-
Notifications
You must be signed in to change notification settings - Fork 23
/
Copy pathvalues.yaml
253 lines (212 loc) · 8.46 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
# Default values for tyk-dev-portal.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global:
# adminUser specifies credentials for Tyk Dashboard and Dev Portal admin user while bootstrapping.
# Dashboard and Dev Portal admin information.
adminUser:
# If you don't want to store plaintext secrets for admin user in the Helm value file and would
# rather provide the k8s Secret externally please populate the value below
# You can set following fields in the secret:
# - adminUserEmail sets .global.adminUser.email
# - adminUserPassword sets .global.adminUser.password
useSecretName: ""
# email of Developer Portal admin
email: [email protected]
# password of Developer Portal admin
password: 123456
# firstname of Developer Portal admin
firstName: "admin"
# lastName of Developer Portal admin
lastName: "user"
tls:
# If set to true the Dashboard will use SSL connection.
dashboard: false
# If set to true the Tyk Developer Portal will use SSL connection.
devPortal: false
servicePorts:
# The port at which the dashboard service can be found
dashboard: 3000
components:
# Determines whether the bootstrap jobs should be run
# Those jobs verify the presence of the dashboard license and perform various operations to
# make apps such as tyk-dashboard, tyk-portal and tyk-operator ready to use from the get go
# If this is set to false, only the hook that checks for dashboard license will be run
# In the context of the tyk-developer-portal only, this just runs the bootstrapping jobs only for the portal
bootstrap: true
imageRegistry: ""
# Sensitive configuration of Portal could be set using k8s secret
# You can set following fields:
# - DevPortalLicense - Sets LicenseKey for Developer Portal
# - DevPortalDatabaseConnectionString - Sets database connectionString for Developer Portal
# - DevPortalAwsAccessKeyId - Sets AWS S3 Access Key ID
# - DevPortalAwsSecretAccessKey - Sets AWS S3 Secret Access Key
useSecretName: ""
# The hostname to bind the Developer Portal to.
hostName: tyk-dev-portal.local
# Developer Portal license.
license: ""
# In case you want to deploy enterprise portal as a standalone app, you can configure a different dashboard URL using
# the parameter bellow.
overrideTykDashUrl: ""
# Developer portal can be deployed as StatefulSet or as Deployment
kind: StatefulSet
storage:
# Configuration values for using an SQL database as storage for Tyk Developer Portal
# In case you want to provide the connection string via secrets please
# refer to the existing secret inside the helmchart or the
# .Values.global.secrets.useSecretName variable
# User can set the storage type for portal.
# Supported types: fs, s3, db
type: "db"
# Configuration values for using s3 as storage for Tyk Developer Portal
# In case you want to provide the key ID and access key via secrets please
# refer to the existing secret inside the helm chart or the
# .Values.useSecretName field and a secret containing
# the keys DevPortalAwsAccessKeyId and respectively,
# DevPortalAwsSecretAccessKey
s3:
awsAccessKeyid: your-access-key
awsSecretAccessKey: your-secret-key
region: sa-east-1
endpoint: your-portal-bucket
bucket: https://s3.sa-east-1.amazonaws.com
acl: private
presign_urls: true
persistence:
# User can mount existing PVC to enterprise portal
# Make sure to change the kind to Deployment if you are mounting existing PVC
mountExistingPVC: ""
storageClass: ""
accessModes:
- ReadWriteOnce
size: 8Gi
annotations: {}
labels: {}
selector: {}
database:
# This selects the SQL dialect to be used
# The supported values are mysql, postgres and sqlite3
dialect: "sqlite3"
connectionString: "db/portal.db"
enableLogs: false
maxRetries: 3
retryDelay: 5000
# replicaCount specifies number of replicas to be created if kind is Deployment.
replicaCount: 1
# containerPort specifies the container port for Tyk Developer Portal container.
# Also, it is used to set PORTAL_HOST_PORT
containerPort: 3001
image:
# image repository for Tyk Developer Portal.
repository: tykio/portal
# Developer portal < v1.2 is not supported
tag: v1.13.0
# image pull policy
pullPolicy: Always
# image pull secrets to use when pulling images from repository
imagePullSecrets: []
# annotations be added to the Deployment / Statefulset of Tyk Developer Portal
annotations: {}
# podAnnotations specifies annotations to be added in Tyk Developer Portal Pod
podAnnotations: {}
# podLabels specifies labels to be added in Tyk Developer Portal Pod
podLabels: {}
service:
# type corresponds to the service type of Tyk Developer Portal Service.
type: ClusterIP
# The port at which Tyk Developer Portal service can be found
port: 3001
# the name given to this service port
portName: ""
# externalTrafficPolicy corresponds to the external traffic policy if the service type is load balancer
externalTrafficPolicy: Local
# annotations corresponds to the annotations which will be added into Tyk Dashboard Service.
annotations: {}
# ingress specifies Ingress rules for Tyk Developer Portal Service.
# Ingress is disabled by default.
ingress:
# enabled specifies whether ingress is enabled or not.
# Set it to true to enable Ingress for Tyk Dashboard Service.
enabled: false
# specify your ingress controller class name below
className: ""
# annotations specifies annotations to be added on Ingress resource.
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# hosts corresponds to the rules to be added on Ingress rules.
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
# tls corresponds to the tls configuration if Ingress rules use TLS
tls: []
resources: {}
# We usually recommend not to specify default resources and to leave this
# as a conscious choice for the user. This also increases chances charts
# run on environments with little resources, such as Minikube. If you do
# want to specify resources, uncomment the following lines, adjust them
# as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# securityContext holds pod-level security attributes for Tyk Developer Portal pod. All fields from PodSecurityContext object can be added here.
securityContext:
runAsUser: 1000
fsGroup: 2000
runAsNonRoot: true
# containerSecurityContext holds container-level security attributes for Tyk Developer Portal pod. All fields from SecurityContext object can be added here.
containerSecurityContext:
runAsNonRoot: true
runAsUser: 1000
allowPrivilegeEscalation: false
privileged: false
readOnlyRootFilesystem: true
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
# nodeSelector is a selector which must be true for Tyk Developer Portal pod to fit on a specific node.
nodeSelector: {}
# tolerations specifies tolerations to be applied on Tyk Developer Portal pods.
tolerations: []
# affinity specifies affinity and anti-affinity constraints.
affinity: {}
# extraContainers is a list of containers to be added to the pod
# - name: sidecar
# image: sidecar:latest
extraContainers: []
# extraEnvs is used to set extra environment variables to Tyk Developer Portal pod.
# - name: PORTAL_REFRESHINTERVAL
# value: "10"
extraEnvs: []
# extraVolumes is a list of volumes to be added to the pod
# extraVolumes:
# - name: ca-certs
# secret:
# defaultMode: 420
# secretName: ca-certs
extraVolumes: []
# extraVolumeMounts is a list of volume mounts to be added to the pod
# extraVolumeMounts:
# - name: ca-certs
# mountPath: /etc/ssl/certs/ca-certs.crt
# readOnly: true
extraVolumeMounts: []
# livenessProve includes details about liveness probe used in Tyk Developer Portal
livenessProbe:
# initialDelaySeconds specifies the seconds used in liveness probe as initial delay.
initialDelaySeconds: 60
# readinessProbe includes details about readiness probe used in Tyk Developer Portal
readinessProbe:
# initialDelaySeconds specifies the seconds used in readiness probe as initial delay.
initialDelaySeconds: 60
# serviceAccountName field indicates the name of the Service Account that is going to be used by the Pods.
# If a service account is to be used for Tyk Developer Portal, it should be manually created
serviceAccountName: ""