phumberdroz · May 20, 2019 14:08
diff --git a/helmfile.yaml b/helmfile.yaml
 # context: kube-context # this directive is deprecated, please consider using helmDefaults.kubeContext

 #default values to set for args along with dedicated keys that can be set by contributers, cli args take precedence over these
 helmDefaults:
  tillerNamespace: kube-system
  tillerless: true
  kubeContext: kube-context
  # defaults for verify, wait, force, timeout and recreatePods under releases[]
  verify: true
  wait: true
  timeout: 600
  recreatePods: true
  force: true
  # enable TLS for request to Tiller
  tls: false

 releases:
  # Published chart example
  # - name: vault                            # name of this release
  #   namespace: vault                       # target namespace
  #   labels:                                  # Arbitrary key value pairs for filtering releases
  #     foo: bar
  #   chart: roboll/vault-secret-manager     # the chart being installed to create this release, referenced by `repository/chart` syntax
  #   version: ~1.24.1                       # the semver of the chart. range constraint is supported
  #   missingFileHandler: warn # set to either "Error" or "Warn". "Error" instructs helmfile to fail when unable to find a values or secrets file. When "Warn", it prints the file and continues.
  #   values:
  #     # value files passed via --values
  #     - vault.yaml
  #     # inline values, passed via a temporary values file and --values
  #     - address: https://vault.example.com
  #       db:
  #         username: {{ requiredEnv "DB_USERNAME" }}
  #         # value taken from environment variable. Quotes are necessary. Will throw an error if the environment variable is not set. $DB_PASSWORD needs to be set in the calling environment ex: export DB_PASSWORD='password1'
  #         password: {{ requiredEnv "DB_PASSWORD" }}
  #       proxy:
  #         # Interpolate environment variable with a fixed string
  #         domain: {{ requiredEnv "PLATFORM_ID" }}.my-domain.com
  #         scheme: {{ env "SCHEME" | default "https" }}
  #   set:
  #   # single value loaded from a local file, translates to --set-file foo.config=path/to/file
  #   - name: foo.config
  #     file: path/to/file
  #   # set a single array value in an array, translates to --set bar[0]={1,2}
  #   - name: bar[0]
  #     values:
  #     - 1
  #     - 2
  #   # set a templated value
  #   - name: namespace
  #     value: {{ .Namespace }}
  #   # will attempt to decrypt it using helm-secrets plugin
  #   secrets:
  #     - vault_secret.yaml
  #   # wait for k8s resources via --wait. Defaults to `false`
  #   wait: true
  #   # time in seconds to wait for any individual Kubernetes operation (like Jobs for hooks, and waits on pod/pvc/svc/deployment readiness) (default 300)
  #   timeout: 60
  #   # performs pods restart for the resource if applicable
  #   recreatePods: true
  #   # forces resource update through delete/recreate if needed
  #   force: true
  #   # set `false` to uninstall on sync
  #   installed: true
  #   # restores previous state in case of failed release
  #   atomic: true
  #   # name of the tiller namespace
  #   tillerNamespace: vault
  #   # if true, will use the helm-tiller plugin
  #   tillerless: false
  #   # enable TLS for request to Tiller
  #   tls: true
  #   # path to TLS CA certificate file (default "$HELM_HOME/ca.pem")
  #   tlsCACert: "path/to/ca.pem"
  #   # path to TLS certificate file (default "$HELM_HOME/cert.pem")
  #   tlsCert: "path/to/cert.pem"
  #   # path to TLS key file (default "$HELM_HOME/key.pem")
  #   tlsKey: "path/to/key.pem"
  ##############################################################
  # - name: prometheus
  #   namespace: monitoring
  #   chart: stable/prometheus
  #   version: ~8
  ##############################################################
  # Local chart example
  - name: cert-manager-issuers
    namespace: cert-manager
    chart: ./cert-manager/cert-manager-issuers
    values:
    - "./cert-manager/cert-manager-issuers/values.yaml"
    wait: true
	# context: kube-context # this directive is deprecated, please consider using helmDefaults.kubeContext

	#default values to set for args along with dedicated keys that can be set by contributers, cli args take precedence over these
	helmDefaults:
	tillerNamespace: kube-system
	tillerless: true
	kubeContext: kube-context
	# defaults for verify, wait, force, timeout and recreatePods under releases[]
	verify: true
	wait: true
	timeout: 600
	recreatePods: true
	force: true
	# enable TLS for request to Tiller
	tls: false

	releases:
	# Published chart example
	# - name: vault # name of this release
	# namespace: vault # target namespace
	# labels: # Arbitrary key value pairs for filtering releases
	# foo: bar
	# chart: roboll/vault-secret-manager # the chart being installed to create this release, referenced by `repository/chart` syntax
	# version: ~1.24.1 # the semver of the chart. range constraint is supported
	# missingFileHandler: warn # set to either "Error" or "Warn". "Error" instructs helmfile to fail when unable to find a values or secrets file. When "Warn", it prints the file and continues.
	# values:
	# # value files passed via --values
	# - vault.yaml
	# # inline values, passed via a temporary values file and --values
	# - address: https://vault.example.com
	# db:
	# username: {{ requiredEnv "DB_USERNAME" }}
	# # value taken from environment variable. Quotes are necessary. Will throw an error if the environment variable is not set. $DB_PASSWORD needs to be set in the calling environment ex: export DB_PASSWORD='password1'
	# password: {{ requiredEnv "DB_PASSWORD" }}
	# proxy:
	# # Interpolate environment variable with a fixed string
	# domain: {{ requiredEnv "PLATFORM_ID" }}.my-domain.com
	# scheme: {{ env "SCHEME" \| default "https" }}
	# set:
	# # single value loaded from a local file, translates to --set-file foo.config=path/to/file
	# - name: foo.config
	# file: path/to/file
	# # set a single array value in an array, translates to --set bar[0]={1,2}
	# - name: bar[0]
	# values:
	# - 1
	# - 2
	# # set a templated value
	# - name: namespace
	# value: {{ .Namespace }}
	# # will attempt to decrypt it using helm-secrets plugin
	# secrets:
	# - vault_secret.yaml
	# # wait for k8s resources via --wait. Defaults to `false`
	# wait: true
	# # time in seconds to wait for any individual Kubernetes operation (like Jobs for hooks, and waits on pod/pvc/svc/deployment readiness) (default 300)
	# timeout: 60
	# # performs pods restart for the resource if applicable
	# recreatePods: true
	# # forces resource update through delete/recreate if needed
	# force: true
	# # set `false` to uninstall on sync
	# installed: true
	# # restores previous state in case of failed release
	# atomic: true
	# # name of the tiller namespace
	# tillerNamespace: vault
	# # if true, will use the helm-tiller plugin
	# tillerless: false
	# # enable TLS for request to Tiller
	# tls: true
	# # path to TLS CA certificate file (default "$HELM_HOME/ca.pem")
	# tlsCACert: "path/to/ca.pem"
	# # path to TLS certificate file (default "$HELM_HOME/cert.pem")
	# tlsCert: "path/to/cert.pem"
	# # path to TLS key file (default "$HELM_HOME/key.pem")
	# tlsKey: "path/to/key.pem"
	##############################################################
	# - name: prometheus
	# namespace: monitoring
	# chart: stable/prometheus
	# version: ~8
	##############################################################
	# Local chart example
	- name: cert-manager-issuers
	namespace: cert-manager
	chart: ./cert-manager/cert-manager-issuers
	values:
	- "./cert-manager/cert-manager-issuers/values.yaml"
	wait: true