rancher-partner-charts/charts/kasten/k10/6.0.401/questions.yaml

296 lines
8.9 KiB
YAML

questions:
# ========================
# SECRETS And Configuration
# ========================
### AWS Configuration
- variable: secrets.awsAccessKeyId
description: "AWS access key ID (required for AWS deployment)"
type: password
label: AWS Access Key ID
required: false
group: "AWS Configuration"
- variable: secrets.awsSecretAccessKey
description: "AWS access key secret (required for AWS deployment)"
type: password
label: AWS Secret Access Key
required: false
group: "AWS Configuration"
- variable: secrets.awsIamRole
description: "ARN of the AWS IAM role assumed by K10 to perform any AWS operation."
type: string
label: ARN of the AWS IAM role
required: false
group: "AWS Configuration"
- variable: awsConfig.assumeRoleDuration
description: "Duration of a session token generated by AWS for an IAM role"
type: string
label: Role Duration
required: false
default: ""
group: "AWS Configuration"
- variable: awsConfig.efsBackupVaultName
description: "Specifies the AWS EFS backup vault name"
type: string
label: EFS Backup Vault Name
required: false
default: "k10vault"
group: "AWS Configuration"
### Google Cloud Configuration
- variable: secrets.googleApiKey
description: "Required If cluster is deployed on Google Cloud"
type: multiline
label: Non-default base64 encoded GCP Service Account key file
required: false
group: "GoogleApi Configuration"
### Azure Configuration
- variable: secrets.azureTenantId
description: "Azure tenant ID (required for Azure deployment)"
type: string
label: Tenant ID
required: false
group: "Azure Configuration"
- variable: secrets.azureClientId
description: "Azure Service App ID"
type: password
label: Service App ID
required: false
group: "Azure Configuration"
- variable: secrets.azureClientSecret
description: "Azure Service App secret"
type: password
label: Service App secret
required: false
group: "Azure Configuration"
- variable: secrets.azureResourceGroup
description: "Resource Group name that was created for the Kubernetes cluster"
type: string
label: Resource Group
required: false
group: "Azure Configuration"
- variable: secrets.azureSubscriptionID
description: "Subscription ID in your Azure tenant"
type: string
label: Subscription ID
required: false
group: "Azure Configuration"
- variable: secrets.azureResourceMgrEndpoint
description: "Resource management endpoint for the Azure Stack instance"
type: string
label: Resource management endpoint
required: false
group: "Azure Configuration"
- variable: secrets.azureADEndpoint
description: "Azure Active Directory login endpoint"
type: string
label: Active Directory login endpoint
required: false
group: "Azure Configuration"
- variable: secrets.azureADResourceID
description: "Azure Active Directory resource ID to obtain AD tokens"
type: string
label: Active Directory resource ID
required: false
group: "Azure Configuration"
# ========================
# Authentication
# ========================
- variable: auth.basicAuth.enabled
description: "Configures basic authentication for the K10 dashboard"
type: boolean
label: Enable Basic Authentication
required: false
group: "Authentication"
show_subquestion_if: true
subquestions:
- variable: auth.basicAuth.htpasswd
description: "A username and password pair separated by a colon character"
type: password
label: Authentication Details (htpasswd)
- variable: auth.basicAuth.secretName
description: "Name of an existing Secret that contains a file generated with htpasswd"
type: string
label: Secret Name
- variable: auth.tokenAuth.enabled
description: "Configures token based authentication for the K10 dashboard"
type: boolean
label: Enable Token Based Authentication
required: false
group: "Authentication"
- variable: auth.oidcAuth.enabled
description: "Configures Open ID Connect based authentication for the K10 dashboard"
type: boolean
label: Enable OpenID Connect Based Authentication
required: false
group: "Authentication"
show_subquestion_if: true
subquestions:
- variable: auth.oidcAuth.providerURL
description: "URL for the OIDC Provider"
type: string
label: OIDC Provider URL
- variable: auth.oidcAuth.redirectURL
description: "URL for the K10 gateway Provider"
type: string
label: OIDC Redirect URL
- variable: auth.oidcAuth.scopes
description: "Space separated OIDC scopes required for userinfo. Example: `profile email`"
type: string
label: OIDC scopes
- variable: auth.oidcAuth.prompt
description: "The type of prompt to be used during authentication (none, consent, login, or select_account)"
type: enum
options:
- none
- consent
- login
- select_account
default: none
label: The type of prompt to be used during authentication (none, consent, login, or select_account)
- variable: auth.oidcAuth.clientID
description: "Client ID given by the OIDC provider for K10"
type: password
label: OIDC Client ID
- variable: auth.oidcAuth.clientSecret
description: "Client secret given by the OIDC provider for K10"
type: password
label: OIDC Client Secret
- variable: auth.oidcAuth.usernameClaim
description: "The claim to be used as the username"
type: string
label: OIDC UserName Claim
- variable: auth.oidcAuth.usernamePrefix
description: "Prefix that has to be used with the username obtained from the username claim"
type: string
label: OIDC UserName Prefix
- variable: auth.oidcAuth.groupClaim
description: "Name of a custom OpenID Connect claim for specifying user groups"
type: string
label: OIDC group Claim
- variable: auth.oidcAuth.groupPrefix
description: "All groups will be prefixed with this value to prevent conflicts"
type: string
label: OIDC group Prefix
# ========================
# External Gateway
# ========================
- variable: externalGateway.create
description: "Configures an external gateway for K10 API services"
type: boolean
label: Create External Gateway
required: false
group: "External Gateway"
show_subquestion_if: true
subquestions:
- variable: externalGateway.annotations
description: "Standard annotations for the services"
type: multiline
default: ""
label: Annotation
- variable: externalGateway.fqdn.name
description: "Domain name for the K10 API services"
type: string
label: Domain Name
- variable: externalGateway.fqdn.type
description: "Supported gateway type: `route53-mapper` or `external-dns`"
type: string
label: Gateway Type route53-mapper or external-dns
- variable: externalGateway.awsSSLCertARN
description: "ARN for the AWS ACM SSL certificate used in the K10 API server"
type: multiline
label: ARN for the AWS ACM SSL certificate
# ========================
# Storage Management
# ========================
- variable: global.persistence.storageClass
label: StorageClass Name
description: "Specifies StorageClass Name to be used for PVCs"
type: string
required: false
default: ""
group: "Storage Management"
- variable: prometheus.server.persistentVolume.storageClass
type: string
label: StorageClass Name for Prometheus PVC
description: "StorageClassName used to create Prometheus PVC. Setting this option overwrites global StorageClass value"
default: ""
required: false
group: "Storage Management"
- variable: prometheus.server.persistentVolume.enabled
type: boolean
label: Enable PVC for Prometheus server
description: "If true, K10 Prometheus server will create a Persistent Volume Claim"
default: true
required: false
group: "Storage Management"
- variable: global.persistence.enabled
type: boolean
label: Storage Enabled
description: "If true, K10 will use Persistent Volume Claim"
default: true
required: false
group: "Storage Management"
# ========================
# Service Account
# ========================
- variable: serviceAccount.name
description: "Name of a service account in the target namespace that has cluster-admin permissions. This is needed for the K10 to be able to protect cluster resources."
type: string
label: Service Account Name
required: false
group: "Service Account"
# ========================
# License
# ========================
- variable: license
description: "License string obtained from Kasten"
type: multiline
label: License String
group: "License"
- variable: eula.accept
description: "Whether to enable accept EULA before installation"
type: boolean
label: Enable accept EULA before installation
group: "License"
show_subquestion_if: true
subquestions:
- variable: eula.company
description: "Company name. Required field if EULA is accepted"
type: string
label: Company Name
- variable: eula.email
description: "Contact email. Required field if EULA is accepted"
type: string
label: Contact Email