docs: update values.yaml annotations

guerzon · Dec 22, 2023 · 94b96eb · 94b96eb
1 parent 2c6a5b0
commit 94b96eb
Show file tree

Hide file tree

Showing 2 changed files with 92 additions and 59 deletions.
diff --git a/charts/vaultwarden/README.md b/charts/vaultwarden/README.md
@@ -247,17 +247,25 @@ helm -n $NAMESPACE uninstall $RELEASE_NAME
 | ------------------- | --------------------------------------------- | -------------------- |
 | `image.registry`    | Vaultwarden image registry                    | `docker.io`          |
 | `image.repository`  | Vaultwarden image repository                  | `vaultwarden/server` |
-| `image.tag`         | Vaultwarden image tag                         | `1.29.2-alpine`      |
+| `image.tag`         | Vaultwarden image tag                         | `1.30.1-alpine`      |
 | `image.pullPolicy`  | Vaultwarden image pull policy                 | `IfNotPresent`       |
 | `image.pullSecrets` | Specify docker-registry secret names          | `[]`                 |
 | `domain`            | Domain name where the application is accessed | `""`                 |
 | `websocket.enabled` | Enable websocket notifications                | `true`               |
 | `websocket.address` | Websocket listen address                      | `0.0.0.0`            |
 | `websocket.port`    | Websocket listen port                         | `3012`               |
+| `rocket.address`    | Address to bind to                            | `0.0.0.0`            |
 | `rocket.port`       | Rocket port                                   | `8080`               |
 | `rocket.workers`    | Rocket number of workers                      | `10`                 |
 | `webVaultEnabled`   | Enable Web Vault                              | `true`               |
 
+### Overwrite automatic resource type detection
+
+| Name                   | Description                             | Value |
+| ---------------------- | --------------------------------------- | ----- |
+| `resourceType`         | Can be either Deployment or StatefulSet | `""`  |
+| `configMapAnnotations` | Add extra annotations to the configmap  | `{}`  |
+
 ### Pod configuration
 
 | Name             | Description                      | Value |
@@ -283,6 +291,8 @@ helm -n $NAMESPACE uninstall $RELEASE_NAME
 | `ipHeader`                     | Client IP Header, used to identify the IP of the client                                                  | `X-Real-IP`                                                                                                                              |
 | `serviceAccount.create`        | Create a service account                                                                                 | `true`                                                                                                                                   |
 | `serviceAccount.name`          | Name of the service account to create                                                                    | `vaultwarden-svc`                                                                                                                        |
+| `podSecurityContext`           | Pod security options                                                                                     | `{}`                                                                                                                                     |
+| `securityContext`              | Default security options to run vault as read only container without privilege escalation                | `{}`                                                                                                                                     |
 
 ### Exposure Parameters
 
@@ -304,6 +314,30 @@ helm -n $NAMESPACE uninstall $RELEASE_NAME
 | `service.type`                    | Service type                                                                   | `ClusterIP`          |
 | `service.annotations`             | Additional annotations for the vaultwarden service                             | `{}`                 |
 | `service.labels`                  | Additional labels for the service                                              | `{}`                 |
+| `service.ipFamilyPolicy`          | IP family policy for the service                                               | `SingleStack`        |
+
+### Probe Parameters
+
+| Name                                 | Description                                                             | Value   |
+| ------------------------------------ | ----------------------------------------------------------------------- | ------- |
+| `livenessProbe.enabled`              | Enable liveness probe                                                   | `true`  |
+| `livenessProbe.initialDelaySeconds`  | Delay before liveness probe is initiated                                | `5`     |
+| `livenessProbe.timeoutSeconds`       | How long to wait for the probe to succeed                               | `1`     |
+| `livenessProbe.periodSeconds`        | How often to perform the probe                                          | `10`    |
+| `livenessProbe.successThreshold`     | Minimum consecutive successes for the probe to be considered successful | `1`     |
+| `livenessProbe.failureThreshold`     | Minimum consecutive failures for the probe to be considered failed      | `10`    |
+| `readinessProbe.enabled`             | Enable readiness probe                                                  | `true`  |
+| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated                               | `5`     |
+| `readinessProbe.timeoutSeconds`      | How long to wait for the probe to succeed                               | `1`     |
+| `readinessProbe.periodSeconds`       | How often to perform the probe                                          | `10`    |
+| `readinessProbe.successThreshold`    | Minimum consecutive successes for the probe to be considered successful | `1`     |
+| `readinessProbe.failureThreshold`    | Minimum consecutive failures for the probe to be considered failed      | `3`     |
+| `startupProbe.enabled`               | Enable startup probe                                                    | `false` |
+| `startupProbe.initialDelaySeconds`   | Delay before startup probe is initiated                                 | `5`     |
+| `startupProbe.timeoutSeconds`        | How long to wait for the probe to succeed                               | `1`     |
+| `startupProbe.periodSeconds`         | How often to perform the probe                                          | `10`    |
+| `startupProbe.successThreshold`      | Minimum consecutive successes for the probe to be considered successful | `1`     |
+| `startupProbe.failureThreshold`      | Minimum consecutive failures for the probe to be considered failed      | `10`    |
 
 ### Database Configuration
 
@@ -354,21 +388,20 @@ helm -n $NAMESPACE uninstall $RELEASE_NAME
 | `logging.logLevel` | Specify the log level | `""`  |
 | `logging.logFile`  | Log to a file         | `""`  |
 
-### Extra containers Configuration
-
-| Name             | Description                                                     | Value |
-| ---------------- | --------------------------------------------------------------- | ----- |
-| `initContainers` | extra init containers for initializing the vaultwarden instance | `[]`  |
-| `sidecars`       | extra containers running alongside the vaultwarden instance     | `[]`  |
-
 ### Extra Configuration
 
-| Name                     | Description                           | Value |
-| ------------------------ | ------------------------------------- | ----- |
-| `nodeSelector`           | Node labels for pod assignment        | `{}`  |
-| `affinity`               | Affinity for pod assignment           | `{}`  |
-| `tolerations`            | Tolerations for pod assignment        | `[]`  |
-| `statefulsetlabels`      | Additional labels for the statefulset | `{}`  |
-| `statefulsetAnnotations` | Annotations for the statefulset       | `{}`  |
-| `pushNotifications`      | Enable mobile push notifications      | `{}`  |
-| `resources`              | Resource configurations               | `{}`  |
+| Name                                 | Description                                                     | Value   |
+| ------------------------------------ | --------------------------------------------------------------- | ------- |
+| `initContainers`                     | extra init containers for initializing the vaultwarden instance | `[]`    |
+| `sidecars`                           | extra containers running alongside the vaultwarden instance     | `[]`    |
+| `nodeSelector`                       | Node labels for pod assignment                                  | `{}`    |
+| `affinity`                           | Affinity for pod assignment                                     | `{}`    |
+| `tolerations`                        | Tolerations for pod assignment                                  | `[]`    |
+| `commonLabels`                       | Additional labels for the deployment or statefulset             | `{}`    |
+| `commonAnnotations`                  | Annotations for the deployment or statefulset                   | `{}`    |
+| `pushNotifications`                  | Enable mobile push notifications                                | `{}`    |
+| `resources`                          | Resource configurations                                         | `{}`    |
+| `strategy`                           | Resource configurations                                         | `{}`    |
+| `podDisruptionBudget.enabled`        | Enable PodDisruptionBudget settings                             | `false` |
+| `podDisruptionBudget.minAvailable`   | Minimum number/percentage of pods that should remain scheduled. | `1`     |
+| `podDisruptionBudget.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable  | `nil`   |
diff --git a/charts/vaultwarden/values.yaml b/charts/vaultwarden/values.yaml
@@ -35,6 +35,7 @@ websocket:
   enabled: true
   address: "0.0.0.0"
   port: 3012
+## @param rocket.address Address to bind to
 ## @param rocket.port Rocket port
 ## @param rocket.workers Rocket number of workers
 ##
@@ -47,7 +48,8 @@ rocket:
 webVaultEnabled: "true"
 
 ## @section Overwrite automatic resource type detection
-## Can be either Deployment or StatefulSet
+##
+## @param resourceType Can be either Deployment or StatefulSet
 ##
 resourceType: ""
 
@@ -127,6 +129,25 @@ serviceAccount:
   create: true
   name: "vaultwarden-svc"
 
+## @param podSecurityContext Pod security options
+##
+podSecurityContext: {}
+  # fsGroup: 1001
+  # supplementalGroups:
+  #   - 1001
+
+## @param securityContext Default security options to run vault as read only container without privilege escalation
+securityContext: {}
+  # allowPrivilegeEscalation: false
+  # privileged: false
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsGroup: 1001
+  # runAsUser: 1001
+  # capabilities:
+  #   drop:
+  #     - ALL
+
 
 ## @section Exposure Parameters
 ##
@@ -183,6 +204,20 @@ ingress:
   ##   - Support for multiple TLS hostnames.
   ##
 
+## Service configuration
+service:
+  ## @param service.type Service type
+  ##
+  type: "ClusterIP"
+  ## @param service.annotations Additional annotations for the vaultwarden service
+  ##
+  annotations: {}
+  ## @param service.labels Additional labels for the service
+  ##
+  labels: {}
+  ## @param service.ipFamilyPolicy IP family policy for the service
+  ipFamilyPolicy: "SingleStack"
+
 ## @section Probe Parameters
 ##
 
@@ -230,7 +265,6 @@ readinessProbe:
   ##
   failureThreshold: 3
 
-
 ## Startup probe configuration
 ##
 startupProbe:
@@ -253,38 +287,6 @@ startupProbe:
   ##
   failureThreshold: 10
 
-## Pod security options
-podSecurityContext: {}
-  # fsGroup: 1001
-  # supplementalGroups:
-  #   - 1001
-
-## Default security options to run vault as read only container without privilege escalation
-securityContext: {}
-  # allowPrivilegeEscalation: false
-  # privileged: false
-  # readOnlyRootFilesystem: true
-  # runAsNonRoot: true
-  # runAsGroup: 1001
-  # runAsUser: 1001
-  # capabilities:
-  #   drop:
-  #     - ALL
-
-## Service configuration
-service:
-  ## @param service.type Service type
-  ##
-  type: "ClusterIP"
-  ## @param service.annotations Additional annotations for the vaultwarden service
-  ##
-  annotations: {}
-  ## @param service.labels Additional labels for the service
-  ##
-  labels: {}
-  ## @param service.ipFamilyPolicy IP family policy for the service
-  ipFamilyPolicy: "SingleStack"
-
 ## @section Database Configuration
 ##
 database:
@@ -418,7 +420,7 @@ logging:
   ##
   logFile: ""
 
-## @section Extra containers Configuration
+## @section Extra Configuration
 ##
 
 ## @param initContainers extra init containers for initializing the vaultwarden instance
@@ -429,9 +431,6 @@ initContainers: []
 ##
 sidecars: []
 
-## @section Extra Configuration
-##
-
 ## @param nodeSelector Node labels for pod assignment
 ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector
 ##
@@ -477,19 +476,20 @@ resources: {}
   #   cpu: 50m
   #   memory: 256Mi
 
+## @param strategy Resource configurations
+##
 strategy: {}
   # type: RollingUpdate
   # rollingUpdate:
   #   maxSurge: 1
   #   maxUnavailable: 0
 
-# PodDisruptionBudget settings
 podDisruptionBudget:
-  # -- enable PodDisruptionBudget
+  ## @param podDisruptionBudget.enabled Enable PodDisruptionBudget settings
   # ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/
   enabled: false
-  # -- Minimum number/percentage of pods that should remain scheduled.
+  ## @param podDisruptionBudget.minAvailable Minimum number/percentage of pods that should remain scheduled.
   # When it's set, maxUnavailable must be disabled by `maxUnavailable: null`
   minAvailable: 1
-  # -- Maximum number/percentage of pods that may be made unavailable
+  ## @param podDisruptionBudget.maxUnavailable Maximum number/percentage of pods that may be made unavailable
   maxUnavailable: null