Add fluxcd-config value

Signed-off-by: Rokibul Hasan <[email protected]>

charts/fluxcd-addon-manager/values.yaml

@@ -7,4 +7,307 @@ kubectl:
   image: ghcr.io/appscode/kubectl:1.23
 
 fluxcdConfig:
+  # Fluxcd global config
+
   installCRDs: true
+
+  multitenancy:
+    # -- Implement the patches for Multi-tenancy lockdown.
+    # See https://fluxcd.io/docs/installation/#multi-tenancy-lockdown
+    enabled: false
+    # -- All Kustomizations and HelmReleases which don’t have spec.serviceAccountName
+    # specified, will use the default account from the tenant’s namespace.
+    # Tenants have to specify a service account in their Flux resources to be able
+    # to deploy workloads in their namespaces as the default account has no permissions.
+    defaultServiceAccount: "default"
+    # -- Both kustomize-controller and helm-controller service accounts run privileged
+    # with cluster-admin ClusterRoleBinding. Disable if you want to run them with a
+    # minimum set of permissions.
+    privileged: true
+
+  clusterDomain: cluster.local
+
+  cli:
+    image: ghcr.io/fluxcd/flux-cli
+    tag: v2.1.1
+    nodeSelector: { }
+    affinity: { }
+    tolerations: [ ]
+    annotations: { }
+    serviceAccount:
+      automount: true
+
+  # controllers
+
+  helmController:
+    create: true
+    image: ghcr.io/fluxcd/helm-controller
+    tag: v0.36.1
+    resources:
+      limits: { }
+      # cpu: 1000m
+      # memory: 1Gi
+      requests:
+        cpu: 100m
+        memory: 64Mi
+    priorityClassName: ""
+    annotations:
+      prometheus.io/port: "8080"
+      prometheus.io/scrape: "true"
+    labels:
+      "byte.builders/managed": "true"
+    container:
+      additionalArgs: [ ]
+    extraEnv: [ ]
+    serviceAccount:
+      create: true
+      automount: true
+      annotations: { }
+    imagePullPolicy: ""
+    nodeSelector: { }
+    # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#affinity-v1-core
+    # for example:
+    #   affinity:
+    #     nodeAffinity:
+    #      requiredDuringSchedulingIgnoredDuringExecution:
+    #        nodeSelectorTerms:
+    #        - matchExpressions:
+    #          - key: foo.bar.com/role
+    #            operator: In
+    #            values:
+    #            - master
+
+    affinity: { }
+    # expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core
+    # for example:
+    #   tolerations:
+    #   - key: foo.bar.com/role
+    #     operator: Equal
+    #     value: master
+    #     effect: NoSchedule
+
+    tolerations: [ ]
+
+  imageAutomationController:
+    create: false
+    image: ghcr.io/fluxcd/image-automation-controller
+    tag: v0.36.1
+    resources:
+      limits: { }
+      # cpu: 1000m
+      # memory: 1Gi
+      requests:
+        cpu: 100m
+        memory: 64Mi
+    priorityClassName: ""
+    annotations:
+      prometheus.io/port: "8080"
+      prometheus.io/scrape: "true"
+    labels: { }
+    container:
+      additionalArgs: [ ]
+    extraEnv: [ ]
+    serviceAccount:
+      create: true
+      automount: true
+      annotations: { }
+    imagePullPolicy: ""
+    nodeSelector: { }
+    affinity: { }
+    tolerations: [ ]
+
+  imageReflectionController:
+    create: false
+    image: ghcr.io/fluxcd/image-reflector-controller
+    tag: v0.30.0
+    resources:
+      limits: { }
+      # cpu: 1000m
+      # memory: 1Gi
+      requests:
+        cpu: 100m
+        memory: 64Mi
+    priorityClassName: ""
+    annotations:
+      prometheus.io/port: "8080"
+      prometheus.io/scrape: "true"
+    labels: { }
+    container:
+      additionalArgs: [ ]
+    extraEnv: [ ]
+    serviceAccount:
+      create: true
+      automount: true
+      annotations: { }
+    imagePullPolicy: ""
+    nodeSelector: { }
+    affinity: { }
+    tolerations: [ ]
+
+  kustomizeController:
+    create: false
+    image: ghcr.io/fluxcd/kustomize-controller
+    tag: v1.1.0
+    resources:
+      limits: { }
+      # cpu: 1000m
+      # memory: 1Gi
+      requests:
+        cpu: 100m
+        memory: 64Mi
+    priorityClassName: ""
+    annotations:
+      prometheus.io/port: "8080"
+      prometheus.io/scrape: "true"
+    labels: { }
+    container:
+      additionalArgs: [ ]
+    extraEnv: [ ]
+    serviceAccount:
+      create: true
+      automount: true
+      annotations: { }
+    imagePullPolicy: ""
+    secret:
+      # -- Create a secret to use it with extraSecretMounts. Defaults to false.
+      create: false
+      name: ""
+      data: { }
+    # -- Defines envFrom using a configmap and/or secret.
+    envFrom:
+      map:
+        name: ""
+      secret:
+        name: ""
+    # -- Defines additional mounts with secrets.
+    # Secrets must be manually created in the namespace or with kustomizeController.secret
+    extraSecretMounts: [ ]
+    # - name: secret-files
+    #   mountPath: /etc/secrets
+    #   subPath: ""
+    #   secretName: secret-files
+    #   readOnly: true
+
+    nodeSelector: { }
+    affinity: { }
+    tolerations: [ ]
+
+  notificationController:
+    create: false
+    image: ghcr.io/fluxcd/notification-controller
+    tag: v1.1.0
+    resources:
+      limits: { }
+      # cpu: 1000m
+      # memory: 1Gi
+      requests:
+        cpu: 100m
+        memory: 64Mi
+    priorityClassName: ""
+    annotations:
+      prometheus.io/port: "8080"
+      prometheus.io/scrape: "true"
+    labels: { }
+    container:
+      additionalArgs: [ ]
+    extraEnv: [ ]
+    serviceAccount:
+      create: true
+      automount: true
+      annotations: { }
+    imagePullPolicy: ""
+    service:
+      labels: { }
+      annotations: { }
+    webhookReceiver:
+      service:
+        labels: { }
+        annotations: { }
+    nodeSelector: { }
+    affinity: { }
+    tolerations: [ ]
+
+  sourceController:
+    create: true
+    image: ghcr.io/fluxcd/source-controller
+    tag: v1.1.1
+    resources:
+      limits: { }
+      # cpu: 1000m
+      # memory: 1Gi
+      requests:
+        cpu: 100m
+        memory: 64Mi
+    priorityClassName: ""
+    annotations:
+      prometheus.io/port: "8080"
+      prometheus.io/scrape: "true"
+    labels:
+      "byte.builders/managed": "true"
+    container:
+      additionalArgs: [ ]
+    serviceAccount:
+      create: true
+      automount: true
+      annotations: { }
+    imagePullPolicy: ""
+    service:
+      labels: { }
+      annotations: { }
+    nodeSelector: { }
+    affinity: { }
+    tolerations: [ ]
+    extraEnv: [ ]
+
+  policies:
+    create: true
+
+  rbac:
+    create: true
+    # -- Grant the Kubernetes view, edit and admin roles access to Flux custom resources
+    createAggregation: true
+
+  logLevel: info
+  watchAllNamespaces: true
+
+  # -- contents of pod imagePullSecret in form 'name=[secretName]'; applied to all controllers
+  imagePullSecrets: [ ]
+
+  # -- Array of extra K8s agent-manifests to deploy
+  extraObjects: [ ]
+  # Example usage from https://fluxcd.io/docs/components/source/buckets/#static-authentication
+  # - apiVersion: source.toolkit.fluxcd.io/v1beta2
+  #   kind: Bucket
+  #   metadata:
+  #     name: podinfo
+  #     namespace: default
+  #   spec:
+  #     interval: 1m
+  #     provider: generic
+  #     bucketName: podinfo
+  #     endpoint: minio.minio.svc.cluster.local:9000
+  #     insecure: true
+  #     secretRef:
+  #       name: minio-credentials
+  # - apiVersion: v1
+  #   kind: Secret
+  #   metadata:
+  #     name: minio-credentials
+  #     namespace: default
+  #   type: Opaque
+  #   data:
+  #     accesskey: <BASE64>
+  #     secretkey: <BASE64>
+
+  # Enables podMonitor creation for the Prometheus Operator
+  prometheus:
+    podMonitor:
+      # -- Enables podMonitor endpoint
+      create: false
+      podMetricsEndpoints:
+        - port: http-prom
+          relabelings:
+            # https://github.com/prometheus-operator/prometheus-operator/issues/4816
+            - sourceLabels: [ __meta_kubernetes_pod_phase ]
+              action: keep
+              regex: Running