forked from sigstore/helm-charts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
scaffold.values.yaml
68 lines (65 loc) · 1.38 KB
/
scaffold.values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
fulcio:
server:
ingress:
className: nginx
http:
hosts:
- host: fulcio.sigstore.local
path: /
# tls:
# - hosts:
# - fulcio.sigstore.local
# secretName: fulcio-tls
volumeMounts:
- name: root-cert
mountPath: /etc/ssl/certs/ca-certificates.crt
subPath: rootca.crt
readOnly: true
volumes:
- name: root-cert
configMap:
name: root-cert
config:
contents:
OIDCIssuers:
https://dex.sigstore.local:
IssuerURL: https://dex.sigstore.local
ClientID: sigstore
Type: email
https://oauth2.sigstore.dev/auth:
IssuerURL: https://oauth2.sigstore.dev/auth
ClientID: sigstore
Type: email
IssuerClaim: $.federated_claims.connector_id
rekor:
server:
ingress:
className: nginx
hosts:
- host: rekor.sigstore.local
path: /
# tls:
# - hosts:
# - rekor.sigstore.local
# secretName: rekor-tls
copySecretJob:
enabled: true
tuf:
enabled: true
ingress:
className: nginx
http:
hosts:
- host: tuf.sigstore.local
path: /
# tls:
# - hosts:
# - tuf.sigstore.local
# secretName: tuf-tls
secrets:
rekor:
enabled: true
fulcio:
enabled: true
ctlog:
enabled: true