dependency-track: fullnameOverride: deptrack nameOverride: deptrack frontend: replicaCount: 1 image: # we override the default image tag here, since the helm chart is a little behind tag: 4.11.3 apiBaseUrl: "https://deptrack.example.com" extraEnv: - name: OIDC_ISSUER value: "https://keycloak.example.com/auth/realms/shared" - name: OIDC_CLIENT_ID value: "deptrack" - name: OIDC_SCOPE value: "openid profile email" - name: OIDC_LOGIN_BUTTON_TEXT value: "Login with Keycloak" - name: OIDC_FLOW value: "code" resources: requests: cpu: 150m memory: 64Mi limits: cpu: 500m memory: 128Mi apiServer: image: # we override the default image tag here, since the helm chart is a little behind tag: 4.11.3 # disabled because we use an external PostgreSQL database (PGO) persistentVolume: enabled: false extraEnv: - name: ALPINE_DATABASE_MODE value: "external" - name: ALPINE_DATABASE_URL value: "jdbc:postgresql://deptrack-primary.dependency-track.svc:5432/deptrack" - name: ALPINE_DATABASE_DRIVER value: "org.postgresql.Driver" - name: ALPINE_DATABASE_USERNAME value: "deptrack" - name: ALPINE_DATABASE_PASSWORD valueFrom: secretKeyRef: key: password name: deptrack-pguser-deptrack - name: ALPINE_OIDC_ENABLED value: "true" - name: ALPINE_OIDC_CLIENT_ID value: "deptrack" - name: ALPINE_OIDC_ISSUER value: "https://keycloak.example.com/auth/realms/shared" - name: ALPINE_OIDC_USERNAME_CLAIM value: "preferred_username" - name: ALPINE_OIDC_USER_PROVISIONING value: "true" - name: ALPINE_OIDC_TEAMS_CLAIM value: "roles" - name: ALPINE_OIDC_TEAM_SYNCHRONIZATION value: "true" resources: # https://docs.dependencytrack.org/getting-started/deploy-docker/ requests: cpu: "1" memory: 768Mi limits: cpu: "2" memory: 4608Mi ingress: enabled: true tls: [] annotations: kubernetes.io/ingress.class: nginx # allow large bom.xml uploads: nginx.ingress.kubernetes.io/proxy-body-size: 10m hostname: deptrack.example.com # Configuration for setting up resources in Keycloak to enable OIDC authentication. # Prerequisite: Ensure that the Keycloak Operator is installed and integrated with Keycloak. # Refer to the installation guide for the Keycloak Operator: # https://github.com/epam/edp-cluster-add-ons/tree/main/clusters/core/addons/keycloak-operator # # Additionally, necessary Keycloak resources such as realms, roles, and groups must be created # to support component functionality. This can be done using the provided add-ons or manually: # https://github.com/epam/edp-cluster-add-ons/tree/main/clusters/core/addons/kuberocketci-rbac oidc: enabled: false