# The number of instances (replicas) of the app to run replicaCount: 1 image: # The repository of the image to use for the app # Should be in the format `/` repository: "/" # The specific image tag to use. It's recommended to use some kind of versioning tag scheme as it makes updating the container without having to fully redeploy easier. # Ex. v1.0.0 tag: "v1.0.0" # How often the image should be pulled. The possible values are "Always", "Never", and "IfNotPresent" # It's recommended for production to use "IfNotPresent" to avoid pulling the image every time the pod starts # Though, for development, "Always" is recommended to ensure the latest changes are being tested pullPolicy: "IfNotPresent" container: # The port that the container listens on (Ex. 8080) port: 8080 # The environment that the container is running in (Ex. development, production, etc...) # This is used for the NODE_ENV environment variable env: "production" # The timestamp of the backup that the entrypoint script should wait for a restore to complete restoreFromBackup: "" # The ID of the first/initial user # This is because AT LEAST one user must be setup to setup everything else initialUserID: ingress: # We want an ingress resource if we are deploying to a cluster that has a ingress controller/load balancer # This includes most public cloud providers like EKS, GKE, and AKS enabled: true # The DNS Name (Ex. app.example.com) where the app will be accessible host: "" # The class of the ingress controller that is being used (defaulted here to an NGINX ingress controller as it's popular for Kubernetes clusters) class: nginx # Configuration for using OAuth within the app oauth: baseAppUrl: "" appAbbreviation: "" appName: "" serviceName: "" devPort: "" # Configuration for the relational database database: # The type of the relational database that is used. # # The following table lists the possible values for this field: # # | Value | Description | # | ---------- | ------------------------------------------ | # | `postgres` | Uses PostgreSQL as the relational database | # # Note, for use of `postgres`, it uses a [`postgres-controller` CRD](https://github.com/AlanBridgeman/postgres-controller) to create the database # type: "postgres" # If set to `true`, the database will be created as part of the deployment # This uses the [`postgres-controller` CRD](https://github.com/AlanBridgeman/postgres-controller) to create the database create: false # The host that the database is located on host: "" # The name of the database to be used name: "" # The user that is used to access the database user: "" # The password that is used to access the database password: "" # The port that the database listens on #port: 5432 # Allows for distinguishing between multiple database instances/servers #instance_id: "" # Configurations for the secrets vault vault: # If a secrets vault should be used # That is, if a dedicated software for secret management should be used # This should virtually always be true if storing any kind of sensitive information as it's the most secure option enabled: true # The type of secrets vault to use. # # Vaults # ------ # The following table lists the supported vault types: # # | Type | Description | Current Status | Required Fields | # | ----------- | -------------------- | -------------- | --------------------------------------------------- | # | `hashicorp` | Uses Hashicorp Vault | Implemented | `vaultName` (if `create` not true) | # | `azure` | Uses Azure Key Vault | Implemented | `vaultName`, `clientId`, `clientSecret`, `tenantId` | # type: "" # Configurations to create a Hashicorp Vault instance as part of the Helm chart # # THIS IS ONLY RELEVANT IF `type` IS SET TO `hashicorp` create: # If a Hashicorp Vault instance should be created as part of the Helm chart enabled: # Configurations for the image to use if creating the Hashicorp Vault instance # as part of the Helm chart image: # The repository of the image to use repository: # The tag of the image to use tag: # Configurations for the ingress of the created Hashicorp Vault instance ingress: # If an ingress should be created for the created Hashicorp Vault instance enabled: # The host of the ingress for the created Hashicorp Vault instance host: # As part of the custom Hashicorp Vault image it includes a "snapshot server" # This allows for the triggering and receiving of manual backups ("snapshots") and restoration via HTTP snapshotServer: # If the snapshot server should be enabled/running enabled: true # The external port that is opened via the service resource externalPort: 81 # The internal port that the snapshot server listens on internalPort: 8300 # Configurations for the storage of the created Hashicorp Vault instance storage: # The storage class to use for the created Hashicorp Vault instance's Persistent Volume Claim storageClass: # The size of the created Hashicorp Vault instance's Persistent Volume Claim size: # The capabilities of the policy to create for the app policyCapabilities: - read - create - update # The name of the vault instance to connect to # # This is relevant if type is set to `hashicorp` or `azure` # Note, if `create` is true this is ignored # # For `hashicorp`, this is generally the hostname of the Hashicorp Vault instance to connect to # For `azure`, this is the name of the Azure Key Vault instance to connect to #vaultName: "" # The port of the vault instance to connect to # # ONLY RELEVANT iF `type` IS SET TO `hashicorp` AND `create` IS NOT TRUE #vaultPort: # The client ID of the Azure Key Vault instance # # ONLY RELEVANT IF `type` IS SET TO `azure` #client-id: # The client secret of the Azure Key Vault instance # # ONLY RELEVANT IF `type` IS SET TO `azure` #client-secret: # The tenant ID of the Azure Key Vault instance # # ONLY RELEVANT IF `type` IS SET TO `azure` #tenant-id: # Configuration the NoSQL database # Within the parlance of the system these are often called "properties" databases (and store less structured data) nosql: # Determines the type of NoSQL storage that is used # # The following table lists the possible values for this field: # # | Value | Description | # | --------- | ------------------------------------------------------------------------------------------ | # | `mongodb` | Uses MongoDB as the NoSQL database for the default account properties database | # | `azure` | Uses Azure Table Storage as the NoSQL database for the default account properties database | # type: # If to create a resource as part of the deployment process # ONLY relevant if `type` is set to `mongodb` # This uses the [MongoDBCommunity CRD](https://github.com/mongodb/mongodb-kubernetes-operator) to create the resource create: false # The number of replicas/members as part of the Mongo deployment # See the `member` parameter of the [MongoDBCommunity CRD](https://github.com/mongodb/mongodb-kubernetes-operator) for more information # ONLY relevant if `type` is set to `mongodb` and `create` is set to `true` #replicaCount: # The TLS configuration for the connection to the NoSQL database # ONLY relevant if `type` is set to `mongodb` and `create` is set to `true` tls: # If to use TLS for the connection to the NoSQL database enabled: # The connection string used to access the NoSQL database # ONLY relevant if `type` is set to `mongodb` and `create` is set to `false` # Should be in the following format: `mongodb://:` #connectionString: "mongodb://mongo.example.com:27017" # The key used to access the NoSQL database # ONLY relevant if `type` is set to `azure` #key: "" # The name of the NoSQL database name: "" # The username used to access the NoSQL database # ONLY relevant if `type` is set to `mongodb` user: "" # The password used to access the NoSQL database # ONLY relevant if `type` is set to `mongodb` password: "" # Configurable NoSQL information groupings # For Azure Table Storage these are table names # For MongoDB these are collection names grouping: : "" # Configuration for cache server cache: type: "redis" # If to create a Redis instance/resource as part of the deployment process create: false # The image to use for the Redis instance # ONLY relevant if `create` is set to `true` image: {} # The number of replicas of the Redis instance # ONLY relevant if `create` is set to `true` #replicaCount: # Hostname of the Redis server # ONLY relevant if `create` is set to `false` #hostName: "" # The password to use for the Redis server password: "" # The port of the Redis server port: "" # Redis TLS Configurations tls: # If TLS is enabled for the Redis instance enabled: false # The port of the Redis instance for TLS # ONLY relevant if `tls.enabled` is set to `true` #port: "" # Configurations for communication services/relays comms: # Configurations for Email email: # If emailing is enabled # # Note, if `true` then the `type` must be set (along with any required fields for that type) # # Please see the notes on the `type` property below for more information. # Including required fields for each type enabled: true # The type/provider to use for sending emails # # The following types are supported: # # | Type | Description | Current Status | Required Fields | # | --------- | --------------------------------------- | -------------- | --------------------------------------- | # | `acs` | Uses Azure Communication Services (ACS) | Implemented | `connectionString` | # | `sendgrid`| Uses SendGrid | To-Do | `apiKey` | # | `smtp` | Uses SMTP | To-Do | `host`, `port`, `username`, `password` | # type: 'acs' # The connection string for the Azure Communication Services (ACS) Email service # # THIS IS REQUIRED IF `type` IS SET TO `acs`. Ignored otherwise. connectionString: "" # Configurations for integration with third-party services thirdParty: # Configurations for the Stripe integration stripe: # If the integration is enabled enabled: true # The public key (live) of the Stripe integration publicKey: # The secret key (live) of the Stripe integration secretKey: # The public key (test) of the Stripe integration testPublicKey: # The secret key (test) of the Stripe integration testSecretKey: # Configurations for the Moneris integration moneris: # If the integration is enabled enabled: true # The Merchant ID (production) for the Moneris integration merchantId: # The Store ID (production) for the Moneris integration storeId: # The Hosted Tokenization Profile ID (production) for the Moneris iframe htProfileId: # The Application/client ID (production) for the Moneris API appId: # The Application/client Secret (production) for the Moneris API appSecret: # The Merchant ID (test) for the Moneris integration testMerchantId: # The Store ID (test) for the Moneris integration testStoreId: # The Hosted Tokenization Profile ID (test) for the Moneris iframe testHtProfileId: # The Application/client ID (test) for the Moneris API testAppId: # The Application/client Secret (test) for the Moneris API testAppSecret: # Configuration for the logging sidecar loggingSidecar: # If the logging sidecar should be used (enabled) enabled: true # The image used for the logging sidecar image: repository: "/" tag: v1.0.0 pullPolicy: IfNotPresent # The name of the logging sidecar container name: logging-sidecar # The port that the logging sidecar listens on port: 3000 # Log aggretator authentication details auth: username: "" password: "" # Configuration for the backup sidecar backupSidecar: # If the backup sidecar should be used (enabled) enabled: true # The image used for the backup sidecar image: repository: "/" tag: v1.0.0 pullPolicy: IfNotPresent # The name of the backup sidecar container name: backup-sidecar # The port that the backup sidecar listens on port: 3001