Apicurio Helm Readme
Helm Charts to deploy Apicurio Registry
Values
| Key | Type | Default | Description |
|---|---|---|---|
affinity |
object |
|
The pod’s scheduling constraints. See the Kubernetes documentation on Affinity and Anti-affinity. |
apicurioKeycloak |
object |
|
Apicurio Keycloak Instance |
apicurioKeycloak.enabled |
bool |
|
Keycloak Components toggles |
apicurioKeycloak.proxy |
object |
|
Keycloak Proxy configuration |
apicurioKeycloak.realm |
string |
|
Apicurio realm name |
apicurioKeycloakMysql |
object |
|
Apicurio Keycloak MySQL Components toggles |
autoscaling.enabled |
bool |
|
Enables the creation of a HorizontalPodAutoscaler. |
autoscaling.maxReplicas |
int |
|
Upper limit for the number of replicas to which the autoscaler can scale up. Cannot be less that minReplicas. |
autoscaling.minReplicas |
int |
|
Lower limit for the number of replicas to which the autoscaler can scale down. |
autoscaling.targetCPUUtilizationPercentage |
int |
|
Percentage of CPU utilization that the autoscaler will try to meet. |
autoscaling.targetMemoryUtilizationPercentage |
int |
|
Percentage of memory utilization that the autoscaler will try to meet. |
config |
object |
|
Configuration passed to the container. Contents get injected to a
ConfigMap, which gets mounted as an |
debug |
object |
|
Debug Configuration passed to
the container. Enable |
env |
list |
|
Environment variables to define for the container. See the Kubernetes documentation on Environment Variables. |
extraContainers |
string |
|
Additional sidecar containers, e. g. for a database proxy, such as Google’s cloudsql-proxy |
extraInitContainers |
string |
|
Additional init containers, e. g. for configuring java-security |
extraVolumeMounts |
string |
|
Add additional volumes mounts, e. g. for java-security |
extraVolumes |
string |
|
Add additional volumes, e. g. for java-security |
fullnameOverride |
string |
|
Override the fully qualified app name generated by the chart. |
global.clusterDomain |
string |
|
The domain of the Kubernetes cluster. The vast majority of Kubernetes clusters use the default value. |
global.imagePullSecrets |
list |
|
Globally override the list of ImagePullSecrets provided. |
global.imageRegistry |
string |
|
Globally override the registry to pull images from. |
hostAliases |
list |
|
Optional list of hosts and IPs that will be injected into the pod’s hosts file. |
image.pullPolicy |
string |
|
One of |
image.registry |
string |
|
Registry to pull the image from. |
image.repository |
string |
|
Name of the image being deployed. |
image.tag |
string |
|
Override the image tag whose default is
the chart |
imagePullSecrets |
list |
|
List of ImagePullSecrets to apply to the service account. If the service account is disabled, it will be applied to the pod instead. |
ingress.annotations |
object |
|
Annotations to add to the Ingress resource. |
ingress.className |
string |
|
The name of the IngressClass cluster resource. The associated IngressClass defines which controller will implement the resource. |
ingress.enabled |
bool |
|
Enable creation of the Ingress resource to expose this service. |
ingress.hosts[0].host |
string |
|
The fully qualified domain name of a network host. |
ingress.hosts[0].paths[0].path |
string |
|
Matched against the path of an incoming request. |
ingress.hosts[0].paths[0].pathType |
string |
|
Determines the interpretation of the Path
matching. Can be one of the following values: |
ingress.tls |
list |
|
TLS configuration for this Ingress. |
kafka |
object |
|
Kafka Configuration passed to the Apicurio Registry |
kafka.bootstrapServers |
string |
|
Kafka bootstrap servers |
kafka.groupPatternOverride |
string |
|
Override group prefix to give access to (typically {tenant}.{instance}.apicurio) If you’d like a custom group prefix, you can specify an override here. |
kafka.schemasTopic |
string |
|
Fully resolved name of topic used to store topics (typically _{tenant}-{instance}-apicurio-schemas) -deployed by kafka init container |
kafkaInitContainer.apicurioPrincipal |
string |
|
The principal
common name used to produce and consume from schemas topic (should match
the one on
REGISTRY_KAFKA_COMMON_SSL_KEYSTORE_LOCATION) If
Kafka is configured to validate ACLs over the full principal chain,
please provide the principal chain as this example: [0] CN=Root
CA, [1] CN=Intermediate CA, [3] CN=schema-registry
Otherwise, just provide the common name prefixed with |
kafkaInitContainer.distributorPrincipal |
Optional |
|
Principal common name used to produce and consume from schemas topic by Distributor |
kafkaInitContainer.imageRegistry |
string |
|
Registry to pull the image from |
kafkaInitContainer.minIsr |
string |
|
min.isr of topic used to store topics |
kafkaInitContainer.replicationFactor |
string |
|
Replication factor of topic used to store topics |
kafkaInitContainer.repository |
string |
|
Name of the image being deployed |
kafkaInitContainer.resources |
object |
|
The resource requirements for this container. |
kafkaInitContainer.tag |
string |
|
Tag of the image being deployed |
kafkaInitContainer.tls.keypairSecretCertName |
string |
|
Existing Keypair certificate name |
kafkaInitContainer.tls.keypairSecretKeyName |
string |
|
Existing Keypair key name |
kafkaInitContainer.tls.keypairSecretName |
string |
|
Existing Keypair secret name |
kafkaInitContainer.tls.truststoreCaSecretCertName |
string |
|
Existing Truststore certificate name |
kafkaInitContainer.tls.truststoreCaSecretName |
string |
|
Existing Truststore secret name |
keystoreProvider.image.registry |
string |
|
Registry to pull the image from. |
keystoreProvider.image.repository |
string |
|
Name of the image being deployed. |
keystoreProvider.image.tag |
string |
|
|
keystoreProvider.resources |
object |
|
The resource requirements for this container. |
livenessProbe.failureThreshold |
int |
|
Minimum consecutive failures for the probe to be considered failed after having succeeded. A failed livenessProbe will cause the container to be restarted. |
livenessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before liveness probes are initiated. |
livenessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe. |
livenessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed. |
livenessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out. |
logLevel |
string |
|
Log Level configuration passed as REGISTRY_LOG_LEVEL |
nameOverride |
string |
|
Override the app name generated by the chart. |
nodeSelector |
object |
|
Selector which must match a node’s labels for the pod to be scheduled on that node. |
podAnnotations |
object |
|
Extra annotations to add to the Pods. |
podDisruptionBudget.enabled |
bool |
|
Enables creation of the PodDisruptionBudget. Ignored if replicaCount is 1. |
podDisruptionBudget.maxUnavailable |
int |
|
An eviction is allowed if at most “maxUnavailable” pods are unavailable after eviction. Mutually exclusive with minAvailable. |
podDisruptionBudget.minAvailable |
int |
|
An eviction is allowed if at least “minAvailable” pods will still be available after the eviction. Mutually exclusive with maxUnavailable. |
podSecurityContext |
object |
|
Pod-level security attributes and common container settings. |
priorityClass |
string |
|
Assigns a PriorityClass to the Pod. See Kubernetes documentation on Pod Priority and Preemption. |
prometheusRule.defaultRule.labels |
object |
|
Customize the labels to the default prometheusRule |
prometheusRule.enabled |
bool |
|
Enables creation of Prometheus
Operator
PrometheusRule.
Ignored if API |
prometheusRule.extraRules |
list |
|
A list alerting or recording rules to include on top of the defaults. These fields are templated. |
prometheusRule.interval |
string |
|
Determines how often rules in the group are evaluated. |
prometheusRule.labels |
object |
|
Additional labels for the PrometheusRule |
readinessProbe.failureThreshold |
int |
|
Minimum consecutive failures
for the probe to be considered failed after having succeeded. A failed
readinessProbe will cause the container to move to the |
readinessProbe.initialDelaySeconds |
int |
|
Number of seconds after the container has started before readiness probes are initiated. |
readinessProbe.periodSeconds |
int |
|
How often (in seconds) to perform the probe. |
readinessProbe.successThreshold |
int |
|
Minimum consecutive successes for the probe to be considered successful after having failed. |
readinessProbe.timeoutSeconds |
int |
|
Number of seconds after which the probe times out. |
replicaCount |
int |
|
Number of pods to deploy. |
resources |
object |
|
The resource requirements for this container. |
route.annotations |
object |
|
Annotations to add to the Route. |
route.enabled |
bool |
|
Enable creation of an OpenShift Route resource to expose this service. |
route.host |
string |
|
An alias/DNS that points to the service. Optional. If not specified, a route name will typically be automatically chosen. |
route.labels |
object |
|
Labels to add to the route. |
route.path |
string |
|
Path that the router watches for, to route traffic for to the service. |
route.subdomain |
string |
|
Subdomain is a DNS subdomain requested within the ingress controller’s domain (as a subdomain). If host is set this field is ignored. |
route.tls.caCertificate |
string |
|
The Certificate Authority certificate contents. |
route.tls.certificate |
string |
|
Certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. |
route.tls.destinationCACertificate |
string |
|
The CA certificate of the final destination. When using reencrypt termination, this file should be provided in order to have routers use it for health checks on the secure connection. |
route.tls.key |
string |
|
Key file contents. |
route.tls.termination |
string |
|
Indicates termination
type. One of: |
security |
object |
|
The configuration related to authentication and authorization of users to the registry Note: In order for any other authentication feature to work, security.authentication.enabled needs to be enabled |
security.keycloak |
object |
|
Attributes that are required for Apicurio to access the keycloak instance required only when security.authentication.enabled is true |
security.keycloak.authUrl |
string |
|
Keycloak Authentication URL |
security.keycloak.realm |
string |
|
Keycloak Realm used for Apicurio permissions and users |
security.keycloak.webClientId |
string |
|
Client ID for the Apicurio UI |
security.keycloak.webRedirectUrl |
string |
|
Apicurio UI URL |
securityContext |
object |
See |
Defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. |
service.httpPort |
int |
|
|
service.httpsPort |
int |
|
The port that will be exposed by the service. Note: this is independent of the ports opened on the container. |
service.type |
string |
|
Determines how the Service is exposed. |
serviceAccount.annotations |
object |
|
Annotations to add to the service account |
serviceAccount.create |
bool |
|
Specifies whether a service account should be created |
serviceAccount.name |
string |
|
The name of the service account to use. If not set and create is true, a name is generated using the fullname template. |
serviceMonitor.enabled |
bool |
|
Enables creation of Prometheus
Operator
ServiceMonitor.
Ignored if API |
serviceMonitor.interval |
string |
|
Interval at which metrics should be scraped. |
serviceMonitor.labels |
object |
|
Additional labels for the ServiceMonitor |
serviceMonitor.scrapeTimeout |
string |
|
Timeout after which the scrape is ended. |
tls.clientKeypairSecretName |
string |
|
Name of the Client KeyPair Secret type: kubernetes.io/tls |
tls.serverKeypairSecretName |
string |
|
Name of the Server KeyPair Secret type: kubernetes.io/tls |
tls.truststoreCaSecretName |
string |
|
Name of the Truststore Certificates Secret type: Opaque |
tolerations |
list |
|
The tolerations on this pod. See the Kubernetes documentation on Taints and Tolerations. |
topologySpreadConstraints |
list |
|
Describes how a group of pods ought to spread across topology domains. See the Kubernetes documentation on Pod Topology Spread Constraints. |
Autogenerated from chart metadata using helm-docs v1.14.2
Reference Helm VALUES.YAML for Apicurio
# Default values for apicurio-registry.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global:
# -- The domain of the Kubernetes cluster. The vast majority of Kubernetes clusters use the default value.
clusterDomain: "cluster.local"
# -- Globally override the registry to pull images from.
imageRegistry: ""
# -- Globally override the list of ImagePullSecrets provided.
imagePullSecrets: []
# -- Override the app name generated by the chart.
nameOverride: ""
# -- Override the fully qualified app name generated by the chart.
fullnameOverride: ""
# -- Number of pods to deploy.
replicaCount: 1
image:
# -- Registry to pull the image from.
registry: "registry.axual.io"
# -- Name of the image being deployed.
repository: "axual/apicurio-registry-kafkasql"
# -- Override the image tag whose default is the chart `appVersion`.
tag: "2.6.8"
# -- One of `Always`, `IfNotPresent`, or `Never`.
pullPolicy: "Always"
keystoreProvider:
image:
# -- Registry to pull the image from.
registry: "registry.axual.io"
# -- Name of the image being deployed.
repository: "axual/keystore-provider"
tag: "0.2.6"
# -- The [resource requirements](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for this container.
resources: {}
tls:
# -- Name of the Client KeyPair Secret
# type: kubernetes.io/tls
clientKeypairSecretName: ""
# -- Name of the Server KeyPair Secret
# type: kubernetes.io/tls
serverKeypairSecretName: ""
# -- Name of the Truststore Certificates Secret
# type: Opaque
truststoreCaSecretName: ""
# -- Environment variables to define for the container.
# See the Kubernetes documentation on [Environment Variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/).
env: []
# -- Configuration passed to the container.
# Contents get injected to a ConfigMap, which gets mounted as an `application.properties` file.
config:
# ENABLE_CCOMPAT_CANONICAL_HASH_MODE
registry.ccompat.use-canonical-hash: "true"
# ENABLE_CCOMPAT_LEGACY_ID_MODE
registry.ccompat.legacy-id-mode.enabled: "false"
# REGISTRY_UI_AUTH_TYPE
registry.ui.config.auth.type: "oidc"
# REGISTRY_AUTH_ANONYMOUS_READ_ACCESS_ENABLED
registry.auth.anonymous-read-access.enabled: "true"
# ROLE_BASED_AUTHZ_ENABLED
# REGISTRY_AUTH_RBAC_ENABLED
registry.auth.role-based-authorization: "true"
# REGISTRY_AUTH_OBAC_ENABLED
registry.auth.owner-only-authorization: "true"
# REGISTRY_AUTH_ADMIN_OVERRIDE_ENABLED
registry.auth.admin-override.enabled: "true"
# Define the Global Validity
registry.rules.global.validity: "FULL"
# Define the Global Compatibility
registry.rules.global.compatibility: "NONE"
# -- List of ImagePullSecrets to apply to the service account. If the service account is disabled, it will be applied to the pod instead.
imagePullSecrets: []
# -- Kafka Configuration passed to the Apicurio Registry
kafka:
# -- Kafka bootstrap servers
bootstrapServers: ""
# -- Fully resolved name of topic used to store topics (typically _{tenant}-{instance}-apicurio-schemas) -deployed by kafka init container
schemasTopic: ""
# -- Override group prefix to give access to (typically {tenant}.{instance}.apicurio) If you'd like a custom group prefix, you can specify an override here.
groupPatternOverride: ""
# -- The configuration related to authentication and authorization of users to the registry
# Note: In order for any other authentication feature to work,
# security.authentication.enabled needs to be enabled
security:
authentication:
enabled: false
basicAuthEnabled: false
# -- Attributes that are required for Apicurio to access the keycloak instance
# required only when security.authentication.enabled is true
keycloak:
# -- Keycloak Authentication URL
authUrl: ""
# -- Keycloak Realm used for Apicurio permissions and users
realm: ""
# -- Client ID for the Apicurio UI
webClientId: ""
# -- Apicurio UI URL
webRedirectUrl: ""
# -- Log Level configuration passed as REGISTRY_LOG_LEVEL
logLevel: info
# -- Debug Configuration passed to the container.
# Enable `5005` port in the deployment.yaml
debug:
enabled: false
serviceAccount:
# -- Specifies whether a service account should be created
create: true
# -- Annotations to add to the service account
annotations: {}
# -- The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template.
name: ""
# -- Extra annotations to add to the Pods.
podAnnotations: {}
# -- Pod-level security attributes and common container settings.
podSecurityContext: {}
# fsGroup: 2000
livenessProbe:
# -- Minimum consecutive failures for the probe to be considered failed after having succeeded.
# A failed livenessProbe will cause the container to be restarted.
failureThreshold: 3
# -- Number of seconds after the container has started before liveness probes are initiated.
initialDelaySeconds: 10
# -- How often (in seconds) to perform the probe.
periodSeconds: 10
# -- Minimum consecutive successes for the probe to be considered successful after having failed.
successThreshold: 1
# -- Number of seconds after which the probe times out.
timeoutSeconds: 1
readinessProbe:
# -- Minimum consecutive failures for the probe to be considered failed after having succeeded.
# A failed readinessProbe will cause the container to move to the `NotReady` state.
failureThreshold: 3
# -- Number of seconds after the container has started before readiness probes are initiated.
initialDelaySeconds: 0
# -- How often (in seconds) to perform the probe.
periodSeconds: 10
# -- Minimum consecutive successes for the probe to be considered successful after having failed.
successThreshold: 1
# -- Number of seconds after which the probe times out.
timeoutSeconds: 1
# -- Defines the security options the container should be run with.
# If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.
# @default -- See `values.yaml` file.
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: false
runAsNonRoot: true
runAsUser: 1000
# -- Additional init containers, e. g. for configuring java-security
extraInitContainers: ""
# -- Add additional volumes, e. g. for java-security
extraVolumes: ""
# -- Add additional volumes mounts, e. g. for java-security
extraVolumeMounts: ""
# -- Additional sidecar containers, e. g. for a database proxy, such as Google's cloudsql-proxy
extraContainers: ""
service:
# -- Determines how the Service is exposed.
type: ClusterIP
# -- The port that will be exposed by the service.
# Note: this is independent of the ports opened on the container.
httpsPort: 21500
httpPort: 20500
ingress:
# -- Enable creation of the Ingress resource to expose this service.
enabled: false
# -- The name of the IngressClass cluster resource.
# The associated IngressClass defines which controller will implement the resource.
className: ""
# -- Annotations to add to the Ingress resource.
annotations: {}
hosts:
- # -- The fully qualified domain name of a network host.
host: "chart-example.local"
paths:
- # -- Matched against the path of an incoming request.
path: "/"
# -- Determines the interpretation of the Path matching.
# Can be one of the following values: `Exact`, `Prefix`, `ImplementationSpecific`.
pathType: "ImplementationSpecific"
# -- TLS configuration for this Ingress.
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
route:
# -- Enable creation of an OpenShift Route resource to expose this service.
enabled: false
# -- Annotations to add to the Route.
annotations: {}
# -- Labels to add to the route.
labels: {}
# -- An alias/DNS that points to the service. Optional. If not specified, a route name will typically be automatically chosen.
host: ""
# -- Subdomain is a DNS subdomain requested within the ingress controller’s domain (as a subdomain). If host is set this field is ignored.
subdomain: ""
# -- Path that the router watches for, to route traffic for to the service.
path: "/"
tls:
# -- The Certificate Authority certificate contents.
caCertificate: ""
# -- Certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
certificate: ""
# -- Key file contents.
key: ""
# -- Indicates termination type. One of: `edge`, `passthrough`, or `reencrypt`.
termination: "passthrough"
# -- The CA certificate of the final destination.
# When using reencrypt termination, this file should be provided
# in order to have routers use it for health checks on the secure connection.
destinationCACertificate: ""
# -- The [resource requirements](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for this container.
resources:
requests:
cpu: 30m
memory: 128Mi
limits:
memory: 512Mi
autoscaling:
# -- Enables the creation of a HorizontalPodAutoscaler.
enabled: false
# -- Lower limit for the number of replicas to which the autoscaler can scale down.
minReplicas: 1
# -- Upper limit for the number of replicas to which the autoscaler can scale up. Cannot be less that minReplicas.
maxReplicas: 10
# -- Percentage of CPU utilization that the autoscaler will try to meet.
targetCPUUtilizationPercentage: 80
# -- (int) Percentage of memory utilization that the autoscaler will try to meet.
targetMemoryUtilizationPercentage: 80
podDisruptionBudget:
# -- Enables creation of the PodDisruptionBudget. Ignored if replicaCount is 1.
enabled: true
# -- (int) An eviction is allowed if at most "maxUnavailable" pods are unavailable after eviction. Mutually exclusive with minAvailable.
maxUnavailable: 1
# -- (int) An eviction is allowed if at least "minAvailable" pods will still be available after the eviction. Mutually exclusive with maxUnavailable.
minAvailable:
# -- Assigns a PriorityClass to the Pod. See Kubernetes documentation on [Pod Priority and Preemption](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/).
priorityClass: ""
# -- Optional list of hosts and IPs that will be injected into the pod's hosts file.
hostAliases: []
# -- Selector which must match a node's labels for the pod to be scheduled on that node.
nodeSelector: {}
# -- The tolerations on this pod. See the Kubernetes documentation on [Taints and Tolerations](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/).
tolerations: []
# -- The pod's scheduling constraints. See the Kubernetes documentation on [Affinity and Anti-affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity).
affinity: {}
# -- Describes how a group of pods ought to spread across topology domains. See the Kubernetes documentation on [Pod Topology Spread Constraints](https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints/).
topologySpreadConstraints: []
serviceMonitor:
# -- Enables creation of Prometheus Operator [ServiceMonitor](https://prometheus-operator.dev/docs/operator/api/#monitoring.coreos.com/v1.ServiceMonitor).
# Ignored if API `monitoring.coreos.com/v1` is not available.
enabled: true
# -- Interval at which metrics should be scraped.
interval: 30s
# -- Timeout after which the scrape is ended.
scrapeTimeout: 10s
# -- Additional labels for the ServiceMonitor
labels: { }
prometheusRule:
# -- Enables creation of Prometheus Operator [PrometheusRule](https://prometheus-operator.dev/docs/operator/api/#monitoring.coreos.com/v1.PrometheusRule).
# Ignored if API `monitoring.coreos.com/v1` is not available.
enabled: true
# -- Determines how often rules in the group are evaluated.
interval: ""
# -- Additional labels for the PrometheusRule
labels: { }
defaultRule:
# -- Customize the labels to the default prometheusRule
labels:
severity: medium
target: business
# -- A list alerting or recording rules to include on top of the defaults. These fields are templated.
extraRules:
[]
# # - alert: MyAlertName
# # annotations:
# # summary: Summary of my alert
# # description: Longer description of my alert that goes into a bit more detail
# # expr: up{service="{{ include "apicurio-registry.fullname" . }}"} == 0
# # for: 5m
# # labels:
# # severity: medium
# # target: business
kafkaInitContainer:
# -- Registry to pull the image from
imageRegistry: "registry.axual.io"
# -- Name of the image being deployed
repository: "axual/streaming/strimzi/kafka"
# -- Tag of the image being deployed
tag: "0.43.0-kafka-3.8.0"
# -- The principal common name used to produce and consume from schemas topic (should match the one on REGISTRY_KAFKA_COMMON_SSL_KEYSTORE_LOCATION)
# If Kafka is configured to validate ACLs over the full principal chain, please provide the principal chain as this example: [0] CN=Root CA, [1] CN=Intermediate CA, [3] CN=schema-registry
# Otherwise, just provide the common name prefixed with `CN:`
apicurioPrincipal: ""
# -- (Optional) Principal common name used to produce and consume from schemas topic by Distributor
distributorPrincipal: ""
# -- Replication factor of topic used to store topics
replicationFactor: ""
# -- min.isr of topic used to store topics
minIsr: ""
tls:
# -- Existing Keypair secret name
keypairSecretName: ""
# -- Existing Keypair key name
keypairSecretKeyName: ""
# -- Existing Keypair certificate name
keypairSecretCertName: ""
# -- Existing Truststore secret name
truststoreCaSecretName: ""
# -- Existing Truststore certificate name
truststoreCaSecretCertName: ""
# -- The [resource requirements](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) for this container.
resources: {}
# -- Apicurio Keycloak MySQL Components toggles
apicurioKeycloakMysql:
enabled: false
# -- Apicurio Keycloak Instance
apicurioKeycloak:
# -- Keycloak Components toggles
enabled: false
# -- Apicurio realm name
realm: ""
# Needed since Keycloak 25.0.1
# -- Keycloak Proxy configuration
proxy:
mode: xforwarded
http:
enabled: true