66 lines
2.0 KiB
YAML
66 lines
2.0 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: cerbos
|
|
namespace: argocd
|
|
spec:
|
|
project: atlantis
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: atlantis
|
|
sources:
|
|
- repoURL: https://download.cerbos.dev/helm-charts
|
|
targetRevision: 0.33.0
|
|
chart: cerbos
|
|
helm:
|
|
values: |
|
|
replicaCount: 1
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 1
|
|
maxReplicas: 100
|
|
targetCPUUtilizationPercentage: 80
|
|
# targetMemoryUtilizationPercentage: 80
|
|
|
|
# Spec of the cert-manager certificate to create for the Cerbos deployment.
|
|
# If certSpec is not empty, a cert-manager.io/v1/Certificate resource will be created with its spec populated with values from certSpec.
|
|
# The certSpec value must be a valid Certificate spec. This Helm chart does not provide any defaults or inject any values into it.
|
|
# If cerbos.tlsSecretName is defined, it takes precedence over the generated certificate.
|
|
certManager:
|
|
certSpec: {}
|
|
|
|
# Cerbos service settings.
|
|
service:
|
|
type: ClusterIP
|
|
httpPort: 3592
|
|
grpcPort: 3593
|
|
httpNodePort: 13592
|
|
grpcNodePort: 13593
|
|
annotations: {}
|
|
|
|
envFrom:
|
|
- secretRef:
|
|
name: cerbos-gitlab-token
|
|
|
|
cerbos:
|
|
httpPort: 3592
|
|
grpcPort: 3593
|
|
tlsSecretName: ""
|
|
logLevel: INFO
|
|
config:
|
|
storage:
|
|
driver: "git"
|
|
git:
|
|
protocol: https
|
|
url: https://gitlab.com/oceanbox/cerbos
|
|
branch: main
|
|
subDir: policies
|
|
checkoutDir: /work
|
|
updatePollInterval: 60s
|
|
https:
|
|
username: cerbos
|
|
password: ${GITLAB_TOKEN}
|
|
- repoURL: https://gitlab.com/oceanbox/manifests
|
|
targetRevision: HEAD
|
|
path: cerbos/manifests
|