Helm Values
A lightweight mutation webhook to rewrite labels and annotations
To install the chart with the release name my-release:
$ helm repo add kube-resource-relabel-webhook https://pdylanross.github.io/kube-resource-relabel-webhook/helm-charts
$ helm repo update
$ helm install my-release kube-resource-relabel-webhook/kube-resource-relabel-webhook
Any basic configuration is going to need some rules:
relabel:
- name: "airflow-k8s-pod-operator-do-not-evict"
conditions:
- type: is-type
value:
kind: pod
version: v1
- type: has-label
value:
keys:
- dag_id
actions:
- type: ensure-annotation
value:
karpenter.sh/do-not-evict: "true"
| Key | Type | Default | Description |
|---|---|---|---|
| admission.certManager.enabled | bool | false |
If cert-manager is enabled |
| admission.certManager.issuerName | string | "" |
use a pre-existing issuer |
| admission.certManager.useSelfSigned | bool | false |
Create and use a unique self-signed issuer |
| admission.namespaceSelector | string | nil |
|
| admission.rules | list | Create/Update on Pods | Mutation webhook rules The webhook will only run when these rules are satisfied see: https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#matching-requests-rules |
| admission.secret.caBundle | string | "" |
The CA Bundle the cert was signed with |
| admission.secret.enabled | bool | false |
If the secret based cert strategy is enabled |
| admission.secret.name | string | "" |
The name of the secret |
| affinity | object | {} |
Affinity |
| fullnameOverride | string | "" |
Override full resource name |
| image.pullPolicy | string | "IfNotPresent" |
Image Pull Policy |
| image.repository | string | "ghcr.io/pdylanross/kube-resource-relabel-webhook" |
Image Repository |
| image.tag | string | "" |
Image tag, defaults to .Chart.AppVersion |
| imagePullSecrets | list | [] |
Image Pull Secrets |
| log.format | string | "text" |
Log format - text or json |
| log.level | string | "debug" |
Log level - debug, info, warn, or error |
| metrics.enabled | bool | false |
If the metrics endpoint is enabled |
| metrics.listener.host | string | "0.0.0.0" |
metrics listen host |
| metrics.listener.port | int | 8001 |
metrics listen port |
| metrics.listener.tls.certManager.enabled | bool | false |
if cert manager is enabled for the tls cert |
| metrics.listener.tls.certManager.issuerName | string | "" |
the name of the cert manager issuer |
| metrics.listener.tls.enabled | bool | false |
If tls is enabled on the metrics endpoint |
| metrics.listener.tls.secretName | string | "" |
the name of the TLS cert secret |
| metrics.serviceMonitor.additionalLabels | object | {} |
Additional labels to place on the ServiceMonitor |
| metrics.serviceMonitor.enabled | bool | false |
If the ServiceMonitor is enabled |
| nameOverride | string | "" |
Override Resource Name |
| nodeSelector | object | {} |
Pod Node Selectors |
| podAnnotations | object | {} |
Extra Pod Annotations |
| podSecurityContext | object | {} |
Pod Security Context |
| relabel | list | [] |
Relabel Config See: https://pdylanross.github.io/kube-resource-relabel-webhook/configuration/rules/ |
| replicaCount | int | 3 |
Deployment Replica Count |
| resources | object | {} |
Deployment Resources requests: memory: 128Mi cpu: 100m limits: memory: 128Mi |
| securityContext | object | non-root user and restricted FS | Security Context |
| service.port | int | 8443 |
webhook listen port |
| service.type | string | "ClusterIP" |
Service Type |
| serviceAccount.annotations | object | {} |
extra annotation for the service account |
| serviceAccount.create | bool | true |
if the service account should be created |
| serviceAccount.name | string | "" |
override name of the service account |
| tolerations | list | [] |
Tolerations |
Autogenerated from chart metadata using helm-docs v1.11.2