-
Notifications
You must be signed in to change notification settings - Fork 0
/
base.yml
121 lines (114 loc) · 5.18 KB
/
base.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
apiVersion: spinnaker.armory.io/v1alpha2
kind: SpinnakerService
metadata:
name: spinnaker
spec:
# spec.spinnakerConfig - This section is how to specify configuration spinnaker
spinnakerConfig:
# spec.spinnakerConfig.config - This section contains the contents of a deployment found in a halconfig .deploymentConfigurations[0]
config:
version: 2.19.8 # the version of Spinnaker to be deployed, see config-patch.yml
# spec.spinnakerConfig.profiles - This section contains the YAML of each service's profile
profiles:
clouddriver: {} # is the contents of ~/.hal/default/profiles/clouddriver.yml
# deck has a special key "settings-local.js" for the contents of settings-local.js
deck:
# settings-local.js - contents of ~/.hal/default/profiles/settings-local.js
# Use the | YAML symbol to indicate a block-style multiline string
settings-local.js: |
window.spinnakerSettings.feature.kustomizeEnabled = true;
window.spinnakerSettings.feature.artifactsRewrite = true;
echo: {} # is the contents of ~/.hal/default/profiles/echo.yml
fiat: {} # is the contents of ~/.hal/default/profiles/fiat.yml
front50: {} # is the contents of ~/.hal/default/profiles/front50.yml
gate: {} # is the contents of ~/.hal/default/profiles/gate.yml
igor: {} # is the contents of ~/.hal/default/profiles/igor.yml
kayenta: {} # is the contents of ~/.hal/default/profiles/kayenta.yml
orca: {} # is the contents of ~/.hal/default/profiles/orca.yml
rosco: {} # is the contents of ~/.hal/default/profiles/rosco.yml
# spec.spinnakerConfig.service-settings - This section contains the YAML of the service's service-setting
# see https://www.spinnaker.io/reference/halyard/custom/#tweakable-service-settings for available settings
service-settings:
clouddriver:
kubernetes:
volumes:
- id: internal-trust-store
mountPath: /etc/ssl/certs/java
type: secret
deck: {}
echo:
kubernetes:
volumes:
- id: internal-trust-store
mountPath: /etc/ssl/certs/java
type: secret
fiat:
kubernetes:
volumes:
- id: internal-trust-store
mountPath: /etc/ssl/certs/java
type: secret
front50:
kubernetes:
volumes:
- id: internal-trust-store
mountPath: /etc/ssl/certs/java
type: secret
gate:
kubernetes:
volumes:
- id: internal-trust-store
mountPath: /etc/ssl/certs/java
type: secret
igor: {}
kayenta: {}
orca:
kubernetes:
volumes:
- id: internal-trust-store
mountPath: /etc/ssl/certs/java
type: secret
rosco: {}
# spec.spinnakerConfig.files - This section allows you to include any other raw string files not handle above.
# The KEY is the filepath and filename of where it should be placed
# - Files here will be placed into ~/.hal/default/ on halyard
# - __ is used in place of / for the path separator
# The VALUE is the contents of the file.
# - Use the | YAML symbol to indicate a block-style multiline string
# - We currently only support string files
# - NOTE: Kubernetes has a manifest size limitation of 1MB
# files:
# profiles__rosco__packer__example-packer-config.json: |
# {
# "packerSetting": "someValue"
# }
# profiles__rosco__packer__my_custom_script.sh: |
# #!/bin/bash -e
# echo "hello world!"
# spec.expose - This section defines how Spinnaker should be publicly exposed
expose:
type: service # Kubernetes LoadBalancer type (service/ingress), note: only "service" is supported for now
service:
type: LoadBalancer
# annotations to be set on Kubernetes LoadBalancer type
# they will only apply to spin-gate, spin-gate-x509, or spin-deck
annotations:
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
# uncomment the line below to provide an AWS SSL certificate to terminate SSL at the LoadBalancer
#service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-west-2:9999999:certificate/abc-123-abc
# provide an override to the exposing KubernetesService
overrides:
# Provided below is the example config for the Gate-X509 configuration
# deck:
# annotations:
# service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-west-2:9999999:certificate/abc-123-abc
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
# gate:
# annotations:
# service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:us-west-2:9999999:certificate/abc-123-abc
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: https # X509 requires https from LoadBalancer -> Gate
# gate-x509:
# annotations:
# service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
# service.beta.kubernetes.io/aws-load-balancer-ssl-cert: null
# publicPort: 443