Iain Sproat
c37235381f
* feat(deployment): package as Docker image & Helm Chart * remove erroneous permission request * fix corepack issue * fix prettier * deployment testing of helm chart with ctlptl, tilt & kind * fix linting * remove need for license to be mounted * ensure consistency in naming * incorporate copilot comments * fix CI pipeline * fix * incorporate copilot review comments * include MIXPANEL environment variable * remove single quotes from NODE_ENV ARG --------- Co-authored-by: Oğuzhan Koral <45078678+oguzhankoral@users.noreply.github.com>
151 lines
6.2 KiB
YAML
151 lines
6.2 KiB
YAML
# Default values for speckle-dui3.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
# This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/
|
|
replicaCount: 1
|
|
|
|
# This sets the container image more information can be found here: https://kubernetes.io/docs/concepts/containers/images/
|
|
image:
|
|
repository: ghcr.io/specklesystems/speckle-dui
|
|
# This sets the pull policy for images.
|
|
pullPolicy: IfNotPresent
|
|
# Overrides the image tag whose default is the chart appVersion.
|
|
tag: ""
|
|
|
|
# This is for the secrets for pulling an image from a private repository more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
|
imagePullSecrets: []
|
|
# This is to override the chart name.
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
# This section builds out the service account more information can be found here: https://kubernetes.io/docs/concepts/security/service-accounts/
|
|
serviceAccount:
|
|
# Specifies whether a service account should be created.
|
|
create: true
|
|
# Automatically mount a ServiceAccount's API credentials?
|
|
automount: false
|
|
# Annotations to add to the service account.
|
|
annotations: {}
|
|
# The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template.
|
|
name: ""
|
|
|
|
# This is for setting Kubernetes Annotations to a Pod.
|
|
# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
|
podAnnotations: {}
|
|
# This is for setting Kubernetes Labels to a Pod.
|
|
# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
|
podLabels: {}
|
|
|
|
podSecurityContext: {}
|
|
# fsGroup: 2000
|
|
|
|
securityContext: {}
|
|
# capabilities:
|
|
# drop:
|
|
# - ALL
|
|
# readOnlyRootFilesystem: true
|
|
# runAsNonRoot: true
|
|
# runAsUser: 1000
|
|
|
|
# This is for setting up a service more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/
|
|
service:
|
|
# This sets the service type more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
|
|
type: ClusterIP
|
|
# This sets the ports more information can be found here: https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
|
|
port: 80
|
|
|
|
security:
|
|
## The IP addresses of trusted proxies, such as loadbalancers or WAFs, that may be forwarding traffic to the dashboards. This is important for correctly handling the X-Forwarded-For header and ensuring accurate client IP logging and security measures. Empty means all proxies are trusted, which may not be secure in production environments. We recommend setting this to the specific IP addresses of your trusted proxies.
|
|
trustedProxies: []
|
|
## A list of urls to be added as frame-ancestors of the Content-Security-Policy header. Empty means 'self', allowing embedding only from the same origin as the dashboards. We recommend setting this to the specific hostnames of your parent applications that will be embedding the dashboards in iframes.
|
|
frameAncestors: []
|
|
## A list of urls to be added as frame-src (and script-src, style-src, img-src) of the Content-Security-Policy header. Empty means 'self', allowing embedding of dashboards resources only from the same origin. We recommend setting this to the specific hostnames of Speckle DUI3.
|
|
frameSource: []
|
|
|
|
# This block is for setting up the ingress for more information can be found here: https://kubernetes.io/docs/concepts/services-networking/ingress/
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations: {}
|
|
# kubernetes.io/ingress.class: nginx
|
|
# kubernetes.io/tls-acme: "true"
|
|
hosts:
|
|
# As dashboards expect to serve all paths under the root, we recommend using a dedicated hostname for the service, e.g. dashboards.example.com, and not sharing it with other services.
|
|
- host: chart-example.local
|
|
paths:
|
|
# Please retain this path, the dashboards expect to serve all paths under the root.
|
|
- path: /
|
|
pathType: ImplementationSpecific
|
|
tls: []
|
|
# - secretName: chart-example-tls
|
|
# hosts:
|
|
# - chart-example.local
|
|
|
|
# -- Expose the service via gateway-api HTTPRoute
|
|
# Requires Gateway API resources and suitable controller installed within the cluster
|
|
# (see: https://gateway-api.sigs.k8s.io/guides/)
|
|
httpRoute:
|
|
# HTTPRoute enabled.
|
|
enabled: false
|
|
# HTTPRoute annotations.
|
|
annotations: {}
|
|
# Which Gateways this Route is attached to.
|
|
parentRefs:
|
|
- name: gateway
|
|
sectionName: http
|
|
# namespace: default
|
|
# Hostnames matching HTTP header.
|
|
hostnames:
|
|
# As dashboards expect to serve all paths under the root, we recommend using a dedicated hostname for the service, e.g. dashboards.example.com, and not sharing it with other services.
|
|
- chart-example.local
|
|
# List of rules and filters applied.
|
|
rules:
|
|
- matches:
|
|
# Please retain this path, the dashboards expect to serve all paths under the root.
|
|
- path:
|
|
type: PathPrefix
|
|
value: /
|
|
|
|
resources: {}
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
# This is to setup the liveness and readiness probes more information can be found here: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: http
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: http
|
|
|
|
# Additional volumes on the output Deployment definition.
|
|
volumes: []
|
|
# - name: foo
|
|
# secret:
|
|
# secretName: mysecret
|
|
# optional: false
|
|
|
|
# Additional volumeMounts on the output Deployment definition.
|
|
volumeMounts: []
|
|
# - name: foo
|
|
# mountPath: "/etc/foo"
|
|
# readOnly: true
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|