-
Notifications
You must be signed in to change notification settings - Fork 0
/
zarf.yaml
278 lines (278 loc) · 9.19 KB
/
zarf.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
kind: ZarfPackageConfig
metadata:
name: argo-workflows
description: Templated deployment of Argo Workflows
version: 0.1.11 # x-release-please-version
constants:
- name: NAMESPACE
description: the namespace to deploy argo-workflows to
value: argo
variables:
- name: DEPLOY_POSTGRESQL
description: If "true", an in-cluster Postgresql instance will be deployed using the below variables
- name: PG_USER
description: The user to access the argo database in postgres
- name: PG_USER_PASSWORD
description: The user password to access the argo database in postgres
- name: PG_DB
description: Postgres argo database
prompt: true
- name: PG_HOST
description: Postgres hostname. If DEPLOY_POSTGRESQL is "true", then the value of this should be "dex-web-server-postgresql.dex-web-server.svc.cluster.local"
prompt: true
- name: PG_PORT
description: port to communicate with postgres. If DEPLOY_POSTGRESQL is "true", then the value of this should be "5432"
- name: PG_PASSWORD
description: Password for the user account specified in PG_USER. If DEPLOY_POSTGRESQL is "true", this will also be the password for the "postgres" admin user.
prompt: true
sensitive: true
- name: PG_STORAGE_CLASS
description: Storage class for postgresql
- name: ARCHIVE_TTL
description: Time to keep archived workflows in Postgres
default: 10d
- name: PARELLELISM
description: Number of workflows that can run simultaneously
prompt: true
default: "5"
- name: RATE_BURST
description: Burst QPS before the RATE_LIMIT is enforced
prompt: true
default: "30"
- name: RATE_LIMIT
description: QPS enforcement
prompt: true
default: "20"
- name: WF_TTL_SECONDS_AFTER_SUCCESS
description: Number of seconds before archiving a workflow after success
default: "2"
prompt: true
- name: WF_TTL_SECONDS_AFTER_FAILURE
description: Number of seconds before archiving a workflow after failure
prompt: true
default: "3600"
- name: DEV_DEPLOYMENT
description: Boolean value (set in zarf-config.yaml) on whether to use static credentials for artifact repositories
- name: CONTR_MEM_REQ
description: Memory request for the controller
default: 512Mi
- name: CONTR_CPU_REQ
description: CPU request for the controller
default: 500m
- name: CONTR_MEM_LIM
description: Memory Limit for the controller
default: 1Gi
- name: CONTR_CPU_LIM
description: CPU Limit for the controller
default: 1200m
- name: EXEC_MEM_REQ
description: Memory request for the controller
default: 512Mi
- name: EXEC_CPU_REQ
description: CPU request for the controller
default: 100m
- name: EXEC_MEM_LIM
description: Memory Limit for the controller
default: 1Gi
- name: EXEC_CPU_LIM
description: CPU Limit for the controller
default: 500m
- name: SERVER_MEM_REQ
description: Memory request for the server
default: 64Mi
- name: SERVER_CPU_REQ
description: CPU request for the server
default: 100m
- name: SERVER_MEM_LIM
description: Memory Limit for the server
default: 128Mi
- name: SERVER_CPU_LIM
description: CPU Limit for the server
default: 500m
- name: S3_ENDPOINT
description: 'Endpoint to use to connect to S3. Example: "s3.amazonaws.com" or "minio.bigbang.dev"'
prompt: true
- name: S3_REGION
description: 'Region of the S3 bucket'
prompt: true
- name: S3_BUCKET_NAME
description: 'Name of the S3 bucket to use'
prompt: true
- name: S3_ACCESS_KEY
description: The Access key for the S3 service
prompt: true
sensitive: true
- name: S3_SECRET_KEY
description: The Secret key for the S3 service
prompt: true
sensitive: true
- name: S3_PORT
description: Port to connect to S3 API on
- name: DEFAULT_ARTIFACT_REPO
prompt: true
sensitive: false
description: choose between minio-artifact-repository or aws-artifact-repository
default: minio-artifact-repository
- name: IRSA_ROLE_ARN
description: The ARN of the IRSA Role to be used with the serviceaccounts
sensitive: true
prompt: true
- name: ARGO_REGISTRY
description: Used with flavor, either quay.io or registry1.dso.mil
- name: ARGO_REPO
description: image repository prefix used with flavors
- name: ARGO_SERVER_REPO
description: image repository for argocli image
- name: PSQL_REGISTRY
description: Used with flavors to pull the psql image
- name: PSQL_REPO
description: Used with flavors to pull the psql image
- name: PSQL_TAG
description: Used with flavors to pull the psql image
components:
- name: argo-setup
required: true
manifests:
- name: argo-namespace
files:
- manifests/namespace.yaml
- name: argo-setup
files:
- manifests/roles.yaml
- manifests/serviceaccounts.yaml
- manifests/service-account-tokens.yaml
- manifests/peer-auth.yaml
- manifests/uds-package.yaml
- name: argo-rolebindings
files:
- manifests/rolebindings.yaml
- name: dev-setup
required: false
manifests:
- name: minio-tokens
files:
- manifests/minio-secrets.yaml
- name: postgresql
required: true
description: "Deploy Postgresql"
only:
flavor: vanilla
actions:
onDeploy:
before:
- cmd: echo "docker.io"
setVariables:
- name: PSQL_REGISTRY
- cmd: echo "bitnami/postgresql"
setVariables:
- name: PSQL_REPO
- cmd: echo "15.6.0"
setVariables:
- name: PSQL_TAG
charts:
- name: postgresql
namespace: argo
version: 15.2.5
url: oci://registry-1.docker.io/bitnamicharts/postgresql
repoName: postgresql
valuesFiles:
- values/postgres-values.yaml
manifests:
- name: postgres-secrets
files:
- manifests/postgres-secrets.yaml
images:
- bitnami/postgresql:15.6.0
- name: postgresql
required: true
description: "Deploy Postgresql"
only:
flavor: ironbank
actions:
onDeploy:
before:
- cmd: echo "registry1.dso.mil"
setVariables:
- name: PSQL_REGISTRY
- cmd: echo "ironbank/opensource/postgres/postgresql-alpine"
setVariables:
- name: PSQL_REPO
- cmd: echo "15.6"
setVariables:
- name: PSQL_TAG
charts:
- name: postgresql
namespace: argo
version: 15.2.5
url: oci://registry-1.docker.io/bitnamicharts/postgresql
repoName: postgresql
valuesFiles:
- values/postgres-values.yaml
images:
- registry1.dso.mil/ironbank/opensource/postgres/postgresql-alpine:15.6
manifests:
- name: postgres-secrets
files:
- manifests/postgres-secrets.yaml
- name: argo-workflows
required: true
description: "Deploy Argo Workflow"
only:
flavor: vanilla
actions:
onDeploy:
before:
- cmd: echo "quay.io"
setVariables:
- name: ARGO_REGISTRY
- cmd: echo "argoproj"
setVariables:
- name: ARGO_REPO
- name: ARGO_SERVER_REPO
charts:
- name: argo-workflows
namespace: argo
# renovate: datasource=docker depName=ghcr.io/argoproj/argo-helm/argo-workflows
version: 0.44.0
url: oci://ghcr.io/argoproj/argo-helm/argo-workflows
valuesFiles:
- values/workflow-values.yaml
images:
# renovate: datasource=docker depName=quay.io/argoproj/workflow-controller
- quay.io/argoproj/workflow-controller:v3.6.0
# renovate: datasource=docker depName=quay.io/argoproj/argoexec
- quay.io/argoproj/argoexec:v3.6.0
# renovate: datasource=docker depName=quay.io/argoproj/argocli
- quay.io/argoproj/argocli:v3.6.0
- name: argo-workflows
required: true
description: "Deploy Argo Workflow"
only:
flavor: ironbank
actions:
onDeploy:
before:
- cmd: echo "registry1.dso.mil"
setVariables:
- name: ARGO_REGISTRY
- cmd: echo "ironbank/kubeflow/argoproj"
setVariables:
- name: ARGO_REPO
- cmd: echo "ironbank/opensource/argoproj"
setVariables:
- name: ARGO_SERVER_REPO
charts:
- name: argo-workflows
namespace: argo
# renovate: datasource=docker depName=ghcr.io/argoproj/argo-helm/argo-workflows
version: 0.44.0
url: oci://ghcr.io/argoproj/argo-helm/argo-workflows
valuesFiles:
- values/workflow-values.yaml
images:
# renovate: datasource=docker depName=registry1.dso.mil/ironbank/kubeflow/argoproj/workflow-controller
- registry1.dso.mil/ironbank/kubeflow/argoproj/workflow-controller:v3.5.11
# renovate: datasource=docker depName=registry1.dso.mil/ironbank/kubeflow/argoproj/argoexec
- registry1.dso.mil/ironbank/kubeflow/argoproj/argoexec:v3.5.11
# renovate: datasource=docker depName=registry1.dso.mil/ironbank/opensource/argoproj/argocli
- registry1.dso.mil/ironbank/opensource/argoproj/argocli:v3.5.11