KubeZero/charts/kubezero-ci/values.yaml

225 lines
5.2 KiB
YAML
Raw Normal View History

2021-11-06 17:12:48 +00:00
gocd:
enabled: false
2021-11-06 20:20:24 +00:00
server:
service:
type: "ClusterIP"
ingress:
enabled: false
istio:
enabled: false
gateway: istio-ingress/private-ingressgateway
url: "" # gocd.example.com
2021-11-08 15:54:48 +00:00
gitea:
enabled: false
image:
2022-12-06 15:41:17 +00:00
tag: 1.17.3
2021-11-08 15:54:48 +00:00
rootless: true
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
add:
- SYS_CHROOT
persistence:
enabled: true
size: 4Gi
gitea:
admin:
existingSecret: gitea-admin-secret
# Enable to install demo creds
demo: false
metrics:
enabled: false
serviceMonitor:
enabled: false
config:
database:
DB_TYPE: sqlite3
cache:
ADAPTER: memory
memcached:
enabled: false
postgresql:
enabled: false
mysql:
enabled: false
mariadb:
enabled: false
2021-11-08 15:54:48 +00:00
istio:
enabled: false
gateway: istio-ingress/private-ingressgateway
url: git.example.com
2021-11-08 15:54:48 +00:00
2021-11-06 17:12:48 +00:00
jenkins:
enabled: false
2021-12-03 21:16:22 +00:00
controller:
tag: alpine-jdk17
#tagLabel: alpine
disableRememberMe: true
prometheus:
enabled: false
testEnabled: false
enableRawHtmlMarkupFormatter: true
javaOpts: "-XX:+UseContainerSupport -XX:+UseStringDeduplication -Dhudson.model.DirectoryBrowserSupport.CSP=\"sandbox allow-popups; default-src 'none'; img-src 'self' cdn.zero-downtime.net; style-src 'unsafe-inline';\""
jenkinsOpts: "--sessionTimeout=180 --sessionEviction=3600"
resources:
requests:
cpu: "250m"
memory: "1280Mi"
limits:
cpu: "2000m"
memory: "4096Mi"
initContainerResources:
requests:
cpu: "50m"
memory: "256Mi"
limits:
cpu: "1000m"
memory: "1024Mi"
JCasC:
configScripts:
zdt-settings: |
jenkins:
noUsageStatistics: true
disabledAdministrativeMonitors:
- "jenkins.security.ResourceDomainRecommendation"
unclassified:
buildDiscarders:
configuredBuildDiscarders:
- "jobBuildDiscarder"
- defaultBuildDiscarder:
discarder:
logRotator:
artifactDaysToKeepStr: "32"
artifactNumToKeepStr: "10"
daysToKeepStr: "100"
numToKeepStr: "10"
installPlugins:
- kubernetes:3734.v562b_b_a_627ea_c
- workflow-aggregator:581.v0c46fa_697ffd
2022-12-13 12:13:33 +00:00
- git:4.14.2
- configuration-as-code:1569.vb_72405b_80249
2022-12-06 15:41:17 +00:00
- antisamy-markup-formatter:155.v795fb_8702324
- prometheus:2.0.11
2022-09-28 15:41:30 +00:00
- htmlpublisher:1.31
- build-discarder:139.v05696a_7fe240
- dark-theme:262.v0202a_4c8fb_6a
- kubernetes-credentials-provider:1.206.v7ce2cf7b_0c8b
serviceAccountAgent:
create: true
name: jenkins-podman-aws
# Preconfigure agents to use zdt podman requires fuse/overlayfs
agent:
image: public.ecr.aws/zero-downtime/jenkins-podman
2022-12-06 15:41:17 +00:00
tag: v0.4.1
resources:
requests:
cpu: "512m"
memory: "1024Mi"
limits:
cpu: "4"
memory: "6144Mi"
#alwaysPullImage: true
podRetention: "Default"
showRawYaml: false
podName: "podman-aws"
customJenkinsLabels:
- podman-aws-trivy
idleMinutes: 10
containerCap: 2
annotations:
container.apparmor.security.beta.kubernetes.io/jnlp: unconfined
# envVars:
# - name: AWS_WEB_IDENTITY_TOKEN_FILE
# value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
# - name: AWS_STS_REGIONAL_ENDPOINTS
# value: regional
# - name: AWS_ROLE_ARN
# value: "<IAM ROLE ARN>"
yamlMergeStrategy: "merge"
yamlTemplate: |-
apiVersion: v1
kind: Pod
spec:
securityContext:
fsGroup: 1000
serviceAccountName: jenkins-podman-aws
containers:
- name: jnlp
resources:
limits:
github.com/fuse: 1
volumeMounts:
- name: aws-token
mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
readOnly: true
- name: host-registries-conf
mountPath: "/home/jenkins/.config/containers/registries.conf"
readOnly: true
volumes:
- name: aws-token
projected:
sources:
- serviceAccountToken:
path: token
expirationSeconds: 86400
audience: "sts.amazonaws.com"
- name: host-registries-conf
hostPath:
path: /etc/containers/registries.conf
type: File
2022-08-10 14:01:26 +00:00
rbac:
readSecrets: true
persistence:
size: "4Gi"
istio:
enabled: false
gateway: istio-ingress/private-ingressgateway
url: jenkins.example.com
# Dedicated VirtualService for webhooks
webhook:
enabled: false
gateway: istio-ingress/ingressgateway
url: jenkins-webhook.example.com
# Remote Agents
agent:
enabled: false
gateway: istio-ingress/private-ingressgateway
url: jenkins-agent.example.com
trivy:
enabled: false
2022-12-06 15:41:17 +00:00
image:
tag: 0.34.0
persistence:
enabled: true
size: 1Gi
rbac:
create: false