blob: 07dd91abc041f6cfa3c83f03b64a64a84f920977 [file]
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# replica count
replicaCount: 1
imageTag: v1.0.3-beta14
# image pull secrets
imagePullSecrets: []
#the common environments for all pods except grafana, grafana needs to be set in grafana section seperately
commonEnvs:
TZ: "UTC"
mysql:
replicaCount: 1
# if use external mysql server, please set true
# by default using false, chart will create a single mysql instance
useExternal: false
# the external mysql server address
externalServer: 127.0.0.1
# external mysql port
externalPort: 3306
# the username for devlake database
username: merico
# the password for devlake database
password: merico
# the database for devlake
database: lake
# extra MySQL DSN query params appended to DB_URL.
# Note: include a leading '&' yourself. Empty string means no change.
# example: "&tls=skip-verify" or "&tls=skip-verify&autocommit=true"
extraParams: ""
# root password for mysql, only used when use_external=false
rootPassword: admin
# storage for mysql
storage:
# pvc or hostpath
type: pvc
# the storage class for pv, leave empty will using default
class: ""
size: 50Gi
hostPath: /devlake/mysql/data
# image for mysql
image:
repository: mysql
tag: 8
pullPolicy: IfNotPresent
# init containers for mysql if have
initContainers: []
# resources config for mysql if have
resources: {}
# nodeSelector config for mysql if have
nodeSelector: {}
# tolerations config for mysql if have
tolerations: []
# affinity config for mysql if have
affinity: {}
extraArgs: []
extraLabels: {}
securityContext: {}
containerSecurityContext: {}
podAnnotations: {}
# Probes for MySQL container
startupProbe:
exec: &mysql_ping_exec
command:
- "sh"
- "-c"
- "mysqladmin ping --protocol=TCP -h 127.0.0.1 -u root -p$MYSQL_ROOT_PASSWORD"
initialDelaySeconds: 120
periodSeconds: 10
timeoutSeconds: 10
failureThreshold: 60
livenessProbe:
exec: *mysql_ping_exec
initialDelaySeconds: 60
periodSeconds: 10
timeoutSeconds: 30
failureThreshold: 5
readinessProbe:
exec: *mysql_ping_exec
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 10
failureThreshold: 3
service:
type: "ClusterIP"
nodePort: ""
loadBalancerIP: ""
extraLabels: {}
# dependency chart values
grafana:
enabled: true
#if grafana enabled is false, then external url should be provided
external:
url: ""
image:
repository: apache/devlake-dashboard
tag: v1.0.3-beta14
deploymentStrategy:
type: Recreate
adminPassword: ""
grafana.ini:
server:
serve_from_subpath: "true"
root_url: "%(protocol)s://%(domain)s/grafana"
# the Secret name should be the same as .Values.option.connectionSecretName
envFromSecrets:
- name: &devlake_mysql_auth "devlake-mysql-auth"
# the ConfigMap name should be the same as .Values.option.connectionConfigmapName
envFromConfigMaps:
- name: &devlake_mysql_auth_config "devlake-mysql-auth-config"
#keep grafana timezone same as other pods, which is set by .Values.commonEnvs.TZ
env:
TZ: "UTC"
persistence:
enabled: true
size: 4Gi
ingressServiceName: ""
ingressServicePort: ""
lake:
replicaCount: 1
revisionHistoryLimit: 10
image:
repository: apache/devlake
pullPolicy: Always
# defaults to imageTag; if set, lake.image.tag will override imageTag
# tag:
# storage for config
port: 8080
envs:
API_TIMEOUT: "120s"
API_RETRY: "3"
API_REQUESTS_PER_HOUR: "10000"
PIPELINE_MAX_PARALLEL: "1"
IN_SECURE_SKIP_VERIFY: "false"
LOGGING_DIR: "/app/logs"
# debug, info, warn, error
LOGGING_LEVEL: "info"
JIRA_JQL_AUTO_FULL_REFRESH: "true"
##########################
# ENABLE_SUBTASKS_BY_DEFAULT: This environment variable is used to enable or disable the execution of subtasks.
# The format is as follows: plugin_name1:subtask_name1:enabled_value,plugin_name2:subtask_name2:enabled_value,plugin_name3:subtask_name3:enabled_value
##########################
# ENABLE_SUBTASKS_BY_DEFAULT default value as below:
# ENABLE_SUBTASKS_BY_DEFAULT: "jira:collectIssueChangelogs:true,jira:extractIssueChangelogs:true,jira:convertIssueChangelogs:true,tapd:collectBugChangelogs:true,tapd:extractBugChangelogs:true,tapd:convertBugChangelogs:true,zentao:collectBugRepoCommits:true,zentao:extractBugRepoCommits:true,zentao:convertBugRepoCommits:true,zentao:collectStoryRepoCommits:true,zentao:extractStoryRepoCommits:true,zentao:convertStoryRepoCommits:true,zentao:collectTaskRepoCommits:true,zentao:extractTaskRepoCommits:true,zentao:convertTaskRepoCommits:true"
#extra envs from an existing secret
extraEnvsFromSecret: ""
encryptionSecret:
# The name of secret which contains keys named ENCRYPTION_SECRET
secretName: ""
# if secretName is empty, secret should be set
# you can generate the encryption secret via cmd `openssl rand -base64 2000 | tr -dc 'A-Z' | fold -w 128 | head -n 1`
secret: ""
autoCreateSecret: true
# If hostNetwork is true, then dnsPolicy is set to ClusterFirstWithHostNet
hostNetwork: false
resources: {}
strategy:
type: Recreate
nodeSelector: {}
tolerations: []
affinity: {}
extraLabels: {}
securityContext: {}
containerSecurityContext: {}
initContainerSecurityContext: {}
podAnnotations: {}
initContainers: []
livenessProbe:
httpGet:
path: /ping
port: 8080
scheme: HTTP
failureThreshold: 5
initialDelaySeconds: 30
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /ping
port: 8080
scheme: HTTP
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
deployment:
extraLabels: {}
service:
extraLabels: {}
# Additional volumes to include in the Pod. Example:
#
# volumes:
# - name: my-volume
# configMap: my-config-map
volumes: []
# Additional volume mounts to include in the Container. Example:
#
# volumeMounts:
# - name: test-volume
# mountPath: /opt/test_folder
# subPath: test_file.yaml
volumeMounts: []
# Name of an existing ServiceAccount to use for the lake pod.
# If empty, the pod uses the namespace default ServiceAccount.
serviceAccount:
name: ""
ui:
replicaCount: 1
revisionHistoryLimit: 10
image:
repository: apache/devlake-config-ui
pullPolicy: Always
# defaults to imageTag; if set, lake.image.tag will override imageTag
# tag:
resources: {}
strategy: {}
nodeSelector: {}
tolerations: []
affinity: {}
livenessProbe:
httpGet:
path: /health/
port: 4000
scheme: HTTP
failureThreshold: 5
initialDelaySeconds: 15
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /health/
port: 4000
scheme: HTTP
failureThreshold: 3
initialDelaySeconds: 5
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 5
basicAuth:
enabled: false
user: admin
password: admin
autoCreateSecret: true
secretName: ""
extraLabels: {}
podAnnotations: {}
## SecurityContext holds pod-level security attributes and common container settings.
## This defaults to non root user with uid 101 and gid 1000. *v1.PodSecurityContext false
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
securityContext:
{}
# fsGroup: 101
# runAsGroup: 1000
# runAsNonRoot: true
# runAsUser: 101
## K8s containers' Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
containerSecurityContext:
{}
# allowPrivilegeEscalation: false
# capabilities:
# drop:
# - all
deployment:
extraLabels: {}
service:
extraLabels: {}
## Side Contaainer Configuration
extraContainers: []
# Name of an existing ServiceAccount to use for the config-ui pod.
# If empty, the pod uses the namespace default ServiceAccount.
serviceAccount:
name: ""
# - name: vault-agent
# image: vault:1.6.2
# args:
# - agent
# - -config
# - /vault/config/config.hcl
# env:
# - name: VAULT_ADDR
# value: https://vault:8200
# - name: VAULT_SKIP_VERIFY
# value: "false"
# - name: VAULT_CACERT
# value: /vault/tls/ca.crt
# alpine image for some init containers
alpine:
image:
repository: alpine
tag: 3.16
pullPolicy: IfNotPresent
service:
# service type: NodePort/ClusterIP
type: NodePort
# node port for devlake-ui if NodePort is enabled
uiPort: 32001
ingress:
enabled: false
enableHttps: false
# Set to false if you want to use a different ingress controller
useDefaultNginx: false
# ingress class name, example: alb for AWS load balancer controller
className:
# domain name for hosting devlake, must be set if ingress is enabled
hostname: localhost
extraLabels: {}
# annotations required for your ingress controller; see the examples below
# for nginx, use the first two lines of annotations
# for alb (w/ external-dns), use the last 5 (6) lines of annotations
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
#
# alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
# alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-2:xxx:certificate/xxx-xxx-xxx
# alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}, {"HTTP":80}]'
# alb.ingress.kubernetes.io/scheme: internet-facing
# alb.ingress.kubernetes.io/target-type: ip
# external-dns.alpha.kubernetes.io/hostname: www.example.com
# url prefix, not works right now, keep "/"
prefix: /
# if using https provides the certificates secret name
tlsSecretName: ""
# ingress http port
httpPort: 80
# ingress https port
httpsPort: 443
extraPaths: []
# extraPaths:
# - path: /*
# pathType: ImplementationSpecific
# backend:
# service:
# name: ssl-redirect
# port:
# name: use-annotation
option:
# database type, supported: [mysql]
database: mysql
# the existing k8s secret name of db connection auth. The secret name should be as same as .Values.grafana.envFromSecret
connectionSecretName: *devlake_mysql_auth
# Optional: override the ConfigMap name for non-sensitive DB envs used across components
# Default is a fixed name to align references from subcharts
connectionConfigmapName: *devlake_mysql_auth_config
autoCreateSecret: true
# If true, the chart assembles DB_URL automatically for MySQL. Set to false
# to disable auto-assembly and provide DB_URL yourself via `lake.envs` or
# an external secret referenced by `lake.extraEnvsFromSecret`.
assembleDbUrl: true
# Define some extra resources to be created
# This section is useful when you need ExternalResource or Secrets, etc.
extraResources: []
# - apiVersion: v1
# kind: Secret
# metadata:
# name: example-secret
# labels: {}
# type: Opaque
# stringData:
# username: admin
# password: mypassword