-
Notifications
You must be signed in to change notification settings - Fork 49
/
values.yaml
217 lines (208 loc) · 9.44 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
auth:
git:
username: "admin"
password: ""
url: https://github.com
docker:
# if specified use the docker config.json style secret like this:
# https://github.com/tektoncd/pipeline/blob/master/docs/auth.md#configuring-docker-authentication-for-docker
configJson: ""
serviceaccount:
enabled: true
annotations: {}
# Values for tekton-pipelines-controller
controller:
deployment:
image: gcr.io/tekton-releases/github.com/tektoncd/pipeline/cmd/controller:v0.42.0@sha256:1fa50403c071b768984e23e26d0e68d2f7e470284ef2eb73581ec556bacdad95
labels: {}
pod:
labels: {}
annotations: {}
# specifies the name of an optional kubernetes secret to mount environment variables from for things like HTTP proxy
envFromSecret: "tekton-env"
# Add node affinity tolerations for tekton-pipeline-controller. Add additional matchExpressions below. Default is set.
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: NotIn
values:
- windows
tolerations: []
nodeSelector: {}
resources: {}
# Values for tekton-pipelines-webhook
webhook:
deployment:
labels: {}
pod:
labels: {}
# specifies the name of an optional kubernetes secret to mount environment variables from for things like HTTP proxy
envFromSecret: "tekton-env"
# Add node affinity tolerations for tekton-pipelines-webhook. Add additional matchExpressions below. Default is set.
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/os
operator: NotIn
values:
- windows
tolerations: []
nodeSelector: {}
# Values to amend tekton-pipelines-remote-resolvers
remoteresolver:
affinity: {}
tolerations: []
nodeSelector: {}
resources:
requests:
cpu: 100m
memory: 100Mi
limits:
cpu: 1000m
memory: 1000Mi
# configuration to put in the config-defaults ConfigMap
configDefaults:
_example: |
################################
# #
# EXAMPLE CONFIGURATION #
# #
################################
# This block is not actually functional configuration,
# but serves to illustrate the available configuration
# options and document them in a way that is accessible
# to users that `kubectl edit` this config map.
#
# These sample configuration options may be copied out of
# this example block and unindented to be in the data block
# to actually change the configuration.
# default-timeout-minutes contains the default number of
# minutes to use for TaskRun and PipelineRun, if none is specified.
default-timeout-minutes: "60" # 60 minutes
# default-service-account contains the default service account name
# to use for TaskRun and PipelineRun, if none is specified.
default-service-account: "default"
# default-managed-by-label-value contains the default value given to the
# "app.kubernetes.io/managed-by" label applied to all Pods created for
# TaskRuns. If a user's requested TaskRun specifies another value for this
# label, the user's request supercedes.
default-managed-by-label-value: "tekton-pipelines"
# default-pod-template contains the default pod template to use for
# TaskRun and PipelineRun. If a pod template is specified on the
# PipelineRun, the default-pod-template is merged with that one.
# default-pod-template:
# default-affinity-assistant-pod-template contains the default pod template
# to use for affinity assistant pods. If a pod template is specified on the
# PipelineRun, the default-affinity-assistant-pod-template is merged with
# that one.
# default-affinity-assistant-pod-template:
# default-cloud-events-sink contains the default CloudEvents sink to be
# used for TaskRun and PipelineRun, when no sink is specified.
# Note that right now it is still not possible to set a PipelineRun or
# TaskRun specific sink, so the default is the only option available.
# If no sink is specified, no CloudEvent is generated
# default-cloud-events-sink:
# default-task-run-workspace-binding contains the default workspace
# configuration provided for any Workspaces that a Task declares
# but that a TaskRun does not explicitly provide.
# default-task-run-workspace-binding: |
# emptyDir: {}
# default-max-matrix-combinations-count contains the default maximum number
# of combinations from a Matrix, if none is specified.
default-max-matrix-combinations-count: "256"
gitResolverConfig:
# The maximum amount of time a single anonymous cloning resolution may take.
fetch-timeout: "1m"
# The git url to fetch the remote resource from when using anonymous cloning.
default-url: "https://github.com/tektoncd/catalog.git"
# The git revision to fetch the remote resource from with either anonymous cloning or the authenticated API.
default-revision: "main"
# The SCM type to use with the authenticated API. Can be github, gitlab, gitea, bitbucketserver, bitbucketcloud
scm-type: "github"
# The SCM server URL to use with the authenticated API. Not needed when using github.com, gitlab.com, or BitBucket Cloud
server-url: ""
# The Kubernetes secret containing the API token for the SCM provider. Required when using the authenticated API.
api-token-secret-name: ""
# The key in the API token secret containing the actual token. Required when using the authenticated API.
api-token-secret-key: ""
# The namespace containing the API token secret. Defaults to "default".
api-token-secret-namespace: "default"
# The default organization to look for repositories under when using the authenticated API,
# if not specified in the resolver parameters. Optional.
default-org: ""
# feature flags to put in feature-flags ConfigMap
featureFlags:
# Setting this flag to "true" will prevent Tekton to create an
# Affinity Assistant for every TaskRun sharing a PVC workspace
#
# The default behaviour is for Tekton to create Affinity Assistants
#
# See more in the workspace documentation about Affinity Assistant
# https://github.com/tektoncd/pipeline/blob/main/docs/workspaces.md#affinity-assistant-and-specifying-workspace-order-in-a-pipeline
# or https://github.com/tektoncd/pipeline/pull/2630 for more info.
disable-affinity-assistant: "false"
# Setting this flag to "true" will prevent Tekton scanning attached
# service accounts and injecting any credentials it finds into your
# Steps.
#
# The default behaviour currently is for Tekton to search service
# accounts for secrets matching a specified format and automatically
# mount those into your Steps.
#
# Note: setting this to "true" will prevent PipelineResources from
# working.
#
# See https://github.com/tektoncd/pipeline/issues/2791 for more
# info.
disable-creds-init: "false"
# Setting this flag to "false" will stop Tekton from waiting for a
# TaskRun's sidecar containers to be running before starting the first
# step. This will allow Tasks to be run in environments that don't
# support the DownwardAPI volume type, but may lead to unintended
# behaviour if sidecars are used.
#
# See https://github.com/tektoncd/pipeline/issues/4937 for more info.
await-sidecar-readiness: "true"
# This option should be set to false when Pipelines is running in a
# cluster that does not use injected sidecars such as Istio. Setting
# it to false should decrease the time it takes for a TaskRun to start
# running. For clusters that use injected sidecars, setting this
# option to false can lead to unexpected behavior.
#
# See https://github.com/tektoncd/pipeline/issues/2080 for more info.
running-in-environment-with-injected-sidecars: "true"
# Setting this flag to "true" will require that any Git SSH Secret
# offered to Tekton must have known_hosts included.
#
# See https://github.com/tektoncd/pipeline/issues/2981 for more
# info.
require-git-ssh-secret-known-hosts: "false"
# Setting this flag to "true" enables the use of Tekton OCI bundle.
# This is an experimental feature and thus should still be considered
# an alpha feature.
enable-tekton-oci-bundles: "false"
# Setting this flag to "true" enables the use of custom tasks from
# within pipelines.
# This is an experimental feature and thus should still be considered
# an alpha feature.
enable-custom-tasks: "false"
# Setting this flag will determine which gated features are enabled.
# Acceptable values are "stable", "beta", or "alpha".
enable-api-fields: "stable"
# Setting this flag to "true" enables CloudEvents for Runs, as long as a
# CloudEvents sink is configured in the config-defaults config map
send-cloudevents-for-runs: "false"
# Setting this flag to "enforce" will enforce verification of tasks/pipeline. Failing to verify
# will fail the taskrun/pipelinerun. "warn" will only log the err message and "skip"
# will skip the whole verification
resource-verification-mode: "skip"
# Setting this flag to "true" enables populating the "provenance" field in TaskRun
# and PipelineRun status. This field contains metadata about resources used
# in the TaskRun/PipelineRun such as the source from where a remote Task/Pipeline
# definition was fetched.
enable-provenance-in-status: "false"