2 spinnakerVersion: {{ spinnaker_app_version }}
4 repository: {{ gcrio_image_repository }}/spinnaker-marketplace/halyard
5 tag: {{ spinnaker_version }}
7 # Set to false to disable persistence data volume for halyard
10 # Provide a config map with Hal commands that will be run the core config (storage)
11 # The config map should contain a script in the config.sh key
14 configMapName: my-halyard-config
15 configMapKey: config.sh
16 # If you'd rather do an inline script, set create to true and put the content in the data dict like you would a configmap
17 # The content will be passed through `tpl`, so value interpolation is supported.
23 ## Uncomment if you want to use a pre-created secret rather than feeding data in via helm.
28 ## Uncomment if you want to use a pre-created ConfigMap rather than feeding data in via helm.
30 ## Define custom profiles for Spinnaker services. Read more for details:
31 ## https://www.spinnaker.io/reference/halyard/custom/#custom-profiles
32 ## The contents of the files will be passed through `tpl`, so value interpolation is supported.
33 additionalProfileConfigMaps:
35 ## if you're running spinnaker behind a reverse proxy such as a GCE ingress
36 ## you may need the following profile settings for the gate profile.
37 ## see https://github.com/spinnaker/spinnaker/issues/1630
38 ## otherwise its harmless and will likely become default behavior in the future
39 ## According to the linked github issue.
43 # protocolHeader: X-Forwarded-Proto
44 # remoteIpHeader: X-Forwarded-For
46 # httpsServerPort: X-Forwarded-Port
48 ## Define custom settings for Spinnaker services. Read more for details:
49 ## https://www.spinnaker.io/reference/halyard/custom/#custom-service-settings
50 ## You can use it to add annotations for pods, override the image, etc.
51 additionalServiceSettings: {}
53 # artifactId: gcr.io/spinnaker-marketplace/deck:2.9.0-20190412012808
56 # iam.amazonaws.com/role: <role_arn>
60 # iam.amazonaws.com/role: <role_arn>
62 ## Populate to provide a custom local BOM for Halyard to use for deployment. Read more for details:
63 ## https://www.spinnaker.io/guides/operator/custom-boms/#boms-and-configuration-on-your-filesystem
66 # debianRepository: https://dl.bintray.com/spinnaker-releases/debians
67 # dockerRegistry: gcr.io/spinnaker-marketplace
68 # gitPrefix: https://github.com/spinnaker
69 # googleImageProject: marketplace-spinnaker-release
72 # commit: 031bcec52d6c3eb447095df4251b9d7516ed74f5
73 # version: 6.3.0-20190904130744
75 # commit: b0aac478e13a7f9642d4d39479f649dd2ef52a5a
76 # version: 2.12.0-20190916141821
78 # timestamp: '2019-09-16 18:18:44'
81 ## Define local configuration for Spinnaker services.
82 ## The contents of these files would be copies of the configuration normally retrieved from
83 ## `gs://halconfig/<service-name>`, but instead need to be available locally on the halyard pod to facilitate
84 ## offline installation. This would typically be used along with a custom `bom:` with the `local:` prefix on a
86 ## Read more for details:
87 ## https://www.spinnaker.io/guides/operator/custom-boms/#boms-and-configuration-on-your-filesystem
88 ## The key for each entry must be the name of the service and a file name separated by the '_' character.
90 # clouddriver_clouddriver-ro.yml: |-
92 # clouddriver_clouddriver-rw.yml: |-
94 # clouddriver_clouddriver.yml: |-
96 # deck_settings.json: |-
101 ## Uncomment if you want to add extra commands to the init script
102 ## run by the init container before halyard is started.
103 ## The content will be passed through `tpl`, so value interpolation is supported.
104 # additionalInitScript: |-
106 ## Uncomment if you want to add annotations on halyard and install-using-hal pods
108 # iam.amazonaws.com/role: <role_arn>
110 ## Uncomment the following resources definitions to control the cpu and memory
111 # resources allocated for the halyard pod
120 ## Uncomment if you want to set environment variables on the Halyard pod.
123 # value: -Dhttp.proxyHost=proxy.example.com
125 ## Enable to override the default cacerts with your own one
127 secretName: custom-cacerts
129 # Define which registries and repositories you want available in your
130 # Spinnaker pipeline definitions
131 # For more info visit:
132 # https://www.spinnaker.io/setup/providers/docker-registry/
134 # Configure your Docker registries here
137 address: index.docker.io
144 # address: https://gcr.io
145 # username: _json_key
146 # password: '<INSERT YOUR SERVICE ACCOUNT JSON HERE>'
147 # email: 1234@5678.com
149 # If you don't want to put your passwords into a values file
150 # you can use a pre-created secret instead of putting passwords
151 # (specify secret name in below `dockerRegistryAccountSecret`)
152 # per account above with data in the format:
155 # dockerRegistryAccountSecret: myregistry-secrets
158 # Use this when you want to register arbitrary clusters with Spinnaker
159 # Upload your ~/kube/.config to a secret
161 secretName: my-kubeconfig
163 # Use this when you want to configure halyard to reference a kubeconfig from s3
164 # This allows you to keep your kubeconfig in an encrypted s3 bucket
165 # For more info visit:
166 # https://www.spinnaker.io/reference/halyard/secrets/s3-secrets/#secrets-in-s3
167 # encryptedKubeconfig: encrypted:s3!r:us-west-2!b:mybucket!f:mykubeconfig
168 # List of contexts from the kubeconfig to make available to Spinnaker
171 deploymentContext: default
175 onlySpinnakerManaged:
178 # When false, clouddriver will skip the permission checks for all kubernetes kinds at startup.
179 # This can save a great deal of time during clouddriver startup when you have many kubernetes
180 # accounts configured. This disables the log messages at startup about missing permissions.
181 checkPermissionsOnStartup: true
183 # A list of resource kinds this Spinnaker account can deploy to and will cache.
184 # When no kinds are configured, this defaults to ‘all kinds'.
188 # A list of resource kinds this Spinnaker account cannot deploy to or cache.
189 # This can only be set when –kinds is empty or not set.
193 # Change this if youd like to expose Spinnaker outside the cluster
196 # host: spinnaker.example.org
198 # ingress.kubernetes.io/ssl-redirect: 'true'
199 # kubernetes.io/ingress.class: nginx
200 # kubernetes.io/tls-acme: "true"
208 # host: gate.spinnaker.example.org
210 # ingress.kubernetes.io/ssl-redirect: 'true'
211 # kubernetes.io/ingress.class: nginx
212 # kubernetes.io/tls-acme: "true"
218 # spinnakerFeatureFlags is a list of Spinnaker feature flags to enable
219 # Ref: https://www.spinnaker.io/reference/halyard/commands/#hal-config-features-edit
220 # spinnakerFeatureFlags:
222 # - pipeline-templates
223 spinnakerFeatureFlags:
227 # Node labels for pod assignment
228 # Ref: https://kubernetes.io/docs/user-guide/node-selection/
229 # nodeSelector to provide to each of the Spinnaker components
232 # Redis password to use for the in-cluster redis service
233 # Enable redis to use in-cluster redis
236 # External Redis option will be enabled if in-cluster redis is disabled
238 host: "<EXTERNAL-REDIS-HOST-NAME>"
245 # Uncomment if you don't want to create a PVC for redis
250 # Minio access/secret keys for the in-cluster S3 usage
251 # Minio is not exposed publically
254 imageTag: RELEASE.2019-02-13T19-48-27Z
255 serviceType: ClusterIP
256 accessKey: spinnakeradmin
257 secretKey: spinnakeradmin
260 # Uncomment if you don't want to create a PVC for minio
264 # Google Cloud Storage
267 project: my-project-name
268 bucket: "<GCS-BUCKET-NAME>"
269 ## if jsonKey is set, will create a secret containing it
270 jsonKey: '<INSERT CLOUD STORAGE JSON HERE>'
271 ## override the name of the secret to use for jsonKey, if `jsonKey`
272 ## is empty, it will not create a secret assuming you are creating one
273 ## external to the chart. the key for that secret should be `key.json`.
276 # AWS Simple Storage Service
279 bucket: "<S3-BUCKET-NAME>"
280 # rootFolder: "front50"
281 # region: "us-east-1"
285 # assumeRole: "<role to assume>"
287 # Azure Storage Account
290 # storageAccountName: ""
292 # containerName: "spinnaker"
295 # Specifies whether RBAC resources should be created
299 # Specifies whether a ServiceAccount should be created
301 # The name of the ServiceAccounts to use.
302 # If left blank it is auto-generated from the fullname of the release
306 # Specifies permissions to write for user/group