alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 14 Actions Activity
Files
ad1930f15e7c8ef8e4dc2e2ba021cf790a01cbe5
infrastructure/clusters/cl01tl/helm/kubelet-serving-cert-approver/values.yaml
Alex Lebens cc2f89f9fc
All checks were successful
lint-test-helm / helm-lint (push) Successful in 8s
Details
render-manifests / render-manifests (push) Successful in 19s
Details
renovate / renovate (push) Successful in 1m17s
Details
migrate
2025-12-02 17:36:59 -06:00

78 lines
2.0 KiB
YAML
Raw Blame History

kubelet-serving-cert-approver:
defaultPodOptions:
priorityClassName: system-cluster-critical
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: node-role.kubernetes.io/master
operator: DoesNotExist
- key: node-role.kubernetes.io/control-plane
operator: DoesNotExist
weight: 100
securityContext:
fsGroup: 65534
runAsGroup: 65534
runAsUser: 65534
seccompProfile:
type: RuntimeDefault
tolerations:
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Exists
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Exists
controllers:
main:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
serviceAccount:
name: kubelet-serving-cert-approver
pod:
automountServiceAccountToken: true
containers:
main:
image:
repository: ghcr.io/alex1989hu/kubelet-serving-cert-approver
tag: 0.10.0
pullPolicy: Always
args:
- serve
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
resources:
requests:
cpu: 100m
memory: 128Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
runAsNonRoot: true
serviceAccount:
kubelet-serving-cert-approver:
enabled: true
staticToken: true
service:
main:
controller: main
ports:
health:
port: 8080
targetPort: 8080
protocol: HTTP
metrics:
port: 9090
targetPort: 9090
protocol: HTTP
Reference in New Issue View Git Blame Copy Permalink