Newer
Older
# Values overrides for EKS pipelines
# These values inherit and override values from tests/test-values.yaml
networkPolicies:
controlPlaneCidr: 10.0.0.0/8
istio:
values:
global:
proxy:
resources:
requests:
cpu: 100m
memory: 256Mi
limits: null
defaultConfig:
proxyMetadata:
ISTIO_META_DNS_CAPTURE: "true"
ISTIO_META_DNS_AUTO_ALLOCATE: "true"
bbtests:
cypress:
artifacts: false
neuvector:
values:
k3s:
enabled: false
containerd:
enabled: true
bbtests:
cypress:
artifacts: false
clusterAuditor:
values:
resources:
requests:
cpu: 300m
memory: 300Mi
limits: null
bbtests:
cypress:
artifacts: false
gatekeeper:
values:
replicas: 1
controllerManager:
resources:
limits: null
requests:
cpu: 175m
memory: 512Mi
bbtests:
cypress:
artifacts: false
kyverno:
values:
replicaCount: 3
resources:
limits: null
requests:
cpu: 500m
memory: 384Mi
bbtests:
cypress:
artifacts: false
bbtests:
cypress:
artifacts: false
elasticsearch:
master:
count: 1
persistence:
size: 256Mi
resources:
requests:
cpu: .5
limits: null
data:
count: 2
persistence:
size: 256Mi
resources:
requests:
cpu: .5
limits: null
loki:
values:
bbtests:
cypress:
artifacts: false
loki-simple-scalable:
write:
resources:
limits: null
read:
resources:
limits: null
tempo:
values:
bbtests:
cypress:
artifacts: false
tempo:
resources:
limits: null
requests:
cpu: 500m
memory: 1024Mi
persistence:
size: 5Gi
tempoQuery:
resources:
limits: null
requests:
cpu: 300m
memory: 256Mi
opentelemetryCollector:
resources:
limits: null
requests:
cpu: 300m
memory: 256Mi
monitoring:
values:
bbtests:
cypress:
artifacts: false
additionalScrapeConfigs: []
podMetadata:
annotations:
vault.hashicorp.com/agent-inject: "false"
vault.hashicorp.com/agent-init-first: "true"
vault.hashicorp.com/agent-inject-token: "true"
vault.hashicorp.com/role: "prometheus"
vault.hashicorp.com/agent-pre-populate: "false"
### COMMENTED OUT DUE TO ISSUES WITH THANOS-SIDECAR CONTAINER AND PROMETHEUS ###
# proxy.istio.io/config: |
# holdApplicationUntilProxyStarts: true
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
resources:
requests:
cpu: 300m
memory: 5Gi
limits: null
kube-state-metrics:
resources:
requests:
cpu: 100m
memory: 128Mi
limits: null
prometheus-node-exporter:
resources:
requests:
cpu: 200m
memory: 50Mi
limits: null
grafana:
downloadDashboards:
resources:
limits: null
requests:
cpu: 20m
memory: 20Mi
twistlock:
values:
bbtests:
cypress:
artifacts: false
jaeger:
values:
bbtests:
cypress:
artifacts: false
kiali:
values:
bbtests:
cypress:
artifacts: false
grafana:
values:
bbtests:
cypress:
artifacts: false
# Addons are toggled based on labels in CI
addons:
argocd:
values:
bbtests:
cypress:
artifacts: false
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
controller:
resources:
requests:
cpu: 500m
memory: 2Gi
limits: null
dex:
resources:
requests:
cpu: 10m
memory: 128Mi
limits: null
redis-bb:
master:
persistence:
size: 512Mi
replica:
persistence:
size: 512Mi
redis:
resources:
requests:
cpu: 50m
memory: 256Mi
limits: null
server:
resources:
requests:
cpu: 20m
memory: 128Mi
limits: null
repoServer:
resources:
requests:
cpu: 100m
memory: 256Mi
limits: null
authservice:
values:
bbtests:
cypress:
artifacts: false
resources:
requests:
cpu: 100m
memory: 256Mi
limits: null
redis:
master:
persistence:
size: 256Mi
replica:
persistence:
size: 256Mi
gitlab:
flux:
timeout: 30m
values:
bbtests:
cypress:
artifacts: false
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
gitlab-runner:
resources:
requests:
cpu: 20m
limits: null
gitlab:
gitaly:
persistence:
size: 256Mi
resources:
## values raised to help pass CI after default values for gitaly are fixed then can revert to original request.
#requests:
# cpu: 50m
#limits: null
requests:
cpu: 400m
memory: 600Mi
limits: null
shared-secrets:
resources:
requests:
cpu: 30m
limits: null
migrations:
resources:
requests:
cpu: 30m
limits: null
toolbox:
persistence:
size: 256Mi
resources:
requests:
cpu: 20m
limits: null
postgresql:
persistence:
size: 256Mi
metrics:
resources:
requests:
cpu: 50m
limits: null
minio:
persistence:
size: 256Mi
resources:
requests:
cpu: 100m
limits: null
redis:
master:
persistence:
size: 256Mi
slave:
persistence:
size: 256Mi
gitlabRunner:
values:
bbtests:
cypress:
artifacts: false
resources:
requests:
memory: 128Mi
cpu: 100m
limits: null
anchore:
values:
bbtests:
cypress:
artifacts: false
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
ensureDbJobs:
resources:
requests:
cpu: 100m
memory: 256Mi
limits: null
sso:
resources:
requests:
cpu: 100m
memory: 256Mi
limits: null
postgresql:
persistence:
size: 256Mi
resources:
requests:
cpu: 100m
memory: 256Mi
limits: null
metrics:
resources:
requests:
cpu: 100m
memory: 256Mi
limits: null
anchoreAnalyzer:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchoreApi:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchoreCatalog:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchorePolicyEngine:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchoreSimpleQueue:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchoreEngineUpgradeJob:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchore-feeds-db:
resources:
requests:
cpu: 100m
memory: 256Mi
limits: null
metrics:
resources:
requests:
cpu: 100m
memory: 256Mi
limits: null
anchoreEnterpriseFeeds:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchoreEnterpriseFeedsUpgradeJob:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchoreEnterpriseRbac:
authResources:
requests:
cpu: 200m
memory: 512Mi
limits: null
managerResources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchoreEnterpriseReports:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchoreEnterpriseNotifications:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchoreEntperpiseUi:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
anchoreEnterpriseEngineUpgradeJob:
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
sonarqube:
values:
bbtests:
cypress:
artifacts: false
resources:
requests:
cpu: 200m
memory: 512Mi
limits: null
persistence:
size: 5Gi
postgresql:
persistence:
size: 256Mi
resources:
requests:
cpu: 100m
memory: 200Mi
limits: null
minio:
values:
bbtests:
cypress:
artifacts: false
volumesPerServer: 4
size: 256Mi
resources:
requests:
cpu: 250m
memory: 512Mi
limits: null
securityContext:
runAsUser: 1001
runAsGroup: 1001
fsGroup: 1001
runAsNonRoot: true
containerSecurityContext:
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
capabilities:
drop:
- ALL
bbtests:
cypress:
artifacts: false
postgresql:
persistence:
size: 256Mi
resources:
requests:
cpu: 200m
memory: 256Mi
limits: null
minio:
tenants:
pools:
volumesPerServer: 4
size: 256Mi
resources:
requests:
cpu: 250m
memory: 512Mi
limits: null
securityContext:
runAsUser: 1001
runAsGroup: 1001
fsGroup: 1001
runAsNonRoot: true
containerSecurityContext:
runAsUser: 1001
runAsGroup: 1001
runAsNonRoot: true
nexusRepositoryManager:
values:
bbtests:
cypress:
artifacts: false
persistence:
# Do NOT set this below 5Gi, nexus will fail to boot
storageSize: 5Gi
nexus:
resources:
requests:
cpu: 100m
memory: 1500Mi
limits: null
keycloak:
values:
bbtests:
cypress:
artifacts: false
resources:
requests:
cpu: 100m
memory: 256Mi
limits: null
harbor:
values:
bbtests:
cypress:
artifacts: false
holocron:
values:
bbtests:
cypress:
artifacts: false
fortify:
values:
bbtests:
cypress:
artifacts: false
minioOperator:
values:
bbtests:
cypress:
artifacts: false