Skip to content

Commit

Permalink
docs: update Chart README
Browse files Browse the repository at this point in the history
  • Loading branch information
@stek29
stek29 committed Aug 3, 2022
1 parent 783bb81 commit 4f477e6
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 0 deletions.
16 changes: 16 additions & 0 deletions cmd/build/helmify/static/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,24 +79,40 @@ _See [Exempting Namespaces](https://open-policy-agent.github.io/gatekeeper/websi
| postInstall.probeWebhook.waitTimeout | Total time to wait for the webhook API to become available | `60` |
| postInstall.probeWebhook.httpTimeout | HTTP client timeout | `2` |
| postInstall.probeWebhook.insecureHTTPS | Ignore server SSL certificate | `false` |
| postInstall.affinity | The affinity to use for pod scheduling in postInstall hook jobs | `{}` |
| postInstall.tolerations | The tolerations to use for pod scheduling in postInstall hook jobs | `[]` |
| postInstall.nodeSelector | The node selector to use for pod scheduling in postInstall hook jobs | `kubernetes.io/os: linux` |
| postInstall.resources | The resource request/limits for the container image in postInstall hook jobs | `{}` |
| postInstall.securityContext | Security context applied on the container | `{ "allowPrivilegeEscalation": false, "capabilities": "drop": [all], "readOnlyRootFilesystem": true, "runAsGroup": 999, "runAsNonRoot": true, "runAsUser": 1000 }` |
| postUpgrade.labelNamespace.enabled | Add labels to the namespace during post upgrade hooks | `false` |
| postUpgrade.labelNamespace.extraNamespaces | The extra namespaces that need to have the label during post upgrade hooks | `[]` |
| postUpgrade.labelNamespace.image.repository | Image with kubectl to label the namespace | `openpolicyagent/gatekeeper-crds` |
| postUpgrade.labelNamespace.image.tag | Image tag | Current release version: `v3.10.0-beta.0` |
| postUpgrade.labelNamespace.image.pullPolicy | Image pullPolicy | `IfNotPresent` |
| postUpgrade.labelNamespace.image.pullSecrets | Image pullSecrets | `[]`
| postUpgrade.affinity | The affinity to use for pod scheduling in postUpgrade hook jobs | `{}` |
| postUpgrade.tolerations | The tolerations to use for pod scheduling in postUpgrade hook jobs | `[]` |
| postUpgrade.nodeSelector | The node selector to use for pod scheduling in postUpgrade hook jobs | `kubernetes.io/os: linux` |
| postUpgrade.resources | The resource request/limits for the container image in postUpgrade hook jobs | `{}` |
| postUpgrade.securityContext | Security context applied on the container | `{ "allowPrivilegeEscalation": false, "capabilities": "drop": [all], "readOnlyRootFilesystem": true, "runAsGroup": 999, "runAsNonRoot": true, "runAsUser": 1000 }` |
| preUninstall.deleteWebhooks.enabled | Delete webhooks before gatekeeper itself is uninstalled | `false` |
| preUninstall.deleteWebhooks.image.repository | Image with kubectl to delete the webhooks | `openpolicyagent/gatekeeper-crds` |
| preUninstall.deleteWebhooks.image.tag | Image tag | Current release version: `v3.10.0-beta.0` |
| preUninstall.deleteWebhooks.image.pullPolicy | Image pullPolicy | `IfNotPresent` |
| preUninstall.deleteWebhooks.image.pullSecrets | Image pullSecrets | `[]` |
| preUninstall.deleteWebhooks.extraRules | Extra rules for the gatekeeper-delete-webhook-configs Role | `[]` |
| preUninstall.affinity | The affinity to use for pod scheduling in preUninstall hook jobs | `{}` |
| preUninstall.tolerations | The tolerations to use for pod scheduling in preUninstall hook jobs | `[]` |
| preUninstall.nodeSelector | The node selector to use for pod scheduling in preUninstall hook jobs | `kubernetes.io/os: linux` |
| preUninstall.resources | The resource request/limits for the container image in preUninstall hook jobs | `{}` |
| preUninstall.securityContext | Security context applied on the container | `{ "allowPrivilegeEscalation": false, "capabilities": "drop": [all], "readOnlyRootFilesystem": true, "runAsGroup": 999, "runAsNonRoot": true, "runAsUser": 1000 }` |
| psp.enabled | Enabled PodSecurityPolicy | `true` |
| upgradeCRDs.enabled | Upgrade CRDs using pre-install/pre-upgrade hooks | `true` |
| upgradeCRDs.extraRules | Extra rules for the gatekeeper-admin-upgrade-crds ClusterRole | `[]` |
| crds.affinity | The affinity to use for pod scheduling in crds hook jobs | `{}` |
| crds.tolerations | The tolerations to use for pod scheduling in crds hook jobs | `[]` |
| crds.nodeSelector | The node selector to use for pod scheduling in crds hook jobs | `kubernetes.io/os: linux` |
| crds.resources | The resource request/limits for the container image in crds hook jobs | `{}` |
| crds.securityContext | Security context applied to the container | `{ "allowPrivilegeEscalation": false, "capabilities": "drop": [all], "readOnlyRootFilesystem": true, "runAsGroup": 65532, "runAsNonRoot": true, "runAsUser": 65532 }` |
| auditInterval | The frequency with which audit is run | `60` |
| constraintViolationsLimit | The maximum # of audit violations reported on a constraint | `20` |
Expand Down
Loading

0 comments on commit 4f477e6

Please sign in to comment.