kubezero: {{- if .Values.global }} global: {{- toYaml .Values.global | nindent 4 }} {{- end }} calico: enabled: {{ .Values.calico.enabled }} type: {{ default "kustomize" .Values.calico.type }} values: migration: {{ default false .Values.calico.migration }} prometheus: false # prometheus: {{ .Values.prometheus.enabled }} {{- if .Values.calico.network }} network: {{ .Values.calico.network }} {{- end }} cert-manager: enabled: {{ index .Values "cert-manager" "enabled" }} values: {{- if .Values.bootstrap }} localCA: enabled: false {{- else }} {{- if .Values.aws }} cert-manager: podAnnotations: iam.amazonaws.com/role: "{{ index .Values "cert-manager" "IamArn" }}" {{- end }} clusterIssuer: name: letsencrypt-dns-prod server: https://acme-v02.api.letsencrypt.org/directory email: {{ index .Values "cert-manager" "email" }} solvers: - selector: dnsZones: {{- with index .Values "cert-manager" "dnsZones" }} {{- . | toYaml | nindent 14 }} {{- end }} dns01: {{- if .Values.aws }} route53: region: {{ .Values.region }} {{- end }} {{- if .Values.aws }} aws-ebs-csi-driver: enabled: {{ index .Values "aws-ebs-csi-driver" "enabled" }} values: aws-ebs-csi-driver: replicaCount: {{ ternary 2 1 .Values.HighAvailableControlplane }} podAnnotations: iam.amazonaws.com/role: "{{ index .Values "aws-ebs-csi-driver" "IamArn" }}" extraVolumeTags: Name: {{ .Values.ClusterName }} kiam: enabled: {{ .Values.kiam.enabled }} values: kiam: server: assumeRoleArn: "{{ .Values.kiam.IamArn }}" deployment: replicas: {{ ternary 2 1 .Values.HighAvailableControlplane }} prometheus: servicemonitor: enabled: {{ .Values.prometheus.enabled }} {{- end }} {{- end }} argo-cd: {{- with index .Values "argo-cd" "server" }} server: {{- toYaml . | nindent 4 }} {{- end }} {{- with index .Values "argo-cd" "configs" }} configs: {{- toYaml . | nindent 4 }} {{- end }} {{- if not .Values.bootstrap }} istio: enabled: {{ .Values.istio.enabled }} gateway: private-ingressgateway.istio-system.svc.cluster.local {{- end }}