48 lines
1.6 KiB
YAML
48 lines
1.6 KiB
YAML
migrationJob:
|
|
podAnnotations:
|
|
linkerd.io/inject: disabled
|
|
|
|
redis: &redis
|
|
tls:
|
|
enabled: false
|
|
|
|
ingress-nginx:
|
|
enabled: true
|
|
controller:
|
|
admissionWebhooks:
|
|
patch:
|
|
podAnnotations:
|
|
linkerd.io/inject: disabled
|
|
name: controller
|
|
image:
|
|
registry: k8s.gcr.io
|
|
image: ingress-nginx/controller
|
|
## for backwards compatibility consider setting the full image url via the repository value below
|
|
## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
|
|
## repository:
|
|
tag: "v1.3.0"
|
|
digest: ""
|
|
|
|
# For enterpriseEdition Only
|
|
vault: &vault
|
|
vaultHost: databases-vault.db.svc.cluster.local:8200
|
|
annotations:
|
|
vault.hashicorp.com/agent-cache-enable: "true"
|
|
vault.hashicorp.com/agent-inject: "true"
|
|
vault.hashicorp.com/agent-inject-token: "true"
|
|
vault.hashicorp.com/template-static-secret-render-interval: 2m
|
|
# vault.hashicorp.com/log-level: debug
|
|
vault.hashicorp.com/agent-run-as-same-user: "true"
|
|
vault.hashicorp.com/agent-inject-command-processor.properties: |
|
|
pkill -TERM openreplay
|
|
vault.hashicorp.com/role: pgaccess
|
|
vault.hashicorp.com/agent-inject-secret-processor.properties: database/creds/db-app
|
|
vault.hashicorp.com/agent-inject-template-processor.properties: |
|
|
{{- with secret "database/creds/db-app" -}}
|
|
POSTGRES_STRING=postgres://{{.Data.username}}:{{.Data.password}}@postgresql.db.svc.cluster.local:5432/postgres
|
|
{{- end -}}
|
|
|
|
global:
|
|
vault: *vault
|
|
redis: *redis
|
|
clusterDomain: "svc.cluster.local"
|