This documents the Helm chart for Korifi.
The chart is a composition of subcharts, one per component, with each individual component configuration nested under a top-level key named after the component itself.
Values under the top-level global key apply to all components.
Each component can be excluded from the deployment by the setting its include value to false.
See Customizing the Chart Before Installing for details on how to specify values when installing a Helm chart.
Here are all the values that can be set for the chart:
global: Global values that are shared between Korifi and its subcharts.containerRegistrySecret(String): Name of theSecretto use when pushing or pulling from package, droplet and kpack-build repositories. Required if eksContainerRegistryRoleARN not set. Ignored if eksContainerRegistryRoleARN is set.containerRepositoryPrefix(String): The prefix of the container repository where package and droplet images will be pushed. This is suffixed with the app GUID and-packagesor-droplets. For example, a value ofindex.docker.io/korifi/will result inindex.docker.io/korifi/<appGUID>-packagesandindex.docker.io/korifi/<appGUID>-dropletsbeing pushed.debug(Boolean): Enables remote debugging with Delve.defaultAppDomainName(String): Base domain name for application URLs.eksContainerRegistryRoleARN(String): Amazon Resource Name (ARN) of the IAM role to use to access the ECR registry from an EKS deployed Korifi. Required if containerRegistrySecret not set.generateIngressCertificates(Boolean): Usecert-managerto generate self-signed certificates for the API and app endpoints.rootNamespace(String): Root of the Cloud Foundry namespace hierarchy.
adminUserName(String): Name of the admin user that will be bound to the Cloud Foundry Admin role.api:apiServer:internalPort(Integer): Port used internally by the API container.port(Integer): API external port. Defaults to443.timeouts: HTTP timeouts.idle(Integer): Idle timeout.read(Integer): Read timeout.readHeader(Integer): Read header timeout.write(Integer): Write timeout.
url(String): API URL.
authProxy: Needed if using a cluster authentication proxy, e.g. Pinniped.caCert(String): Proxy's PEM-encoded CA certificate (not as Base64).host(String): Must be a host string, a host:port pair, or a URL to the base of the apiserver.
builderName(String): ID of the builder used to build apps. Defaults tokpack-image-builder.expose(Boolean): Expose the API component via Contour. Set to false if you want to expose the API using other means.image(String): Reference to the API container image.include(Boolean): Deploy the API component.lifecycle: Default lifecycle for apps.stack(String): Stack.stagingRequirements:diskMB(Integer): Disk in MB for staging.memoryMB(Integer): Memory in MB for staging.
type(String): Lifecycle type (onlybuildpackaccepted currently).
replicas(Integer): Number of replicas.resources:ResourceRequirementsfor the API.limits: Resource limits.cpu(String): CPU limit.memory(String): Memory limit.
requests: Resource requests.cpu(String): CPU request.memory(String): Memory request.
userCertificateExpirationWarningDuration(String): Issue a warning if the user certificate provided for login has a long expiry. Seetime.ParseDurationfor details on the format.
contourRouter:include(Boolean): Deploy thecontour-routercomponent.
controllers:image(String): Reference to the controllers container image.namespaceLabels: Key-value pairs that are going to be set as labels on the namespaces created by KorifiprocessDefaults:diskQuotaMB(Integer): Default disk quota for thewebprocess.memoryMB(Integer): Default memory limit for thewebprocess.
reconcilers:app(String): ID of the workload runner to set on allAppWorkloadobjects. Defaults tostatefulset-runner.build(String): ID of the image builder to set on allBuildWorkloadobjects. Has to matchapi.builderName. Defaults tokpack-image-builder.
replicas(Integer): Number of replicas.resources:ResourceRequirementsfor the API.limits: Resource limits.cpu(String): CPU limit.memory(String): Memory limit.
requests: Resource requests.cpu(String): CPU request.memory(String): Memory request.
taskTTL(String): How long before theCFTaskobject is deleted after the task has completed. Seetime.ParseDurationfor details on the format, an additionaldsuffix for days is supported.workloadsTLSSecret(String): TLS secret used when setting up an app routes.
jobTaskRunner:include(Boolean): Deploy thejob-task-runnercomponent.jobTTL(String): How long before theJobbacking up a task is deleted after completion. Seetime.ParseDurationfor details on the format, an additionaldsuffix for days is supported.replicas(Integer): Number of replicas.resources:ResourceRequirementsfor the API.limits: Resource limits.cpu(String): CPU limit.memory(String): Memory limit.
requests: Resource requests.cpu(String): CPU request.memory(String): Memory request.
kpackImageBuilder:builderRepository(String): Container image repository to store theClusterBuilderimage. Required whenclusterBuilderNameis not provided.clusterBuilderName(String): The name of theClusterBuilderKpack has been configured with. Leave blank to letkpack-image-buildercreate an exampleClusterBuilder.clusterStackBuildImage(String): The image to use for building defined in theClusterStack. Used whenkpack-image-builderis blank.clusterStackRunImage(String): The image to use for running defined in theClusterStack. Used whenkpack-image-builderis blank.include(Boolean): Deploy thekpack-image-buildercomponent.replicas(Integer): Number of replicas.resources:ResourceRequirementsfor the API.limits: Resource limits.cpu(String): CPU limit.memory(String): Memory limit.
requests: Resource requests.cpu(String): CPU request.memory(String): Memory request.
statefulsetRunner:include(Boolean): Deploy thestatefulset-runnercomponent.replicas(Integer): Number of replicas.resources:ResourceRequirementsfor the API.limits: Resource limits.cpu(String): CPU limit.memory(String): Memory limit.
requests: Resource requests.cpu(String): CPU request.memory(String): Memory request.