-
Botaniker (Bot) authoredBotaniker (Bot) authored
release.yaml 1.63 KiB
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: renovate
namespace: renovate
spec:
serviceAccountName: flux-reconciler
timeout: 5m
releaseName: renovate
chart:
spec:
chart: renovate
sourceRef:
kind: HelmRepository
name: renovate
version: 37.214.0
interval: 5m
valuesFrom:
- kind: ConfigMap
name: renovate-base-values
valuesKey: values.yaml
- kind: ConfigMap
name: renovate-override-values
valuesKey: values-overrides.yaml
optional: true
- kind: Secret
name: renovate-override-values
valuesKey: values-overrides.yaml
optional: true
install:
remediation:
retries: -1
upgrade:
remediation:
retries: -1
---
apiVersion: v1
kind: ConfigMap
metadata:
name: renovate-base-values
namespace: renovate
data:
values.yaml: |
renovate:
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
serviceAccount:
create: true
extraVolumes:
- name: cache
ephemeral:
volumeClaimTemplate:
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
extraVolumeMounts:
- name: cache
mountPath: /cache
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroupChangePolicy: Always
fsGroup: 1000
seccompProfile: