6e59596285
- Indicate the success or failure of the cluster signing key strategy - Also introduce the concept of "capabilities" of an integration test cluster to allow the integration tests to be run against clusters that do or don't allow the borrowing of the cluster signing key - Tests that are not expected to pass on clusters that lack the borrowing of the signing key capability are now ignored by calling the new library.SkipUnlessClusterHasCapability test helper - Rename library.Getenv to library.GetEnv - Add copyrights where they were missing
29 lines
1.2 KiB
YAML
29 lines
1.2 KiB
YAML
#! Copyright 2020 VMware, Inc.
|
|
#! SPDX-License-Identifier: Apache-2.0
|
|
|
|
#@data/values
|
|
---
|
|
|
|
app_name: pinniped
|
|
|
|
namespace: #! e.g. pinniped
|
|
|
|
#! Specify either an image_digest or an image_tag. If both are given, only image_digest will be used.
|
|
image_repo: #! e.g. registry.example.com/your-project-name/repo-name
|
|
image_digest: #! e.g. sha256:f3c4fdfd3ef865d4b97a1fd295d94acc3f0c654c46b6f27ffad5cf80216903c8
|
|
image_tag: #! e.g. latest
|
|
|
|
webhook_url: #! e.g., https://example.com
|
|
webhook_ca_bundle: #! e.g., LS0tLS1CRUdJTiBDRVJUSUZJQ0F...
|
|
|
|
discovery_url: #! e.g., https://example.com
|
|
|
|
#! e.g. the output of: kubectl create secret docker-registry x --docker-server=https://example.io --docker-username="USERNAME" --docker-password="PASSWORD" --dry-run=client -o json | jq -r '.data[".dockerconfigjson"]'
|
|
image_pull_dockerconfigjson: #! e.g. {"auths":{"https://registry.example.com":{"username":"USERNAME","password":"PASSWORD","auth":"BASE64_ENCODED_USERNAME_COLON_PASSWORD"}}}
|
|
|
|
#! Specify the duration and renewal interval for the API serving certificate.
|
|
#! The defaults are set to expire the cert about every 30 days, and to rotate it
|
|
#! about every 25 days.
|
|
api_serving_certificate_duration_seconds: 2592000
|
|
api_serving_certificate_renew_before_seconds: 2160000
|