joaquinclearmetal · November 6, 2019 23:44
diff --git a/spinnaker-values.yaml b/spinnaker-values.yaml
 halyard:
  spinnakerVersion: 1.16.1
  image:
    repository: gcr.io/spinnaker-marketplace/halyard
    tag: 1.23.2
    pullSecrets: []
  # Set to false to disable persistence data volume for halyard
  persistence:
    enabled: true
  # Provide a config map with Hal commands that will be run the core config (storage)
  # The config map should contain a script in the config.sh key
  additionalScripts:
    enabled: false
    configMapName: my-halyard-config
    configMapKey: config.sh
    # If you'd rather do an inline script, set create to true and put the content in the data dict like you would a configmap
    # The content will be passed through `tpl`, so value interpolation is supported.
    create: false
    data: {}
  additionalSecrets:
    create: false
    data: {}
    ## Uncomment if you want to use a pre-created secret rather than feeding data in via helm.
    # name:
  additionalConfigMaps:
    create: false
    data: {}
    ## Uncomment if you want to use a pre-created ConfigMap rather than feeding data in via helm.
    # name:
  ## Define custom profiles for Spinnaker services. Read more for details:
  ## https://www.spinnaker.io/reference/halyard/custom/#custom-profiles
  ## The contents of the files will be passed through `tpl`, so value interpolation is supported.
  additionalProfileConfigMaps:
    data: {}
      ## if you're running spinnaker behind a reverse proxy such as a GCE ingress
      ## you may need the following profile settings for the gate profile.
      ## see https://github.com/spinnaker/spinnaker/issues/1630
      ## otherwise its harmless and will likely become default behavior in the future
      ## According to the linked github issue.
      # gate-local.yml:
      #   server:
      #     tomcat:
      #       protocolHeader: X-Forwarded-Proto
      #       remoteIpHeader: X-Forwarded-For
      #       internalProxies: .*
      #       httpsServerPort: X-Forwarded-Port

  ## Define custom settings for Spinnaker services. Read more for details:
  ## https://www.spinnaker.io/reference/halyard/custom/#custom-service-settings
  ## You can use it to add annotations for pods, override the image, etc.
  additionalServiceSettings: {}
    # deck.yml:
    #   artifactId: gcr.io/spinnaker-marketplace/deck:2.9.0-20190412012808
    #   kubernetes:
    #     podAnnotations:
    #       iam.amazonaws.com/role: <role_arn>
    # clouddriver.yml:
    #   kubernetes:
    #     podAnnotations:
    #       iam.amazonaws.com/role: <role_arn>

  ## Populate to provide a custom local BOM for Halyard to use for deployment. Read more for details:
  ## https://www.spinnaker.io/guides/operator/custom-boms/#boms-and-configuration-on-your-filesystem
  bom: ~
  #   artifactSources:
  #     debianRepository: https://dl.bintray.com/spinnaker-releases/debians
  #     dockerRegistry: gcr.io/spinnaker-marketplace
  #     gitPrefix: https://github.com/spinnaker
  #     googleImageProject: marketplace-spinnaker-release
  #   services:
  #     clouddriver:
  #       commit: 031bcec52d6c3eb447095df4251b9d7516ed74f5
  #       version: 6.3.0-20190904130744
  #     deck:
  #       commit: b0aac478e13a7f9642d4d39479f649dd2ef52a5a
  #       version: 2.12.0-20190916141821
  #     ...
  #   timestamp: '2019-09-16 18:18:44'
  #   version: 1.16.1

  ## Define local configuration for Spinnaker services.
  ## The contents of these files would be copies of the configuration normally retrieved from
  ## `gs://halconfig/<service-name>`, but instead need to be available locally on the halyard pod to facilitate
  ## offline installation. This would typically be used along with a custom `bom:` with the `local:` prefix on a
  ## service version.
  ## Read more for details:
  ## https://www.spinnaker.io/guides/operator/custom-boms/#boms-and-configuration-on-your-filesystem
  ## The key for each entry must be the name of the service and a file name separated by the '_' character.
  serviceConfigs: {}
  # clouddriver_clouddriver-ro.yml: |-
  #   ...
  # clouddriver_clouddriver-rw.yml: |-
  #   ...
  # clouddriver_clouddriver.yml: |-
  #   ...
  # deck_settings.json: |-
  #   ...
  # echo_echo.yml: |-
  #   ...

  ## Uncomment if you want to add extra commands to the init script
  ## run by the init container before halyard is started.
  ## The content will be passed through `tpl`, so value interpolation is supported.
  # additionalInitScript: |-

  ## Uncomment if you want to add annotations on halyard and install-using-hal pods
  # annotations:
  #   iam.amazonaws.com/role: <role_arn>

  ## Uncomment the following resources definitions to control the cpu and memory
  # resources allocated for the halyard pod
  resources: {}
    # requests:
    #   memory: "1Gi"
    #   cpu: "100m"
    # limits:
    #   memory: "2Gi"
    #   cpu: "200m"

  ## Uncomment if you want to set environment variables on the Halyard pod.
  # env:
  #   - name: JAVA_OPTS
  #     value: -Dhttp.proxyHost=proxy.example.com
  customCerts:
    ## Enable to override the default cacerts with your own one
    enabled: false
    secretName: custom-cacerts

 # Define which registries and repositories you want available in your
 # Spinnaker pipeline definitions
 # For more info visit:
 #   https://www.spinnaker.io/setup/providers/docker-registry/

 # Configure your Docker registries here
 dockerRegistries:
 - name: dockerhub
  address: index.docker.io
  repositories:
    - library/alpine
    - library/ubuntu
    - library/centos
    - library/nginx
 # - name: gcr
 #   address: https://gcr.io
 #   username: _json_key
 #   password: '<INSERT YOUR SERVICE ACCOUNT JSON HERE>'
 #   email: [email protected]

 # If you don't want to put your passwords into a values file
 # you can use a pre-created secret instead of putting passwords
 # (specify secret name in below `dockerRegistryAccountSecret`)
 # per account above with data in the format:
 # <name>: <password>

 # dockerRegistryAccountSecret: myregistry-secrets

 kubeConfig:
  # Use this when you want to register arbitrary clusters with Spinnaker
  # Upload your ~/kube/.config to a secret
  enabled: false
  secretName: my-kubeconfig
  secretKey: config
  # Use this when you want to configure halyard to reference a kubeconfig from s3
  # This allows you to keep your kubeconfig in an encrypted s3 bucket
  # For more info visit:
  #   https://www.spinnaker.io/reference/halyard/secrets/s3-secrets/#secrets-in-s3
  # encryptedKubeconfig: encrypted:s3!r:us-west-2!b:mybucket!f:mykubeconfig
  # List of contexts from the kubeconfig to make available to Spinnaker
  contexts:
  - default
  deploymentContext: default
  omittedNameSpaces:
  - kube-system
  - kube-public
  onlySpinnakerManaged:
    enabled: false

  # When false, clouddriver will skip the permission checks for all kubernetes kinds at startup.
  # This can save a great deal of time during clouddriver startup when you have many kubernetes
  # accounts configured. This disables the log messages at startup about missing permissions.
  checkPermissionsOnStartup: true

  # A list of resource kinds this Spinnaker account can deploy to and will cache.
  # When no kinds are configured, this defaults to ‘all kinds'.
  # kinds:
  # -

  # A list of resource kinds this Spinnaker account cannot deploy to or cache.
  # This can only be set when –kinds is empty or not set.
  # omittedKinds:
  # -

 # Change this if youd like to expose Spinnaker outside the cluster
 ingress:
  enabled: false
  # host: spinnaker.example.org
  # annotations:
    # ingress.kubernetes.io/ssl-redirect: 'true'
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  # tls:
  #  - secretName: -tls
  #    hosts:
  #      - domain.com

 ingressGate:
  enabled: false
  # host: gate.spinnaker.example.org
  # annotations:
    # ingress.kubernetes.io/ssl-redirect: 'true'
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  # tls:
  #  - secretName: -tls
  #    hosts:
  #      - domain.com

 # spinnakerFeatureFlags is a list of Spinnaker feature flags to enable
 # Ref: https://www.spinnaker.io/reference/halyard/commands/#hal-config-features-edit
 # spinnakerFeatureFlags:
 #   - artifacts
 #   - pipeline-templates
 spinnakerFeatureFlags:
  - artifacts
  - jobs

 # Node labels for pod assignment
 # Ref: https://kubernetes.io/docs/user-guide/node-selection/
 # nodeSelector to provide to each of the Spinnaker components
 nodeSelector: {}

 # Redis password to use for the in-cluster redis service
 # Enable redis to use in-cluster redis
 redis:
  enabled: true
  # External Redis option will be enabled if in-cluster redis is disabled
  external:
    host: "<EXTERNAL-REDIS-HOST-NAME>"
    port: 6379
    # password: ""
  password: password
  nodeSelector: {}
  cluster:
    enabled: false
 # Uncomment if you don't want to create a PVC for redis
 #  master:
 #    persistence:
 #      enabled: false

 # Minio access/secret keys for the in-cluster S3 usage
 # Minio is not exposed publically
 minio:
  enabled: false
  imageTag: RELEASE.2019-02-13T19-48-27Z
  serviceType: ClusterIP
  accessKey: spinnakeradmin
  secretKey: spinnakeradmin
  bucket: "spinnaker"
  nodeSelector: {}
 # Uncomment if you don't want to create a PVC for minio
 #  persistence:
 #    enabled: false

 # Google Cloud Storage
 gcs:
  enabled: false

 # AWS Simple Storage Service
 s3:
  enabled: true
  bucket: spinnaker-dev-s3
  # rootFolder: "front50"
  region: "us-west-2"
  # endpoint: "spinnaker-dev-s3"
  accessKey: REDACTED
  secretKey: REDACTED
  # assumeRole: "<role to assume>"

 # Azure Storage Account
 azs:
  enabled: false
 #   storageAccountName: ""
 #   accessKey: ""
 #   containerName: "spinnaker"

 rbac:
  # Specifies whether RBAC resources should be created
  create: true

 serviceAccount:
  # Specifies whether a ServiceAccount should be created
  create: true
  # The name of the ServiceAccounts to use.
  # If left blank it is auto-generated from the fullname of the release
  halyardName:
  spinnakerName:
 securityContext:
  # Specifies permissions to write for user/group
  runAsUser: 1000
  fsGroup: 1000
	halyard:
	spinnakerVersion: 1.16.1
	image:
	repository: gcr.io/spinnaker-marketplace/halyard
	tag: 1.23.2
	pullSecrets: []
	# Set to false to disable persistence data volume for halyard
	persistence:
	enabled: true
	# Provide a config map with Hal commands that will be run the core config (storage)
	# The config map should contain a script in the config.sh key
	additionalScripts:
	enabled: false
	configMapName: my-halyard-config
	configMapKey: config.sh
	# If you'd rather do an inline script, set create to true and put the content in the data dict like you would a configmap
	# The content will be passed through `tpl`, so value interpolation is supported.
	create: false
	data: {}
	additionalSecrets:
	create: false
	data: {}
	## Uncomment if you want to use a pre-created secret rather than feeding data in via helm.
	# name:
	additionalConfigMaps:
	create: false
	data: {}
	## Uncomment if you want to use a pre-created ConfigMap rather than feeding data in via helm.
	# name:
	## Define custom profiles for Spinnaker services. Read more for details:
	## https://www.spinnaker.io/reference/halyard/custom/#custom-profiles
	## The contents of the files will be passed through `tpl`, so value interpolation is supported.
	additionalProfileConfigMaps:
	data: {}
	## if you're running spinnaker behind a reverse proxy such as a GCE ingress
	## you may need the following profile settings for the gate profile.
	## see https://github.com/spinnaker/spinnaker/issues/1630
	## otherwise its harmless and will likely become default behavior in the future
	## According to the linked github issue.
	# gate-local.yml:
	# server:
	# tomcat:
	# protocolHeader: X-Forwarded-Proto
	# remoteIpHeader: X-Forwarded-For
	# internalProxies: .*
	# httpsServerPort: X-Forwarded-Port

	## Define custom settings for Spinnaker services. Read more for details:
	## https://www.spinnaker.io/reference/halyard/custom/#custom-service-settings
	## You can use it to add annotations for pods, override the image, etc.
	additionalServiceSettings: {}
	# deck.yml:
	# artifactId: gcr.io/spinnaker-marketplace/deck:2.9.0-20190412012808
	# kubernetes:
	# podAnnotations:
	# iam.amazonaws.com/role: <role_arn>
	# clouddriver.yml:
	# kubernetes:
	# podAnnotations:
	# iam.amazonaws.com/role: <role_arn>

	## Populate to provide a custom local BOM for Halyard to use for deployment. Read more for details:
	## https://www.spinnaker.io/guides/operator/custom-boms/#boms-and-configuration-on-your-filesystem
	bom: ~
	# artifactSources:
	# debianRepository: https://dl.bintray.com/spinnaker-releases/debians
	# dockerRegistry: gcr.io/spinnaker-marketplace
	# gitPrefix: https://github.com/spinnaker
	# googleImageProject: marketplace-spinnaker-release
	# services:
	# clouddriver:
	# commit: 031bcec52d6c3eb447095df4251b9d7516ed74f5
	# version: 6.3.0-20190904130744
	# deck:
	# commit: b0aac478e13a7f9642d4d39479f649dd2ef52a5a
	# version: 2.12.0-20190916141821
	# ...
	# timestamp: '2019-09-16 18:18:44'
	# version: 1.16.1

	## Define local configuration for Spinnaker services.
	## The contents of these files would be copies of the configuration normally retrieved from
	## `gs://halconfig/<service-name>`, but instead need to be available locally on the halyard pod to facilitate
	## offline installation. This would typically be used along with a custom `bom:` with the `local:` prefix on a
	## service version.
	## Read more for details:
	## https://www.spinnaker.io/guides/operator/custom-boms/#boms-and-configuration-on-your-filesystem
	## The key for each entry must be the name of the service and a file name separated by the '_' character.
	serviceConfigs: {}
	# clouddriver_clouddriver-ro.yml: \|-
	# ...
	# clouddriver_clouddriver-rw.yml: \|-
	# ...
	# clouddriver_clouddriver.yml: \|-
	# ...
	# deck_settings.json: \|-
	# ...
	# echo_echo.yml: \|-
	# ...

	## Uncomment if you want to add extra commands to the init script
	## run by the init container before halyard is started.
	## The content will be passed through `tpl`, so value interpolation is supported.
	# additionalInitScript: \|-

	## Uncomment if you want to add annotations on halyard and install-using-hal pods
	# annotations:
	# iam.amazonaws.com/role: <role_arn>

	## Uncomment the following resources definitions to control the cpu and memory
	# resources allocated for the halyard pod
	resources: {}
	# requests:
	# memory: "1Gi"
	# cpu: "100m"
	# limits:
	# memory: "2Gi"
	# cpu: "200m"

	## Uncomment if you want to set environment variables on the Halyard pod.
	# env:
	# - name: JAVA_OPTS
	# value: -Dhttp.proxyHost=proxy.example.com
	customCerts:
	## Enable to override the default cacerts with your own one
	enabled: false
	secretName: custom-cacerts

	# Define which registries and repositories you want available in your
	# Spinnaker pipeline definitions
	# For more info visit:
	# https://www.spinnaker.io/setup/providers/docker-registry/

	# Configure your Docker registries here
	dockerRegistries:
	- name: dockerhub
	address: index.docker.io
	repositories:
	- library/alpine
	- library/ubuntu
	- library/centos
	- library/nginx
	# - name: gcr
	# address: https://gcr.io
	# username: _json_key
	# password: '<INSERT YOUR SERVICE ACCOUNT JSON HERE>'
	# email: [email protected]

	# If you don't want to put your passwords into a values file
	# you can use a pre-created secret instead of putting passwords
	# (specify secret name in below `dockerRegistryAccountSecret`)
	# per account above with data in the format:
	# <name>: <password>

	# dockerRegistryAccountSecret: myregistry-secrets

	kubeConfig:
	# Use this when you want to register arbitrary clusters with Spinnaker
	# Upload your ~/kube/.config to a secret
	enabled: false
	secretName: my-kubeconfig
	secretKey: config
	# Use this when you want to configure halyard to reference a kubeconfig from s3
	# This allows you to keep your kubeconfig in an encrypted s3 bucket
	# For more info visit:
	# https://www.spinnaker.io/reference/halyard/secrets/s3-secrets/#secrets-in-s3
	# encryptedKubeconfig: encrypted:s3!r:us-west-2!b:mybucket!f:mykubeconfig
	# List of contexts from the kubeconfig to make available to Spinnaker
	contexts:
	- default
	deploymentContext: default
	omittedNameSpaces:
	- kube-system
	- kube-public
	onlySpinnakerManaged:
	enabled: false

	# When false, clouddriver will skip the permission checks for all kubernetes kinds at startup.
	# This can save a great deal of time during clouddriver startup when you have many kubernetes
	# accounts configured. This disables the log messages at startup about missing permissions.
	checkPermissionsOnStartup: true

	# A list of resource kinds this Spinnaker account can deploy to and will cache.
	# When no kinds are configured, this defaults to ‘all kinds'.
	# kinds:
	# -

	# A list of resource kinds this Spinnaker account cannot deploy to or cache.
	# This can only be set when –kinds is empty or not set.
	# omittedKinds:
	# -

	# Change this if youd like to expose Spinnaker outside the cluster
	ingress:
	enabled: false
	# host: spinnaker.example.org
	# annotations:
	# ingress.kubernetes.io/ssl-redirect: 'true'
	# kubernetes.io/ingress.class: nginx
	# kubernetes.io/tls-acme: "true"
	# tls:
	# - secretName: -tls
	# hosts:
	# - domain.com

	ingressGate:
	enabled: false
	# host: gate.spinnaker.example.org
	# annotations:
	# ingress.kubernetes.io/ssl-redirect: 'true'
	# kubernetes.io/ingress.class: nginx
	# kubernetes.io/tls-acme: "true"
	# tls:
	# - secretName: -tls
	# hosts:
	# - domain.com

	# spinnakerFeatureFlags is a list of Spinnaker feature flags to enable
	# Ref: https://www.spinnaker.io/reference/halyard/commands/#hal-config-features-edit
	# spinnakerFeatureFlags:
	# - artifacts
	# - pipeline-templates
	spinnakerFeatureFlags:
	- artifacts
	- jobs

	# Node labels for pod assignment
	# Ref: https://kubernetes.io/docs/user-guide/node-selection/
	# nodeSelector to provide to each of the Spinnaker components
	nodeSelector: {}

	# Redis password to use for the in-cluster redis service
	# Enable redis to use in-cluster redis
	redis:
	enabled: true
	# External Redis option will be enabled if in-cluster redis is disabled
	external:
	host: "<EXTERNAL-REDIS-HOST-NAME>"
	port: 6379
	# password: ""
	password: password
	nodeSelector: {}
	cluster:
	enabled: false
	# Uncomment if you don't want to create a PVC for redis
	# master:
	# persistence:
	# enabled: false

	# Minio access/secret keys for the in-cluster S3 usage
	# Minio is not exposed publically
	minio:
	enabled: false
	imageTag: RELEASE.2019-02-13T19-48-27Z
	serviceType: ClusterIP
	accessKey: spinnakeradmin
	secretKey: spinnakeradmin
	bucket: "spinnaker"
	nodeSelector: {}
	# Uncomment if you don't want to create a PVC for minio
	# persistence:
	# enabled: false

	# Google Cloud Storage
	gcs:
	enabled: false

	# AWS Simple Storage Service
	s3:
	enabled: true
	bucket: spinnaker-dev-s3
	# rootFolder: "front50"
	region: "us-west-2"
	# endpoint: "spinnaker-dev-s3"
	accessKey: REDACTED
	secretKey: REDACTED
	# assumeRole: "<role to assume>"

	# Azure Storage Account
	azs:
	enabled: false
	# storageAccountName: ""
	# accessKey: ""
	# containerName: "spinnaker"

	rbac:
	# Specifies whether RBAC resources should be created
	create: true

	serviceAccount:
	# Specifies whether a ServiceAccount should be created
	create: true
	# The name of the ServiceAccounts to use.
	# If left blank it is auto-generated from the fullname of the release
	halyardName:
	spinnakerName:
	securityContext:
	# Specifies permissions to write for user/group
	runAsUser: 1000
	fsGroup: 1000