Commit e29da7db authored by Dominik Hebeler's avatar Dominik Hebeler

Added default helm chart

parent 3c53f70a
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:alpine-helm"
stages:
- test
- release
lint:
stage: test
script:
- helm lint .
release-chart:
stage: release
script:
- curl --fail --request POST --form "token=$CI_JOB_TOKEN" --form ref=master https://gitlab.com/api/v4/projects/2860651/trigger/pipeline
only:
- master@gitlab-org/charts/auto-deploy-app
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
## Contributing
Thank you for your interest in contributing to this GitLab project! We welcome
all contributions. By participating in this project, you agree to abide by the
[code of conduct](#code-of-conduct).
## Developer Certificate of Origin + License
By contributing to GitLab B.V., You accept and agree to the following terms and
conditions for Your present and future Contributions submitted to GitLab B.V.
Except for the license granted herein to GitLab B.V. and recipients of software
distributed by GitLab B.V., You reserve all right, title, and interest in and to
Your Contributions. All Contributions are subject to the following DCO + License
terms.
[DCO + License](https://gitlab.com/gitlab-org/dco/blob/master/README.md)
_This notice should stay as the first item in the CONTRIBUTING.md file._
## Code of conduct
We want to create a welcoming environment for everyone who is interested
in contributing. Please visit our [Code of Conduct
page](https://about.gitlab.com/contributing/code-of-conduct) to learn
more about our committment to an open and welcoming environment.
apiVersion: v1
description: GitLab's Auto-deploy Helm Chart
name: auto-deploy-app
version: 0.4.0
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png
Copyright GitLab B.V.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
# GitLab's Auto-deploy Helm Chart
## Requirements
- Helm `2.9.0` and above is required in order support `"helm.sh/hook-delete-policy": before-hook-creation` for migrations
## Configuration
| Parameter | Description | Default |
| --- | --- | --- |
| replicaCount | | `1` |
| image.repository | | `gitlab.example.com/group/project` |
| image.tag | | `stable` |
| image.pullPolicy | | `Always` |
| image.secrets | | `[name: gitlab-registry]` |
| podAnnotations | Pod annotations | `{}` |
| application.track | | `stable` |
| application.tier | | `web` |
| application.migrateCommand | If present, this variable will run as a shell command within an application Container as a Helm pre-upgrade Hook. Intended to run migration commands. | `nil` |
| application.initializeCommand | If present, this variable will run as shall command within an application Container as a Helm post-install Hook. Intended to run database initialization commands. | `nil` |
| application.secretName | Pass in the name of a Secret which the deployment will [load all key-value pairs from the Secret as environment variables](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables) in the application container. | `nil` |
| application.secretChecksum | Pass in the checksum of the secrets referenced by `application.secretName`. | `nil` |
| hpa.enabled | If true, enables horizontal pod autoscaler. A resource request is also required to be set, such as `resources.requests.cpu: 200m`.| `false` |
| hpa.minReplicas | | `1` |
| hpa.maxReplicas | | `5` |
| hpa.targetCPUUtilizationPercentage | Percentage threshold when HPA begins scaling out pods | `80` |
| gitlab.app | GitLab project slug. | `nil` |
| gitlab.env | GitLab environment slug. | `nil` |
| gitlab.envName | GitLab environment name. | `nil` |
| gitlab.envURL | GitLab environment URL. | `nil` |
| service.enabled | | `true` |
| service.annotations | Service annotations | `{}` |
| service.name | | `web` |
| service.type | | `ClusterIP` |
| service.url | | `http://my.host.com/` |
| service.additionalHosts | If present, this list will add additional hostnames to the server configuration. | `nil` |
| service.commonName | If present, this will define the ssl certificate common name to be used by CertManager. `service.url` and `service.additionalHosts` will be added as Subject Alternative Names (SANs) | `nil` |
| service.externalPort | | `5000` |
| service.internalPort | | `5000` |
| ingress.tls.enabled | If true, enables SSL | `true` |
| ingress.tls.secretName | Name of the secret used to terminate SSL traffic | `""` |
| ingress.modSecurity.enabled | Enable custom configuration for modsecurity, defaulting to [the Core Rule Set](https://coreruleset.org) | `false` |
| ingress.modSecurity.secRuleEngine | Configuration for [ModSecurity's rule engine](https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual-(v2.x)#SecRuleEngine) | `DetectionOnly` |
| ingress.annotations | Ingress annotations | `{kubernetes.io/tls-acme: "true", kubernetes.io/ingress.class: "nginx"}` |
| livenessProbe.path | Path to access on the HTTP server on periodic probe of container liveness. | `/` |
| livenessProbe.scheme | Scheme to access the HTTP server (HTTP or HTTPS). | `HTTP` |
| livenessProbe.initialDelaySeconds | # of seconds after the container has started before liveness probes are initiated. | `15` |
| livenessProbe.timeoutSeconds | # of seconds after which the liveness probe times out. | `15` |
| livenessProbe.probeType | Type of [liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes) to use. | `httpGet`
| readinessProbe.path | Path to access on the HTTP server on periodic probe of container readiness. | `/` |
| readinessProbe.scheme | Scheme to access the HTTP server (HTTP or HTTPS). | `HTTP` |
| readinessProbe.initialDelaySeconds | # of seconds after the container has started before readiness probes are initiated. | `5` |
| readinessProbe.timeoutSeconds | # of seconds after which the readiness probe times out. | `3` |
| readinessProbe.probeType | Type of [readiness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes) to use. | `httpGet`
| postgresql.enabled | | `true` |
| postgresql.managed | If true, this will provision a managed Postgres instance via crossplane. | `false` |
| postgresql.managedClassSelector | This will allow provisioning a Postgres instance based on label selectors via Crossplane, eg: `managedClassSelector.matchLabels.stack: gitlab`. The `postgresql.managed` value should be true as well for this to be honoured. [Crossplane Configuration](https://docs.gitlab.com/ee/user/clusters/applications.html#crossplane) | `{}` |
| podDisruptionBudget.enabled | | `false` |
| podDisruptionBudget.maxUnavailable | | `1` |
| podDisruptionBudget.minAvailable | If present, this variable will configure minAvailable in the PodDisruptionBudget. :warning: if you have `replicaCount: 1` and `podDisruptionBudget.minAvailable: 1` `kubectl drain` will be blocked. | `nil` |
| prometheus.metrics | Annotates the service for prometheus auto-discovery. Also denies access to the `/metrics` endpoint from external addresses with Ingress. | `false` |
dependencies:
- name: postgresql
repository: https://kubernetes-charts.storage.googleapis.com/
version: 0.7.1
digest: sha256:358ce85fe4d3461ea6bb96713470a80de9c1324214a2e6f97d800298c02530e2
generated: 2017-08-28T15:22:30.690341342-05:00
dependencies:
- name: postgresql
version: "0.7.1"
repository: "https://kubernetes-charts.storage.googleapis.com/"
condition: postgresql.enabled
{{- if .Values.service.enabled -}}
Application should be accessible at: {{ .Values.service.url }}
{{- else -}}
Application will be accessible at: {{ .Values.service.url }} when you deploy stable track.
{{- end -}}
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 24 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trimSuffix "-app" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "appname" -}}
{{- $releaseName := default .Release.Name .Values.releaseOverride -}}
{{- printf "%s" $releaseName | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "trackableappname" -}}
{{- $trackableName := printf "%s-%s" (include "appname" .) .Values.application.track -}}
{{- $trackableName | trimSuffix "-stable" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Get a hostname from URL
*/}}
{{- define "hostname" -}}
{{- . | trimPrefix "http://" | trimPrefix "https://" | trimSuffix "/" | quote -}}
{{- end -}}
{{- if .Values.application.initializeCommand -}}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ template "trackableappname" . }}-db-initialize
labels:
app: {{ template "appname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version| replace "+" "_" }}"
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
"helm.sh/hook": post-install
"helm.sh/hook-delete-policy": before-hook-creation
"helm.sh/hook-weight": "0"
spec:
template:
metadata:
labels:
app: {{ template "appname" . }}
release: {{ .Release.Name }}
spec:
restartPolicy: Never
imagePullSecrets:
{{ toYaml .Values.image.secrets | indent 10 }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
command: ["/bin/sh"]
args: ["-c", "{{ .Values.application.initializeCommand }}"]
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.application.secretName }}
envFrom:
- secretRef:
name: {{ .Values.application.secretName }}
{{- end }}
env:
- name: DATABASE_URL
value: {{ .Values.application.database_url | quote }}
{{- end -}}
{{- if .Values.application.migrateCommand -}}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ template "trackableappname" . }}-db-migrate
labels:
app: {{ template "appname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version| replace "+" "_" }}"
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
"helm.sh/hook": pre-upgrade
"helm.sh/hook-delete-policy": before-hook-creation
"helm.sh/hook-weight": "0"
spec:
template:
metadata:
labels:
app: {{ template "appname" . }}
release: {{ .Release.Name }}
spec:
restartPolicy: Never
imagePullSecrets:
{{ toYaml .Values.image.secrets | indent 10 }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
command: ["/bin/sh"]
args: ["-c", "{{ .Values.application.migrateCommand }}"]
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.application.secretName }}
envFrom:
- secretRef:
name: {{ .Values.application.secretName }}
{{- end }}
env:
- name: DATABASE_URL
value: {{ .Values.application.database_url | quote }}
{{- end -}}
{{- if not .Values.application.initializeCommand -}}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "trackableappname" . }}
annotations:
{{ if .Values.gitlab.app }}app.gitlab.com/app: {{ .Values.gitlab.app | quote }}{{ end }}
{{ if .Values.gitlab.env }}app.gitlab.com/env: {{ .Values.gitlab.env | quote }}{{ end }}
labels:
app: {{ template "appname" . }}
track: "{{ .Values.application.track }}"
tier: "{{ .Values.application.tier }}"
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
template:
metadata:
annotations:
checksum/application-secrets: "{{ .Values.application.secretChecksum }}"
{{ if .Values.gitlab.app }}app.gitlab.com/app: {{ .Values.gitlab.app | quote }}{{ end }}
{{ if .Values.gitlab.env }}app.gitlab.com/env: {{ .Values.gitlab.env | quote }}{{ end }}
{{- if .Values.podAnnotations }}
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
labels:
app: {{ template "appname" . }}
track: "{{ .Values.application.track }}"
tier: "{{ .Values.application.tier }}"
release: {{ .Release.Name }}
spec:
imagePullSecrets:
{{ toYaml .Values.image.secrets | indent 10 }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.application.secretName }}
envFrom:
- secretRef:
name: {{ .Values.application.secretName }}
{{- end }}
env:
{{- if .Values.postgresql.managed }}
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: app-postgres
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: app-postgres
key: password
- name: POSTGRES_HOST
valueFrom:
secretKeyRef:
name: app-postgres
key: privateIP
{{- end }}
- name: DATABASE_URL
value: {{ .Values.application.database_url | quote }}
- name: GITLAB_ENVIRONMENT_NAME
value: {{ .Values.gitlab.envName }}
- name: GITLAB_ENVIRONMENT_URL
value: {{ .Values.gitlab.envURL }}
ports:
- name: "{{ .Values.service.name }}"
containerPort: {{ .Values.service.internalPort }}
livenessProbe:
{{- if eq .Values.livenessProbe.probeType "httpGet" }}
httpGet:
path: {{ .Values.livenessProbe.path }}
scheme: {{ .Values.livenessProbe.scheme }}
port: {{ .Values.service.internalPort }}
{{- else if eq .Values.livenessProbe.probeType "tcpSocket" }}
tcpSocket:
port: {{ .Values.service.internalPort }}
{{- end }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
readinessProbe:
{{- if eq .Values.readinessProbe.probeType "httpGet" }}
httpGet:
path: {{ .Values.readinessProbe.path }}
scheme: {{ .Values.readinessProbe.scheme }}
port: {{ .Values.service.internalPort }}
{{- else if eq .Values.readinessProbe.probeType "tcpSocket" }}
tcpSocket:
port: {{ .Values.service.internalPort }}
{{- end }}
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
resources:
{{ toYaml .Values.resources | indent 12 }}
{{- end -}}
{{- if and .Values.hpa.enabled .Values.resources.requests -}}
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: {{ template "fullname" . }}
labels:
app: {{ template "appname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
scaleTargetRef:
kind: Deployment
name: {{ template "appname" . }}
apiVersion: apps/v1beta1
minReplicas: {{ .Values.hpa.minReplicas }}
maxReplicas: {{ .Values.hpa.maxReplicas }}
targetCPUUtilizationPercentage: {{ .Values.hpa.targetCPUUtilizationPercentage }}
{{- end -}}
{{- if .Values.service.enabled -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ template "fullname" . }}
labels:
app: {{ template "appname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version| replace "+" "_" }}"
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
annotations:
{{- if .Values.ingress.annotations }}
{{ toYaml .Values.ingress.annotations | indent 4 }}
{{- end }}
{{- if and .Values.ingress.modSecurity .Values.ingress.modSecurity.enabled }}
nginx.ingress.kubernetes.io/modsecurity-snippet: |
SecRuleEngine {{ .Values.ingress.modSecurity.secRuleEngine | default "DetectionOnly" | title }}
{{- end }}
{{- if .Values.prometheus.metrics }}
nginx.ingress.kubernetes.io/server-snippet: |-
location /metrics {
deny all;
}
{{- end }}
spec:
{{- if .Values.ingress.tls.enabled }}
tls:
- hosts:
{{- if .Values.service.commonName }}
- {{ template "hostname" .Values.service.commonName }}
{{- end }}
- {{ template "hostname" .Values.service.url }}
{{- if .Values.service.additionalHosts }}
{{- range $host := .Values.service.additionalHosts }}
- {{ $host }}
{{- end -}}
{{- end }}
secretName: {{ .Values.ingress.tls.secretName | default (printf "%s-tls" (include "fullname" .)) }}
{{- end }}
rules:
- host: {{ template "hostname" .Values.service.url }}
http:
&httpRule
paths:
- path: /
backend:
serviceName: {{ template "fullname" . }}
servicePort: {{ .Values.service.externalPort }}
{{- if .Values.service.commonName }}
- host: {{ template "hostname" .Values.service.commonName }}
http:
<<: *httpRule
{{- end -}}
{{- if .Values.service.additionalHosts }}
{{- range $host := .Values.service.additionalHosts }}
- host: {{ $host }}
http:
<<: *httpRule
{{- end -}}
{{- end -}}
{{- end -}}
{{- if .Values.podDisruptionBudget.enabled }}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: {{ template "fullname" . }}
labels:
app: {{ template "appname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
{{- if .Values.podDisruptionBudget.minAvailable }}
minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
{{- end }}
{{- if .Values.podDisruptionBudget.maxUnavailable }}
maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
{{- end }}
selector:
matchLabels:
app: {{ template "appname" . }}
release: {{ .Release.Name }}
{{- end }}
{{- if .Values.postgresql.managed -}}
apiVersion: database.crossplane.io/v1alpha1
kind: PostgreSQLInstance
metadata:
name: {{ template "appname" . }}
spec:
engineVersion: "9.6"
writeConnectionSecretToRef:
name: app-postgres
{{- if .Values.postgresql.managedClassSelector }}
classSelector:
{{ toYaml .Values.postgresql.managedClassSelector | indent 4 }}
{{- end }}
{{- end -}}
{{- if .Values.service.enabled -}}
apiVersion: v1
kind: Service
metadata:
name: {{ template "fullname" . }}
annotations:
{{- if .Values.service.annotations }}
{{ toYaml .Values.service.annotations | indent 4 }}
{{- end }}
{{- if .Values.prometheus.metrics }}
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.service.internalPort }}"
{{- end }}
labels:
app: {{ template "appname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
protocol: TCP
name: {{ .Values.service.name }}
selector:
app: {{ template "appname" . }}
tier: "{{ .Values.application.tier }}"
{{- end -}}
{{- if and (not .Values.application.initializeCommand) .Values.workers -}}
apiVersion: v1
kind: List
items:
{{- range $workerName, $workerConfig := .Values.workers }}
- apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "trackableappname" $ }}-{{ $workerName }}
annotations:
{{ if $.Values.gitlab.app }}app.gitlab.com/app: {{ $.Values.gitlab.app | quote }}{{ end }}
{{ if $.Values.gitlab.env }}app.gitlab.com/env: {{ $.Values.gitlab.env | quote }}{{ end }}
labels:
track: "{{ $.Values.application.track }}"
tier: worker
chart: "{{ $.Chart.Name }}-{{ $.Chart.Version | replace "+" "_" }}"
release: {{ $.Release.Name }}
heritage: {{ $.Release.Service }}
spec:
replicas: {{ $workerConfig.replicaCount }}
template:
metadata:
annotations:
checksum/application-secrets: "{{ $.Values.application.secretChecksum }}"
{{ if $.Values.gitlab.app }}app.gitlab.com/app: {{ $.Values.gitlab.app | quote }}{{ end }}
{{ if $.Values.gitlab.env }}app.gitlab.com/env: {{ $.Values.gitlab.env | quote }}{{ end }}
{{- if $.Values.podAnnotations }}
{{ toYaml $.Values.podAnnotations | indent 10 }}
{{- end }}
labels:
track: "{{ $.Values.application.track }}"
tier: worker
release: {{ $.Release.Name }}
spec:
imagePullSecrets:
{{ toYaml $.Values.image.secrets | indent 12 }}
terminationGracePeriodSeconds: {{ $workerConfig.terminationGracePeriodSeconds }}
containers:
- name: {{ $.Chart.Name }}-{{ $workerName }}
image: "{{ $.Values.image.repository }}:{{ $.Values.image.tag }}"
command:
{{- range $workerConfig.command }}
- {{ . }}
{{- end }}
imagePullPolicy: {{ $.Values.image.pullPolicy }}
{{- if $.Values.application.secretName }}
envFrom:
- secretRef:
name: {{ $.Values.application.secretName }}
{{- end }}
env:
- name: DATABASE_URL
value: {{ $.Values.application.database_url | quote }}
- name: GITLAB_ENVIRONMENT_NAME
value: {{ $.Values.gitlab.envName }}
livenessProbe:
{{- if eq $.Values.livenessProbe.probeType "httpGet" }}
httpGet:
path: {{ $.Values.livenessProbe.path }}
scheme: {{ $.Values.livenessProbe.scheme }}
port: {{ $.Values.service.internalPort }}
{{- else if eq $.Values.livenessProbe.probeType "tcpSocket" }}
tcpSocket:
port: {{ $.Values.service.internalPort }}
{{- end }}
initialDelaySeconds: {{ $.Values.livenessProbe.initialDelaySeconds }}
timeoutSeconds: {{ $.Values.livenessProbe.timeoutSeconds }}
readinessProbe:
{{- if eq $.Values.readinessProbe.probeType "httpGet" }}
httpGet:
path: {{ $.Values.readinessProbe.path }}
scheme: {{ $.Values.readinessProbe.scheme }}
port: {{ $.Values.service.internalPort }}
{{- else if eq $.Values.readinessProbe.probeType "tcpSocket" }}
tcpSocket:
port: {{ $.Values.service.internalPort }}
{{- end }}
initialDelaySeconds: {{ $.Values.readinessProbe.initialDelaySeconds }}
timeoutSeconds: {{ $.Values.readinessProbe.timeoutSeconds }}
{{- if $workerConfig.preStopCommand }}
lifecycle:
preStop:
exec:
command:
{{- range $workerConfig.preStopCommand }}
- {{ . }}
{{- end }}
{{- end }}
resources:
{{ toYaml $.Values.resources | indent 14 }}
{{- end -}}
{{- end -}}
# Default values for chart.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: gitlab.example.com/group/project
tag: stable
pullPolicy: Always
secrets:
- name: gitlab-registry
podAnnotations: {}
application:
track: stable
tier: web
migrateCommand:
initializeCommand:
secretName:
secretChecksum:
hpa:
enabled: false
minReplicas: 1
maxReplicas: 5
targetCPUUtilizationPercentage: 80
gitlab:
app:
env:
envName:
envURL:
service:
enabled: true
annotations: {}
name: web
type: ClusterIP
url: http://my.host.com/
additionalHosts:
commonName:
externalPort: 5000
internalPort: 5000
ingress:
tls:
enabled: true
secretName: ""
annotations:
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.class: "nginx"
modSecurity:
enabled: false
secRuleEngine: "DetectionOnly"
prometheus:
metrics: false
livenessProbe:
path: "/"
initialDelaySeconds: 15
timeoutSeconds: 15
scheme: "HTTP"
probeType: "httpGet"
readinessProbe:
path: "/"
initialDelaySeconds: 5
timeoutSeconds: 3
scheme: "HTTP"
probeType: "httpGet"
postgresql:
enabled: true
managed: false
managedClassSelector:
# matchLabels:
# stack: gitlab (This is an example. The labels should match the labels on the CloudSQLInstanceClass)
resources:
# limits:
# cpu: 100m
# memory: 128Mi
requests:
# cpu: 100m
# memory: 128Mi
## Configure PodDisruptionBudget
## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/
#
podDisruptionBudget:
enabled: false
# minAvailable: 1
maxUnavailable: 1
workers:
# worker:
# replicaCount: 1
# terminationGracePeriodSeconds: 60
# command:
# - /bin/herokuish
# - procfile
# - start
# - worker
# preStopCommand:
# - /bin/herokuish
# - procfile
# - start