keel-hq
/
keel
mirror of https://github.com/keel-hq/keel/tree/master/chart/keel
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

cleanup, updated docs

pull/512/head
Karolis Rusenas 2020-06-21 17:57:13 +01:00
parent 82ba1d50ac
commit 9aca35064c
9 changed files with 0 additions and 1369 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

290
deployment/deployment-norbac-whr-sidecar.yaml
View File

@ -1,290 +0,0 @@
---
# Source: keel/templates/00-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: "keel"
---
# Source: keel/templates/pod-disruption-budget.yaml
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: keel
namespace: keel
spec:
maxUnavailable: 1
selector:
matchLabels:
app: keel
---
# Source: keel/templates/secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
type: Opaque
data:
SLACK_TOKEN:
HIPCHAT_TOKEN:
HIPCHAT_APPROVALS_PASSWORT:
BASIC_AUTH_PASSWORD:
---
# Source: keel/templates/pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: keel
labels:
app.kubernetes.io/name: keel
helm.sh/chart: keel-0.8.19
app.kubernetes.io/instance: keel
app.kubernetes.io/managed-by: Tiller
spec:
storageClassName: "-"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "1Gi"
---
# Source: keel/templates/service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
---
# Source: keel/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
spec:
type: LoadBalancer
ports:
- port: 9300
targetPort: 9300
protocol: TCP
name: keel
selector:
app: keel
sessionAffinity: None
---
# Source: keel/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
spec:
replicas: 1
selector:
matchLabels:
app: keel
release: keel
template:
metadata:
labels:
app: keel
release: keel
spec:
serviceAccountName: keel
containers:
- name: keel
# Note that we use appVersion to get images tag.
image: "keelhq/keel:0.15.0-rc1"
imagePullPolicy: Always
command: ["/bin/keel"]
volumeMounts:
- name: storage-logs
mountPath: /data
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
# Enable polling
- name: POLL
value: "1"
# Enable GCR with pub/sub support
- name: PROJECT_ID
value: ""
- name: PUBSUB
value: "1"
# Enable AWS ECR
- name: AWS_ACCESS_KEY_ID
value: ""
- name: AWS_REGION
value: ""
- name: DOCKER_REGISTRY_CFG
valueFrom:
secretKeyRef:
name:
key:
# Enable webhook endpoint
- name: WEBHOOK_ENDPOINT
value: ""
# Enable mattermost endpoint
- name: MATTERMOST_ENDPOINT
value: ""
# Enable basic auth
- name: BASIC_AUTH_USER
value: ""
- name: SLACK_CHANNELS
value: ""
- name: SLACK_APPROVALS_CHANNEL
value: ""
# Enable hipchat approvials and notification
- name: HIPCHAT_CHANNELS
value: ""
- name: HIPCHAT_APPROVALS_CHANNEL
value: ""
- name: HIPCHAT_APPROVALS_BOT_NAME
value: ""
- name: HIPCHAT_APPROVALS_USER_NAME
value: ""
# Enable mail notifications
- name: MAIL_SMTP_SERVER
value: ""
- name: MAIL_SMTP_PORT
value: "25"
- name: MAIL_SMTP_USER
value: ""
- name: MAIL_TO
value: ""
- name: MAIL_FROM
value: ""
- name: NOTIFICATION_LEVEL
value: "info"
# Enable insecure registries
- name: INSECURE_REGISTRY
value: "true"
envFrom:
- secretRef:
name: keel
ports:
- containerPort: 9300
livenessProbe:
httpGet:
path: /healthz
port: 9300
initialDelaySeconds: 30
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /healthz
port: 9300
initialDelaySeconds: 30
timeoutSeconds: 10
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 50m
memory: 64Mi
- name: webhookrelayd
image: "webhookrelay/webhookrelayd:latest"
imagePullPolicy: IfNotPresent
command: ["/relayd"]
env:
- name: KEY
valueFrom:
secretKeyRef:
name: keel-webhookrelay
key: key
- name: SECRET
valueFrom:
secretKeyRef:
name: keel-webhookrelay
key: secret
- name: BUCKET
value: ""
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 50m
memory: 64Mi
volumes:
- name: storage-logs
persistentVolumeClaim:
claimName: keel
---
# Source: keel/templates/ingress.yaml
apiVersion: networking.gke.io/v1beta1
kind: ManagedCertificate
metadata:
name: keel
namespace: keel
spec:
domains:
-
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: keel
labels:
app.kubernetes.io/name: keel
helm.sh/chart: keel-0.8.19
app.kubernetes.io/instance: keel
app.kubernetes.io/managed-by: Tiller
annotations:
networking.gke.io/managed-certificates: keel
spec:
backend:
serviceName: keel
servicePort: keel
---
# Source: keel/templates/clusterrole.yaml
---
# Source: keel/templates/clusterrolebinding.yaml
---
# Source: keel/templates/secrets-webhookrelay.yaml

290
deployment/deployment-norbac.yaml
View File

@ -1,290 +0,0 @@
---
# Source: keel/templates/00-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: "keel"
---
# Source: keel/templates/pod-disruption-budget.yaml
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: keel
namespace: keel
spec:
maxUnavailable: 1
selector:
matchLabels:
app: keel
---
# Source: keel/templates/secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
type: Opaque
data:
SLACK_TOKEN:
HIPCHAT_TOKEN:
HIPCHAT_APPROVALS_PASSWORT:
BASIC_AUTH_PASSWORD:
---
# Source: keel/templates/pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: keel
labels:
app.kubernetes.io/name: keel
helm.sh/chart: keel-0.8.19
app.kubernetes.io/instance: keel
app.kubernetes.io/managed-by: Tiller
spec:
storageClassName: "-"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "1Gi"
---
# Source: keel/templates/service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
---
# Source: keel/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
spec:
type: LoadBalancer
ports:
- port: 9300
targetPort: 9300
protocol: TCP
name: keel
selector:
app: keel
sessionAffinity: None
---
# Source: keel/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
spec:
replicas: 1
selector:
matchLabels:
app: keel
release: keel
template:
metadata:
labels:
app: keel
release: keel
spec:
serviceAccountName: keel
containers:
- name: keel
# Note that we use appVersion to get images tag.
image: "keelhq/keel:0.15.0-rc1"
imagePullPolicy: Always
command: ["/bin/keel"]
volumeMounts:
- name: storage-logs
mountPath: /data
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
# Enable polling
- name: POLL
value: "1"
# Enable GCR with pub/sub support
- name: PROJECT_ID
value: ""
- name: PUBSUB
value: "1"
# Enable AWS ECR
- name: AWS_ACCESS_KEY_ID
value: ""
- name: AWS_REGION
value: ""
- name: DOCKER_REGISTRY_CFG
valueFrom:
secretKeyRef:
name:
key:
# Enable webhook endpoint
- name: WEBHOOK_ENDPOINT
value: ""
# Enable mattermost endpoint
- name: MATTERMOST_ENDPOINT
value: ""
# Enable basic auth
- name: BASIC_AUTH_USER
value: ""
- name: SLACK_CHANNELS
value: ""
- name: SLACK_APPROVALS_CHANNEL
value: ""
# Enable hipchat approvials and notification
- name: HIPCHAT_CHANNELS
value: ""
- name: HIPCHAT_APPROVALS_CHANNEL
value: ""
- name: HIPCHAT_APPROVALS_BOT_NAME
value: ""
- name: HIPCHAT_APPROVALS_USER_NAME
value: ""
# Enable mail notifications
- name: MAIL_SMTP_SERVER
value: ""
- name: MAIL_SMTP_PORT
value: "25"
- name: MAIL_SMTP_USER
value: ""
- name: MAIL_TO
value: ""
- name: MAIL_FROM
value: ""
- name: NOTIFICATION_LEVEL
value: "info"
# Enable insecure registries
- name: INSECURE_REGISTRY
value: "true"
envFrom:
- secretRef:
name: keel
ports:
- containerPort: 9300
livenessProbe:
httpGet:
path: /healthz
port: 9300
initialDelaySeconds: 30
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /healthz
port: 9300
initialDelaySeconds: 30
timeoutSeconds: 10
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 50m
memory: 64Mi
- name: webhookrelayd
image: "webhookrelay/webhookrelayd:latest"
imagePullPolicy: IfNotPresent
command: ["/relayd"]
env:
- name: KEY
valueFrom:
secretKeyRef:
name: keel-webhookrelay
key: key
- name: SECRET
valueFrom:
secretKeyRef:
name: keel-webhookrelay
key: secret
- name: BUCKET
value: ""
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 50m
memory: 64Mi
volumes:
- name: storage-logs
persistentVolumeClaim:
claimName: keel
---
# Source: keel/templates/ingress.yaml
apiVersion: networking.gke.io/v1beta1
kind: ManagedCertificate
metadata:
name: keel
namespace: keel
spec:
domains:
-
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: keel
labels:
app.kubernetes.io/name: keel
helm.sh/chart: keel-0.8.19
app.kubernetes.io/instance: keel
app.kubernetes.io/managed-by: Tiller
annotations:
networking.gke.io/managed-certificates: keel
spec:
backend:
serviceName: keel
servicePort: keel
---
# Source: keel/templates/clusterrole.yaml
---
# Source: keel/templates/clusterrolebinding.yaml
---
# Source: keel/templates/secrets-webhookrelay.yaml

353
deployment/deployment-rbac-whr-sidecar.yaml
View File

@ -1,353 +0,0 @@
---
# Source: keel/templates/00-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: "keel"
---
# Source: keel/templates/pod-disruption-budget.yaml
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: keel
namespace: keel
spec:
maxUnavailable: 1
selector:
matchLabels:
app: keel
---
# Source: keel/templates/secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
type: Opaque
data:
SLACK_TOKEN:
HIPCHAT_TOKEN:
HIPCHAT_APPROVALS_PASSWORT:
BASIC_AUTH_PASSWORD:
---
# Source: keel/templates/pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: keel
labels:
app.kubernetes.io/name: keel
helm.sh/chart: keel-0.8.19
app.kubernetes.io/instance: keel
app.kubernetes.io/managed-by: Tiller
spec:
storageClassName: "-"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "1Gi"
---
# Source: keel/templates/service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
---
# Source: keel/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: keel
rules:
- apiGroups:
- ""
resources:
- namespaces
verbs:
- watch
- list
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- watch
- list
- apiGroups:
- ""
- extensions
- apps
- batch
resources:
- pods
- replicasets
- replicationcontrollers
- statefulsets
- deployments
- daemonsets
- jobs
- cronjobs
verbs:
- get
- delete # required to delete pods during force upgrade of the same tag
- watch
- list
- update
- apiGroups:
- ""
resources:
- configmaps
- pods/portforward
verbs:
- get
- create
- update
---
# Source: keel/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: keel
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: keel
subjects:
- kind: ServiceAccount
name: keel
namespace: keel
---
# Source: keel/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
spec:
type: LoadBalancer
ports:
- port: 9300
targetPort: 9300
protocol: TCP
name: keel
selector:
app: keel
sessionAffinity: None
---
# Source: keel/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
spec:
replicas: 1
selector:
matchLabels:
app: keel
release: keel
template:
metadata:
labels:
app: keel
release: keel
spec:
serviceAccountName: keel
containers:
- name: keel
# Note that we use appVersion to get images tag.
image: "keelhq/keel:0.15.0-rc1"
imagePullPolicy: Always
command: ["/bin/keel"]
volumeMounts:
- name: storage-logs
mountPath: /data
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
# Enable polling
- name: POLL
value: "1"
# Enable GCR with pub/sub support
- name: PROJECT_ID
value: ""
- name: PUBSUB
value: "1"
# Enable AWS ECR
- name: AWS_ACCESS_KEY_ID
value: ""
- name: AWS_REGION
value: ""
- name: DOCKER_REGISTRY_CFG
valueFrom:
secretKeyRef:
name:
key:
# Enable webhook endpoint
- name: WEBHOOK_ENDPOINT
value: ""
# Enable mattermost endpoint
- name: MATTERMOST_ENDPOINT
value: ""
# Enable basic auth
- name: BASIC_AUTH_USER
value: ""
- name: SLACK_CHANNELS
value: ""
- name: SLACK_APPROVALS_CHANNEL
value: ""
# Enable hipchat approvials and notification
- name: HIPCHAT_CHANNELS
value: ""
- name: HIPCHAT_APPROVALS_CHANNEL
value: ""
- name: HIPCHAT_APPROVALS_BOT_NAME
value: ""
- name: HIPCHAT_APPROVALS_USER_NAME
value: ""
# Enable mail notifications
- name: MAIL_SMTP_SERVER
value: ""
- name: MAIL_SMTP_PORT
value: "25"
- name: MAIL_SMTP_USER
value: ""
- name: MAIL_TO
value: ""
- name: MAIL_FROM
value: ""
- name: NOTIFICATION_LEVEL
value: "info"
# Enable insecure registries
- name: INSECURE_REGISTRY
value: "true"
envFrom:
- secretRef:
name: keel
ports:
- containerPort: 9300
livenessProbe:
httpGet:
path: /healthz
port: 9300
initialDelaySeconds: 30
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /healthz
port: 9300
initialDelaySeconds: 30
timeoutSeconds: 10
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 50m
memory: 64Mi
- name: webhookrelayd
image: "webhookrelay/webhookrelayd:latest"
imagePullPolicy: IfNotPresent
command: ["/relayd"]
env:
- name: KEY
valueFrom:
secretKeyRef:
name: keel-webhookrelay
key: key
- name: SECRET
valueFrom:
secretKeyRef:
name: keel-webhookrelay
key: secret
- name: BUCKET
value: ""
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 50m
memory: 64Mi
volumes:
- name: storage-logs
persistentVolumeClaim:
claimName: keel
---
# Source: keel/templates/ingress.yaml
apiVersion: networking.gke.io/v1beta1
kind: ManagedCertificate
metadata:
name: keel
namespace: keel
spec:
domains:
-
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: keel
labels:
app.kubernetes.io/name: keel
helm.sh/chart: keel-0.8.19
app.kubernetes.io/instance: keel
app.kubernetes.io/managed-by: Tiller
annotations:
networking.gke.io/managed-certificates: keel
spec:
backend:
serviceName: keel
servicePort: keel
---
# Source: keel/templates/secrets-webhookrelay.yaml

353
deployment/deployment-rbac.yaml
View File

@ -1,353 +0,0 @@
---
# Source: keel/templates/00-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: "keel"
---
# Source: keel/templates/pod-disruption-budget.yaml
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: keel
namespace: keel
spec:
maxUnavailable: 1
selector:
matchLabels:
app: keel
---
# Source: keel/templates/secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
type: Opaque
data:
SLACK_TOKEN:
HIPCHAT_TOKEN:
HIPCHAT_APPROVALS_PASSWORT:
BASIC_AUTH_PASSWORD:
---
# Source: keel/templates/pvc.yaml
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: keel
labels:
app.kubernetes.io/name: keel
helm.sh/chart: keel-0.8.19
app.kubernetes.io/instance: keel
app.kubernetes.io/managed-by: Tiller
spec:
storageClassName: "-"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "1Gi"
---
# Source: keel/templates/service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
---
# Source: keel/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: keel
rules:
- apiGroups:
- ""
resources:
- namespaces
verbs:
- watch
- list
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- watch
- list
- apiGroups:
- ""
- extensions
- apps
- batch
resources:
- pods
- replicasets
- replicationcontrollers
- statefulsets
- deployments
- daemonsets
- jobs
- cronjobs
verbs:
- get
- delete # required to delete pods during force upgrade of the same tag
- watch
- list
- update
- apiGroups:
- ""
resources:
- configmaps
- pods/portforward
verbs:
- get
- create
- update
---
# Source: keel/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: keel
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: keel
subjects:
- kind: ServiceAccount
name: keel
namespace: keel
---
# Source: keel/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
spec:
type: LoadBalancer
ports:
- port: 9300
targetPort: 9300
protocol: TCP
name: keel
selector:
app: keel
sessionAffinity: None
---
# Source: keel/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: keel
namespace: keel
labels:
app: keel
chart: keel-0.8.19
release: keel
heritage: Tiller
spec:
replicas: 1
selector:
matchLabels:
app: keel
release: keel
template:
metadata:
labels:
app: keel
release: keel
spec:
serviceAccountName: keel
containers:
- name: keel
# Note that we use appVersion to get images tag.
image: "keelhq/keel:0.15.0-rc1"
imagePullPolicy: Always
command: ["/bin/keel"]
volumeMounts:
- name: storage-logs
mountPath: /data
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
# Enable polling
- name: POLL
value: "1"
# Enable GCR with pub/sub support
- name: PROJECT_ID
value: ""
- name: PUBSUB
value: "1"
# Enable AWS ECR
- name: AWS_ACCESS_KEY_ID
value: ""
- name: AWS_REGION
value: ""
- name: DOCKER_REGISTRY_CFG
valueFrom:
secretKeyRef:
name:
key:
# Enable webhook endpoint
- name: WEBHOOK_ENDPOINT
value: ""
# Enable mattermost endpoint
- name: MATTERMOST_ENDPOINT
value: ""
# Enable basic auth
- name: BASIC_AUTH_USER
value: ""
- name: SLACK_CHANNELS
value: ""
- name: SLACK_APPROVALS_CHANNEL
value: ""
# Enable hipchat approvials and notification
- name: HIPCHAT_CHANNELS
value: ""
- name: HIPCHAT_APPROVALS_CHANNEL
value: ""
- name: HIPCHAT_APPROVALS_BOT_NAME
value: ""
- name: HIPCHAT_APPROVALS_USER_NAME
value: ""
# Enable mail notifications
- name: MAIL_SMTP_SERVER
value: ""
- name: MAIL_SMTP_PORT
value: "25"
- name: MAIL_SMTP_USER
value: ""
- name: MAIL_TO
value: ""
- name: MAIL_FROM
value: ""
- name: NOTIFICATION_LEVEL
value: "info"
# Enable insecure registries
- name: INSECURE_REGISTRY
value: "true"
envFrom:
- secretRef:
name: keel
ports:
- containerPort: 9300
livenessProbe:
httpGet:
path: /healthz
port: 9300
initialDelaySeconds: 30
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /healthz
port: 9300
initialDelaySeconds: 30
timeoutSeconds: 10
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 50m
memory: 64Mi
- name: webhookrelayd
image: "webhookrelay/webhookrelayd:latest"
imagePullPolicy: IfNotPresent
command: ["/relayd"]
env:
- name: KEY
valueFrom:
secretKeyRef:
name: keel-webhookrelay
key: key
- name: SECRET
valueFrom:
secretKeyRef:
name: keel-webhookrelay
key: secret
- name: BUCKET
value: ""
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 50m
memory: 64Mi
volumes:
- name: storage-logs
persistentVolumeClaim:
claimName: keel
---
# Source: keel/templates/ingress.yaml
apiVersion: networking.gke.io/v1beta1
kind: ManagedCertificate
metadata:
name: keel
namespace: keel
spec:
domains:
-
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: keel
labels:
app.kubernetes.io/name: keel
helm.sh/chart: keel-0.8.19
app.kubernetes.io/instance: keel
app.kubernetes.io/managed-by: Tiller
annotations:
networking.gke.io/managed-certificates: keel
spec:
backend:
serviceName: keel
servicePort: keel
---
# Source: keel/templates/secrets-webhookrelay.yaml

35
deployment/scripts/gen-deploy.sh
View File

@ -1,35 +0,0 @@
#!/bin/bash
set -o errexit
set -o nounset
set -o pipefail
# This will set Capabilities.KubeVersion.Major/Minor when generating manifests
KUBE_VERSION=1.9
gen() {
VALUES=$1
OUTPUT=$2
TMP_VALUES=$(mktemp -d)
TMP_OUTPUT=$(mktemp)
mkdir -p "$(dirname ${OUTPUT})"
cp chart/keel/values.yaml "${TMP_VALUES}"/
sed -i 's/false/true/g' "${TMP_VALUES}/values.yaml"
helm template \
"chart/keel" \
--values "${TMP_VALUES}/values.yaml" \
--values "deployment/values/${VALUES}.yaml" \
--kube-version "${KUBE_VERSION}" \
--namespace "keel" \
--name "keel" \
--set "createNamespaceResource=true" > "${TMP_OUTPUT}"
mv "${TMP_OUTPUT}" "${OUTPUT}"
rm -fr "${TMP_VALUES}"
}
gen rbac "deployment/deployment-rbac.yaml"
gen norbac "deployment/deployment-norbac.yaml"
gen rbac-whr-sidecar "deployment/deployment-rbac-whr-sidecar.yaml"
gen norbac-whr-sidecar "deployment/deployment-norbac-whr-sidecar.yaml"

15
deployment/values/norbac-whr-sidecar.yaml
View File

@ -1,15 +0,0 @@
# Helm provider support
helmProvider:
enabled: false
# RBAC manifests management
rbac:
enabled: false
# Webhook Notification
# Remote webhook endpoint for notification delivery
webhook:
enabled: true
endpoint: ""
debug: false

9
deployment/values/norbac.yaml
View File

@ -1,9 +0,0 @@
# Helm provider support
helmProvider:
enabled: false
# RBAC manifests management
rbac:
enabled: false
debug: false

15
deployment/values/rbac-whr-sidecar.yaml
View File

@ -1,15 +0,0 @@
# Helm provider support
helmProvider:
enabled: false
# RBAC manifests management
rbac:
enabled: true
# Webhook Notification
# Remote webhook endpoint for notification delivery
webhook:
enabled: true
endpoint: ""
debug: false

9
deployment/values/rbac.yaml
View File

@ -1,9 +0,0 @@
# Helm provider support
helmProvider:
enabled: false
# RBAC manifests management
rbac:
enabled: true
debug: false