-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest-values.yml
More file actions
210 lines (210 loc) · 5.66 KB
/
test-values.yml
File metadata and controls
210 lines (210 loc) · 5.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
autoscaling:
enabled: true
minReplicas: 1
maxReplicas: 2
ingress:
enabled: true
type: nginx
tls:
test-prt:
secretName: test.provision.uw.edu-ingress-cert
hosts:
- test.provision.uw.edu
hosts:
test-prt:
host: test.provision.uw.edu
paths:
- "/"
annotations:
cert-manager.io/cluster-issuer: letsencrypt
securityPolicy:
enabled: true
readiness:
enabled: true
database:
engine: postgres
name: uw_service_endorsement_test
hostname: provision-db-test-service
secretName: test.provision.uw.edu-sql-secret
externalService:
enabled: true
name: provision-db-test-service
type: ClusterIP
serviceAddress: 172.18.1.16
servicePort: 5432
repo: prt
instance: test
targetAverageUtilization: 95
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 15m
memory: 150Mi
image:
repository: IMAGE_REGISTRY
tag: IMAGE_TAG
metrics:
enabled: true
serviceMonitor:
enabled: true
memcached:
enabled: true
replicaCount: 1
cronjob:
enabled: true
jobs:
- name: expire-endorsees
schedule: "5 8 * * 1-5"
command: ["/scripts/management_command.sh"]
args: ["expire_endorsees"]
- name: expiration-notice-1
schedule: "10 8 * * 1-5"
command: ["/scripts/management_command.sh"]
args: ["expiration_notice", "1"]
- name: expiration-notice-2
schedule: "15 8 * * 1-5"
command: ["/scripts/management_command.sh"]
args: ["expiration_notice", "2"]
- name: expiration-notice-3
schedule: "20 8 * * 1-5"
command: ["/scripts/management_command.sh"]
args: ["expiration_notice", "3"]
- name: expiration-notice-4
schedule: "25 8 * * 1-5"
command:
- /scripts/management_command.sh
args:
- expiration_notice
- "4"
- name: reconcile-access
schedule: "1 6 * * 3,6"
command: ["/scripts/management_command.sh"]
args: ["reconcile_access"]
daemon:
enabled: true
daemons:
- name: notify-endorsees
command: ["/scripts/management_daemon.sh"]
args: ['--cron', '*/5 * * * *', 'notify_provisionees']
certs:
mounted: true
certPath: /certs/test.provision.uw.edu.cert
keyPath: /certs/test.provision.uw.edu.key
secretName: test.provision.uw.edu-ic-certs
environmentVariables:
- name: ENV
value: dev
- name: PWS_ENV
value: PROD
- name: GWS_ENV
value: PROD
- name: UWNETID_ENV
value: EVAL
- name: MSCA_ENV
value: PROD
- name: MSCA_TIMEOUT
value: "60"
- name: AUTH
value: SAML
- name: SAML_ENTITY_ID
value: https://test.provision.uw.edu/saml
- name: CLUSTER_CNAME
value: test.provision.uw.edu
- name: ENDORSEMENT_PROVISIONING
value: services,mailbox_access,shared_drives
externalSecrets:
enabled: true
secrets:
- name: test.provision.uw.edu-secrets
externalKey: provision/test/secrets
data:
- name: django-secret
property: django-secret
- name: itbill-host
property: itbill-host
- name: itbill-basic-auth
property: itbill-basic-auth
- name: itbill-shared-drive-product-sys-id
property: itbill-shared-drive-product-sys-id
- name: itbill-form-url-base-id
property: itbill-form-url-base-id
- name: itbill-form-url-sys-id
property: itbill-form-url-sys-id
- name: email-host
property: email-host
- name: msca-subscription-key
property: msca-subscription-key
- name: safe-email-recipient
property: safe-email-recipient
- name: safe-email-safelist
property: safe-email-safelist
- name: test.provision.uw.edu-sql-secret
externalKey: provision/test/sql-secret
data:
- name: username
property: sql_user
- name: password
property: sql_pass
- name: test.provision.uw.edu-ic-certs
externalKey: provision/test/ic-certs
data:
- name: test.provision.uw.edu.cert
property: cert
- name: test.provision.uw.edu.key
property: key
- name: idp.uw-cert
externalKey: idp-cert
data:
- name: idp.uw-cert
property: cert
environmentVariablesSecrets:
djangoSecret:
name: DJANGO_SECRET
secretName: test.provision.uw.edu-secrets
secretKey: django-secret
ITBillHost:
name: ITBILL_HOST
secretName: test.provision.uw.edu-secrets
secretKey: itbill-host
ITBillBasicAuth:
name: ITBILL_BASIC_AUTH
secretName: test.provision.uw.edu-secrets
secretKey: itbill-basic-auth
ITBillSharedDriveProductSYSID:
name: ITBILL_SHARED_DRIVE_PRODUCT_SYS_ID
secretName: test.provision.uw.edu-secrets
secretKey: itbill-shared-drive-product-sys-id
ITBillFormURLBaseID:
name: ITBILL_FORM_URL_BASE_ID
secretName: test.provision.uw.edu-secrets
secretKey: itbill-form-url-base-id
ITBillFormURLSYSID:
name: ITBILL_FORM_URL_SYS_ID
secretName: test.provision.uw.edu-secrets
secretKey: itbill-form-url-sys-id
emailHost:
name: EMAIL_HOST
secretName: test.provision.uw.edu-secrets
secretKey: email-host
MSCASubscriptionKey:
name: MSCA_SUBSCRIPTION_KEY
secretName: test.provision.uw.edu-secrets
secretKey: msca-subscription-key
SafeEmailRecipient:
name: SAFE_EMAIL_RECIPIENT
secretName: test.provision.uw.edu-secrets
secretKey: safe-email-recipient
SafeEmailSafelist:
name: SAFE_EMAIL_SAFELIST
secretName: test.provision.uw.edu-secrets
secretKey: safe-email-safelist
SAMLServiceProviderCert:
name: SP_CERT
secretName: test.provision.uw.edu-ic-certs
secretKey: test.provision.uw.edu.cert
SAMLIDPCert:
name: IDP_CERT
secretName: idp.uw-cert
secretKey: idp.uw-cert