Configuration Reference
Complete reference for Helm values configuration.
Global Settings
global:
# Environment: development, staging, production
environment: production
# Image registry prefix (for private registries)
imageRegistry: "your-registry.example.com"
# Image pull secrets for private registries
imagePullSecrets:
- name: regcred
# RDS SSL configuration (for AWS RDS)
rdsSSL:
enabled: true
Database
database:
# Name of the Kubernetes secret containing database credentials
secretName: align-database
# Secret should contain:
# url: postgresql://user:pass@host:port/dbname
# host: hostname (for health checks)
# port: 5432
# username: database user
# password: database password
Gateway (API Server)
gateway:
enabled: true
replicaCount: 2
# Frontend URL for decision links in Slack/Teams
frontendUrl: "https://app.yourdomain.com"
image:
repository: align/gateway
tag: latest
pullPolicy: IfNotPresent
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
service:
type: ClusterIP
port: 8080
# Autoscaling
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 10
targetCPUUtilizationPercentage: 70
# Pod Disruption Budget
pdb:
enabled: true
minAvailable: 1
# Ingress
ingress:
enabled: true
className: "nginx" # or "traefik"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: api.yourdomain.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: api-tls
hosts:
- api.yourdomain.com
# SQS for async job processing (optional)
sqs:
importJobQueueUrl: ""
# Additional environment variables
extraEnv:
- name: LOG_LEVEL
value: "info"
Brain (AI Service)
brain:
enabled: true
replicaCount: 2
image:
repository: align/brain
tag: latest
resources:
requests:
memory: "512Mi"
cpu: "200m"
limits:
memory: "1Gi"
cpu: "1000m"
service:
type: ClusterIP
port: 8090
# Probe configuration (brain handles long-running LLM calls)
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 60
timeoutSeconds: 30
failureThreshold: 5
readinessProbe:
initialDelaySeconds: 10
periodSeconds: 30
timeoutSeconds: 15
failureThreshold: 6
autoscaling:
enabled: true
minReplicas: 2
maxReplicas: 8
targetCPUUtilizationPercentage: 70
extraEnv: []
UI (Frontend)
ui:
enabled: true
replicaCount: 2
image:
repository: align/ui
tag: latest
resources:
requests:
memory: "128Mi"
cpu: "50m"
limits:
memory: "256Mi"
cpu: "200m"
service:
type: ClusterIP
port: 3000
ingress:
enabled: true
className: "nginx"
hosts:
- host: app.yourdomain.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: app-tls
hosts:
- app.yourdomain.com
extraEnv: []
Connectors
connectors:
# Common settings for all connectors
common:
resources:
requests:
memory: "128Mi"
cpu: "50m"
limits:
memory: "256Mi"
cpu: "200m"
slack:
enabled: true
replicaCount: 1
image:
repository: align/connector-slack
tag: latest
service:
port: 8081
extraEnv: []
teams:
enabled: true
replicaCount: 1
image:
repository: align/connector-teams
tag: latest
service:
port: 8084
extraEnv: []
jira:
enabled: true
replicaCount: 1
alignCommand: "/align" # Command to trigger capture
image:
repository: align/connector-jira
tag: latest
service:
port: 8083
extraEnv: []
github:
enabled: true
replicaCount: 1
image:
repository: align/connector-github
tag: latest
service:
port: 8085
extraEnv: []
linear:
enabled: false
replicaCount: 1
image:
repository: align/connector-linear
tag: latest
service:
port: 8082
extraEnv: []
Secrets
secrets:
# Create secrets from values (DEV ONLY)
create: false
# OAuth credentials (only if secrets.create=true)
oauth:
slack:
clientId: ""
clientSecret: ""
signingSecret: ""
github:
clientId: ""
clientSecret: ""
appId: ""
appPrivateKey: ""
atlassian:
clientId: ""
clientSecret: ""
teams:
clientId: ""
clientSecret: ""
botAppId: ""
botAppPassword: ""
# LLM API keys
llm:
openaiApiKey: ""
anthropicApiKey: ""
custom:
baseUrl: "" # OpenAI-compatible endpoint
model: "" # Model name
apiKey: "" # Optional API key
useLocalEmbeddings: true
# Internal secrets
internal:
encryptionKey: ""
jwtSecret: ""
cookieSecret: ""
serviceAuthToken: ""
External Secrets (AWS Secrets Manager)
externalSecrets:
enabled: true
secretStore:
name: aws-secrets-manager
kind: ClusterSecretStore
refreshInterval: 1h
aws:
secretPath: "align/production"
Telemetry
telemetry:
enabled: true
samplingRate: "1.0"
batchSize: 100
flushIntervalMs: 5000
# Hourly aggregation CronJob
aggregation:
enabled: true
schedule: "5 * * * *"
# Daily rollup CronJob
dailyRollup:
enabled: true
schedule: "30 1 * * *"
# Data retention (days)
retention:
rawEventDays: 90
hourlyMetricDays: 365
dailyMetricDays: 730
Migrations
migrations:
enabled: true
image:
repository: align/migrations
tag: latest
pullPolicy: Always
resources:
requests:
memory: "64Mi"
cpu: "50m"
limits:
memory: "256Mi"
cpu: "500m"
Security Context
securityContext:
# Enable restrictive security context
# Disable for local dev where containers run as root
enabled: true
Node Scheduling
nodeSelector: {}
tolerations: []
affinity: {}
Service Account
serviceAccount:
create: true
name: align
annotations: {}
# For AWS IRSA:
# annotations:
# eks.amazonaws.com/role-arn: arn:aws:iam::ACCOUNT:role/align-role