149 lines
3.0 KiB
YAML
149 lines
3.0 KiB
YAML
# Warehouse13 - Enterprise Test Artifact Storage
|
|
# Default values for Helm chart
|
|
|
|
# Global settings
|
|
global:
|
|
deploymentMode: "air-gapped" # standard or airgapped
|
|
storageBackend: "minio" # minio or s3
|
|
|
|
# PostgreSQL Database
|
|
postgres:
|
|
enabled: true
|
|
image:
|
|
repository: containers.global.bsf.tools/postgres
|
|
tag: 15-alpine
|
|
pullPolicy: Always
|
|
auth:
|
|
username: user
|
|
password: password
|
|
database: warehouse13
|
|
persistence:
|
|
enabled: false
|
|
size: 10Gi
|
|
storageClass: ""
|
|
resources:
|
|
requests:
|
|
memory: "512Mi"
|
|
cpu: "250m"
|
|
limits:
|
|
memory: "512Mi"
|
|
cpu: "500m"
|
|
service:
|
|
type: ClusterIP
|
|
port: 5432
|
|
|
|
# MinIO Object Storage
|
|
minio:
|
|
enabled: true
|
|
image:
|
|
repository: containers.global.bsf.tools/minio/minio
|
|
tag: latest
|
|
pullPolicy: Always
|
|
auth:
|
|
rootUser: minioadmin
|
|
rootPassword: minioadmin
|
|
persistence:
|
|
enabled: true
|
|
size: 50Gi
|
|
storageClass: ""
|
|
resources:
|
|
requests:
|
|
memory: "1Gi"
|
|
cpu: "250m"
|
|
limits:
|
|
memory: "1Gi"
|
|
cpu: "1000m"
|
|
service:
|
|
type: ClusterIP
|
|
apiPort: 9000
|
|
consolePort: 9001
|
|
|
|
# Application (Unified API + Frontend)
|
|
# The application uses a multi-stage Docker build:
|
|
# - Stage 1: Builds Angular frontend
|
|
# - Stage 2: Python FastAPI backend that serves the frontend from /static
|
|
app:
|
|
enabled: true
|
|
image:
|
|
repository: registry.global.bsf.tools/esv/bsf/bsf-services/warehouse13
|
|
tag: main-7126c618
|
|
pullPolicy: Always
|
|
replicas: 1
|
|
env:
|
|
databaseUrl: "postgresql://user:password@warehouse13-postgres:5432/warehouse13"
|
|
storageBackend: "minio"
|
|
minioEndpoint: "warehouse13-minio:9000"
|
|
resources:
|
|
requests:
|
|
memory: "768Mi"
|
|
cpu: "350m"
|
|
limits:
|
|
memory: "768Mi"
|
|
cpu: "750m"
|
|
service:
|
|
type: ClusterIP
|
|
port: 8000
|
|
healthCheck:
|
|
enabled: true
|
|
liveness:
|
|
path: /health
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
readiness:
|
|
path: /health
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 5
|
|
|
|
# Ingress
|
|
ingress:
|
|
enabled: true
|
|
className: "nginx"
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "letsencrypt"
|
|
hosts:
|
|
- host: warehouse13.common.global.bsf.tools
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend: app # All traffic goes to unified app (serves both API and frontend)
|
|
tls:
|
|
- secretName: warehouse13-tls
|
|
hosts:
|
|
- warehouse13.common.global.bsf.tools
|
|
|
|
# Service Account
|
|
serviceAccount:
|
|
create: true
|
|
annotations: {}
|
|
name: "warehouse13"
|
|
|
|
# Pod Security
|
|
podSecurityContext:
|
|
fsGroup: 2000
|
|
|
|
securityContext:
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: false
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
|
|
# Node selector
|
|
nodeSelector: {}
|
|
|
|
# Tolerations
|
|
tolerations: []
|
|
|
|
# Affinity
|
|
affinity: {}
|
|
|
|
imagePullSecret:
|
|
name: gitlab-dev-ns-registry-secret
|
|
username: project_9145_bot_imagepuller
|
|
# Read only token so okay if hard coded here
|
|
password: glpat-ZV7ASvBqFoiWC9QqD5WlTG86MQp1OjVxMgk.01.0z192vpfw
|
|
server: registry.global.bsf.tools
|
|
email: botemail@global.bsf.tool
|
|
|