crowdsecurity · Llyth · Jul 10, 2025
diff --git a/charts/crowdsec/ci/crowdsec-values.yaml b/charts/crowdsec/ci/crowdsec-values.yaml
@@ -48,8 +48,16 @@ appsec:
       outofband_rules:
         - crowdsecurity/crs
       inband_rules:
-        - crowdsecurity/base-config 
+        - crowdsecurity/base-config
         - crowdsecurity/vpatch-*
   env:
     - name: COLLECTIONS
       value: "crowdsecurity/appsec-virtual-patching crowdsecurity/appsec-crs"
+
+extraManifests:
+  - apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      name: extra-configmap
+    data:
+      key: value
diff --git a/charts/crowdsec/templates/extra-manifests.yaml b/charts/crowdsec/templates/extra-manifests.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraManifests }}
+---
+{{ tpl (toYaml .) $ }}
+{{ end }}
diff --git a/charts/crowdsec/values.yaml b/charts/crowdsec/values.yaml
@@ -27,6 +27,15 @@ podAnnotations: {}
 # -- Labels to be added to pods
 podLabels: {}
 
+# --  A list of extra manifests to be installed with this chart. This is useful for installing additional resources that are not part of the chart
+extraManifests: []
+  # - apiVersion: v1
+  #   kind: ConfigMap
+  #   metadata:
+  #     name: extra-configmap
+  #   data:
+  #     key: value
+
 # Here you can specify your own custom configuration to be loaded in crowdsec agent or lapi
 # Each config needs to be a multi-line using '|' in YAML specs
 # for the agent those configs will be loaded : parsers, scenarios, postoverflows, simulation.yaml
@@ -124,11 +133,11 @@ config:
     # slack.yaml: ""
     # http.yaml: ""
     # splunk.yaml: ""
-  
+
   # General configuration (https://docs.crowdsec.net/docs/configuration/crowdsec_configuration/#configuration-example)
   # This file is only mounted in the agent pod
   agent_config.yaml.local: ""
-  
+
   # General configuration (https://docs.crowdsec.net/docs/configuration/crowdsec_configuration/#configuration-example)
   # This file is only mounted in the appsec pod
   appsec_config.yaml.local: ""
@@ -359,7 +368,7 @@ lapi:
     # postStart:
     #   exec:
     #     command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"]
-  
+
   # -- storeCAPICredentialsInSecret
   # -- If set to true, the Central API credentials will be stored in a secret (to use when lapi replicas > 1)
   storeCAPICredentialsInSecret: false
@@ -381,7 +390,7 @@ agent:
   # -- strategy for agent if isDeployment is set to true
   strategy:
     type: Recreate
-  
+
   # -- add your custom ports here, by default we expose port 6060 for metrics if metrics is enabled
   ports: []
     # - name: http-datasource
@@ -598,7 +607,7 @@ appsec:
     #  outofband_rules:
     #    - crowdsecurity/crs
     #  inband_rules:
-    #    - crowdsecurity/base-config 
+    #    - crowdsecurity/base-config
     #    - crowdsecurity/vpatch-*
   # -- appsec_configs to disable
   # -- appsec_rules (https://docs.crowdsec.net/docs/next/appsec/rules_syntax)
@@ -623,7 +632,7 @@ appsec:
     #    label: "A good description of the rule"
     #    classification:
     #      - cve.CVE-xxxx-xxxxx
-    #      - attack.Txxxx 
+    #      - attack.Txxxx
 
   # -- priorityClassName for appsec pods
   priorityClassName: ""
@@ -673,7 +682,7 @@ appsec:
   tolerations: []
   # -- affinity for appsec
   affinity: {}
-  
+
   # -- livenessProbe for appsec
   livenessProbe:
     httpGet:
@@ -705,7 +714,7 @@ appsec:
     timeoutSeconds: 5
     failureThreshold: 30
 
-  # -- Enable service monitoring (exposes "metrics" port "6060" for Prometheus and "7422" for AppSec) 
+  # -- Enable service monitoring (exposes "metrics" port "6060" for Prometheus and "7422" for AppSec)
   metrics:
     enabled: true
     # -- Creates a ServiceMonitor so Prometheus will monitor this service

diff --git a/charts/helloworld/templates/extra-manifests.yaml b/charts/helloworld/templates/extra-manifests.yaml
@@ -0,0 +1,4 @@
+{{ range .Values.extraManifests }}
+---
+{{ tpl (toYaml .) $ }}
+{{ end }}
diff --git a/charts/helloworld/templates/tests/test-connection.yaml b/charts/helloworld/templates/tests/test-connection.yaml
@@ -13,3 +13,11 @@ spec:
       command: ['wget']
       args: ['{{ include "helloworld.fullname" . }}:{{ .Values.service.port }}']
   restartPolicy: Never
+
+extraManifests:
+  - apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      name: extra-configmap
+    data:
+      key: value
diff --git a/charts/helloworld/values.yaml b/charts/helloworld/values.yaml
@@ -35,6 +35,15 @@ securityContext: {}
   # runAsNonRoot: true
   # runAsUser: 1000
 
+# --  A list of extra manifests to be installed with this chart. This is useful for installing additional resources that are not part of the chart
+extraManifests: []
+  # - apiVersion: v1
+  #   kind: ConfigMap
+  #   metadata:
+  #     name: extra-configmap
+  #   data:
+  #     key: value
+
 service:
   name: helloworld
   type: ClusterIP