mthomson/fleet-infra
1
0
Fork 0
mirror of https://github.com/michaelthomson0797/fleet-infra.git synced 2026-02-04 13:09:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
6544437d911b07aea4d571a5035bb92ebb8ab11a
fleet-infra/woodpecker/helmrelease-woodpecker.yaml
Michael Thomson 6544437d91 idk
2024-01-14 18:31:52 -05:00

330 lines
11 KiB
YAML
Raw Blame History

apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: woodpecker
namespace: woodpecker
spec:
chart:
spec:
chart: woodpecker
version: 1.0.x
sourceRef:
kind: HelmRepository
name: woodpecker
namespace: flux-system
interval: 15m
timeout: 5m
releaseName: woodpecker
values:
# Default values for woodpecker.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# -- Overrides the name of the chart
nameOverride: ""
# -- Overrides the full name of the chart
fullnameOverride: ""
agent:
# -- Enable the agent component
enabled: true
# -- The number of replicas for the deployment
replicaCount: 2
image:
# -- The image registry
registry: docker.io
# -- The image repository
repository: woodpeckerci/woodpecker-agent
# -- The pull policy for the image
pullPolicy: IfNotPresent
# -- Overrides the image tag whose default is the chart appVersion.
tag: ""
env:
# -- Add the environment variables for the agent component
WOODPECKER_SERVER: "woodpecker-server:9000"
WOODPECKER_BACKEND: kubernetes
WOODPECKER_BACKEND_K8S_NAMESPACE: woodpecker
WOODPECKER_BACKEND_K8S_STORAGE_CLASS: "longhorn"
WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 10G
WOODPECKER_BACKEND_K8S_STORAGE_RWX: false
WOODPECKER_BACKEND_K8S_POD_LABELS: ""
WOODPECKER_BACKEND_K8S_POD_ANNOTATIONS: ""
WOODPECKER_CONNECT_RETRY_COUNT: "1"
# -- Add extra secret that is contains environment variables
extraSecretNamesForEnvFrom: []
# - woodpecker-secret
# -- Additional volumes that can be mounted in containers
extraVolumes:
[]
# - name: docker-config
# configMap:
# name: docker-config
# - name: data-volume
# persistentVolumeClaim:
# claimName: example
# -- Additional volumes that will be attached to the agent container
extraVolumeMounts:
[]
# - name: ca-certs
# mountPath: /etc/ssl/certs/ca-certificates.crt
# -- The image pull secrets
imagePullSecrets: []
# -- Overrides the name of the chart of the agent component
nameOverride: ""
# -- Overrides the full name of the chart of the agent component
fullnameOverride: ""
serviceAccount:
# -- Specifies whether a service account should be created (also see RBAC subsection)
create: true
# -- Annotations to add to the service account
annotations: {}
# -- The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
rbac:
# -- If your cluster has RBAC enabled and you're using the Kubernetes agent-
# backend you'll need this. (this is true for almost all production clusters)
# only change this if you have a non CNCF compliant cluster, missing the RBAC endpoints
# the Role and RoleBinding are only created if serviceAccount.create is also true
create: true
# Additional annotations and labels in role and roleBinding are only needed, if you
# are using additional tooling to manage / verify roles or roleBindings (OPA, etc.)
role:
annotations: {}
labels: {}
roleBinding:
annotations: {}
labels: {}
# -- Add pod annotations for the agent component
podAnnotations: {}
# -- Add pod security context
podSecurityContext:
{}
# fsGroup: 2000
# -- Add security context
securityContext:
{}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
# -- Specifies the resources for the agent component
resources:
{}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# -- Specifies the labels of the nodes that the agent component must be running
nodeSelector: {}
# -- Specifies the tolerations
tolerations: []
# -- Specifies the affinity
affinity: {}
# -- Overrides the default DNS configuration
dnsConfig: {}
# -- Using topology spread constraints, you can ensure that there is at least one agent
# pod for each topology zone, e.g. one per arch for multi-architecture clusters
# or one for each region for geographically distributed cloud-hosted clusters.
# Ref: <https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/>
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: "beta.kubernetes.io/arch"
# whenUnsatisfiable: "DoNotSchedule"
# labelSelector:
# matchLabels:
# "app.kubernetes.io/name": woodpecker-agent
server:
# -- Enable the server component
enabled: true
statefulSet:
# -- Add annotations to the StatefulSet
annotations: {}
# -- Add labels to the StatefulSet
labels: {}
# -- Defines the number of replicas
replicaCount: 1
# -- The maximum number of revisions that will be maintained in the StatefulSet's revision history
# Default in 10.
revisionHistoryLimit: 5
updateStrategy:
# -- Defines the update strategy of the StatefulSet
type: RollingUpdate
image:
# -- The image registry
registry: docker.io
# -- The image repository
repository: woodpeckerci/woodpecker-server
# -- The image pull policy
pullPolicy: IfNotPresent
# -- Overrides the image tag whose default is the chart appVersion.
tag: ""
# -- Add environment variables for the server component
env:
WOODPECKER_ADMIN: "woodpecker,admin,gitea_admin,mthomson"
WOODPECKER_HOST: "https://woodpecker.michaelthomson.dev"
WOODPECKER_WEBHOOK_HOST: "http://woodpecker-server:80"
WOODPECKER_GITEA: "true"
WOODPECKER_GITEA_URL: "https://gitea.michaelthomson.dev"
WOODPECKER_GITEA_CLIENT: "93262b6f-e472-4ba5-b28e-3b9aa3de30f6"
WOODPECKER_GITEA_SECRET: "gto_bd2gg2etyx4enh5zgnnm7yodmsrtztxkx4pgezdo7vpaboq4ejcq"
WOODPECKER_GITEA_SKIP_VERIFY: "true"
# -- Add extra environment variables from the secrets list
extraSecretNamesForEnvFrom: []
# - woodpecker-github-client
# - woodpecker-github-secret
# - woodpecker-secret
# -- Additional volumes that can be mounted in containers
extraVolumes:
[]
# - name: docker-config
# configMap:
# name: docker-config
# - name: data-volume
# persistentVolumeClaim:
# claimName: example
# -- Additional volumes that will be attached to the agent container
extraVolumeMounts:
[]
# - name: ca-certs
# mountPath: /etc/ssl/certs/ca-certificates.crt
persistentVolume:
# -- Enable the creation of the persistent volume
enabled: true
# -- Defines the size of the persistent volume
size: 10Gi
# -- Defines the path where the volume should be mounted
mountPath: "/var/lib/woodpecker"
# -- Defines the storageClass of the persistent volume
storageClass: "longhorn"
# -- The image pull secrets
imagePullSecrets: []
# -- Overrides the name of the helm chart of the server component
nameOverride: ""
# -- Overrides the full name of the helm chart of the server component
fullnameOverride: ""
serviceAccount:
# -- Specifies whether a service account should be created
create: false
# -- Annotations to add to the service account
annotations: {}
# -- The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
# -- Add pod annotations
podAnnotations:
{}
# prometheus.io/scrape: "true"
# -- Add pod security context
podSecurityContext:
{}
# fsGroup: 2000
# -- Add security context
securityContext:
{}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
# -- The type of the service
type: ClusterIP
# -- The port of the service
port: &servicePort 80
# -- The cluster IP of the service (optional)
clusterIP:
# -- The loadbalancer IP of the service (optional)
loadBalancerIP:
ingress:
# -- Enable the ingress for the server component
enabled: true
# -- Add annotations to the ingress
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd
traefik.ingress.kubernetes.io/router.tls: "true"
# -- Defines which ingress controller will implement the resource
ingressClassName: traefik
hosts:
- host: woodpecker.michaelthomson.dev
paths:
- path: /
backend:
serviceName: woodpecker-server
servicePort: *servicePort
tls:
- hosts:
- woodpecker.michaelthomson.dev
secretName: letsencrypt-wildcard-cert-michaelthomson.dev
# -- Specifies the ressources for the server component
resources:
{}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# -- Defines the labels of the node where the server component must be running
nodeSelector: {}
# -- Add tolerations rules
tolerations: []
# -- Add affinity
affinity: {}
# -- Overrides the default DNS configuration
dnsConfig: {}
Reference in New Issue View Git Blame Copy Permalink