# Openshift Artifactory HA # This helm chart subcharts the latest jfrog/artifactory-ha chart # and applies various things like initContainers, nginx mainConf, etc # to enable the artifactory-ha helm chart to work in an openshift environment artifactory-ha: databaseUpgradeReady: true database: type: "OVERRIDE" driver: "OVERRIDE" url: "OVERRIDE" user: "OVERRIDE" password: "OVERRIDE" initContainerImage: registry.connect.redhat.com/jfrog/init:7.27.3-1 waitForDatabase: true installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/Openshift" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }' artifactory: uid: "1000721030" ## Change to use RH UBI images image: registry: registry.connect.redhat.com repository: jfrog/artifactory-pro tag: 7.27.3-1 node: replicaCount: 2 waitForPrimaryStartup: enabled: false masterKey: "OVERRIDE" joinKey: "OVERRIDE" customInitContainersBegin: | - name: "prepare-uid-persistent-volume" image: "{{ .Values.initContainerImage }}" imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}" command: - 'sh' - '-c' - > chown -Rv {{ .Values.artifactory.uid }}:{{ .Values.artifactory.uid }} {{ .Values.artifactory.persistence.mountPath }} securityContext: runAsUser: 0 volumeMounts: - mountPath: "{{ .Values.artifactory.persistence.mountPath }}" name: volume postgresql: enabled: false nginx: uid: "1000720104" gid: "1000720107" image: registry: registry.redhat.io repository: rhel8/nginx-116 tag: latest ## K8S secret name for the TLS secret to be used for SSL tlsSecretName: "OVERRIDE" service: ssloffload: false http: externalPort: 80 internalPort: 8080 https: externalPort: 443 internalPort: 8443 mainConf: | # Main Nginx configuration file worker_processes 4; error_log {{ .Values.nginx.persistence.mountPath }}/logs//error.log warn; pid /tmp/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; variables_hash_max_size 1024; variables_hash_bucket_size 64; server_names_hash_max_size 4096; server_names_hash_bucket_size 128; types_hash_max_size 2048; types_hash_bucket_size 64; proxy_read_timeout 2400s; client_header_timeout 2400s; client_body_timeout 2400s; proxy_connect_timeout 75s; proxy_send_timeout 2400s; proxy_buffer_size 32k; proxy_buffers 40 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 250m; proxy_http_version 1.1; client_body_buffer_size 128k; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format timing 'ip = $remote_addr ' 'user = \"$remote_user\" ' 'local_time = \"$time_local\" ' 'host = $host ' 'request = \"$request\" ' 'status = $status ' 'bytes = $body_bytes_sent ' 'upstream = \"$upstream_addr\" ' 'upstream_time = $upstream_response_time ' 'request_time = $request_time ' 'referer = \"$http_referer\" ' 'UA = \"$http_user_agent\"'; access_log {{ .Values.nginx.persistence.mountPath }}/logs/access.log timing; sendfile on; #tcp_nopush on; keepalive_timeout 65; #gzip on; include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf; }