simplified helm chart
This commit is contained in:
chgl
committed by
Jens Kristian Villadsen
Jens Kristian Villadsen
parent
79fddf8309
commit
eaffce0d42
@@ -1,33 +1,37 @@
|
||||
# Default values for hapi-fhir-jpaserver.
|
||||
# This is a YAML-formatted file.
|
||||
|
||||
# number of replicas
|
||||
# -- number of replicas to deploy
|
||||
replicaCount: 1
|
||||
|
||||
image: # +doc-gen:ignore
|
||||
registry: ghcr.io
|
||||
repository: chgl/hapifhir/hapi-fhir-jpaserver-starter
|
||||
tag: v5.3.0-distroless
|
||||
image:
|
||||
registry: docker.io
|
||||
repository: hapiproject/hapi
|
||||
# -- defaults to `Chart.appVersion`
|
||||
tag: ""
|
||||
# -- the flavor or variant of the image to use.
|
||||
# appended to the image tag by `-`.
|
||||
flavor: "distroless"
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# image pull secrets
|
||||
# -- image pull secrets to use when pulling the image
|
||||
imagePullSecrets: []
|
||||
|
||||
# -- override the chart name
|
||||
nameOverride: ""
|
||||
|
||||
# -- override the chart fullname
|
||||
fullnameOverride: ""
|
||||
|
||||
# annotations applied to the server deployment
|
||||
# -- annotations applied to the server deployment
|
||||
deploymentAnnotations: {}
|
||||
|
||||
# annotations applied to the server pod
|
||||
# -- annotations applied to the server pod
|
||||
podAnnotations: {}
|
||||
|
||||
# PodSecurityContext applied to the pod
|
||||
# -- pod security context
|
||||
podSecurityContext:
|
||||
{}
|
||||
# fsGroup: 2000
|
||||
|
||||
# ContainerSecurityContext applied to the container
|
||||
securityContext: # +doc-gen:ignore
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
@@ -36,31 +40,30 @@ securityContext: # +doc-gen:ignore
|
||||
runAsNonRoot: true
|
||||
runAsUser: 65532
|
||||
|
||||
# service to expose the server
|
||||
service:
|
||||
# type of service to expose the server
|
||||
type: ClusterIP
|
||||
# service port
|
||||
port: 8080
|
||||
|
||||
ingress:
|
||||
# whether to create an Ingress to expose the FHIR server web interface
|
||||
# -- whether to create an Ingress to expose the FHIR server HTTP endpoint
|
||||
enabled: false
|
||||
# provide any additional annotations which may be required. Evaluated as a template.
|
||||
# -- provide any additional annotations which may be required. Evaluated as a template.
|
||||
annotations:
|
||||
{}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: fhir-server.127.0.0.1.xip.io
|
||||
- host: fhir-server.127.0.0.1.nip.io
|
||||
pathType: ImplementationSpecific
|
||||
paths: ["/"]
|
||||
# ingress TLS config
|
||||
# -- ingress TLS config
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - chart-example.local
|
||||
|
||||
# resource requests and limits
|
||||
# -- configure the FHIR server's resource requests and limits
|
||||
resources:
|
||||
{}
|
||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||
@@ -74,30 +77,24 @@ resources:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
# node labels for pods assignment
|
||||
# see: <https://kubernetes.io/docs/user-guide/node-selection/>
|
||||
# -- node selector for the pod
|
||||
nodeSelector: {}
|
||||
|
||||
# tolerations for pods assignment
|
||||
# see: <https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/>
|
||||
# -- pod tolerations
|
||||
tolerations: []
|
||||
|
||||
# affinity for pods assignment
|
||||
# see: <https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity>
|
||||
# -- pod affinity
|
||||
affinity: {}
|
||||
|
||||
# see <https://github.com/bitnami/charts/tree/master/bitnami/postgresql> for details
|
||||
postgresql:
|
||||
# enable an included PostgreSQL DB.
|
||||
# if set to `false`, the values under `webApi.db` are used
|
||||
# -- enable an included PostgreSQL DB.
|
||||
# see <https://github.com/bitnami/charts/tree/master/bitnami/postgresql> for details
|
||||
# if set to `false`, the values under `externalDatabase` are used
|
||||
enabled: true
|
||||
# update the default Postgres version to 13.2
|
||||
image: # +doc-gen:break
|
||||
tag: 13.2.0
|
||||
# name of the database to create
|
||||
# -- name of the database to create
|
||||
# see: <https://github.com/bitnami/bitnami-docker-postgresql/blob/master/README.md#creating-a-database-on-first-run>
|
||||
postgresqlDatabase: "fhir"
|
||||
# Name of existing secret to use for PostgreSQL passwords.
|
||||
# -- Name of existing secret to use for PostgreSQL passwords.
|
||||
# The secret has to contain the keys `postgresql-password`
|
||||
# which is the password for `postgresqlUsername` when it is
|
||||
# different of `postgres`, `postgresql-postgres-password` which
|
||||
@@ -105,55 +102,58 @@ postgresql:
|
||||
# which will override `replication.password` and `postgresql-ldap-password`
|
||||
# which will be sed to authenticate on LDAP. The value is evaluated as a template.
|
||||
existingSecret: ""
|
||||
replication:
|
||||
# should be true for production use
|
||||
enabled: false
|
||||
# number of read replicas
|
||||
readReplicas: 2
|
||||
# set synchronous commit mode: on, off, remote_apply, remote_write and local
|
||||
synchronousCommit: "on"
|
||||
# from the number of `readReplicas` defined above, set the number of those that will have synchronous replication
|
||||
numSynchronousReplicas: 1
|
||||
metrics:
|
||||
# should also be true for production use
|
||||
enabled: false
|
||||
serviceMonitor:
|
||||
# create a Prometheus Operator ServiceMonitor resource
|
||||
enabled: false
|
||||
# the labels used for Prometheus autodiscover, e.g. could be `release: prometheus`
|
||||
additionalLabels: {}
|
||||
containerSecurityContext: # +doc-gen:ignore
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
|
||||
# readiness probe
|
||||
readinessProbe: # +doc-gen:ignore
|
||||
readinessProbe:
|
||||
failureThreshold: 5
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 20
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 20
|
||||
# startup probe
|
||||
startupProbe: # +doc-gen:ignore
|
||||
|
||||
startupProbe:
|
||||
failureThreshold: 10
|
||||
initialDelaySeconds: 60
|
||||
periodSeconds: 30
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 30
|
||||
|
||||
# only used if `postgresql.enabeld=false`
|
||||
externalDatabase:
|
||||
# Database host
|
||||
# -- external database host used with `postgresql.enabled=false`
|
||||
host: localhost
|
||||
# non-root Username for FHIR Database
|
||||
user: fhir
|
||||
# Database password
|
||||
password: ""
|
||||
# Name of an existing secret resource containing the DB password in a 'postgresql-password' key
|
||||
existingSecret: ""
|
||||
# Database name
|
||||
database: fhir
|
||||
# Database port number
|
||||
# -- database port number
|
||||
port: 5432
|
||||
# -- username for the external database
|
||||
user: fhir
|
||||
# -- database password
|
||||
password: ""
|
||||
# -- name of an existing secret resource containing the DB password in the `existingSecretKey` key
|
||||
existingSecret: ""
|
||||
# -- name of the key inside the `existingSecret`
|
||||
existingSecretKey: "postgresql-password"
|
||||
# -- database name
|
||||
database: fhir
|
||||
|
||||
networkPolicy:
|
||||
# -- enable NetworkPolicy
|
||||
enabled: false
|
||||
# -- a Kubernetes LabelSelector to explicitly select namespaces from which ingress traffic could be allowed
|
||||
explicitNamespacesSelector:
|
||||
{}
|
||||
# matchLabels:
|
||||
# team: one
|
||||
# test: foo
|
||||
|
||||
# -- Additional allowed NetworkPolicyPeer specs
|
||||
# Evaluated as a template so you could do:
|
||||
#
|
||||
# Example:
|
||||
# allowedFrom:
|
||||
# - podSelector:
|
||||
# matchLabels:
|
||||
# app.kubernetes.io/name: {{ $.Release.Name }}
|
||||
allowedFrom: []
|
||||
|
||||
Reference in New Issue
Block a user