Bridgeman-Accessible/services.bridgemanaccessible.ca-helm
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial code commit

Browse source
This commit is contained in:
Alan Bridgeman 2025-05-12 19:22:55 -05:00
parent 5b71cecab6
commit b3382d880b
37 changed files with 1778 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

393
values.yaml Normal file
View file

@ -0,0 +1,393 @@
# The number of instances (replicas) of the app to run
replicaCount: 1
image:
# The repository of the image to use for the app
# Should be in the format `<Image Repository (Ex. containers.example.com)>/<Image Name (Ex. app)>`
repository: "<Image Repository>/<Image Name>"
# The specific image tag to use. It's recommended to use some kind of versioning tag scheme as it makes updating the container without having to fully redeploy easier.
# Ex. v1.0.0
tag: "v1.0.0"
# How often the image should be pulled. The possible values are "Always", "Never", and "IfNotPresent"
# It's recommended for production to use "IfNotPresent" to avoid pulling the image every time the pod starts
# Though, for development, "Always" is recommended to ensure the latest changes are being tested
pullPolicy: "IfNotPresent"
container:
# The port that the container listens on (Ex. 8080)
port: 8080
# The environment that the container is running in (Ex. development, production, etc...)
# This is used for the NODE_ENV environment variable
env: "production"
# The timestamp of the backup that the entrypoint script should wait for a restore to complete
restoreFromBackup: ""
ingress:
# We want an ingress resource if we are deploying to a cluster that has a ingress controller/load balancer
# This includes most public cloud providers like EKS, GKE, and AKS
enabled: true
# The DNS Name (Ex. app.example.com) where the app will be accessible
host: "<hostname>"
# The class of the ingress controller that is being used (defaulted here to an NGINX ingress controller as it's popular for Kubernetes clusters)
class: nginx
# Configuration for using OAuth within the app
oauth:
baseAppUrl: "<Base App URL>"
appAbbreviation: "<App Abbreviation>"
appName: "<App Name>"
serviceName: "<Service Name>"
devPort: "<Dev Port>"
# Configuration for the relational database
database:
# The type of the relational database that is used.
#
# The following table lists the possible values for this field:
#
# | Value | Description |
# | ---------- | ------------------------------------------ |
# | `postgres` | Uses PostgreSQL as the relational database |
#
# Note, for use of `postgres`, it uses a [`postgres-controller` CRD](https://github.com/AlanBridgeman/postgres-controller) to create the database
#
type: "postgres"
# If set to `true`, the database will be created as part of the deployment
# This uses the [`postgres-controller` CRD](https://github.com/AlanBridgeman/postgres-controller) to create the database
create: false
# The host that the database is located on
host: "<DB Host>"
# The name of the database to be used
name: "<DB Name>"
# The user that is used to access the database
user: "<DB User>"
# The password that is used to access the database
password: "<DB Password>"
# The port that the database listens on
#port: 5432
# Allows for distinguishing between multiple database instances/servers
#instance_id: ""
# Configurations for the secrets vault
vault:
# If a secrets vault should be used
# That is, if a dedicated software for secret management should be used
# This should virtually always be true if storing any kind of sensitive information as it's the most secure option
enabled: true
# The type of secrets vault to use.
#
# Vaults
# ------
# The following table lists the supported vault types:
#
# | Type | Description | Current Status | Required Fields |
# | ----------- | -------------------- | -------------- | --------------------------------------------------- |
# | `hashicorp` | Uses Hashicorp Vault | Implemented | `vaultName` (if `create` not true) |
# | `azure` | Uses Azure Key Vault | Implemented | `vaultName`, `clientId`, `clientSecret`, `tenantId` |
#
type: "<Vault Type>"
# Configurations to create a Hashicorp Vault instance as part of the Helm chart
#
# THIS IS ONLY RELEVANT IF `type` IS SET TO `hashicorp`
create:
# If a Hashicorp Vault instance should be created as part of the Helm chart
enabled: <true/false>
# Configurations for the image to use if creating the Hashicorp Vault instance
# as part of the Helm chart
image:
# The repository of the image to use
repository: <image repository>
# The tag of the image to use
tag: <image tag>
# Configurations for the ingress of the created Hashicorp Vault instance
ingress:
# If an ingress should be created for the created Hashicorp Vault instance
enabled: <true/false>
# The host of the ingress for the created Hashicorp Vault instance
host: <DNS Name for vault>
# As part of the custom Hashicorp Vault image it includes a "snapshot server"
# This allows for the triggering and receiving of manual backups ("snapshots") and restoration via HTTP
snapshotServer:
# If the snapshot server should be enabled/running
enabled: true
# The external port that is opened via the service resource
externalPort: 81
# The internal port that the snapshot server listens on
internalPort: 8300
# Configurations for the storage of the created Hashicorp Vault instance
storage:
# The storage class to use for the created Hashicorp Vault instance's Persistent Volume Claim
storageClass: <Storage Class>
# The size of the created Hashicorp Vault instance's Persistent Volume Claim
size: <Storage Size>
# The capabilities of the policy to create for the app
policyCapabilities:
- read
- create
- update
# The name of the vault instance to connect to
#
# This is relevant if type is set to `hashicorp` or `azure`
# Note, if `create` is true this is ignored
#
# For `hashicorp`, this is generally the hostname of the Hashicorp Vault instance to connect to
# For `azure`, this is the name of the Azure Key Vault instance to connect to
#vaultName: "<Vault Name>"
# The port of the vault instance to connect to
#
# ONLY RELEVANT iF `type` IS SET TO `hashicorp` AND `create` IS NOT TRUE
#vaultPort: <Vault Port>
# The client ID of the Azure Key Vault instance
#
# ONLY RELEVANT IF `type` IS SET TO `azure`
#client-id: <Azure Key Vault Client ID>
# The client secret of the Azure Key Vault instance
#
# ONLY RELEVANT IF `type` IS SET TO `azure`
#client-secret: <Azure Key Vault Client Secret>
# The tenant ID of the Azure Key Vault instance
#
# ONLY RELEVANT IF `type` IS SET TO `azure`
#tenant-id: <Azure Key Vault Tenant ID>
# Configuration the NoSQL database
# Within the parlance of the system these are often called "properties" databases (and store less structured data)
nosql:
# Determines the type of NoSQL storage that is used
#
# The following table lists the possible values for this field:
#
# | Value | Description |
# | --------- | ------------------------------------------------------------------------------------------ |
# | `mongodb` | Uses MongoDB as the NoSQL database for the default account properties database |
# | `azure` | Uses Azure Table Storage as the NoSQL database for the default account properties database |
#
type: <NoSQL Storage Type>
# If to create a resource as part of the deployment process
# ONLY relevant if `type` is set to `mongodb`
# This uses the [MongoDBCommunity CRD](https://github.com/mongodb/mongodb-kubernetes-operator) to create the resource
create: false
# The number of replicas/members as part of the Mongo deployment
# See the `member` parameter of the [MongoDBCommunity CRD](https://github.com/mongodb/mongodb-kubernetes-operator) for more information
# ONLY relevant if `type` is set to `mongodb` and `create` is set to `true`
#replicaCount: <Number of replicas>
# The TLS configuration for the connection to the NoSQL database
# ONLY relevant if `type` is set to `mongodb` and `create` is set to `true`
tls:
# If to use TLS for the connection to the NoSQL database
enabled: <true/false>
# The connection string used to access the NoSQL database
# ONLY relevant if `type` is set to `mongodb` and `create` is set to `false`
# Should be in the following format: `mongodb://<hostname>:<port>`
#connectionString: "mongodb://mongo.example.com:27017"
# The key used to access the NoSQL database
# ONLY relevant if `type` is set to `azure`
#key: ""
# The name of the NoSQL database
name: "<NoSQL DB Name>"
# The username used to access the NoSQL database
# ONLY relevant if `type` is set to `mongodb`
user: "<MongoDB User>"
# The password used to access the NoSQL database
# ONLY relevant if `type` is set to `mongodb`
password: "<MongoDB Password>"
# Configurable NoSQL information groupings
# For Azure Table Storage these are table names
# For MongoDB these are collection names
grouping:
<Table Intermediate Name>: "<NoSQL Table Name>"
# Configuration for cache server
cache:
type: "redis"
# If to create a Redis instance/resource as part of the deployment process
create: false
# The image to use for the Redis instance
# ONLY relevant if `create` is set to `true`
image: {}
# The number of replicas of the Redis instance
# ONLY relevant if `create` is set to `true`
#replicaCount: <Number of replicas (Ex. 1)>
# Hostname of the Redis server
# ONLY relevant if `create` is set to `false`
#hostName: "<Redis Host Name>"
# The password to use for the Redis server
password: "<Redis Password>"
# The port of the Redis server
port: "<Redis Port>"
# Redis TLS Configurations
tls:
# If TLS is enabled for the Redis instance
enabled: false
# The port of the Redis instance for TLS
# ONLY relevant if `tls.enabled` is set to `true`
#port: "<TLS Port (Ex. 6380)>"
# Configurations for communication services/relays
comms:
# Configurations for Email
email:
# If emailing is enabled
#
# Note, if `true` then the `type` must be set (along with any required fields for that type)
#
# Please see the notes on the `type` property below for more information.
# Including required fields for each type
enabled: true
# The type/provider to use for sending emails
#
# The following types are supported:
#
# | Type | Description | Current Status | Required Fields |
# | --------- | --------------------------------------- | -------------- | --------------------------------------- |
# | `acs` | Uses Azure Communication Services (ACS) | Implemented | `connectionString` |
# | `sendgrid`| Uses SendGrid | To-Do | `apiKey` |
# | `smtp` | Uses SMTP | To-Do | `host`, `port`, `username`, `password` |
#
type: 'acs'
# The connection string for the Azure Communication Services (ACS) Email service
#
# THIS IS REQUIRED IF `type` IS SET TO `acs`. Ignored otherwise.
connectionString: "<ACS Connection String>"
# Configurations for integration with third-party services
thirdParty:
# Configurations for the Stripe integration
stripe:
# If the integration is enabled
enabled: true
# The public key (live) of the Stripe integration
publicKey: <Stripe Live Public Key>
# The secret key (live) of the Stripe integration
secretKey: <Stripe Live Secret Key>
# The public key (test) of the Stripe integration
testPublicKey: <Stripe Test Public Key>
# The secret key (test) of the Stripe integration
testSecretKey: <Stripe Test Secret Key>
# Configurations for the Moneris integration
moneris:
# If the integration is enabled
enabled: true
# The Merchant ID (production) for the Moneris integration
merchantId: <Moneris Merchant ID>
# The Store ID (production) for the Moneris integration
storeId: <Moneris Store ID>
# The Hosted Tokenization Profile ID (production) for the Moneris iframe
htProfileId: <Moneris Hosted Tokenization Profile ID>
# The Application/client ID (production) for the Moneris API
appId: <Moneris Application ID>
# The Application/client Secret (production) for the Moneris API
appSecret: <Moneris App Secret>
# The Merchant ID (test) for the Moneris integration
testMerchantId: <Moneris Test Merchant ID>
# The Store ID (test) for the Moneris integration
testStoreId: <Moneris Test/QA Store ID>
# The Hosted Tokenization Profile ID (test) for the Moneris iframe
testHtProfileId: <Moneris Test/QA Hosted Tokenization Profile ID>
# The Application/client ID (test) for the Moneris API
testAppId: <Moneris Sandbox/Tes Application Id>
# The Application/client Secret (test) for the Moneris API
testAppSecret: <Moneris Sandbox/Test App Secret>
# Configuration for the logging sidecar
loggingSidecar:
# If the logging sidecar should be used (enabled)
enabled: true
# The image used for the logging sidecar
image:
repository: "<repository>/<Logging Sidecar Image Name>"
tag: v1.0.0
pullPolicy: IfNotPresent
# The name of the logging sidecar container
name: logging-sidecar
# The port that the logging sidecar listens on
port: 3000
# Log aggretator authentication details
auth:
username: "<Log Aggregator (OpenObserve) Username>"
password: "<Log Aggregator (OpenObserve) Password>"
# Configuration for the backup sidecar
backupSidecar:
# If the backup sidecar should be used (enabled)
enabled: true
# The image used for the backup sidecar
image:
repository: "<repository>/<Backup Sidecar Image Name>"
tag: v1.0.0
pullPolicy: IfNotPresent
# The name of the backup sidecar container
name: backup-sidecar
# The port that the backup sidecar listens on
port: 3001