services: qovery: qovery-cluster-agent: enabled: true qovery-shell-agent: enabled: true qovery-engine: enabled: true qovery-priority-class: enabled: true ingress: ingress-nginx: enabled: true dns: external-dns: enabled: true logging: loki: enabled: false promtail: enabled: false certificates: cert-manager: enabled: true cert-manager-configs: enabled: true qovery-cert-manager-webhook: enabled: true observability: metrics-server: enabled: false aws: q-storageclass-aws: enabled: false aws-ebs-csi-driver: enabled: false aws-load-balancer-controller: enabled: false gcp: q-storageclass-gcp: enabled: false scaleway: q-storageclass-scaleway: enabled: false azure: q-storageclass-azure: enabled: false qovery: clusterId: &clusterId set-by-customer clusterShortId: &clusterShortId set-by-customer organizationId: &organizationId set-by-customer jwtToken: &jwtToken set-by-customer rootDomain: &rootDomain set-by-customer domain: &domain set-by-customer domainWildcard: &domainWildcard set-by-customer qoveryDnsUrl: &qoveryDnsUrl set-by-customer agentGatewayUrl: &agentGatewayUrl set-by-customer engineGatewayUrl: &engineGatewayUrl set-by-customer lokiUrl: &lokiUrl set-by-customer promtailLokiUrl: &promtailLokiUrl set-by-customer acmeEmailAddr: &acmeEmailAddr set-by-customer externalDnsPrefix: &externalDnsPrefix set-by-customer architectures: &architectures set-by-customer engineVersion: &engineVersion set-by-customer shellAgentVersion: &shellAgentVersion set-by-customer clusterAgentVersion: &clusterAgentVersion set-by-customer qovery-cluster-agent: fullnameOverride: qovery-shell-agent image: tag: *clusterAgentVersion environmentVariables: CLUSTER_ID: *clusterId CLUSTER_JWT_TOKEN: *jwtToken GRPC_SERVER: *agentGatewayUrl LOKI_URL: '' ORGANIZATION_ID: *organizationId useSelfSignCertificate: true qovery-shell-agent: fullnameOverride: qovery-shell-agent image: tag: *shellAgentVersion environmentVariables: CLUSTER_ID: *clusterId CLUSTER_JWT_TOKEN: *jwtToken GRPC_SERVER: *agentGatewayUrl ORGANIZATION_ID: *organizationId qovery-engine: image: tag: *engineVersion engineResources: null buildContainer: environmentVariables: BUILDER_CPU_ARCHITECTURES: *architectures BUILDER_ROOTLESS_ENABLED: 'false' environmentVariables: CLUSTER_ID: *clusterId CLUSTER_JWT_TOKEN: *jwtToken DOCKER_HOST: tcp://0.0.0.0:2375 GRPC_SERVER: *engineGatewayUrl LIB_ROOT_DIR: /home/qovery/lib ORGANIZATION_ID: *organizationId ingress-nginx: fullnameOverride: ingress-nginx controller: useComponentLabel: true allowSnippetAnnotations: true ingressClass: nginx-qovery ingressClassResource: name: nginx-qovery extraArgs: default-ssl-certificate: "qovery/letsencrypt-acme-qovery-cert" publishService: enabled: true config: # annotation risk level - needed because of nginx.ingress.kubernetes.io/configuration-snippet in ingress configuration annotations-risk-level: "Critical" service: enabled: true annotations: # Qovery managed DNS requieres *.$domain (something like: *..) external-dns.alpha.kubernetes.io/hostname: *domainWildcard external-dns: fullnameOverride: external-dns # We have only 1 instance of external-dns, so creating pdb benefits nothing and may create unnecessary constraints # i.e: Karpenter will take them into account pdb: create: false # Make external DNS ignore this ingress https://github.com/kubernetes-sigs/external-dns/issues/1910#issuecomment-976371247 annotationFilter: "external-dns.alpha.kubernetes.io/exclude notin (true)" # set domainFilters to the domain you want to manage domainFilters: [*rootDomain] triggerLoopOnEvent: true policy: sync # avoid dns collision with other external-dns instances txtOwnerId: *clusterShortId txtPrefix: *externalDnsPrefix # set the number of replicas you want to use replicas: 1 # set the rolling update strategy you want to apply updateStrategy: type: RollingUpdate # remove if you don't want to use a custom image image: repository: public.ecr.aws/r3m4q3r9/pub-mirror-external-dns # set the provider to use (pdns for Qovery DNS demo) provider: name: pdns # Configure PDNS provider # pdns-server: environment variable with port concatenation # pdns-api-key: environment variable containing the API key extraArgs: pdns-server: "$(QOVERY_DNS_URL):443" pdns-api-key: "$(PDNS_API_KEY)" # Environment variables reference YAML anchors from values.yaml qovery: section env: - name: QOVERY_DNS_URL value: *qoveryDnsUrl - name: PDNS_API_KEY value: *jwtToken # set resources resources: limits: cpu: 50m memory: 100Mi requests: cpu: 50m memory: 100Mi promtail: {} loki: {} cert-manager: fullnameOverride: cert-manager global: leaderElection: namespace: qovery installCRDs: true replicaCount: 1 startupapicheck: jobAnnotations: helm.sh/hook: post-install,post-upgrade rbac: annotations: helm.sh/hook: post-install,post-upgrade serviceAccount: annotations: helm.sh/hook: post-install,post-upgrade qovery-cert-manager-webhook: fullnameOverride: qovery-cert-manager-webhook certManager: namespace: qovery serviceAccountName: cert-manager secret: apiUrl: *qoveryDnsUrl apiKey: *jwtToken cert-manager-configs: fullnameOverride: cert-manager-configs externalDnsProvider: pdns # Qovery DNS namespace: "qovery" managedDns: [*domain] acme: letsEncrypt: emailReport: *acmeEmailAddr # set the Let's Encrypt URL # Test: https://acme-staging-v02.api.letsencrypt.org/directory # Prod: acmeUrl: https://acme-v02.api.letsencrypt.org/directory provider: pdns: apiPort: "443" apiUrl: *qoveryDnsUrl apiKey: *jwtToken