alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 8 Actions 4 Activity
Files
01b516273235a98e77b1e8be636f4652e5435025
infrastructure/clusters/cl01tl/helm/kubelet-serving-cert-approver/values.yaml
Alex Lebens 01b5162732
All checks were successful
lint-test-helm / lint-helm (pull_request) Successful in 58s
Details
lint-test-helm / validate-kubeconform (pull_request) Successful in 1m5s
Details
feat: refactor apps
2026-04-03 19:16:43 -05:00

74 lines
2.0 KiB
YAML
Raw Blame History

kubelet-serving-cert-approver:
defaultPodOptions:
priorityClassName: system-cluster-critical
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: node-role.kubernetes.io/master
operator: DoesNotExist
- key: node-role.kubernetes.io/control-plane
operator: DoesNotExist
weight: 100
securityContext:
fsGroup: 65534
runAsGroup: 65534
runAsUser: 65534
seccompProfile:
type: RuntimeDefault
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
serviceAccount:
name: kubelet-serving-cert-approver
pod:
automountServiceAccountToken: true
containers:
main:
image:
repository: ghcr.io/alex1989hu/kubelet-serving-cert-approver
tag: 0.10.3@sha256:4cdc92140c48341433513dce3201806309d5256cfbac6f830feae1e7e9fb0d7d
args:
- serve
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
resources:
requests:
cpu: 1m
memory: 20Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
serviceAccount:
kubelet-serving-cert-approver:
enabled: true
staticToken: true
service:
main:
controller: main
ports:
health:
port: 8080
targetPort: 8080
metrics:
port: 9090
targetPort: 9090
Reference in New Issue View Git Blame Copy Permalink