# Default values for vault-operator.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

replicaCount: 1

image:
  bankVaultsRepository: ghcr.io/banzaicloud/bank-vaults
  repository: ghcr.io/banzaicloud/vault-operator
  # tag: ""
  pullPolicy: IfNotPresent
  imagePullSecrets: []  # global.imagePullSecrets is also supported

service:
  name: ""
  type: ClusterIP
  externalPort: 80
  internalPort: 8080
  annotations: {}

nameOverride: ""
fullnameOverride: ""

crdAnnotations: {}

# The namespace where the operator watches for vault CRD objects, if not defined
# all namespaces are watched
watchNamespace: ""
syncPeriod: "1m"

labels: {}
  #  team: banzai

podLabels: {}
  #  team: banzai

podAnnotations: {}
  #  team: banzai

resources:
  limits:
    memory: 256Mi
  requests:
    cpu: 100m
    memory: 128Mi

affinity: {}

# # if tolerations are used inside cluster, define tolerations as well
tolerations: []
#   - effect: NoSchedule
#     key: node_role
#     operator: Equal
#     value: custom_worker

# # If needed, define nodeSelector for vault operator
nodeSelector: {}
#   "node-role.kubernetes.io/custom_worker": "true"

podSecurityContext: {}

securityContext: {}

## Assign a PriorityClassName to pods if set
priorityClassName: ""

terminationGracePeriodSeconds: 10

livenessProbe:
  initialDelaySeconds: 60
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 1
readinessProbe:
  periodSeconds: 10
  successThreshold: 1
  timeoutSeconds: 1

psp:
  enabled: false
  vaultSA: "vault"

serviceAccount:
  # Specifies whether a service account should be created
  create: true
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: ""
monitoring:
  # Create a Vault Operator ServiceMonitor object
  serviceMonitor:
    enabled: true
    additionalLabels: {}
    metricRelabelings: []
    relabelings: []