diff --git a/charts/radar-rest-sources-authorizer/Chart.yaml b/charts/radar-rest-sources-authorizer/Chart.yaml index b8b86616..4816e8a1 100644 --- a/charts/radar-rest-sources-authorizer/Chart.yaml +++ b/charts/radar-rest-sources-authorizer/Chart.yaml @@ -1,27 +1,27 @@ -apiVersion: v2 -appVersion: "4.4.0" -description: A Helm chart for the front-end application of RADAR-base Rest Sources Authorizer which is a portal to authorize the Fitbit connector to read data from Fitbit accounts. -name: radar-rest-sources-authorizer -version: 1.1.3 -icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" -sources: -- https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-rest-sources-authorizer -- https://github.com/RADAR-base/RADAR-Rest-Source-Auth -keywords: - - radar-base - - remote-trial -annotations: - artifacthub.io/license: Apache-2.0 -deprecated: false -type: application -home: "https://radar-base.org" -maintainers: - - email: keyvan@thehyve.nl - name: Keyvan Hedayati - url: https://www.thehyve.nl - - email: joris@thehyve.nl - name: Joris Borgdorff - url: https://www.thehyve.nl/experts/joris-borgdorff - - email: nivethika@thehyve.nl - name: Nivethika Mahasivam - url: https://www.thehyve.nl/experts/nivethika-mahasivam +apiVersion: v2 +appVersion: "4.4.0" +description: A Helm chart for the front-end application of RADAR-base Rest Sources Authorizer which is a portal to authorize the Fitbit connector to read data from Fitbit accounts. +name: radar-rest-sources-authorizer +version: 1.1.3 +icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" +sources: +- https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-rest-sources-authorizer +- https://github.com/RADAR-base/RADAR-Rest-Source-Auth +keywords: + - radar-base + - remote-trial +annotations: + artifacthub.io/license: Apache-2.0 +deprecated: false +type: application +home: "https://radar-base.org" +maintainers: + - email: keyvan@thehyve.nl + name: Keyvan Hedayati + url: https://www.thehyve.nl + - email: joris@thehyve.nl + name: Joris Borgdorff + url: https://www.thehyve.nl/experts/joris-borgdorff + - email: nivethika@thehyve.nl + name: Nivethika Mahasivam + url: https://www.thehyve.nl/experts/nivethika-mahasivam diff --git a/charts/radar-rest-sources-authorizer/README.md b/charts/radar-rest-sources-authorizer/README.md index e62a17f2..833b56af 100644 --- a/charts/radar-rest-sources-authorizer/README.md +++ b/charts/radar-rest-sources-authorizer/README.md @@ -1,74 +1,74 @@ - - -# radar-rest-sources-authorizer -[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-rest-sources-authorizer)](https://artifacthub.io/packages/helm/radar-base/radar-rest-sources-authorizer) - -![Version: 1.1.3](https://img.shields.io/badge/Version-1.1.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.4.0](https://img.shields.io/badge/AppVersion-4.4.0-informational?style=flat-square) - -A Helm chart for the front-end application of RADAR-base Rest Sources Authorizer which is a portal to authorize the Fitbit connector to read data from Fitbit accounts. - -**Homepage:** - -## Maintainers - -| Name | Email | Url | -| ---- | ------ | --- | -| Keyvan Hedayati | | | -| Joris Borgdorff | | | -| Nivethika Mahasivam | | | - -## Source Code - -* -* - -## Prerequisites -* Kubernetes 1.22+ -* Kubectl 1.22+ -* Helm 3.1.0+ - -## Values - -| Key | Type | Default | Description | -|-----|------|---------|-------------| -| replicaCount | int | `2` | Number of radar-rest-sources-authorizer replicas to deploy | -| image.repository | string | `"radarbase/radar-rest-source-authorizer"` | radar-rest-sources-authorizer image repository | -| image.tag | string | `"4.4.0"` | radar-rest-sources-authorizer image tag (immutable tags are recommended) Overrides the image tag whose default is the chart appVersion. | -| image.pullPolicy | string | `"IfNotPresent"` | radar-rest-sources-authorizer image pull policy | -| imagePullSecrets | list | `[]` | Docker registry secret names as an array | -| nameOverride | string | `""` | String to partially override radar-rest-sources-authorizer.fullname template with a string (will prepend the release name) | -| fullnameOverride | string | `""` | String to fully override radar-rest-sources-authorizer.fullname template with a string | -| podSecurityContext | object | `{}` | Configure radar-rest-sources-authorizer pods' Security Context | -| securityContext | object | `{}` | Configure radar-rest-sources-authorizer containers' Security Context | -| service.type | string | `"ClusterIP"` | Kubernetes Service type | -| service.port | int | `8080` | radar-rest-sources-authorizer port | -| ingress.enabled | bool | `true` | Enable ingress controller resource | -| ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer | -| ingress.path | string | `"/rest-sources/authorizer"` | Path within the url structure | -| ingress.pathType | string | `"ImplementationSpecific"` | Ingress Path type | -| ingress.ingressClassName | string | `"nginx"` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | -| ingress.hosts | list | `["localhost"]` | Hosts to accept requests from | -| ingress.tls.secretName | string | `"radar-base-tls-radar-rest-sources-authorizer"` | TLS Secret Name | -| resources.requests | object | `{"cpu":"100m","memory":"128Mi"}` | CPU/Memory resource requests | -| nodeSelector | object | `{}` | Node labels for pod assignment | -| tolerations | list | `[]` | Toleration labels for pod assignment | -| affinity | object | `{}` | Affinity labels for pod assignment | -| extraEnvVars | list | `[]` | Extra environment variables | -| customLivenessProbe | object | `{}` | Custom livenessProbe that overrides the default one | -| livenessProbe.enabled | bool | `true` | Enable livenessProbe | -| livenessProbe.initialDelaySeconds | int | `5` | Initial delay seconds for livenessProbe | -| livenessProbe.periodSeconds | int | `30` | Period seconds for livenessProbe | -| livenessProbe.timeoutSeconds | int | `3` | Timeout seconds for livenessProbe | -| livenessProbe.successThreshold | int | `1` | Success threshold for livenessProbe | -| livenessProbe.failureThreshold | int | `3` | Failure threshold for livenessProbe | -| customReadinessProbe | object | `{}` | Custom readinessProbe that overrides the default one | -| readinessProbe.enabled | bool | `true` | Enable readinessProbe | -| readinessProbe.initialDelaySeconds | int | `5` | Initial delay seconds for readinessProbe | -| readinessProbe.periodSeconds | int | `10` | Period seconds for readinessProbe | -| readinessProbe.timeoutSeconds | int | `3` | Timeout seconds for readinessProbe | -| readinessProbe.successThreshold | int | `1` | Success threshold for readinessProbe | -| readinessProbe.failureThreshold | int | `3` | Failure threshold for readinessProbe | -| networkpolicy | object | check `values.yaml` | Network policy defines who can access this application and who this applications has access to | -| clientId | string | `"radar_rest_sources_authorizer"` | OAuth2 client id of the application registered in Management Portal. It is assumed that this is a public client with empty client secret. | -| serverName | string | `"localhost"` | Domain name of the server | -| authUrl | string | `"localhost/managementportal/oauth"` | Authorization URL of the IDP | + + +# radar-rest-sources-authorizer +[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-rest-sources-authorizer)](https://artifacthub.io/packages/helm/radar-base/radar-rest-sources-authorizer) + +![Version: 1.1.3](https://img.shields.io/badge/Version-1.1.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.4.0](https://img.shields.io/badge/AppVersion-4.4.0-informational?style=flat-square) + +A Helm chart for the front-end application of RADAR-base Rest Sources Authorizer which is a portal to authorize the Fitbit connector to read data from Fitbit accounts. + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| Keyvan Hedayati | | | +| Joris Borgdorff | | | +| Nivethika Mahasivam | | | + +## Source Code + +* +* + +## Prerequisites +* Kubernetes 1.22+ +* Kubectl 1.22+ +* Helm 3.1.0+ + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| replicaCount | int | `2` | Number of radar-rest-sources-authorizer replicas to deploy | +| image.repository | string | `"radarbase/radar-rest-source-authorizer"` | radar-rest-sources-authorizer image repository | +| image.tag | string | `"4.4.0"` | radar-rest-sources-authorizer image tag (immutable tags are recommended) Overrides the image tag whose default is the chart appVersion. | +| image.pullPolicy | string | `"IfNotPresent"` | radar-rest-sources-authorizer image pull policy | +| imagePullSecrets | list | `[]` | Docker registry secret names as an array | +| nameOverride | string | `""` | String to partially override radar-rest-sources-authorizer.fullname template with a string (will prepend the release name) | +| fullnameOverride | string | `""` | String to fully override radar-rest-sources-authorizer.fullname template with a string | +| podSecurityContext | object | `{}` | Configure radar-rest-sources-authorizer pods' Security Context | +| securityContext | object | `{}` | Configure radar-rest-sources-authorizer containers' Security Context | +| service.type | string | `"ClusterIP"` | Kubernetes Service type | +| service.port | int | `8080` | radar-rest-sources-authorizer port | +| ingress.enabled | bool | `true` | Enable ingress controller resource | +| ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer | +| ingress.path | string | `"/rest-sources/authorizer"` | Path within the url structure | +| ingress.pathType | string | `"ImplementationSpecific"` | Ingress Path type | +| ingress.ingressClassName | string | `"nginx"` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | +| ingress.hosts | list | `["localhost"]` | Hosts to accept requests from | +| ingress.tls.secretName | string | `"radar-base-tls-radar-rest-sources-authorizer"` | TLS Secret Name | +| resources.requests | object | `{"cpu":"100m","memory":"128Mi"}` | CPU/Memory resource requests | +| nodeSelector | object | `{}` | Node labels for pod assignment | +| tolerations | list | `[]` | Toleration labels for pod assignment | +| affinity | object | `{}` | Affinity labels for pod assignment | +| extraEnvVars | list | `[]` | Extra environment variables | +| customLivenessProbe | object | `{}` | Custom livenessProbe that overrides the default one | +| livenessProbe.enabled | bool | `true` | Enable livenessProbe | +| livenessProbe.initialDelaySeconds | int | `5` | Initial delay seconds for livenessProbe | +| livenessProbe.periodSeconds | int | `30` | Period seconds for livenessProbe | +| livenessProbe.timeoutSeconds | int | `3` | Timeout seconds for livenessProbe | +| livenessProbe.successThreshold | int | `1` | Success threshold for livenessProbe | +| livenessProbe.failureThreshold | int | `3` | Failure threshold for livenessProbe | +| customReadinessProbe | object | `{}` | Custom readinessProbe that overrides the default one | +| readinessProbe.enabled | bool | `true` | Enable readinessProbe | +| readinessProbe.initialDelaySeconds | int | `5` | Initial delay seconds for readinessProbe | +| readinessProbe.periodSeconds | int | `10` | Period seconds for readinessProbe | +| readinessProbe.timeoutSeconds | int | `3` | Timeout seconds for readinessProbe | +| readinessProbe.successThreshold | int | `1` | Success threshold for readinessProbe | +| readinessProbe.failureThreshold | int | `3` | Failure threshold for readinessProbe | +| networkpolicy | object | check `values.yaml` | Network policy defines who can access this application and who this applications has access to | +| clientId | string | `"radar_rest_sources_authorizer"` | OAuth2 client id of the application registered in Management Portal. It is assumed that this is a public client with empty client secret. | +| serverName | string | `"localhost"` | Domain name of the server | +| authUrl | string | `"localhost/managementportal/oauth"` | Authorization URL of the IDP | diff --git a/charts/radar-rest-sources-authorizer/templates/deployment.yaml b/charts/radar-rest-sources-authorizer/templates/deployment.yaml index 4aad8fda..a11af988 100644 --- a/charts/radar-rest-sources-authorizer/templates/deployment.yaml +++ b/charts/radar-rest-sources-authorizer/templates/deployment.yaml @@ -1,110 +1,110 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "radar-rest-sources-authorizer.fullname" . }} - labels: -{{ include "radar-rest-sources-authorizer.labels" . | indent 4 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "radar-rest-sources-authorizer.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - template: - metadata: - labels: - app.kubernetes.io/name: {{ include "radar-rest-sources-authorizer.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 1 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: "app.kubernetes.io/name" - operator: In - values: - - {{ template "radar-rest-sources-authorizer.name" . }} - - key: "app.kubernetes.io/instance" - operator: In - values: - - {{ .Release.Name }} - topologyKey: "kubernetes.io/hostname" - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - env: - - name: BASE_HREF - value: /rest-sources/authorizer/ - - name: BACKEND_BASE_URL - value: https://{{ .Values.serverName }}/rest-sources/backend - - name: VALIDATE - value: "true" - - name: AUTH_GRANT_TYPE - value: "authorization_code" - - name: AUTH_CLIENT_ID - value: {{ .Values.clientId }} - - name: AUTH_CLIENT_SECRET - value: "" - - name: AUTH_CALLBACK_URL - value: https://{{ .Values.serverName }}/rest-sources/authorizer/login - - name: AUTH_URI - value: https://{{ .Values.authUrl }} - {{- with .Values.extraEnvVars }} - {{- toYaml . | nindent 10 }} - {{- end }} - ports: - - name: http - containerPort: 8080 - protocol: TCP - {{- if .Values.customLivenessProbe }} - livenessProbe: {{- .Values.customLivenessProbe | toYaml | nindent 12 }} - {{- else if .Values.livenessProbe.enabled }} - livenessProbe: - httpGet: - path: /rest-sources/authorizer/ - port: http - initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.livenessProbe.failureThreshold }} - {{- end }} - {{- if .Values.customReadinessProbe }} - readinessProbe: {{- .Values.customReadinessProbe | toYaml | nindent 12 }} - {{- else if .Values.readinessProbe.enabled }} - readinessProbe: - httpGet: - path: /rest-sources/authorizer/ - port: http - initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.readinessProbe.failureThreshold }} - {{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "radar-rest-sources-authorizer.fullname" . }} + labels: +{{ include "radar-rest-sources-authorizer.labels" . | indent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "radar-rest-sources-authorizer.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "radar-rest-sources-authorizer.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: "app.kubernetes.io/name" + operator: In + values: + - {{ template "radar-rest-sources-authorizer.name" . }} + - key: "app.kubernetes.io/instance" + operator: In + values: + - {{ .Release.Name }} + topologyKey: "kubernetes.io/hostname" + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + - name: BASE_HREF + value: /rest-sources/authorizer/ + - name: BACKEND_BASE_URL + value: https://{{ .Values.serverName }}/rest-sources/backend + - name: VALIDATE + value: "true" + - name: AUTH_GRANT_TYPE + value: "authorization_code" + - name: AUTH_CLIENT_ID + value: {{ .Values.clientId }} + - name: AUTH_CLIENT_SECRET + value: "" + - name: AUTH_CALLBACK_URL + value: https://{{ .Values.serverName }}/rest-sources/authorizer/login + - name: AUTH_URI + value: https://{{ .Values.authUrl }} + {{- with .Values.extraEnvVars }} + {{- toYaml . | nindent 10 }} + {{- end }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + {{- if .Values.customLivenessProbe }} + livenessProbe: {{- .Values.customLivenessProbe | toYaml | nindent 12 }} + {{- else if .Values.livenessProbe.enabled }} + livenessProbe: + httpGet: + path: /rest-sources/authorizer/ + port: http + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + {{- end }} + {{- if .Values.customReadinessProbe }} + readinessProbe: {{- .Values.customReadinessProbe | toYaml | nindent 12 }} + {{- else if .Values.readinessProbe.enabled }} + readinessProbe: + httpGet: + path: /rest-sources/authorizer/ + port: http + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + {{- end }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/radar-rest-sources-authorizer/values.yaml b/charts/radar-rest-sources-authorizer/values.yaml index fcf309b4..79f8547e 100644 --- a/charts/radar-rest-sources-authorizer/values.yaml +++ b/charts/radar-rest-sources-authorizer/values.yaml @@ -1,159 +1,159 @@ -# Default values for radar-rest-sources-authorizer. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -# -- Number of radar-rest-sources-authorizer replicas to deploy -replicaCount: 2 - -image: - # -- radar-rest-sources-authorizer image repository - repository: radarbase/radar-rest-source-authorizer - # -- radar-rest-sources-authorizer image tag (immutable tags are recommended) - # Overrides the image tag whose default is the chart appVersion. - tag: 4.4.0 - # -- radar-rest-sources-authorizer image pull policy - pullPolicy: IfNotPresent - -# -- Docker registry secret names as an array -imagePullSecrets: [] - -# -- String to partially override radar-rest-sources-authorizer.fullname template with a string (will prepend the release name) -nameOverride: "" -# -- String to fully override radar-rest-sources-authorizer.fullname template with a string -fullnameOverride: "" - -# -- Configure radar-rest-sources-authorizer pods' Security Context -podSecurityContext: {} - # fsGroup: 2000 - -# -- Configure radar-rest-sources-authorizer containers' Security Context -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - # -- Kubernetes Service type - type: ClusterIP - # -- radar-rest-sources-authorizer port - port: 8080 - -ingress: - # -- Enable ingress controller resource - enabled: true - # -- Annotations that define default ingress class, certificate issuer - # @default -- check values.yaml - annotations: - cert-manager.io/cluster-issuer: letsencrypt-prod - # -- Path within the url structure - path: /rest-sources/authorizer - # -- Ingress Path type - pathType: ImplementationSpecific - # -- IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) - ingressClassName: nginx - # -- Hosts to accept requests from - hosts: - - localhost - tls: - # -- TLS Secret Name - secretName: radar-base-tls-radar-rest-sources-authorizer - -resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - - # -- CPU/Memory resource requests - requests: - cpu: 100m - memory: 128Mi - -# -- Node labels for pod assignment -nodeSelector: {} - -# -- Toleration labels for pod assignment -tolerations: [] - -# -- Affinity labels for pod assignment -affinity: {} - -# -- Extra environment variables -extraEnvVars: [] -# - name: BEARER_AUTH -# value: true - -# -- Custom livenessProbe that overrides the default one -customLivenessProbe: {} - -livenessProbe: - # -- Enable livenessProbe - enabled: true - # -- Initial delay seconds for livenessProbe - initialDelaySeconds: 5 - # -- Period seconds for livenessProbe - periodSeconds: 30 - # -- Timeout seconds for livenessProbe - timeoutSeconds: 3 - # -- Success threshold for livenessProbe - successThreshold: 1 - # -- Failure threshold for livenessProbe - failureThreshold: 3 - -# -- Custom readinessProbe that overrides the default one -customReadinessProbe: {} - -readinessProbe: - # -- Enable readinessProbe - enabled: true - # -- Initial delay seconds for readinessProbe - initialDelaySeconds: 5 - # -- Period seconds for readinessProbe - periodSeconds: 10 - # -- Timeout seconds for readinessProbe - timeoutSeconds: 3 - # -- Success threshold for readinessProbe - successThreshold: 1 - # -- Failure threshold for readinessProbe - failureThreshold: 3 - -# -- Network policy defines who can access this application and who this applications has access to -# @default -- check `values.yaml` -networkpolicy: - policyTypes: - - Ingress - - Egress - ingress: - - from: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: '{{ .Release.Namespace }}' - podSelector: - matchLabels: - app.kubernetes.io/name: ingress-nginx - egress: - - to: - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: kube-system - podSelector: - matchLabels: - k8s-app: kube-dns - ports: - - port: 53 - protocol: UDP - - port: 53 - protocol: TCP - -# -- OAuth2 client id of the application registered in Management Portal. It is assumed that this is a public client with empty client secret. -clientId: radar_rest_sources_authorizer -# -- Domain name of the server -serverName: localhost -# -- Authorization URL of the IDP -authUrl: localhost/managementportal/oauth +# Default values for radar-rest-sources-authorizer. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# -- Number of radar-rest-sources-authorizer replicas to deploy +replicaCount: 2 + +image: + # -- radar-rest-sources-authorizer image repository + repository: radarbase/radar-rest-source-authorizer + # -- radar-rest-sources-authorizer image tag (immutable tags are recommended) + # Overrides the image tag whose default is the chart appVersion. + tag: 4.4.0 + # -- radar-rest-sources-authorizer image pull policy + pullPolicy: IfNotPresent + +# -- Docker registry secret names as an array +imagePullSecrets: [] + +# -- String to partially override radar-rest-sources-authorizer.fullname template with a string (will prepend the release name) +nameOverride: "" +# -- String to fully override radar-rest-sources-authorizer.fullname template with a string +fullnameOverride: "" + +# -- Configure radar-rest-sources-authorizer pods' Security Context +podSecurityContext: {} + # fsGroup: 2000 + +# -- Configure radar-rest-sources-authorizer containers' Security Context +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + # -- Kubernetes Service type + type: ClusterIP + # -- radar-rest-sources-authorizer port + port: 8080 + +ingress: + # -- Enable ingress controller resource + enabled: true + # -- Annotations that define default ingress class, certificate issuer + # @default -- check values.yaml + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + # -- Path within the url structure + path: /rest-sources/authorizer + # -- Ingress Path type + pathType: ImplementationSpecific + # -- IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + ingressClassName: nginx + # -- Hosts to accept requests from + hosts: + - localhost + tls: + # -- TLS Secret Name + secretName: radar-base-tls-radar-rest-sources-authorizer + +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + + # -- CPU/Memory resource requests + requests: + cpu: 100m + memory: 128Mi + +# -- Node labels for pod assignment +nodeSelector: {} + +# -- Toleration labels for pod assignment +tolerations: [] + +# -- Affinity labels for pod assignment +affinity: {} + +# -- Extra environment variables +extraEnvVars: [] +# - name: BEARER_AUTH +# value: true + +# -- Custom livenessProbe that overrides the default one +customLivenessProbe: {} + +livenessProbe: + # -- Enable livenessProbe + enabled: true + # -- Initial delay seconds for livenessProbe + initialDelaySeconds: 5 + # -- Period seconds for livenessProbe + periodSeconds: 30 + # -- Timeout seconds for livenessProbe + timeoutSeconds: 3 + # -- Success threshold for livenessProbe + successThreshold: 1 + # -- Failure threshold for livenessProbe + failureThreshold: 3 + +# -- Custom readinessProbe that overrides the default one +customReadinessProbe: {} + +readinessProbe: + # -- Enable readinessProbe + enabled: true + # -- Initial delay seconds for readinessProbe + initialDelaySeconds: 5 + # -- Period seconds for readinessProbe + periodSeconds: 10 + # -- Timeout seconds for readinessProbe + timeoutSeconds: 3 + # -- Success threshold for readinessProbe + successThreshold: 1 + # -- Failure threshold for readinessProbe + failureThreshold: 3 + +# -- Network policy defines who can access this application and who this applications has access to +# @default -- check `values.yaml` +networkpolicy: + policyTypes: + - Ingress + - Egress + ingress: + - from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: '{{ .Release.Namespace }}' + podSelector: + matchLabels: + app.kubernetes.io/name: ingress-nginx + egress: + - to: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: kube-system + podSelector: + matchLabels: + k8s-app: kube-dns + ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + +# -- OAuth2 client id of the application registered in Management Portal. It is assumed that this is a public client with empty client secret. +clientId: radar_rest_sources_authorizer +# -- Domain name of the server +serverName: localhost +# -- Authorization URL of the IDP +authUrl: localhost/managementportal/oauth