forked from mhjacks/multicluster-devsecops
-
Notifications
You must be signed in to change notification settings - Fork 0
/
values-opphub.yaml
152 lines (135 loc) · 3.77 KB
/
values-opphub.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
clusterGroup:
name: hub
isHubCluster: true
storageClass: gp2
# Namespaces that are expected to be created.
# The pattern will apply these namespaces
# and creates an operator group for that namespace
namespaces:
- open-cluster-management
- vault
- golang-external-secrets
- rhacs-operator
- stackrox
- policies
- devsecops-ci
- openshift-storage
- quay-enterprise
# subscriptions: OpenShift Operator subscriptions from OLM/OperatorHub
# - name: the Operator package name (required)
# namespace: expected namespace as specified by Operator (defaults to openshift-operators)
# channel: operator channel from package manifest (required)
# csv: Operator CSV from package manifest.
# only used if global.options.useCSV: true in values-global.yaml
subscriptions:
advanced-cluster-management:
name: advanced-cluster-management
namespace: open-cluster-management
rhacs-operator:
name: rhacs-operator #packageName
namespace: openshift-operators # operator namespace
odf-operator:
name: odf-operator
namespace: openshift-storage
quay-operator:
name: quay-operator
namespace: openshift-operators
# The following section is used by
# OpenShift GitOps (ArgoCD)
projects:
- hub
- opp
- golang-external-secrets
sharedValueFiles:
- '/overrides/values-{{ $.Values.global.clusterPlatform }}.yaml'
- '/overrides/values-{{ $.Values.global.clusterPlatform }}-{{ $.Values.global.clusterVersion }}.yaml' # E:
applications:
acm:
name: acm #arbitary
namespace: open-cluster-management
project: opp
path: common/acm
ignoreDifferences:
- group: internal.open-cluster-management.io
kind: ManagedClusterInfo
jsonPointers:
- /spec/loggingCA
opp:
name: opp
namespace: openshift
project: opp
path: charts/hub/opp
vault:
name: vault
namespace: vault
project: hub
chart: vault
repoURL: https://helm.releases.hashicorp.com
targetRevision: v0.19.0
overrides:
- name: global.openshift
value: "true"
- name: injector.enabled
value: "false"
- name: ui.enabled
value: "true"
- name: ui.serviceType
value: LoadBalancer
- name: server.route.enabled
value: "true"
- name: server.route.host
value: null
- name: server.route.tls.termination
value: edge
- name: server.image.repository
value: "registry.connect.redhat.com/hashicorp/vault"
- name: server.image.tag
value: "1.9.2-ubi"
golang-external-secrets:
name: golang-external-secrets
namespace: golang-external-secrets
project: golang-external-secrets
path: common/golang-external-secrets
cli-tools:
name: cli-tools
namespace: openshift
project: hub
path: charts/hub/cli-tools
# This section is used by ACM
managedClusterGroups:
- name: devel
helmOverrides:
- name: clusterGroup.isHubCluster
value: "false"
clusterSelector:
matchLabels:
clusterGroup: devel
matchExpressions:
- key: vendor
operator: In
values:
- OpenShift
- name: secured
helmOverrides:
- name: clusterGroup.isHubCluster
value: "false"
clusterSelector:
matchLabels:
clusterGroup: secured
matchExpressions:
- key: vendor
operator: In
values:
- OpenShift
#
# Additional applications
# Be sure to include additional resources your apps will require
# +X machines
# +Y RAM
# +Z CPU
# - name: vendor-app
# namespace: default
# project: vendor
# path: path/to/myapp
# repoURL: https://github.com/vendor/applications.git
# targetRevision: main