Skip to content
Snippets Groups Projects
Normal view Permalink
values.yaml 2.18 KiB
Newer Older
  • Learn to ignore specific revisions
    • Marc Burnie [AWS]'s avatar
    adding AWS service helm chart
    Marc Burnie [AWS] committed
    1 2 
    # Service Config
image: __CONTAINER__
    Marc Burnie [AWS]'s avatar
    Checkov Findings and Gitlab Helm Chart Deploy Variables  
    Marc Burnie [AWS] committed
    3 
    imagePullPolicy: Always
    Marc Burnie [AWS]'s avatar
    adding AWS service helm chart
    Marc Burnie [AWS] committed
    4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 
    service:
  type: ClusterIP
  port: 8080
  apiPath: /api/notification/v1/
  readinessProbeHttpPath: /api/notification/v1/actuator/health
  livenessProbeHttpPath: /api/notification/v1/actuator/health

environmentVariables:
  - name: APPLICATION_PORT
    value: "{{ .Values.service.port }}"
  - name: AWS_REGION
    value: "{{ .Values.global.region }}"
  - name: RESOURCE_PREFIX
    value: "{{ .Values.global.resourcePrefix }}"
  - name: JAVA_OPTS
    value: "-Xms538M -Xmx900M"
  - name: LOG_LEVEL
    value: "{{ default `INFO` .Values.global.logLevel }}"
  - name: SSM_ENABLED
    value: "True"
  - name: SSL_ENABLED
    value: "false"
  - name: ENTITLEMENTS_BASE_URL
    value: "http://os-entitlements:8080"
  - name: REGISTER_BASE_URL
    value: http://os-register:8080
    Marc Burnie [AWS]'s avatar
    Checkov Findings and Gitlab Helm Chart Deploy Variables  
    Marc Burnie [AWS] committed
    30 31 
    podAnnotations: 
  seccomp.security.alpha.kubernetes.io/pod: "runtime/default"
    Marc Burnie [AWS]'s avatar
    adding AWS service helm chart
    Marc Burnie [AWS] committed
    32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 
    
# Resource Config
replicaCount: 1
resources:
  limits:
    memory: 900M
  requests:
    cpu: 500m
    memory: 900M
autoscaling:
  enabled: true
  minReplicas: 1
  maxReplicas: 100
  targetCPUUtilizationPercentage: 80
  # targetMemoryUtilizationPercentage: 80

# Security Config
    Marc Burnie [AWS]'s avatar
    Verisoning helm chart  
    Marc Burnie [AWS] committed
    49 
    serviceAccountRole: arn:aws:iam::{{ .Values.global.accountID }}:role/osdu-{{ .Values.global.resourcePrefix }}-{{ .Values.global.region }}-{{ include "common.name" . }}
    Marc Burnie [AWS]'s avatar
    adding AWS service helm chart
    Marc Burnie [AWS] committed
    50 51 52 53 54 55 56 57 58 59 60 61 62 63 
    cors:
  maxAge: "60m"
  allowCredentials: true
  allowMethods: 
    - POST
    - GET
    - PATCH
    - PUT
    - DELETE
  allowHeaders:
    - Authorization
    - Data-Partition-Id
    - Correlation-Id
    - Content-Type
    Marc Burnie [AWS]'s avatar
    Checkov Findings and Gitlab Helm Chart Deploy Variables  
    Marc Burnie [AWS] committed
    64 65 66 67 68 69 70 71 72 
    securityContext: 
  runAsUser: 10001
  runAsNonRoot: true
  readOnlyRootFilesystem: false
  allowPrivilegeEscalation: false
  capabilities:
    drop:
    - ALL
    Marc Burnie [AWS]'s avatar
    adding AWS service helm chart
    Marc Burnie [AWS] committed
    73 74 75 76 77 78 79 80 81 
    allowedPrincipals:
  - cluster.local/ns/istio-system/sa/istio-ingressgateway-service-account
  - cluster.local/ns/aws-binary-dms/sa/binary-dms
  - cluster.local/ns/osdu-airflow/sa/airflow-dag-upload
  - cluster.local/ns/osdu-ingest/sa/os-data-workflow
  - cluster.local/ns/osdu-ingest/sa/os-ingestion-workflow
  - cluster.local/ns/osdu-seismic-ddms/sa/os-seismic-store
  - cluster.local/ns/osdu-well-delivery/sa/os-welldelivery
  - cluster.local/ns/osdu-wellbore-ddms/sa/os-wellbore-ddms