ContainerImage.Pinniped/deploy/values.yaml

#! Copyright 2020 the Pinniped contributors. All Rights Reserved.
#! SPDX-License-Identifier: Apache-2.0

#@data/values
---

app_name: pinniped
namespace: pinniped

#! Specify how many replicas of the Pinniped server to run.
replicas: 2

#! Specify either an image_digest or an image_tag. If both are given, only image_digest will be used.
image_repo: docker.io/getpinniped/pinniped-server
image_digest: #! e.g. sha256:f3c4fdfd3ef865d4b97a1fd295d94acc3f0c654c46b6f27ffad5cf80216903c8
image_tag: latest

#! Specifies a secret to be used when pulling the above container image.
#! Can be used when the above image_repo is a private registry.
#! Typically the value would be the output of: kubectl create secret docker-registry x --docker-server=https://example.io --docker-username="USERNAME" --docker-password="PASSWORD" --dry-run=client -o json | jq -r '.data[".dockerconfigjson"]'
#! Optional.
image_pull_dockerconfigjson: #! e.g. {"auths":{"https://registry.example.com":{"username":"USERNAME","password":"PASSWORD","auth":"BASE64_ENCODED_USERNAME_COLON_PASSWORD"}}}

#! Pinniped will try to guess the right K8s API URL for sharing that information with potential clients.
#! This settings allows the guess to be overridden.
#! Optional.
discovery_url: #! e.g., https://example.com

#! Specify the duration and renewal interval for the API serving certificate.
#! The defaults are set to expire the cert about every 30 days, and to rotate it
#! about every 25 days.
api_serving_certificate_duration_seconds: 2592000
api_serving_certificate_renew_before_seconds: 2160000
Update copyright to reference Pinniped contributors Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-09-16 14:05:51 +00:00			`#! Copyright 2020 the Pinniped contributors. All Rights Reserved.`
Upon pod startup, update the Status of CredentialIssuerConfig - Indicate the success or failure of the cluster signing key strategy - Also introduce the concept of "capabilities" of an integration test cluster to allow the integration tests to be run against clusters that do or don't allow the borrowing of the cluster signing key - Tests that are not expected to pass on clusters that lack the borrowing of the signing key capability are now ignored by calling the new library.SkipUnlessClusterHasCapability test helper - Rename library.Getenv to library.GetEnv - Add copyrights where they were missing 2020-08-25 01:07:34 +00:00			`#! SPDX-License-Identifier: Apache-2.0`

Example deployment Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-07-07 20:17:34 +00:00			`#@data/values`
			`---`
Allow optionally using a tag instead of a digest in deployment.yaml 2020-07-09 17:16:46 +00:00
Rename project 2020-08-20 17:54:15 +00:00			`app_name: pinniped`
Doc updates 2020-08-27 17:14:03 +00:00			`namespace: pinniped`
Allow optionally using a tag instead of a digest in deployment.yaml 2020-07-09 17:16:46 +00:00
Add a ytt template value for replica count. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-09-04 03:52:01 +00:00			`#! Specify how many replicas of the Pinniped server to run.`
			`replicas: 2`

Allow optionally using a tag instead of a digest in deployment.yaml 2020-07-09 17:16:46 +00:00			`#! Specify either an image_digest or an image_tag. If both are given, only image_digest will be used.`
Use public container images for codegen as as defaults when deploying Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-09-16 22:46:51 +00:00			`image_repo: docker.io/getpinniped/pinniped-server`
Example deployment Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-07-07 20:17:34 +00:00			`image_digest: #! e.g. sha256:f3c4fdfd3ef865d4b97a1fd295d94acc3f0c654c46b6f27ffad5cf80216903c8`
Use public container images for codegen as as defaults when deploying Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-09-16 22:46:51 +00:00			`image_tag: latest`
Allow optionally using a tag instead of a digest in deployment.yaml 2020-07-09 17:16:46 +00:00
local-user-authenticator can be deployed from a private registry image - Also add more comment to the values.yaml files to make the options more clear 2020-09-17 23:07:31 +00:00			`#! Specifies a secret to be used when pulling the above container image.`
			`#! Can be used when the above image_repo is a private registry.`
			`#! Typically the value would be the output of: kubectl create secret docker-registry x --docker-server=https://example.io --docker-username="USERNAME" --docker-password="PASSWORD" --dry-run=client -o json \| jq -r '.data[".dockerconfigjson"]'`
			`#! Optional.`
			`image_pull_dockerconfigjson: #! e.g. {"auths":{"https://registry.example.com":{"username":"USERNAME","password":"PASSWORD","auth":"BASE64_ENCODED_USERNAME_COLON_PASSWORD"}}}`

			`#! Pinniped will try to guess the right K8s API URL for sharing that information with potential clients.`
			`#! This settings allows the guess to be overridden.`
			`#! Optional.`
Bring over ytt values.yaml update from discovery PR - We are temporarily adding this change on the main branch so that CI works with the main branch and we can iterate on our changes on our PR branch. Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-08-03 18:40:18 +00:00			`discovery_url: #! e.g., https://example.com`
Add image pull secret as a data value for our ytt templates Signed-off-by: Aram Price <pricear@vmware.com> 2020-08-13 00:02:43 +00:00
deploy: add API cert config map values Signed-off-by: Andrew Keesler <akeesler@vmware.com> 2020-08-20 21:13:02 +00:00			`#! Specify the duration and renewal interval for the API serving certificate.`
			`#! The defaults are set to expire the cert about every 30 days, and to rotate it`
			`#! about every 25 days.`
			`api_serving_certificate_duration_seconds: 2592000`
			`api_serving_certificate_renew_before_seconds: 2160000`