generated from kubernetes/kubernetes-template-project
-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #58 from nilekhc/nilekh/r/v0.0.1
release: Releases first alpha version v0.0.1
- Loading branch information
Showing
37 changed files
with
1,295 additions
and
44 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*.orig | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj | ||
.vscode/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
apiVersion: v2 | ||
name: secrets-store-sync-controller | ||
version: 0.0.1 | ||
appVersion: v0.0.1 | ||
kubeVersion: ">=1.27.0" | ||
description: A Helm chart to install the Secrets Store Sync Controller and its associated resources inside a Kubernetes cluster. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
# Deploying the Secrets Store Sync Controller | ||
You can deploy the Secrets Store Sync Controller with Helm using following command: | ||
```sh | ||
helm install -f values <path_to_values.yaml> secrets-store-sync-controller charts/secrets-store-sync-controller | ||
``` | ||
|
||
## Configuration and Parameters | ||
You can customize the installation by modifying values in the `values.yaml` file or by passing parameters to the helm install command using the `--set key=value[,key=value]` argument. | ||
|
||
| Parameter Name | Description | Default Value | | ||
|--------------------------------------------------|---------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | ||
| `providerContainer` | The container for the Secrets Store Sync Controller. | `[- name: provider-aws-installer ...]` | | ||
| `controllerName` | The name of the Secrets Store Sync Controller. | `secrets-store-sync-controller-manager` | | ||
| `tokenRequestAudience` | The audience for the token request. | `[]` | | ||
| `logVerbosity` | The log level. | `5` | | ||
| `validatingAdmissionPolicies.applyPolicies` | Determines whether the Secrets Store Sync Controller should apply policies. | `true` | | ||
| `validatingAdmissionPolicies.allowedSecretTypes` | The types of secrets that the Secrets Store Sync Controller should allow. | `["Opaque", "kubernetes.io/basic-auth", "bootstrap.kubernetes.io/token", "kubernetes.io/dockerconfigjson", "kubernetes.io/dockercfg", "kubernetes.io/ssh-auth", "kubernetes.io/tls"]` | | ||
| `validatingAdmissionPolicies.deniedSecretTypes` | The types of secrets that the Secrets Store Sync Controller should deny. | `["kubernetes.io/service-account-token"]` | | ||
| `image.repository` | The image repository of the Secrets Store Sync Controller. | `registry.k8s.io/secrets-store-sync/controller` | | ||
| `image.pullPolicy` | Image pull policy. | `IfNotPresent` | | ||
| `image.tag` | The specific image tag to use. Overrides the image tag whose default is the chart's `appVersion`. | `v0.0.1` | | ||
| `securityContext` | Security context for the Secrets Store Sync Controller. | `{ allowPrivilegeEscalation: false, capabilities: { drop: [ALL] } }` | | ||
| `resources` | The resource request/limits for the Secrets Store Sync Controller image. | `limits: 500m CPU, 128Mi; requests: 10m CPU, 64Mi` | | ||
| `podAnnotations` | Annotations to be added to pods. | `{ kubectl.kubernetes.io/default-container: "manager" }` | | ||
| `podLabels` | Labels to be added to pods. | `{ control-plane: "controller-manager", secrets-store.io/system: "true", app: "secrets-store-sync-controller" }` | | ||
| `nodeSelector` | Node labels for pod assignment. | `{}` | | ||
| `tolerations` | Tolerations for pod assignment. | `[{ operator: "Exists" }]` | | ||
|
||
|
||
These parameters offer flexibility in configuring and deploying the Secrets Store Sync Controller according to specific requirements in your Kubernetes environment. Remember to replace values appropriately or use the `--set` flag when installing the chart via Helm. |
Oops, something went wrong.