deblan/gitea-sonarqube-bot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
gitea-sonarqube-bot/helm/values.yaml
justusbunsi 685c834b61
Allow pull request naming pattern customization (#28) 
Fixes: #3

Signed-off-by: Steven Kriegler <sk.bunsenbrenner@gmail.com>
2022-06-18 14:03:56 +02:00

223 lines
10 KiB
YAML
Raw Blame History

# @section Common parameters
# @param replicaCount Number of replicas for the bot
replicaCount: 1
# ref: https://hub.docker.com/r/justusbunsi/gitea-sonarqube-bot/tags/
# @param image.repository Image repository
# @param image.pullPolicy Image pull policy
# @param image.tag Image tag (Overrides the image tag whose default is the chart `appVersion`)
image:
repository: justusbunsi/gitea-sonarqube-bot
pullPolicy: IfNotPresent
tag: ""
# @param imagePullSecrets Specify docker-registry secret names as an array
imagePullSecrets: []
# @param nameOverride String to partially override common.names.fullname template (will maintain the release name)
nameOverride: ""
# @param fullnameOverride String to fully override common.names.fullname template
fullnameOverride: ""
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# @param resources.limits The resources limits for the container
# @param resources.requests The requested resources for the container
resources:
limits: {}
# cpu: 100m
# memory: 128Mi
requests: {}
# cpu: 100m
# memory: 128Mi
# @param nodeSelector Node labels for pod assignment. Evaluated as a template.
# ref: https://kubernetes.io/docs/user-guide/node-selection/
nodeSelector: {}
# @param tolerations Tolerations for pod assignment. Evaluated as a template.
# ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []
# @param affinity Affinity for pod assignment. Evaluated as a template.
# ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
affinity: {}
# @param podAnnotations Pod annotations.
podAnnotations: {}
# @section App parameters
app:
# @param app.configLocationOverride Override the default location of the configuration file (`/home/bot/config/config.yaml`). **Available since Chart version `0.2.0`. Requires at least image tag `v0.2.0`**. (See values file for details)
# Setting this will also change the mount point for `.Values.app.configuration` to the directory part of the override value.
configLocationOverride: ""
# @param app.listeningPort Port the application will listening on inside the pod container. **Available since Chart version `0.2.1`. Requires at least image tag `v0.2.1`**.
listeningPort: 3000
# This object represents the [config.yaml](https://codeberg.org/justusbunsi/gitea-sonarqube-bot/src/branch/main/config/config.example.yaml) provided to the application.
configuration:
# Gitea related configuration. Necessary for adding/updating comments on repository pull requests
gitea:
# @param app.configuration.gitea.url Endpoint of your Gitea instance. Must be expandable by '/api/v1' to form the API base path as shown in Swagger UI.
url: ""
# Created access token for the user that shall be used as bot account.
# User needs "Read project" permissions with access to "Pull Requests"
# @param app.configuration.gitea.token.value Gitea token as plain text. Can be replaced with `file` key containing path to file.
token:
value: ""
# # or path to file containing the plain text secret
# file: /bot/secrets/gitea/user-token
# If the sent webhook has a signature header, the bot validates the request payload. If the value does not match, the
# request will be ignored.
# The bot looks for `X-Gitea-Signature` header containing the sha256 hmac hash of the plain text secret. If the header
# exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be validated.
# @skip app.configuration.gitea.webhook
webhook:
secret: ""
# # or path to file containing the plain text secret
# secretFile: /bot/secrets/gitea/webhook-secret
# SonarQube related configuration. Necessary for requesting data from the API and processing the webhook.
sonarqube:
# @param app.configuration.sonarqube.url Endpoint of your SonarQube instance. Must be expandable by '/api' to form the API base path.
url: ""
# Created access token for the user that shall be used as bot account.
# User needs "Browse on project" permissions
# @param app.configuration.sonarqube.token.value SonarQube token as plain text. Can be replaced with `file` key containing path to file.
token:
value: ""
# # or path to file containing the plain text secret
# file: /bot/secrets/sonarqube/user-token
# If the sent webhook has a signature header, the bot validates the request payload. If the value does not match, the
# request will be ignored.
# The bot looks for `X-Sonar-Webhook-HMAC-SHA256` header containing the sha256 hmac hash of the plain text secret.
# If the header exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be
# validated.
# @skip app.configuration.sonarqube.webhook
webhook:
secret: ""
# # or path to file containing the plain text secret
# secretFile: /bot/secrets/sonarqube/webhook-secret
# Some useful metrics depend on the edition in use. There are various ones like code_smells, vulnerabilities, bugs, etc.
# By default the bot will extract "bugs,vulnerabilities,code_smells"
# @param app.configuration.sonarqube.additionalMetrics Setting this option you can extend that default list by your own metrics.
additionalMetrics: []
# - "new_security_hotspots"
# List of project mappings to take care of. Webhooks for other projects will be ignored.
# At least one must be configured. Otherwise all webhooks (no matter which source) because the bot cannot map on its own.
# @param app.configuration.projects[0].sonarqube.key Project key inside SonarQube
# @param app.configuration.projects[0].gitea.owner Repository owner inside Gitea
# @param app.configuration.projects[0].gitea.name Repository name inside Gitea
projects:
- sonarqube:
key: ""
# A repository specification contains the owner name and the repository name itself. The owner can be the name of a
# real account or an organization in which the repository is located.
gitea:
owner: ""
name: ""
# Define pull request names from SonarScanner analysis. Default pattern matches the Jenkins Gitea plugin schema.
# @param app.configuration.namingPattern.regex Regular expression that MUST HAVE exactly ONE GROUP that matches the integer part of the PR. That integer part is identical to the pull request ID in Gitea.
# @param app.configuration.namingPattern.template Valid Go format string. It MUST have one integer placeholder which will be replaced by the pull request ID. See: https://pkg.go.dev/fmt#hdr-Printing
namingPattern:
regex: "^PR-(\\d+)$"
template: "PR-%d"
# @param volumes If token and webhook secrets shall be provided via file, volumes and volume mounts can be configured to setup the environment accordingly
volumes: []
# - name: gitea-connection
# secret:
# secretName: gitea-secret-with-token-and-maybe-webhook-secret
# - name: sonarqube-connection
# secret:
# secretName: sonarqube-secret-with-token-and-maybe-webhook-secret
# @param volumeMounts If token and webhook secrets shall be provided via file, volumes and volume mounts can be configured to setup the environment accordingly
volumeMounts: []
# - name: gitea-connection
# readOnly: true
# mountPath: "/bot/secrets/gitea/"
# - name: sonarqube-connection
# readOnly: true
# mountPath: "/bot/secrets/sonarqube/"
# @section Security parameters
serviceAccount:
# @param serviceAccount.create Specifies whether a service account should be created
create: true
# @param serviceAccount.annotations Annotations to add to the service account
annotations: {}
# @param serviceAccount.name The name of the service account to use. If not set and create is true, a name is generated using the fullname template
name: ""
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
# @param podSecurityContext.fsGroup Group ID for the container
podSecurityContext:
fsGroup: 1000
# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
# @param securityContext.readOnlyRootFilesystem Mounts the container's root filesystem as read-only
# @param securityContext.runAsNonRoot Avoid running as root user
# @param securityContext.runAsUser User ID for the container
securityContext:
# capabilities:
# drop:
# - ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
# @section Traffic exposure parameters
# @param service.type Service type
# @param service.port Service port
service:
type: ClusterIP
port: 80
# ref: https://kubernetes.io/docs/user-guide/ingress/
ingress:
# @param ingress.enabled Enable ingress controller resource
enabled: false
# @param ingress.className IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)
# This is supported in Kubernetes 1.18+ and required if you have more than one IngressClass marked as the default for your cluster.
# ref: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
className: ""
# @param ingress.annotations Additional annotations for the Ingress resource.
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# @param ingress.hosts[0].host Host for the ingress resource
# @param ingress.hosts[0].paths[0].path The path to the bot endpoint
# @param ingress.hosts[0].paths[0].pathType Ingress path type
hosts:
- host: sqbot.example.com
paths:
- path: /
pathType: ImplementationSpecific
# @param ingress.tls The tls configuration for additional hostnames to be covered with configured ingress.
# see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls
tls: []
# - hosts:
# - sqbot.example.com
# secretName: chart-example-tls
Reference in a new issue View git blame Copy permalink