forked from NVIDIA/OpenShell
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathvalues-spire-stack.yaml
More file actions
24 lines (22 loc) · 866 Bytes
/
Copy pathvalues-spire-stack.yaml
File metadata and controls
24 lines (22 loc) · 866 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# SPDX-FileCopyrightText: Copyright (c) 2025-2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
# SPIRE hardened chart values for the local Helm dev environment.
global:
spire:
clusterName: openshell-dev
jwtIssuer: https://spire-spiffe-oidc-discovery-provider.spire.svc.cluster.local
trustDomain: openshell.local
spire-server:
defaultJwtSvidTTL: 5m
controllerManager:
identities:
clusterSPIFFEIDs:
openshell-sandboxes:
enabled: true
spiffeIDTemplate: 'spiffe://{{ .TrustDomain }}/openshell/sandbox/{{ index .PodMeta.Annotations "openshell.io/sandbox-id" }}'
namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: openshell
podSelector:
matchLabels:
openshell.ai/managed-by: openshell