ContainerImage.Pinniped/deploy-supervisor/values.yaml

#! Copyright 2020 the Pinniped contributors. All Rights Reserved.
#! SPDX-License-Identifier: Apache-2.0

#@data/values
---

app_name: pinniped-supervisor
namespace: pinniped-supervisor

#! Specify how many replicas of the Pinniped server to run.
replicas: 2

#! Specify either an image_digest or an image_tag. If both are given, only image_digest will be used.
image_repo: docker.io/getpinniped/pinniped-server
image_digest: #! e.g. sha256:f3c4fdfd3ef865d4b97a1fd295d94acc3f0c654c46b6f27ffad5cf80216903c8
image_tag: latest

#! Specifies a secret to be used when pulling the above container image.
#! Can be used when the above image_repo is a private registry.
#! Typically the value would be the output of: kubectl create secret docker-registry x --docker-server=https://example.io --docker-username="USERNAME" --docker-password="PASSWORD" --dry-run=client -o json | jq -r '.data[".dockerconfigjson"]'
#! Optional.
image_pull_dockerconfigjson: #! e.g. {"auths":{"https://registry.example.com":{"username":"USERNAME","password":"PASSWORD","auth":"BASE64_ENCODED_USERNAME_COLON_PASSWORD"}}}

#! Specifies the base URL used in the endpoint fields (e.g., authorization_endpoint, jwks_url, etc.)
#! of the OpenID Provider Metadata, as well as the value of the iss JWT claim that will be used by
#! this OIDC provider. Per the OIDC Discovery spec, this URL must use the HTTPS scheme. See
#! https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3.
issuer_url: #! e.g., https://auth.my-org.com
Implement very rough skeleton of the start of a supervisor server - This is just stab at a starting place because it felt easier to put something down on paper than to keep staring at a blank page 2020-10-06 00:28:19 +00:00			`#! Copyright 2020 the Pinniped contributors. All Rights Reserved.`
			`#! SPDX-License-Identifier: Apache-2.0`

			`#@data/values`
			`---`

			`app_name: pinniped-supervisor`
			`namespace: pinniped-supervisor`

			`#! Specify how many replicas of the Pinniped server to run.`
			`replicas: 2`

			`#! Specify either an image_digest or an image_tag. If both are given, only image_digest will be used.`
			`image_repo: docker.io/getpinniped/pinniped-server`
			`image_digest: #! e.g. sha256:f3c4fdfd3ef865d4b97a1fd295d94acc3f0c654c46b6f27ffad5cf80216903c8`
			`image_tag: latest`

			`#! Specifies a secret to be used when pulling the above container image.`
			`#! Can be used when the above image_repo is a private registry.`
			`#! Typically the value would be the output of: kubectl create secret docker-registry x --docker-server=https://example.io --docker-username="USERNAME" --docker-password="PASSWORD" --dry-run=client -o json \| jq -r '.data[".dockerconfigjson"]'`
			`#! Optional.`
			`image_pull_dockerconfigjson: #! e.g. {"auths":{"https://registry.example.com":{"username":"USERNAME","password":"PASSWORD","auth":"BASE64_ENCODED_USERNAME_COLON_PASSWORD"}}}`
supervisor-oidc: create dynamic config in YTT templates Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-10-06 14:12:29 +00:00
			`#! Specifies the base URL used in the endpoint fields (e.g., authorization_endpoint, jwks_url, etc.)`
			`#! of the OpenID Provider Metadata, as well as the value of the iss JWT claim that will be used by`
			`#! this OIDC provider. Per the OIDC Discovery spec, this URL must use the HTTPS scheme. See`
			`#! https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3.`
			`issuer_url: #! e.g., https://auth.my-org.com`