This documents the Helm chart for Korifi.
The configuration for each individual component is nested under a top-level key named after the component itself. Values at the top-level apply to all components.
Each component can be excluded from the deployment by the setting its include
value to false
See Customizing the Chart Before Installing for details on how to specify values when installing a Helm chart.
Here are all the values that can be set for the chart:
(String): Name of the admin user that will be bound to the Cloud Foundry Admin role.api
(Integer): Port used internally by the API container.port
(Integer): API external port. Defaults to443
: HTTP timeouts.idle
(Integer): Idle
(Integer): Read timeout.readHeader
(Integer): Read header timeout.write
(Integer): Write timeout.
(String): API URL.
: Needed if using a cluster authentication proxy, e.g. Pinniped.caCert
(String): Proxy's PEM-encoded CA certificate (not as Base64).host
(String): Must be a host string, a host:port pair, or a URL to the base of the apiserver.
(String): Reference to the API container image.include
(Boolean): Deploy the API component.infoConfig
: The /v3/info endpoint configuration.custom
attribute in the /v3/info endpointdescription
attribute in the /v3/info endpointminCLIVersion
CLI version attribute in the /v3/info endpointname
attribute in the /v3/info endpointrecommendedCLIVersion
CLI version attribute in the /v3/info endpointsupportAddress
attribute in the /v3/info endpoint
: Default lifecycle for apps.stack
(String): Stack.type
(String): Lifecycle type (onlybuildpack
accepted currently).
: Node labels for korifi-api pod assignment.replicas
(Integer): Number of replicas.resources
for the API.limits
: Resource limits.cpu
(String): CPU limit.memory
(String): Memory limit.
: Resource requests.cpu
(String): CPU request.memory
(String): Memory request.
(Array): Korifi-api pod tolerations for taints.userCertificateExpirationWarningDuration
(String): Issue a warning if the user certificate provided for login has a long expiry. Seetime.ParseDuration
for details on the format.
(String): Deprecated in favor of containerRegistrySecrets.containerRegistrySecrets
(Array): List ofSecret
names to use when pushing or pulling from package, droplet and kpack builder repositories. Required if eksContainerRegistryRoleARN not set. Ignored if eksContainerRegistryRoleARN is set.containerRepositoryPrefix
(String): The prefix of the container repository where package and droplet images will be pushed. This is suffixed with the app GUID and-packages
. For example, a value
will result<appGUID>-packages<appGUID>-droplets
being pushed.controllers
: Key-value pairs that are going to be set in the VCAP_APPLICATION env var on apps. Nested values are not supported.image
(String): Reference to the controllers container image.maxRetainedBuildsPerApp
(Integer): How many staged builds to keep, excluding the app's current droplet. Older staged builds will be deleted, along with their corresponding container images.maxRetainedPackagesPerApp
(Integer): How many 'ready' packages to keep, excluding the package associated with the app's current droplet. Older 'ready' packages will be deleted, along with their corresponding container images.namespaceLabels
: Key-value pairs that are going to be set as labels on the namespaces created by Korifi.nodeSelector
: Node labels for korifi-controllers pod assignment.processDefaults
(Integer): Default disk quota for theweb
(Integer): Default memory limit for theweb
(Integer): Number of replicas.resources
for the API.limits
: Resource limits.cpu
(String): CPU limit.memory
(String): Memory limit.
: Resource requests.cpu
(String): CPU request.memory
(String): Memory request.
(String): How long before theCFTask
object is deleted after the task has completed. Seetime.ParseDuration
for details on the format, an additionald
suffix for days is supported.tolerations
(Array): Korifi-controllers pod tolerations for taints.workloadsTLSSecret
(String): TLS secret used when setting up an app routes.
(Boolean): Install CRDs as part of the Helm installation.
(Boolean): Enables remote debugging with Delve.defaultAppDomainName
(String): Base domain name for application URLs.eksContainerRegistryRoleARN
(String): Amazon Resource Name (ARN) of the IAM role to use to access the ECR registry from an EKS deployed Korifi. Required if containerRegistrySecret not set.experimental
: Experimental features. No guarantees are provided and breaking/backwards incompatible changes should be expected. These features are not recommended for use in production environments.externalLogCache
(Boolean): Enable external LogCachetrustInsecureLogCache
(Boolean): Disable external log cache certificate validation. Not recommended to be set to 'true' in production environmentsurl
(String): The url of the exernal LogCache server
(Boolean): Enable managed services supporttrustInsecureBrokers
(Boolean): Disable service broker certificate validation. Not recommended to be set to 'true' in production environments
(Boolean): Disable route controller. Default value is 'false'.
(Boolean): Enable UAA supporturl
(String): The url of a UAA instance
(Boolean): Usecert-manager
to generate self-signed certificates for the API and app endpoints.helm
(String): Image for the helm hooks containing kubectl
(Boolean): Deploy thejob-task-runner
(String): How long before theJob
backing up a task is deleted after completion. Seetime.ParseDuration
for details on the format, an additionald
suffix for days is supported.replicas
(Integer): Number of replicas.resources
for the API.limits
: Resource limits.cpu
(String): CPU limit.memory
(String): Memory limit.
: Resource requests.cpu
(String): CPU request.memory
(String): Memory request.
(String): The time that the kpack Builder will be waited for if not in ready state, berfore the build workload fails. Seetime.ParseDuration
for details on the format, an additionald
suffix for days is supported.builderRepository
(String): Container image repository to store theClusterBuilder
image. Required whenclusterBuilderName
is not provided.clusterBuilderName
(String): The name of theClusterBuilder
Kpack has been configured with. Leave blank to letkpack-image-builder
create an exampleClusterBuilder
(Boolean): Deploy thekpack-image-builder
(Integer): Number of replicas.resources
for the API.limits
: Resource limits.cpu
(String): CPU limit.memory
(String): Memory limit.
: Resource requests.cpu
(String): CPU request.memory
(String): Memory request.
(String): Sets level of logging for api and controllers components. Can be 'info' or 'debug'.networking
: Networking configurationgatewayClass
(String): The name of the GatewayClass Korifi Gateway referencesgatewayInfrastructure
: Optional GatewayInfrastructure property of the Gateway, see for contentsgatewayPorts
: Ports for the Gateway listenershttp
(Integer): HTTP porthttps
(Integer): HTTPS port
(String): ID of the workload runner to set on allAppWorkload
objects. Defaults tostatefulset-runner
(String): ID of the image builder to set on allBuildWorkload
objects. Defaults tokpack-image-builder
(String): Root of the Cloud Foundry namespace hierarchy.stagingRequirements
(Integer): Persistent disk in MB for caching staging artifacts across builds.diskMB
(Integer): Ephemeral Disk request in MB for staging apps.memoryMB
(Integer): Memory request in MB for staging.
(Boolean): Deploy thestatefulset-runner
(Integer): Number of replicas.resources
for the API.limits
: Resource limits.cpu
(String): CPU limit.memory
(String): Memory limit.
: Resource requests.cpu
(String): CPU request.memory
(String): Memory request.
(Array): List ofSecret
names to be used when pulling Korifi system images from private registries