Skip to content

Instantly share code, notes, and snippets.

@zgorizzo69

zgorizzo69/drone-runner-kube-values.yaml

Created April 2, 2020 21:10
Show Gist options
  • Save zgorizzo69/86ac1b4f1ab296f6c20f3821de498727 to your computer and use it in GitHub Desktop.
Save zgorizzo69/86ac1b4f1ab296f6c20f3821de498727 to your computer and use it in GitHub Desktop.
Download ZIP
drone server and drone runner for kubernetes chart values example for blog.cogarius.com
Raw
drone-runner-kube-values.yaml
image:
repository: drone/drone-runner-kube
tag: 1.0.0-beta.1
pullPolicy: IfNotPresent
## If you need to pull images from a private Docker image repository, pass in the name
## of a Kubernetes Secret that contains the needed secret. For more details, see:
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
imagePullSecrets: []
# - name: "image-pull-secret"
## For small or experimental deployments of the Kubernetes runner, 1 replica will suffice.
## For production cases, 2-3 are recommended. This does not grant additional parallelism,
## but does ensure that upgrades, config changes, and disruptions are handled more gracefully.
replicaCount: 1
## When the runner receives a SIGTERM/SIGINT (config update, upgrade, etc), it will wait until
## all jobs that particular pod has spawned complete. It is for this reason that you'll want
## to make sure that this value is longer than your longest job.
terminationGracePeriodSeconds: 3600
nameOverride: ""
fullnameOverride: ""
podSecurityContext:
{}
# fsGroup: 2000
securityContext:
{}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
## Add extra annotations to the Kubernetes runner pods here.
##
podAnnotations: {}
service:
type: ClusterIP
port: 3000
ingress:
enabled: false
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- "/"
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
## If you'd like to force the Drone runner to run on a specific node or set of nodes,
## set a selector here.
##
nodeSelector: {}
tolerations: []
affinity: {}
## If you'd like to make additional files or volumes available to the runner, declare additional
## Volumes here per the Pod spec's "volumes" section.
## Ref: https://kubernetes.io/docs/concepts/storage/volumes/
##
extraVolumes: []
## If you have declared extra volumes, mount them here, per the Pod Container's
## "volumeMounts" section.
##
extraVolumeMounts: []
## If you'd like to provide your own Kubernetes Secret object instead of passing your values
## in un-encrypted, pass in the name of a created + populated Secret in the same Namespace
## as the Kubernetes runner. All secrets within this configmap will be mounted as environment
## variables, with each key/value mapping to a corresponding environment variable on the
## Kubernetes runner.
##
extraSecretNamesForEnvFrom: []
# - my-drone-secrets
## Each namespace listed below will be configured such that the runner can run build Pods in
## it. This comes in the form of a Role and a RoleBinding. If you change env.DRONE_NAMESPACE_DEFAULT
## or the other DRONE_NAMESPACE_* variables, make sure to update this list to include all
## namespaces.
rbac:
buildNamespaces:
- drone
## The keys within the "env" map are mounted as environment variables on the Kubernetes runner pod.
## See the full reference of Kubernetes runner environment variables here:
## Ref: https://kube-runner.docs.drone.io/installation/reference/
##
env:
## REQUIRED: Set the secret secret token that the Kubernetes runner and its runners will use
## to authenticate. This is commented out in order to leave you the ability to set the
## key via a separately provisioned secret (see existingSecretName above).
## Ref: https://kube-runner.docs.drone.io/installation/reference/drone-rpc-secret/
##
DRONE_RPC_SECRET: 456s4dd5s64f564sf56ds4fd5s64fd5s
## The hostname/IP (and optionally the port) for your Kubernetes runner. Defaults to the "drone"
## service that the drone server Chart creates by default.
## Ref: https://kube-runner.docs.drone.io/installation/reference/drone-rpc-host/
##
DRONE_RPC_HOST: drone
## The protocol to use for communication with Drone server.
## Ref: https://kube-runner.docs.drone.io/installation/reference/drone-rpc-proto/
##
DRONE_RPC_PROTO: http
## Determines the default Kubernetes namespace for Drone builds to run in.
## Ref: https://kube-runner.docs.drone.io/installation/reference/drone-namespace-default/
##
DRONE_NAMESPACE_DEFAULT: drone
## for drone-vault configuration
DRONE_SECRET_PLUGIN_ENDPOINT: "http://drone-vault.drone.svc.cluster.local:3000"
DRONE_SECRET_PLUGIN_TOKEN: "qssqqqssssqsqsqs565656565656565656"
Raw
drone-values.yaml
# example of drone chart values link to our blog post on blog.cogarius.com
image:
repository: drone/drone
tag: 1.6.5
pullPolicy: IfNotPresent
## If you need to pull images from a private Docker image repository, pass in the name
## of a Kubernetes Secret that contains the needed secret. For more details, see:
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
imagePullSecrets: []
# - name: "image-pull-secret"
nameOverride: ""
fullnameOverride: ""
# Drone server does not interact with the Kubernetes API server
automountServiceAccountToken: false
podSecurityContext:
{}
# fsGroup: 2000
securityContext:
{}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
## Add extra annotations to the Drone server pods here. See below example for
## Prometheus scrape annotations.
##
podAnnotations: {}
# prometheus.io/scrape: "true"
# prometheus.io/port: "80"
updateStrategy: {}
service:
type: ClusterIP
port: 80
ingress:
enabled: true
annotations:
{}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: drone.mycompany.com
paths:
- "/"
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources:
requests:
memory: 500Mi
cpu: 0.5
limits:
memory: 2Gi
cpu: 1
## If you'd like to force the Drone server to run on a specific node or set of nodes,
## set a selector here.
##
nodeSelector: {}
tolerations: []
affinity: {}
## If you'd like to make additional files or volumes available to Drone, declare additional
## Volumes here per the Pod spec's "volumes" section.
## Ref: https://kubernetes.io/docs/concepts/storage/volumes/
##
extraVolumes: []
## If you have declared extra volumes, mount them here, per the Pod Container's
## "volumeMounts" section.
##
extraVolumeMounts: []
persistentVolume:
## If you are using SQLite as your DB for Drone, it is recommended to enable persistence. If
## enabled, the Chart will create a PersistentVolumeClaim to store its state in. If you are
## using a DB other than SQLite, set this to false to avoid allocating unused storage.
## If set to false, Drone will use an emptyDir instead, which is ephemeral.
##
enabled: true
## Drone server data Persistent Volume access modes
## Must match those of existing PV or dynamic provisioner
## Ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
accessModes:
- ReadWriteOnce
## Drone server data Persistent Volume annotations
##
annotations: {}
## If you'd like to bring your own PVC for persisting Drone state, pass the name of the
## created + ready PVC here. If set, this Chart will not create the default PVC.
## Requires server.persistentVolume.enabled: true
##
existingClaim: ""
## Drone server data Persistent Volume mount root path
##
mountPath: /data
## Drone server data Persistent Volume size
##
size: 10Gi
## Drone server data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: ""
## Drone server data Persistent Volume Binding Mode
## If defined, volumeMode: <volumeMode>
## If empty (the default) or set to null, no volumeBindingMode spec is
## set, choosing the default mode.
##
volumeMode: ""
## Subdirectory of Drone server data Persistent Volume to mount
## Useful if the volume's root directory is not empty
##
subPath: ""
## If persistentVolume.enabled is set to false, Drone will mount an emptyDir instead of
## a PVC for any state that it needs to persist.
##
emptyDir:
## Total space to request for the emptyDir. An empty value here means no limit.
sizeLimit: ""
## If you'd like to provide your own Kubernetes Secret object instead of passing your values
## in un-encrypted, pass in the name of a created + populated Secret in the same Namespace
## as the Drone server. All secrets within this configmap will be mounted as environment
## variables, with each key/value mapping to a corresponding environment variable on the
## Drone server.
##
extraSecretNamesForEnvFrom: []
# - my-drone-secrets
## The keys within the "env" map are mounted as environment variables on the Drone server pod.
## See the full reference of Drone server environment variables here:
## Ref: https://docs.drone.io/installation/reference/
##
env:
# Debug
DRONE_LOGS_DEBUG: "false"
DRONE_LOGS_TRACE: "false"
DRONE_LOGS_PRETTY: "true"
DRONE_LOGS_COLOR: "true"
## Optional comma-separated list of accounts. Registration is limited to users in this list
## or users that are members of organizations included in this list.
DRONE_USER_CREATE: "username:zgorizzo69,admin:true"
DRONE_USER_FILTER: "zgorizzo69,yoloman"
## REQUIRED: Set the user-visible Drone hostname, sans protocol.
## Ref: https://docs.drone.io/installation/reference/drone-server-host/
##
DRONE_SERVER_HOST: "drone.mycompany.com"
## The protocol to pair with the value in DRONE_SERVER_HOST (http or https).
## Ref: https://docs.drone.io/installation/reference/drone-server-proto/
##
DRONE_SERVER_PROTO: https
## REQUIRED: Set the secret secret token that the Drone server and its Runners will use
## to authenticate. This is commented out in order to leave you the ability to set the
## key via a separately provisioned secret (see existingSecretName above).
## Ref: https://docs.drone.io/installation/reference/drone-rpc-secret/
##
DRONE_RPC_SECRET: 456s4dd5s64f564sf56ds4fd5s64fd5s
## If you'd like to use a DB other than SQLite (the default), set a driver + DSN here.
## Ref: https://docs.drone.io/installation/storage/database/
##
# DRONE_DATABASE_DRIVER:
# DRONE_DATABASE_DATASOURCE:
## If you are going to store build secrets in the Drone database, it is suggested that
## you set a database encryption secret. This must be set before any secrets are stored
## in the database.
## Ref: https://docs.drone.io/installation/storage/encryption/
##
# DRONE_DATABASE_SECRET:
## If you are using self-hosted GitHub or GitLab, you'll need to set this to true.
## Ref: https://docs.drone.io/installation/reference/drone-git-always-auth/
##
# DRONE_GIT_ALWAYS_AUTH: false
## ===================================================================================
## Provider Directives (select ONE)
## -----------------------------------------------------------------------------------
## Select one provider (and only one). Refer to the corresponding documentation link
## before filling the values in. Also note that you can use the 'secretMounts' value
## if you'd rather not have secrets in Kubernetes Secret instead of a ConfigMap.
## ===================================================================================
## GitHub-specific variables. See the provider docs here:
## Ref: https://docs.drone.io/installation/providers/github/
##
DRONE_GITHUB_CLIENT_ID: "5645s464dd54df5"
DRONE_GITHUB_CLIENT_SECRET: "544f56d4sf54ds654f56d4sf564sd4"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment