kubezero/charts/kubezero-cert-manager/values.yaml

clusterIssuer: {}
# name: letsencrypt-dns-prod
# server: https://acme-v02.api.letsencrypt.org/directory
# email: admin@example.com
# solvers:
#   - dns01:
#       route53:
#         region: us-west-2
#         hostedZoneID: 1234567890

localCA:
  enabled: false
  # If selfsigning is false you must provide the ca key and crt below
  selfsigning: true
  #ca:
  #  key: <pem-key-material>
  #  crt: <pem-crt-material>

cert-manager:
  installCRDs: true
  tolerations:
  - key: node-role.kubernetes.io/master
    effect: NoSchedule
  nodeSelector:
    node-role.kubernetes.io/master: ""
  ingressShim:
    defaultIssuerName: letsencrypt-dns-prod
    defaultIssuerKind: ClusterIssuer
  webhook:
    tolerations:
    - key: node-role.kubernetes.io/master
      effect: NoSchedule
    nodeSelector:
      node-role.kubernetes.io/master: ""
  cainjector:
    tolerations:
    - key: node-role.kubernetes.io/master
      effect: NoSchedule
    nodeSelector:
      node-role.kubernetes.io/master: ""
  extraArgs:
    - "--dns01-recursive-nameservers-only"
    # When this flag is enabled, secrets will be automatically removed when the certificate resource is deleted
    # - --enable-certificate-owner-ref=true
  prometheus:
    servicemonitor:
      enabled: false
  # cert-manager.podAnnotations -- "iam.amazonaws.com/roleIAM:" role ARN the cert-manager might use via kiam eg."arn:aws:iam::123456789012:role/certManagerRoleArn"
  podAnnotations: {}
  #   iam.amazonaws.com/role: ""
cert-manager: Add Cluster-issuer 2020-05-06 14:03:33 +00:00			`clusterIssuer: {}`
			`# name: letsencrypt-dns-prod`
			`# server: https://acme-v02.api.letsencrypt.org/directory`
			`# email: admin@example.com`
			`# solvers:`
			`# - dns01:`
			`# route53:`
			`# region: us-west-2`
			`# hostedZoneID: 1234567890`

Add icons to all charts 2020-05-14 10:44:25 +00:00			`localCA:`
First steps of argoless bootstrap 2020-11-03 12:51:57 +00:00			`enabled: false`
Add icons to all charts 2020-05-14 10:44:25 +00:00			`# If selfsigning is false you must provide the ca key and crt below`
			`selfsigning: true`
			`#ca:`
			`# key: <pem-key-material>`
			`# crt: <pem-crt-material>`

Renaming, addition of draft cert-manager, templating 2020-05-05 14:21:09 +00:00			`cert-manager:`
Bump cert-manager to 0.15, enable CRDs 2020-05-06 23:33:28 +00:00			`installCRDs: true`
Renaming, addition of draft cert-manager, templating 2020-05-05 14:21:09 +00:00			`tolerations:`
			`- key: node-role.kubernetes.io/master`
			`effect: NoSchedule`
			`nodeSelector:`
			`node-role.kubernetes.io/master: ""`
			`ingressShim:`
			`defaultIssuerName: letsencrypt-dns-prod`
			`defaultIssuerKind: ClusterIssuer`
			`webhook:`
			`tolerations:`
			`- key: node-role.kubernetes.io/master`
			`effect: NoSchedule`
			`nodeSelector:`
			`node-role.kubernetes.io/master: ""`
			`cainjector:`
			`tolerations:`
			`- key: node-role.kubernetes.io/master`
			`effect: NoSchedule`
			`nodeSelector:`
			`node-role.kubernetes.io/master: ""`
			`extraArgs:`
			`- "--dns01-recursive-nameservers-only"`
Bump cert-manager to 0.15, enable CRDs 2020-05-06 23:33:28 +00:00			`# When this flag is enabled, secrets will be automatically removed when the certificate resource is deleted`
			`# - --enable-certificate-owner-ref=true`
Renaming, addition of draft cert-manager, templating 2020-05-05 14:21:09 +00:00			`prometheus:`
			`servicemonitor:`
			`enabled: false`
Revert annotations for cert-manager, enable selfheal for cert-manager to work around bootstrap issues 2020-06-14 16:59:56 +00:00			`# cert-manager.podAnnotations -- "iam.amazonaws.com/roleIAM:" role ARN the cert-manager might use via kiam eg."arn:aws:iam::123456789012:role/certManagerRoleArn"`
			`podAnnotations: {}`
			`# iam.amazonaws.com/role: ""`