This repository has been archived by the owner on Mar 22, 2024. It is now read-only.
/
values.yaml
86 lines (71 loc) · 2.09 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# Default values for spire-agent.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
image:
# registry: gcr.io
# repository: spiffe-io/spire-agent
registry: ghcr.io
repository: spiffe/spire-agent
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
version: ""
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# requests:
# cpu: 50m
# memory: 64Mi
# limits:
# cpu: 100m
# memory: 128Mi
nodeSelector:
kubernetes.io/arch: amd64
logLevel: info
clusterName: example-cluster
trustDomain: example.org
bundleConfigMap: spire-bundle
server:
port: 8081
healthChecks:
# -- override the host port used for health checking
port: 9980
waitForIt:
image:
registry: cgr.dev
repository: chainguard/wait-for-it
pullPolicy: IfNotPresent
version: latest-20230113
resources: {}
telemetry:
prometheus:
enabled: false
port: 9988
# workloadAttestors determine a workload's properties and then generate a set of selectors associated with it.
workloadAttestors:
# unix is a workload attestor which generates unix-based selectors like 'uid' and 'gid'.
unix:
# -- enables the Unix workload attestor
enabled: false