sonarqube: deploymentType: "Deployment" nameOverride: "sonar" fullnameOverride: "sonar" ingress: enabled: true hosts: - name: sonar.example.com annotations: # This property allows for reports up to a certain size to be uploaded to SonarQube nginx.ingress.kubernetes.io/proxy-body-size: "64m" # This property allows for CORS requests to be made to SonarQube (we use it on the EDP Portal Widget) nginx.ingress.kubernetes.io/enable-cors: "true" nginx.ingress.kubernetes.io/cors-allow-origin: "*" nginx.ingress.kubernetes.io/cors-allow-methods: "OPTIONS, GET" nginx.ingress.kubernetes.io/cors-allow-headers: "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization" resources: limits: cpu: 700m memory: 3Gi requests: cpu: 100m memory: 1.5Gi plugins: install: - "https://github.com/vaulttec/sonar-auth-oidc/releases/download/v2.1.1/sonar-auth-oidc-plugin-2.1.1.jar" - "https://github.com/checkstyle/sonar-checkstyle/releases/download/10.20.1/checkstyle-sonar-plugin-10.20.1.jar" - "https://github.com/spotbugs/sonar-findbugs/releases/download/v4.3.0/sonar-findbugs-plugin-4.3.0.jar" - "https://github.com/jborgers/sonar-pmd/releases/download/3.5.1/sonar-pmd-plugin-3.5.1.jar" - "https://github.com/sbaudoin/sonar-ansible/releases/download/v2.5.1/sonar-ansible-plugin-2.5.1.jar" - "https://github.com/sbaudoin/sonar-yaml/releases/download/v1.9.1/sonar-yaml-plugin-1.9.1.jar" - "https://github.com/Inform-Software/sonar-groovy/releases/download/1.8/sonar-groovy-plugin-1.8.jar" - "https://github.com/mc1arke/sonarqube-community-branch-plugin/releases/download/1.14.0/sonarqube-community-branch-plugin-1.14.0.jar" # Community branch plugin configuration jvmCeOpts: -javaagent:/opt/sonarqube/extensions/plugins/sonarqube-community-branch-plugin-1.14.0.jar=ce jvmOpts: -javaagent:/opt/sonarqube/extensions/plugins/sonarqube-community-branch-plugin-1.14.0.jar=web env: - name: SONAR_TELEMETRY_ENABLE value: "false" prometheusExporter: enabled: false postgresql: enabled: false jdbcOverwrite: enable: true jdbcUrl: "jdbc:postgresql://sonar-primary.sonar:5432/sonar?socketTimeout=1500" jdbcUsername: "sonar" jdbcSecretName: sonar-pguser-sonar jdbcSecretPasswordKey: "password" # Configuration for setting up resources in Keycloak to enable OIDC authentication. # Prerequisite: Ensure that the Keycloak Operator is installed and integrated with Keycloak. # Refer to the installation guide for the Keycloak Operator: # https://github.com/epam/edp-cluster-add-ons/tree/main/clusters/core/addons/keycloak-operator # # Additionally, necessary Keycloak resources such as realms, roles, and groups must be created # to support component functionality. This can be done using the provided add-ons or manually: # https://github.com/epam/edp-cluster-add-ons/tree/main/clusters/core/addons/kuberocketci-rbac oidc: # If set to true, the OIDC resources will be created. enabled: false