Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-10 15:07:49 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
13b5c01c6df23ebef5c82b9b74d1770184ade613
charts/bitnami/ejbca/values.schema.json
Antonio Gámez, PhD a2c2090b5a Autogenerate schema files (#19194) 
Signed-off-by: Antonio Gamez Diaz <agamez@vmware.com>
2023-09-11 11:23:08 +02:00

917 lines
35 KiB
JSON
Raw Blame History

{
"title": "Chart Values",
"type": "object",
"properties": {
"global": {
"type": "object",
"properties": {
"imageRegistry": {
"type": "string",
"description": "Global Docker image registry",
"default": ""
},
"imagePullSecrets": {
"type": "array",
"description": "Global Docker registry secret names as an array",
"default": [],
"items": {}
},
"storageClass": {
"type": "string",
"description": "Global StorageClass for Persistent Volume(s)",
"default": ""
}
}
},
"kubeVersion": {
"type": "string",
"description": "Force target Kubernetes version (using Helm capabilities if not set)",
"default": ""
},
"nameOverride": {
"type": "string",
"description": "String to partially override ebjca.fullname template (will maintain the release name)",
"default": ""
},
"fullnameOverride": {
"type": "string",
"description": "String to fully override ebjca.fullname template",
"default": ""
},
"namespaceOverride": {
"type": "string",
"description": "String to fully override common.names.namespace",
"default": ""
},
"commonLabels": {
"type": "object",
"description": "Add labels to all the deployed resources",
"default": {}
},
"commonAnnotations": {
"type": "object",
"description": "Annotations to be added to all deployed resources",
"default": {}
},
"extraDeploy": {
"type": "array",
"description": "Array of extra objects to deploy with the release",
"default": [],
"items": {}
},
"diagnosticMode": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable diagnostic mode (all probes will be disabled and the command will be overridden)",
"default": false
},
"command": {
"type": "array",
"description": "Command to override all containers in the deployment",
"default": [
"sleep"
],
"items": {
"type": "string"
}
},
"args": {
"type": "array",
"description": "Args to override all containers in the deployment",
"default": [
"infinity"
],
"items": {
"type": "string"
}
}
}
},
"image": {
"type": "object",
"properties": {
"registry": {
"type": "string",
"description": "EJBCA image registry",
"default": "docker.io"
},
"repository": {
"type": "string",
"description": "EJBCA image name",
"default": "bitnami/ejbca"
},
"tag": {
"type": "string",
"description": "EJBCA image tag",
"default": "8.0.20230531-debian-11-r0"
},
"digest": {
"type": "string",
"description": "EJBCA image image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag",
"default": ""
},
"pullPolicy": {
"type": "string",
"description": "EJBCA image pull policy",
"default": "IfNotPresent"
},
"pullSecrets": {
"type": "array",
"description": "Specify docker-registry secret names as an array",
"default": [],
"items": {}
},
"debug": {
"type": "boolean",
"description": "Enable image debug mode",
"default": false
}
}
},
"replicaCount": {
"type": "number",
"description": "Number of EJBCA replicas to deploy",
"default": 1
},
"extraVolumeMounts": {
"type": "array",
"description": "Additional volume mounts (used along with `extraVolumes`)",
"default": [],
"items": {}
},
"extraVolumes": {
"type": "array",
"description": "Array of extra volumes to be added deployment. Requires setting `extraVolumeMounts`",
"default": [],
"items": {}
},
"podAnnotations": {
"type": "object",
"description": "Additional pod annotations",
"default": {}
},
"podLabels": {
"type": "object",
"description": "Additional pod labels",
"default": {}
},
"podSecurityContext": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable security context for EJBCA container",
"default": true
},
"fsGroup": {
"type": "number",
"description": "Group ID for the volumes of the pod",
"default": 1001
}
}
},
"podAffinityPreset": {
"type": "string",
"description": "Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`",
"default": ""
},
"podAntiAffinityPreset": {
"type": "string",
"description": "Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`",
"default": "soft"
},
"nodeAffinityPreset": {
"type": "object",
"properties": {
"type": {
"type": "string",
"description": "Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`",
"default": ""
},
"key": {
"type": "string",
"description": "Node label key to match Ignored if `affinity` is set.",
"default": ""
},
"values": {
"type": "array",
"description": "Node label values to match. Ignored if `affinity` is set.",
"default": [],
"items": {}
}
}
},
"affinity": {
"type": "object",
"description": "Affinity for pod assignment",
"default": {}
},
"nodeSelector": {
"type": "object",
"description": "Node labels for pod assignment",
"default": {}
},
"tolerations": {
"type": "array",
"description": "Tolerations for pod assignment",
"default": [],
"items": {}
},
"updateStrategy": {
"type": "object",
"properties": {
"type": {
"type": "string",
"description": "EJBCA deployment strategy type.",
"default": "RollingUpdate"
}
}
},
"persistence": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether to enable persistence based on Persistent Volume Claims",
"default": true
},
"accessModes": {
"type": "array",
"description": "Persistent Volume access modes",
"default": [
"ReadWriteOnce"
],
"items": {
"type": "string"
}
},
"size": {
"type": "string",
"description": "Size of the PVC to request",
"default": "2Gi"
},
"storageClass": {
"type": "string",
"description": "PVC Storage Class",
"default": ""
},
"existingClaim": {
"type": "string",
"description": "Name of an existing PVC to reuse",
"default": ""
},
"annotations": {
"type": "object",
"description": "Persistent Volume Claim annotations",
"default": {}
}
}
},
"sidecars": {
"type": "array",
"description": "Attach additional sidecar containers to the pod",
"default": [],
"items": {}
},
"initContainers": {
"type": "array",
"description": "Additional init containers to add to the pods",
"default": [],
"items": {}
},
"hostAliases": {
"type": "array",
"description": "Add deployment host aliases",
"default": [],
"items": {}
},
"priorityClassName": {
"type": "string",
"description": "EJBCA pods' priorityClassName",
"default": ""
},
"schedulerName": {
"type": "string",
"description": "Name of the k8s scheduler (other than default)",
"default": ""
},
"topologySpreadConstraints": {
"type": "array",
"description": "Topology Spread Constraints for pod assignment",
"default": [],
"items": {}
},
"ejbcaAdminUsername": {
"type": "string",
"description": "EJBCA administrator username",
"default": "bitnami"
},
"ejbcaAdminPassword": {
"type": "string",
"description": "Password for the administrator account",
"default": ""
},
"existingSecret": {
"type": "string",
"description": "Alternatively, you can provide the name of an existing secret containing",
"default": ""
},
"ejbcaJavaOpts": {
"type": "string",
"description": "Options used to launch the WildFly server",
"default": ""
},
"ejbcaCA": {
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "Name of the CA EJBCA will instantiate by default",
"default": "ManagementCA"
},
"baseDN": {
"type": "string",
"description": "Base DomainName of the CA EJBCA will instantiate by default",
"default": ""
}
}
},
"ejbcaKeystoreExistingSecret": {
"type": "string",
"description": "Name of an existing Secret containing a Keystore object",
"default": ""
},
"extraEnvVars": {
"type": "array",
"description": "Array with extra environment variables to add to EJBCA nodes",
"default": [],
"items": {}
},
"extraEnvVarsCM": {
"type": "string",
"description": "Name of existing ConfigMap containing extra env vars for EJBCA nodes",
"default": ""
},
"extraEnvVarsSecret": {
"type": "string",
"description": "Name of existing Secret containing extra env vars for EJBCA nodes",
"default": ""
},
"command": {
"type": "array",
"description": "Custom command to override image cmd",
"default": [],
"items": {}
},
"args": {
"type": "array",
"description": "Custom args for the custom command",
"default": [],
"items": {}
},
"lifecycleHooks": {
"type": "object",
"description": "for the EJBCA container(s) to automate configuration before or after startup",
"default": {}
},
"resources": {
"type": "object",
"properties": {
"limits": {
"type": "object",
"description": "The resources limits for Ejbca containers",
"default": {}
},
"requests": {
"type": "object",
"description": "The requested resources for Ejbca containers",
"default": {}
}
}
},
"containerSecurityContext": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enabled EJBCA containers' Security Context",
"default": true
},
"runAsUser": {
"type": "number",
"description": "Set EJBCA containers' Security Context runAsUser",
"default": 1001
},
"runAsNonRoot": {
"type": "boolean",
"description": "Set EJBCA container's Security Context runAsNonRoot",
"default": true
}
}
},
"startupProbe": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/disable startupProbe",
"default": false
},
"initialDelaySeconds": {
"type": "number",
"description": "Delay before startup probe is initiated",
"default": 500
},
"periodSeconds": {
"type": "number",
"description": "How often to perform the probe",
"default": 10
},
"timeoutSeconds": {
"type": "number",
"description": "When the probe times out",
"default": 5
},
"failureThreshold": {
"type": "number",
"description": "Minimum consecutive failures for the probe",
"default": 6
},
"successThreshold": {
"type": "number",
"description": "Minimum consecutive successes for the probe",
"default": 1
}
}
},
"livenessProbe": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/disable livenessProbe",
"default": true
},
"initialDelaySeconds": {
"type": "number",
"description": "Delay before liveness probe is initiated",
"default": 500
},
"periodSeconds": {
"type": "number",
"description": "How often to perform the probe",
"default": 10
},
"timeoutSeconds": {
"type": "number",
"description": "When the probe times out",
"default": 5
},
"failureThreshold": {
"type": "number",
"description": "Minimum consecutive failures for the probe",
"default": 6
},
"successThreshold": {
"type": "number",
"description": "Minimum consecutive successes for the probe",
"default": 1
}
}
},
"readinessProbe": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/disable readinessProbe",
"default": true
},
"initialDelaySeconds": {
"type": "number",
"description": "Delay before readiness probe is initiated",
"default": 500
},
"periodSeconds": {
"type": "number",
"description": "How often to perform the probe",
"default": 10
},
"timeoutSeconds": {
"type": "number",
"description": "When the probe times out",
"default": 5
},
"failureThreshold": {
"type": "number",
"description": "Minimum consecutive failures for the probe",
"default": 6
},
"successThreshold": {
"type": "number",
"description": "Minimum consecutive successes for the probe",
"default": 1
}
}
},
"customStartupProbe": {
"type": "object",
"description": "Custom startup probe to execute (when the main one is disabled)",
"default": {}
},
"customLivenessProbe": {
"type": "object",
"description": "Custom liveness probe to execute (when the main one is disabled)",
"default": {}
},
"containerPorts": {
"type": "object",
"properties": {
"http": {
"type": "number",
"description": "",
"default": 8080
},
"https": {
"type": "number",
"description": "",
"default": 8443
}
}
},
"customReadinessProbe": {
"type": "object",
"description": "Custom readiness probe to execute (when the main one is disabled)",
"default": {}
},
"service": {
"type": "object",
"properties": {
"type": {
"type": "string",
"description": "Kubernetes Service type",
"default": "LoadBalancer"
},
"ports": {
"type": "object",
"properties": {
"http": {
"type": "number",
"description": "Service HTTP port",
"default": 8080
},
"https": {
"type": "number",
"description": "Service HTTPS port",
"default": 8443
}
}
},
"nodePorts": {
"type": "object",
"properties": {
"http": {
"type": "string",
"description": "",
"default": ""
},
"https": {
"type": "string",
"description": "",
"default": ""
}
}
},
"advertisedHttpsPort": {
"type": "number",
"description": "Port number used in the rendered URLs for the admistrator login.",
"default": 443
},
"httpsTargetPort": {
"type": "string",
"description": "Service Target HTTPS port",
"default": "https"
},
"clusterIP": {
"type": "string",
"description": "EJBCA service Cluster IP",
"default": ""
},
"loadBalancerIP": {
"type": "string",
"description": "EJBCA service Load Balancer IP",
"default": ""
},
"externalTrafficPolicy": {
"type": "string",
"description": "Enable client source IP preservation",
"default": "Cluster"
},
"annotations": {
"type": "object",
"description": "Service annotations",
"default": {}
},
"loadBalancerSourceRanges": {
"type": "array",
"description": "Limits which cidr blocks can connect to service's load balancer",
"default": [],
"items": {}
},
"extraPorts": {
"type": "array",
"description": "Extra ports to expose in the service (normally used with the `sidecar` value)",
"default": [],
"items": {}
},
"sessionAffinity": {
"type": "string",
"description": "Session Affinity for Kubernetes service, can be \"None\" or \"ClientIP\"",
"default": "None"
},
"sessionAffinityConfig": {
"type": "object",
"description": "Additional settings for the sessionAffinity",
"default": {}
}
}
},
"ingress": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable ingress controller resource",
"default": false
},
"pathType": {
"type": "string",
"description": "Ingress Path type",
"default": "ImplementationSpecific"
},
"apiVersion": {
"type": "string",
"description": "Override API Version (automatically detected if not set)",
"default": ""
},
"hostname": {
"type": "string",
"description": "Default host for the ingress resource",
"default": "ejbca.local"
},
"path": {
"type": "string",
"description": "The Path to EJBCA. You may need to set this to '/*' in order to use this",
"default": "/"
},
"annotations": {
"type": "object",
"description": "Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.",
"default": {}
},
"tls": {
"type": "boolean",
"description": "Enable TLS configuration for the hostname defined at ingress.hostname parameter",
"default": false
},
"extraHosts": {
"type": "array",
"description": "The list of additional hostnames to be covered with this ingress record.",
"default": [],
"items": {}
},
"extraPaths": {
"type": "array",
"description": "Any additional arbitrary paths that may need to be added to the ingress under the main host.",
"default": [],
"items": {}
},
"extraTls": {
"type": "array",
"description": "The tls configuration for additional hostnames to be covered with this ingress record.",
"default": [],
"items": {}
},
"secrets": {
"type": "array",
"description": "If you're providing your own certificates, please use this to add the certificates as secrets",
"default": [],
"items": {}
},
"ingressClassName": {
"type": "string",
"description": "IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)",
"default": ""
},
"extraRules": {
"type": "array",
"description": "Additional rules to be covered with this ingress record",
"default": [],
"items": {}
}
}
},
"mariadb": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether to deploy a mariadb server to satisfy the applications database requirements.",
"default": true
},
"architecture": {
"type": "string",
"description": "MariaDB architecture (`standalone` or `replication`)",
"default": "standalone"
},
"auth": {
"type": "object",
"properties": {
"rootPassword": {
"type": "string",
"description": "Password for the MariaDB `root` user",
"default": ""
},
"database": {
"type": "string",
"description": "Database name to create",
"default": "bitnami_ejbca"
},
"username": {
"type": "string",
"description": "Database user to create",
"default": "bn_ejbca"
},
"password": {
"type": "string",
"description": "Password for the database",
"default": ""
}
}
},
"primary": {
"type": "object",
"properties": {
"persistence": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable database persistence using PVC",
"default": true
},
"storageClass": {
"type": "string",
"description": "MariaDB primary persistent volume storage Class",
"default": ""
},
"accessMode": {
"type": "string",
"description": "Persistent Volume access mode",
"default": "ReadWriteOnce"
},
"size": {
"type": "string",
"description": "Database Persistent Volume Size",
"default": "8Gi"
},
"hostPath": {
"type": "string",
"description": "Set path in case you want to use local host path volumes (not recommended in production)",
"default": ""
},
"existingClaim": {
"type": "string",
"description": "Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas",
"default": ""
}
}
}
}
}
}
},
"externalDatabase": {
"type": "object",
"properties": {
"host": {
"type": "string",
"description": "Host of the external database",
"default": "localhost"
},
"user": {
"type": "string",
"description": "non-root Username for EJBCA Database",
"default": "bn_ejbca"
},
"password": {
"type": "string",
"description": "Password for the above username",
"default": ""
},
"existingSecret": {
"type": "string",
"description": "Name of an existing secret resource containing the DB password in a 'mariadb-password' key",
"default": ""
},
"database": {
"type": "string",
"description": "Name of the existing database",
"default": "bitnami_ejbca"
},
"port": {
"type": "number",
"description": "Database port number",
"default": 3306
}
}
},
"networkPolicy": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable network policies",
"default": false
},
"ingress": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable network policy for Ingress Proxies",
"default": false
},
"namespaceSelector": {
"type": "object",
"description": "Ingress Proxy namespace selector labels. These labels will be used to identify the Ingress Proxy's namespace.",
"default": {}
},
"podSelector": {
"type": "object",
"description": "Ingress Proxy pods selector labels. These labels will be used to identify the Ingress Proxy pods.",
"default": {}
}
}
},
"ingressRules": {
"type": "object",
"properties": {
"backendOnlyAccessibleByFrontend": {
"type": "boolean",
"description": "Enable ingress rule that makes the backend (mariadb) only accessible by EJBCA's pods.",
"default": false
},
"customBackendSelector": {
"type": "object",
"description": "Backend selector labels. These labels will be used to identify the backend pods.",
"default": {}
},
"accessOnlyFrom": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable ingress rule that makes EJBCA only accessible from a particular origin",
"default": false
},
"namespaceSelector": {
"type": "object",
"description": "Namespace selector label that is allowed to access EJBCA. This label will be used to identified the allowed namespace(s).",
"default": {}
},
"podSelector": {
"type": "object",
"description": "Pods selector label that is allowed to access EJBCA. This label will be used to identified the allowed pod(s).",
"default": {}
}
}
},
"customRules": {
"type": "object",
"description": "Custom network policy ingress rule",
"default": {}
}
}
},
"egressRules": {
"type": "object",
"properties": {
"denyConnectionsToExternal": {
"type": "boolean",
"description": "Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53).",
"default": false
},
"customRules": {
"type": "object",
"description": "Custom network policy rule",
"default": {}
}
}
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink