queue-service/config/default.yaml at master · screwdriver-cd/queue-service · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
---
auth:
  # A private key used for signing jwt tokens
  # Easily generate one by running
  # $ openssl genrsa -out jwt.pem 2048
  jwtPrivateKey: |
    -----BEGIN RSA PRIVATE KEY-----
    YOUR-KEY-HERE
    -----END RSA PRIVATE KEY-----
  # The public key used for verifying the signature
  # Generate one by running
  # $ openssl rsa -in jwt.pem -pubout -out jwt.pub
  jwtPublicKey: |
    -----BEGIN PUBLIC KEY-----
    YOUR-KEY-HERE
    -----END PUBLIC KEY-----
  # The public key used for verifying the signature of token from SD api
  jwtSDApiPublicKey: |
    -----BEGIN PUBLIC KEY-----
    YOUR-KEY-HERE
    -----END PUBLIC KEY-----
  admins: []

executor:
  # Default executor
  plugin: docker
  docker:
    enabled: true
    options:
      docker:
        socketPath: "/var/run/docker.sock"
  k8s:
    options:
      kubernetes:
        # The host or IP of the kubernetes cluster
        host: kubernetes.default
        # Privileged mode, default restricted, set to true for trusted container runtime use-case
        privileged: false
        dockerFeatureEnabled: false
        resources:
          cpu:
            # Number of cpu cores
            micro: "0.5"
            low: 2
            high: 6
            turbo: 12
          memory:
            # Memory in GB
            micro: 1
            low: 2
            high: 12
            turbo: 16
        # Default build timeout for all builds in this cluster
        buildTimeout: 90
        # Default max build timeout
        maxBuildTimeout: 120
        # k8s node selectors for approprate pod scheduling
        nodeSelectors: {}
        preferredNodeSelectors: {}
        annotations: {}
        # support for kata-containers-as-a-runtimeclass
        runtimeClass: ""
      # Launcher image to use
      launchImage: screwdrivercd/launcher
      # Container tags to use
      launchVersion: stable
      # Circuit breaker config
      fusebox:
        breaker:
          # in milliseconds
          timeout: 10000
      # requestretry configs
      requestretry:
        # in milliseconds
        retryDelay: 3000
        maxAttempts: 5
  k8s-vm:
    options:
      # Configuration of Docker
      kubernetes:
        # The host or IP of the kubernetes cluster
        host: kubernetes.default
        # Privileged mode, default restricted, set to true for trusted container runtime use-case
        privileged: false
        # Resources for build pod
        resources:
          cpu:
            # Number of cpu cores
            micro: 1
            low: 2
            high: 6
            turbo: 12
            # upper bound for user custom cpu
            max: 12
          memory:
            # Memory in GB
            micro: 1
            low: 2
            high: 12
            turbo: 16
            # upper bound for user custom memory
            max: 16
        # Default build timeout for all builds in this cluster
        buildTimeout: 90
        # Default max build timeout
        maxBuildTimeout: 120
        # k8s node selectors for approprate pod scheduling
        nodeSelectors: {}
        preferredNodeSelectors: {}
      # Launcher image to use
      launchImage: screwdrivercd/launcher
      # Launcher container tag to use
      launchVersion: stable
      # Circuit breaker config
      fusebox:
        breaker:
          # in milliseconds
          timeout: 10000
      # requestretry configs
      requestretry:
        # in milliseconds
        retryDelay: 3000
        maxAttempts: 5

httpd:
  # Port to listen on
  port: 80
  # Host to listen on (set to localhost to only accept connections from this machine)
  host: 0.0.0.0
  # Externally routable URI (usually your load balancer or CNAME)
  # This requires to be a routable IP inside docker for executor, see
  # https://github.com/screwdriver-cd/screwdriver/blob/095eaf03e053991443abcbde91c62cfe06a28cba/lib/server.js#L141
  uri: http://IP_ADDRESS:PORT
  tls: false

ecosystem:
  # Externally routable URL for the User Interface
  ui: http://IP_ADDRESS:PORT
  # Externally routable URL for the API
  api: http://IP_ADDRESS:PORT
  # Externally routable URL for the Artifact Store
  store: http://IP_ADDRESS:PORT
  # build cache strategies: s3, disk, with s3 as default option to store cache
  cache:
    strategy: "s3"
    path: "/"
    compress: false
    md5check: false
    max_size_mb: 0

queue:
  # redis or redisCluster(beta)
  connectionType: redis
  redisConnection:
    host: REDIS_HOST
    port: REDIS_PORT
    options:
      password: a-secure-password
      tls: false
    database: 0
  redisClusterConnection:
    hosts: []
    options:
      password: a-secure-password
      tls: false
    slotsRefreshTimeout: 1000
  prefix: ""
  # whether or not to retrieve from redis that the data needed to start periodic builds
  periodicBuildTableEnabled: true
  # max payload size in bytes, default to 10MB
  queueMaxPayloadSize: 10485760

plugins:
  blockedBy:
    # re-enqueue in 1 mins if blocked
    reenqueueWaitTime: 1
    # job is blocking for maximum 120 mins = build timeout
    blockTimeout: 120
    # job blocked by itself
    blockedBySelf: true
    # by default collapse builds or not
    collapse: true

worker:
  # https://github.com/taskrabbit/node-resque#multiworker-options
  # minimum number of workers to spawn
  minTaskProcessors: 1
  # maximum number of workers to spawn
  maxTaskProcessors: 10
  # how often to check if the event loop is blocked (ms)
  checkTimeout: 1000
  # how long the event loop has to be delayed before considering it blocked (ms)
  maxEventLoopDelay: 10

# Run queue-worker as a scheduler, instead of calling executor to start/stop builds, push it to rabbitmq
scheduler:
  # Enabled schduler mode or not
  enabled: false
  # To enable schduler mode, you need rabbitmq server and consumer
  rabbitmq:
    # Host of rabbitmq cluster
    host: RABBITMQ_HOST
    # Port of rabbitmq cluster
    port: RABBITMQ_PORT
    # User to push to rabbitmq
    username: sd-buidbot
    # Password to connect to rabbitmq cluster
    password: fakepassword
    # Protocol for rabbitmq server, use amqps for ssl
    protocol: amqp
    # Exchange / router name for rabbitmq
    exchange: build
    # Virtual host to connect to
    vhost: /screwdriver
    # Connect Options
    connectOptions: { json: true, heartbeatIntervalInSeconds: 20, reconnectTimeInSeconds: 30 }

kafka:
  # flag for kafka broker
  enabled: false
  # kafka brokers list
  hosts: KAFKA_BROKERS_LIST
  # sasl options
  sasl:
    # sasl mechanism
    mechanism: scram-sha-512
    # secret id for sasl/scram
    secretId: fake-secret
  # client id of the producer
  clientId: sd-producer
  # Amazon access key
  accessKeyId: KAFKA_ACCESS_KEY_ID
  # Amazon secret access key
  secretAccessKey: KAFKA_ACCESS_KEY_SECRET
  # AWS region
  region: AWS_REGION
  # Flag to use Short Region Name like use2,usw2
  shortRegion : true