8 repository: chainguard-private/curl
10 version: sha256:a8afc7470364f424bcbcabc8ca1feb9a740bde25831fde6911652158ac6e7764
11 imagePullPolicy: IfNotPresent
12initContainerResources: {}
26 repository: chainguard-private/redis
27 pullPolicy: IfNotPresent
28 # -- 6.2.17-alpine3.21
29 version: sha256:c3a4eb01acb3949696e54b9b130c87a1d90819bfb057070ecf46c39b41df9e12
40 initialDelaySeconds: 5
50 - test "$(redis-cli -h 127.0.0.1 ping)" = "PONG"
52 initialDelaySeconds: 5
62 - test "$(redis-cli -h 127.0.0.1 ping)" = "PONG"
83 repository: chainguard-private/cloud-sql-proxy
84 # -- crane digest gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.19.0-alpine
85 version: sha256:11674e606556bc5f436c9876ffd435499fc57b11ff707c7ff42a2d0011a45b41
91 allowPrivilegeEscalation: false
92 readOnlyRootFilesystem: true
109 repository: chainguard-private/mariadb
110 pullPolicy: IfNotPresent
111 version: sha256:bbbde7e5a4372295241d0e70eb48b0c9aad2192c6a43ee51ad6f40c900e5dd64
119 repository: chainguard-private/rekor-server
120 pullPolicy: IfNotPresent
121 # crane digest ghcr.io/sigstore/rekor/rekor-server:v1.5.2
122 version: latest@sha256:f9531978143d5bab725c37d1d938ade6e1a1404d2e7524990eaae0b59cb8538f
123 # -- KMS type for signing key (possible values: "" / "none", "aws")
125 # -- AWS region if using AWS KMS for signing key
126 awsKmsRegion: us-east-1
127 # -- kubernetes secret name containing IAM credentials for use with AWS KMS
128 awsKmsCredentialsSecretName: aws-kms-credentials
148 staticGlobalIP: lb-ext-ip
149 frontendConfigSpec: # https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#configuring_ingress_features_through_frontendconfig_parameters
150 sslPolicy: rekor-ssl-policy
153 backendConfigSpec: # https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#configuring_ingress_features_through_backendconfig_parameters
155 name: rekor-security-policy
171 initialDelaySeconds: 10
181 filename: sharding-config.yaml
184 initialDelaySeconds: 30
202 bucket: file:///var/run/attestations
208 mountPath: /var/lib/mysql
214 prometheus.io/scrape: "true"
215 prometheus.io/path: /metrics
216 prometheus.io/port: "2112"
235 repository: chainguard-private/sigstore-scaffolding-trillian-createtree
236 pullPolicy: IfNotPresent
238 version: sha256:5d3918f724f0f4fffea406f392d5da7d14a599103f135f84f46213fc7b194892
239 ttlSecondsAfterFinished: 3600
254# Configure backfillredis to repair indices that were not inserted into Redis.
260 repository: chainguard-private/rekor-backfill-index
261 pullPolicy: IfNotPresent
263 version: sha256:3402ab410ffae622589f0887124522cabce8ba888aaa821c9f9cd1adfc22c148
264 ttlSecondsAfterFinished: 3600
268 rekorAddress: rekor.rekor-system.svc
278# Configure Trillian dependency
282 name: trillian-system
284 forceNamespace: trillian-system
285 fullnameOverride: trillian
288 name: trillian-logserver
289 fullnameOverride: trillian-logserver
293 name: trillian-logsigner
294 fullnameOverride: trillian-logsigner
296 fullnameOverride: trillian-mysql
297# Force namespace of namespaced resources