# Default values for api7ee.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

global:
  # Global image registry to use for all images
  imageRegistry: ""
  # Image pull secrets for all images
  imagePullSecrets: []

# Configuration for the Web component
web:
  enabled: true
  replicaCount: 2

  image:
    registry: gitea.server_url  # Will be replaced with actual Gitea URL
    repository: api7ee/web
    pullPolicy: IfNotPresent
    tag: "main"  # Override with specific version

  service:
    type: ClusterIP
    port: 8000
    targetPort: 8000
    annotations: {}

  resources:
    limits:
      cpu: 500m
      memory: 512Mi
    requests:
      cpu: 250m
      memory: 256Mi

  autoscaling:
    enabled: false
    minReplicas: 2
    maxReplicas: 10
    targetCPUUtilizationPercentage: 80
    targetMemoryUtilizationPercentage: 80

  nodeSelector: {}
  tolerations: []
  affinity: {}

  # Additional environment variables
  env: []

  # Liveness and readiness probes
  livenessProbe:
    httpGet:
      path: /docs
      port: http
    initialDelaySeconds: 30
    periodSeconds: 10

  readinessProbe:
    httpGet:
      path: /docs
      port: http
    initialDelaySeconds: 10
    periodSeconds: 5

# Configuration for the API component
api:
  enabled: true
  replicaCount: 3

  image:
    registry: gitea.server_url  # Will be replaced with actual Gitea URL
    repository: api7ee/api
    pullPolicy: IfNotPresent
    tag: "main"  # Override with specific version

  service:
    type: ClusterIP
    port: 8080
    targetPort: 8080
    annotations: {}

  resources:
    limits:
      cpu: 1000m
      memory: 1Gi
    requests:
      cpu: 500m
      memory: 512Mi

  autoscaling:
    enabled: true
    minReplicas: 3
    maxReplicas: 20
    targetCPUUtilizationPercentage: 70
    targetMemoryUtilizationPercentage: 75

  nodeSelector: {}
  tolerations: []
  affinity: {}

  # Additional environment variables
  env:
    - name: LOG_LEVEL
      value: "info"

  # Liveness and readiness probes
  livenessProbe:
    httpGet:
      path: /health
      port: http
    initialDelaySeconds: 30
    periodSeconds: 10

  readinessProbe:
    httpGet:
      path: /ready
      port: http
    initialDelaySeconds: 10
    periodSeconds: 5

# Ingress configuration
ingress:
  enabled: true
  className: "nginx"
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
    cert-manager.io/cluster-issuer: "letsencrypt-prod"

  hosts:
    - host: demo.commandware.it
      paths:
        - path: /
          pathType: Prefix
          service: web  # Routes to web service
        - path: /api
          pathType: Prefix
          service: api  # Routes to API service

  tls:
    - secretName: api7ee-tls
      hosts:
        - demo.commandware.it

# ServiceAccount configuration
serviceAccount:
  create: true
  annotations: {}
  name: ""

# Pod Security Context
podSecurityContext:
  runAsNonRoot: true
  runAsUser: 1000
  fsGroup: 1000

# Security Context for containers
securityContext:
  allowPrivilegeEscalation: false
  capabilities:
    drop:
    - ALL
  readOnlyRootFilesystem: true
  runAsNonRoot: true
  runAsUser: 1000

# Network Policies
networkPolicy:
  enabled: false
  policyTypes:
    - Ingress
    - Egress
  ingress: []
  egress: []

# Pod Disruption Budget
podDisruptionBudget:
  enabled: true
  minAvailable: 1
  # maxUnavailable: 1

# Monitoring and metrics
metrics:
  enabled: false
  serviceMonitor:
    enabled: false
    interval: 30s
    path: /metrics
    labels: {}

# ConfigMap for shared configuration
configMap:
  data: {}

# Secrets for sensitive data
secrets:
  create: false
  data: {}