infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/step-ca-chart/values.yaml - incubator-datalab - Git at Google

 # *****************************************************************************
 #
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 #   http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
 #
 # ******************************************************************************

 # Default values for step-certificates.

 # replicaCount is the number of replicas of step-certificates.
 # Only one replica is supported at this time.
 replicaCount: 1

 # nameOverride overrides the name of the chart.
 nameOverride: ""
 # fullnameOverride overrides the full name of the chart.
 fullnameOverride: ""

 # image contains the docker image for step-certificates.
 image:
   repository: smallstep/step-ca
   tag: 0.13.2
   pullPolicy: IfNotPresent

 # bootstrapImage contains the docker image for the bootstrap of the configuration.
 bootstrapImage:
   repository: smallstep/step-ca-bootstrap
   tag: latest
   pullPolicy: IfNotPresent

 # service contains configuration for the kubernetes service.
 service:
   type: ClusterIP
   port: 443
   targetPort: 9000

 # ca contains the certificate authority configuration.
 ca:
   # name is new public key infrastructure (PKI) names.
   name: dlab-step-ca
   # address is the HTTP listener address of step-certificates.
   address: :9000
   # dns is the comma separated dns names to use. Leave it empty to use the format:
   # {include "step-certificates.fullname" .}.{ .Release.Namespace}.svc.cluster.local,127.0.0.1
   dns: ${step_chart_name}.${namespace}.svc.cluster.local,${step_ca_host}
   # ${step_ca_host}
   # url is the http url where step-certificates will listen at. Leave it empty to use the format
   # https://{{ include "step-certificates.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
   url: https://${step_chart_name}.${namespace}.svc.cluster.local
   #${step_ca_host}
   # password is the password used to encrypt the keys. Leave it empty to generate a random one.
   password: ${step_ca_password}
   # provisioner contains the step-certificates provisioner configuration.
   provisioner:
     # name is the new provisioner name.
     name: admin
     # password is the password used to encrypt the provisioner private key.
     password: ${step_ca_provisioner_password}
   # db contains the step-certificate dataabase configuration.
   db:
     # enabled defines if the database is enabled.
     enabled: true
     # persistent defines if a Persistent Volume Claim is used, if false and emptyDir will be used.
     persistent: true
     # storeageClass is Persistent Volume Storage Class
     # If defined, storageClassName: <storageClass>.
     # If set to "-", storageClassName: "", which disables dynamic provisioning.
     # If undefined or set to null, no storageClassName spec is set, choosing the
     # default provisioner (gp2 on AWS, standard on GKE, AWS & OpenStack).
     storageClass: standard
     # accessModes defines the Persistent Volume Access Mode.
     accessModes:
       - ReadWriteOnce
     # size is the Persistent Volume size.
     size: 10Gi
   # runAsRoot runs the ca as root instead of the step user. This is required in
   # some storage provisioners.
   runAsRoot: false

 # autocert is used to configure the autocert chart that depends on step-certificates.
 autocert:
   enabled: false

 # ingress contains the configuration for an ingress controller.
 ingress:
   enabled: false
   annotations: {}
   hosts: []
   tls: []

 # resources contains the CPU/memory resource requests/limits.
 resources: {}
   # We usually recommend not to specify default resources and to leave this as a conscious
   # choice for the user. This also increases chances charts run on environments with little
   # resources, such as Minikube. If you do want to specify resources, uncomment the following
   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
   # limits:
   #   cpu: 100m
   #   memory: 128Mi
   # requests:
   #   cpu: 100m
 #   memory: 128Mi

 # nodeSelector contains the node labels for pod assignment.
 nodeSelector: {}

 # tolerations contains the toleration labels for pod assignment.
 tolerations: []

 # affinity contains the affinity settings for pod assignment.
 affinity: {}
	# *****************************************************************************
	#
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.
	#
	# ******************************************************************************

	# Default values for step-certificates.

	# replicaCount is the number of replicas of step-certificates.
	# Only one replica is supported at this time.
	replicaCount: 1

	# nameOverride overrides the name of the chart.
	nameOverride: ""
	# fullnameOverride overrides the full name of the chart.
	fullnameOverride: ""

	# image contains the docker image for step-certificates.
	image:
	repository: smallstep/step-ca
	tag: 0.13.2
	pullPolicy: IfNotPresent

	# bootstrapImage contains the docker image for the bootstrap of the configuration.
	bootstrapImage:
	repository: smallstep/step-ca-bootstrap
	tag: latest
	pullPolicy: IfNotPresent

	# service contains configuration for the kubernetes service.
	service:
	type: ClusterIP
	port: 443
	targetPort: 9000

	# ca contains the certificate authority configuration.
	ca:
	# name is new public key infrastructure (PKI) names.
	name: dlab-step-ca
	# address is the HTTP listener address of step-certificates.
	address: :9000
	# dns is the comma separated dns names to use. Leave it empty to use the format:
	# {include "step-certificates.fullname" .}.{ .Release.Namespace}.svc.cluster.local,127.0.0.1
	dns: ${step_chart_name}.${namespace}.svc.cluster.local,${step_ca_host}
	# ${step_ca_host}
	# url is the http url where step-certificates will listen at. Leave it empty to use the format
	# https://{{ include "step-certificates.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
	url: https://${step_chart_name}.${namespace}.svc.cluster.local
	#${step_ca_host}
	# password is the password used to encrypt the keys. Leave it empty to generate a random one.
	password: ${step_ca_password}
	# provisioner contains the step-certificates provisioner configuration.
	provisioner:
	# name is the new provisioner name.
	name: admin
	# password is the password used to encrypt the provisioner private key.
	password: ${step_ca_provisioner_password}
	# db contains the step-certificate dataabase configuration.
	db:
	# enabled defines if the database is enabled.
	enabled: true
	# persistent defines if a Persistent Volume Claim is used, if false and emptyDir will be used.
	persistent: true
	# storeageClass is Persistent Volume Storage Class
	# If defined, storageClassName: <storageClass>.
	# If set to "-", storageClassName: "", which disables dynamic provisioning.
	# If undefined or set to null, no storageClassName spec is set, choosing the
	# default provisioner (gp2 on AWS, standard on GKE, AWS & OpenStack).
	storageClass: standard
	# accessModes defines the Persistent Volume Access Mode.
	accessModes:
	- ReadWriteOnce
	# size is the Persistent Volume size.
	size: 10Gi
	# runAsRoot runs the ca as root instead of the step user. This is required in
	# some storage provisioners.
	runAsRoot: false

	# autocert is used to configure the autocert chart that depends on step-certificates.
	autocert:
	enabled: false

	# ingress contains the configuration for an ingress controller.
	ingress:
	enabled: false
	annotations: {}
	hosts: []
	tls: []

	# resources contains the CPU/memory resource requests/limits.
	resources: {}
	# We usually recommend not to specify default resources and to leave this as a conscious
	# choice for the user. This also increases chances charts run on environments with little
	# resources, such as Minikube. If you do want to specify resources, uncomment the following
	# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
	# limits:
	# cpu: 100m
	# memory: 128Mi
	# requests:
	# cpu: 100m
	# memory: 128Mi

	# nodeSelector contains the node labels for pod assignment.
	nodeSelector: {}

	# tolerations contains the toleration labels for pod assignment.
	tolerations: []

	# affinity contains the affinity settings for pod assignment.
	affinity: {}