chore: import upstream snapshot with attribution

This commit is contained in:
wehub-resource-sync
2026-07-13 13:32:57 +08:00
commit cd420f9332
4811 changed files with 884702 additions and 0 deletions
+922
View File
@@ -0,0 +1,922 @@
global:
imageRegistry: ""
imagePullSecrets: []
storageClass: ""
security:
# Required when using bitnami legacy images
allowInsecureImages: true
nameOverride: ""
fullnameOverride: ""
# Secrets configuration
# IMPORTANT: The default values below are for TESTING ONLY and should NOT be used in production
# For production deployments:
# 1. Generate new secrets using: openssl rand -hex 16
# 2. Override these values in your values.yaml or use external secret management
# 3. Each secret must be exactly 32 hex characters (16 bytes)
secrets:
# Enable/disable creation of secrets
# Set to false to use external secret management (Vault, Infisical, External Secrets, etc.)
# When disabled, you can also use extraEnvVars and podAnnotations for secret injection
enabled: true
# Name of existing secret to use instead of creating one
# If empty, a secret will be created with the values below
# The secret must contain the following keys:
# - SESSION_SECRET
# - MAGIC_LINK_SECRET
# - ENCRYPTION_KEY
# - MANAGED_WORKER_SECRET
existingSecret: ""
# Session secret for user authentication (32 hex chars)
sessionSecret: "2818143646516f6fffd707b36f334bbb"
# Magic link secret for passwordless login (32 hex chars)
magicLinkSecret: "44da78b7bbb0dfe709cf38931d25dcdd"
# Encryption key for sensitive data (32 hex chars)
encryptionKey: "f686147ab967943ebbe9ed3b496e465a"
# Worker secret for managed worker authentication (32 hex chars)
managedWorkerSecret: "447c29678f9eaf289e9c4b70d3dd8a7f"
# Object store credentials moved to s3.auth and s3.external section
# Webapp configuration
webapp:
image:
registry: ghcr.io
repository: triggerdotdev/trigger.dev
tag: "" # Defaults to Chart.appVersion when empty
pullPolicy: IfNotPresent
# Init container for shared directory setup
volumePermissions:
image:
registry: docker.io
repository: busybox
tag: "1.35"
pullPolicy: IfNotPresent
# Sidecar for token syncing
tokenSyncer:
image:
registry: docker.io
repository: bitnamilegacy/kubectl
tag: "1.28"
pullPolicy: IfNotPresent
# Origin configuration
appOrigin: "http://localhost:3040"
loginOrigin: "http://localhost:3040"
apiOrigin: "http://localhost:3040"
replicaCount: 1
service:
type: ClusterIP
port: 3030
targetPort: 3000
podAnnotations: {}
# podSecurityContext:
# fsGroup: 1000
# securityContext:
# runAsNonRoot: true
# runAsUser: 1000
nodeSelector: {}
tolerations: []
affinity: {}
# Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
topologySpreadConstraints: []
logLevel: "info"
gracefulShutdownTimeout: 1000
# Bootstrap configuration
bootstrap:
enabled: true
workerGroupName: "bootstrap"
workerTokenPath: "/home/node/shared/worker_token"
# Limits
limits:
taskPayloadOffloadThreshold: 524288 # 512KB
taskPayloadMaximumSize: 3145728 # 3MB
batchTaskPayloadMaximumSize: 1000000 # 1MB
taskRunMetadataMaximumSize: 262144 # 256KB
defaultEnvExecutionConcurrencyLimit: 100
defaultOrgExecutionConcurrencyLimit: 300
# Resources
resources:
{}
# Example resource configuration:
# limits:
# cpu: 1000m
# memory: 2Gi
# requests:
# cpu: 500m
# memory: 1Gi
# Connectivity check configuration
connectivityCheck:
postgres: true # Set to false to disable DATABASE_HOST env var (overrides postgres.external.connectivityCheck)
# Extra environment variables for webapp
extraEnvVars:
[]
# - name: CUSTOM_VAR
# value: "custom-value"
# - name: SECRET_VAR
# valueFrom:
# secretKeyRef:
# name: my-secret
# key: secret-key
#
# Example: PostgreSQL SSL with custom CA certificate
# - name: NODE_EXTRA_CA_CERTS
# value: "/etc/ssl/certs/postgres-ca.crt"
# Extra volumes for the webapp pod
extraVolumes:
[]
# - name: config-volume
# configMap:
# name: my-config
# - name: secret-volume
# secret:
# secretName: my-secret
#
# Example: PostgreSQL SSL CA certificate volume
# - name: postgres-ca-cert
# secret:
# secretName: postgres-ca-secret
# items:
# - key: ca.crt
# path: postgres-ca.crt
# Extra volume mounts for the webapp container
extraVolumeMounts:
[]
# - name: config-volume
# mountPath: /etc/config
# readOnly: true
# - name: secret-volume
# mountPath: /etc/secrets
# readOnly: true
#
# Example: PostgreSQL SSL CA certificate mount
# - name: postgres-ca-cert
# mountPath: /etc/ssl/certs
# readOnly: true
# ServiceMonitor for Prometheus monitoring
serviceMonitor:
enabled: false
interval: "30s"
path: "/metrics"
labels: {}
basicAuth: {}
# Health probe configuration
livenessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 5
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 5
successThreshold: 1
startupProbe:
enabled: false
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 60
successThreshold: 1
clickhouse:
logLevel: "info" # one of: log, error, warn, info, debug
runReplication:
logLevel: "info" # one of: log, error, warn, info, debug
# ServiceAccount configuration
serviceAccount:
create: true
# Name of the ServiceAccount to use. Required when create is false - otherwise
# the token-syncer RoleBinding would bind to the namespace's "default" SA.
name: ""
# Annotations to add to the ServiceAccount (e.g. eks.amazonaws.com/role-arn for IRSA)
annotations: {}
# Observability configuration (OTel)
observability:
tracing:
exporterUrl: ""
exporterAuthHeaders: ""
loggingEnabled: "0"
samplingRate: "20"
instrumentPrismaEnabled: "0"
disabled: "0"
logging:
exporterUrl: ""
# Log auth headers are currently set to tracing.exporterAuthHeaders
metrics:
exporterUrl: ""
exporterAuthHeaders: ""
exporterEnabled: "0"
exporterIntervalMs: 30000
# Webapp ingress configuration
ingress:
enabled: false
className: "traefik"
# Custom annotations for the ingress resource
# Note: The following annotation keys are reserved and will be automatically set:
# - cert-manager.io/cluster-issuer (when certManager.enabled is true)
# - external-dns.alpha.kubernetes.io/hostname (when externalDns.enabled is true)
# - external-dns.alpha.kubernetes.io/ttl (when externalDns.enabled is true)
annotations: {}
certManager:
enabled: false
clusterIssuer: "letsencrypt-prod"
externalDns:
enabled: false
hostname: ""
ttl: "300"
hosts:
- host: trigger.local
paths:
- path: /
pathType: Prefix
tls:
[]
# - secretName: trigger-tls
# hosts:
# - trigger.local
# Supervisor configuration
supervisor:
image:
registry: ghcr.io
repository: triggerdotdev/supervisor
tag: "" # Defaults to Chart.appVersion when empty
pullPolicy: IfNotPresent
podAnnotations: {}
# podSecurityContext:
# fsGroup: 1000
# securityContext:
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
ports:
workload: 3000
metrics: 9088
resources: {}
config:
kubernetes:
forceEnabled: true
namespace: "" # Default: uses release namespace
workerNodetypeLabel: "" # When set, runs will only be scheduled on nodes with "nodetype=<label>"
ephemeralStorageSizeLimit: "" # Default: 10Gi
ephemeralStorageSizeRequest: "" # Default: 2Gi´
podCleaner:
enabled: true
batchSize: 100
intervalMs: 10000 # 10 seconds´
failedPodHandler:
enabled: true
reconnectIntervalMs: 1000
workloadApi:
enabled: true
protocol: "http"
portExternal: 3000
portInternal: 3000
hostInternal: "0.0.0.0"
dequeue:
enabled: true
intervalMs: 250
maxRunCount: 100
idleIntervalMs: 500
runner:
heartbeatIntervalSeconds: 30
snapshotPollIntervalSeconds: 30
metrics:
enabled: true
collectDefaults: true
host: "0.0.0.0"
port: 9088
debug: false
# RBAC configuration
serviceAccount:
create: true
name: ""
annotations: {}
rbac:
create: true
# Namespace-scoped permissions for pod management
role:
name: ""
# Extra environment variables for Supervisor
extraEnvVars:
[]
# - name: CUSTOM_VAR
# value: "custom-value"
# ServiceMonitor for Prometheus monitoring
serviceMonitor:
enabled: false
interval: "30s"
path: "/metrics"
labels: {}
basicAuth: {}
# Health probe configuration
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 15
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
successThreshold: 1
startupProbe:
enabled: false
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 60
successThreshold: 1
# Bootstrap configuration
# When enabled: reads token from shared file, otherwise uses workerToken config
bootstrap:
enabled: true
workerTokenPath: "/home/node/shared/worker_token"
workerToken:
# Direct value (not recommended for production)
value: ""
# Secret reference
secret:
name: ""
key: ""
nodeSelector: {}
tolerations: []
affinity: {}
# PostgreSQL configuration
# Subchart: https://github.com/bitnami/charts/tree/main/bitnami/postgresql
postgres:
deploy: true
image:
# Use bitnami legacy repo
repository: bitnamilegacy/postgresql
# image: docker.io/bitnamilegacy/postgresql:17.5.0-debian-12-r12
# Bitnami PostgreSQL chart configuration (when deploy: true)
auth:
enablePostgresUser: true
postgresPassword: "postgres"
username: "postgres"
password: "postgres"
database: "main"
primary:
persistence:
enabled: true
size: 10Gi
resourcesPreset: "small"
resources: {}
configuration: |
listen_addresses = '*'
wal_level = logical
# Custom connection settings
connection:
schema: "public"
sslMode: "disable" # Use "require" or "verify-full" for production with custom CA
# External PostgreSQL connection (when deploy: false)
external:
# Database URL configuration - simplified approach using URLs instead of individual parameters
databaseUrl: "" # Full PostgreSQL connection URL (e.g., postgresql://user:pass@host:port/db?schema=public&sslmode=prefer)
directUrl: "" # Optional: Direct URL for migrations (if not set, databaseUrl will be used)
#
# Optional: Connectivity check configuration during webapp startup
connectivityCheck:
host: "" # Optional: hostname:port for wait-for-it script (e.g., "postgres.example.com:5432")
#
# Secure credential management
existingSecret: "" # Name of existing secret containing DATABASE_URL
secretKeys:
databaseUrlKey: "postgres-database-url" # Key in existing secret containing complete DATABASE_URL
directUrlKey: "postgres-direct-url" # Key in existing secret containing direct URL (optional)
#
# Example: For SSL connections with custom CA (e.g., AWS RDS):
# 1. Set connection.sslMode to "require" or "verify-full"
# 2. Create a secret with your CA certificate:
# kubectl create secret generic postgres-ca-secret --from-file=ca.crt=/path/to/rds-ca-cert.pem
# 3. Configure extraVolumes, extraVolumeMounts, and extraEnvVars (see webapp section above)
# Redis configuration
# Subchart: https://github.com/bitnami/charts/tree/main/bitnami/redis
redis:
deploy: true
image:
# Use bitnami legacy repo
repository: bitnamilegacy/redis
# image: docker.io/bitnamilegacy/redis:8.0.2-debian-12-r4
# Bitnami Redis chart configuration (when deploy: true)
auth:
enabled: false
# Single-node configuration (disable replica)
architecture: standalone
master:
persistence:
enabled: true
size: 5Gi
resources: {}
# External Redis connection (when deploy: false)
external:
host: ""
port: 6379
password: "" # Optional - ignored if existingSecret is set
tls:
enabled: false # Set to true for Redis instances requiring TLS (e.g., AWS ElastiCache)
#
# Secure credential management
existingSecret: "" # Name of existing secret containing password
existingSecretPasswordKey: "redis-password" # Key in existing secret containing password
# Electric configuration
electric:
deploy: true
image:
registry: docker.io
repository: electricsql/electric
tag: "1.2.4"
pullPolicy: IfNotPresent
config:
insecure: true
usageReporting: false
podAnnotations: {}
# podSecurityContext:
# fsGroup: 1000
# securityContext:
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
port: 3000
targetPort: 3000
resources: {}
# Health probe configuration
livenessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
startupProbe:
enabled: false
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 60
successThreshold: 1
# External Electric connection (when deploy: false)
external:
url: "" # For example: "http://electric:3000"
# Extra environment variables for Electric
extraEnvVars:
[]
# - name: CUSTOM_VAR
# value: "custom-value"
# S2 (realtime streams v2)
# s2-lite is the open-source, self-hostable S2 server (https://s2.dev). It backs
# realtime streams v2, which power AI-agent token streaming and run streams. When
# enabled, the webapp defaults to v2; set `defaultStreamVersion: v1` to fall back
# to the Redis-backed v1 streams. Disable entirely with `deploy: false` and no
# external endpoint.
s2:
deploy: true
image:
registry: ghcr.io
repository: s2-streamstore/s2
tag: "latest"
# Pinning by digest is strongly recommended for reproducible deployments
digest: "sha256:d6ded5ca7dd619fa7c946f06e39a98f9c95c6883c8bb884e5eaa129f232c920c"
pullPolicy: IfNotPresent
# Which stream protocol version the webapp defaults to when a client doesn't pin one.
# Only takes effect while S2 is enabled (deploy: true or an external endpoint set);
# with S2 fully disabled the webapp always falls back to v1.
defaultStreamVersion: "v2"
# Basin that holds realtime streams. Created on startup from the init config.
# Must be at least 8 characters.
basin: "trigger-realtime"
# s2-lite needs no authentication; skip minting per-stream access tokens.
# Set to false when pointing at a hosted S2 that requires a token.
skipAccessTokens: true
podAnnotations: {}
# s2-lite is distroless and runs as uid 65532. fsGroup makes the persistent
# volume writable by that user without running the container as root.
podSecurityContext:
fsGroup: 65532
securityContext:
runAsNonRoot: true
runAsUser: 65532
runAsGroup: 65532
service:
type: ClusterIP
port: 80
# High container port so s2-lite can bind as the non-root image user (65532)
# without needing CAP_NET_BIND_SERVICE for a privileged port
targetPort: 8080
# Persistent storage for the SlateDB-backed stream data
persistence:
enabled: true
size: 5Gi
accessMode: ReadWriteOnce
storageClass: ""
retain: false
resources: {}
# Health probe configuration (distroless image → TCP probes, no shell/HTTP tooling)
livenessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
# External S2 connection (when deploy: false). Point at a hosted S2 basin, e.g.
# "https://<basin>.b.aws.s2.dev/v1", set skipAccessTokens: false above, and
# supply an access token either inline or via an existing secret.
external:
endpoint: ""
accessToken: ""
existingSecret: ""
existingSecretAccessTokenKey: "access-token"
# ClickHouse configuration
# Subchart: https://github.com/bitnami/charts/tree/main/bitnami/clickhouse
clickhouse:
deploy: true
image:
# Use bitnami legacy repo
repository: bitnamilegacy/clickhouse
# image: docker.io/bitnamilegacy/clickhouse:25.7.5-debian-12-r0
# TLS/Secure connection configuration
secure: false # Set to true to use HTTPS and secure connections
# Bitnami ClickHouse chart configuration (when deploy: true)
auth:
username: "default"
password: "password"
# Single-node configuration (disable clustering for dev/test)
keeper:
enabled: false
shards: 1
replicaCount: 1
persistence:
enabled: true
size: 10Gi
## ClickHouse resource requests and limits
## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
## @param resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if resources is set (resources is recommended for production).
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
resourcesPreset: "xlarge"
resources: {}
# External ClickHouse connection (when deploy: false)
external:
host: ""
httpPort: 8123
nativePort: 9000
username: ""
password: "" # Optional - ignored if existingSecret is set
secure: false # Set to true for external secure connections
#
# Secure credential management
existingSecret: "" # Name of existing secret containing password
existingSecretKey: "clickhouse-password" # Key in existing secret containing password
# ClickHouse configuration override
# These defaults are based on official recommendations for systems with <16GB RAM:
# https://clickhouse.com/docs/operations/tips
configdFiles:
override.xml: |
<clickhouse>
<logger>
<level>warning</level>
</logger>
<!-- Official recommendations for systems with <16GB RAM -->
<mark_cache_size>524288000</mark_cache_size> <!-- 500MB -->
<concurrent_threads_soft_limit_num>1</concurrent_threads_soft_limit_num>
<profiles>
<default>
<max_block_size>8192</max_block_size>
<max_download_threads>1</max_download_threads>
<input_format_parallel_parsing>0</input_format_parallel_parsing>
<output_format_parallel_formatting>0</output_format_parallel_formatting>
</default>
</profiles>
</clickhouse>
# S3-compatible object storage configuration
# Subchart: https://github.com/bitnami/charts/tree/main/bitnami/minio
s3:
# Set to false to use external S3-compatible storage
# Set to true to deploy internal MinIO (default)
deploy: true
image:
# Use bitnami legacy repo
repository: bitnamilegacy/minio
# image: docker.io/bitnamilegacy/minio:2025.6.13-debian-12-r0
# MinIO Console (Browser UI) configuration
console:
image:
repository: bitnamilegacy/minio-object-browser
# image: docker.io/bitnamilegacy/minio-object-browser:2025.1.10-debian-12-r1
# Bitnami MinIO chart configuration (when deploy: true)
# MinIO provides S3-compatible storage when deployed internally
auth:
rootUser: "admin"
rootPassword: "very-safe-password"
# Webapp credentials for S3 access (defaults to root credentials if not specified)
accessKeyId: "" # Defaults to rootUser if empty
secretAccessKey: "" # Defaults to rootPassword if empty
# Existing secret support for webapp credentials
existingSecret: "" # If set, accessKeyId/secretAccessKey will be ignored
accessKeyIdSecretKey: "access-key-id" # Key in existingSecret containing access key ID
secretAccessKeySecretKey: "secret-access-key" # Key in existingSecret containing secret access key
# The required "packets" bucket is created by default.
defaultBuckets: "packets"
persistence:
enabled: true
size: 10Gi
resources: {}
# External S3 connection (when deploy: false)
external:
endpoint: "" # e.g., "https://s3.amazonaws.com" or "https://your-minio.com:9000"
accessKeyId: "admin" # Default for internal MinIO - change for production
secretAccessKey: "very-safe-password" # Default for internal MinIO - change for production
#
# Secure credential management
existingSecret: "" # Name of existing secret containing S3 credentials
existingSecretAccessKeyIdKey: "access-key-id" # Key in existing secret containing access key ID
existingSecretSecretAccessKeyKey: "secret-access-key" # Key in existing secret containing secret access key
#
# Multi-provider support (optional)
# To use multiple S3-compatible providers (e.g., S3 + R2), set defaultProtocol and configure named providers
# via extraEnvVars. For example:
# - OBJECT_STORE_DEFAULT_PROTOCOL=s3 # Protocol to use for new uploads
# - OBJECT_STORE_S3_BASE_URL=https://s3.amazonaws.com
# - OBJECT_STORE_S3_ACCESS_KEY_ID=...
# - OBJECT_STORE_S3_SECRET_ACCESS_KEY=...
# - OBJECT_STORE_R2_BASE_URL=https://...r2.cloudflarestorage.com
# - OBJECT_STORE_R2_ACCESS_KEY_ID=...
# - OBJECT_STORE_R2_SECRET_ACCESS_KEY=...
# See documentation for migration guide: https://trigger.dev/docs/self-hosting/env/webapp
# Docker Registry configuration
registry:
# EXPERIMENTAL - requires ingress/TLS setup or additional cluster configuration. Configure `external` details instead.
deploy: false
# This will be used when deploy: true
host: "registry.example.com"
# Docker repository namespace for deployed images, will be part of the image ref
repositoryNamespace: "trigger"
image:
registry: docker.io
repository: registry
tag: "2"
pullPolicy: IfNotPresent
auth:
enabled: true
username: "registry-user"
password: "very-secure-indeed"
# External Registry connection (when deploy: false)
external:
host: "localhost:5001"
auth:
enabled: false
username: ""
password: ""
podAnnotations: {}
# podSecurityContext:
# fsGroup: 1000
# securityContext:
# runAsNonRoot: true
# runAsUser: 1000
# Persistence configuration (Bitnami-style)
persistence:
enabled: true
# Name to assign the volume
volumeName: "data"
# Name of an existing PVC to use
existingClaim: ""
# The path the volume will be mounted at
mountPath: "/var/lib/registry"
# The subdirectory of the volume to mount to
subPath: ""
# PVC Storage Class for Registry data volume
storageClass: ""
# PVC Access Mode for Registry volume
accessModes:
- "ReadWriteOnce"
# PVC Storage Request for Registry volume
size: 10Gi
# Annotations for the PVC
annotations: {}
# Labels for the PVC
labels: {}
# Selector to match an existing Persistent Volume
selector: {}
# Custom PVC data source
dataSource: {}
service:
type: ClusterIP
port: 5000
targetPort: 5000
resources: {}
# Health probe configuration
livenessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
readinessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
startupProbe:
enabled: false
initialDelaySeconds: 0
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 60
successThreshold: 1
# Extra environment variables for Registry
extraEnvVars:
[]
# - name: CUSTOM_VAR
# value: "custom-value"
# Registry ingress configuration
ingress:
enabled: false
className: "traefik"
# Custom annotations for the ingress resource
# Note: The following annotation keys are reserved and will be automatically set:
# - cert-manager.io/cluster-issuer (when certManager.enabled is true)
# - external-dns.alpha.kubernetes.io/hostname (when externalDns.enabled is true)
# - external-dns.alpha.kubernetes.io/ttl (when externalDns.enabled is true)
annotations: {}
certManager:
enabled: false
clusterIssuer: "letsencrypt-prod"
externalDns:
enabled: false
hostname: ""
ttl: "300"
hosts:
- host: registry.local
paths:
- path: /
pathType: Prefix
tls:
[]
# - secretName: registry-tls
# hosts:
# - registry.local
# Shared persistent volumes
persistence:
# This is used for the worker token file
shared:
enabled: true
size: 5Mi
accessMode: ReadWriteOnce
# accessMode: ReadWriteMany # Use for cross-node deployment (requires compatible storage class)
storageClass: ""
retain: true # Prevents deletion on uninstall
# Telemetry configuration
telemetry:
enabled: true
# Extra Kubernetes manifests
# This allows you to add additional Kubernetes resources that will be deployed with the chart
extraManifests:
[]
# - apiVersion: v1
# kind: ConfigMap
# metadata:
# name: my-config
# data:
# key: value
# - apiVersion: apps/v1
# kind: Deployment
# metadata:
# name: my-app
# spec:
# replicas: 1
# selector:
# matchLabels:
# app: my-app
# template:
# metadata:
# labels:
# app: my-app
# spec:
# containers:
# - name: my-container
# image: nginx:latest