Last active
June 16, 2020 11:39
-
-
Save vidhyachari/dc48ef04c3ac9dfaff30c075c8bcda6d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## -------------------------- ## | |
# Values passed to helm chart | |
## -------------------------- ## | |
# Kubernetes namespace for atlantis (pods , deployment , service etc.) | |
namespace: atlantis | |
# Whitelist Your GitHub infrastructure repository URL. For multiple repositories, comma separate them | |
orgWhitelist: github.com/yourorg/terraform-infrastructure | |
# logLevel: "debug" | |
# For GitHub, specify the user, token and secret: | |
github: | |
user: terraform-user | |
token: xxxxx | |
secret: xxxxx | |
# For any infrastructure hosted on AWS, specify credentials to be mapped to ~/.aws: | |
aws: | |
credentials: | | |
[default] | |
aws_access_key_id=YOUR_ACCESS_KEY_ID | |
aws_secret_access_key=YOUR_SECRET_ACCESS_KEY | |
region=us-west-1 | |
config: | | |
[profile default] | |
region = us-west1 | |
# altantis image | |
image: | |
repository: runatlantis/atlantis | |
tag: v0.11.1 | |
pullPolicy: IfNotPresent | |
## Server Side Repo Config - required for Atlantis | |
## Default configuration. This can be overwritten by atlantis.yaml file. Refer Atlantis Documentation https://www.runatlantis.io/docs/server-configuration.html | |
repoConfig: | | |
--- | |
repos: | |
- id: /.*/ | |
apply_requirements: [approved, mergeable] | |
workflow: default | |
allowed_overrides: [apply_requirements, workflow] | |
allow_custom_workflows: true | |
workflows: | |
default: | |
plan: | |
steps: [init, plan] | |
apply: | |
steps: [apply] | |
# allowForkPRs enables atlantis to run on a Fork Pull Requests | |
allowForkPRs: false | |
## Sets the default terraform version to be used in atlantis server | |
defaultTFVersion: 0.12.20 | |
# disableApplyAll disables running `atlantis apply` without any flags | |
disableApplyAll: false | |
# Liveness and Readiness probes for the kubernetes pods. We only need to check every 60s since Atlantis is not a high-throughput service. | |
livenessProbe: | |
enabled: true | |
periodSeconds: 60 | |
initialDelaySeconds: 5 | |
timeoutSeconds: 5 | |
successThreshold: 1 | |
failureThreshold: 5 | |
scheme: HTTP | |
readinessProbe: | |
enabled: true | |
periodSeconds: 60 | |
initialDelaySeconds: 5 | |
timeoutSeconds: 5 | |
successThreshold: 1 | |
failureThreshold: 5 | |
scheme: HTTP | |
# Service Port | |
service: | |
type: NodePort | |
port: 80 | |
podTemplate: | |
annotations: {} | |
labels: {} | |
statefulSet: | |
annotations: {} | |
labels: {} | |
# Ingress Configs for atlantis. | |
# Note: Make sure your Atlantis URL has an internal ingress only | |
ingress: | |
enabled: true | |
annotations: {} | |
kubernetes.io/ingress.class: nginx-internal | |
path: / | |
host: production-atlantis.yourorg.com | |
tls: [] | |
labels: {} | |
# Memory and CPU resources for kubernetes pods | |
resources: | |
requests: | |
memory: 1Gi | |
cpu: 1000m | |
limits: | |
memory: 1Gi | |
cpu: 1000m | |
# Disk space for Atlantis to check out repositories - This number can very well be increased | |
dataStorage: 20Gi | |
replicaCount: 1 | |
test: | |
enabled: true | |
image: lachlanevenson/k8s-kubectl | |
imageTag: v1.4.8-bash | |
nodeSelector: {} | |
tolerations: [] | |
affinity: {} | |
serviceAccount: | |
create: true | |
name: atlantis | |
annotations: {} | |
# Environment variables to be populated from Kubernetes secrets. | |
# Useful for passing in Google Cloud creds, any database creds, Monitoring tools creds etc. | |
environmentSecrets: | |
# Google Cloud service account | |
- name: GOOGLE_CREDENTIALS | |
secretKeyRef: | |
name: google-sa-atlantis | |
key: sakey.json | |
- name: GOOGLE_APPLICATION_CREDENTIALS | |
secretKeyRef: | |
name: google-sa-atlantis | |
key: sakey.json | |
# MongoDB credentials | |
- name: TF_VAR_mongodb_atlas_public_key | |
secretKeyRef: | |
name: mongo-credentials | |
key: publickey | |
- name: TF_VAR_mongodb_atlas_private_key | |
secretKeyRef: | |
name: mongo-credentials | |
key: privatekey | |
# DataDog Credentials | |
- name: DATADOG_API_KEY | |
secretKeyRef: | |
name: datadog-secret | |
key: apikey | |
- name: DATADOG_APP_KEY | |
secretKeyRef: | |
name: datadog-secret | |
key: appkey | |
# Google service account credentials as Kubernetes secrets. | |
googleServiceAccountSecrets: | |
- name: google-sa-atlantis | |
secretName: google-sa-atlantis | |
# Optionally specify additional volumes for the pod. | |
extraVolumes: [] | |
extraVolumeMounts: [] | |
extraManifests: [] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment