Self-Hosted Pipekit Helm Chart
Installation
Create a local
myvalues.yamlfile that contains the default values.
Set up the required dependencies. Information on these can be provided over your Slack support channel, or by email at support@pipekit.io.
Set a valid Pipekit license key in the
myvalues.yamlfile.Ensure you have access to the privately-hosted images used by this chart through an appropriate imagePullSecret, or you have modified the
myvalues.yamlfile to use the your own copies of the images.Modify
myvalues.yamlto set the values for your specific installation.Apply the Pipekit services to your Kubernetes cluster
Pipekit Helm Chart Values
There are other optional, configurable options within the Helm Chart. These are listed below.
eventsHandler
object
{"hpa":{"enabled":false,"maxReplicas":10,"minReplicas":1},"imageName":"events-handler","imageTag":null,"pdb":{"enabled":true,"minAvailable":"50%","unhealthyPodEvictionPolicy":"AlwaysAllow"}}
Ignored unless global.gitProvider.github.enabled is true
eventsHandler.hpa.enabled
bool
false
Enable or disable the Horizontal Pod Autoscaler for this service
eventsHandler.hpa.maxReplicas
int
10
Set the maximum number of replicas for the Horizontal Pod Autoscaler
eventsHandler.hpa.minReplicas
int
1
Set the minimum number of replicas for the Horizontal Pod Autoscaler
eventsHandler.imageName
string
"events-handler"
Optionally override the default image name for this service
eventsHandler.imageTag
string
nil
Optionally override the default image tag for this service
eventsHandler.pdb.enabled
bool
true
Enable or disable the Pod Disruption Budget for this service
eventsHandler.pdb.minAvailable
string
"50%"
Set the minimum number of pods available during a disruption
eventsHandler.pdb.unhealthyPodEvictionPolicy
string
"AlwaysAllow"
Set unhealthyPodEvictionPolicy on the PDB. Options: IfHealthyBudget or AlwaysAllow
gitProviders.bitbucket.enabled
bool
false
Enable or disable the BitBucket Data Center integration
gitProviders.bitbucket.webhookSecret
string
"secret"
bitbucket webhook secret
gitProviders.github.appID
string
nil
Github application ID
gitProviders.github.appName
string
nil
The name of your github app
gitProviders.github.clientID
string
nil
Github OAuth client ID
gitProviders.github.clientSecret
string
nil
Github OAuth client secret
gitProviders.github.enabled
bool
false
Enable or disable the Github integration
gitProviders.github.privateKey
string
nil
Github private key
gitProviders.github.webhookSecret
string
nil
Github webhook secret (optional)
gitProviders.gitlab.enabled
bool
false
Enable or disable the Gitlab integration
gitProviders.gitlab.webhookSecret
string
nil
gitlab webhook secret
global.adminPassword
string
A random password will be generated if not provided
Pipekit Admin password. This password is used internally by Pipekit services to authenticate with each other.
global.breakGlassPassword
string
A random password will be generated if not provided
Pipekit Break Glass password. This password is used to access Pipekit in the event that SSO is unavailable.
global.developmentMode
bool
false
Install non-production versions of postgres, redis and loki in-cluster. Useful for local development and evaluation Do not enable for production use
global.imagePullPolicy
string
Always
Globally set an imagePullPolicy.
global.imageRepo
string
pipekitprivate
Globally set the container image repository. You will need your docker hub pull secret to pull from there. Place it in global.serviceAccount.imagePullSecrets
global.imageTag
string
The chart appVersion
Globally set the image tag.
global.jwtSigningToken
string
A random token will be generated if not provided
Token used to create the JWT for users signing in to the Pipekit Services
global.licenseKey
string
nil
License key for Pipekit. Either enter your license key here or create a kubernetes secret containing the key. Leave blank to use global.licenseKeySecretName
global.licenseKeySecretName
string
nil
The name of the Kubernetes secret that contains the license key Leave blank to use global.licenseKey The named secret should be installed in the same namespace and should contain a key pair named LICENSE_KEY
global.logLevel
string
"INFO"
Set the log level for all Pipekit services
global.nodeSelector
object
{}
global.rotateAdminPassword
bool
false
Set to true to rotate the Pipekit Admin password
global.rotateBreakGlassPassword
bool
false
Set to true to rotate the Pipekit Break Glass password
global.rotateJwtSigningToken
bool
false
Set to true to rotate the JWT Signing Token.
global.rotateSsoStoreSigningKey
bool
false
Set to true to rotate the SSO Store Signing Key
global.serviceAccount.annotations
object
{}
Annotations applied to created service account
global.serviceAccount.imagePullSecrets
object
{}
Secrets with credentials to pull images from a private registry
global.serviceAccount.labels
object
{}
Labels applied to created service account
global.serviceAccount.name
string
"pipekit"
Service account which is used to run the Pipekit services
global.ssoStoreSigningKey
string
A random token will be generated if not provided
Token used to sign the SSO Sessions
global.telemetryProtocols
string
"prometheus"
Which telemetry protocols to use: comma delimited selection of otel, prometheus. otel is controlled by the standardized opentelemetry environment variables prometheus enables metrics on :9090/metrics set to 'none' to disable all telemetry
id.hpa.enabled
bool
false
Enable or disable the Horizontal Pod Autoscaler for this service
id.hpa.maxReplicas
int
10
Set the maximum number of replicas for the Horizontal Pod Autoscaler
id.hpa.minReplicas
int
1
Set the minimum number of replicas for the Horizontal Pod Autoscaler
id.imageName
string
"id"
Optionally override the default image name for this service
id.imageTag
string
nil
Optionally override the default image tag for this service
id.pdb.enabled
bool
true
Enable or disable the Pod Disruption Budget for this service
id.pdb.minAvailable
string
"50%"
Set the minimum number of pods available during a disruption
id.pdb.unhealthyPodEvictionPolicy
string
"AlwaysAllow"
Set unhealthyPodEvictionPolicy on the PDB. Options: IfHealthyBudget or AlwaysAllow
ingress.annotations
object
{"nginx.ingress.kubernetes.io/client-body-buffer-size":"5m","nginx.ingress.kubernetes.io/from-to-www-redirect":"true","nginx.ingress.kubernetes.io/proxy-body-size":"5m","nginx.ingress.kubernetes.io/proxy-buffer-size":"5m","nginx.ingress.kubernetes.io/proxy-buffers-number":"32"}
Additional ingress annotations. Some optional nginx examples provided below
ingress.host
string
"pipekit.example.com"
The host name to use for Pipekit
ingress.ingressClassName
string
"nginx"
Defines which ingress controller will implement the resource
ingress.labels
object
{}
Additional ingress labels
ingress.tls
list
[]
Ingress TLS configuration
login.githubSSO.clientID
string
nil
Client ID
login.githubSSO.clientSecret
string
nil
Client secret
login.githubSSO.enabled
bool
false
Enable or disable the Github SSO login option
login.gitlabSSO.applicationID
string
nil
Application ID
login.gitlabSSO.applicationSecret
string
nil
Application secret
login.gitlabSSO.enabled
bool
false
Enable or disable the Gitlab SSO login option
login.googleSSO.clientID
string
nil
Client ID
login.googleSSO.clientSecret
string
nil
Client secret
login.googleSSO.enabled
bool
false
Enable or disable the Google SSO login option
login.microsoftSSO.clientID
string
nil
Client ID
login.microsoftSSO.clientSecret
string
nil
Client secret
login.microsoftSSO.enabled
bool
false
Enable or disable the Microsoft SSO login option
login.userPass.enabled
bool
true
Enable or disable the username/password login option
loki.gatewayAddress
string
nil
If populated, the Pipekit services that rely on the Loki Gateway will monitor for its health.
loki.host
string
"loki"
Loki host URL
loki.port
int
3100
Loki port
loki.readAddress
string
"http://devmode-loki:3100"
If populated, the Pipekit services that rely on the Loki Gateway will monitor for its health.
loki.writeAddress
string
"http://devmode-loki:3100"
If non-empty this attempts to contact the loki read endpoint from the users service, to emit a health metric
messenger.fluentbitImageName
string
"fluent-bit"
Set the default image name for the fluentbit container
messenger.fluentbitImageRepo
string
"fluent"
Set the image repo for the fluentbit container
messenger.fluentbitImageTag
string
"3.1.4"
Set the default image tag for the fluentbit container
messenger.hpa.enabled
bool
false
Enable or disable the Horizontal Pod Autoscaler for this service
messenger.hpa.maxReplicas
int
10
Set the maximum number of replicas for the Horizontal Pod Autoscaler
messenger.hpa.minReplicas
int
1
Set the minimum number of replicas for the Horizontal Pod Autoscaler
messenger.imageName
string
"messenger"
Optionally override the default image name for this service
messenger.imageTag
string
nil
Optionally override the default image tag for this service
messenger.pdb.enabled
bool
true
Enable or disable the Pod Disruption Budget for this service
messenger.pdb.minAvailable
string
"50%"
Set the minimum number of pods available during a disruption
messenger.pdb.unhealthyPodEvictionPolicy
string
"AlwaysAllow"
Set unhealthyPodEvictionPolicy on the PDB. Options: IfHealthyBudget or AlwaysAllow
pipekitInit.imageName
string
"pipekit-init"
Optionally override the default image name for this service
pipekitInit.imageTag
string
nil
Optionally override the default image tag for this service
postgresql.host
string
"example.com"
Database host URL
postgresql.maxRetries
int
10
Number of database connection retries
postgresql.password
string
"pipekit"
Database password
postgresql.port
int
5432
Database port
postgresql.sslMode
string
"disable"
Enable or disable SSL mode
postgresql.username
string
"pipekit"
Database username
redis.host
string
"redis.redis.svc.cluster.local"
Redis host URL
redis.password
string
nil
Optional Redis connection password
redis.port
int
6379
Redis port
ui.hpa.enabled
bool
false
Enable or disable the Horizontal Pod Autoscaler for this service
ui.hpa.maxReplicas
int
10
Set the maximum number of replicas for the Horizontal Pod Autoscaler
ui.hpa.minReplicas
int
1
Set the minimum number of replicas for the Horizontal Pod Autoscaler
ui.imageName
string
"ui"
Optionally override the default image name for this service
ui.imageTag
string
nil
Optionally override the default image tag for this service
ui.pdb.enabled
bool
true
Enable or disable the Pod Disruption Budget for this service
ui.pdb.minAvailable
string
"50%"
Set the minimum number of pods available during a disruption
ui.pdb.unhealthyPodEvictionPolicy
string
"AlwaysAllow"
Set unhealthyPodEvictionPolicy on the PDB. Options: IfHealthyBudget or AlwaysAllow
users.hpa.enabled
bool
false
Enable or disable the Horizontal Pod Autoscaler for this service
users.hpa.maxReplicas
int
10
Set the maximum number of replicas for the Horizontal Pod Autoscaler
users.hpa.minReplicas
int
1
Set the minimum number of replicas for the Horizontal Pod Autoscaler
users.imageName
string
"users"
Optionally override the default image name for this service
users.imageTag
string
nil
Optionally override the default image tag for this service
users.pdb.enabled
bool
true
Enable or disable the Pod Disruption Budget for this service
users.pdb.minAvailable
string
"50%"
Set the minimum number of pods available during a disruption
users.pdb.unhealthyPodEvictionPolicy
string
"AlwaysAllow"
Set unhealthyPodEvictionPolicy on the PDB. Options: IfHealthyBudget or AlwaysAllow
Upgrading Pipekit
Checking the latest version
Pipekit is automatically published to Artifact Hub. You can use this service to configure automatic notifications of new versions, either via an RSS feed or a webhook.
Alternatively, you can search the Helm repo for the latest version of Pipekit using the following command:
For further information on the helm search repo command, please refer to the official Helm documentation.
Changes to the default values.yaml
Prior to upgrading, you should ensure that you understand any changes to the default values.yaml and the impact those changes may have on your installation. This page is always updated with the latest available Helm chart values for Pipekit.
If you wish to upgrade to an older version of the Pipekit Helm chart, you can extract the default values for that version using the following command:
The Pipekit values file is commented so you can see what each value does.
You can extract your existing values from your current installation using the following command:
For further information the helm commands used above, please refer to the official Helm documentation.
Upgrading Pipekit
To upgrade Pipekit, you can use the following command:
For more information on using Helm to perform upgrades, please check the official Helm documentation.
Automating the upgrades using Gitops
If you use a Gitops tool such as Argo CD, you can commit your changes to your git repository and the tool will handle the Helm upgrade for you.
If you wish to automate the upgrade process, we recommend a third party tool called Renovate Bot that can be configured to automatically raise pull requests for you when a new version of Pipekit is released.
Upgrade Support
If you have an issue upgrading Pipekit that isn't addressed here, please contact us over Slack, or by email at support@pipekit.io.
Last updated