feat: Add timetable helm chart and argo application
This commit is contained in:
parent
1a9ddccf76
commit
36686dcf81
|
@ -5,6 +5,7 @@
|
|||
"helm/configserver": "0.1.22",
|
||||
"helm/kafka": "0.1.7",
|
||||
"helm/template": "0.2.4",
|
||||
"helm/timetable": "0.0.1",
|
||||
"helm/wahlrecht": "0.2.0",
|
||||
"helm/zookeeper": "0.1.5"
|
||||
}
|
||||
|
|
|
@ -69,7 +69,13 @@ applications:
|
|||
createNamespace: false
|
||||
repoURL: https://git.2martens.de/2martens/cloud-configuration.git
|
||||
syncWave: 2
|
||||
|
||||
- name: timetable
|
||||
project: default
|
||||
targetRevision: main
|
||||
namespace: timetable
|
||||
createNamespace: false
|
||||
repoURL: https://git.2martens.de/2martens/cloud-configuration.git
|
||||
syncWave: 5
|
||||
|
||||
overall:
|
||||
destinationServer: https://kubernetes.default.svc
|
||||
|
|
|
@ -48,6 +48,9 @@ spec:
|
|||
- --query.replica-label=rule_replica
|
||||
- --endpoint=dnssrv+_grpc._tcp.thanos-store.thanos.svc.cluster.local:10901
|
||||
- --endpoint=dnssrv+_grpc._tcp.thanos-receive-ingestor-default.thanos.svc.cluster.local:10901
|
||||
{{- range .Values.clusters }}
|
||||
- --endpoint=_grpc._tcp.{{ .thanosEndpoint }}:10901
|
||||
{{- end }}
|
||||
- --query.auto-downsampling
|
||||
env:
|
||||
- name: HOST_IP_ADDRESS
|
||||
|
|
|
@ -0,0 +1,2 @@
|
|||
clusters:
|
||||
- thanosEndpoint: 10.0.0.4
|
|
@ -0,0 +1,6 @@
|
|||
dependencies:
|
||||
- name: template
|
||||
repository: https://repo.2martens.de/charts
|
||||
version: 0.2.4
|
||||
digest: sha256:cb94ee0765d3d746702deb9973670fc7118c39e29093443d738541342b4f04e0
|
||||
generated: "2024-01-06T15:35:51.393485+01:00"
|
|
@ -0,0 +1,8 @@
|
|||
apiVersion: v2
|
||||
name: timetable
|
||||
version: 0.1.0
|
||||
type: application
|
||||
dependencies:
|
||||
- name: template
|
||||
version: 0.2.4
|
||||
repository: https://repo.2martens.de/charts
|
|
@ -0,0 +1 @@
|
|||
../../../helm/timetable/values.yaml
|
|
@ -0,0 +1,54 @@
|
|||
image:
|
||||
tag: "0.1.0"
|
||||
revisionHistoryLimit: 3
|
||||
ingress:
|
||||
enabled: true
|
||||
className: public
|
||||
hosts:
|
||||
- host: api.2martens.de
|
||||
paths:
|
||||
- path: /v1/formations/
|
||||
pathType: Prefix
|
||||
- path: /v1/routes/
|
||||
pathType: Prefix
|
||||
- path: /v1/timetables/
|
||||
pathType: Prefix
|
||||
- path: /v1/users/
|
||||
pathType: Prefix
|
||||
- path: /doc/v1/timetable/
|
||||
pathType: Prefix
|
||||
- path: /api-docs/v1/timetable/
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- secretName: timetable-tls
|
||||
hosts:
|
||||
- api.2martens.de
|
||||
resources:
|
||||
requests:
|
||||
cpu: 200m
|
||||
memory: 512Mi
|
||||
limits:
|
||||
cpu: 1000m
|
||||
memory: 512Mi
|
||||
application:
|
||||
configserver:
|
||||
scheme: http
|
||||
host: configserver.spring-support
|
||||
port: 8888
|
||||
prefix: /config
|
||||
kafka:
|
||||
host: kafka.kafka
|
||||
port: 9092
|
||||
|
||||
vault:
|
||||
enabled: true
|
||||
applicationName: timetable
|
||||
|
||||
readinessProbe:
|
||||
initialDelaySeconds: 70
|
||||
|
||||
livenessProbe:
|
||||
initialDelaySeconds: 70
|
||||
|
||||
prometheus:
|
||||
useCRDs: true
|
|
@ -0,0 +1 @@
|
|||
../../../helm/timetable/templates
|
|
@ -0,0 +1,195 @@
|
|||
# Copy these values to your application chart completely and then modify those bits where
|
||||
# the default for your application differs. The image.repository is a prime candidate for that.
|
||||
|
||||
replicaCount: 1
|
||||
# revisionHistoryLimit: can be configured to reduce/increase amount of stored replica sets for rollback
|
||||
revisionHistoryLimit: 3
|
||||
image:
|
||||
repository: 2martens/timetable
|
||||
pullPolicy: IfNotPresent
|
||||
# Overrides the image tag whose default is latest
|
||||
tag: "0.1.0"
|
||||
# If image is not accessible for Kubernetes without authentication, configure required secrets here
|
||||
# will be added verbatim to imagePullSecrets in deployment pod template
|
||||
imagePullSecrets: []
|
||||
# Overrides the name being used in, for example, annotations
|
||||
# by default it is the chart name
|
||||
nameOverride: ""
|
||||
# Overrides the name being used for the name of Kubernetes resources
|
||||
# by default release name if it contains the chart name, otherwise releaseName-chartName
|
||||
fullnameOverride: ""
|
||||
serviceAccount:
|
||||
# Specifies whether a service account should be created
|
||||
create: true
|
||||
# Annotations to add to the service account
|
||||
annotations: {}
|
||||
# The name of the service account to use.
|
||||
# If not set and create is true, a name is generated using the fullname template
|
||||
name: ""
|
||||
# Configure annotations for the pod, will be added verbatim to key annotations in pod metadata
|
||||
podAnnotations: {}
|
||||
# Configure the security context of the application pod
|
||||
podSecurityContext: {}
|
||||
# fsGroup: 2000
|
||||
|
||||
# Configure security context of the application container
|
||||
securityContext: {}
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - ALL
|
||||
# readOnlyRootFilesystem: true
|
||||
# runAsNonRoot: true
|
||||
# runAsUser: 1000
|
||||
|
||||
application:
|
||||
port: 12100
|
||||
actuatorPort: 12101
|
||||
namespace: template # update to match the desired namespace
|
||||
profile: prod
|
||||
isSpring: true
|
||||
keycloak:
|
||||
url: https://id.2martens.de
|
||||
realm: 2martens
|
||||
configserver:
|
||||
scheme: http
|
||||
host: configserver.spring-support
|
||||
port: 8888
|
||||
prefix: /config
|
||||
kafka:
|
||||
host: kafka.kafka
|
||||
port: 9092
|
||||
prometheus:
|
||||
enabled: true
|
||||
# only enable if you have the Prometheus operator installed, otherwise it will fail due to missing CRDs
|
||||
useCRDs: true
|
||||
# namespace: the namespace of the Prometheus installation
|
||||
# the value is templated
|
||||
namespace:
|
||||
# name of helm release or argo cd application
|
||||
releaseName:
|
||||
# Overwrite with application specific environment variables
|
||||
# Each item has key and value, where the value is parsed as a template
|
||||
environment:
|
||||
- name: PORT
|
||||
value: "{{ .Values.application.port }}"
|
||||
- name: ACTUATOR_PORT
|
||||
value: "{{ .Values.application.actuatorPort }}"
|
||||
- name: KEYCLOAK_URL
|
||||
value: "{{ .Values.application.keycloak.url }}"
|
||||
- name: KEYCLOAK_REALM
|
||||
value: "{{ .Values.application.keycloak.realm }}"
|
||||
- name: CONFIGSERVER_SCHEME
|
||||
value: "{{ .Values.application.configserver.scheme }}"
|
||||
- name: CONFIGSERVER_HOST
|
||||
value: "{{ .Values.application.configserver.host }}"
|
||||
- name: CONFIGSERVER_PORT
|
||||
value: "{{ .Values.application.configserver.port }}"
|
||||
- name: CONFIGSERVER_PREFIX
|
||||
value: "{{ .Values.application.configserver.prefix }}"
|
||||
- name: KAFKA_HOST
|
||||
value: "{{ .Values.application.kafka.host }}"
|
||||
- name: KAFKA_PORT
|
||||
value: "{{ .Values.application.kafka.port }}"
|
||||
enableServiceLinks: false
|
||||
# Contents of this object will be added to a Kubernetes secret data section and Base64 encoded
|
||||
# External secrets are not supported by this template
|
||||
secrets:
|
||||
# Needs to be overwritten. Will be ignored if vault is enabled.
|
||||
MONGODB_CONNECTION_STRING: ""
|
||||
# Needs to be overwritten. Will be ignored if vault is enabled.
|
||||
CLIENT_SECRET: ""
|
||||
# Configure the service
|
||||
service:
|
||||
type: ClusterIP
|
||||
# port is targeting the containerPort http, described by application.port
|
||||
port: 12100
|
||||
# actuatorPort is targeting the containerPort http-actuator, described by application.actuatorPort
|
||||
# only used if application.isSpring=true
|
||||
actuatorPort: 12101
|
||||
# Configure the liveness probe
|
||||
# Defaults fitting for Spring Boot application that has livenessProbe enabled
|
||||
livenessProbe:
|
||||
enabled: true
|
||||
path: /actuator/health/liveness
|
||||
port: http-actuator
|
||||
initialDelaySeconds: 70
|
||||
periodSeconds: 120
|
||||
# Configure the readiness probe
|
||||
# Defaults fitting for Spring Boot application that has readinessProbe enabled
|
||||
readinessProbe:
|
||||
enabled: true
|
||||
path: /actuator/health/readiness
|
||||
port: http-actuator
|
||||
initialDelaySeconds: 70
|
||||
periodSeconds: 10
|
||||
# Allows you to specify the number of seconds the application can take to answer readinessProbe
|
||||
# before failure is assumed by Kubernetes
|
||||
timeoutSeconds: 1
|
||||
# Configure ingress if desired (exposing app beyond the boundaries of the cluster)
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "public"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: lets-encrypt
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: api.2martens.de
|
||||
paths:
|
||||
- path: /v1/formations/
|
||||
pathType: Prefix
|
||||
- path: /v1/routes/
|
||||
pathType: Prefix
|
||||
- path: /v1/timetables/
|
||||
pathType: Prefix
|
||||
- path: /v1/users/
|
||||
pathType: Prefix
|
||||
- path: /doc/v1/timetable/
|
||||
pathType: Prefix
|
||||
- path: /api-docs/v1/timetable/
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- secretName: timetable-tls
|
||||
hosts:
|
||||
- api.2martens.de
|
||||
resources:
|
||||
requests:
|
||||
cpu: 200m
|
||||
memory: 512Mi
|
||||
limits:
|
||||
cpu: 1000m
|
||||
memory: 512Mi
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
# Configure autoscaling
|
||||
autoscaling:
|
||||
enabled: false
|
||||
minReplicas: 1
|
||||
maxReplicas: 100
|
||||
targetCPUUtilizationPercentage: 80
|
||||
# targetMemoryUtilizationPercentage: 80
|
||||
vault:
|
||||
# If enabled, no ordinary secret resource will be created, even if secrets value is populated.
|
||||
enabled: true
|
||||
# name of the Vault secrets applications
|
||||
applicationName: "timetable"
|
||||
# id of the organization in Vault secrets
|
||||
organizationId: ""
|
||||
# id of the project in Vault secrets
|
||||
projectId: ""
|
||||
# if not provided, vault-secrets-operator-system will be used
|
||||
operatorNamespace: ""
|
||||
# Configure nodeSelector, contents will be added verbatim to key nodeSelector in deployment pod template
|
||||
nodeSelector: {}
|
||||
# Configure tolerations, contents will be added verbatim to key tolerations in deployment pod template
|
||||
tolerations: []
|
||||
# Configure affinity, contents will be added verbatim to key affinity in deployment pod template
|
||||
affinity: {}
|
||||
# podSpec: will be added at the bottom of the pod template in the deployment
|
||||
podSpec: {}
|
||||
# containerSpec: will be added at the bottom of the container specification in the pod template
|
||||
containerSpec: {}
|
|
@ -0,0 +1,27 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
||||
# environment values
|
||||
environments/
|
||||
default_values.yaml
|
||||
overwrite_values.yaml
|
|
@ -0,0 +1,6 @@
|
|||
dependencies:
|
||||
- name: template
|
||||
repository: file://../template
|
||||
version: 0.2.4
|
||||
digest: sha256:c7b42f6956258c0f59f4e7513f925fef4162e251bb3fd05f3e94351be9cdade1
|
||||
generated: "2024-01-06T15:29:31.868909+01:00"
|
|
@ -0,0 +1,28 @@
|
|||
apiVersion: v2
|
||||
name: timetable
|
||||
description: Installs the Timetable backend into the Kubernetes cluster
|
||||
type: application
|
||||
version: 0.1.0
|
||||
maintainers:
|
||||
- name: Jim Martens
|
||||
url: https://2martens.de
|
||||
sources:
|
||||
- https://git.2martens.de/2martens/wahlrecht
|
||||
dependencies:
|
||||
- name: template
|
||||
version: 0.2.4
|
||||
repository: file://../template
|
||||
annotations:
|
||||
artifacthub.io/images: |
|
||||
- name: 2martens/timetable:latest
|
||||
image: 2martens/timetable:latest
|
||||
platforms:
|
||||
- linux/amd64
|
||||
- linux/arm64
|
||||
artifacthub.io/changes: |
|
||||
- kind: added
|
||||
description: Added timetable chart
|
||||
artifacthub.io/signKey: |
|
||||
fingerprint: F0F153B65BAD467201D7544E47393ABD1F96B7C8
|
||||
url: https://mafiasi.de/pks/key/47393ABD1F96B7C8.asc
|
||||
artifacthub.io/prerelease: true
|
|
@ -0,0 +1,41 @@
|
|||
# Wahlrecht API
|
||||
|
||||
This chart installs the Wahlrecht API
|
||||
into the Kubernetes cluster.
|
||||
|
||||
## Configuration
|
||||
|
||||
* by default, it expects a Spring Boot config server running inside the cluster, available under
|
||||
http://configserver:8888/config
|
||||
```yaml
|
||||
application:
|
||||
configserver:
|
||||
host: configserver
|
||||
port: 8888
|
||||
prefix: /config
|
||||
scheme: http
|
||||
```
|
||||
* by default, it expects a Kafka running inside the cluster, available under
|
||||
kafka:9092
|
||||
```yaml
|
||||
application:
|
||||
kafka:
|
||||
host: kafka
|
||||
port: 9092
|
||||
```
|
||||
* configure Keycloak
|
||||
```yaml
|
||||
application:
|
||||
keycloak:
|
||||
url: https://yourKeycloak
|
||||
realm: yourRealm
|
||||
```
|
||||
* configure secrets (the application expects these values to be set)
|
||||
```yaml
|
||||
secrets:
|
||||
MONGODB_CONNECTION_STRING: mongoDBConnectionString
|
||||
CLIENT_SECRET: keycloakClientSecret
|
||||
```
|
||||
Should you want to use, for example, an external secret provider,
|
||||
then you are currently out of luck. The chart does not support that,
|
||||
yet.
|
|
@ -0,0 +1 @@
|
|||
../template/_values.yaml
|
|
@ -0,0 +1,57 @@
|
|||
image:
|
||||
repository: 2martens/timetable
|
||||
|
||||
ingress:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: lets-encrypt
|
||||
tls:
|
||||
- secretName: chart-example-tls
|
||||
hosts:
|
||||
- chart-example.local
|
||||
|
||||
application:
|
||||
port: 12100
|
||||
actuatorPort: 12101
|
||||
keycloak:
|
||||
url: https://id.2martens.de
|
||||
realm: 2martens
|
||||
configserver:
|
||||
scheme: http
|
||||
host: configserver
|
||||
port: 8888
|
||||
prefix: /config
|
||||
kafka:
|
||||
host: kafka
|
||||
port: 9092
|
||||
|
||||
service:
|
||||
port: 12100
|
||||
actuatorPort: 12101
|
||||
|
||||
secrets:
|
||||
# Needs to be overwritten. Will be ignored if vault is enabled.
|
||||
MONGODB_CONNECTION_STRING: ""
|
||||
# Needs to be overwritten. Will be ignored if vault is enabled.
|
||||
CLIENT_SECRET: ""
|
||||
|
||||
environment:
|
||||
- name: PORT
|
||||
value: "{{ .Values.application.port }}"
|
||||
- name: ACTUATOR_PORT
|
||||
value: "{{ .Values.application.actuatorPort }}"
|
||||
- name: KEYCLOAK_URL
|
||||
value: "{{ .Values.application.keycloak.url }}"
|
||||
- name: KEYCLOAK_REALM
|
||||
value: "{{ .Values.application.keycloak.realm }}"
|
||||
- name: CONFIGSERVER_SCHEME
|
||||
value: "{{ .Values.application.configserver.scheme }}"
|
||||
- name: CONFIGSERVER_HOST
|
||||
value: "{{ .Values.application.configserver.host }}"
|
||||
- name: CONFIGSERVER_PORT
|
||||
value: "{{ .Values.application.configserver.port }}"
|
||||
- name: CONFIGSERVER_PREFIX
|
||||
value: "{{ .Values.application.configserver.prefix }}"
|
||||
- name: KAFKA_HOST
|
||||
value: "{{ .Values.application.kafka.host }}"
|
||||
- name: KAFKA_PORT
|
||||
value: "{{ .Values.application.kafka.port }}"
|
|
@ -0,0 +1 @@
|
|||
../template/_templates
|
|
@ -0,0 +1,179 @@
|
|||
# Copy these values to your application chart completely and then modify those bits where
|
||||
# the default for your application differs. The image.repository is a prime candidate for that.
|
||||
|
||||
replicaCount: 1
|
||||
# revisionHistoryLimit: can be configured to reduce/increase amount of stored replica sets for rollback
|
||||
revisionHistoryLimit: 10
|
||||
image:
|
||||
repository: 2martens/timetable
|
||||
pullPolicy: IfNotPresent
|
||||
# Overrides the image tag whose default is latest
|
||||
tag: ""
|
||||
# If image is not accessible for Kubernetes without authentication, configure required secrets here
|
||||
# will be added verbatim to imagePullSecrets in deployment pod template
|
||||
imagePullSecrets: []
|
||||
# Overrides the name being used in, for example, annotations
|
||||
# by default it is the chart name
|
||||
nameOverride: ""
|
||||
# Overrides the name being used for the name of Kubernetes resources
|
||||
# by default release name if it contains the chart name, otherwise releaseName-chartName
|
||||
fullnameOverride: ""
|
||||
serviceAccount:
|
||||
# Specifies whether a service account should be created
|
||||
create: true
|
||||
# Annotations to add to the service account
|
||||
annotations: {}
|
||||
# The name of the service account to use.
|
||||
# If not set and create is true, a name is generated using the fullname template
|
||||
name: ""
|
||||
# Configure annotations for the pod, will be added verbatim to key annotations in pod metadata
|
||||
podAnnotations: {}
|
||||
# Configure the security context of the application pod
|
||||
podSecurityContext: {}
|
||||
# fsGroup: 2000
|
||||
|
||||
# Configure security context of the application container
|
||||
securityContext: {}
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - ALL
|
||||
# readOnlyRootFilesystem: true
|
||||
# runAsNonRoot: true
|
||||
# runAsUser: 1000
|
||||
|
||||
application:
|
||||
port: 12100
|
||||
actuatorPort: 12101
|
||||
namespace: template # update to match the desired namespace
|
||||
profile: prod
|
||||
isSpring: true
|
||||
keycloak:
|
||||
url: https://id.2martens.de
|
||||
realm: 2martens
|
||||
configserver:
|
||||
scheme: http
|
||||
host: configserver
|
||||
port: 8888
|
||||
prefix: /config
|
||||
kafka:
|
||||
host: kafka
|
||||
port: 9092
|
||||
prometheus:
|
||||
enabled: true
|
||||
# only enable if you have the Prometheus operator installed, otherwise it will fail due to missing CRDs
|
||||
useCRDs: false
|
||||
# namespace: the namespace of the Prometheus installation
|
||||
# the value is templated
|
||||
namespace:
|
||||
# name of helm release or argo cd application
|
||||
releaseName:
|
||||
# Overwrite with application specific environment variables
|
||||
# Each item has key and value, where the value is parsed as a template
|
||||
environment:
|
||||
- name: PORT
|
||||
value: "{{ .Values.application.port }}"
|
||||
- name: ACTUATOR_PORT
|
||||
value: "{{ .Values.application.actuatorPort }}"
|
||||
- name: KEYCLOAK_URL
|
||||
value: "{{ .Values.application.keycloak.url }}"
|
||||
- name: KEYCLOAK_REALM
|
||||
value: "{{ .Values.application.keycloak.realm }}"
|
||||
- name: CONFIGSERVER_SCHEME
|
||||
value: "{{ .Values.application.configserver.scheme }}"
|
||||
- name: CONFIGSERVER_HOST
|
||||
value: "{{ .Values.application.configserver.host }}"
|
||||
- name: CONFIGSERVER_PORT
|
||||
value: "{{ .Values.application.configserver.port }}"
|
||||
- name: CONFIGSERVER_PREFIX
|
||||
value: "{{ .Values.application.configserver.prefix }}"
|
||||
- name: KAFKA_HOST
|
||||
value: "{{ .Values.application.kafka.host }}"
|
||||
- name: KAFKA_PORT
|
||||
value: "{{ .Values.application.kafka.port }}"
|
||||
enableServiceLinks: false
|
||||
# Contents of this object will be added to a Kubernetes secret data section and Base64 encoded
|
||||
# External secrets are not supported by this template
|
||||
secrets:
|
||||
# Needs to be overwritten. Will be ignored if vault is enabled.
|
||||
MONGODB_CONNECTION_STRING: ""
|
||||
# Needs to be overwritten. Will be ignored if vault is enabled.
|
||||
CLIENT_SECRET: ""
|
||||
# Configure the service
|
||||
service:
|
||||
type: ClusterIP
|
||||
# port is targeting the containerPort http, described by application.port
|
||||
port: 12100
|
||||
# actuatorPort is targeting the containerPort http-actuator, described by application.actuatorPort
|
||||
# only used if application.isSpring=true
|
||||
actuatorPort: 12101
|
||||
# Configure the liveness probe
|
||||
# Defaults fitting for Spring Boot application that has livenessProbe enabled
|
||||
livenessProbe:
|
||||
enabled: true
|
||||
path: /actuator/health/liveness
|
||||
port: http-actuator
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 120
|
||||
# Configure the readiness probe
|
||||
# Defaults fitting for Spring Boot application that has readinessProbe enabled
|
||||
readinessProbe:
|
||||
enabled: true
|
||||
path: /actuator/health/readiness
|
||||
port: http-actuator
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 10
|
||||
# Allows you to specify the number of seconds the application can take to answer readinessProbe
|
||||
# before failure is assumed by Kubernetes
|
||||
timeoutSeconds: 1
|
||||
# Configure ingress if desired (exposing app beyond the boundaries of the cluster)
|
||||
ingress:
|
||||
enabled: false
|
||||
className: ""
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: lets-encrypt
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: chart-example.local
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- secretName: chart-example-tls
|
||||
hosts:
|
||||
- chart-example.local
|
||||
resources: {}
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
# Configure autoscaling
|
||||
autoscaling:
|
||||
enabled: false
|
||||
minReplicas: 1
|
||||
maxReplicas: 100
|
||||
targetCPUUtilizationPercentage: 80
|
||||
# targetMemoryUtilizationPercentage: 80
|
||||
vault:
|
||||
# If enabled, no ordinary secret resource will be created, even if secrets value is populated.
|
||||
enabled: false
|
||||
# name of the Vault secrets applications
|
||||
applicationName: ""
|
||||
# id of the organization in Vault secrets
|
||||
organizationId: ""
|
||||
# id of the project in Vault secrets
|
||||
projectId: ""
|
||||
# if not provided, vault-secrets-operator-system will be used
|
||||
operatorNamespace: ""
|
||||
# Configure nodeSelector, contents will be added verbatim to key nodeSelector in deployment pod template
|
||||
nodeSelector: {}
|
||||
# Configure tolerations, contents will be added verbatim to key tolerations in deployment pod template
|
||||
tolerations: []
|
||||
# Configure affinity, contents will be added verbatim to key affinity in deployment pod template
|
||||
affinity: {}
|
||||
# podSpec: will be added at the bottom of the pod template in the deployment
|
||||
podSpec: {}
|
||||
# containerSpec: will be added at the bottom of the container specification in the pod template
|
||||
containerSpec: {}
|
|
@ -1,12 +1,12 @@
|
|||
apiVersion: certificates.k8s.io/v1
|
||||
kind: CertificateSigningRequest
|
||||
metadata:
|
||||
name: NAME
|
||||
name: 2martens
|
||||
spec:
|
||||
signerName: kubernetes.io/kube-apiserver-client
|
||||
groups:
|
||||
- system:authenticated
|
||||
request: BASE64_CSR
|
||||
request: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQ1dEQ0NBVUFDQVFBd0V6RVJNQThHQTFVRUF3d0lNbTFoY25SbGJuTXdnZ0VpTUEwR0NTcUdTSWIzRFFFQgpBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRRGV6dEgzQWlhNmJpMmxzMGtIQW5LUDhOUFpWTDlJVldrdnJGS0N3UmZuClRPSnM5Z0dCWmxzbnl4WEl6Y2xBeUFjbzI2d2pKanNKZkUybVFSYlZ0alNqOERORklNeVZsdVloUDRyQS9yYlMKYmFzbEMrTUR1TGh3VGhFRi82UkpaMENudmdGSkc1bUZkbmx0WjdGSDZGTkdPalZWVktxc2FTL0ZRdjE4S0g4NwpabVNmRHdqS3pla2FZSFZyL3F3ZmFLSmpXSm1jd0JhRkw0VGcwcHJrVzBIWm5QTUZVclFFcXM4WEpnekRGQ2xNCkRwRXM1ZDdXYjd0b2Q0K2E4dE80UWFheXB2ZHdUOUc5YWd5QUYyUnNoMmhRakZCSXFtLzkwV2RRM0tGRmI1ZGQKR1l6YmcycnRJR21xb0x3NGxFYXRQU3lPM2lVTnh3MWNidU9tcHlQTnI1aWxBZ01CQUFHZ0FEQU5CZ2txaGtpRwo5dzBCQVFzRkFBT0NBUUVBa3FpMllqU2wzaVRiTXVSa2xRQVRBck5xQWFmaXZXSHJCdVlsdEhTeEFlNDB5aDR6Ci9MOExHQisyREZORmpvTWFIY1ZpdHJMTDRKeGlRay9jSEs5ZW1JdjZNWFpGK3lUa0ZQYkVOeWowZFU3VVBObisKcE1zT1ViRkpKdGsybmJ4Q3JSdkE0ZSt4T2ZHVllxKzdhdS94ZTVvbFBDanVZeWM2UnNiQkRxcDRnbFZzSzUydwp3Vit6Z29QYWpmV05oYnphUDlYZ0dSWVM5RzlrcDJwNEVrbU9OOUltTnJvUjBTbkhSWG1PbllsQlJCY0p0RHhmCmladjI3OFlaQ095cEFOZmtlYThCUU12YWNPbDcwRVlOMnFMbTB5alo5VW5LN1ZuL00wcW5pKy9Wc3hYT1dqc3IKNzNNWHlWdGUzQlUycHUyM3pGQ1doVm83SUt0bmZseHFJbnlyQnc9PQotLS0tLUVORCBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0K
|
||||
usages:
|
||||
- digital signature
|
||||
- key encipherment
|
||||
|
|
|
@ -52,6 +52,9 @@
|
|||
"helm/template": {
|
||||
"releaseType": "helm"
|
||||
},
|
||||
"helm/timetable": {
|
||||
"releaseType": "helm"
|
||||
},
|
||||
"helm/wahlrecht": {
|
||||
"releaseType": "helm"
|
||||
},
|
||||
|
|
Loading…
Reference in New Issue