nameOverride: "" fullnameOverride: "" # One or more secrets to be used when pulling images imagePullSecrets: [] # - name: myRegistryKeySecretName # logging format json # Default is text. logFormatJSON: true # log level. Uses V logs (klog) logVerbosity: 0 linux: image: repository: mcr.microsoft.com/oss/v2/azure/secrets-store/provider-azure tag: v1.7.0 pullPolicy: IfNotPresent nodeSelector: {} tolerations: [] enabled: true resources: requests: cpu: 50m memory: 100Mi limits: cpu: 50m memory: 100Mi podLabels: {} podAnnotations: {} priorityClassName: "" updateStrategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 privileged: false # If provided, the userAgent string will be appended to the # AKV provider user agents for all adal and keyvault requests. customUserAgent: "" healthzPort: 8989 healthzPath: "/healthz" healthzTimeout: "5s" volumes: [] volumeMounts: [] kubeletRootDir: /var/lib/kubelet providersDir: /var/run/secrets-store-csi-providers affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: type operator: NotIn values: - virtual-kubelet # https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy dnsPolicy: "" windows: image: repository: mcr.microsoft.com/oss/v2/azure/secrets-store/provider-azure tag: v1.7.0 pullPolicy: IfNotPresent nodeSelector: {} tolerations: [] enabled: true resources: requests: cpu: 100m memory: 200Mi limits: cpu: 100m memory: 200Mi podLabels: {} podAnnotations: {} priorityClassName: "" updateStrategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 # If provided, the userAgent string will be appended to the # AKV provider user agents for all adal and keyvault requests. customUserAgent: "" healthzPort: 8989 healthzPath: "/healthz" healthzTimeout: "5s" volumes: [] volumeMounts: [] kubeletRootDir: C:\var\lib\kubelet providersDir: C:\k\secrets-store-csi-providers affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: type operator: NotIn values: - virtual-kubelet ## Configuration values for the secrets-store-csi-driver dependency. ## ref: https://github.com/kubernetes-sigs/secrets-store-csi-driver/tree/master/charts/secrets-store-csi-driver/README.md ## secrets-store-csi-driver: logFormatJSON: true install: true # By default helm will append the chart release name to the dependent chart names. # Explicitly setting the fullnameOverride will override this behavior. fullnameOverride: secrets-store-csi-driver linux: enabled: true kubeletRootDir: /var/lib/kubelet metricsAddr: ":8080" image: repository: mcr.microsoft.com/oss/v2/kubernetes-csi/secrets-store/driver tag: v1.5.0 pullPolicy: IfNotPresent registrarImage: repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar tag: v2.11.1 pullPolicy: IfNotPresent livenessProbeImage: repository: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe tag: v2.13.1 pullPolicy: IfNotPresent crds: image: repository: mcr.microsoft.com/oss/v2/kubernetes-csi/secrets-store/driver-crds tag: v1.5.0 pullPolicy: IfNotPresent podAnnotations: prometheus.io/scrape: "true" prometheus.io/port: "8080" windows: enabled: true kubeletRootDir: C:\var\lib\kubelet metricsAddr: ":8080" image: repository: mcr.microsoft.com/oss/v2/kubernetes-csi/secrets-store/driver tag: v1.5.0 pullPolicy: IfNotPresent registrarImage: repository: mcr.microsoft.com/oss/kubernetes-csi/csi-node-driver-registrar tag: v2.11.1 pullPolicy: IfNotPresent livenessProbeImage: repository: mcr.microsoft.com/oss/kubernetes-csi/livenessprobe tag: v2.13.1 pullPolicy: IfNotPresent enableSecretRotation: false rotationPollInterval: 2m # Refer to https://secrets-store-csi-driver.sigs.k8s.io/load-tests.html for more details on actions to take before enabling this feature filteredWatchSecret: true syncSecret: enabled: false tokenRequests: - audience: api://AzureADTokenExchange ## Install default service account rbac: install: true pspEnabled: false # explicitly reconstruct the pem chain in the order: SERVER, INTERMEDIATE, ROOT constructPEMChain: true # Azure Arc Extension enableArcExtension: true promMdmConverter: resources: requests: cpu: 50m memory: 100Mi limits: cpu: 50m memory: 100Mi mdm: resources: requests: cpu: 50m memory: 100Mi limits: cpu: 50m memory: 100Mi msiAdapter: resources: requests: cpu: 50m memory: 100Mi limits: cpu: 50m memory: 100Mi telegraf: resources: requests: cpu: 50m memory: 100Mi limits: cpu: 50m memory: 100Mi amacoreagent: resources: requests: cpu: 50m memory: 100Mi limits: cpu: 50m memory: 100Mi fluentd: resources: requests: cpu: 50m memory: 250Mi limits: cpu: 50m memory: 250Mi # Values populated by Azure Arc K8s RP during the installation of the extension. Azure: Cluster: ResourceId: "" Region: "" Distribution: "" Infrastructure: "" proxySettings: isProxyEnabled: false httpProxy: "" httpsProxy: "" noProxy: "" proxyCert: "" Identity: isEnabled: false Type: "" Extension: Name: "" ResourceId: "" # Arc monitoring arc: enableMonitoring: false # Port that serves metrics metricsAddr: "8898"