helm/korifi/values.schema.json
{
"$schema": "https://json-schema.org/draft-07/schema#",
"properties": {
"adminUserName": {
"description": "Name of the admin user that will be bound to the Cloud Foundry Admin role.",
"type": "string"
},
"rootNamespace": {
"description": "Root of the Cloud Foundry namespace hierarchy.",
"type": "string"
},
"debug": {
"description": "Enables remote debugging with [Delve](https://github.com/go-delve/delve).",
"type": "boolean"
},
"logLevel": {
"description": "Sets level of logging for api and controllers components. Can be 'info' or 'debug'.",
"type": "string",
"enum": ["info", "debug"]
},
"defaultAppDomainName": {
"description": "Base domain name for application URLs.",
"type": "string"
},
"generateIngressCertificates": {
"description": "Use `cert-manager` to generate self-signed certificates for the API and app endpoints.",
"type": "boolean"
},
"containerRepositoryPrefix": {
"description": "The prefix of the container repository where package and droplet images will be pushed. This is suffixed with the app GUID and `-packages` or `-droplets`. For example, a value of `index.docker.io/korifi/` will result in `index.docker.io/korifi/<appGUID>-packages` and `index.docker.io/korifi/<appGUID>-droplets` being pushed.",
"type": "string",
"pattern": "^[a-z0-9]+([._-][a-z0-9]+)*(:[0-9]+)?(/[a-z0-9]+([._-][a-z0-9]+)*)*/?$"
},
"containerRegistrySecret": {
"deprecated": true,
"description": "Deprecated in favor of containerRegistrySecrets.",
"type": "string"
},
"containerRegistrySecrets": {
"description": "List of `Secret` names to use when pushing or pulling from package, droplet and kpack builder repositories. Required if eksContainerRegistryRoleARN not set. Ignored if eksContainerRegistryRoleARN is set.",
"type": "array",
"items": {
"type": "string"
}
},
"systemImagePullSecrets": {
"description": "List of `Secret` names to be used when pulling Korifi system images from private registries",
"type": "array",
"items": {
"type": "string"
}
},
"eksContainerRegistryRoleARN": {
"description": "Amazon Resource Name (ARN) of the IAM role to use to access the ECR registry from an EKS deployed Korifi. Required if containerRegistrySecret not set.",
"type": "string"
},
"reconcilers": {
"type": "object",
"properties": {
"build": {
"description": "ID of the image builder to set on all `BuildWorkload` objects. Defaults to `kpack-image-builder`.",
"type": "string"
},
"app": {
"description": "ID of the workload runner to set on all `AppWorkload` objects. Defaults to `statefulset-runner`.",
"type": "string"
}
},
"required": ["build", "run"]
},
"stagingRequirements": {
"type": "object",
"properties": {
"memoryMB": {
"description": "Memory request in MB for staging.",
"type": "integer"
},
"diskMB": {
"description": "Ephemeral Disk request in MB for staging apps.",
"type": "integer"
},
"buildCacheMB": {
"description": "Persistent disk in MB for caching staging artifacts across builds.",
"type": "integer"
}
},
"required": ["memoryMB", "diskMB", "buildCacheMB"]
},
"api": {
"properties": {
"include": {
"description": "Deploy the API component.",
"type": "boolean"
},
"nodeSelector": {
"description": "Node labels for korifi-api pod assignment.",
"type": "object",
"properties": {}
},
"tolerations": {
"type": "array",
"items": {
"type": "object",
"properties": {
"key": { "type": "string" },
"operator": { "type": "string" },
"value": { "type": "string" },
"effect": { "type": "string" }
},
"required": ["key", "operator", "effect"]
},
"description": "Korifi-api pod tolerations for taints."
},
"replicas": {
"description": "Number of replicas.",
"type": "integer"
},
"resources": {
"description": "[`ResourceRequirements`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#resourcerequirements-v1-core) for the API.",
"type": "object",
"properties": {
"requests": {
"description": "Resource requests.",
"type": "object",
"properties": {
"cpu": {
"description": "CPU request.",
"type": "string"
},
"memory": {
"description": "Memory request.",
"type": "string"
}
}
},
"limits": {
"description": "Resource limits.",
"type": "object",
"properties": {
"cpu": {
"description": "CPU limit.",
"type": "string"
},
"memory": {
"description": "Memory limit.",
"type": "string"
}
}
}
}
},
"apiServer": {
"type": "object",
"properties": {
"url": {
"description": "API URL.",
"type": "string"
},
"port": {
"description": "API external port. Defaults to `443`.",
"type": "integer"
},
"internalPort": {
"description": "Port used internally by the API container.",
"type": "integer"
},
"timeouts": {
"type": "object",
"description": "HTTP timeouts.",
"properties": {
"read": {
"description": "Read timeout.",
"type": "integer"
},
"write": {
"description": "Write timeout.",
"type": "integer"
},
"idle": {
"description": "Idle timeout.",
"type": "integer"
},
"readHeader": {
"description": "Read header timeout.",
"type": "integer"
}
},
"required": ["read", "write", "idle", "readHeader"]
}
},
"required": ["url", "port", "internalPort", "timeouts"]
},
"image": {
"description": "Reference to the API container image.",
"type": "string"
},
"infoConfig": {
"type": "object",
"description": "The /v3/info endpoint configuration.",
"properties": {
"description": {
"description": "`description` attribute in the /v3/info endpoint",
"type": "string"
},
"name": {
"description": "`name` attribute in the /v3/info endpoint",
"type": "string"
},
"minCLIVersion": {
"description": "`minimum` CLI version attribute in the /v3/info endpoint",
"type": "string"
},
"recommendedCLIVersion": {
"description": "`recommended` CLI version attribute in the /v3/info endpoint",
"type": "string"
},
"custom": {
"description": "`custom` attribute in the /v3/info endpoint",
"type": "object",
"properties": {}
},
"supportAddress": {
"description": "`support` attribute in the /v3/info endpoint",
"type": "string"
}
},
"required": [
"description",
"name",
"minCLIVersion",
"recommendedCLIVersion",
"custom",
"supportAddress"
]
},
"lifecycle": {
"type": "object",
"description": "Default lifecycle for apps.",
"properties": {
"type": {
"description": "Lifecycle type (only `buildpack` accepted currently).",
"type": "string",
"enum": ["buildpack"]
},
"stack": {
"description": "Stack.",
"type": "string"
}
},
"required": ["type", "stack"]
},
"userCertificateExpirationWarningDuration": {
"description": "Issue a warning if the user certificate provided for login has a long expiry. See [`time.ParseDuration`](https://pkg.go.dev/time#ParseDuration) for details on the format.",
"type": "string"
},
"authProxy": {
"type": "object",
"description": "Needed if using a cluster authentication proxy, e.g. [Pinniped](https://pinniped.dev/).",
"properties": {
"host": {
"description": "Must be a host string, a host:port pair, or a URL to the base of the apiserver.",
"type": "string"
},
"caCert": {
"description": "Proxy's PEM-encoded CA certificate (*not* as Base64).",
"type": "string"
}
}
}
},
"required": [
"include",
"apiServer",
"image",
"lifecycle",
"userCertificateExpirationWarningDuration"
],
"type": "object"
},
"controllers": {
"properties": {
"replicas": {
"description": "Number of replicas.",
"type": "integer"
},
"nodeSelector": {
"description": "Node labels for korifi-controllers pod assignment.",
"type": "object",
"properties": {}
},
"tolerations": {
"type": "array",
"items": {
"type": "object",
"properties": {
"key": { "type": "string" },
"operator": { "type": "string" },
"value": { "type": "string" },
"effect": { "type": "string" }
},
"required": ["key", "operator", "effect"]
},
"description": "Korifi-controllers pod tolerations for taints."
},
"resources": {
"description": "[`ResourceRequirements`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#resourcerequirements-v1-core) for the API.",
"type": "object",
"properties": {
"requests": {
"description": "Resource requests.",
"type": "object",
"properties": {
"cpu": {
"description": "CPU request.",
"type": "string"
},
"memory": {
"description": "Memory request.",
"type": "string"
}
}
},
"limits": {
"description": "Resource limits.",
"type": "object",
"properties": {
"cpu": {
"description": "CPU limit.",
"type": "string"
},
"memory": {
"description": "Memory limit.",
"type": "string"
}
}
}
}
},
"image": {
"description": "Reference to the controllers container image.",
"type": "string"
},
"processDefaults": {
"type": "object",
"properties": {
"memoryMB": {
"description": "Default memory limit for the `web` process.",
"type": "integer"
},
"diskQuotaMB": {
"description": "Default disk quota for the `web` process.",
"type": "integer"
}
},
"required": ["memoryMB", "diskQuotaMB"]
},
"taskTTL": {
"description": "How long before the `CFTask` object is deleted after the task has completed. See [`time.ParseDuration`](https://pkg.go.dev/time#ParseDuration) for details on the format, an additional `d` suffix for days is supported.",
"type": "string"
},
"workloadsTLSSecret": {
"description": "TLS secret used when setting up an app routes.",
"type": "string"
},
"namespaceLabels": {
"description": "Key-value pairs that are going to be set as labels on the namespaces created by Korifi.",
"type": "object",
"properties": {}
},
"extraVCAPApplicationValues": {
"description": "Key-value pairs that are going to be set in the VCAP_APPLICATION env var on apps. Nested values are not supported.",
"type": "object",
"properties": {}
},
"maxRetainedPackagesPerApp": {
"description": "How many 'ready' packages to keep, excluding the package associated with the app's current droplet. Older 'ready' packages will be deleted, along with their corresponding container images.",
"type": "integer",
"minimum": 1
},
"maxRetainedBuildsPerApp": {
"description": "How many staged builds to keep, excluding the app's current droplet. Older staged builds will be deleted, along with their corresponding container images.",
"type": "integer",
"minimum": 1
}
},
"required": ["image", "taskTTL", "workloadsTLSSecret"],
"type": "object"
},
"kpackImageBuilder": {
"properties": {
"include": {
"description": "Deploy the `kpack-image-builder` component.",
"type": "boolean"
},
"replicas": {
"description": "Number of replicas.",
"type": "integer"
},
"resources": {
"description": "[`ResourceRequirements`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#resourcerequirements-v1-core) for the API.",
"type": "object",
"properties": {
"requests": {
"description": "Resource requests.",
"type": "object",
"properties": {
"cpu": {
"description": "CPU request.",
"type": "string"
},
"memory": {
"description": "Memory request.",
"type": "string"
}
}
},
"limits": {
"description": "Resource limits.",
"type": "object",
"properties": {
"cpu": {
"description": "CPU limit.",
"type": "string"
},
"memory": {
"description": "Memory limit.",
"type": "string"
}
}
}
}
},
"clusterBuilderName": {
"description": "The name of the `ClusterBuilder` Kpack has been configured with. Leave blank to let `kpack-image-builder` create an example `ClusterBuilder`.",
"type": "string"
},
"builderReadinessTimeout": {
"description": "The time that the kpack Builder will be waited for if not in ready state, berfore the build workload fails. See [`time.ParseDuration`](https://pkg.go.dev/time#ParseDuration) for details on the format, an additional `d` suffix for days is supported.",
"type": "string"
},
"clusterStackID": {
"description": "The ID of the `ClusterStack`. Used when `clusterBuilderName` is blank.",
"type": "string"
},
"clusterStackBuildImage": {
"description": "The image to use for building defined in the `ClusterStack`. Used when `clusterBuilderName` is blank.",
"type": "string"
},
"clusterStackRunImage": {
"description": "The image to use for running defined in the `ClusterStack`. Used when `clusterBuilderName` is blank.",
"type": "string"
},
"builderRepository": {
"description": "Container image repository to store the `ClusterBuilder` image. Required when `clusterBuilderName` is not provided.",
"type": "string",
"pattern": "^([a-z0-9]+([._-][a-z0-9]+)*(:[0-9]+)?(/[a-z0-9]+([._-][a-z0-9]+)*)*)?$"
}
},
"required": ["include", "builderReadinessTimeout"],
"type": "object"
},
"statefulsetRunner": {
"properties": {
"include": {
"description": "Deploy the `statefulset-runner` component.",
"type": "boolean"
},
"replicas": {
"description": "Number of replicas.",
"type": "integer"
},
"temporarySetPodSeccompProfile": {
"description": "Sets the pod .spec.securityContext.seccompProfile to RuntimeDefault. Setting this flag to true will cause a restart of all previously running pods.",
"type": "boolean"
},
"resources": {
"description": "[`ResourceRequirements`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#resourcerequirements-v1-core) for the API.",
"type": "object",
"properties": {
"requests": {
"description": "Resource requests.",
"type": "object",
"properties": {
"cpu": {
"description": "CPU request.",
"type": "string"
},
"memory": {
"description": "Memory request.",
"type": "string"
}
}
},
"limits": {
"description": "Resource limits.",
"type": "object",
"properties": {
"cpu": {
"description": "CPU limit.",
"type": "string"
},
"memory": {
"description": "Memory limit.",
"type": "string"
}
}
}
}
}
},
"required": ["include"],
"type": "object"
},
"jobTaskRunner": {
"properties": {
"include": {
"description": "Deploy the `job-task-runner` component.",
"type": "boolean"
},
"replicas": {
"description": "Number of replicas.",
"type": "integer"
},
"temporarySetPodSeccompProfile": {
"description": "Sets the pod .spec.securityContext.seccompProfile to RuntimeDefault. Setting this flag to true will cause a restart of all previously running pods.",
"type": "boolean"
},
"resources": {
"description": "[`ResourceRequirements`](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.25/#resourcerequirements-v1-core) for the API.",
"type": "object",
"properties": {
"requests": {
"description": "Resource requests.",
"type": "object",
"properties": {
"cpu": {
"description": "CPU request.",
"type": "string"
},
"memory": {
"description": "Memory request.",
"type": "string"
}
}
},
"limits": {
"description": "Resource limits.",
"type": "object",
"properties": {
"cpu": {
"description": "CPU limit.",
"type": "string"
},
"memory": {
"description": "Memory limit.",
"type": "string"
}
}
}
}
},
"jobTTL": {
"description": "How long before the `Job` backing up a task is deleted after completion. See [`time.ParseDuration`](https://pkg.go.dev/time#ParseDuration) for details on the format, an additional `d` suffix for days is supported.",
"type": "string"
}
},
"required": ["include", "jobTTL"],
"type": "object"
},
"networking": {
"type": "object",
"description": "Networking configuration",
"properties": {
"gatewayClass": {
"description": "The name of the GatewayClass Korifi Gateway references",
"type": "string"
}
},
"required": ["gatewayClass"]
},
"helm": {
"properties": {
"hooksImage": {
"description": "Image for the helm hooks containing kubectl",
"type": "string"
}
},
"type": "object"
},
"experimental": {
"properties": {
"managedServices": {
"properties": {
"include": {
"description": "Enable managed services support",
"type": "boolean"
}
},
"type": "object"
}
},
"description": "Experimental features. Make sure you do not enable those on production. No guarantee provided! Backwards incompatible changes in future are quite probable!",
"type": "object"
}
},
"required": [
"adminUserName",
"containerRepositoryPrefix",
"defaultAppDomainName",
"logLevel",
"reconcilers",
"rootNamespace",
"stagingRequirements",
"api",
"controllers",
"kpackImageBuilder",
"statefulsetRunner",
"jobTaskRunner"
],
"title": "Values",
"type": "object"
}