values.yaml

appName: actions-runner

runnerImage: nexus-docker-devsecops.apps.cluster-pn8ld.pn8ld.sandbox814.opentlc.com/ploigos/ploigos-github-runner
runnerTag: latest

# GitHub organization or user. Required.
# If githubRepository is set, this must be the organization or user who owns that repository.
githubOwner: "ploigos"
# GitHub repository to install runners to. Can be omitted for an organization-level runner.
githubRepository: ""
# If you're using GitHub Enterprise, enter your company domain here.
# eg. github.mycompany.com
githubDomain: ""

### Values for PAT Auth
### Refer to https://github.com/redhat-actions/openshift-actions-runners#pat-guidelines

# The name of the k8s secret to create for PAT auth
secretName: "github-pat"
# The name of the key that points to the data within the secret.
# Modify this to store multiple PATs in one secret.
secretKey: "github-pat"
# Set to true if using a Github personal access token (PAT) to authenticate. Comment out if using Github App Auth
#githubPat: "true"

### End PAT Auth

### Values for GitHub App Auth
### Refer to https://github.com/redhat-actions/openshift-actions-runners/blob/main/docs/github-app-authentication.md

# The name of the k8s secret to create for GitHub App Auth
appSecretName: "github-app"
# The name of the key that points to the Github App ID
appIdSecretKey: "github-app-id"
# The name of the key that points to the Github App Install ID
appInstallIdSecretKey: "github-install-id"
# The name of the key that points to the Github App PEM
appPemSecretKey: "github-pem"
# Set to true if using Github App Auth to authenticate. Comment out if using a Github personal access token (PAT)
githubApp: "true"
## All 3 githubApp values are required
githubAppId: ""
githubAppInstallId: ""
githubAppPem: ""

### End App Auth

# Pass labels using array syntax, which is curly braces surrounding comma-separated items.
# --set runnerLabels="{ label1, label2 }" results in the labels "label1" and "label2".
runnerLabels: [python]

# The name of an organization runner group name to attach the runner to
runnerGroup: ""

# Add annotations to the deployment. This is easiest with a values file but can be done on the command line with:
# --set annotations.<key>=<value> is equivalent to the values file:
# annotations:
#   key: value
annotations:
  argocd.argoproj.io/sync-wave: "1"

# Refer to https://docs.openshift.com/container-platform/4.7/nodes/scheduling/nodes-scheduler-node-selectors.html
# Add nodeSelector to the deployment. This is easiest with a values file but can be done on the command line with:
# --set nodeSelector.<key>=<value> is equivalent to the values file:
# nodeSelector:
#   key: value
nodeSelector: {}

# Add affinity to the deployment. This is easist with a values file
# Refer to https://docs.openshift.com/container-platform/4.7/nodes/scheduling/nodes-scheduler-node-affinity.html
affinity: {}

# Adjust replicas depending on your resources available,
# and how many jobs you want to run concurrently.
replicas: 1

# If these should be registered as ephemeral runners
# i.e. will quit and restart after running one job
ephemeral: true

serviceAccountName: buildah-sa

# Adjust requests and limits depending on your resources,
# and how heavyweight your workloads are.
memoryRequest: "512Mi"
memoryLimit: "2Gi"
cpuRequest: "100m"
cpuLimit: "250m"

# Enable custom cluster PKI loading
# https://docs.openshift.com/container-platform/4.6/networking/configuring-a-custom-pki.html
clusterPKI: false

# You can inject arbitrary environment variables here:
runnerEnv:
    # - name: ENV_VAR
    #   value: env_value
    # or, through the command line:
    # --set runnerEnv[0].name="ENV_VAR" --set runnerEnv[0].value="env_value"

    ## Proxy Configuration Example:
    # - name: https_proxy
    #   value: http://proxy.example.com:9000
    # - name: http_proxy
    #   value: http://proxy.example.com:9000
    # - name: no_proxy
    #   value: localhost

pullSecret:
  enabled: "true"
  secretName: "pull-secret"
  secretKey: ".dockerconfigjson"

psrSecrets:
  enabled: "true"
  secretName: "psr-secrets"
  secretKey: "psr-secrets"

#containerRegistry:
#  host: ""
#  user: ""
#  password: ""

# Vault values

# Vault storage backend
vaultStorage: "vault-backend"
vaultSecret: "vault-secret"
vaultKey: "token"

# Vault Keys
vault:
  github:
    key: secret/github
    property: pat
  githubapp:
    id:
      key: secret/githubapp
      property: id
    installid:
      key: secret/githubapp
      property: installid
    pem:
      key: secret/githubapp
      property: pem
  registry0:
    host:
      key: secret/registry0
      property: host
    user:
      key: secret/registry0
      property: user
    password:
      key: secret/registry0
      property: password
  registry1:
    host:
      key: secret/registry1
      property: host
    user:
      key: secret/registry1
      property: user
    password:
      key: secret/registry1
      property: password
  registry2:
    host:
      key: secret/registry2
      property: host
    user:
      key: secret/registry2
      property: user
    password:
      key: secret/registry2
      property: password
  mvn:
    host:
      key: secret/mvn
      property: host
    id:
      key: secret/mvn
      property: id
    user:
      key: secret/mvn
      property: user
    password:
      key: secret/mvn
      property: password
  argocd:
    password:
      key: secret/argocd
      property: password
    username:
      key: secret/argocd
      property: username
  git:
    username:
      key: secret/git
      property: username
    password:
      key: secret/git
      property: password
  podmansign:
    privatekey:
      key: secret/podmansign
      property: sign-container-image-private-key