006d96ab92
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
29 lines
1.5 KiB
YAML
29 lines
1.5 KiB
YAML
#! Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
|
#! SPDX-License-Identifier: Apache-2.0
|
|
|
|
#@data/values
|
|
---
|
|
|
|
app_name: pinniped-supervisor
|
|
namespace: pinniped-supervisor
|
|
|
|
#! Specify how many replicas of the Pinniped server to run.
|
|
replicas: 2
|
|
|
|
#! Specify either an image_digest or an image_tag. If both are given, only image_digest will be used.
|
|
image_repo: docker.io/getpinniped/pinniped-server
|
|
image_digest: #! e.g. sha256:f3c4fdfd3ef865d4b97a1fd295d94acc3f0c654c46b6f27ffad5cf80216903c8
|
|
image_tag: latest
|
|
|
|
#! Specifies a secret to be used when pulling the above container image.
|
|
#! Can be used when the above image_repo is a private registry.
|
|
#! Typically the value would be the output of: kubectl create secret docker-registry x --docker-server=https://example.io --docker-username="USERNAME" --docker-password="PASSWORD" --dry-run=client -o json | jq -r '.data[".dockerconfigjson"]'
|
|
#! Optional.
|
|
image_pull_dockerconfigjson: #! e.g. {"auths":{"https://registry.example.com":{"username":"USERNAME","password":"PASSWORD","auth":"BASE64_ENCODED_USERNAME_COLON_PASSWORD"}}}
|
|
|
|
#! Specifies the base URL used in the endpoint fields (e.g., authorization_endpoint, jwks_url, etc.)
|
|
#! of the OpenID Provider Metadata, as well as the value of the iss JWT claim that will be used by
|
|
#! this OIDC provider. Per the OIDC Discovery spec, this URL must use the HTTPS scheme. See
|
|
#! https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.3.
|
|
issuer_url: #! e.g., https://auth.my-org.com
|