-
Notifications
You must be signed in to change notification settings - Fork 179
Expand file tree
/
Copy pathvalues.yaml
More file actions
110 lines (88 loc) · 4.86 KB
/
values.yaml
File metadata and controls
110 lines (88 loc) · 4.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# SPDX-FileCopyrightText: the secureCodeBox authors
#
# SPDX-License-Identifier: Apache-2.0
# Default values for dispatcher.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# -- Define imagePullSecrets when a private registry is used (see: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/)
imagePullSecrets: []
# indexPrefix -- Define a specific index prefix used for all elasticsearch indices.
indexPrefix: "scbv2"
# indexSuffix -- Define a specific index suffix based on date pattern (YEAR (yyyy), MONTH (yyyy-MM), WEEK (yyyy-'W'W), DATE (yyyy-MM-dd)). We use Luxon for date formatting (https://moment.github.io/luxon/docs/manual/formatting.html#table-of-tokens)
indexSuffix: “yyyy-MM-dd”
# indexAppendNamespace -- Define if the name of the namespace where this hook is deployed to must be added to the index name. The namespace can be used to separate index by tenants (namespaces).
indexAppendNamespace: true
externalElasticStack:
# externalElasticStack.enabled -- Enable this when you already have an Elastic Stack running to which you want to send your results
enabled: false
# externalElasticStack.elasticsearchAddress -- The URL of the elasticsearch service to persists all findings to.
elasticsearchAddress: "https://elasticsearch.example.com"
# externalElasticStack.kibanaAddress -- The URL of the kibana service used to visualize all findings.
kibanaAddress: "https://kibana.example.com"
# authentication -- Configure authentication schema and credentials the persistence provider should use to connect to elasticsearch
# user and apikey are mutually exclusive, only set one!
authentication:
# authentication.userSecret -- Link a pre-existing generic secret with `username` and `password` key / value pairs
userSecret: null
# authentication.apiKeySecret -- Link a pre-existing generic secret with `id` and `key` key / value pairs
apiKeySecret: null
# elasticsearch -- Configures the included elasticsearch subchart (see: https://github.com/elastic/helm-charts/tree/elasticsearch)
elasticsearch:
# elasticsearch.enabled -- Enable if you want to deploy an elasticsearch service.
enabled: true
# elasticsearch.replicas -- Kubernetes replica count for the StatefulSet (i.e. how many pods)
replicas: 1
# elasticsearch.minimumMasterNodes -- The value for discovery.zen.minimum_master_nodes. Should be set to (master_eligible_nodes / 2) + 1. Ignored in Elasticsearch versions >= 7
minimumMasterNodes: 1
# image: docker.elastic.co/elasticsearch/elasticsearch-oss
# -- Configures included Elasticsearch subchart
kibana:
# -- Enable if you want to deploy an kibana service (see: https://github.com/elastic/helm-charts/tree/master/kibana)
enabled: true
# image: docker.elastic.co/kibana/kibana-oss
dashboardImporter:
# -- Enable if you want to import some example kibana dashboards for secureCodeBox findings analytics.
enabled: true
image:
# image.repository -- Image repository for the dashboard importer job
repository: securecodebox/persistence-elastic-dashboard-importer
# image.tag -- Image tag for the dashboard importer job
# @default -- defaults to the charts version
tag: null
nameOverride: ""
fullnameOverride: ""
podSecurityContext:
{}
# fsGroup: 2000
securityContext:
{}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
hook:
image:
# hook.image.repository -- Hook image repository
repository: docker.io/securecodebox/hook-persistence-elastic
# hook.image.tag -- The image Tag defaults to the charts version if not defined.
# @default -- defaults to the charts version
tag: null
# hook.labels -- Add Kubernetes Labels to the hook definition
labels: {}
# -- Hook priority. Higher priority Hooks are guaranteed to execute before low priority Hooks.
priority: 0
# hook.ttlSecondsAfterFinished -- Seconds after which the kubernetes job for the hook will be deleted. Requires the Kubernetes TTLAfterFinished controller: https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/
ttlSecondsAfterFinished: null
# hook.affinity -- Optional affinity settings that control how the hook job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/)
affinity: {}
# hook.tolerations -- Optional tolerations settings that control how the hook job is scheduled (see: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/)
tolerations: []
# -- Optional resources lets you control resource limits and requests for the hook container. See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
# @default -- { requests: { cpu: "200m", memory: "100Mi" }, limits: { cpu: "400m", memory: "200Mi" } }
resources: {}