Skip to main content
Version: 0.8.1

Helm chart reference

This is a reference of all the configurable values in weave gitops's helm chart. This is intended for customizing your installation after you've gone through the getting started guide.

This reference was generated for the chart version 2.0.9 which installs weave gitops v0.8.1.

Values

KeyTypeDefaultDescription
adminUser.createboolfalseWhether the local admin user should be created. If you use this make sure you add it to rbac.impersonationResourceNames.
adminUser.createClusterRolebooltrueSpecifies whether the clusterRole & binding to the admin user should be created. Will be created only if adminUser.create is enabled. Without this, the adminUser will only be able to see resources in the flux-system namespace.
adminUser.createSecretbooltrueWhether we should create the secret for the local adminUser. Will be created only if adminUser.create is enabled. Without this, we'll still set up the roles and permissions, but the secret with username and password has to be provided separately.
adminUser.passwordHashstringnilSet the password for local admin user. Requires adminUser.create and adminUser.createSecret This needs to have been hashed using the bcrypt algorithm. E.g. go install github.com/bitnami/bcrypt-cli@v1.0.2 && bcrypt-cli <<< $PASSWORD
adminUser.usernamestring"gitops-test-user"Set username for local admin user, these will be stored in a secret in k8s. Requires adminUser.create and adminUser.createSecret.
affinityobject{}
fullnameOverridestring""
image.pullPolicystring"IfNotPresent"
image.repositorystring"ghcr.io/weaveworks/wego-app"
image.tagstring"v0.8.1"
imagePullSecretslist[]
ingress.annotationsobject{}
ingress.classNamestring""
ingress.enabledboolfalse
ingress.hostsstringnil
ingress.tlslist[]
logLevelstring"info"What log level to output. Valid levels are 'debug', 'info', 'warn' and 'error'
nameOverridestring""
nodeSelectorobject{}
podAnnotationsobject{}
podSecurityContextobject{}
rbac.createbooltrueSpecifies whether the clusterRole & binding to the service account should be created
rbac.impersonationResourceNameslist[]If non-empty, this limits the resources that the service account can impersonate. This applies to both users and groups, e.g. ['user1@corporation.com', 'user2@corporation.com', 'operations']
rbac.impersonationResourceslist["users","groups"]Limit the type of principal that can be impersonated
rbac.viewSecretsResourceNameslist["cluster-user-auth","oidc-auth"]If non-empty, this limits the secrets that can be accessed by the service account to the specified ones, e.g. ['weave-gitops-enterprise-credentials']
replicaCountint1
resourcesobject{}
securityContextobject{}
serverTLS.enableboolfalseEnable TLS termination in gitops itself. If you enable this, you need to create a secret, and specify the secretName. Another option is to create an ingress.
serverTLS.secretNamestring"my-secret-tls"Specify the tls secret name. This type of secrets have a key called tls.crt and tls.key containing their corresponding values in base64 format. See https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets for more details and examples
service.annotationsobject{}
service.createbooltrue
service.portint9001
service.typestring"ClusterIP"
serviceAccount.annotationsobject{}Annotations to add to the service account
serviceAccount.createbooltrueSpecifies whether a service account should be created
serviceAccount.namestring""The name of the service account to use. If not set and create is true, a name is generated using the fullname template
tolerationslist[]