diff --git a/cluster/keel/values.yaml b/cluster/keel/values.yaml new file mode 100644 index 0000000..f1b8ab1 --- /dev/null +++ b/cluster/keel/values.yaml @@ -0,0 +1,218 @@ +image: + repository: keelhq/keel + tag: "0.19.0" + pullPolicy: Always + +# Enable insecure registries +insecureRegistry: false + +# Polling is enabled by default, +# you can disable it setting value below to false +polling: + enabled: true + defaultSchedule: "@every 1m" + +# Helm provider support +helmProvider: + enabled: true + # set to version "v3" for Helm v3 + version: "v3" + tillerNamespace: "kube-system" + # optional Tiller address (if portforwarder tunnel doesn't work), + # if you are using default configuration, setting it to + # 'tiller-deploy:44134' is usually fine + tillerAddress: 'tiller-deploy:44134' +# helmDriver: '' +# helmDriverSqlConnectionString: '' + +# Google Container Registry +# GCP Project ID +gcr: + enabled: false + projectId: "" + gcpServiceAccount: "" + clusterName: "" + pubSub: + enabled: false + +# Notification level (debug, info, success, warn, error, fatal) +notificationLevel: info + +# AWS Elastic Container Registry +# https://keel.sh/v1/guide/documentation.html#Polling-with-AWS-ECR +ecr: + enabled: false + roleArn: "" + accessKeyId: "" + secretAccessKey: "" + region: "" + +# Webhook Notification +# Remote webhook endpoint for notification delivery +webhook: + enabled: false + endpoint: "" + +# Slack Notification +# bot name (default keel) must exist! +slack: + enabled: false + botName: "" + token: "" + channel: "" + approvalsChannel: "" + +# Hipchat notification and approvals +hipchat: + enabled: false + token: "" + channel: "" + approvalsChannel: "" + botName: "" + userName: "" + password: "" + +# Mattermost notifications +mattermost: + enabled: false + endpoint: "" + +# MS Teams notifications +teams: + enabled: false + webhookUrl: "" + +# Mail notifications +mail: + enabled: false + from: "" + to: "" + smtp: + server: "" + port: 25 + user: "" + pass: "" + +# Basic auth on approvals +basicauth: + enabled: false + user: "" + password: "" + +# Keel service +# Enable to receive webhooks from Docker registries +service: + enabled: false + type: LoadBalancer + externalPort: 9300 + clusterIP: "" + +# Webhook Relay service +# If you don’t want to expose your Keel service, you can use https://webhookrelay.com/ +# which can deliver webhooks to your internal Keel service through Keel sidecar container. +webhookRelay: + enabled: false + bucket: "" + # webhookrelay.com credentials + # Set the key and secret values here to create the keel-webhookrelay secret with this + # chart -or- leave key and secret blank and create the keel-webhookrelay secret separately. + key: "" + secret: "" + # webhookrelay docker image + image: + repository: webhookrelay/webhookrelayd + tag: latest + pullPolicy: IfNotPresent + +# Use a secret file to define passwords and tokens of third parties. +secret: + # Leave blank to use `keel.fullname` + name: "" + # Set to false to manage your own secret file, with terraform for example. + create: true + +# RBAC manifests management +rbac: + enabled: true + serviceAccount: + # Kubernetes service account name to be used for ClusterRoleBinding and Deployment. + # name: + # Create a new Kubernetes service account automatically. Set to false if you want to use your own service account. + # If rbac.serviceAccount.name is not set, a new name for the service account is generated + create: true + +# Resources +resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 50m + memory: 64Mi + +# NodeSelector +nodeSelector: {} + +affinity: {} + +tolerations: {} + +# base64 encoded json of GCP service account +# more info available here: https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform +# e.g. --set googleApplicationCredentials=$(cat | base64) +googleApplicationCredentials: "" + +# Enable DEBUG logging +debug: true + +# This is used by the static manifest generator in order to create a static +# namespace manifest for the namespace that keel is being installed +# within. It should **not** be used if you are using Helm for deployment. +createNamespaceResource: false + +podAnnotations: {} + +serviceAnnotations: {} +# Useful for making the load balancer internal +# serviceAnnotations: +# cloud.google.com/load-balancer-type: Internal + +aws: + region: null + +podDisruptionBudget: + enabled: false + maxUnavailable: 1 + minAvailable: null + +# Google Cloud Certificates +gcloud: + managedCertificates: + enabled: false + domains: + - "" + +ingress: + enabled: false + labels: {} + annotations: {} +# kubernetes.io/ingress.class: nginx +# kubernetes.io/tls-acme: "true" + hosts: [] +# - host: chart-example.local +# paths: +# - / + tls: [] +# - secretName: chart-example-tls +# hosts: +# - chart-example.local + +dockerRegistry: + enabled: false + name: "" + key: "" + +persistence: + enabled: false + storageClass: "-" + size: 1Gi