8 repository: chainguard-private/curl
10 version: sha256:df6a5b122f3038224a275b4f09776cc3036b6f001da1ce74759c15dcc0e3fdeb
11 imagePullPolicy: IfNotPresent
12initContainerResources: {}
26 repository: chainguard-private/redis
27 pullPolicy: IfNotPresent
28 # -- 6.2.17-alpine3.21
29 version: sha256:2234bfd693ae4ed64d678587ef480235a289cb95e7e18572f8f608a2053e228e
40 initialDelaySeconds: 5
50 - test "$(redis-cli -h 127.0.0.1 ping)" = "PONG"
52 initialDelaySeconds: 5
62 - test "$(redis-cli -h 127.0.0.1 ping)" = "PONG"
83 repository: chainguard-private/cloud-sql-proxy
84 # -- crane digest gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.19.0-alpine
85 version: sha256:56f4f8c2a5c00f1721a37839eb378633eb822e18bbbfdbf51803d5e87e707b6f
91 allowPrivilegeEscalation: false
92 readOnlyRootFilesystem: true
109 repository: chainguard-private/mariadb
110 pullPolicy: IfNotPresent
111 version: sha256:8c6cec10f3a55c1a3ac20b084961ce02483260d52d8f13910fbc4a64fe9b39d1
119 repository: chainguard-private/rekor-server
120 pullPolicy: IfNotPresent
121 # crane digest ghcr.io/sigstore/rekor/rekor-server:v1.5.3
122 version: latest@sha256:6c75b514491c942ea06d9492f118029d1268c46713a6596ff1aa2a51b78ef1b0
123 # -- KMS type for signing key (possible values: "" / "none", "aws")
125 # -- AWS region if using AWS KMS for signing key
126 awsKmsRegion: us-east-1
127 # -- kubernetes secret name containing IAM credentials for use with AWS KMS
128 awsKmsCredentialsSecretName: aws-kms-credentials
148 staticGlobalIP: lb-ext-ip
149 frontendConfigSpec: # https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#configuring_ingress_features_through_frontendconfig_parameters
150 sslPolicy: rekor-ssl-policy
153 backendConfigSpec: # https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-configuration#configuring_ingress_features_through_backendconfig_parameters
155 name: rekor-security-policy
171 initialDelaySeconds: 10
181 filename: sharding-config.yaml
184 initialDelaySeconds: 30
202 bucket: file:///var/run/attestations
208 mountPath: /var/lib/mysql
214 prometheus.io/scrape: "true"
215 prometheus.io/path: /metrics
216 prometheus.io/port: "2112"
235 repository: chainguard-private/sigstore-scaffolding-trillian-createtree
236 pullPolicy: IfNotPresent
238 version: sha256:397fb547b465640ff0b875ec38866afb4b1182452b73b69ec19af8b5b1be22e4
239 ttlSecondsAfterFinished: 3600
254# Configure backfillredis to repair indices that were not inserted into Redis.
260 repository: chainguard-private/rekor-backfill-index
261 pullPolicy: IfNotPresent
263 version: sha256:63a6aa3e156c9b345a72d52aa35fefb32cf50082927444d1c5cf9d4d89c524bf
264 ttlSecondsAfterFinished: 3600
268 rekorAddress: rekor.rekor-system.svc
278# Configure Trillian dependency
282 name: trillian-system
284 forceNamespace: trillian-system
285 fullnameOverride: trillian
288 name: trillian-logserver
289 fullnameOverride: trillian-logserver
293 name: trillian-logsigner
294 fullnameOverride: trillian-logsigner
296 fullnameOverride: trillian-mysql
297# Force namespace of namespaced resources