app: penpot
env: prod
namespace: penpot
deploy:
  branch: token-studio-develop
  event: push
chart:
  name: https://github.com/tokens-studio/tokens-studio-for-penpot.git?branch={{ .BRANCH }}&path=/.gimlet/k8s/penpot/
values:
  global:
    redisEnabled: true
    imagePullSecrets: 
      - name: ghcr-login-secret
  postgresql:
    enabled: true
    owner: penpot
    database: penpot
    # Assumed specified in infra
    secret: db-penpot-secrets
    superUser: db-penpot-superuser-secret
  config:
    flags: 'enable-smtp'
    assets:
      storageBackend: assets-s3
      s3:
        region: eu-west
        bucket: assets
        endpointURI: http://minio.penpot.svc.cluster.local:80
        existingSecret: 
          penpot-assets-user-penpot
        secretKeys:
          accessKeyIDKey: CONSOLE_ACCESS_KEY
          secretAccessKey: CONSOLE_SECRET_KEY
    smtp:
      enabled: true
      host: mailslurper
      defaultFrom: no-reply@penpot.tokens.studio
      defaultReplyTo: no-reply@penpot.tokens.studio
      username: test
      password: test
      tls: false
      ssl: false
      port: 1025
    publicURI: https://penpot.tokens.studio
    redis:
      host: penpot-redis-master.penpot.svc.cluster.local
    postgresql:
      host: penpot-db-rw
      database: penpot
      existingSecret: db-penpot-secrets
      secretKeys:
        usernameKey: username
        passwordKey: password
  backend:
    image:
      pullPolicy: IfNotPresent
      repository: ghcr.io/tokens-studio/tokens-studio-for-penpot
      tag: 'backend-{{ .SHA }}' 
  frontend:
    labels:
      portService: tokens-studio-for-penpot
    image:
      pullPolicy: IfNotPresent
      repository: ghcr.io/tokens-studio/tokens-studio-for-penpot
      tag: 'frontend-{{ .SHA }}'
    ingress:     
      enabled: true
      annotations:
        cert-manager.io/cluster-issuer: letsencrypt-prod
      hosts:
        - host: "penpot.tokens.studio"
      tls:
        - secretName: tls-penpot
          hosts:
          - penpot.tokens.studio