devlake.docker.scarf.sh/apache/devlake-config-ui
pullPolicy: Always
# defaults to imageTag; if set, lake.image.tag will override imageTag
# tag:
resources: {}
strategy: {}
nodeSelector: {}
tolerations: []
affinity: {}
livenessProbe:
httpGet:
path: /health/
port: 4000
scheme: HTTP
failureThreshold: 5
initialDelaySeconds: 15
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /health/
port: 4000
scheme: HTTP
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
basicAuth:
enabled: false
user: admin
password: admin
autoCreateSecret: true
secretName: ""
extraLabels: {}
podAnnotations: {}
## SecurityContext holds pod-level security attributes and common container settings.
## This defaults to non root user with uid 101 and gid 1000. *v1.PodSecurityContext false
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
securityContext:
{}
# fsGroup: 101
# runAsGroup: 1000
# runAsNonRoot: true
# runAsUser: 101
## K8s containers' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
containerSecurityContext:
{}
# allowPrivilegeEscalation: false
# capabilities:
# drop:
# - all
deployment:
extraLabels: {}
# alpine image for some init containers
alpine:
image:
repository: alpine
tag: 3.16
pullPolicy: IfNotPresent
service:
# service type: NodePort/ClusterIP
type: NodePort
# node port for devlake-ui if NodePort is enabled
uiPort: 32001
ingress:
enabled: false
enableHttps: false
# Set to false if you want to use a different ingress controller
useDefaultNginx: false
# ingress class name, example: alb for AWS load balancer controller
className:
# domain name for hosting devlake, must be set if ingress is enabled
hostname: localhost
# annotations required for your ingress controller; see the examples below
# for nginx, use the first two lines of annotations
# for alb (w/ external-dns), use the last 5 (6) lines of annotations
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
#
# alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
# alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:xxx:certificate/xxx-xxx-xxx
# alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}, {"HTTP":80}]'
# alb.ingress.kubernetes.io/scheme: internet-facing
# alb.ingress.kubernetes.io/target-type: ip
# external-dns.alpha.kubernetes.io/hostname: www.example.com
# url prefix, not works right now, keep "/"
prefix: /
# if using https provides the certificates secret name
tlsSecretName: ""
# ingress http port
httpPort: 80
# ingress https port
httpsPort: 443
extraPaths: []
# extraPaths:
# - path: /*
# pathType: ImplementationSpecific
# backend:
# service:
# name: ssl-redirect
# port:
# name: use-annotation
option:
# database type, supported: [mysql]
database: mysql
# the existing k8s secret name of db connection auth. The secret name should be as same as .Values.grafana.envFromSecret
connectionSecretName: "devlake-mysql-auth"
autoCreateSecret: true