-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathvalues.yaml
184 lines (164 loc) · 7.44 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
# Default values for steadybit-extension-aws.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
aws:
# aws.assumeRoles -- List of AWS IAM roles the extension should assume. You can use `--set aws.assumeRoles="{ARN1,ARN2}"` to set this value via the Helm CLI.
assumeRoles: []
# aws.regions -- Optional list of AWS regions to use. If not set, the extension will use the region provided by the authentication. (https://github.com/steadybit/extension-aws?tab=readme-ov-file#multi-region-support)
regions: []
discovery:
disabled:
# aws.discovery.disabled.ec2 -- Disables EC2 discovery and the related actions.
ec2: false
# aws.discovery.disabled.ecs -- Disables ECS discovery and the related actions. (BETA feature, disabled by default)
ecs: true
# aws.discovery.disabled.elasticache -- Disables Elasticache replication group discovery and the related actions. (BETA feature, disabled by default)
elasticache: true
# aws.discovery.disabled.elb -- Disables ELB discovery and the related actions. (BETA feature, disabled by default)
elb: true
# aws.discovery.disabled.fis -- Disables FIS discovery and the related actions.
fis: false
# aws.discovery.disabled.msk -- Disables MSK discovery and the related actions.
msk: false
# aws.discovery.disabled.lambda -- Disables Lambda discovery and the related actions.
lambda: false
# aws.discovery.disabled.rds -- Disables RDS discovery and the related actions.
rds: false
# aws.discovery.disabled.subnet -- Disables Subnet discovery and the related actions.
subnet: false
# aws.discovery.disabled.vpc -- Disables VPC discovery and the related actions.
vpc: false
# aws.discovery.disabled.zone -- Disables AZ discovery and the related actions.
zone: false
attributes:
excludes:
# aws.discovery.attributes.excludes.ec2 -- List of attributes to exclude from EC2 discovery.
ec2: []
# aws.discovery.attributes.excludes.ecs -- List of attributes to exclude from ECS discovery.
ecs: []
# aws.discovery.attributes.excludes.elasticache -- List of attributes to exclude from Elasticache discovery.
elasticache: []
# aws.discovery.attributes.excludes.elb -- List of attributes to exclude from ELB discovery.
elb: []
# aws.discovery.attributes.excludes.fis -- List of attributes to exclude from FIS discovery.
fis: []
# aws.discovery.attributes.excludes.msk -- List of attributes to exclude from MSK discovery.
msk: []
# aws.discovery.attributes.excludes.lambda -- List of attributes to exclude from Lambda discovery.
lambda: []
# aws.discovery.attributes.excludes.subnet -- List of attributes to exclude from Subnet discovery.
subnet: []
# aws.discovery.attributes.excludes.rds -- List of attributes to exclude from RDS discovery.
rds: []
# aws.discovery.attributes.excludes.zone -- List of attributes to exclude from AZ discovery.
zone: []
image:
# image.name -- The container image to use for the steadybit AWS extension.
name: ghcr.io/steadybit/extension-aws
# image.tag -- tag name of the extension-aws container image to use. Defaults to appVersion of this chart.
# See https://hub.docker.com/r/steadybit/extension-aws for all tags.
tag: null
# image.pullPolicy -- Specifies when to pull the image.
pullPolicy: Always
tls:
server:
certificate:
# tls.server.certificate.fromSecret -- The name of the secret containing the TLS certificate for the extension.
# The extension will then create an HTTPS server instead of an HTTP server.
fromSecret: null
# tls.server.certificate.path --Path to the TLS certificate for the extension.
path: null
key:
# tls.server.certificate.key-path --Path to the key for the TLS certificate for the extension.
path: null
client:
certificates:
# tls.client.certificates.fromSecrets -- List of secret names containing TLS certificates for the extension to trust.
# The extension will require clients to authenticate using one of these certificates. In essence, this will enable mutual TLS.
fromSecrets: []
# tls.client.certificates.paths -- List paths containing TLS certificates for the extension to trust.
# The extension will require clients to authenticate using one of these certificates. In essence, this will enable mutual TLS.
paths: []
logging:
# logging.level -- The active log level. Valid values are: TRACE, DEBUG, INFO, WARN, ERROR
level: INFO
# logging.format -- The format of the log entries. One of text, json
format: text
probes:
# probes.readiness.* -- Configuration of the Kubernetes readiness probe
readiness:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
# probes.liveness.* -- Configuration of the Kubernetes liveness probe
liveness:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
resources:
requests:
# resources.requests.memory -- The minimal amount of memory needed
memory: "16Mi"
# resources.requests.cpu -- The minimal amount of cpu shares needed
cpu: "50m"
limits:
# resources.limits.memory -- The limit of memory to be used
memory: "32Mi"
# resources.limits.cpu -- The limit of cpu share to be used during its interval
cpu: "200m"
serviceAccount:
# serviceAccount.create -- Specifies whether a ServiceAccount should be created.
create: true
# serviceAccount.name -- The name of the ServiceAccount to use. If not set and `create` is true, a name is generated using the fullname template.
name: steadybit-extension-aws
# serviceAccount.eksRoleArn -- The arn of the IAM role - [see AWS docs](https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html)
eksRoleArn: null
# extra labels to apply to the Kubernetes resources
extraLabels: {}
# deploymentAnnotations: Additional annotations to be added to the deployment.
deploymentAnnotations: {}
# podAnnotations -- Additional annotations to be added to the pods.
podAnnotations: {}
# podLabels -- Additional labels to be added to the pods.
podLabels: {}
# nodeSelector -- Node labels for pod assignment
nodeSelector: {}
# tolerations -- Tolerations to influence pod assignment
tolerations: []
# topologySpreadConstraints -- Spread constraints to influence pod assignment.
# https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
topologySpreadConstraints: []
# affinity -- Affinities to influence pod assignment.
affinity: {}
# priorityClassName -- Priority class used to influence pod scheduling priority.
priorityClassName: null
# podSecurityContext -- SecurityContext to apply to the pod.
podSecurityContext:
seccompProfile:
type: RuntimeDefault
runAsNonRoot: true
# containerSecurityContext -- SecurityContext to apply to the container.
containerSecurityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
# extraEnv -- Array with extra environment variables to add to the container
# e.g:
# extraEnv:
# - name: FOO
# value: "bar"
extraEnv: []
# extraEnvFrom -- Array with extra environment variables sources to add to the container
# e.g:
# extraEnvFrom:
# - configMapRef:
# name: env-configmap
# - secretRef:
# name: env-secrets
extraEnvFrom: []