# Number of gitks cluster nodes (StatefulSet replicas).
# Each pod gets a stable identity (gitks-0, gitks-1, ...) used as STORAGE_NAME.
replicaCount: 3

image:
  repository: gitks
  pullPolicy: IfNotPresent
  tag: ""

imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""

serviceAccount:
  create: true
  automount: true
  annotations: {}
  name: ""

# -- GitKS application configuration.
# Mirrors the environment variables from docker-compose.yaml / .env.
gitks:
  # -- Log level (error | warn | info | debug | trace).
  rustLog: info

  # -- Absolute path inside the container where bare repositories live.
  repoPrefixPath: /data/repos

  # -- gRPC server configuration.
  grpc:
    host: "0.0.0.0"
    port: 50051

  # -- Prometheus-compatible metrics endpoint.
  metrics:
    port: 9100

  # -- Ractor cluster TCP listener.
  cluster:
    port: 4697
    cookie: gitks-default-cookie

  # -- etcd service discovery configuration.
  etcd:
    # -- External etcd endpoints (comma-separated).
    # Example: "http://etcd-0.etcd-headless:2379,http://etcd-1.etcd-headless:2379"
    # Leave empty to disable cluster mode (standalone).
    endpoints: ""
    # -- etcd connection timeout in milliseconds.
    connectTimeout: 5000
    # -- etcd lease TTL in seconds.
    leaseTtl: 15

  # -- Cluster health check (self-election triggers).
  healthCheck:
    interval: 1
    maxFailures: 10

  # -- Disk cache (caches gRPC responses to disk).
  diskCache:
    enabled: false
    maxAge: 300

  # -- Pack cache (caches pack-objects results). Requires diskCache.enabled.
  packCache:
    enabled: false
    backpressure: true

  # -- Git hooks (server-side, custom, and callback hooks).
  hooks:
    enabled: true
    timeout: 30
    allowCustomHooks: true
    # -- Path to server-side hook scripts (empty = use default).
    serverHooksDir: ""
    # -- gRPC address for hook callbacks (empty = disabled).
    callbackAddr: ""

  # -- Per-repository rate limiting.
  rateLimit:
    maxConcurrent: 200

# -- Persistence configuration for repository data.
# Each StatefulSet pod gets its own PVC via volumeClaimTemplates.
persistence:
  enabled: true
  storageClass: ""
  accessMode: ReadWriteOnce
  size: 10Gi
  annotations: {}

# -- gRPC Service.
service:
  type: ClusterIP
  port: 50051
  annotations: {}

# -- Metrics Service (Prometheus scraping).
metricsService:
  enabled: true
  type: ClusterIP
  port: 9100
  annotations:
    prometheus.io/scrape: "true"
    prometheus.io/port: "9100"
    prometheus.io/path: "/metrics"

# -- Headless service is always created (required for StatefulSet DNS).
headlessService:
  annotations: {}

podAnnotations: {}
podLabels: {}

podSecurityContext:
  fsGroup: 1000

securityContext:
  capabilities:
    drop:
      - ALL
  readOnlyRootFilesystem: false
  runAsNonRoot: true
  runAsUser: 1000

resources:
  requests:
    cpu: 100m
    memory: 128Mi
  limits:
    cpu: 1000m
    memory: 1Gi

autoscaling:
  enabled: false
  minReplicas: 1
  maxReplicas: 10
  targetCPUUtilizationPercentage: 80

# -- Pod Disruption Budget to protect cluster quorum.
podDisruptionBudget:
  enabled: true
  minAvailable: 1

nodeSelector: {}
tolerations: []
affinity: {}

# -- Extra environment variables (key-value pairs).
extraEnv: []
  # - name: GITKS_EXTRA
  #   value: "some-value"