|
|
image:
|
|
|
repository: keelhq/keel
|
|
|
tag: "0.19.0"
|
|
|
pullPolicy: Always
|
|
|
|
|
|
# Enable insecure registries
|
|
|
insecureRegistry: false
|
|
|
|
|
|
# Polling is enabled by default,
|
|
|
# you can disable it setting value below to false
|
|
|
polling:
|
|
|
enabled: true
|
|
|
defaultSchedule: "@every 1m"
|
|
|
|
|
|
# Helm provider support
|
|
|
helmProvider:
|
|
|
enabled: true
|
|
|
# set to version "v3" for Helm v3
|
|
|
version: "v3"
|
|
|
tillerNamespace: "kube-system"
|
|
|
# optional Tiller address (if portforwarder tunnel doesn't work),
|
|
|
# if you are using default configuration, setting it to
|
|
|
# 'tiller-deploy:44134' is usually fine
|
|
|
tillerAddress: 'tiller-deploy:44134'
|
|
|
# helmDriver: ''
|
|
|
# helmDriverSqlConnectionString: ''
|
|
|
|
|
|
# Google Container Registry
|
|
|
# GCP Project ID
|
|
|
gcr:
|
|
|
enabled: false
|
|
|
projectId: ""
|
|
|
gcpServiceAccount: ""
|
|
|
clusterName: ""
|
|
|
pubSub:
|
|
|
enabled: false
|
|
|
|
|
|
# Notification level (debug, info, success, warn, error, fatal)
|
|
|
notificationLevel: info
|
|
|
|
|
|
# AWS Elastic Container Registry
|
|
|
# https://keel.sh/v1/guide/documentation.html#Polling-with-AWS-ECR
|
|
|
ecr:
|
|
|
enabled: false
|
|
|
roleArn: ""
|
|
|
accessKeyId: ""
|
|
|
secretAccessKey: ""
|
|
|
region: ""
|
|
|
|
|
|
# Webhook Notification
|
|
|
# Remote webhook endpoint for notification delivery
|
|
|
webhook:
|
|
|
enabled: false
|
|
|
endpoint: ""
|
|
|
|
|
|
# Slack Notification
|
|
|
# bot name (default keel) must exist!
|
|
|
slack:
|
|
|
enabled: false
|
|
|
botName: ""
|
|
|
token: ""
|
|
|
channel: ""
|
|
|
approvalsChannel: ""
|
|
|
|
|
|
# Hipchat notification and approvals
|
|
|
hipchat:
|
|
|
enabled: false
|
|
|
token: ""
|
|
|
channel: ""
|
|
|
approvalsChannel: ""
|
|
|
botName: ""
|
|
|
userName: ""
|
|
|
password: ""
|
|
|
|
|
|
# Mattermost notifications
|
|
|
mattermost:
|
|
|
enabled: false
|
|
|
endpoint: ""
|
|
|
|
|
|
# MS Teams notifications
|
|
|
teams:
|
|
|
enabled: false
|
|
|
webhookUrl: ""
|
|
|
|
|
|
# Mail notifications
|
|
|
mail:
|
|
|
enabled: false
|
|
|
from: ""
|
|
|
to: ""
|
|
|
smtp:
|
|
|
server: ""
|
|
|
port: 25
|
|
|
user: ""
|
|
|
pass: ""
|
|
|
|
|
|
# Basic auth on approvals
|
|
|
basicauth:
|
|
|
enabled: false
|
|
|
user: ""
|
|
|
password: ""
|
|
|
|
|
|
# Keel service
|
|
|
# Enable to receive webhooks from Docker registries
|
|
|
service:
|
|
|
enabled: false
|
|
|
type: LoadBalancer
|
|
|
externalPort: 9300
|
|
|
clusterIP: ""
|
|
|
|
|
|
# Webhook Relay service
|
|
|
# If you don’t want to expose your Keel service, you can use https://webhookrelay.com/
|
|
|
# which can deliver webhooks to your internal Keel service through Keel sidecar container.
|
|
|
webhookRelay:
|
|
|
enabled: false
|
|
|
bucket: ""
|
|
|
# webhookrelay.com credentials
|
|
|
# Set the key and secret values here to create the keel-webhookrelay secret with this
|
|
|
# chart -or- leave key and secret blank and create the keel-webhookrelay secret separately.
|
|
|
key: ""
|
|
|
secret: ""
|
|
|
# webhookrelay docker image
|
|
|
image:
|
|
|
repository: webhookrelay/webhookrelayd
|
|
|
tag: latest
|
|
|
pullPolicy: IfNotPresent
|
|
|
|
|
|
# Use a secret file to define passwords and tokens of third parties.
|
|
|
secret:
|
|
|
# Leave blank to use `keel.fullname`
|
|
|
name: ""
|
|
|
# Set to false to manage your own secret file, with terraform for example.
|
|
|
create: true
|
|
|
|
|
|
# RBAC manifests management
|
|
|
rbac:
|
|
|
enabled: true
|
|
|
serviceAccount:
|
|
|
# Kubernetes service account name to be used for ClusterRoleBinding and Deployment.
|
|
|
# name:
|
|
|
# Create a new Kubernetes service account automatically. Set to false if you want to use your own service account.
|
|
|
# If rbac.serviceAccount.name is not set, a new name for the service account is generated
|
|
|
create: true
|
|
|
|
|
|
# Resources
|
|
|
resources:
|
|
|
limits:
|
|
|
cpu: 100m
|
|
|
memory: 128Mi
|
|
|
requests:
|
|
|
cpu: 50m
|
|
|
memory: 64Mi
|
|
|
|
|
|
# NodeSelector
|
|
|
nodeSelector: {}
|
|
|
|
|
|
affinity: {}
|
|
|
|
|
|
tolerations: {}
|
|
|
|
|
|
# base64 encoded json of GCP service account
|
|
|
# more info available here: https://cloud.google.com/kubernetes-engine/docs/tutorials/authenticating-to-cloud-platform
|
|
|
# e.g. --set googleApplicationCredentials=$(cat <JSON_KEY_FIEL> | base64)
|
|
|
googleApplicationCredentials: ""
|
|
|
|
|
|
# Enable DEBUG logging
|
|
|
debug: true
|
|
|
|
|
|
# This is used by the static manifest generator in order to create a static
|
|
|
# namespace manifest for the namespace that keel is being installed
|
|
|
# within. It should **not** be used if you are using Helm for deployment.
|
|
|
createNamespaceResource: false
|
|
|
|
|
|
podAnnotations: {}
|
|
|
|
|
|
serviceAnnotations: {}
|
|
|
# Useful for making the load balancer internal
|
|
|
# serviceAnnotations:
|
|
|
# cloud.google.com/load-balancer-type: Internal
|
|
|
|
|
|
aws:
|
|
|
region: null
|
|
|
|
|
|
podDisruptionBudget:
|
|
|
enabled: false
|
|
|
maxUnavailable: 1
|
|
|
minAvailable: null
|
|
|
|
|
|
# Google Cloud Certificates
|
|
|
gcloud:
|
|
|
managedCertificates:
|
|
|
enabled: false
|
|
|
domains:
|
|
|
- ""
|
|
|
|
|
|
ingress:
|
|
|
enabled: false
|
|
|
labels: {}
|
|
|
annotations: {}
|
|
|
# kubernetes.io/ingress.class: nginx
|
|
|
# kubernetes.io/tls-acme: "true"
|
|
|
hosts: []
|
|
|
# - host: chart-example.local
|
|
|
# paths:
|
|
|
# - /
|
|
|
tls: []
|
|
|
# - secretName: chart-example-tls
|
|
|
# hosts:
|
|
|
# - chart-example.local
|
|
|
|
|
|
dockerRegistry:
|
|
|
enabled: false
|
|
|
name: ""
|
|
|
key: ""
|
|
|
|
|
|
persistence:
|
|
|
enabled: false
|
|
|
storageClass: "-"
|
|
|
size: 1Gi
|