50 lines
1.0 KiB
YAML
50 lines
1.0 KiB
YAML
{{- define "cert-manager-values" }}
|
|
|
|
localCA:
|
|
enabled: true
|
|
|
|
cert-manager:
|
|
{{- if not .Values.global.highAvailable }}
|
|
strategy:
|
|
type: Recreate
|
|
{{- end }}
|
|
|
|
prometheus:
|
|
servicemonitor:
|
|
enabled: {{ $.Values.metrics.enabled }}
|
|
{{ with index .Values "cert-manager" "IamArn" }}
|
|
extraEnv:
|
|
- name: AWS_ROLE_ARN
|
|
value: "{{ . }}"
|
|
- name: AWS_WEB_IDENTITY_TOKEN_FILE
|
|
value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
|
|
- name: AWS_STS_REGIONAL_ENDPOINTS
|
|
value: regional
|
|
|
|
volumes:
|
|
- name: aws-token
|
|
projected:
|
|
sources:
|
|
- serviceAccountToken:
|
|
path: token
|
|
expirationSeconds: 86400
|
|
audience: "sts.amazonaws.com"
|
|
|
|
volumeMounts:
|
|
- name: aws-token
|
|
mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/"
|
|
readOnly: true
|
|
{{- end }}
|
|
|
|
{{- with index .Values "cert-manager" "clusterIssuer" }}
|
|
clusterIssuer:
|
|
{{- . | toYaml | nindent 2 }}
|
|
{{- end }}
|
|
|
|
{{- end }}
|
|
|
|
{{- define "cert-manager-argo" }}
|
|
{{- end }}
|
|
|
|
{{ include "kubezero-app.app" . }}
|