mirror of
https://github.com/bitnami/charts.git
synced 2026-03-06 15:10:15 +08:00
ad806739e9
Signed-off-by: Javier Salmeron Garcia <jsalmeron@vmware.com> Signed-off-by: Javier J. Salmerón-García <jsalmeron@vmware.com>
1178 lines
48 KiB
YAML
1178 lines
48 KiB
YAML
# Copyright VMware, Inc.
|
||
# SPDX-License-Identifier: APACHE-2.0
|
||
|
||
## @section Global parameters
|
||
## Global Docker image parameters
|
||
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
|
||
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
|
||
##
|
||
|
||
## @param global.imageRegistry Global Docker image registry
|
||
## @param global.imagePullSecrets Global Docker registry secret names as an array
|
||
## @param global.storageClass Global StorageClass for Persistent Volume(s)
|
||
##
|
||
global:
|
||
imageRegistry: ""
|
||
## E.g.
|
||
## imagePullSecrets:
|
||
## - myRegistryKeySecretName
|
||
##
|
||
imagePullSecrets: []
|
||
storageClass: ""
|
||
|
||
## @section Common parameters
|
||
##
|
||
|
||
## @param kubeVersion Override Kubernetes version
|
||
##
|
||
kubeVersion: ""
|
||
## @param nameOverride String to partially override common.names.fullname
|
||
##
|
||
nameOverride: ""
|
||
## @param fullnameOverride String to fully override common.names.fullname
|
||
##
|
||
fullnameOverride: ""
|
||
## @param commonLabels Labels to add to all deployed objects
|
||
##
|
||
commonLabels: {}
|
||
## @param commonAnnotations Annotations to add to all deployed objects
|
||
##
|
||
commonAnnotations: {}
|
||
## @param clusterDomain Kubernetes cluster domain name
|
||
##
|
||
clusterDomain: cluster.local
|
||
## @param extraDeploy Array of extra objects to deploy with the release
|
||
##
|
||
extraDeploy: []
|
||
|
||
## Enable diagnostic mode in the deployment
|
||
##
|
||
diagnosticMode:
|
||
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
|
||
##
|
||
enabled: false
|
||
## @param diagnosticMode.command Command to override all containers in the deployment
|
||
##
|
||
command:
|
||
- sleep
|
||
## @param diagnosticMode.args Args to override all containers in the deployment
|
||
##
|
||
args:
|
||
- infinity
|
||
|
||
## @section SonarQube™ Image parameters
|
||
##
|
||
|
||
## Bitnami SonarQube™ image
|
||
## ref: https://hub.docker.com/r/bitnami/sonarqube/tags/
|
||
## @param image.registry [default: REGISTRY_NAME] SonarQube™ image registry
|
||
## @param image.repository [default: REPOSITORY_NAME/sonarqube] SonarQube™ image repository
|
||
## @skip image.tag SonarQube™ image tag (immutable tags are recommended)
|
||
## @param image.digest SonarQube™ image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
||
## @param image.pullPolicy SonarQube™ image pull policy
|
||
## @param image.pullSecrets SonarQube™ image pull secrets
|
||
## @param image.debug Enable SonarQube™ image debug mode
|
||
##
|
||
image:
|
||
registry: docker.io
|
||
repository: bitnami/sonarqube
|
||
tag: 10.3.0-debian-11-r7
|
||
digest: ""
|
||
## Specify a imagePullPolicy
|
||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||
## ref: https://kubernetes.io/docs/concepts/containers/images/#pre-pulled-images
|
||
##
|
||
pullPolicy: IfNotPresent
|
||
## Optionally specify an array of imagePullSecrets.
|
||
## Secrets must be manually created in the namespace.
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
||
## e.g:
|
||
## pullSecrets:
|
||
## - myRegistryKeySecretName
|
||
##
|
||
pullSecrets: []
|
||
## Enable debug mode
|
||
##
|
||
debug: false
|
||
|
||
## @section SonarQube™ Configuration parameters
|
||
## SonarQube™ settings based on environment variables
|
||
## ref: https://github.com/bitnami/containers/tree/main/bitnami/sonarqube#environment-variables
|
||
## @param sonarqubeUsername SonarQube™ username
|
||
##
|
||
sonarqubeUsername: user
|
||
## @param sonarqubePassword SonarQube™ user password
|
||
## Defaults to a random 10-character alphanumeric string if not set
|
||
##
|
||
sonarqubePassword: ""
|
||
## @param provisioningFolder Directory to use for provisioning content to Sonarqube
|
||
##
|
||
provisioningFolder: "/bitnami/sonarqube-provisioning"
|
||
## @param existingSecret Name of existing secret containing SonarQube™ credentials
|
||
## NOTE: Must contain key `sonarqube-password`
|
||
## NOTE: When it's set, the `sonarqubePassword` parameter is ignored
|
||
##
|
||
existingSecret: ""
|
||
## @param sonarqubeEmail SonarQube™ user email
|
||
##
|
||
sonarqubeEmail: user@example.com
|
||
## @param minHeapSize Minimum heap size for SonarQube™
|
||
##
|
||
minHeapSize: 1024m
|
||
## @param maxHeapSize Maximum heap size for SonarQube™
|
||
##
|
||
maxHeapSize: 2048m
|
||
## @param jvmOpts Values to add to SONARQUBE_WEB_JAVA_ADD_OPTS
|
||
##
|
||
jvmOpts: ""
|
||
## @param jvmCeOpts Values to add to SONAR_CE_JAVAADDITIONALOPTS
|
||
##
|
||
jvmCeOpts: ""
|
||
## @param startTimeout Timeout for the application to start in seconds
|
||
##
|
||
startTimeout: 150
|
||
## @param extraProperties List of extra properties to be set in the sonar.properties file (key=value format)
|
||
## e.g:
|
||
## extraProperties:
|
||
## - my.sonar.property1=property_value1
|
||
## - my.sonar.property2=property_value2
|
||
##
|
||
extraProperties: []
|
||
## @param sonarqubeSkipInstall Skip wizard installation
|
||
## NOTE: useful if you use an external database that already contains SonarQube™ data
|
||
## ref: https://github.com/bitnami/containers/tree/main/bitnami/sonarqube#connect-sonarqube-container-to-an-existing-database
|
||
##
|
||
sonarqubeSkipInstall: false
|
||
## @param sonarSecurityRealm Set this to LDAP authenticate first against the external sytem. If the external system is not
|
||
## reachable or if the user is not defined in the external system, authentication will be performed against SonarQube™'s internal database.
|
||
##
|
||
sonarSecurityRealm: ""
|
||
## @param sonarAuthenticatorDowncase Set to true when connecting to a LDAP server using a case-insensitive setup.
|
||
##
|
||
sonarAuthenticatorDowncase: ""
|
||
## Ldap configuration for Sonarqube
|
||
##
|
||
ldap:
|
||
## @param ldap.url URL of the LDAP server. If you are using ldaps, you should install the server certificate into the Java truststore
|
||
##
|
||
url: ""
|
||
## @param ldap.bindDn The username of an LDAP user to connect (or bind) with. Leave this blank for anonymous access to the LDAP directory.
|
||
##
|
||
bindDn: ""
|
||
## @param ldap.bindPassword The password of the user to connect with. Leave this blank for anonymous access to the LDAP directory.
|
||
##
|
||
bindPassword: ""
|
||
## @param ldap.authentication Possible values: simple, CRAM-MD5, DIGEST-MD5, GSSAPI. See the tutorial on authentication mechanisms (<http://java.sun.com/products/jndi/tutorial/ldap/security/auth.html>)
|
||
##
|
||
authentication: simple
|
||
## @param ldap.realm See Digest-MD5 Authentication, CRAM-MD5 Authentication (<http://java.sun.com/products/jndi/tutorial/ldap/security/digest.html>)
|
||
##
|
||
realm: ""
|
||
## @param ldap.contextFactoryClass Context factory class.
|
||
##
|
||
contextFactoryClass: com.sun.jndi.ldap.LdapCtxFactory
|
||
## @param ldap.StartTLS Enable use of StartTLS
|
||
##
|
||
StartTLS: false
|
||
## @param ldap.followReferrals Follow referrals or not
|
||
##
|
||
followReferrals: true
|
||
## User Mapping
|
||
## @param ldap.user.baseDn Distinguished Name (DN) of the root node in LDAP from which to search for users.
|
||
## @param ldap.user.request LDAP user request.
|
||
## @param ldap.user.realNameAttribute in LDAP defining the user’s real name.
|
||
## @param ldap.user.emailAttribute Attribute in LDAP defining the user’s email.
|
||
##
|
||
user:
|
||
baseDn: ""
|
||
request: (&(objectClass=inetOrgPerson)(uid={login}))
|
||
realNameAttribute: cn
|
||
emailAttribute: mail
|
||
## Group Mapping
|
||
## @param ldap.group.baseDn Distinguished Name (DN) of the root node in LDAP from which to search for groups.
|
||
## @param ldap.group.request LDAP group request.
|
||
## @param ldap.group.idAttribute Attribute in LDAP defining the group’s real name.
|
||
##
|
||
group:
|
||
baseDn: ""
|
||
request: (&(objectClass=groupOfUniqueNames)(uniqueMember={dn}))
|
||
idAttribute: cn
|
||
## SMTP mail delivery configuration
|
||
## ref: https://github.com/bitnami/containers/tree/main/bitnami/sonarqube/#smtp-configuration
|
||
## @param smtpHost SMTP server host
|
||
## @param smtpPort SMTP server port
|
||
## @param smtpUser SMTP username
|
||
## @param smtpPassword SMTP user password
|
||
## @param smtpProtocol SMTP protocol
|
||
##
|
||
smtpHost: ""
|
||
smtpPort: ""
|
||
smtpUser: ""
|
||
smtpPassword: ""
|
||
smtpProtocol: ""
|
||
## @param smtpExistingSecret The name of an existing secret with SMTP credentials
|
||
## NOTE: Must contain key `smtp-password`
|
||
## NOTE: When it's set, the `smtpPassword` parameter is ignored
|
||
##
|
||
smtpExistingSecret: ""
|
||
## @param command Override default container command (useful when using custom images)
|
||
##
|
||
command: []
|
||
## @param args Override default container args (useful when using custom images)
|
||
##
|
||
args: []
|
||
## @param extraEnvVars Array with extra environment variables to add to SonarQube™ nodes
|
||
## e.g:
|
||
## extraEnvVars:
|
||
## - name: FOO
|
||
## value: "bar"
|
||
##
|
||
extraEnvVars: []
|
||
## @param extraEnvVarsCM Name of existing ConfigMap containing extra env vars for SonarQube™ nodes
|
||
##
|
||
extraEnvVarsCM: ""
|
||
## @param extraEnvVarsSecret Name of existing Secret containing extra env vars for SonarQube™ nodes
|
||
##
|
||
extraEnvVarsSecret: ""
|
||
|
||
## @section SonarQube™ deployment parameters
|
||
##
|
||
|
||
## @param replicaCount Number of SonarQube™ replicas to deploy
|
||
## NOTE: ReadWriteMany PVC(s) are required if replicaCount > 1
|
||
##
|
||
replicaCount: 1
|
||
## @param containerPorts.http SonarQube™ HTTP container port
|
||
## @param containerPorts.elastic SonarQube™ Elasticsearch container port
|
||
##
|
||
containerPorts:
|
||
http: 9000
|
||
elastic: 9001
|
||
## Configure extra options for SonarQube™ containers' liveness and readiness probes
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
|
||
## @param livenessProbe.enabled Enable livenessProbe on SonarQube™ containers
|
||
## @param livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
|
||
## @param livenessProbe.periodSeconds Period seconds for livenessProbe
|
||
## @param livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
|
||
## @param livenessProbe.failureThreshold Failure threshold for livenessProbe
|
||
## @param livenessProbe.successThreshold Success threshold for livenessProbe
|
||
##
|
||
livenessProbe:
|
||
enabled: true
|
||
initialDelaySeconds: 100
|
||
periodSeconds: 10
|
||
timeoutSeconds: 5
|
||
failureThreshold: 6
|
||
successThreshold: 1
|
||
## @param readinessProbe.enabled Enable readinessProbe on SonarQube™ containers
|
||
## @param readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
|
||
## @param readinessProbe.periodSeconds Period seconds for readinessProbe
|
||
## @param readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
|
||
## @param readinessProbe.failureThreshold Failure threshold for readinessProbe
|
||
## @param readinessProbe.successThreshold Success threshold for readinessProbe
|
||
##
|
||
readinessProbe:
|
||
enabled: true
|
||
initialDelaySeconds: 100
|
||
periodSeconds: 10
|
||
timeoutSeconds: 5
|
||
failureThreshold: 6
|
||
successThreshold: 1
|
||
## @param startupProbe.enabled Enable startupProbe on SonarQube™ containers
|
||
## @param startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
|
||
## @param startupProbe.periodSeconds Period seconds for startupProbe
|
||
## @param startupProbe.timeoutSeconds Timeout seconds for startupProbe
|
||
## @param startupProbe.failureThreshold Failure threshold for startupProbe
|
||
## @param startupProbe.successThreshold Success threshold for startupProbe
|
||
##
|
||
startupProbe:
|
||
enabled: false
|
||
initialDelaySeconds: 30
|
||
periodSeconds: 10
|
||
timeoutSeconds: 1
|
||
failureThreshold: 15
|
||
successThreshold: 1
|
||
## @param customLivenessProbe Custom livenessProbe that overrides the default one
|
||
##
|
||
customLivenessProbe: {}
|
||
## @param customReadinessProbe Custom readinessProbe that overrides the default one
|
||
##
|
||
customReadinessProbe: {}
|
||
## @param customStartupProbe Custom startupProbe that overrides the default one
|
||
##
|
||
customStartupProbe: {}
|
||
## SonarQube™ resource requests and limits
|
||
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
||
## @param resources.limits The resources limits for the SonarQube™ containers
|
||
## @param resources.requests [object] The requested resources for the SonarQube™ containers
|
||
##
|
||
resources:
|
||
limits: {}
|
||
requests:
|
||
cpu: 100m
|
||
memory: 2048Mi
|
||
## Configure Pods Security Context
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
||
## @param podSecurityContext.enabled Enabled SonarQube™ pods' Security Context
|
||
## @param podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
|
||
## @param podSecurityContext.sysctls Set kernel settings using the sysctl interface
|
||
## @param podSecurityContext.supplementalGroups Set filesystem extra groups
|
||
## @param podSecurityContext.fsGroup Set SonarQube™ pod's Security Context fsGroup
|
||
##
|
||
podSecurityContext:
|
||
enabled: true
|
||
fsGroupChangePolicy: Always
|
||
sysctls: []
|
||
supplementalGroups: []
|
||
fsGroup: 1001
|
||
## Configure Container Security Context
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
||
## @param containerSecurityContext.enabled Enabled containers' Security Context
|
||
## @param containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
||
## @param containerSecurityContext.runAsUser Set containers' Security Context runAsUser
|
||
## @param containerSecurityContext.runAsNonRoot Set container's Security Context runAsNonRoot
|
||
## @param containerSecurityContext.privileged Set container's Security Context privileged
|
||
## @param containerSecurityContext.readOnlyRootFilesystem Set container's Security Context readOnlyRootFilesystem
|
||
## @param containerSecurityContext.allowPrivilegeEscalation Set container's Security Context allowPrivilegeEscalation
|
||
## @param containerSecurityContext.capabilities.drop List of capabilities to be dropped
|
||
## @param containerSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
|
||
##
|
||
containerSecurityContext:
|
||
enabled: true
|
||
seLinuxOptions: null
|
||
runAsUser: 1001
|
||
runAsNonRoot: true
|
||
privileged: false
|
||
readOnlyRootFilesystem: false
|
||
allowPrivilegeEscalation: false
|
||
capabilities:
|
||
drop: ["ALL"]
|
||
seccompProfile:
|
||
type: "RuntimeDefault"
|
||
## @param automountServiceAccountToken Mount Service Account token in pod
|
||
##
|
||
automountServiceAccountToken: false
|
||
## @param hostAliases SonarQube™ pods host aliases
|
||
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
|
||
##
|
||
hostAliases: []
|
||
## @param podLabels Extra labels for SonarQube™ pods
|
||
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
|
||
##
|
||
podLabels: {}
|
||
## @param podAnnotations Annotations for SonarQube™ pods
|
||
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
|
||
##
|
||
podAnnotations: {}
|
||
## @param podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
||
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
||
##
|
||
podAffinityPreset: ""
|
||
## @param podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
||
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
|
||
##
|
||
podAntiAffinityPreset: soft
|
||
## Node affinity preset
|
||
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
|
||
##
|
||
nodeAffinityPreset:
|
||
## @param nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`
|
||
##
|
||
type: ""
|
||
## @param nodeAffinityPreset.key Node label key to match. Ignored if `affinity` is set
|
||
##
|
||
key: ""
|
||
## @param nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set
|
||
## E.g.
|
||
## values:
|
||
## - e2e-az1
|
||
## - e2e-az2
|
||
##
|
||
values: []
|
||
## @param affinity Affinity for SonarQube™ pods assignment
|
||
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
|
||
## NOTE: `podAffinityPreset`, `podAntiAffinityPreset`, and `nodeAffinityPreset` will be ignored when it's set
|
||
##
|
||
affinity: {}
|
||
## @param nodeSelector Node labels for SonarQube™ pods assignment
|
||
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
|
||
##
|
||
nodeSelector: {}
|
||
## @param tolerations Tolerations for SonarQube™ pods assignment
|
||
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
||
##
|
||
tolerations: []
|
||
## @param updateStrategy.type SonarQube™ deployment strategy type
|
||
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
|
||
##
|
||
updateStrategy:
|
||
## StrategyType
|
||
## Can be set to RollingUpdate or Recreate
|
||
##
|
||
type: RollingUpdate
|
||
## @param priorityClassName SonarQube™ pods' priorityClassName
|
||
##
|
||
priorityClassName: ""
|
||
## @param schedulerName Name of the k8s scheduler (other than default) for SonarQube™ pods
|
||
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
|
||
##
|
||
schedulerName: ""
|
||
## @param lifecycleHooks for the SonarQube™ container(s) to automate configuration before or after startup
|
||
##
|
||
lifecycleHooks: {}
|
||
## @param extraVolumes Optionally specify extra list of additional volumes for the SonarQube™ pod(s)
|
||
##
|
||
extraVolumes: []
|
||
## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for the SonarQube™ container(s)
|
||
##
|
||
extraVolumeMounts: []
|
||
## @param sidecars Add additional sidecar containers to the SonarQube™ pod(s)
|
||
## e.g:
|
||
## sidecars:
|
||
## - name: your-image-name
|
||
## image: your-image
|
||
## imagePullPolicy: Always
|
||
## ports:
|
||
## - name: portname
|
||
## containerPort: 1234
|
||
##
|
||
sidecars: []
|
||
## @param initContainers Add additional init containers to the SonarQube™ pod(s)
|
||
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
|
||
## e.g:
|
||
## initContainers:
|
||
## - name: your-image-name
|
||
## image: your-image
|
||
## imagePullPolicy: Always
|
||
## command: ['sh', '-c', 'echo "hello world"']
|
||
##
|
||
initContainers: []
|
||
|
||
## @section Traffic Exposure Parameters
|
||
##
|
||
|
||
## SonarQube™ service parameters
|
||
##
|
||
service:
|
||
## @param service.type SonarQube™ service type
|
||
##
|
||
type: LoadBalancer
|
||
## @param service.ports.http SonarQube™ service HTTP port
|
||
## @param service.ports.elastic SonarQube™ service ElasticSearch port
|
||
##
|
||
ports:
|
||
http: 80
|
||
elastic: 9001
|
||
## Node ports to expose
|
||
## @param service.nodePorts.http Node port for HTTP
|
||
## @param service.nodePorts.elastic Node port for ElasticSearch
|
||
## NOTE: choose port between <30000-32767>
|
||
##
|
||
nodePorts:
|
||
http: ""
|
||
elastic: ""
|
||
## @param service.clusterIP SonarQube™ service Cluster IP
|
||
## e.g.:
|
||
## clusterIP: None
|
||
##
|
||
clusterIP: ""
|
||
## @param service.loadBalancerIP SonarQube™ service Load Balancer IP
|
||
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
|
||
##
|
||
loadBalancerIP: ""
|
||
## @param service.loadBalancerSourceRanges SonarQube™ service Load Balancer sources
|
||
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
|
||
## e.g:
|
||
## loadBalancerSourceRanges:
|
||
## - 10.10.10.0/24
|
||
##
|
||
loadBalancerSourceRanges: []
|
||
## @param service.externalTrafficPolicy SonarQube™ service external traffic policy
|
||
## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
||
##
|
||
externalTrafficPolicy: Cluster
|
||
## @param service.annotations Additional custom annotations for SonarQube™ service
|
||
##
|
||
annotations: {}
|
||
## @param service.extraPorts Extra ports to expose in SonarQube™ service (normally used with the `sidecars` value)
|
||
##
|
||
extraPorts: []
|
||
## @param service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"
|
||
## If "ClientIP", consecutive client requests will be directed to the same Pod
|
||
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
|
||
##
|
||
sessionAffinity: None
|
||
## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
|
||
## sessionAffinityConfig:
|
||
## clientIP:
|
||
## timeoutSeconds: 300
|
||
##
|
||
sessionAffinityConfig: {}
|
||
|
||
## Network Policies
|
||
## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
|
||
##
|
||
networkPolicy:
|
||
## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created
|
||
##
|
||
enabled: true
|
||
## @param networkPolicy.allowExternal Don't require client label for connections
|
||
## The Policy model to apply. When set to false, only pods with the correct
|
||
## client label will have network access to the ports the application is listening
|
||
## on. When true, the app will accept connections from any source
|
||
## (with the correct destination port).
|
||
##
|
||
allowExternal: true
|
||
## @param networkPolicy.allowExternalEgress Allow the pod to access any range of port and all destinations.
|
||
##
|
||
allowExternalEgress: true
|
||
## @param networkPolicy.extraIngress [array] Add extra ingress rules to the NetworkPolice
|
||
## e.g:
|
||
## extraIngress:
|
||
## - ports:
|
||
## - port: 1234
|
||
## from:
|
||
## - podSelector:
|
||
## - matchLabels:
|
||
## - role: frontend
|
||
## - podSelector:
|
||
## - matchExpressions:
|
||
## - key: role
|
||
## operator: In
|
||
## values:
|
||
## - frontend
|
||
extraIngress: []
|
||
## @param networkPolicy.extraEgress [array] Add extra ingress rules to the NetworkPolicy
|
||
## e.g:
|
||
## extraEgress:
|
||
## - ports:
|
||
## - port: 1234
|
||
## to:
|
||
## - podSelector:
|
||
## - matchLabels:
|
||
## - role: frontend
|
||
## - podSelector:
|
||
## - matchExpressions:
|
||
## - key: role
|
||
## operator: In
|
||
## values:
|
||
## - frontend
|
||
##
|
||
extraEgress: []
|
||
## @param networkPolicy.ingressNSMatchLabels [object] Labels to match to allow traffic from other namespaces
|
||
## @param networkPolicy.ingressNSPodMatchLabels [object] Pod labels to match to allow traffic from other namespaces
|
||
##
|
||
ingressNSMatchLabels: {}
|
||
ingressNSPodMatchLabels: {}
|
||
## SonarQube™ ingress parameters
|
||
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/
|
||
##
|
||
ingress:
|
||
## @param ingress.enabled Enable ingress record generation for SonarQube™
|
||
##
|
||
enabled: false
|
||
## @param ingress.pathType Ingress path type
|
||
##
|
||
pathType: ImplementationSpecific
|
||
## @param ingress.apiVersion Force Ingress API version (automatically detected if not set)
|
||
##
|
||
apiVersion: ""
|
||
## @param ingress.ingressClassName IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
|
||
## This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster.
|
||
## ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
|
||
##
|
||
ingressClassName: ""
|
||
## @param ingress.hostname Default host for the ingress record
|
||
##
|
||
hostname: sonarqube.local
|
||
## @param ingress.path Default path for the ingress record
|
||
## NOTE: You may need to set this to '/*' in order to use this with ALB ingress controllers
|
||
##
|
||
path: /
|
||
## @param ingress.annotations Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.
|
||
## Use this parameter to set the required annotations for cert-manager, see
|
||
## ref: https://cert-manager.io/docs/usage/ingress/#supported-annotations
|
||
## e.g:
|
||
## annotations:
|
||
## kubernetes.io/ingress.class: nginx
|
||
## cert-manager.io/cluster-issuer: cluster-issuer-name
|
||
##
|
||
annotations: {}
|
||
## @param ingress.labels Additional labels for the Ingress resource.
|
||
## e.g:
|
||
## labels:
|
||
## app: sonarqube
|
||
##
|
||
labels: {}
|
||
## @param ingress.tls Enable TLS configuration for the host defined at `ingress.hostname` parameter
|
||
## TLS certificates will be retrieved from a TLS secret with name: `{{- printf "%s-tls" .Values.ingress.hostname }}`
|
||
## You can:
|
||
## - Use the `ingress.secrets` parameter to create this TLS secret
|
||
## - Rely on cert-manager to create it by setting the corresponding annotations
|
||
## - Rely on Helm to create self-signed certificates by setting `ingress.selfSigned=true`
|
||
##
|
||
tls: false
|
||
## @param ingress.selfSigned Create a TLS secret for this ingress record using self-signed certificates generated by Helm
|
||
##
|
||
selfSigned: false
|
||
## @param ingress.extraHosts An array with additional hostname(s) to be covered with the ingress record
|
||
## e.g:
|
||
## extraHosts:
|
||
## - name: sonarqube.local
|
||
## path: /
|
||
##
|
||
extraHosts: []
|
||
## @param ingress.extraPaths An array with additional arbitrary paths that may need to be added to the ingress under the main host
|
||
## e.g:
|
||
## extraPaths:
|
||
## - path: /*
|
||
## backend:
|
||
## serviceName: ssl-redirect
|
||
## servicePort: use-annotation
|
||
##
|
||
extraPaths: []
|
||
## @param ingress.extraTls TLS configuration for additional hostname(s) to be covered with this ingress record
|
||
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
|
||
## e.g:
|
||
## extraTls:
|
||
## - hosts:
|
||
## - sonarqube.local
|
||
## secretName: sonarqube.local-tls
|
||
##
|
||
extraTls: []
|
||
## @param ingress.secrets Custom TLS certificates as secrets
|
||
## NOTE: 'key' and 'certificate' are expected in PEM format
|
||
## NOTE: 'name' should line up with a 'secretName' set further up
|
||
## If it is not set and you're using cert-manager, this is unneeded, as it will create a secret for you with valid certificates
|
||
## If it is not set and you're NOT using cert-manager either, self-signed certificates will be created valid for 365 days
|
||
## It is also possible to create and manage the certificates outside of this helm chart
|
||
## Please see README.md for more information
|
||
## e.g:
|
||
## secrets:
|
||
## - name: sonarqube.local-tls
|
||
## key: |-
|
||
## -----BEGIN RSA PRIVATE KEY-----
|
||
## ...
|
||
## -----END RSA PRIVATE KEY-----
|
||
## certificate: |-
|
||
## -----BEGIN CERTIFICATE-----
|
||
## ...
|
||
## -----END CERTIFICATE-----
|
||
##
|
||
secrets: []
|
||
## @param ingress.extraRules Additional rules to be covered with this ingress record
|
||
## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/#ingress-rules
|
||
## e.g:
|
||
## extraRules:
|
||
## - host: sonarqube.local
|
||
## http:
|
||
## path: /
|
||
## backend:
|
||
## service:
|
||
## name: sonarqube-svc
|
||
## port:
|
||
## name: http
|
||
##
|
||
extraRules: []
|
||
|
||
## @section SonarQube caCerts provisioning parameters
|
||
##
|
||
## Provide a secret containing one or more certificate files in the keys that will be added to cacerts
|
||
## The cacerts file will be set via SONARQUBE_WEB_JAVA_ADD_OPTS and SONAR_CE_JAVAADDITIONALOPTS
|
||
caCerts:
|
||
## @param caCerts.enabled Enable the use of caCerts
|
||
##
|
||
enabled: false
|
||
## OS Shell + Utility image
|
||
## ref: https://hub.docker.com/r/bitnami/os-shell/tags/
|
||
## @param caCerts.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry
|
||
## @param caCerts.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository
|
||
## @skip caCerts.image.tag OS Shell + Utility image tag (immutable tags are recommended)
|
||
## @param caCerts.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
||
## @param caCerts.image.pullPolicy OS Shell + Utility image pull policy
|
||
## @param caCerts.image.pullSecrets OS Shell + Utility image pull secrets
|
||
##
|
||
image:
|
||
registry: docker.io
|
||
repository: bitnami/os-shell
|
||
tag: 11-debian-11-r95
|
||
digest: ""
|
||
pullPolicy: IfNotPresent
|
||
## Optionally specify an array of imagePullSecrets.
|
||
## Secrets must be manually created in the namespace.
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
||
## e.g:
|
||
## pullSecrets:
|
||
## - myRegistryKeySecretName
|
||
##
|
||
pullSecrets: []
|
||
## @param caCerts.secret Name of the secret containing the certificates
|
||
##
|
||
secret: ca-certs-secret
|
||
## Init container's resource requests and limits
|
||
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
||
## @param caCerts.resources.limits The resources limits for the init container
|
||
## @param caCerts.resources.requests The requested resources for the init container
|
||
##
|
||
resources:
|
||
limits: {}
|
||
requests: {}
|
||
## Init container Container Security Context
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
||
## @param caCerts.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
||
## @param caCerts.containerSecurityContext.runAsUser Set init container's Security Context runAsUser
|
||
## NOTE: when runAsUser is set to special value "auto", init container will try to chown the
|
||
## data folder to auto-determined user&group, using commands: `id -u`:`id -G | cut -d" " -f2`
|
||
## "auto" is especially useful for OpenShift which has scc with dynamic user ids (and 0 is not allowed)
|
||
##
|
||
containerSecurityContext:
|
||
seLinuxOptions: null
|
||
runAsUser: 0
|
||
|
||
## @section SonarQube plugin provisioning parameters
|
||
##
|
||
plugins:
|
||
## @param plugins.install List of plugin URLS to download and install
|
||
## For example:
|
||
## plugins:
|
||
## install:
|
||
## - "https://github.com/AmadeusITGroup/sonar-stash/releases/download/1.3.0/sonar-stash-plugin-1.3.0.jar"
|
||
## - "https://github.com/SonarSource/sonar-ldap/releases/download/2.2-RC3/sonar-ldap-plugin-2.2.0.601.jar"
|
||
##
|
||
install: []
|
||
## @param plugins.netrcCreds .netrc secret file with a key "netrc" to use basic auth while downloading plugins
|
||
##
|
||
netrcCreds: ""
|
||
## @param plugins.noCheckCertificate Set to true to not validate the server's certificate to download plugin
|
||
##
|
||
noCheckCertificate: true
|
||
## OS Shell + Utility image
|
||
## ref: https://hub.docker.com/r/bitnami/os-shell/tags/
|
||
## @param plugins.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry
|
||
## @param plugins.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository
|
||
## @skip plugins.image.tag OS Shell + Utility image tag (immutable tags are recommended)
|
||
## @param plugins.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
||
## @param plugins.image.pullPolicy OS Shell + Utility image pull policy
|
||
## @param plugins.image.pullSecrets OS Shell + Utility image pull secrets
|
||
##
|
||
image:
|
||
registry: docker.io
|
||
repository: bitnami/os-shell
|
||
tag: 11-debian-11-r95
|
||
digest: ""
|
||
pullPolicy: IfNotPresent
|
||
## Optionally specify an array of imagePullSecrets.
|
||
## Secrets must be manually created in the namespace.
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
||
## e.g:
|
||
## pullSecrets:
|
||
## - myRegistryKeySecretName
|
||
##
|
||
pullSecrets: []
|
||
## Init container's resource requests and limits
|
||
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
||
## @param plugins.resources.limits The resources limits for the init container
|
||
## @param plugins.resources.requests The requested resources for the init container
|
||
##
|
||
resources:
|
||
limits: {}
|
||
requests: {}
|
||
## Init container Container Security Context
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
||
## @param plugins.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
||
## @param plugins.containerSecurityContext.runAsUser Set init container's Security Context runAsUser
|
||
## NOTE: when runAsUser is set to special value "auto", init container will try to chown the
|
||
## data folder to auto-determined user&group, using commands: `id -u`:`id -G | cut -d" " -f2`
|
||
## "auto" is especially useful for OpenShift which has scc with dynamic user ids (and 0 is not allowed)
|
||
##
|
||
containerSecurityContext:
|
||
seLinuxOptions: null
|
||
runAsUser: 0
|
||
|
||
## @section Persistence Parameters
|
||
##
|
||
|
||
## Persistence Parameters
|
||
## ref: https://kubernetes.io/docs/concepts/storage/persistent-volumes/
|
||
##
|
||
persistence:
|
||
## @param persistence.enabled Enable persistence using Persistent Volume Claims
|
||
##
|
||
enabled: false
|
||
## @param persistence.storageClass Persistent Volume storage class
|
||
## If defined, storageClassName: <storageClass>
|
||
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
||
## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner
|
||
##
|
||
storageClass: ""
|
||
## @param persistence.accessModes [array] Persistent Volume access modes
|
||
##
|
||
accessModes:
|
||
- ReadWriteOnce
|
||
## @param persistence.size Persistent Volume size
|
||
##
|
||
size: 10Gi
|
||
## @param persistence.dataSource Custom PVC data source
|
||
##
|
||
dataSource: {}
|
||
## @param persistence.existingClaim The name of an existing PVC to use for persistence
|
||
##
|
||
existingClaim: ""
|
||
## @param persistence.annotations Persistent Volume Claim annotations
|
||
##
|
||
annotations: {}
|
||
## 'volumePermissions' init container parameters
|
||
## Changes the owner and group of the persistent volume mount point to runAsUser:fsGroup values
|
||
## based on the *podSecurityContext/*containerSecurityContext parameters
|
||
##
|
||
volumePermissions:
|
||
## @param volumePermissions.enabled Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup`
|
||
##
|
||
enabled: false
|
||
## OS Shell + Utility image
|
||
## ref: https://hub.docker.com/r/bitnami/os-shell/tags/
|
||
## @param volumePermissions.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry
|
||
## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository
|
||
## @skip volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended)
|
||
## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
||
## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy
|
||
## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets
|
||
##
|
||
image:
|
||
registry: docker.io
|
||
repository: bitnami/os-shell
|
||
tag: 11-debian-11-r95
|
||
digest: ""
|
||
pullPolicy: IfNotPresent
|
||
## Optionally specify an array of imagePullSecrets.
|
||
## Secrets must be manually created in the namespace.
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
||
## e.g:
|
||
## pullSecrets:
|
||
## - myRegistryKeySecretName
|
||
##
|
||
pullSecrets: []
|
||
## Init container's resource requests and limits
|
||
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
||
## @param volumePermissions.resources.limits The resources limits for the init container
|
||
## @param volumePermissions.resources.requests The requested resources for the init container
|
||
##
|
||
resources:
|
||
limits: {}
|
||
requests: {}
|
||
## Init container Container Security Context
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
|
||
## @param volumePermissions.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
||
## @param volumePermissions.containerSecurityContext.runAsUser Set init container's Security Context runAsUser
|
||
## NOTE: when runAsUser is set to special value "auto", init container will try to chown the
|
||
## data folder to auto-determined user&group, using commands: `id -u`:`id -G | cut -d" " -f2`
|
||
## "auto" is especially useful for OpenShift which has scc with dynamic user ids (and 0 is not allowed)
|
||
##
|
||
containerSecurityContext:
|
||
seLinuxOptions: null
|
||
runAsUser: 0
|
||
|
||
## @section Sysctl Image parameters
|
||
##
|
||
|
||
## Kernel settings modifier image
|
||
##
|
||
sysctl:
|
||
## @param sysctl.enabled Enable kernel settings modifier image
|
||
##
|
||
enabled: true
|
||
## OS Shell + Utility image
|
||
## ref: https://hub.docker.com/r/bitnami/os-shell/tags/
|
||
## @param sysctl.image.registry [default: REGISTRY_NAME] OS Shell + Utility image registry
|
||
## @param sysctl.image.repository [default: REPOSITORY_NAME/os-shell] OS Shell + Utility image repository
|
||
## @skip sysctl.image.tag OS Shell + Utility image tag (immutable tags are recommended)
|
||
## @param sysctl.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
||
## @param sysctl.image.pullPolicy OS Shell + Utility image pull policy
|
||
## @param sysctl.image.pullSecrets OS Shell + Utility image pull secrets
|
||
##
|
||
image:
|
||
registry: docker.io
|
||
repository: bitnami/os-shell
|
||
tag: 11-debian-11-r95
|
||
digest: ""
|
||
pullPolicy: IfNotPresent
|
||
## Optionally specify an array of imagePullSecrets.
|
||
## Secrets must be manually created in the namespace.
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
||
## e.g:
|
||
## pullSecrets:
|
||
## - myRegistryKeySecretName
|
||
##
|
||
pullSecrets: []
|
||
## Init container's resource requests and limits
|
||
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
||
## @param sysctl.resources.limits The resources limits for the init container
|
||
## @param sysctl.resources.requests The requested resources for the init container
|
||
##
|
||
resources:
|
||
limits: {}
|
||
requests: {}
|
||
|
||
## @section Other Parameters
|
||
##
|
||
|
||
## RBAC configuration
|
||
##
|
||
rbac:
|
||
## @param rbac.create Specifies whether RBAC resources should be created
|
||
##
|
||
create: false
|
||
## ServiceAccount configuration
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
|
||
## @param serviceAccount.create Specifies whether a ServiceAccount should be created
|
||
## @param serviceAccount.name Name of the service account to use. If not set and create is true, a name is generated using the fullname template.
|
||
## @param serviceAccount.automountServiceAccountToken Automount service account token for the server service account
|
||
## @param serviceAccount.annotations Annotations for service account. Evaluated as a template. Only used if `create` is `true`.
|
||
##
|
||
serviceAccount:
|
||
create: true
|
||
name: ""
|
||
automountServiceAccountToken: false
|
||
annotations: {}
|
||
## SonarQube™ Autoscaling configuration
|
||
## ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/
|
||
## @param autoscaling.enabled Enable Horizontal POD autoscaling for SonarQube™
|
||
## @param autoscaling.minReplicas Minimum number of SonarQube™ replicas
|
||
## @param autoscaling.maxReplicas Maximum number of SonarQube™ replicas
|
||
## @param autoscaling.targetCPU Target CPU utilization percentage
|
||
## @param autoscaling.targetMemory Target Memory utilization percentage
|
||
##
|
||
autoscaling:
|
||
enabled: false
|
||
minReplicas: 1
|
||
maxReplicas: 11
|
||
targetCPU: 50
|
||
targetMemory: 50
|
||
|
||
## @section Metrics parameters
|
||
##
|
||
|
||
## Prometheus Exporters / Metrics
|
||
##
|
||
metrics:
|
||
## Prometheus JMX Exporter: exposes the majority of SonarQube™ metrics
|
||
##
|
||
jmx:
|
||
## @param metrics.jmx.enabled Whether or not to expose JMX metrics to Prometheus
|
||
##
|
||
enabled: false
|
||
## Bitnami JMX exporter image
|
||
## ref: https://hub.docker.com/r/bitnami/jmx-exporter/tags/
|
||
## @param metrics.jmx.image.registry [default: REGISTRY_NAME] JMX exporter image registry
|
||
## @param metrics.jmx.image.repository [default: REPOSITORY_NAME/jmx-exporter] JMX exporter image repository
|
||
## @skip metrics.jmx.image.tag JMX exporter image tag (immutable tags are recommended)
|
||
## @param metrics.jmx.image.digest JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
|
||
## @param metrics.jmx.image.pullPolicy JMX exporter image pull policy
|
||
## @param metrics.jmx.image.pullSecrets Specify docker-registry secret names as an array
|
||
##
|
||
image:
|
||
registry: docker.io
|
||
repository: bitnami/jmx-exporter
|
||
tag: 0.20.0-debian-11-r5
|
||
digest: ""
|
||
pullPolicy: IfNotPresent
|
||
## Optionally specify an array of imagePullSecrets.
|
||
## Secrets must be manually created in the namespace.
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
||
## e.g:
|
||
## pullSecrets:
|
||
## - myRegistryKeySecretName
|
||
##
|
||
pullSecrets: []
|
||
## @param metrics.jmx.containerPorts.metrics JMX Exporter metrics container port
|
||
##
|
||
containerPorts:
|
||
metrics: 10445
|
||
## Prometheus JMX Exporter' resource requests and limits
|
||
## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
||
## @param metrics.jmx.resources.limits The resources limits for the init container
|
||
## @param metrics.jmx.resources.requests The requested resources for the init container
|
||
##
|
||
resources:
|
||
limits: {}
|
||
requests: {}
|
||
## Configure Container Security Context
|
||
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
|
||
## @param metrics.jmx.containerSecurityContext.enabled Enabled JMX Exporter containers' Security Context
|
||
## @param metrics.jmx.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
|
||
## @param metrics.jmx.containerSecurityContext.runAsUser Set JMX Exporter containers' Security Context runAsUser
|
||
## @param metrics.jmx.containerSecurityContext.runAsNonRoot Set JMX Exporter containers' Security Context runAsNonRoot
|
||
##
|
||
containerSecurityContext:
|
||
enabled: true
|
||
seLinuxOptions: null
|
||
runAsUser: 1001
|
||
runAsNonRoot: true
|
||
## @param metrics.jmx.whitelistObjectNames [array] Allows setting which JMX objects you want to expose to via JMX stats to JMX Exporter
|
||
## Only whitelisted values will be exposed via JMX Exporter. They must also be exposed via Rules. To expose all metrics
|
||
## (warning its crazy excessive and they aren't formatted in a prometheus style) (1) `whitelistObjectNames: []`
|
||
## (2) commented out above `overrideConfig`.
|
||
##
|
||
whitelistObjectNames:
|
||
- java.lang:*
|
||
- SonarQube:*
|
||
- Tomcat:*
|
||
## @param metrics.jmx.configuration [string] Configuration file for JMX exporter
|
||
## Specify content for jmx-sonarqube-prometheus.yml. Evaluated as a template
|
||
##
|
||
configuration: |-
|
||
jmxUrl: service:jmx:rmi:///jndi/rmi://127.0.0.1:10443/jmxrmi
|
||
lowercaseOutputName: true
|
||
lowercaseOutputLabelNames: true
|
||
ssl: false
|
||
{{- if .Values.metrics.jmx.whitelistObjectNames }}
|
||
whitelistObjectNames: ["{{ join "\",\"" .Values.metrics.jmx.whitelistObjectNames }}"]
|
||
{{- end }}
|
||
rules:
|
||
- pattern: java.lang<type=(.+), name=(.+)><(.+)>(\w+)
|
||
name: java_lang_$1_$4_$3_$2
|
||
- pattern: java.lang<type=(.+), name=(.+)><>(\w+)
|
||
name: java_lang_$1_$3_$2
|
||
- pattern: java.lang<type=(.*)>
|
||
- pattern: SonarQube<name=(.+)><>(\w+)
|
||
name: sonarqube_$1_$2
|
||
- pattern: Tomcat<type=(.+), name=(.+)><>(\w+)
|
||
name: tomcat_$1_$3_$2
|
||
## Service configuration
|
||
##
|
||
service:
|
||
## @param metrics.jmx.service.ports.metrics JMX Exporter Prometheus port
|
||
##
|
||
ports:
|
||
metrics: 10443
|
||
## @param metrics.jmx.service.annotations [object] Annotations for the JMX Exporter Prometheus metrics service
|
||
##
|
||
annotations:
|
||
prometheus.io/scrape: "true"
|
||
prometheus.io/port: "{{ .Values.metrics.jmx.service.ports.metrics }}"
|
||
prometheus.io/path: "/"
|
||
## Prometheus Operator ServiceMonitor configuration
|
||
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
|
||
##
|
||
serviceMonitor:
|
||
## @param metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (requires `metrics.jmx.enabled` to be `true`)
|
||
##
|
||
enabled: false
|
||
## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running
|
||
##
|
||
namespace: ""
|
||
## @param metrics.serviceMonitor.labels Extra labels for the ServiceMonitor
|
||
##
|
||
labels: {}
|
||
## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in Prometheus
|
||
##
|
||
jobLabel: ""
|
||
## @param metrics.serviceMonitor.interval How frequently to scrape metrics
|
||
## e.g:
|
||
## interval: 10s
|
||
##
|
||
interval: ""
|
||
## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
|
||
## e.g:
|
||
## scrapeTimeout: 10s
|
||
##
|
||
scrapeTimeout: ""
|
||
## @param metrics.serviceMonitor.metricRelabelings [array] Specify additional relabeling of metrics
|
||
##
|
||
metricRelabelings: []
|
||
## @param metrics.serviceMonitor.relabelings [array] Specify general relabeling
|
||
##
|
||
relabelings: []
|
||
## @param metrics.serviceMonitor.selector Prometheus instance selector labels
|
||
## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
|
||
##
|
||
selector: {}
|
||
|
||
## @section PostgreSQL subchart settings
|
||
##
|
||
|
||
## PostgreSQL chart configuration
|
||
## https://github.com/bitnami/charts/blob/main/bitnami/postgresql/values.yaml
|
||
##
|
||
postgresql:
|
||
## @param postgresql.enabled Deploy PostgreSQL subchart
|
||
##
|
||
enabled: true
|
||
## @param postgresql.nameOverride Override name of the PostgreSQL chart
|
||
##
|
||
nameOverride: ""
|
||
auth:
|
||
## @param postgresql.auth.existingSecret Existing secret containing the password of the PostgreSQL chart
|
||
##
|
||
existingSecret: ""
|
||
## @param postgresql.auth.password Password for the postgres user of the PostgreSQL chart (auto-generated if not set)
|
||
## ref: https://hub.docker.com/_/postgres/
|
||
##
|
||
password: ""
|
||
## @param postgresql.auth.username Username to create when deploying the PostgreSQL chart
|
||
##
|
||
username: bn_sonarqube
|
||
## @param postgresql.auth.database Database to create when deploying the PostgreSQL chart
|
||
##
|
||
database: bitnami_sonarqube
|
||
## PostgreSQL Primary parameters
|
||
##
|
||
primary:
|
||
## PostgreSQL Primary service configuration
|
||
##
|
||
service:
|
||
## @param postgresql.primary.service.ports.postgresql PostgreSQL service port
|
||
##
|
||
ports:
|
||
postgresql: 5432
|
||
## PostgreSQL Primary persistence configuration
|
||
##
|
||
persistence:
|
||
## @param postgresql.primary.persistence.enabled Enable PostgreSQL Primary data persistence using PVC
|
||
##
|
||
enabled: true
|
||
## @param postgresql.primary.persistence.existingClaim Name of an existing PVC to use
|
||
##
|
||
existingClaim: ""
|
||
## @param postgresql.primary.persistence.storageClass PVC Storage Class for PostgreSQL Primary data volume
|
||
## If defined, storageClassName: <storageClass>
|
||
## If set to "-", storageClassName: "", which disables dynamic provisioning
|
||
## If undefined (the default) or set to null, no storageClassName spec is
|
||
## set, choosing the default provisioner. (gp2 on AWS, standard on
|
||
## GKE, AWS & OpenStack)
|
||
##
|
||
storageClass: ""
|
||
## @param postgresql.primary.persistence.accessMode PVC Access Mode for PostgreSQL volume
|
||
##
|
||
accessMode: ReadWriteOnce
|
||
## @param postgresql.primary.persistence.size PVC Storage Request for PostgreSQL volume
|
||
##
|
||
size: 8Gi
|
||
|
||
## @section External Database settings
|
||
##
|
||
|
||
## External Database Configuration
|
||
## All of these values are only used when postgresql.enabled is set to false
|
||
##
|
||
externalDatabase:
|
||
## @param externalDatabase.host Host of an external PostgreSQL instance to connect (only if postgresql.enabled=false)
|
||
##
|
||
host: ""
|
||
## @param externalDatabase.user User of an external PostgreSQL instance to connect (only if postgresql.enabled=false)
|
||
##
|
||
user: postgres
|
||
## @param externalDatabase.password Password of an external PostgreSQL instance to connect (only if postgresql.enabled=false)
|
||
##
|
||
password: ""
|
||
## @param externalDatabase.existingSecret Secret containing the password of an external PostgreSQL instance to connect (only if postgresql.enabled=false)
|
||
## Name of an existing secret resource containing the DB password in a 'password' key
|
||
##
|
||
existingSecret: ""
|
||
## @param externalDatabase.database Database inside an external PostgreSQL to connect (only if postgresql.enabled=false)
|
||
##
|
||
database: sonarqube
|
||
## @param externalDatabase.port Port of an external PostgreSQL to connect (only if postgresql.enabled=false)
|
||
##
|
||
port: 5432
|