github.com/kyma-project/kyma-environment-broker@v0.0.1/resources/keb/values.yaml (about) 1 global: 2 images: 3 cloudsql_proxy_image: "europe-docker.pkg.dev/kyma-project/prod/tpi/cloudsql-docker/gce-proxy:v1.33.8-afb993b8" 4 container_registry: 5 path: europe-docker.pkg.dev/kyma-project/prod 6 kyma_environment_broker: 7 dir: 8 version: "v20231027-e9399d33" 9 kyma_environments_subaccount_cleanup_job: 10 dir: 11 version: "v20231027-e9399d33" 12 kyma_environment_trial_cleanup_job: 13 dir: 14 version: "v20231027-e9399d33" 15 kyma_environment_deprovision_retrigger_job: 16 dir: 17 version: "v20231027-e9399d33" 18 kyma_environment_runtime_reconciler: 19 dir: 20 version: "v20231027-e9399d33" 21 kyma_environment_broker: 22 enabled: false 23 serviceAccountName: "kcp-kyma-environment-broker" 24 secrets: 25 integrationSystemCredentials: 26 name: kcp-kyma-environment-broker-credentials 27 environmentsCleanup: 28 enabled: false 29 30 deployment: 31 replicaCount: 1 32 image: 33 pullPolicy: Always 34 securityContext: 35 runAsUser: 2000 36 strategy: {} # Read more: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy 37 nodeSelector: {} 38 39 imagePullSecrets: [] 40 nameOverride: "" 41 fullnameOverride: "" 42 host: "kyma-env-broker" 43 manageSecrets: true 44 45 broker: 46 port: "8080" 47 # serving health probes routes on statusPort 48 statusPort: "8071" 49 defaultRequestRegion: "cf-eu10" 50 operationTimeout: "24h" 51 profiler: 52 memory: false 53 events: 54 enabled: false 55 56 service: 57 type: ClusterIP 58 port: 80 59 60 swagger: 61 virtualService: 62 enabled: true 63 64 resources: 65 {} 66 # We usually recommend not to specify default resources and to leave this as a conscious 67 # choice for the user. This also increases chances charts run on environments with little 68 # resources, such as Minikube. If you do want to specify resources, uncomment the following 69 # lines, adjust them as necessary, and remove the curly braces after 'resources:'. 70 # limits: 71 # cpu: 100m 72 # memory: 128Mi 73 # requests: 74 # cpu: 100m 75 # memory: 128Mi 76 77 serviceAccount: 78 annotations: {} 79 80 reconciler: 81 URL: "http://kcp-mothership-reconciler.kcp-system.svc.cluster.local" 82 # Defines how long KEB checks the status of the provisioning reconciliation. 83 provisioningTimeout: "2h" 84 disabled: "false" 85 86 lifecycleManager: 87 disabled: "true" 88 89 provisioner: 90 URL: "http://kcp-provisioner.kcp-system.svc.cluster.local:3000/graphql" 91 92 # Defines how long should the Kyma Environment Broker checks the status of the provisioning in the Provisioner. 93 # The Provisioner timeout is defined in resources/kcp/charts/provisioner/values.yaml 94 timeout: "12h" 95 provisioningTimeout: "6h" 96 deprovisioningTimeout: "5h" 97 98 openstack: 99 floatingPoolName: "FloatingIP-external-cp-kyma" 100 101 gardener: 102 # name of the secret with kubeconfig to the gardener cluster 103 secretName: "gardener" 104 # name of the gardener project 105 projectName: "gopher" 106 107 director: 108 scope: "runtime:read runtime:write" 109 110 additionalRuntimeComponents: |- 111 - name: "service-manager-proxy" 112 namespace: "kyma-system" 113 - name: "uaa-activator" 114 namespace: "kyma-system" 115 - name: "compass-runtime-agent" 116 namespace: "kyma-system" 117 - name: "knative-eventing-kafka" 118 namespace: "knative-eventing" 119 120 newAdditionalRuntimeComponents: |- 121 - name: "service-manager-proxy" 122 namespace: "kyma-system" 123 - name: "compass-runtime-agent" 124 namespace: "kyma-system" 125 126 trialRegionsMapping: |- 127 cf-eu10: europe 128 cf-us10: us 129 cf-apj21: asia 130 131 skrOIDCDefaultValues: |- 132 clientID: "9bd05ed7-a930-44e6-8c79-e6defeb7dec9" 133 issuerURL: "https://kymatest.accounts400.ondemand.com" 134 groupsClaim: "groups" 135 signingAlgs: [ "RS256" ] 136 usernamePrefix: "-" 137 usernameClaim: "sub" 138 139 skrDNSProvidersValues: |- 140 providers: [] 141 142 euAccessWhitelistedGlobalAccountIds: |- 143 whitelist: 144 euAccessRejectionMessage: "Due to limited availability, you need to open support ticket before attempting to provision Kyma clusters in EU Access only regions" 145 146 kymaVersion: "2.0" 147 kymaVersionOnDemand: "false" 148 149 disableProcessOperationsInProgress: "false" 150 enablePlans: "azure,gcp,azure_lite,trial" 151 onlySingleTrialPerGA: "true" 152 enableKubeconfigURLLabel: "false" 153 includeAdditionalParamsInSchema: "false" 154 showTrialExpirationInfo: "false" 155 subaccountsIdsToShowTrialExpirationInfo: "a45be5d8-eddc-4001-91cf-48cc644d571f" 156 trialDocsURL: "https://help.sap.com/docs/" 157 allowNetworkingParameters: "false" 158 regionParameterIsRequired: "false" 159 allowModulesParameters: "false" 160 osbUpdateProcessingEnabled: "false" 161 162 gardener: 163 project: "kyma-dev" # Gardener project connected to SA for HAP credentials lookup 164 shootDomain: "kyma-dev.shoot.canary.k8s-hana.ondemand.com" 165 kubeconfigPath: "/gardener/kubeconfig/kubeconfig" 166 secretName: "gardener-credentials" 167 kubernetesVersion: "1.16.9" 168 defaultShootPurpose: "development" 169 # if empty, the Gardener default value is used 170 machineImage: "" 171 # if empty, the Gardener default value is used 172 machineImageVersion: "" 173 trialNodesNumber: "1" 174 freemiumProviders: "azure,aws" 175 defaultTrialProvider: "Azure" # Azure, AWS 176 autoUpdateKubernetesVersion: "true" 177 autoUpdateMachineImageVersion: "false" 178 multiZoneCluster: "false" 179 180 kubeconfig: 181 issuerURL: "TBD" 182 clientID: "TBD" 183 allowOrigins: "*" 184 185 avs: 186 secretName: "avs-creds" 187 apiEndpoint: "TBD" 188 apiKey: "TBD" 189 clientId: "TBD" 190 oauthPassword: "TBD" 191 oauthTokenEndpoint: "TBD" 192 oauthUserName: "TBD" 193 internalTesterAccessId: "40" 194 externalTesterAccessId: "40" 195 groupId: "40" 196 parentId: "40" 197 # if set - overrides default tester service name 198 internalTesterService: "" 199 externalTesterService: "" 200 # List of tags to bind to testers. 201 # Example: 202 # internalTesterTags: |- 203 # - content: tag-A 204 # tag_id: 1 205 # tag_name: value-A 206 # - content: tag-B 207 # tag_id: 2 208 # tag_name: value-B 209 instanceIdTagClassId: "0" 210 globalAccountIdTagClassId: "0" 211 subAccountIdTagClassId: "0" 212 landscapeTagClassId: "0" 213 providerTagClassId: "0" 214 regionTagClassId: "0" 215 shootNameTagClassId: "0" 216 externalTesterDisabled: false 217 trialApiKey: "" 218 trialInternalTesterAccessId: "0" 219 trialGroupId: "0" 220 trialParentId: "0" 221 maintenanceModeDuringUpgrade: 222 disabled: false # disable AvS maintenance mode during upgrade, false until SKR ZDM is done 223 alwaysDisabledGlobalAccountIDs: [] # list of GA IDs where maintenance mode is always disabled during upgrade 224 225 ias: 226 secretName: "ias-creds" 227 url: "TBD" 228 id: "TBD" 229 secret: "TBD" 230 identityProvider: "TBD" 231 disabled: true 232 tlsRenegotiationEnable: false 233 skipCertVerification: false 234 235 edp: 236 authURL: "TBD" 237 adminURL: "TBD" 238 namespace: "kyma-dev" 239 environment: "dev" 240 required: false 241 disabled: true 242 secret: "TBD" 243 secretName: "edp-creds" 244 245 ems: 246 disabled: true 247 skipDeprovisionAzureEventingAtUpgrade: false 248 249 cis: 250 v1: 251 authURL: "TBD" 252 eventServiceURL: "TBD" 253 id: "TBD" 254 secret: "TBD" 255 secretName: "cis-creds-v1" 256 v2: 257 authURL: "TBD" 258 eventServiceURL: "TBD" 259 id: "TBD" 260 secret: "TBD" 261 secretName: "cis-creds-v2" 262 rateLimitingInterval: 2s 263 maxRequestRetries: 3 264 265 notification: 266 url: "TBD" 267 disabled: true 268 269 oidc: 270 issuer: https://kymatest.accounts400.ondemand.com 271 keysURL: https://kymatest.accounts400.ondemand.com/oauth2/certs 272 groups: 273 admin: runtimeAdmin 274 operator: runtimeOperator 275 orchestrations: orchestrationsAdmin 276 277 kebClient: 278 scope: "broker:write cld:read" 279 280 runtimeAllowedPrincipals: |- 281 - cluster.local/ns/kcp-system/sa/kcp-kyma-metrics-collector 282 283 subaccountCleanup: 284 enabled: "false" 285 schedule: "0 1 * * *" 286 287 trialCleanup: 288 schedule: "0,15,30,45 * * * *" 289 dryRun: true 290 expirationPeriod: 336h 291 292 deprovisionRetrigger: 293 schedule: "0 2 * * *" 294 dryRun: true 295 # The following section should be uncommented when deprovision-regtrigger-job is going to be switched 296 # to the generic job 297 # name: "deprovision-retrigger-job" 298 # schedule: "0 2 * * *" 299 # imageName: "kyma-environment-deprovision-retrigger-job" 300 # cronJobName: "deprovision-retrigger-job" 301 # maxAge: "24h" 302 # version: "PR-2476" 303 # dir: 304 # envs: 305 # - APP_DRY_RUN: "\{\{ .Values.deprovisionRetrigger.dryRun \}\}" # remove escape slashes when uncommenting the section 306 307 serviceMonitor: 308 enabled: true 309 scrapeTimeout: &scrapeTimeout 10s 310 interval: &scrapeInterval 30s 311 312 vmscrapes: 313 enabled: false 314 scrapeTimeout: *scrapeTimeout 315 interval: *scrapeInterval 316 317 dashboardConfig: 318 landscapeURL: "https://dashboard.dev.kyma.cloud.sap" 319 320 cronJobs: 321 322 runtimeReconciler: 323 enabled: false 324 dryRun: true 325 jobEnabled: false 326 jobInterval: 1440 327 jobReconciliationDelay: 1s 328 watcherEnabled: false 329 watcherAddress: 8888 330 watcherName: btp-manager-secret-watcher