Mondo Diaz
0b0890d73e
- Helm chart with PostgreSQL, MinIO, Redis as optional subcharts - Production and external infrastructure value files - HPA, Ingress, and health probe support - GitLab CI pipeline using Buildah for container builds - Multi-stage pipeline: test, build, publish 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
154 lines
2.6 KiB
YAML
154 lines
2.6 KiB
YAML
# Default values for orchard
|
|
replicaCount: 1
|
|
|
|
image:
|
|
repository: orchard-server
|
|
pullPolicy: IfNotPresent
|
|
tag: "" # Defaults to chart appVersion
|
|
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
serviceAccount:
|
|
create: true
|
|
automount: true
|
|
annotations: {}
|
|
name: ""
|
|
|
|
podAnnotations: {}
|
|
podLabels: {}
|
|
|
|
podSecurityContext: {}
|
|
|
|
securityContext:
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 8080
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations: {}
|
|
# kubernetes.io/ingress.class: nginx
|
|
# kubernetes.io/tls-acme: "true"
|
|
hosts:
|
|
- host: orchard.local
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls: []
|
|
# - secretName: orchard-tls
|
|
# hosts:
|
|
# - orchard.local
|
|
|
|
resources:
|
|
limits:
|
|
cpu: 500m
|
|
memory: 512Mi
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: http
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: http
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 5
|
|
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 1
|
|
maxReplicas: 10
|
|
targetCPUUtilizationPercentage: 80
|
|
targetMemoryUtilizationPercentage: 80
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
# Orchard server configuration
|
|
orchard:
|
|
server:
|
|
host: "0.0.0.0"
|
|
port: 8080
|
|
|
|
# Database configuration (used when postgresql.enabled is false)
|
|
database:
|
|
host: ""
|
|
port: 5432
|
|
user: orchard
|
|
password: ""
|
|
dbname: orchard
|
|
sslmode: disable
|
|
existingSecret: ""
|
|
existingSecretPasswordKey: "password"
|
|
|
|
# S3 configuration (used when minio.enabled is false)
|
|
s3:
|
|
endpoint: ""
|
|
region: us-east-1
|
|
bucket: orchard-artifacts
|
|
accessKeyId: ""
|
|
secretAccessKey: ""
|
|
usePathStyle: true
|
|
existingSecret: ""
|
|
existingSecretAccessKeyKey: "access-key-id"
|
|
existingSecretSecretKeyKey: "secret-access-key"
|
|
|
|
# PostgreSQL subchart configuration
|
|
postgresql:
|
|
enabled: true
|
|
auth:
|
|
username: orchard
|
|
password: orchard-password
|
|
database: orchard
|
|
primary:
|
|
persistence:
|
|
enabled: true
|
|
size: 10Gi
|
|
|
|
# MinIO subchart configuration
|
|
minio:
|
|
enabled: true
|
|
auth:
|
|
rootUser: minioadmin
|
|
rootPassword: minioadmin
|
|
defaultBuckets: "orchard-artifacts"
|
|
persistence:
|
|
enabled: true
|
|
size: 50Gi
|
|
|
|
# Redis subchart configuration (for future caching)
|
|
redis:
|
|
enabled: false
|
|
auth:
|
|
enabled: true
|
|
password: redis-password
|
|
architecture: standalone
|
|
master:
|
|
persistence:
|
|
enabled: true
|
|
size: 1Gi
|
|
|
|
# Database migrations
|
|
migrations:
|
|
enabled: true
|
|
image:
|
|
repository: orchard-server
|
|
tag: ""
|