platform/values.yaml at main · plinth-dev/platform · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
# Default values for the Plinth substrate.
#
# v0.1.0 boots a single-namespace dev profile: CloudNativePG operator + a
# 1-instance Cluster, Cerbos with a placeholder policy, and the OpenTelemetry
# Collector with an OTLP/HTTP receiver. Override per environment via
# `helm install -f values/<profile>.values.yaml`.
#
# Sub-chart values are shaped by their upstream schemas (cloudnative-pg,
# cerbos, opentelemetry-collector). Plinth-specific knobs live under the
# top-level `plinth` key.

plinth:
  # Logical name baked into resource names + labels. Override per install
  # so multiple Plinth instances can co-exist in the same cluster.
  name: plinth

  postgres:
    # Toggle for the Cluster CR rendered by templates/postgres-cluster.yaml.
    # The cnpg operator itself is always installed via the cloudnative-pg
    # sub-chart — disabling here only skips the Cluster CR.
    enabled: true
    instances: 1
    storage:
      size: 5Gi
      storageClass: ""
    database: plinth
    owner: plinth

  # Toggle for the templates/cerbos-policies-configmap.yaml ConfigMap.
  cerbosPoliciesEnabled: true

  # Cerbos policies bundled into a ConfigMap mounted by the cerbos sub-chart.
  # Each entry is `policies.<filename>: <yaml-string>`. Empty by default —
  # the template ships a sensible "items" placeholder.
  cerbosPolicies: {}

  # Backstage / Argo / Vault / Authentik / Wazuh / Falco / Trivy / Kyverno /
  # SigNoz are tracked in the roadmap; toggles will appear here in subsequent
  # versions.

# ----------------------------------------------------------------------------
# Sub-chart values — forwarded to the upstream charts at install time. See
# each chart's README for the full schema.
# ----------------------------------------------------------------------------

cloudnative-pg:
  replicaCount: 1
  resources:
    requests:
      cpu: 50m
      memory: 100Mi
    limits:
      cpu: 200m
      memory: 200Mi

cerbos:
  replicaCount: 1
  cerbos:
    logLevel: INFO
    httpPort: 3592
    grpcPort: 3593
  volumes:
    - name: plinth-policies
      configMap:
        name: plinth-cerbos-policies
  volumeMounts:
    - name: plinth-policies
      mountPath: /policies
      readOnly: true

opentelemetry-collector:
  mode: deployment
  replicaCount: 1
  image:
    repository: otel/opentelemetry-collector-contrib
  presets:
    kubernetesAttributes:
      enabled: true
  config:
    receivers:
      otlp:
        protocols:
          grpc:
            endpoint: 0.0.0.0:4317
          http:
            endpoint: 0.0.0.0:4318
    processors:
      batch:
        send_batch_size: 1024
        timeout: 5s
      memory_limiter:
        check_interval: 1s
        limit_percentage: 75
        spike_limit_percentage: 25
    exporters:
      # Dev profile dumps to logs by default — swap for OTLP→Tempo / Jaeger /
      # SigNoz / etc. via `values/<profile>.values.yaml`.
      debug:
        verbosity: basic
    service:
      pipelines:
        traces:
          receivers: [otlp]
          processors: [memory_limiter, batch]
          exporters: [debug]
        metrics:
          receivers: [otlp]
          processors: [memory_limiter, batch]
          exporters: [debug]
        logs:
          receivers: [otlp]
          processors: [memory_limiter, batch]
          exporters: [debug]