Update chart version

gatekeeper/values.yaml

@@ -1,277 +1,278 @@
-gatekeeper:
-  replicas: 3
-  revisionHistoryLimit: 10
-  auditInterval: 60
-  metricsBackends: ["prometheus"]
-  auditMatchKindOnly: false
-  constraintViolationsLimit: 20
-  auditFromCache: false
-  disableMutation: false
-  disableValidatingWebhook: false
-  validatingWebhookName: gatekeeper-validating-webhook-configuration
-  validatingWebhookTimeoutSeconds: 3
-  validatingWebhookFailurePolicy: Ignore
-  validatingWebhookAnnotations: {}
-  validatingWebhookExemptNamespacesLabels: {}
-  validatingWebhookObjectSelector: {}
-  validatingWebhookCheckIgnoreFailurePolicy: Fail
-  validatingWebhookCustomRules: {}
-  validatingWebhookURL: null
-  enableDeleteOperations: false
-  enableExternalData: true
-  enableGeneratorResourceExpansion: true
-  enableTLSHealthcheck: false
-  maxServingThreads: -1
-  mutatingWebhookName: gatekeeper-mutating-webhook-configuration
-  mutatingWebhookFailurePolicy: Ignore
-  mutatingWebhookReinvocationPolicy: Never
-  mutatingWebhookAnnotations: {}
-  mutatingWebhookExemptNamespacesLabels: {}
-  mutatingWebhookObjectSelector: {}
-  mutatingWebhookTimeoutSeconds: 1
-  mutatingWebhookCustomRules: {}
-  mutatingWebhookURL: null
-  mutationAnnotations: false
-  auditChunkSize: 500
-  logLevel: INFO
-  logDenies: false
-  logMutations: false
-  emitAdmissionEvents: false
-  emitAuditEvents: false
-  admissionEventsInvolvedNamespace: false
-  auditEventsInvolvedNamespace: false
-  resourceQuota: true
-  externaldataProviderResponseCacheTTL: 3m
-  image:
-    repository: openpolicyagent/gatekeeper
-    crdRepository: openpolicyagent/gatekeeper-crds
-    release: v3.15.0-beta.0
-    pullPolicy: Always
-    pullSecrets: []
-  preInstall:
-    crdRepository:
-      image:
-        repository: null
-        tag: v3.15.0-beta.0
-  postUpgrade:
-    labelNamespace:
-      enabled: false
-      image:
-        repository: openpolicyagent/gatekeeper-crds
-        tag: v3.15.0-beta.0
-        pullPolicy: IfNotPresent
-        pullSecrets: []
-      extraNamespaces: []
-      podSecurity: ["pod-security.kubernetes.io/audit=restricted",
-        "pod-security.kubernetes.io/audit-version=latest",
-        "pod-security.kubernetes.io/warn=restricted",
-        "pod-security.kubernetes.io/warn-version=latest",
-        "pod-security.kubernetes.io/enforce=restricted",
-        "pod-security.kubernetes.io/enforce-version=v1.24"]
-      extraAnnotations: {}
-      priorityClassName: ""
-    affinity: {}
-    tolerations: []
-    nodeSelector: {kubernetes.io/os: linux}
-    resources: {}
-    securityContext:
-      allowPrivilegeEscalation: false
-      capabilities:
-        drop:
-        - ALL
-      readOnlyRootFilesystem: true
-      runAsGroup: 999
-      runAsNonRoot: true
-      runAsUser: 1000
-  postInstall:
-    labelNamespace:
-      enabled: true
-      extraRules: []
-      image:
-        repository: openpolicyagent/gatekeeper-crds
-        tag: v3.15.0-beta.0
-        pullPolicy: IfNotPresent
-        pullSecrets: []
-      extraNamespaces: []
-      podSecurity: ["pod-security.kubernetes.io/audit=restricted",
-        "pod-security.kubernetes.io/audit-version=latest",
-        "pod-security.kubernetes.io/warn=restricted",
-        "pod-security.kubernetes.io/warn-version=latest",
-        "pod-security.kubernetes.io/enforce=restricted",
-        "pod-security.kubernetes.io/enforce-version=v1.24"]
-      extraAnnotations: {}
-      priorityClassName: ""
-    probeWebhook:
-      enabled: true
-      image:
-        repository: curlimages/curl
-        tag: 7.83.1
-        pullPolicy: IfNotPresent
-        pullSecrets: []
-      waitTimeout: 60
-      httpTimeout: 2
-      insecureHTTPS: false
-      priorityClassName: ""
-    affinity: {}
-    tolerations: []
-    nodeSelector: {kubernetes.io/os: linux}
-    securityContext:
-      allowPrivilegeEscalation: false
-      capabilities:
-        drop:
-        - ALL
-      readOnlyRootFilesystem: true
-      runAsGroup: 999
-      runAsNonRoot: true
-      runAsUser: 1000
-  preUninstall:
-    deleteWebhookConfigurations:
-      extraRules: []
-      enabled: false
-      image:
-        repository: openpolicyagent/gatekeeper-crds
-        tag: v3.15.0-beta.0
-        pullPolicy: IfNotPresent
-        pullSecrets: []
-      priorityClassName: ""
-    affinity: {}
-    tolerations: []
-    nodeSelector: {kubernetes.io/os: linux}
-    resources: {}
-    securityContext:
-      allowPrivilegeEscalation: false
-      capabilities:
-        drop:
-        - ALL
-      readOnlyRootFilesystem: true
-      runAsGroup: 999
-      runAsNonRoot: true
-      runAsUser: 1000
-  podAnnotations: {}
-  auditPodAnnotations: {}
-  podLabels: {}
-  podCountLimit: "100"
-  secretAnnotations: {}
-  enableRuntimeDefaultSeccompProfile: true
-  controllerManager:
-    exemptNamespaces: []
-    exemptNamespacePrefixes: []
-    hostNetwork: false
-    dnsPolicy: ClusterFirst
-    port: 8443
-    metricsPort: 8888
-    healthPort: 9090
-    readinessTimeout: 1
-    livenessTimeout: 1
-    priorityClassName: system-cluster-critical
-    disableCertRotation: false
-    tlsMinVersion: 1.3
-    clientCertName: ""
-    strategyType: RollingUpdate
-    affinity:
-      podAntiAffinity:
-        preferredDuringSchedulingIgnoredDuringExecution:
-          - podAffinityTerm:
-              labelSelector:
-                matchExpressions:
-                  - key: gatekeeper.sh/operation
-                    operator: In
-                    values:
-                      - webhook
-              topologyKey: kubernetes.io/hostname
-            weight: 100
-    topologySpreadConstraints: []
-    tolerations: []
-    nodeSelector: {kubernetes.io/os: linux}
-    resources:
-      limits:
-        memory: 512Mi
-      requests:
-        cpu: 100m
-        memory: 512Mi
-    securityContext:
-      allowPrivilegeEscalation: false
-      capabilities:
-        drop:
-        - ALL
-      readOnlyRootFilesystem: true
-      runAsGroup: 999
-      runAsNonRoot: true
-      runAsUser: 1000
-    podSecurityContext:
-      fsGroup: 999
-      supplementalGroups:
-        - 999
-    extraRules: []
-    networkPolicy:
-      enabled: false
-      ingress: { }
-        # - from:
-        #   - ipBlock:
-        #       cidr: 0.0.0.0/0
-  audit:
-    enablePubsub: false
-    connection: audit-connection
-    channel: audit-channel
-    hostNetwork: false
-    dnsPolicy: ClusterFirst
-    metricsPort: 8888
-    healthPort: 9090
-    readinessTimeout: 1
-    livenessTimeout: 1
-    priorityClassName: system-cluster-critical
-    disableCertRotation: false
-    affinity: {}
-    tolerations: []
-    nodeSelector: {kubernetes.io/os: linux}
-    resources:
-      limits:
-        memory: 512Mi
-      requests:
-        cpu: 100m
-        memory: 512Mi
-    securityContext:
-      allowPrivilegeEscalation: false
-      capabilities:
-        drop:
-        - ALL
-      readOnlyRootFilesystem: true
-      runAsGroup: 999
-      runAsNonRoot: true
-      runAsUser: 1000
-    podSecurityContext:
-      fsGroup: 999
-      supplementalGroups:
-        - 999
-    writeToRAMDisk: false
-    extraRules: []
-  crds:
-    affinity: {}
-    tolerations: []
-    nodeSelector: {kubernetes.io/os: linux}
-    resources: {}
-    securityContext:
-      allowPrivilegeEscalation: false
-      capabilities:
-        drop:
-        - ALL
-      readOnlyRootFilesystem: true
-      runAsGroup: 65532
-      runAsNonRoot: true
-      runAsUser: 65532
-  pdb:
-    controllerManager:
-      minAvailable: 1
-  service: {}
-  disabledBuiltins: ["{http.send}"]
-  psp:
-    enabled: true
-  upgradeCRDs:
-    enabled: true
-    extraRules: []
-    priorityClassName: ""
-  rbac:
-    create: true
-  externalCertInjection:
-    enabled: false
-    secretName: gatekeeper-webhook-server-cert
+#gatekeeper:
+#  replicas: 3
+#  revisionHistoryLimit: 10
+#  auditInterval: 60
+#  metricsBackends: ["prometheus"]
+#  auditMatchKindOnly: false
+#  constraintViolationsLimit: 20
+#  auditFromCache: false
+#  disableMutation: false
+#  disableValidatingWebhook: false
+#  validatingWebhookName: gatekeeper-validating-webhook-configuration
+#  validatingWebhookTimeoutSeconds: 3
+#  validatingWebhookFailurePolicy: Ignore
+#  validatingWebhookAnnotations: {}
+#  validatingWebhookExemptNamespacesLabels: {}
+#  validatingWebhookObjectSelector: {}
+#  validatingWebhookCheckIgnoreFailurePolicy: Fail
+#  validatingWebhookCustomRules: {}
+#  validatingWebhookURL: null
+#  enableDeleteOperations: false
+#  enableExternalData: true
+#  enableGeneratorResourceExpansion: true
+#  enableTLSHealthcheck: false
+#  maxServingThreads: -1
+#  mutatingWebhookName: gatekeeper-mutating-webhook-configuration
+#  mutatingWebhookFailurePolicy: Ignore
+#  mutatingWebhookReinvocationPolicy: Never
+#  mutatingWebhookAnnotations: {}
+#  mutatingWebhookExemptNamespacesLabels: {}
+#  mutatingWebhookObjectSelector: {}
+#  mutatingWebhookTimeoutSeconds: 1
+#  mutatingWebhookCustomRules: {}
+#  mutatingWebhookURL: null
+#  mutationAnnotations: false
+#  auditChunkSize: 500
+#  logLevel: INFO
+#  logDenies: false
+#  logMutations: false
+#  emitAdmissionEvents: false
+#  emitAuditEvents: false
+#  admissionEventsInvolvedNamespace: false
+#  auditEventsInvolvedNamespace: false
+#  resourceQuota: true
+#  externaldataProviderResponseCacheTTL: 3m
+#  image:
+#    repository: openpolicyagent/gatekeeper
+#    crdRepository: openpolicyagent/gatekeeper-crds
+#    release: v3.15.0-beta.0
+#    pullPolicy: Always
+#    pullSecrets: []
+#  preInstall:
+#    crdRepository:
+#      image:
+#        repository: null
+#        tag: v3.15.0-beta.0
+#  postUpgrade:
+#    labelNamespace:
+#      enabled: false
+#      image:
+#        repository: openpolicyagent/gatekeeper-crds
+#        tag: v3.15.0-beta.0
+#        pullPolicy: IfNotPresent
+#        pullSecrets: []
+#      extraNamespaces: []
+#      podSecurity: ["pod-security.kubernetes.io/audit=restricted",
+#        "pod-security.kubernetes.io/audit-version=latest",
+#        "pod-security.kubernetes.io/warn=restricted",
+#        "pod-security.kubernetes.io/warn-version=latest",
+#        "pod-security.kubernetes.io/enforce=restricted",
+#        "pod-security.kubernetes.io/enforce-version=v1.24"]
+#      extraAnnotations: {}
+#      priorityClassName: ""
+#    affinity: {}
+#    tolerations: []
+#    nodeSelector: {kubernetes.io/os: linux}
+#    resources: {}
+#    securityContext:
+#      allowPrivilegeEscalation: false
+#      capabilities:
+#        drop:
+#        - ALL
+#      readOnlyRootFilesystem: true
+#      runAsGroup: 999
+#      runAsNonRoot: true
+#      runAsUser: 1000
+#  postInstall:
+#    labelNamespace:
+#      enabled: true
+#      extraRules: []
+#      image:
+#        repository: openpolicyagent/gatekeeper-crds
+#        tag: v3.15.0-beta.0
+#        pullPolicy: IfNotPresent
+#        pullSecrets: []
+#      extraNamespaces: []
+#      podSecurity: ["pod-security.kubernetes.io/audit=restricted",
+#        "pod-security.kubernetes.io/audit-version=latest",
+#        "pod-security.kubernetes.io/warn=restricted",
+#        "pod-security.kubernetes.io/warn-version=latest",
+#        "pod-security.kubernetes.io/enforce=restricted",
+#        "pod-security.kubernetes.io/enforce-version=v1.24"]
+#      extraAnnotations: {}
+#      priorityClassName: ""
+#    probeWebhook:
+#      enabled: true
+#      image:
+#        repository: curlimages/curl
+#        tag: 7.83.1
+#        pullPolicy: IfNotPresent
+#        pullSecrets: []
+#      waitTimeout: 60
+#      httpTimeout: 2
+#      insecureHTTPS: false
+#      priorityClassName: ""
+#    affinity: {}
+#    tolerations: []
+#    nodeSelector: {kubernetes.io/os: linux}
+#    securityContext:
+#      allowPrivilegeEscalation: false
+#      capabilities:
+#        drop:
+#        - ALL
+#      readOnlyRootFilesystem: true
+#      runAsGroup: 999
+#      runAsNonRoot: true
+#      runAsUser: 1000
+#  preUninstall:
+#    deleteWebhookConfigurations:
+#      extraRules: []
+#      enabled: false
+#      image:
+#        repository: openpolicyagent/gatekeeper-crds
+#        tag: v3.15.0-beta.0
+#        pullPolicy: IfNotPresent
+#        pullSecrets: []
+#      priorityClassName: ""
+#    affinity: {}
+#    tolerations: []
+#    nodeSelector: {kubernetes.io/os: linux}
+#    resources: {}
+#    securityContext:
+#      allowPrivilegeEscalation: false
+#      capabilities:
+#        drop:
+#        - ALL
+#      readOnlyRootFilesystem: true
+#      runAsGroup: 999
+#      runAsNonRoot: true
+#      runAsUser: 1000
+#  podAnnotations: {}
+#  auditPodAnnotations: {}
+#  podLabels: {}
+#  podCountLimit: "100"
+#  secretAnnotations: {}
+#  enableRuntimeDefaultSeccompProfile: true
+#  controllerManager:
+#    exemptNamespaces: []
+#    exemptNamespacePrefixes: []
+#    hostNetwork: false
+#    dnsPolicy: ClusterFirst
+#    port: 8443
+#    metricsPort: 8888
+#    healthPort: 9090
+#    readinessTimeout: 1
+#    livenessTimeout: 1
+#    priorityClassName: system-cluster-critical
+#    disableCertRotation: false
+#    tlsMinVersion: 1.3
+#    clientCertName: ""
+#    strategyType: RollingUpdate
+#    affinity:
+#      podAntiAffinity:
+#        preferredDuringSchedulingIgnoredDuringExecution:
+#          - podAffinityTerm:
+#              labelSelector:
+#                matchExpressions:
+#                  - key: gatekeeper.sh/operation
+#                    operator: In
+#                    values:
+#                      - webhook
+#              topologyKey: kubernetes.io/hostname
+#            weight: 100
+#    topologySpreadConstraints: []
+#    tolerations: []
+#    nodeSelector: {kubernetes.io/os: linux}
+#    resources:
+#      limits:
+#        memory: 512Mi
+#      requests:
+#        cpu: 100m
+#        memory: 512Mi
+#    securityContext:
+#      allowPrivilegeEscalation: false
+#      capabilities:
+#        drop:
+#        - ALL
+#      readOnlyRootFilesystem: true
+#      runAsGroup: 999
+#      runAsNonRoot: true
+#      runAsUser: 1000
+#    podSecurityContext:
+#      fsGroup: 999
+#      supplementalGroups:
+#        - 999
+#    extraRules: []
+#    networkPolicy:
+#      enabled: false
+#      ingress: { }
+#        # - from:
+#        #   - ipBlock:
+#        #       cidr: 0.0.0.0/0
+#  audit:
+#    enablePubsub: false
+#    connection: audit-connection
+#    channel: audit-channel
+#    hostNetwork: false
+#    dnsPolicy: ClusterFirst
+#    metricsPort: 8888
+#    healthPort: 9090
+#    readinessTimeout: 1
+#    livenessTimeout: 1
+#    priorityClassName: system-cluster-critical
+#    disableCertRotation: false
+#    affinity: {}
+#    tolerations: []
+#    nodeSelector: {kubernetes.io/os: linux}
+#    resources:
+#      limits:
+#        memory: 512Mi
+#      requests:
+#        cpu: 100m
+#        memory: 512Mi
+#    securityContext:
+#      allowPrivilegeEscalation: false
+#      capabilities:
+#        drop:
+#        - ALL
+#      readOnlyRootFilesystem: true
+#      runAsGroup: 999
+#      runAsNonRoot: true
+#      runAsUser: 1000
+#    podSecurityContext:
+#      fsGroup: 999
+#      supplementalGroups:
+#        - 999
+#    writeToRAMDisk: false
+#    extraRules: []
+#  crds:
+#    affinity: {}
+#    tolerations: []
+#    nodeSelector: {kubernetes.io/os: linux}
+#    resources: {}
+#    securityContext:
+#      allowPrivilegeEscalation: false
+#      capabilities:
+#        drop:
+#        - ALL
+#      readOnlyRootFilesystem: true
+#      runAsGroup: 65532
+#      runAsNonRoot: true
+#      runAsUser: 65532
+#  pdb:
+#    controllerManager:
+#      minAvailable: 1
+#  service: {}
+#  disabledBuiltins: ["{http.send}"]
+#  psp:
+#    enabled: true
+#  upgradeCRDs:
+#    enabled: true
+#    extraRules: []
+#    priorityClassName: ""
+#  rbac:
+#    create: true
+#  externalCertInjection:
+#    enabled: false
+#    secretName: gatekeeper-webhook-server-cert
+#