Taqi Tahmid
448a0a89b9
- added woodpecker CI - removed kubernetes infra terraform files. - added demo woodpecker pipeline
362 lines
11 KiB
YAML
362 lines
11 KiB
YAML
# Default values for woodpecker.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
# -- Overrides the name of the chart
|
|
nameOverride: ""
|
|
# -- Overrides the full name of the chart
|
|
fullnameOverride: ""
|
|
|
|
agent:
|
|
# -- Enable the agent component
|
|
enabled: true
|
|
|
|
# -- The number of replicas for the deployment
|
|
replicaCount: 2
|
|
|
|
image:
|
|
# -- The image registry
|
|
registry: docker.io
|
|
# -- The image repository
|
|
repository: woodpeckerci/woodpecker-agent
|
|
# -- The pull policy for the image
|
|
pullPolicy: IfNotPresent
|
|
# -- Overrides the image tag whose default is the chart appVersion.
|
|
tag: ""
|
|
|
|
env:
|
|
# -- Add the environment variables for the agent component
|
|
WOODPECKER_SERVER: "woodpecker-server.woodpecker.svc.cluster.local:9000"
|
|
WOODPECKER_BACKEND: kubernetes
|
|
WOODPECKER_BACKEND_K8S_NAMESPACE: woodpecker
|
|
WOODPECKER_BACKEND_K8S_STORAGE_CLASS: ""
|
|
WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 10G
|
|
WOODPECKER_BACKEND_K8S_STORAGE_RWX: true
|
|
WOODPECKER_BACKEND_K8S_POD_LABELS: ""
|
|
WOODPECKER_BACKEND_K8S_POD_ANNOTATIONS: ""
|
|
WOODPECKER_CONNECT_RETRY_COUNT: "3"
|
|
|
|
# -- Add extra secret that is contains environment variables
|
|
extraSecretNamesForEnvFrom: []
|
|
|
|
persistence:
|
|
# -- Enable the creation of the persistent volume
|
|
enabled: true
|
|
# -- Defines an existing claim to use
|
|
existingClaim:
|
|
# -- Defines the size of the persistent volume
|
|
size: 1Gi
|
|
# -- Defines the path where the volume should be mounted
|
|
mountPath: "/etc/woodpecker"
|
|
# -- Defines the storageClass of the persistent volume
|
|
storageClass: ""
|
|
# -- Defines the access mode of the persistent volume
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
|
|
# -- Additional volumes that can be mounted in containers
|
|
extraVolumes:
|
|
[]
|
|
# - name: docker-config
|
|
# configMap:
|
|
# name: docker-config
|
|
# - name: data-volume
|
|
# persistentVolumeClaim:
|
|
# claimName: example
|
|
|
|
# -- Additional volumes that will be attached to the agent container
|
|
extraVolumeMounts:
|
|
[]
|
|
# - name: ca-certs
|
|
# mountPath: /etc/ssl/certs/ca-certificates.crt
|
|
|
|
# -- The image pull secrets
|
|
imagePullSecrets: []
|
|
# -- Overrides the name of the chart of the agent component
|
|
nameOverride: ""
|
|
# -- Overrides the full name of the chart of the agent component
|
|
fullnameOverride: ""
|
|
|
|
serviceAccount:
|
|
# -- Specifies whether a service account should be created (also see RBAC subsection)
|
|
create: true
|
|
# -- Annotations to add to the service account
|
|
annotations: {}
|
|
# -- The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name: ""
|
|
rbac:
|
|
# -- If your cluster has RBAC enabled and you're using the Kubernetes agent-
|
|
# backend you'll need this. (this is true for almost all production clusters)
|
|
# only change this if you have a non CNCF compliant cluster, missing the RBAC endpoints
|
|
# the Role and RoleBinding are only created if serviceAccount.create is also true
|
|
create: true
|
|
# Additional annotations and labels in role and roleBinding are only needed, if you
|
|
# are using additional tooling to manage / verify roles or roleBindings (OPA, etc.)
|
|
role:
|
|
annotations: {}
|
|
labels: {}
|
|
roleBinding:
|
|
annotations: {}
|
|
labels: {}
|
|
|
|
# -- Add pod annotations for the agent component
|
|
podAnnotations: {}
|
|
|
|
# -- Add pod security context
|
|
podSecurityContext:
|
|
{}
|
|
# fsGroup: 2000
|
|
|
|
# -- Add security context
|
|
securityContext:
|
|
{}
|
|
# capabilities:
|
|
# drop:
|
|
# - ALL
|
|
# readOnlyRootFilesystem: true
|
|
# runAsNonRoot: true
|
|
# runAsUser: 1000
|
|
|
|
# -- Specifies the resources for the agent component
|
|
resources:
|
|
{}
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
# -- Specifies the labels of the nodes that the agent component must be running
|
|
nodeSelector: {}
|
|
|
|
# -- Specifies the tolerations
|
|
tolerations: []
|
|
|
|
# -- Specifies the affinity
|
|
affinity: {}
|
|
|
|
# -- Overrides the default DNS configuration
|
|
dnsConfig: {}
|
|
|
|
# -- Using topology spread constraints, you can ensure that there is at least one agent
|
|
# pod for each topology zone, e.g. one per arch for multi-architecture clusters
|
|
# or one for each region for geographically distributed cloud-hosted clusters.
|
|
# Ref: <https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/>
|
|
topologySpreadConstraints: []
|
|
# - maxSkew: 1
|
|
# topologyKey: "beta.kubernetes.io/arch"
|
|
# whenUnsatisfiable: "DoNotSchedule"
|
|
# labelSelector:
|
|
# matchLabels:
|
|
# "app.kubernetes.io/name": woodpecker-agent
|
|
|
|
server:
|
|
# -- Enable the server component
|
|
enabled: true
|
|
|
|
statefulSet:
|
|
# -- Add annotations to the StatefulSet
|
|
annotations: {}
|
|
# -- Add labels to the StatefulSet
|
|
labels: {}
|
|
# -- Defines the number of replicas
|
|
replicaCount: 1
|
|
# -- The maximum number of revisions that will be maintained in the StatefulSet's revision history
|
|
# Default in 10.
|
|
revisionHistoryLimit: 5
|
|
|
|
updateStrategy:
|
|
# -- Defines the update strategy of the StatefulSet
|
|
type: RollingUpdate
|
|
|
|
image:
|
|
# -- The image registry
|
|
registry: docker.io
|
|
# -- The image repository
|
|
repository: woodpeckerci/woodpecker-server
|
|
# -- The image pull policy
|
|
pullPolicy: IfNotPresent
|
|
# -- Overrides the image tag whose default is the chart appVersion.
|
|
tag: ""
|
|
|
|
# -- Add environment variables for the server component
|
|
env:
|
|
WOODPECKER_ADMIN: "taqi"
|
|
WOODPECKER_HOST: "placeholder.woodpecker.svc.cluster.local:9000"
|
|
WOODPECKER_GITEA: "true"
|
|
WOODPECKER_GITEA_URL: "${GITEA_HOST}"
|
|
WOODPECKER_GITEA_CLIENT: "${WOODPECKER_CLIENT_ID}"
|
|
WOODPECKER_GITEA_SECRET: "${WOODPECKER_CLIENT_SECRET}"
|
|
|
|
# WOODPECKER_GITHUB: "true"
|
|
|
|
# -- Add extra environment variables from the secrets list
|
|
extraSecretNamesForEnvFrom: []
|
|
|
|
# whether to create the default WOODPECKER_AGENT_SECRET in woodpecker-default-agent-secret
|
|
createAgentSecret: true
|
|
# -- Create a generic secret to store things in, e.g. env values
|
|
secrets: []
|
|
# - name: secret
|
|
# data:
|
|
# key: value
|
|
|
|
# -- Additional volumes that can be mounted in containers
|
|
extraVolumes:
|
|
[]
|
|
# - name: docker-config
|
|
# configMap:
|
|
# name: docker-config
|
|
# - name: data-volume
|
|
# persistentVolumeClaim:
|
|
# claimName: example
|
|
|
|
# -- Additional volumes that will be attached to the agent container
|
|
extraVolumeMounts:
|
|
[]
|
|
# - name: ca-certs
|
|
# mountPath: /etc/ssl/certs/ca-certificates.crt
|
|
|
|
# -- Add additional init containers to the pod (evaluated as a template)
|
|
initContainers: []
|
|
|
|
persistentVolume:
|
|
# -- Enable the creation of the persistent volume
|
|
enabled: true
|
|
# -- Defines the size of the persistent volume
|
|
size: 10Gi
|
|
# -- Defines the path where the volume should be mounted
|
|
mountPath: "/var/lib/woodpecker"
|
|
# -- Defines the storageClass of the persistent volume
|
|
storageClass: ""
|
|
|
|
# -- The image pull secrets
|
|
imagePullSecrets: []
|
|
# -- Overrides the name of the helm chart of the server component
|
|
nameOverride: ""
|
|
# -- Overrides the full name of the helm chart of the server component
|
|
fullnameOverride: ""
|
|
|
|
serviceAccount:
|
|
# -- Specifies whether a service account should be created
|
|
create: false
|
|
# -- Annotations to add to the service account
|
|
annotations: {}
|
|
# -- The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name: ""
|
|
|
|
# -- Add pod annotations
|
|
podAnnotations:
|
|
{}
|
|
# prometheus.io/scrape: "true"
|
|
|
|
# -- Add pod security context
|
|
podSecurityContext:
|
|
{}
|
|
# fsGroup: 2000
|
|
|
|
# -- Add security context
|
|
securityContext:
|
|
{}
|
|
# capabilities:
|
|
# drop:
|
|
# - ALL
|
|
# readOnlyRootFilesystem: true
|
|
# runAsNonRoot: true
|
|
# runAsUser: 1000
|
|
|
|
service:
|
|
# -- The type of the service
|
|
type: ClusterIP
|
|
# -- The port of the service
|
|
port: &servicePort 80
|
|
# -- The cluster IP of the service (optional)
|
|
clusterIP:
|
|
# -- The loadbalancer IP of the service (optional)
|
|
loadBalancerIP:
|
|
|
|
ingress:
|
|
# -- Enable the ingress for the server component
|
|
enabled: true
|
|
# -- Add annotations to the ingress
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "acme-issuer"
|
|
# kubernetes.io/ingress.class: nginx
|
|
# kubernetes.io/tls-acme: "true"
|
|
|
|
# -- Defines which ingress controller will implement the resource
|
|
ingressClassName: "nginx"
|
|
|
|
hosts:
|
|
- host: example.com
|
|
paths:
|
|
- path: /
|
|
backend:
|
|
serviceName: chart-example.local
|
|
servicePort: *servicePort
|
|
tls:
|
|
- hosts:
|
|
- example.com
|
|
secretName: woodpecker-tls
|
|
# -- Defines the secret that contains the TLS certificate and key
|
|
# secretName: chart-example-tls
|
|
# - secretName: chart-example-tls
|
|
# hosts:
|
|
# - chart-example.local
|
|
|
|
# -- Specifies the ressources for the server component
|
|
resources:
|
|
{}
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
# -- Defines the labels of the node where the server component must be running
|
|
nodeSelector: {}
|
|
|
|
# -- Add tolerations rules
|
|
tolerations: []
|
|
|
|
# -- Add affinity
|
|
affinity: {}
|
|
|
|
# -- Overrides the default DNS configuration
|
|
dnsConfig: {}
|
|
|
|
# -- Configure probe options for container health checking
|
|
probes:
|
|
# -- Configure liveness probe options
|
|
liveness:
|
|
# -- Number of seconds after which the probe times out (default: 10)
|
|
timeoutSeconds: 10
|
|
# -- How often (in seconds) to perform the probe (default: 10)
|
|
periodSeconds: 10
|
|
# -- Minimum consecutive successes for the probe to be considered successful after having failed (default: 1)
|
|
successThreshold: 1
|
|
# -- When a probe fails, Kubernetes will try failureThreshold times before giving up (default: 3)
|
|
failureThreshold: 3
|
|
# -- Configure readiness probe options
|
|
readiness:
|
|
# -- Number of seconds after which the probe times out (default: 10)
|
|
timeoutSeconds: 10
|
|
# -- How often (in seconds) to perform the probe (default: 10)
|
|
periodSeconds: 10
|
|
# -- Minimum consecutive successes for the probe to be considered successful after having failed (default: 1)
|
|
successThreshold: 1
|
|
# -- When a probe fails, Kubernetes will try failureThreshold times before giving up (default: 3)
|
|
failureThreshold: 3
|