-
Notifications
You must be signed in to change notification settings - Fork 5
/
custom-environment-variables.yaml
307 lines (300 loc) · 11.7 KB
/
custom-environment-variables.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
# All values in this document are the ENVIRONMENT variable names that can override the defaults
# from `default.yaml`
---
auth:
# A private key used for signing jwt tokens
# Easily generate one by running
# $ openssl genrsa -out jwt.pem 2048
jwtPrivateKey: SECRET_JWT_PRIVATE_KEY
# The public key used for verifying the signature
# Generate one by running
# $ openssl rsa -in jwt.pem -pubout -out jwt.pub
jwtPublicKey: SECRET_JWT_PUBLIC_KEY
# The public key used for verifying the signature of token from SD api
jwtSDApiPublicKey: SECRET_JWT_SD_API_PUBLIC_KEY
admins:
__name: SECRET_ADMINS
__format: json
executor:
plugin: EXECUTOR_PLUGIN
# The NPM module object(s) for the executor plugin(s)
k8s:
options:
kubernetes:
# The host or IP of the kubernetes cluster
host: K8S_HOST
# Privileged mode, default restricted, set to true for trusted container runtime use-case
privileged: K8S_SECURITYCONTEXT_PRIVILEGED
# The jwt token used for authenticating kubernetes requests
token: K8S_TOKEN
jobsNamespace: K8S_JOBS_NAMESPACE
# enable docker in docker on the k8 executor
dockerFeatureEnabled: DOCKER_FEATURE_ENABLED
# Resources for build pod
resources:
# Number of cpu cores
cpu:
micro: K8S_CPU_MICRO
low: K8S_CPU_LOW
high: K8S_CPU_HIGH
turbo: K8S_CPU_TURBO
# Memory in GB
memory:
micro: K8S_MEMORY_MICRO
low: K8S_MEMORY_LOW
high: K8S_MEMORY_HIGH
turbo: K8S_MEMORY_TURBO
# Default build timeout for all builds in this cluster
buildTimeout: K8S_BUILD_TIMEOUT
# Default max build timeout
maxBuildTimeout: K8S_MAX_BUILD_TIMEOUT
lifecycleHooks:
__name: K8S_LIFECYCLE_HOOKS
__format: json
# k8s node selectors for approprate build pod scheduling.
# Value is Object of format { label: 'value' } See
# https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#step-one-attach-label-to-the-node
# Eg: { dedicated: 'screwdriver' } to schedule pods on nodes having
# label-value of dedicated=screwdriver
nodeSelectors:
__name: K8S_NODE_SELECTORS
__format: json
# k8s preferred node selectors for build pod scheduling
# See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature
preferredNodeSelectors:
__name: K8S_PREFERRED_NODE_SELECTORS
__format: json
# k8s annotations
# Value is Object of format { key: 'value' } See
# https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations
# Eg: {"io.kubernetes.cri.untrusted-workload": "true"}
annotations:
__name: K8S_ANNOTATIONS
__format: json
# support for kata-containers-as-a-runtimeclass
runtimeClass: K8S_RUNTIME_CLASS
# Launcher image to use
launchImage: LAUNCH_IMAGE
# Launcher container tag to use
launchVersion: LAUNCH_VERSION
# Prefix to the pod
prefix: EXECUTOR_PREFIX
# Circuit breaker config
fusebox:
breaker:
# in milliseconds
timeout: CIRCUIT_TIMEOUT
requestretry:
# in milliseconds
retryDelay: REQUEST_RETRYDELAY
maxAttempts: REQUEST_MAXATTEMPTS
k8s-vm:
options:
# Configuration of Docker
kubernetes:
# The host or IP of the kubernetes cluster
host: K8S_HOST
# Privileged mode, default restricted, set to true for trusted container runtime use-case
privileged: K8S_SECURITYCONTEXT_PRIVILEGED
# The jwt token used for authenticating kubernetes requests
token: K8S_TOKEN
jobsNamespace: K8S_JOBS_NAMESPACE
baseImage: K8S_BASE_IMAGE
# Resources for build pod
resources:
# Number of cpu cores
cpu:
micro: K8S_CPU_MICRO
low: K8S_CPU_LOW
high: K8S_CPU_HIGH
turbo: K8S_CPU_TURBO
# upper bound for user custom cpu
max: K8S_CPU_MAX
# Memory in GB
memory:
micro: K8S_MEMORY_MICRO
low: K8S_MEMORY_LOW
high: K8S_MEMORY_HIGH
turbo: K8S_MEMORY_TURBO
# upper bound for user custom memory
max: K8S_MEMORY_MAX
disk:
space: K8S_DISK_LABEL
speed: K8S_DISK_SPEED_LABEL
# Default build timeout for all builds in this cluster
buildTimeout: K8S_VM_BUILD_TIMEOUT
# Default max build timeout
maxBuildTimeout: K8S_VM_MAX_BUILD_TIMEOUT
# k8s node selectors for approprate build pod scheduling.
# Value is Object of format { label: 'value' } See
# https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#step-one-attach-label-to-the-node
# Eg: { dedicated: 'screwdriver' } to schedule pods on nodes having
# label-value of dedicated=screwdriver
nodeSelectors:
__name: K8S_VM_NODE_SELECTORS
__format: json
# k8s preferred node selectors for build pod scheduling
# See https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature
preferredNodeSelectors:
__name: K8S_VM_PREFERRED_NODE_SELECTORS
__format: json
# Launcher image to use
launchImage: LAUNCH_IMAGE
# Launcher container tag to use
launchVersion: LAUNCH_VERSION
# Prefix to the container
prefix: EXECUTOR_PREFIX
# Circuit breaker config
fusebox:
breaker:
# in milliseconds
timeout: CIRCUIT_TIMEOUT
requestretry:
# in milliseconds
retryDelay: REQUEST_RETRYDELAY
maxAttempts: REQUEST_MAXATTEMPTS
jenkins:
options:
jenkins:
host: EXECUTOR_JENKINS_HOST
port: EXECUTOR_JENKINS_PORT
username: EXECUTOR_JENKINS_USERNAME
# Jenkins password/token used for authenticating jenkins requests
password: EXECUTOR_JENKINS_PASSWORD
# Node labels of Jenkins slaves
nodeLabel: EXECUTOR_JENKINS_NODE_LABEL
# Default build timeout
buildTimeout: EXECUTOR_JENKINS_BUILD_TIMEOUT
# Default max build timeout
maxBuildTimeout: EXECUTOR_JENKINS_MAX_BUILD_TIMEOUT
docker:
# The path to the docker-compose command
composeCommand: EXECUTOR_JENKINS_DOCKER_COMPOSE_COMMAND
# Prefix to the container
prefix: EXECUTOR_JENKINS_DOCKER_PREFIX
# Launcher container tag to use
launchVersion: EXECUTOR_JENKINS_LAUNCH_VERSION
# Memory limit (docker run `--memory` option)
memory: EXECUTOR_JENKINS_DOCKER_MEMORY
# Memory limit include swap (docker run `--memory-swap` option)
memoryLimit: EXECUTOR_JENKINS_DOCKER_MEMORY_LIMIT
# The command to start build
buildScript: EXECUTOR_JENKINS_BUILD_SCRIPT
# The command to clean up build system
cleanupScript: EXECUTOR_JENKINS_CLEANUP_SCRIPT
# Time (seconds) to destroy the job
cleanupTimeLimit: EXECUTOR_JENKINS_CLEANUP_TIME_LIMIT
# Interval to detect the stopped job (seconds)
cleanupWatchInterval: EXECUTOR_JENKINS_CLEANUP_WATCH_INTERVAL
httpd:
# Port to listen on
port: PORT
# Host to listen on (set to 0.0.0.0 to accept all connections)
host: HOST
# Externally routable URI (usually your load balancer or CNAME)
uri: URI
# TLS configuration (key, cert, etc.)
# https://nodejs.org/api/tls.html#tls_tls_createserver_options_secureconnectionlistener
tls:
__name: HTTPD_TLS
__format: json
ecosystem:
# URL for the User Interface
ui: ECOSYSTEM_UI
# URL for the API
api: ECOSYSTEM_API
# Externally routable URL for the Artifact Store
store: ECOSYSTEM_STORE
# Pushgateway URL for Prometheus
pushgatewayUrl: ECOSYSTEM_PUSHGATEWAY_URL
# build cache strategies: s3, disk, with s3 as default option to store cache
cache:
strategy: CACHE_STRATEGY
path: CACHE_PATH
compress: CACHE_COMPRESS
md5check: CACHE_MD5CHECK
max_size_mb: CACHE_MAX_SIZE_MB
queue:
# redis or redisCluster(beta)
connectionType: REDIS_TYPE
redisConnection:
host: REDIS_HOST
port: REDIS_PORT
options:
password: REDIS_PASSWORD
tls: REDIS_TLS_ENABLED
database: REDIS_DB_NUMBER
redisClusterConnection:
hosts:
__name: REDIS_CLUSTER_HOSTS
__format: json
options:
password: REDIS_PASSWORD
tls: REDIS_TLS_ENABLED
slotsRefreshTimeout: REDIS_CLUSTER_SLOTS_REFRESH_TIMEOUT
prefix: REDIS_QUEUE_PREFIX
# whether or not to retrieve from redis that the data needed to start periodic builds
periodicBuildTableEnabled: PERIODIC_BUILD_TABLE_ENABLED
plugins:
blockedBy:
# re-enqueue in _ mins if blocked
reenqueueWaitTime: PLUGIN_BLOCKEDBY_REENQUEUE_WAIT_TIME
# job is blocking for maximum _ mins
blockTimeout: PLUGIN_BLOCKEDBY_BLOCK_TIMEOUT
# job block by itself
blockedBySelf: PLUGIN_BLOCKEDBY_BLOCKED_BY_SELF
# by default collapse builds or not
collapse: PLUGIN_BLOCKEDBY_COLLAPSE
worker:
# https://github.com/taskrabbit/node-resque#multiworker-options
# minimum number of workers to spawn
minTaskProcessors: WORKER_MIN_TASK_PROCESSORS
# maximum number of workers to spawn
maxTaskProcessors: WORKER_MAX_TASK_PROCESSORS
# how often to check if the event loop is blocked (ms)
checkTimeout: WORKER_CHECK_TIMEOUT
# how long the event loop has to be delayed before considering it blocked (ms)
maxEventLoopDelay: WORKER_MAX_EVENT_LOOP_DELAY
# Run queue-worker as a scheduler, instead of calling executor to start/stop builds, push it to rabbitmq
scheduler:
# Enabled schduler mode or not
enabled: SCHEDULER_ENABLED
# To enable schduler mode, you need rabbitmq server and consumer
rabbitmq:
# Host of rabbitmq cluster
host: RABBITMQ_HOST
# Port of rabbitmq cluster
port: RABBITMQ_PORT
# User to push to rabbitmq
username: RABBITMQ_USERNAME
# Password to connect to rabbitmq cluster
password: RABBITMQ_PASSWORD
# Protocol for rabbitmq server, use amqps for ssl
protocol: RABBITMQ_PROTOCOL
# Exchange / router name for rabbitmq
exchange: RABBITMQ_EXCHANGE
# Virtual host to connect to
vhost: RABBITMQ_VHOST
# Connection options
connectOptions: RABBITMQ_CONNECT_OPTIONS
kafka:
# flag for kafka broker
enabled: KAFKA_ENABLED
# kafka brokers list
hosts: KAFKA_BROKERS_LIST
# sasl options
sasl:
# sasl mechanism
mechanism: SASL_MECHANISM
# secret id for sasl/scram
secretId: SASL_AWS_SECRET_ID
# client id of the producer
clientId: KAFKA_CLIENT_ID
# Amazon access key
accessKeyId: KAFKA_ACCESS_KEY_ID
# Amazon secret access key
secretAccessKey: KAFKA_ACCESS_KEY_SECRET
# AWS region
region: AWS_REGION
# Flag to use Short Region Name like use2,usw2
shortRegion : USE_SHORT_REGION_NAME