2025-08-18 03:24:07 +00:00
|
|
|
# Default values for freeleaps-secret-operator
|
|
|
|
|
replicaCount: 1
|
|
|
|
|
|
2025-08-18 03:57:36 +00:00
|
|
|
secret-operator:
|
2025-08-18 03:49:26 +00:00
|
|
|
image:
|
|
|
|
|
registry: docker.io
|
|
|
|
|
repository: freeleaps/secret-operator
|
|
|
|
|
pullPolicy: IfNotPresent
|
|
|
|
|
tag: "latest"
|
|
|
|
|
name: "secret-operator"
|
2025-08-18 03:24:07 +00:00
|
|
|
|
|
|
|
|
imagePullSecrets: []
|
|
|
|
|
nameOverride: ""
|
|
|
|
|
fullnameOverride: ""
|
|
|
|
|
|
|
|
|
|
serviceAccount:
|
|
|
|
|
create: true
|
|
|
|
|
annotations: {}
|
|
|
|
|
name: "freeleaps-secret-operator"
|
|
|
|
|
|
|
|
|
|
podAnnotations: {}
|
|
|
|
|
|
|
|
|
|
podSecurityContext: {}
|
|
|
|
|
|
|
|
|
|
securityContext:
|
|
|
|
|
allowPrivilegeEscalation: false
|
|
|
|
|
readOnlyRootFilesystem: true
|
|
|
|
|
runAsNonRoot: true
|
|
|
|
|
runAsUser: 1000
|
|
|
|
|
capabilities:
|
|
|
|
|
drop:
|
|
|
|
|
- ALL
|
|
|
|
|
|
|
|
|
|
resources:
|
|
|
|
|
limits:
|
|
|
|
|
cpu: 500m
|
|
|
|
|
memory: 512Mi
|
|
|
|
|
requests:
|
|
|
|
|
cpu: 100m
|
|
|
|
|
memory: 128Mi
|
|
|
|
|
|
|
|
|
|
nodeSelector: {}
|
|
|
|
|
|
|
|
|
|
tolerations: []
|
|
|
|
|
|
|
|
|
|
affinity: {}
|
|
|
|
|
|
|
|
|
|
# Operator specific configuration
|
|
|
|
|
operator:
|
|
|
|
|
# General Configuration
|
|
|
|
|
debug: false
|
|
|
|
|
apiServerPort: 8080
|
|
|
|
|
watchedNamespaces: "" # Empty means watch all namespaces
|
|
|
|
|
k8sClusterDomain: "kubernetes.default.svc.freeleaps.cluster"
|
|
|
|
|
autoDiscoverK8sClusterDomainMaxRetries: 5
|
|
|
|
|
|
|
|
|
|
# Kopf Configuration
|
|
|
|
|
kopfPeeringName: "freeleaps-secret-operator"
|
|
|
|
|
leaderElection:
|
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
|
|
# Namespace where the operator will be deployed
|
|
|
|
|
namespace: "freeleaps-devops-system"
|
|
|
|
|
|
|
|
|
|
# Azure Key Vault Configuration
|
|
|
|
|
# These values should be provided through a secret
|
|
|
|
|
azureKeyVault:
|
|
|
|
|
# If true, will create a secret for Azure Key Vault credentials
|
|
|
|
|
createSecret: true
|
|
|
|
|
# Reference to existing secret containing Azure credentials
|
|
|
|
|
existingSecret: ""
|
|
|
|
|
# Values used if createSecret is true
|
|
|
|
|
credentials:
|
|
|
|
|
tenantId: ""
|
|
|
|
|
clientId: ""
|
|
|
|
|
clientSecret: ""
|
|
|
|
|
vaultUrl: ""
|
|
|
|
|
vaultName: ""
|
|
|
|
|
subscriptionId: ""
|
|
|
|
|
resourceGroup: ""
|
|
|
|
|
|
|
|
|
|
# JWT Configuration
|
|
|
|
|
jwt:
|
|
|
|
|
# If true, will create a secret for JWT configuration
|
|
|
|
|
createSecret: true
|
|
|
|
|
# Reference to existing secret containing JWT configuration
|
|
|
|
|
existingSecret: ""
|
|
|
|
|
# Values used if createSecret is true
|
|
|
|
|
config:
|
|
|
|
|
secretKey: "your-secret-key-change-in-production"
|
|
|
|
|
algorithm: "HS256"
|
|
|
|
|
|
|
|
|
|
# HMAC Configuration
|
|
|
|
|
hmac:
|
|
|
|
|
# If true, will create a secret for HMAC configuration
|
|
|
|
|
createSecret: true
|
|
|
|
|
# Reference to existing secret containing HMAC configuration
|
|
|
|
|
existingSecret: ""
|
|
|
|
|
# Values used if createSecret is true
|
|
|
|
|
config:
|
|
|
|
|
secretKey: "your-hmac-secret-key-change-in-production"
|
|
|
|
|
|
|
|
|
|
# CRDs configuration
|
|
|
|
|
crds:
|
|
|
|
|
install: false # Set to false if you want to manage CRDs separately
|
|
|
|
|
|
2025-08-18 04:16:59 +00:00
|
|
|
apiServerService:
|
|
|
|
|
enabled: true
|
2025-08-18 03:24:07 +00:00
|
|
|
service:
|
|
|
|
|
type: ClusterIP
|
|
|
|
|
port: 8080
|
