Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
405 lines (370 sloc) 17.1 KB
# Default values for gocd.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
rbac:
# Specifies whether rbac resources must be created.
create: true
# The API version to use while creating the rbac resources. Use `kubectl api-versions | grep rbac` to find which abi versions are supported for your cluster.
apiVersion: v1
# Create a cluster role binding with the existing role, do not create a new one. If left blank, a new cluster role is created.
roleRef:
serviceAccount:
# Specifies whether a service account should be created
create: true
# The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
# If create is false and a name is not specified, the default service account is used for the cluster role binding.
name:
server:
# server.enabled is the toggle to run GoCD Server. Change to false for Agent Only Deployment.
enabled: true
# server.annotations is the annotations for the GoCD Server Deployment and Pod spec.
annotations:
deployment:
# iam.amazonaws.com/role: arn:aws:iam::xxx:role/my-custom-role
pod:
# iam.amazonaws.com/role: arn:aws:iam::xxx:role/my-custom-role
# Specify security settings for GoCD Server Pod
securityContext:
# Specify the container user for the GoCD server pod
runAsUser: 1000
# Specify the container group for the GoCD server pod
runAsGroup: 0
# Specify the container supplementary group for the GoCD server pod
fsGroup: 0
# server.shouldPreconfigure is used to invoke a script to pre configure the elastic agent profile and the plugin settings in the GoCD server.
# Note: If this value is set to true, then, the serviceAccount.name is configured for the GoCD server pod. The service account token is mounted as a secret and is used in the lifecycle hook.
# Note: An attempt to preconfigure the GoCD server is made. There are cases where the pre-configuration can fail and the GoCD server starts with an empty config.
shouldPreconfigure: true
preconfigureCommand:
- "/bin/bash"
- "/preconfigure_server.sh"
# server.preStop - array of commands to use in the server pre-stop lifecycle hook
# preStop:
# - "/bin/bash"
# - "/backup_and_stop.sh"
# server.terminationGracePeriodSeconds is the optional duration in seconds the gocd server pod needs to terminate gracefully.
# Note: SIGTERM is issued immediately after the pod deletion request is sent. If the pod doesn't terminate, k8s waits for terminationGracePeriodSeconds before issuing SIGKILL.
# server.terminationGracePeriodSeconds: 60
image:
# server.image.repository is the GoCD Server image name
repository: "gocd/gocd-server"
# server.image.tag is the GoCD Server image's tag
tag:
# server.image.pullPolicy is the GoCD Server image's pull policy
pullPolicy: "IfNotPresent"
## Configure GoCD server resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
# requests:
# memory: 512Mi
# cpu: 300m
# limits:
# cpu: 100m
# memory: 1024Mi
# Sidecar containers that runs alongside GoCD server.
# https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/
sidecarContainers: []
# - name: sidecar-container
# image: sidecar-image:latest
# volumeMounts:
# - name: goserver-vol
# mountPath: /godata
# specify init containers, e.g. to prepopulate home directories etc
initContainers: []
# - name: download-kubectl
# image: "ellerbrock/alpine-bash-curl-ssl:latest"
# imagePullPolicy: "IfNotPresent"
# volumeMounts:
# - name: kubectl
# mountPath: /download
# workingDir: /download
# command: ["/bin/bash"]
# args:
# - "-c"
# - 'curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && chmod +x ./kubectl'
# specify restart policy for server
restartPolicy: Always
## Additional GoCD server pod labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
nodeSelector: {}
## Affinity for assigning pods to specific nodes
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
affinity: {}
## Tolerations for allowing pods to be scheduled on nodes with matching taints
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: {}
healthCheck:
# server.healthCheck.initialDelaySeconds is the initial delays in seconds to start the health checks
initialDelaySeconds: 90
# server.healthCheck.periodSeconds is the health check interval duration
periodSeconds: 15
# server.healthCheck.failureThreshold is the number of unsuccessful attempts made to the GoCD server health check endpoint before the container is restarted (for liveness) or marked as unready (for readiness)
failureThreshold: 10
env:
# server.env.goServerJvmOpts is a list of JVM options, which needs to be provided to the GoCD Server, typically prefixed with -D unless otherwise stated.
# Example: "-Xmx4096mb -Dfoo=bar"
goServerJvmOpts:
# server.env.extraEnvVars is the list of environment variables passed to GoCD Server
extraEnvVars:
- name: GOCD_PLUGIN_INSTALL_kubernetes-elastic-agents
value: https://github.com/gocd/kubernetes-elastic-agents/releases/download/v3.4.0-196/kubernetes-elastic-agent-3.4.0-196.jar
- name: GOCD_PLUGIN_INSTALL_docker-registry-artifact-plugin
value: https://github.com/gocd/docker-registry-artifact-plugin/releases/download/v1.1.0-104/docker-registry-artifact-plugin-1.1.0-104.jar
service:
# server.service.type is the GoCD Server service type
type: "NodePort"
# server.service.httpPort is the GoCD Server HTTP port
httpPort: 8153
# server.service.httpPort is the GoCD Server HTTPS port
httpsPort: 8154
# Provide the nodeHttpPort and nodeHttpsPort if you want the service to be exposed on specific ports. Without this, random node ports will be assigned.
# server.service.nodeHttpPort is the GoCD Server Service Node HTTP port
nodeHttpPort:
# server.service.nodeHttpPort is the GoCD Server Service Node HTTPS port
nodeHttpsPort:
annotations:
## When using LoadBalancer service type, use the following AWS certificate from ACM
## https://aws.amazon.com/documentation/acm/
# service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "arn:aws:acm:eu-west-1:123456789:certificate/abc123-abc123-abc123-abc123"
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "https"
# service.beta.kubernetes.io/aws-load-balancer-backend-port: "https"
## When using LoadBalancer service type, whitelist these source IP ranges
## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/
# loadBalancerSourceRanges:
# - 192.168.1.10/32
ingress:
# server.ingress.enabled is the toggle to enable/disable GoCD Server Ingress
enabled: true
# server.ingress.hosts is used to create an Ingress record.
# hosts:
# - ci.example.com
annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
tls:
# - secretName: ci-example-tls
# hosts:
# - ci.example.com
persistence:
# server.persistence.enabled is the toggle for server volume persistence.
enabled: true
accessMode: "ReadWriteOnce"
# The storage space that should be claimed from the persistent volume
size: 2Gi
# If defined, storageClassName: <storageClass>
# If set to "-", storageClassName: "", which disables dynamic provisioning
# If undefined (the default) or set to null, no storageClassName spec is
# set, choosing 'standard' storage class available with the default provisioner (gcd-pd on GKE, hostpath on minikube, etc).
# storageClass: "-"
# A manually managed Persistent Volume and Claim
# If defined, PVC must be created manually before volume will be bound
existingClaim:
# To choose a suitable persistent volume from available static persistent volumes, selectors are used.
pvSelector:
# matchLabels:
# volume-type: ssd
name:
# server.persistence.name.dockerEntryPoint name of the volume mounted at /docker-entrypoint.d/ on the server
dockerEntryPoint: goserver-vol
# "" for the volume root
subpath:
# godata is where the config, db, plugins are stored
godata: godata
# homego can be used for storing and mounting secrets
homego: homego
# custom entrypoint scripts that should be run before starting the GoCD server inside the container.
dockerEntryPoint: scripts
# server.persistence.extraVolumes additional server volumes
extraVolumes: []
# - name: gocd-server-init-scripts
# configMap:
# name: gocd-server-init-scripts
# defaultMode: 0755
# - name: github-key
# secret:
# secretName: github-key
# defaultMode: 0744
# server.persistence.extraVolumeMounts additional server volumeMounts
extraVolumeMounts: []
# - name: github-key
# mountPath: /etc/config/keys/
# readOnly: true
# - name: gocd-server-init-scripts
# mountPath: /docker-entrypoint.d/
# server.hostAliases allows the modification of the hosts file inside a container
hostAliases:
# - ip: "192.168.1.10"
# hostnames:
# - "example.com"
# - "www.example.com"
security:
ssh:
# server.security.ssh.enabled is the toggle to enable/disable mounting of ssh secret on GoCD server pods
enabled: false
# server.security.ssh.secretName specifies the name of the k8s secret object that contains the ssh key and known hosts
secretName: gocd-server-ssh
agent:
# specifies overrides for agent specific service account creation
serviceAccount:
# specifies whether the top level service account (also used by the server) should be reused as the service account for gocd agents
reuseTopLevelServiceAccount: false
# if reuseTopLevelServiceAccount is false, this field specifies the name of an existing service account to be associated with gocd agents
# If field is empty, the service account "default" will be used.
name:
# agent.annotations is the annotations for the GoCD Agent Deployment and Pod Spec
annotations:
deployment:
# iam.amazonaws.com/role: arn:aws:iam::xxx:role/my-custom-role
pod:
# iam.amazonaws.com/role: arn:aws:iam::xxx:role/my-custom-role
# Specify security settings for GoCD Agent Pod
securityContext:
# Specify the container user for all the GoCD agent pods
runAsUser: 1000
# Specify the container group for all the GoCD agent pods
runAsGroup: 0
# Specify the container supplementary group for all the GoCD agent pods
fsGroup: 0
# agent.replicaCount is the GoCD Agent replicas Count. Specify the number of GoCD agents to run
replicaCount: 0
# agent.preStop - array of command and arguments to run in the agent pre-stop lifecycle hook
# preStop:
# - "/bin/bash"
# - "/disable_and_stop.sh"
# agent.postStart - array of command and arguments to run in agent post-start lifecycle hook
# postStart:
# - "/bin/bash"
# - "/agent_startup.sh"
# agent.deployStrategy is the strategy explained in detail at https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
# agent.terminationGracePeriodSeconds is the optional duration in seconds the gocd agent pods need to terminate gracefully.
# Note: SIGTERM is issued immediately after the pod deletion request is sent. If the pod doesn't terminate, k8s waits for terminationGracePeriodSeconds before issuing SIGKILL.
# agent.terminationGracePeriodSeconds: 60
deployStrategy: {}
image:
# agent.image.repository is the GoCD Agent image name
repository: "gocd/gocd-agent-alpine-3.9"
# agent.image.tag is the GoCD Agent image's tag
tag:
# agent.image.pullPolicy is the GoCD Agent image's pull policy
pullPolicy: "IfNotPresent"
env:
# agent.env.goServerUrl is the GoCD Server Url
goServerUrl:
# agent.env.agentAutoRegisterKey is the GoCD Agent auto-register key
agentAutoRegisterKey:
# agent.env.agentAutoRegisterResources is the GoCD Agent auto-register resources
agentAutoRegisterResources:
# agent.env.agentAutoRegisterEnvironments is the GoCD Agent auto-register Environments
# deprecated because of a typo. Use agent.env.agentAutoRegisterEnvironments instead
agentAutoRegisterEnvironemnts:
# agent.env.agentAutoRegisterEnvironments is the GoCD Agent auto-register Environments
agentAutoRegisterEnvironments:
# agent.env.agentAutoRegisterHostname is the GoCD Agent auto-register hostname
agentAutoRegisterHostname:
# agent.env.goAgentJvmOpts is the GoCD Agent JVM options
goAgentJvmOpts:
# agent.env.goAgentBootstrapperArgs is the GoCD Agent bootstrapper args
goAgentBootstrapperArgs:
# agent.env.goAgentBootstrapperJvmArgs is the GoCD Agent bootstrapper JVM args
goAgentBootstrapperJvmArgs:
# agent.env.extraEnvVars is the list of environment variables passed to GoCD Agent
extraEnvVars:
persistence:
# agent.persistence.enabled is the toggle for agent volume persistence. Change to true if a persistent volume is available and configured manually.
enabled: false
accessMode: "ReadWriteOnce"
size: 1Gi
# If defined, storageClassName: <storageClass>
# If set to "-", storageClassName: "", which disables dynamic provisioning
# If undefined (the default) or set to null, no storageClassName spec is
# set, choosing 'standard' storage class available with the default provisioner (gcd-pd on GKE, hostpath on minikube, etc).
# storageClass: "-"
# A manually managed Persistent Volume and Claim
# If defined, PVC must be created manually before volume will be bound
existingClaim:
pvSelector:
# matchLabels:
# app: godata-gocd-agent
name:
# agent.persistence.name.dockerEntryPoint name of the volume mounted at /docker-entrypoint.d/ on the agent
dockerEntryPoint: goagent-vol
# "" for the volume root
subpath:
homego: homego
dockerEntryPoint: scripts
# agent.persistence.extraVolumes additional agent volumes
extraVolumes: []
# - name: gocd-agent-init-scripts
# configMap:
# name: gocd-agent-init-scripts
# defaultMode: 0755
# - name: github-key
# secret:
# secretName: github-key
# defaultMode: 0744
# agent.persistence.extraVolumeMounts additional agent volumeMounts
extraVolumeMounts: []
# - name: github-key
# mountPath: /etc/config/keys/
# readOnly: true
# - name: gocd-agent-init-scripts
# mountPath: /docker-entrypoint.d/
# specify init containers, e.g. to prepopulate home directories etc
initContainers: []
# - name: download-kubectl
# image: "ellerbrock/alpine-bash-curl-ssl:latest"
# imagePullPolicy: "IfNotPresent"
# volumeMounts:
# - name: kubectl
# mountPath: /download
# workingDir: /download
# command: ["/bin/bash"]
# args:
# - "-c"
# - 'curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && chmod +x ./kubectl'
# specify restart policy for agents
restartPolicy: Always
# agent.privileged is needed for running Docker-in-Docker (DinD) agents
privileged: false
healthCheck:
# agent.healthCheck.enable is the toggle for GoCD agent health checks
enabled: false
# agent.healthCheck.initialDelaySeconds is the initial delays in seconds to start the health checks
initialDelaySeconds: 60
# agent.healthCheck.periodSeconds is the health check interval duration
periodSeconds: 60
# agent.healthCheck.failureThreshold is the health check failure threshold of GoCD agent
failureThreshold: 60
security:
ssh:
# agent.security.ssh.enabled is the toggle to enable/disable mounting of ssh secret on GoCD agent pods
enabled: false
# agent.security.ssh.secretName specifies the name of the k8s secret object that contains the ssh key and known hosts
secretName: gocd-agent-ssh
## Configure GoCD agent resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
resources: {}
# requests:
# memory: 512Mi
# cpu: 300m
# limits:
# cpu: 100m
# memory: 1024Mi
# agent.hostAliases allows the modification of the hosts file inside a container
hostAliases:
# - ip: "192.168.1.10"
# hostnames:
# - "example.com"
# - "www.example.com"
## Additional GoCD agent pod labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
nodeSelector: {}
## Affinity for assigning pods to specific nodes
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
affinity: {}
## Tolerations for allowing pods to be scheduled on nodes with matching taints
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: {}
You can’t perform that action at this time.