mirror of
https://gitlab.com/oecis/charts.git
synced 2024-11-15 00:28:59 +00:00
125 lines
2.7 KiB
YAML
125 lines
2.7 KiB
YAML
# Default values for vault-unseal.
|
|
|
|
deployment:
|
|
# -- Deployment annotations
|
|
annotations: {}
|
|
# -- Deployment labels
|
|
labels: {}
|
|
# -- Deployment replica count
|
|
replicaCount: 1
|
|
# -- Deployment revision history limit
|
|
revisionHistoryLimit: 1
|
|
strategy:
|
|
# -- Deployment strategy type
|
|
type: RollingUpdate
|
|
|
|
image:
|
|
# -- Image registry
|
|
registry: ghcr.io
|
|
# -- Image repository
|
|
repository: lrstanley/vault-unseal
|
|
# -- Image pull policy
|
|
pullPolicy: IfNotPresent
|
|
# -- Overrides the image tag whose default is the chart appVersion.
|
|
tag: ""
|
|
|
|
# -- Image pull secrets
|
|
imagePullSecrets: []
|
|
# -- Name override
|
|
nameOverride: ""
|
|
# -- Full name override
|
|
fullnameOverride: ""
|
|
|
|
configSecret:
|
|
# -- If you want to manage the configuration out of the helm chart, set it to false
|
|
enabled: true
|
|
# -- Config secret annotations
|
|
annotations: {}
|
|
# -- Config secret stringData
|
|
stringData: |
|
|
environment: dev
|
|
check_interval: 15s
|
|
max_check_interval: 30m
|
|
vault_nodes:
|
|
- https://1.2.3.4:8200
|
|
unseal_tokens:
|
|
- your-token
|
|
- your-second-token
|
|
tls_skip_verify: false
|
|
email:
|
|
enabled: false
|
|
hostname: smtp.hostname.com
|
|
port: 25
|
|
username: your-username
|
|
password: your-password
|
|
# address to send from.
|
|
from_addr: your-alerts@hostname.com
|
|
# addresses to send to. the first will be the TO, the second and on will be CC'd
|
|
# onto the message.
|
|
send_addrs:
|
|
- your-alert-group@hostname.com
|
|
- example-user@hostname.com
|
|
# Skip TLS certificate validation.
|
|
tls_skip_verify: false
|
|
# Require TLS for SMTP connections.
|
|
# The default is opportunistic.
|
|
mandatory_tls: false
|
|
notify_max_elapsed: 10m
|
|
notify_queue_delay: 60s
|
|
|
|
containers:
|
|
# -- Containers environement
|
|
env: []
|
|
|
|
serviceAccount:
|
|
# -- Specifies whether a service account should be created
|
|
create: false
|
|
# -- Annotations to add to the service account
|
|
annotations: {}
|
|
# -- The name of the service account to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name: ""
|
|
# -- Creates the token object
|
|
token: false
|
|
|
|
# -- Pod annotations
|
|
podAnnotations: {}
|
|
|
|
# -- Pod security context
|
|
podSecurityContext: {}
|
|
# fsGroup: 2000
|
|
|
|
securityContext:
|
|
# -- Security context capabilities
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
# -- Security context run as non root
|
|
runAsNonRoot: false
|
|
# readOnlyRootFilesystem: true
|
|
# runAsUser: 1000
|
|
|
|
# -- Resources
|
|
resources:
|
|
limits:
|
|
cpu: 100m
|
|
memory: 32Mi
|
|
requests:
|
|
cpu: 10m
|
|
memory: 8Mi
|
|
|
|
# -- Node selector labels
|
|
nodeSelector: {}
|
|
|
|
# -- Tolerations
|
|
tolerations: []
|
|
|
|
# -- Affinity
|
|
affinity: {}
|
|
|
|
# -- Extra volume mounts
|
|
extraVolumeMounts: []
|
|
|
|
# -- Extra volumes
|
|
extraVolumes: []
|