diff --git a/charts/crowdsec/ci/crowdsec-values.yaml b/charts/crowdsec/ci/crowdsec-values.yaml index 10752fb4..f6d9422a 100644 --- a/charts/crowdsec/ci/crowdsec-values.yaml +++ b/charts/crowdsec/ci/crowdsec-values.yaml @@ -48,8 +48,16 @@ appsec: outofband_rules: - crowdsecurity/crs inband_rules: - - crowdsecurity/base-config + - crowdsecurity/base-config - crowdsecurity/vpatch-* env: - name: COLLECTIONS value: "crowdsecurity/appsec-virtual-patching crowdsecurity/appsec-crs" + +extraManifests: + - apiVersion: v1 + kind: ConfigMap + metadata: + name: extra-configmap + data: + key: value diff --git a/charts/crowdsec/templates/extra-manifests.yaml b/charts/crowdsec/templates/extra-manifests.yaml new file mode 100644 index 00000000..928593c3 --- /dev/null +++ b/charts/crowdsec/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraManifests }} +--- +{{ tpl (toYaml .) $ }} +{{ end }} \ No newline at end of file diff --git a/charts/crowdsec/values.yaml b/charts/crowdsec/values.yaml index f2be8e54..49b9968d 100644 --- a/charts/crowdsec/values.yaml +++ b/charts/crowdsec/values.yaml @@ -27,6 +27,15 @@ podAnnotations: {} # -- Labels to be added to pods podLabels: {} +# -- A list of extra manifests to be installed with this chart. This is useful for installing additional resources that are not part of the chart +extraManifests: [] + # - apiVersion: v1 + # kind: ConfigMap + # metadata: + # name: extra-configmap + # data: + # key: value + # Here you can specify your own custom configuration to be loaded in crowdsec agent or lapi # Each config needs to be a multi-line using '|' in YAML specs # for the agent those configs will be loaded : parsers, scenarios, postoverflows, simulation.yaml @@ -124,11 +133,11 @@ config: # slack.yaml: "" # http.yaml: "" # splunk.yaml: "" - + # General configuration (https://docs.crowdsec.net/docs/configuration/crowdsec_configuration/#configuration-example) # This file is only mounted in the agent pod agent_config.yaml.local: "" - + # General configuration (https://docs.crowdsec.net/docs/configuration/crowdsec_configuration/#configuration-example) # This file is only mounted in the appsec pod appsec_config.yaml.local: "" @@ -359,7 +368,7 @@ lapi: # postStart: # exec: # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] - + # -- storeCAPICredentialsInSecret # -- If set to true, the Central API credentials will be stored in a secret (to use when lapi replicas > 1) storeCAPICredentialsInSecret: false @@ -381,7 +390,7 @@ agent: # -- strategy for agent if isDeployment is set to true strategy: type: Recreate - + # -- add your custom ports here, by default we expose port 6060 for metrics if metrics is enabled ports: [] # - name: http-datasource @@ -598,7 +607,7 @@ appsec: # outofband_rules: # - crowdsecurity/crs # inband_rules: - # - crowdsecurity/base-config + # - crowdsecurity/base-config # - crowdsecurity/vpatch-* # -- appsec_configs to disable # -- appsec_rules (https://docs.crowdsec.net/docs/next/appsec/rules_syntax) @@ -623,7 +632,7 @@ appsec: # label: "A good description of the rule" # classification: # - cve.CVE-xxxx-xxxxx - # - attack.Txxxx + # - attack.Txxxx # -- priorityClassName for appsec pods priorityClassName: "" @@ -673,7 +682,7 @@ appsec: tolerations: [] # -- affinity for appsec affinity: {} - + # -- livenessProbe for appsec livenessProbe: httpGet: @@ -705,7 +714,7 @@ appsec: timeoutSeconds: 5 failureThreshold: 30 - # -- Enable service monitoring (exposes "metrics" port "6060" for Prometheus and "7422" for AppSec) + # -- Enable service monitoring (exposes "metrics" port "6060" for Prometheus and "7422" for AppSec) metrics: enabled: true # -- Creates a ServiceMonitor so Prometheus will monitor this service diff --git a/charts/helloworld/templates/extra-manifests.yaml b/charts/helloworld/templates/extra-manifests.yaml new file mode 100644 index 00000000..928593c3 --- /dev/null +++ b/charts/helloworld/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraManifests }} +--- +{{ tpl (toYaml .) $ }} +{{ end }} \ No newline at end of file diff --git a/charts/helloworld/templates/tests/test-connection.yaml b/charts/helloworld/templates/tests/test-connection.yaml index 04236959..6e39855d 100644 --- a/charts/helloworld/templates/tests/test-connection.yaml +++ b/charts/helloworld/templates/tests/test-connection.yaml @@ -13,3 +13,11 @@ spec: command: ['wget'] args: ['{{ include "helloworld.fullname" . }}:{{ .Values.service.port }}'] restartPolicy: Never + +extraManifests: + - apiVersion: v1 + kind: ConfigMap + metadata: + name: extra-configmap + data: + key: value diff --git a/charts/helloworld/values.yaml b/charts/helloworld/values.yaml index e2013157..d2343e1a 100644 --- a/charts/helloworld/values.yaml +++ b/charts/helloworld/values.yaml @@ -35,6 +35,15 @@ securityContext: {} # runAsNonRoot: true # runAsUser: 1000 +# -- A list of extra manifests to be installed with this chart. This is useful for installing additional resources that are not part of the chart +extraManifests: [] + # - apiVersion: v1 + # kind: ConfigMap + # metadata: + # name: extra-configmap + # data: + # key: value + service: name: helloworld type: ClusterIP