Values
| Key | Type | Description | Default |
|---|---|---|---|
| access-control-service.resources | object | Configure the resource requests / limits for the access control service | {"limits":{"memory":"128Mi"},"requests":{"cpu":"20m","ephemeral-storage":"100Mi","memory":"128Mi"}} |
| ai-api.resources | object | Configure the resource requests / limits for the ai-api service | {"limits":{"memory":"1Gi"},"requests":{"cpu":"500m","ephemeral-storage":"100Mi","memory":"1Gi"}} |
| ai-engine.deployment.replicaCount | int | Configure the number of replicas for ai-engine deployment. Unless you are using keda you will want at least the number of tests you plan to run in parallel | 2 |
| ai-engine.resources | object | Configure the resource requests / limits for ai-engine | {"limits":{"memory":"256Mi"},"requests":{"cpu":"50m","ephemeral-storage":"100Mi","memory":"256Mi"}} |
| ai-ui.resources | object | Configure the resource requests / limits for ai-ui | {"limits":{"memory":"64Mi"},"requests":{"cpu":"20m","ephemeral-storage":"100Mi","memory":"64Mi"}} |
| api-clients-service.resources | object | Configure the resource requests / limits for api-clients-service | {"limits":{"memory":"128Mi"},"requests":{"cpu":"300m","ephemeral-storage":"100Mi","memory":"128Mi"}} |
| api-composer.publicApiRateLimiting.apiRateLimit | string | Allowed request of the publc API before rate limiting occurs. | "5r/s" |
| api-composer.publicApiRateLimiting.apiRateLimitBurst | string | Allowed burst limit of the publc API. | "5" |
| api-composer.publicApiRateLimiting.enabled | bool | Should the public API be rate limited. | false |
| api-composer.publicApiRateLimiting.nginxResources | object | Resources for the nginx rate limiting container. | {"limits":{"memory":"64Mi"},"requests":{"cpu":"20m","memory":"64Mi"}} |
| api-composer.resources | object | Configure the resource requests / limits for api-composer | {"limits":{"memory":"256Mi"},"requests":{"cpu":"300m","ephemeral-storage":"100Mi","memory":"256Mi"}} |
| asset-manager | object | Configuration for the asset-manager pod | {"gitStorageLimit":"100Mi","resources":{"limits":{"memory":"512Mi"},"requests":{"cpu":"400m","ephemeral-storage":"200Mi","memory":"512Mi"}}} |
| asset-manager.gitStorageLimit | string | The storage limit applied to Git repo metadata, exposed as a K8s emptyDir | "100Mi" |
| asset-manager.resources | object | Configure the resource requests / limits for asset manager service | {"limits":{"memory":"512Mi"},"requests":{"cpu":"400m","ephemeral-storage":"200Mi","memory":"512Mi"}} |
| bug-hunting.resources | object | Configure the resource requests / limits for the bug hunting service | {"limits":{"memory":"750Mi"},"requests":{"cpu":"400m","ephemeral-storage":"100Mi","memory":"750Mi"}} |
| dai-docs.resources | object | Configure the resource requests / limits for the docs service | {"limits":{"memory":"256Mi"},"requests":{"cpu":"20m","ephemeral-storage":"100Mi","memory":"256Mi"}} |
| dai-ui.resources | object | Configure the resource requests / limits for dai-ui | {"limits":{"memory":"64Mi"},"requests":{"cpu":"20m","ephemeral-storage":"100Mi","memory":"64Mi"}} |
| execution-service.resources | object | Configure the resource requests / limits for execution-service | {"limits":{"memory":"256Mi"},"requests":{"cpu":"50m","ephemeral-storage":"100Mi","memory":"256Mi"}} |
| global.devLicense | string | The developer license provided by customer support for using Eggplant DAI. | nil |
| global.enableCustomScripts | int | 0 | |
| global.enableUsageReporting | int | Feature flag to enable the User Performance Monitoring configurations and reports on DAI web UI. | 0 |
| global.execLicense | string | The execution license provided by customer support for using Eggplant DAI. | nil |
| global.featLicenses | string | The feature licenses provided by customer support for using Eggplant DAI. | nil |
| global.git.enabled | string | "true" | |
| global.ingress.className | string | Which ingress-nginx class to use for the ingress. | "nginx" |
| global.ingress.customCACert | string | nil | |
| global.ingress.enabled | bool | true | |
| global.ingress.host | string | Hostname for DAI ingress. | "dai.example.com" |
| global.ingress.tls | list | If you are enabling TLS by adding certificates to the ingress controller, then add a TLS block here. See Configuring TLS. | nil |
| global.keycloak.host | string | "kc-dai.example.com" | |
| global.keycloak.password | string | Password for the Keycloak admin user. with a secret. | "admin" |
| global.keycloak.tls.secretName | string | The name of an existing Kubernetes secret containing TLS certificates to be used on the Keycloak ingress rule. | nil |
| global.keycloak.user | string | Username for the Keycloak admin user. | "admin" |
| global.limitMaxValue | int | For Public API, you can configure the maximum value that the limit query parameter for the endpoints can take. Default Maximum Value: 10000 Allowable range for limitMaxValue is 1000-2147483647 (inclusive) | 10000 |
| global.objectStorage.assetBucketName | string | Name of the assets storage bucket. | "assets" |
| global.objectStorage.aws | object | Configures the AWS provider. | {"awsAccessKeyId":"eggplant","awsAccessKeyIdKey":"","awsSecretAccessKey":"eggplant","awsSecretAccessKeyKey":"","existingSecret":"","region":"eu-west-1"} |
| global.objectStorage.aws.existingSecret | string | Existing secret overrides the value of awsAccessKeyId and awsSecretAccessKey. | "" |
| global.objectStorage.minio | object | Configures the MinIO provider. If rootUser and rootPassword are set, you can use the included MinIO chart by setting minio.enabled to true without further configuration. If you want to use an existingSecret, you'll need to set the secret name in minio.auth.existingSecret. The secret will need to have the keys root-user and root-password. | {"endpoint":"","existingSecret":"","rootPassword":"eggplant","rootPasswordKey":"","rootUser":"eggplant","rootUserKey":""} |
| global.objectStorage.minio.endpoint | string | Endpoint of the MinIO instance. Only set this if you're not using the included MinIO chart. | "" |
| global.objectStorage.provider | string | Which object storage provider is used. Valid values are 'minio' or 'aws'. | "minio" |
| global.objectStorage.screenshotBucketName | string | Name of the screenshots storage bucket. | "screenshots" |
| global.postgresql.auth.postgresPassword | string | Password for the postgres admin user. Used by DAI for authentication with the PostgreSQL instance and inherited by the postgresql sub-chart to configure the postgres user. | "postgres" |
| global.postgresql.fullnameOverride | string | Hostname of the PostgreSQL instance to be used by DAI. | "postgres" |
| global.postgresql.host | string | "postgres" | |
| global.postgresql.sutServiceName | string | Name of the sut service database used by DAI. | "sut_service" |
| global.postgresql.ttdbName | string | Name of the main database used by DAI. | "ttdb" |
| global.postgresql.username | string | Custom user to create. Used by DAI for authentication with the PostgreSQL instance and inherited by the postgresql sub-chart to configure the PostgreSQL deployment. | "postgres" |
| global.rabbitmq.erlangCookie | string | The RabbitMQ Erlang cookie. It will either be set from the value of rabbitmq-erlang-cookie in the secret dai-rabbitmq or it will be set to a random string. | nil |
| global.rabbitmq.existingSecret | string | An existing secret with rabbitmq-password and rabbitmq-erlang-cookie keys in it. Overrides rabbitmq.password and rabbitmq.erlangCookie. | "" |
| global.rabbitmq.extraConfiguration | string | "web_stomp.tcp.port = 15674\nweb_stomp.ws_frame = binary\nweb_stomp.ws_path = /mq/fedrive\n\nloopback_users.backend = false\n\nauth_backends.1 = internal\nauth_backends.2 = cache\nauth_cache.cached_backend = http\nauth_cache.cache_ttl = 5000\n\nauth_http.http_method = post\nauth_http.user_path = http://rabbitmq-auth:4649/rabbitmq_auth_service/api/v1/user\nauth_http.vhost_path = http://rabbitmq-auth:4649/rabbitmq_auth_service/api/v1/vhost\nauth_http.resource_path = http://rabbitmq-auth:4649/rabbitmq_auth_service/api/v1/resource\nauth_http.topic_path = http://rabbitmq-auth:4649/rabbitmq_auth_service/api/v1/topic" | |
| global.rabbitmq.host | string | Hostname of the RabbitMQ instance. | "rabbitmq" |
| global.rabbitmq.password | string | Password for DAI to authenticate with RabbitMQ. If this is not set, it will either be set to the value of rabbitmq-password in the secret dai-rabbitmq or it will be set to a random string. | nil |
| global.rabbitmq.port | int | The port the RabbitMQ instance is running on. | 5672 |
| global.rabbitmq.username | string | Username for DAI to authenticate with RabbitMQ as. | "rabbitmq" |
| global.restartEpfAfterSeconds | int | When running a test configuration, you can configure the interval in seconds that EPF runs before restarting. This variable takes effect after the current step finishes and before moving to the next step. It only applies to test configurations run with the DAI Run Agent. During live runs, EPF runs continuously without restarting. If you do not want EPF to restart during your test runs, you can disable this option by setting it to 0 (zero). Default: 30 minutes. | 1800 |
| global.retryLockSutAndEE.retrySleepIntervalSeconds | int | 10 | |
| global.retryLockSutAndEE.retryTimeoutSeconds | int | 3600 | |
| global.syncSuites | int | 1 | |
| global.systemRunTimeout | int | When running a test configuration, you can configure the maximum time in minutes that EPF runs. | 0 |
| global.testConfigTaskEndDelaySeconds | int | When running a test configuration, you can configure the delay in seconds before EPF is stopped at the end of the test configuration run. Default: 5 seconds | 5 |
| keycloak | object | Configuration for the Bitnami Keycloak sub-chart. | {"auth":{"adminPassword":"admin","adminUser":"admin"},"enabled":true,"externalDatabase":{"database":"keycloak","existingSecret":"","host":"postgres","password":"fake","user":"postgres"},"fullnameOverride":"keycloak","httpRelativePath":"/auth/","ingress":{"enabled":false},"initContainers":[{"command":["sh","-c","until timeout 2 printf \"\" 2>>/dev/null >>/dev/tcp/${KEYCLOAK_DATABASE_HOST}/${KEYCLOAK_DATABASE_PORT}; do echo \"waiting for PostgreSQL\"; sleep 5; done"],"envFrom":[{"configMapRef":{"name":"keycloak-env-vars"}}],"image":"quay.io/eggplantsoftware/keycloak-server:6.2.66","imagePullPolicy":"IfNotPresent","name":"wait-for-postgresql"}],"postgresql":{"enabled":false}} |
| keycloak-realm-provisioner.realms.customer.services.smtp.auth | string | "" | |
| keycloak-realm-provisioner.realms.customer.services.smtp.enabled | bool | Whether to configure SMTP in Keycloak for sending emails. | false |
| keycloak-realm-provisioner.realms.customer.services.smtp.existingSecret | string | "" | |
| keycloak-realm-provisioner.realms.customer.services.smtp.from | string | "" | |
| keycloak-realm-provisioner.realms.customer.services.smtp.host | string | "" | |
| keycloak-realm-provisioner.realms.customer.services.smtp.password | string | "" | |
| keycloak-realm-provisioner.realms.customer.services.smtp.port | string | "" | |
| keycloak-realm-provisioner.realms.customer.services.smtp.ssl | string | "" | |
| keycloak-realm-provisioner.realms.customer.services.smtp.tls | string | "" | |
| keycloak-realm-provisioner.realms.customer.services.smtp.user | string | "" | |
| keycloak-realm-provisioner.realms.eeProvisioner.createIfMissing | bool | false | |
| keycloak-user-provisioner.adminUsers | object | This mapping lists the DAI admin users to create. You can specify multiple admin users, each in a separate key, e.g. adminUsers.myAdmin, adminUsers.anotherAdmin. Each specified admin user must have all the fields shown under adminUsers.daiAdmin. | {"daiAdmin":{"email":null,"firstName":null,"lastName":null,"password":null,"username":null}} |
| keycloak-user-provisioner.adminUsers.daiAdmin.password | string | must be >= 12 characters long. | nil |
| keycloak.auth | object | Configuration for the initial admin user. | {"adminPassword":"admin","adminUser":"admin"} |
| keycloak.enabled | bool | Must be set to true - we do not support using your own Keycloak. | true |
| keycloak.externalDatabase | object | Configure the database to be used by Keycloak for persistence. If using the bundled PostgreSQL instance and changing any parameters, this needs to be updated to match. | {"database":"keycloak","existingSecret":"","host":"postgres","password":"fake","user":"postgres"} |
| keycloak.fullnameOverride | string | Changing this will impact the name of the service created by the Bitnami chart. If you change this, DAI may not behave as expected. | "keycloak" |
| keycloak.httpRelativePath | string | The path, relative to the DAI server URL, to publish Keycloak resources. This is needed for compatibility with old Keycloak versions. DAI depends on this and it must not be changed. | "/auth/" |
| keycloak.ingress.enabled | bool | If the ingress config deployed by the Bitnami keycloak chart is deployed or not. This must be false as we are shipping our own ingress. | false |
| keycloak.initContainers | list | Adds an init container to prevent Keycloak from coming up before PostgreSQL is ready. | [{"command":["sh","-c","until timeout 2 printf \"\" 2>>/dev/null >>/dev/tcp/${KEYCLOAK_DATABASE_HOST}/${KEYCLOAK_DATABASE_PORT}; do echo \"waiting for PostgreSQL\"; sleep 5; done"],"envFrom":[{"configMapRef":{"name":"keycloak-env-vars"}}],"image":"quay.io/eggplantsoftware/keycloak-server:6.2.66","imagePullPolicy":"IfNotPresent","name":"wait-for-postgresql"}] |
| keycloak.postgresql | object | If the Keycloak chart configures its own PostgreSQL instance. We re-use the same postgres instance as the rest of DAI, so leave this false. | {"enabled":false} |
| minio.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchLabels.app | string | "minio" | |
| minio.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.labelSelector.matchLabels.release | string | "minio" | |
| minio.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].podAffinityTerm.topologyKey | string | "kubernetes.io/hostname" | |
| minio.affinity.podAntiAffinity.preferredDuringSchedulingIgnoredDuringExecution[0].weight | int | 1 | |
| minio.containerSecurityContext.allowPrivilegeEscalation | bool | false | |
| minio.containerSecurityContext.capabilities.drop[0] | string | "ALL" | |
| minio.containerSecurityContext.privileged | bool | false | |
| minio.containerSecurityContext.readOnlyRootFilesystem | bool | true | |
| minio.containerSecurityContext.runAsGroup | int | 1001 | |
| minio.containerSecurityContext.runAsNonRoot | bool | true | |
| minio.containerSecurityContext.runAsUser | int | 1001 | |
| minio.enabled | bool | Set this to false if you want to use your own object storage service, e.g. AWS S3. | true |
| minio.environment.MINIO_BROWSER | string | "off" | |
| minio.environment.MINIO_DISTRIBUTED_MODE_ENABLED | string | "no" | |
| minio.environment.MINIO_FORCE_NEW_KEYS | string | "no" | |
| minio.environment.MINIO_SCHEME | string | "http" | |
| minio.environment.MINIO_SKIP_CLIENT | string | "yes" | |
| minio.existingSecret | string | This secret is automatically populated by the values in global.objectStorage.minio.rootUser and rootPassword. If you provide an existing secret in global.objectStorage.minio, you must update this to match. The secret must have keys rootUser and rootPassword. | "dai-objectstorage" |
| minio.fullnameOverride | string | Impacts the service name created by the Bitnami chart. If this changes, it could break DAI. | "minio" |
| minio.image.repository | string | "quay.io/minio/minio" | |
| minio.image.tag | string | "RELEASE.2025-09-07T16-13-09Z" | |
| minio.makeUserJob.containerSecurityContext.allowPrivilegeEscalation | bool | false | |
| minio.makeUserJob.containerSecurityContext.capabilities.drop[0] | string | "ALL" | |
| minio.makeUserJob.containerSecurityContext.readOnlyRootFilesystem | bool | true | |
| minio.makeUserJob.containerSecurityContext.runAsNonRoot | bool | true | |
| minio.makeUserJob.securityContext.enabled | bool | true | |
| minio.mode | string | "standalone" | |
| minio.persistence.annotations."helm.sh/resource-policy" | string | "keep" | |
| minio.persistence.enabled | bool | Persist stored objects to a PVC. Disabling this may result in lost data. | true |
| minio.persistence.size | string | "8Gi" | |
| minio.postJob.securityContext.enabled | bool | true | |
| minio.postJob.securityContext.seccompProfile.type | string | "RuntimeDefault" | |
| minio.resources.limits.cpu | string | "375m" | |
| minio.resources.limits.ephemeral-storage | string | "2Gi" | |
| minio.resources.limits.memory | string | "384Mi" | |
| minio.resources.requests.cpu | string | "250m" | |
| minio.resources.requests.ephemeral-storage | string | "50Mi" | |
| minio.resources.requests.memory | string | "256Mi" | |
| minio.securityContext.seccompProfile.type | string | "RuntimeDefault" | |
| modeler-service.resources | object | Configure the resource requests / limits modeler-service | {"limits":{"memory":"256Mi"},"requests":{"cpu":"400m","ephemeral-storage":"100Mi","memory":"256Mi"}} |
| network-policies.dnsAllowedRange | string | Allowed IPs ranges to be used for DNS servers. By default not restrictions are enforced. | "0.0.0.0/0" |
| network-policies.egressAllowAll | bool | If network polcies are enabled do you wish to allow outbound traffic from pods. | false |
| network-policies.enabled | bool | Set to enbaled if you wish to enable network policies. | false |
| network-policies.externalGit | object | If using git to store suites then you can choose to restrict which outbound IPs and ports are allowed to be reached by the asset manager pod. | {"cidrs":["0.0.0.0/0"],"ports":[80,443]} |
| network-policies.externalWebhook | object | If sending notifications then you can choose to restrict which outbound IPs and ports are allowed to be reached by the notification service pod. | {"cidrs":["0.0.0.0/0"],"ports":[80,443]} |
| network-policies.ingressNSMatchLabels | object | Define a label on the ingress controller namespace. This will be used to allow traffic from that namespace to the DAI namespace. | {"kubernetes.io/metadata.name":"ingress-nginx"} |
| network-policies.keycloakIPRanges | list | IP ranges of the external interface though which keycloak can be reached. This is needed to allow DAI pods to contact keycloak via its DNS name. typically this is the external IPs of the ingress controller loadbalancer. By default all outbound addresses are allowed. | ["0.0.0.0/0"] |
| postgresql | object | Configuration for the Bitnami postgresql sub-chart. | {"enabled":true,"fullnameOverride":"postgres","image":{"registry":"docker.io","repository":"library/postgres","tag":17.6},"persistence":{"enabled":true,"retentionPolicy":{"whenDeleted":"Retain","whenScaled":"Retain"},"size":"8Gi","storageClass":""}} |
| postgresql.enabled | bool | Set to false if using an alternative PostgreSQL installation. | true |
| postgresql.fullnameOverride | string | Impacts the name of the service created. If this is changed, will most likely need to update global.postgresq.host to work. | "postgres" |
| postgresql.persistence.enabled | bool | Controls whether PostgreSQL data is persisted in a PVC. Setting this to false could result in data loss. | true |
| postgresql.persistence.retentionPolicy.whenDeleted | string | Rention Policy when deleted | "Retain" |
| postgresql.persistence.retentionPolicy.whenScaled | string | Rention Policy when scaled | "Retain" |
| postgresql.persistence.size | string | Size of PVC | "8Gi" |
| postgresql.persistence.storageClass | string | Configure the storage class for postgres persistence | "" |
| rabbitmq | object | Configuration for the Bitnami RabbitMQ chart. | {"auth":{"existingErlangSecret":"dai-rabbitmq","existingPasswordSecret":"dai-rabbitmq","username":"rabbitmq"},"enabled":true,"extraConfiguration":"web_stomp.tcp.port = 15674\nweb_stomp.ws_frame = binary\nweb_stomp.ws_path = /mq/fedrive\n\nloopback_users.backend = false\n\nauth_backends.1 = internal\nauth_backends.2 = cache\nauth_cache.cached_backend = http\nauth_cache.cache_ttl = 5000\n\nauth_http.http_method = post\nauth_http.user_path = http://rabbitmq-auth:4649/rabbitmq_auth_service/api/v1/user\nauth_http.vhost_path = http://rabbitmq-auth:4649/rabbitmq_auth_service/api/v1/vhost\nauth_http.resource_path = http://rabbitmq-auth:4649/rabbitmq_auth_service/api/v1/resource\nauth_http.topic_path = http://rabbitmq-auth:4649/rabbitmq_auth_service/api/v1/topic","fullnameOverride":"rabbitmq","image":{"pullPolicy":"IfNotPresent","registry":"docker.io","repository":"rabbitmq","tag":"4.1.4-management"},"loadDefinition":{"enabled":false},"metrics":{"enabled":false},"persistence":{"enabled":true},"resources":{"limits":{"memory":"500Mi"},"requests":{"cpu":"400m","memory":"500Mi"}},"service":{"ports":{"amqp":5672,"management":15672,"webstomp":15674},"type":"ClusterIP"}} |
| rabbitmq-auth.resources | object | Configure the resource requests / limits for rabbitmq-auth | {"limits":{"memory":"128Mi"},"requests":{"cpu":"20m","ephemeral-storage":"100Mi","memory":"128Mi"}} |
| rabbitmq.auth.existingErlangSecret | string | Secret to fetch the RabbitMQ Erlang cookie from. Must have rabbitmq-erlang-cookie. DAI assumes this and existingPasswordSecret are the same. If these change, must update global.rabbitmq.existingSecret. | "dai-rabbitmq" |
| rabbitmq.auth.existingPasswordSecret | string | Secret to fetch the RabbitMQ user password from. Must have rabbitmq-password key in it. If this changes, must update global.rabbitmq.existingSecret. | "dai-rabbitmq" |
| rabbitmq.auth.username | string | Default RabbitMQ user to create. If this changes, must update global.rabbitmq.username to match. | "rabbitmq" |
| sut-service.resources | object | Configure the resource requests / limits for sut-service | {"limits":{"memory":"256Mi"},"requests":{"cpu":"100m","ephemeral-storage":"100Mi","memory":"256Mi"}} |