mirror of https://git.rancher.io/charts
43 lines
1.2 KiB
YAML
43 lines
1.2 KiB
YAML
|
certificates:
|
||
|
|
certManager:
|
||
|
|
# Enable cert manager integration. Cert manager should be already installed at the k8s cluster
|
||
|
|
enabled: true
|
||
|
|
version: ""
|
||
|
|
# If cert-manager integration is disabled, upload certs data (ca.crt, tls.crt and tls.key) as k8s secretName in the namespace
|
||
|
|
secretName: gmsa-server-cert
|
||
|
|
|
||
|
|
credential:
|
||
|
|
enabled: true
|
||
|
|
domainJoinConfig:
|
||
|
|
dnsName: "" #DNS Domain Name
|
||
|
|
dnsTreeName: "" #DNS Domain Name Root
|
||
|
|
guid: "" #GUID
|
||
|
|
machineAccountName: "" #Username of the GMSA account
|
||
|
|
netBiosName: "" #NETBIOS Domain Name
|
||
|
|
sid: "" #SID of GMSA
|
||
|
|
|
||
|
|
image:
|
||
|
|
repository: rancher/mirrored-sigwindowstools-k8s-gmsa-webhook
|
||
|
|
tag: v0.3.0
|
||
|
|
imagePullPolicy: IfNotPresent
|
||
|
|
|
||
|
|
global:
|
||
|
|
cattle:
|
||
|
|
systemDefaultRegistry: ""
|
||
|
|
kubectl:
|
||
|
|
repository: rancher/kubectl
|
||
|
|
tag: v1.22.6
|
||
|
|
pullPolicy: IfNotPresent
|
||
|
|
|
||
|
|
## SecurityContext holds pod-level security attributes and common container settings.
|
||
|
|
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
|
||
|
|
##
|
||
|
|
podSecurityContext:
|
||
|
|
runAsNonRoot: false
|
||
|
|
# Currently, required to run as root due to port binding within the container.
|
||
|
|
runAsUser: 0
|
||
|
|
securityContext: {}
|
||
|
|
|
||
|
|
tolerations: []
|
||
|
|
|