# Default values for woodpecker. # This is a YAML-formatted file. # Declare variables to be passed into your templates. # -- Overrides the name of the chart nameOverride: "" # -- Overrides the full name of the chart fullnameOverride: "" agent: # -- Enable the agent component enabled: true # -- The number of replicas for the deployment replicaCount: 2 image: # -- The image registry registry: docker.io # -- The image repository repository: woodpeckerci/woodpecker-agent # -- The pull policy for the image pullPolicy: IfNotPresent # -- Overrides the image tag whose default is the chart appVersion. tag: "" env: # -- Add the environment variables for the agent component WOODPECKER_SERVER: 'woodpecker-server:9000' WOODPECKER_BACKEND: kubernetes WOODPECKER_BACKEND_K8S_NAMESPACE: woodpecker WOODPECKER_BACKEND_K8S_STORAGE_CLASS: "" WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 10G WOODPECKER_BACKEND_K8S_STORAGE_RWX: true WOODPECKER_BACKEND_K8S_POD_LABELS: "" WOODPECKER_BACKEND_K8S_POD_ANNOTATIONS: "" WOODPECKER_CONNECT_RETRY_COUNT: "1" # -- Add extra secret that is contains environment variables extraSecretNamesForEnvFrom: [] persistence: # -- Enable the creation of the persistent volume enabled: true # -- Defines an existing claim to use existingClaim: # -- Defines the size of the persistent volume size: 1Gi # -- Defines the path where the volume should be mounted mountPath: "/etc/woodpecker" # -- Defines the storageClass of the persistent volume storageClass: "" # -- Defines the access mode of the persistent volume accessModes: - ReadWriteOnce # -- Additional volumes that can be mounted in containers extraVolumes: [] # - name: docker-config # configMap: # name: docker-config # - name: data-volume # persistentVolumeClaim: # claimName: example # -- Additional volumes that will be attached to the agent container extraVolumeMounts: [] # - name: ca-certs # mountPath: /etc/ssl/certs/ca-certificates.crt # -- The image pull secrets imagePullSecrets: [] # -- Overrides the name of the chart of the agent component nameOverride: "" # -- Overrides the full name of the chart of the agent component fullnameOverride: "" serviceAccount: # -- Specifies whether a service account should be created (also see RBAC subsection) create: true # -- Annotations to add to the service account annotations: {} # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" rbac: # -- If your cluster has RBAC enabled and you're using the Kubernetes agent- # backend you'll need this. (this is true for almost all production clusters) # only change this if you have a non CNCF compliant cluster, missing the RBAC endpoints # the Role and RoleBinding are only created if serviceAccount.create is also true create: true # Additional annotations and labels in role and roleBinding are only needed, if you # are using additional tooling to manage / verify roles or roleBindings (OPA, etc.) role: annotations: {} labels: {} roleBinding: annotations: {} labels: {} # -- Add pod annotations for the agent component podAnnotations: {} # -- Add pod security context podSecurityContext: {} # fsGroup: 2000 # -- Add security context securityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 # -- Specifies the resources for the agent component resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi # -- Specifies the labels of the nodes that the agent component must be running nodeSelector: {} # -- Specifies the tolerations tolerations: [] # -- Specifies the affinity affinity: {} # -- Overrides the default DNS configuration dnsConfig: {} # -- Using topology spread constraints, you can ensure that there is at least one agent # pod for each topology zone, e.g. one per arch for multi-architecture clusters # or one for each region for geographically distributed cloud-hosted clusters. # Ref: topologySpreadConstraints: [] # - maxSkew: 1 # topologyKey: "beta.kubernetes.io/arch" # whenUnsatisfiable: "DoNotSchedule" # labelSelector: # matchLabels: # "app.kubernetes.io/name": woodpecker-agent server: # -- Enable the server component enabled: true statefulSet: # -- Add annotations to the StatefulSet annotations: {} # -- Add labels to the StatefulSet labels: {} # -- Defines the number of replicas replicaCount: 1 # -- The maximum number of revisions that will be maintained in the StatefulSet's revision history # Default in 10. revisionHistoryLimit: 5 updateStrategy: # -- Defines the update strategy of the StatefulSet type: RollingUpdate image: # -- The image registry registry: docker.io # -- The image repository repository: woodpeckerci/woodpecker-server # -- The image pull policy pullPolicy: IfNotPresent # -- Overrides the image tag whose default is the chart appVersion. tag: "" # -- Add environment variables for the server component env: WOODPECKER_ADMIN: "taqi" WOODPECKER_HOST: "placeholder.woodpecker.svc.cluster.local:9000" WOODPECKER_GITEA: "true" WOODPECKER_GITEA_URL: "${GITEA_HOST}" WOODPECKER_GITEA_CLIENT: "${WOODPECKER_CLIENT_ID}" WOODPECKER_GITEA_SECRET: "${WOODPECKER_CLIENT_SECRET}" # WOODPECKER_GITHUB: "true" # -- Add extra environment variables from the secrets list extraSecretNamesForEnvFrom: [] # whether to create the default WOODPECKER_AGENT_SECRET in woodpecker-default-agent-secret createAgentSecret: true # -- Create a generic secret to store things in, e.g. env values secrets: [] # - name: secret # data: # key: value # -- Additional volumes that can be mounted in containers extraVolumes: [] # - name: docker-config # configMap: # name: docker-config # - name: data-volume # persistentVolumeClaim: # claimName: example # -- Additional volumes that will be attached to the agent container extraVolumeMounts: [] # - name: ca-certs # mountPath: /etc/ssl/certs/ca-certificates.crt # -- Add additional init containers to the pod (evaluated as a template) initContainers: [] persistentVolume: # -- Enable the creation of the persistent volume enabled: true # -- Defines the size of the persistent volume size: 10Gi # -- Defines the path where the volume should be mounted mountPath: "/var/lib/woodpecker" # -- Defines the storageClass of the persistent volume storageClass: "" # -- The image pull secrets imagePullSecrets: [] # -- Overrides the name of the helm chart of the server component nameOverride: "" # -- Overrides the full name of the helm chart of the server component fullnameOverride: "" serviceAccount: # -- Specifies whether a service account should be created create: false # -- Annotations to add to the service account annotations: {} # -- The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" # -- Add pod annotations podAnnotations: {} # prometheus.io/scrape: "true" # -- Add pod security context podSecurityContext: {} # fsGroup: 2000 # -- Add security context securityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 service: # -- The type of the service type: ClusterIP # -- The port of the service port: &servicePort 80 # -- The cluster IP of the service (optional) clusterIP: # -- The loadbalancer IP of the service (optional) loadBalancerIP: ingress: # -- Enable the ingress for the server component enabled: true # -- Add annotations to the ingress annotations: cert-manager.io/cluster-issuer: "acme-issuer" # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" # -- Defines which ingress controller will implement the resource ingressClassName: "nginx" hosts: - host: example.com paths: - path: / backend: serviceName: chart-example.local servicePort: *servicePort tls: - hosts: - example.com secretName: woodpecker-tls # -- Defines the secret that contains the TLS certificate and key # secretName: chart-example-tls # - secretName: chart-example-tls # hosts: # - chart-example.local # -- Specifies the ressources for the server component resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi # -- Defines the labels of the node where the server component must be running nodeSelector: {} # -- Add tolerations rules tolerations: [] # -- Add affinity affinity: {} # -- Overrides the default DNS configuration dnsConfig: {} # -- Configure probe options for container health checking probes: # -- Configure liveness probe options liveness: # -- Number of seconds after which the probe times out (default: 10) timeoutSeconds: 10 # -- How often (in seconds) to perform the probe (default: 10) periodSeconds: 10 # -- Minimum consecutive successes for the probe to be considered successful after having failed (default: 1) successThreshold: 1 # -- When a probe fails, Kubernetes will try failureThreshold times before giving up (default: 3) failureThreshold: 3 # -- Configure readiness probe options readiness: # -- Number of seconds after which the probe times out (default: 10) timeoutSeconds: 10 # -- How often (in seconds) to perform the probe (default: 10) periodSeconds: 10 # -- Minimum consecutive successes for the probe to be considered successful after having failed (default: 1) successThreshold: 1 # -- When a probe fails, Kubernetes will try failureThreshold times before giving up (default: 3) failureThreshold: 3