forked from sigstore/helm-charts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
values.yaml
126 lines (119 loc) · 2.39 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
---
# Fulcio
fulcio:
enabled: true
namespace:
name: fulcio-system
create: true
forceNamespace: fulcio-system
server:
fullnameOverride: fulcio-server
createcerts:
fullnameOverride: fulcio-createcerts
ctlog:
enabled: false
createctconfig:
logPrefix: sigstorescaffolding
tolerations: []
nodeSelector: {}
affinity: {}
# CTLog
ctlog:
enabled: true
namespace:
name: ctlog-system
create: true
forceNamespace: ctlog-system
fullnameOverride: ctlog
createcerts:
fullnameOverride: ctlog-createcerts
createtree:
fullnameOverride: ctlog-createtree
displayName: ctlog-tree
tolerations: []
nodeSelector: {}
affinity: {}
# Rekor
rekor:
enabled: true
namespace:
name: rekor-system
create: true
forceNamespace: rekor-system
fullnameOverride: rekor
server:
fullnameOverride: rekor-server
redis:
fullnameOverride: rekor-redis
trillian:
enabled: false
tolerations: []
nodeSelector: {}
affinity: {}
# Trillian
trillian:
enabled: true
namespace:
name: trillian-system
create: true
forceNamespace: trillian-system
fullnameOverride: trillian
logServer:
name: trillian-logserver
fullnameOverride: trillian-logserver
portHTTP: 8090
portRPC: 8091
logSigner:
name: trillian-logsigner
fullnameOverride: trillian-logsigner
mysql:
fullnameOverride: trillian-mysql
tolerations: []
nodeSelector: {}
affinity: {}
tuf:
enabled: false
namespace:
name: tuf-system
create: true
forceNamespace: tuf-system
fullnameOverride: tuf
tolerations: []
nodeSelector: {}
affinity: {}
secrets:
rekor:
name: rekor-public-key
path: rekor.pub
fulcio:
name: fulcio-server-secret
path: fulcio_v1.crt.pem
ctlog:
name: ctlog-public-key
path: ctfe.pub
tsa:
name: tsa-cert-chain
path: tsa.certchain.pem
copySecretJob:
enabled: false
name: copy-secrets-job
registry: docker.io
repository: alpine/k8s
version: sha256:fb0d2db81fb0f98abb1adf5246d6f0f4d19f34031afe4759cb7ad8e2eb8d2c01
imagePullPolicy: IfNotPresent
serviceaccount: tuf-secret-copy-job
backoffLimit: 6
tolerations: []
nodeSelector: {}
affinity: {}
tsa:
enabled: false
namespace:
name: tsa-system
create: true
forceNamespace: tsa-system
server:
fullnameOverride: tsa-server
tolerations: []
nodeSelector: {}
affinity: {}