-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathvalues.yaml
100 lines (86 loc) · 2.4 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# Default values for kube-openid-connect.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
TimeZone: Europe/Budapest
server:
debug: false
oidcRedirectUrlHttpScema: http
# redirect after logout
oidcOutURL: https://devopstales.github.io/tags/kube-openid-connect/
# http or https
oidcRedirectUrlHost: chart-example.local
# same es ingres host
oidcServerURL:
oidcClientID:
oidcSecret:
k8sContext:
k8sApiServer:
# `k8sApiServer` is the url for kubectl
# This is typically https://api.fqdn
k8sCaCrt: |-
-----BEGIN CERTIFICATE-----
CA
-----END CERTIFICATE-----
# `caCrt` is the public / CA cert for the cluster
# cat /etc/kubernetes/pki/apiserver.crt
image:
repository: devopstales/kube-openid-connector
tag: "1.0"
pullPolicy: IfNotPresent
imagePullSecrets: []
# - neme:
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext:
fsGroup: 10001
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
port: 5000
ingress:
enabled: true
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
# cert-manager.io/cluster-issuer: ca-issuer
# nginx.ingress.kubernetes.io/proxy-buffer-size: "64k"
# ingress.kubernetes.io/force-ssl-redirect: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
affinity: {}